{ "doc": "fix7-p0-updated-production-blocker-map-after-shaped-clone-attempt", "date": "2026-06-12", "authority": "blocker map only; production NOT performed; no clone rehearsal performed (no clone); CI gate DESIGN only (off-production, no trigger)", "blockers": [ { "id": "FIX7-P0-PROD-BIRTH-SURFACE-1", "item": "production object-birth surface scope (fn_birth_register / birth_registry / Directus row)", "status": "OPEN", "change_this_lane": "none", "actor_needed": "owner + operator", "next_action": "operator scopes exact production birth-write surface (not invented)", "blocks": "production" }, { "id": "FIX7-P0-PROD-CI-SCOPE-1", "item": "CI/deploy seal-vs-bytes enforcement scope", "status": "OPEN_DESIGN_DELIVERED", "change_this_lane": "DESIGNED OFF-PRODUCTION: ci-seal-vs-bytes-gate-design.md + reference fail-closed checker ci_seal_vs_bytes_gate.py delivered; selftest proves fail-closed on sha mismatch, byte-length mismatch, em-dash/unicode drift, ensure_ascii JSON re-encode drift, BOM, CRLF, and missing file (7/7). NO CI was triggered and NO production was wired. The blocker remains OPEN pending (a) owner decision to adopt the gate and (b) operator wiring it in a throwaway non-production branch first.", "actor_needed": "owner (adopt?) + operator (wire off-production)", "next_action": "owner decides whether to adopt the designed gate; if yes, operator wires it in a non-production branch and it is reviewed before any production wiring", "blocks": "production-ci (NOT clone rehearsal, NOT this design)" }, { "id": "FIX7-P0-DRYRUN-PROD-ROLLBACK-1", "item": "production rollback proof (snapshot+restore) for the birth surface", "status": "OPEN_PARTIALLY_DISCHARGED", "change_this_lane": "NO CHANGE vs prior macro. Clone-rehearsal leg (toy clone) remains proven from the prior macro. The PRODUCTION-SHAPED leg targeted by THIS macro could NOT be exercised because no operator-provided production-shaped DB dump clone exists. Schema-compatibility requirements for such a clone are now specified (schema-compatibility.json).", "actor_needed": "operator (+ separate authorization)", "next_action": "operator provides a production-shaped, secret-free, isolated DB dump clone (per clone-provenance.json exact_operator_input_needed and schema-compatibility.json); rehearse snapshot/restore on it; only then consider a production rehearsal under production OPT-4 + distinct prod-rollback grant", "blocks": "production" }, { "id": "FIX7-P0-PLAN-REALRUN-1", "item": "REAL_RUN requires its own explicit owner grant", "status": "OPEN", "change_this_lane": "none (probe P10 confirms fail-closed)", "actor_needed": "owner", "next_action": "obtain REAL_RUN grant (not implied by rehearsal or clone)", "blocks": "REAL_RUN" }, { "id": "FIX7-P0-PLAN-SEPARATE-AUTH-1", "item": "QT001/apply, permit, activation, repoint, cutover each need separate authorization", "status": "OPEN", "change_this_lane": "none (probe P10 confirms fail-closed)", "actor_needed": "owner", "next_action": "obtain per-action grant before any attempt", "blocks": "cutover/apply/permit/activation/repoint" }, { "id": "FIX7-P0-PROD-OPT4-1", "item": "production-scope owner OPT-4 (rehearsal/clone grant does NOT extend to production)", "status": "OPEN", "change_this_lane": "none; this macro is AUTHORIZE_PRODUCTION_SHAPED_CLONE_REHEARSAL_ONLY, not production execution", "actor_needed": "owner", "next_action": "issue production OPT-4 after surface/rollback blockers resolved", "blocks": "production" }, { "id": "FIX7-P0-OPERATOR-INPUT-1", "item": "operator input to scope production surfaces + production rollback", "status": "OPEN", "change_this_lane": "narrowed further: the remaining operator input is now precisely specified - a production-shaped, secret-free, isolated DB dump clone whose schema satisfies schema-compatibility.json. No other operator input blocks the clone rehearsal lane.", "actor_needed": "operator", "next_action": "operator provides the production-shaped DB dump clone described in clone-provenance.json", "blocks": "production" } ], "newly_closed_in_this_macro": [], "design_delivered_in_this_macro": [ "FIX7-P0-PROD-CI-SCOPE-1: CI seal-vs-bytes gate DESIGN + reference fail-closed checker delivered off-production (blocker stays OPEN pending owner adopt + operator off-production wiring)" ], "partially_discharged_carried": [ "FIX7-P0-DRYRUN-PROD-ROLLBACK-1 (clone-rehearsal/toy leg proven previously; production-shaped leg still OPEN - needs operator clone)" ], "open_count": 7, "production_work_performed": false, "clone_rehearsal_performed": false, "ci_triggered": false, "note": "All 7 production blockers remain OPEN. This macro delivered the CI seal-vs-bytes gate design off-production and specified exactly the production-shaped clone the rollback leg needs, but could not run the clone rehearsal because the clone was not provided. Production stays separately gated." }