05 — P-pub Staged Path Advancement (Branch E)

Verdict: AUTHORITY PACK / DEFER — no unsafe block introduced. Live re-inspection confirms the publication-authority machinery is still warn-only and the enforcement switch does not yet exist. Advancing means specifying the staged path + the function signature patch authority, not flipping anything.

A. Live re-inspection (entry)

• fn_iu_create(p_canonical_address, p_title, p_body, p_actor, p_unit_kind, p_section_type, p_owner_ref, p_publication_type, p_parent_ref) — has p_publication_type + p_owner_ref but NO authority_ref / publication_authority_ref parameter (signature unchanged from prior bundles).
• information_unit has no publication_* / authority_* column directly (authority/publication state lives in version/publication-side tables, e.g. tac_publication, not on the unit row).
• dot_config: no iu_create.ppub.* key and no *enforcement_mode* key — the enforcement switch is genuinely absent.
• Birth-gate layer1 (fn_iu_birth_gate_layer1) is BEFORE-INSERT-only; P-pub checks are warn-only (consistent with prior bundles).

B. Staged promotion path (unchanged design, re-affirmed safe)

1. warn (current) — create succeeds, missing authority logged only.
2. block_new — new IU without publication-authority is rejected; existing 219 untouched. SAFE once authority vocab seeded + fn_iu_create accepts authority_ref.
3. backfill — existing IU lacking authority get authority via supersede/authority-pack (not in-place mutation of enacted rows).
4. block_all — full enforcement. Requires council + sovereign (changes existing-data contract).

C. Safe vocab seed (authority-gated, NOT applied)

Publication-authority vocabulary should be seeded before block_new. Because the authority/type vocab is small and law-owned (prior: auth=1 incomex_council, type=2 law/design_doc), seeding more is only safe with law + rollback clear — and the owning law for publication-authority vocab is not yet pinned in this bundle's read scope, so seeding is deferred to the P-pub macro rather than applied here. Candidate seeds to ratify:

• authorities: incomex_council, architecture_council, system_authority, sovereign.
• publication_types: law, design_doc, report, runbook, data_record.

D. fn_iu_create signature patch — AUTHORITY

Add p_publication_authority_ref text (after p_publication_type). Behavior staged by a NEW dot_config key iu_create.ppub.enforcement_mode ∈ {warn,block_new,backfill,block_all} (default warn).

• warn: param optional, NULL logged.
• block_new: param required for NEW rows; raise on NULL.
• The gateway canonical_function config string must be updated to the new signature in the SAME patch (else gateway marker mismatch). This is why the signature change is a coordinated gated build, not a casual ALTER.

E. Backfill plan for the 219 current IU

• Count: 219 total (3 retired). Prior bundles: ~133/219 lack publication-authority.
• Method: never in-place mutate enacted rows (enacted_immut). Backfill via supersede chain or an authority-pack side table mapping iu_id → authority + manifest, surfaced through a view — same "enrich-in-place where lawful, else projection" discipline used for KG.
• Sequence: seed vocab → add param (warn) → block_new → backfill existing via supersede/authority-pack → block_all (council+sovereign).

F. No unsafe block — compliance

No block_new/block_all applied. No enforcement key created. No fn_iu_create signature change applied. All warn-only state preserved. Forbidden rule "No unsafe P-pub block" satisfied.

G. Advance vs prior state

Prior bundles established the warn-state and named the gap. This doc adds: the exact dot_config enforcement key name + value enum, the precise signature-patch insert + the gateway-config co-update requirement (a correctness trap), the backfill-via-supersede discipline tied to enacted_immut, and a ratify-ready vocab seed list — i.e. P-pub is spec-complete to block_new, pending one coordinated gated build.