00 — README-First: Governance → Registries-Pivot Final Handoff

Date: 2026-06-03 · Mode: READ-ONLY (no production/clone mutation, no rollout) · Status: PASS

What this package is

The clean handoff from One-Roof Governance Phase-1 (engineering-complete, release-packaged, GATED) back to the Registries-Pivot workstream. It lets a future Agent resume Registries-Pivot without rereading all governance reports and without confusing clone-proven results with production-live truth.

The one fact that governs everything

Production governance is NOT rolled out. The canonical rollout is packaged, hash-verified, and clone-rehearsed, but production execution is BLOCKED until a human sets os_proposal_approvals (ospa) >= 1. As of 2026-06-03 live read: ospa = 0 → BLOCKED.

Any statement that "production governance coverage / axis / scanner / events are live" is FALSE while ospa < 1. Clone results are design evidence only, never production truth.

Read order

1. 00-readme-first-handoff.md (this) — orientation + the governing fact.
2. 01-state-recovery-and-live-verification.md — sources reconciled + live read-only proof.
3. 02-governance-final-status.md — done / live / clone-proven / packaged-gated / forbidden.
4. 03-registries-pivot-allowed-interfaces.md — what RP MAY rely on now.
5. 04-registries-pivot-forbidden-assumptions.md — what RP MUST NOT assume.
6. 05-post-gate-production-rollout-pointers.md — exact paths to execute after the gate opens.
7. 06-open-work-map.md — open work, separated by domain.
8. 07-one-page-operator-summary.md — paste-into-a-session summary.
9. 08-machine-readable-index.md — JSON/YAML index of packages, status, allowed/blocked use, prompts.
10. 09-next-registries-pivot-prompt.md — the exact next RP macro prompt.
11. 10-self-review.md — completion criteria self-check.

Sources of truth (current)

• Governance source of truth: knowledge/dev/reports/architecture/one-roof-release-management-finalization-gate-monitoring-2026-06-03/ (release management finalization — the newest governance package; supersedes the production-release-engineering ultra-macro for release/gate concerns, which remains the canonical engineering/executor package).
• Registries-Pivot source of truth: knowledge/dev/design/registries-pivot-os-agency/ (Master Design v0.1, docs 00–13). Design-complete, NOT implemented; awaits human RG1+RG2 ratification.
• Accepted GPT review: knowledge/dev/reports/architecture/gpt-review-release-management-finalization-pass-ready-for-registries-pivot-handoff-2026-06-03.md.
• Law: knowledge/dev/laws/prompt-muc-tieu-mo-for-claude-code.md (open-goal prompt standard).

Hard guardrails for whoever picks this up

• Production is directus DB. It IS production — there is no separate prod test DB.
• Read production via query_pg(database=directus). Write/exec (only post-gate) via ssh contabo -> docker exec -i postgres psql -U workflow_admin -d directus.
• Do not claim production governance is rolled out while ospa < 1.
• Do not treat clone (directus_gov_*) objects as production interfaces.
• Always run a live production check before any Registries-Pivot build decision; live beats any report.