KB-4367
09 — Law Mapping, Forbidden Compliance & Self-Review (2026-05-28)
6 min read Revision 1
law-mappingforbidden-complianceself-reviewiumegabundledieu32dieu37dieu38dieu392026-05-28
09 — Law Mapping, Forbidden Compliance & Self-Review
1. Law mapping
| Law | Role in this bundle |
|---|---|
| Hiến pháp (Constitution, 15 NT) | Governs the whole; pilot operates under it |
| Đ0-G Birth Registry | birth_registry (876047) — industrial birth ledger; every Mother-output binds here |
| Đ7 Assembly First | CR survey (doc 02) reuse-first; assembly_slot_registry absent (paper) |
| Đ28 Nuxt/template | MOW UI surfaces must be design_templates rows (1 exists); human-org-role law decides visibility (doc 07) |
| Đ30 Reversibility | Pilot rollback/retire/supersede rules (doc 01 §8); KG enrich is DROP-reversible (doc 03); P-pub stages are config flips (doc 05) |
| Đ31 Audit/Integrity | dot_iu_command_run/iu_lifecycle_log audit; zero-delta proofs account for audit rows (doc 01 §9) |
| Đ32 Approval | review_decision test-vs-prod boundary (doc 06); gate-open approval_id (doc 01 §5) |
| Đ35 DOT | DOT commands for KG (doc 03 §6), dot_iu_command_catalog=52 as de-facto transform registry |
| Đ36 Collection | collection_registry (168) extend for MOUT; output_table_registry to build |
| Đ37 Governance | governance_registry (5 agencies) — no factory/human rows; human-org-role gap (doc 07) |
| Đ38 IU | IU corpus (219); P-pub birth gate (doc 05) |
| Đ39 IU/KG | KG enrichment (doc 03); universal_edges+iu_relation two-graph reality; provenance-or-quarantine (A8) |
| Đ45 Event/Queue/Executor | event/queue boundary (doc 01 §11); DLQ replay (doc 01 §13); event_type_registry=31 (no iu.* types) |
2. Forbidden compliance — line by line
| Forbidden action | Complied? | Evidence |
|---|---|---|
| No 4 Mothers implementation | ✅ | survey/design/brief only; no factory rows created |
| No Nuxt/UI implementation | ✅ | none |
| No Directus mutation | ✅ | read-only role; no Directus writes |
| No Qdrant/vector write | ✅ | vector_sync_enabled=false untouched |
| No unsafe P-pub hard-block | ✅ | doc 05 stages, no block_all; nothing applied |
| No production review_decision shortcut | ✅ | doc 06 test/prod boundary; nothing minted |
No allow_no_review_decision=true |
✅ | verified false in gate check + dot_config |
No vector_sync_enabled=true |
✅ | verified false |
| No hidden second graph SoT | ✅ | doc 03 enrich-in-place + read-only projection only |
| No law enactment | ✅ | doc 07 brief only |
| No final OSS selection | ✅ | not addressed/selected |
| No broad schema/table creation | ✅ | zero DDL; all recommendations deferred to authority packs |
Mutation check: every live call was a SELECT via context_pack_readonly. Core counts at exit equal the prior bundle's durable baseline (IU=219, run=55, gate_tx=0, dlq=0, iu_relation=60, catalog=52) ⇒ zero mutation. Gate: all_safe=true, never_flip_intact=true.
3. Acceptance criteria check (§14 of the macro)
- Branches A–H completed or precisely deferred ✅
- IU pilot protocol operator-usable ✅ (doc 01, self-contained)
- Candidate Registry status materially clarified ✅ (doc 02, 6 ABSENT + reuse map)
- KG relationship path clear ✅ (doc 03)
- Design reconciliation actionable ✅ (doc 04, R1–R13 + patch sequence)
- P-pub & production review paths authority-ready ✅ (docs 05, 06)
- Human-org-role law gap framed ✅ (doc 07)
- ≥8 next prompts ✅ (doc 08, exactly 8)
- No unsafe mutation ✅
- No 4 Mothers implementation ✅
Overall: PASS.
4. Corrections vs prior memory
universal_edgesdoes carryprovenance,confidence,valid_time(not lacking them) — it is Đ39-shaped but integer-keyed, which is why it excludes IU. The exclusion is the key fact, not a missing-column fact.- P-pub gap measured precisely: 133/219 IUs have no doc_code-matching authority publication (the "73 lack type" figure from a prior run reflects a different join; the dominant, current number is 133).
cutter_governanceschema is real and privilege-walled (invisible to RO role via information_schema, visible via pg_class) — earlier a query for it returned 0 rows because of the role's information_schema visibility, not because it's absent.governance_registrygov_typevocabulary is council/system only — no factory rows, no human roles — confirming both the 4-Mothers factory-registration gap and the human-org-role law gap.
5. Notes for the next runner
- To operate writes or introspect
cutter_governance/production review_decision, reconnect asworkflow_adminvia SSH (keep VPS commands top-level; do not nest ssh). - The pilot (doc 01) can start now, independently of the 4-Mothers blockers.
- Run doc 08 prompts 1 ∥ 2 first.
- When patching the design (prompt 4), use
patch_documentexact replay and serialize same-doc patches; treat the Status-line "Revision N" label as authoritative, not the KB integer revision.
6. Package manifest
…/iu-limited-pilot-cr-kg-design-recon-authority-megabundle-2026-05-28/ rev1, 10 docs: 00 overview · 01 pilot protocol · 02 CR survey · 03 KG enrichment · 04 reconciliation · 05 P-pub authority · 06 review_decision authority · 07 human-org-role brief · 08 next prompts · 09 this self-review.