05 — Entry==Exit & No-Mutation Verification (Δ=0 across all 24 surfaces; structural read-only + empirical census; system_issues & gov emit unchanged; 2026-06-02)
05 — Entry==Exit & No-Mutation Verification
The full census battery was run via read-only
query_pgbefore (doc 01) and after the dry-run SELECTs. This doc proves byte-for-byte equality.
5.1 Entry vs Exit table
| Surface | Entry (preflight) | Exit (post-dry-run) | Δ |
|---|---|---|---|
governance_build_authorization |
0 | 0 | 0 |
governance_ruleset |
0 | 0 | 0 |
gov_worker_cursor |
0 | 0 | 0 |
governance_candidate_state |
0 | 0 | 0 |
governance_candidate_object |
0 | 0 | 0 |
candidate_scan_run |
0 | 0 | 0 |
governance_object_ownership |
0 | 0 | 0 |
governance_responsibility_scope |
6 | 6 | 0 |
v_governance_object_inventory (seam) |
0 | 0 | 0 |
v_governance_object_containment (seam) |
0 | 0 | 0 |
v_object_effective_owner |
0 | 0 | 0 |
v_object_owner_gap |
0 | 0 | 0 |
v_object_owner_conflict |
0 | 0 | 0 |
v_build_auth_valid |
0 | 0 | 0 |
os_proposal_approvals |
0 | 0 | 0 |
approval_requests |
211 | 211 | 0 |
apr_approvals |
42 | 42 | 0 |
governance_relations |
8 | 8 | 0 |
dot_tools |
309 | 309 | 0 |
system_issues |
198,442 | 198,442 | 0 |
event_outbox (governance) |
0 | 0 | 0 |
event_type_registry (governance active) |
0 | 0 | 0 |
birth_registry |
1,079,562 | 1,079,562 | 0 |
idle_in_transaction |
0 | 0 | 0 |
Every surface unchanged. Δ = 0 everywhere.
5.2 No-mutation argument (two independent guarantees)
- Structural: every statement ran through
query_pg, which is AST-validated READ ONLY, executed by a read-only role inside a READ ONLY transaction (statement_timeout 5s,LIMIT 500). A write/DDL is rejected before execution. Mutation was impossible by construction. - Empirical: the entry/exit census (5.1) shows zero delta across all governance and out-of-scope surfaces, including the two surfaces the dry-run could conceivably have touched (
system_issues, governanceevent_outbox) — both unchanged.
5.3 Required checks (mission §5) — all PASS
| Check | Result |
|---|---|
event_outbox governance emit unchanged |
✅ 0 → 0 |
system_issues count unchanged |
✅ 198,442 → 198,442 |
| candidate tables unchanged | ✅ candidate_state/candidate_object/candidate_scan_run all 0 |
| owner tables unchanged | ✅ governance_object_ownership 0; responsibility_scope 6 |
| worker cursor unchanged | ✅ gov_worker_cursor 0 |
| approval / e-sign counts unchanged | ✅ ospa 0; appr 211; apr_appr 42 |
dot_tools unchanged |
✅ 309 |
idle_in_transaction=0 |
✅ 0 |
| no persistent object created | ✅ no DDL issued; views/tables identical |
| no mutation occurred | ✅ structural + empirical |
5.4 Session hygiene
No workflow_admin / ssh write session was ever opened — the rollback-only channel was deliberately not used. The only DB session attributable to this mission is the read-only query_pg verifier (state=active transiently, then gone). No lingering session; idle in transaction=0 entry and exit.
5.5 Birth-registry note
birth_registry read 1,079,562 at both entry and exit of this mission — stable across the run window. (Prior-session close recorded 1,079,560; the +2 is organic non-governance growth between sessions, not attributable to this read-only run, which cannot write.)
5.6 Verification verdict
ENTRY == EXIT. ZERO MUTATION. PROVEN both structurally and empirically.