01 — Preflight Baseline (Hard Gate 0)

Captured read-only via the independent query_pg role (AST-validated, READ ONLY transaction) before any BEGIN. Channel discipline: query_pg = read-only verify; ssh contabo → docker exec psql -U workflow_admin = rollback-only execution.

1.1 Entry-state census (2026-06-02 ~09:05–09:11 UTC)

Gate	Metric	Value	Verdict
G-1	Phase-1 substrate present (5 SB-2 views, ruleset, candidate trio, worker cursor)	all present	OK
G-1	v_object_effective_owner columns (recursive form)	9	OK
G-2	governance_object_ownership	0	OK
G-2	governance_ruleset	0	OK
G-2	governance_candidate_state / candidate_scan_run / governance_candidate_object	0 / 0 / 0	OK
G-2	gov_worker_cursor	0	OK
G-3	event_type_registry governance rows total / active=true	5 / 0	OK
G-4	event_outbox governance emit count	0	OK
G-5	system_issues (anchor)	198,442	OK
G-6	os_proposal_approvals (activation gate)	0	OK intact
G-6	approval_requests / apr_approvals / apr_action_types	211 / 42 / 14	OK
G-7	dot_tools	309	OK
G-8	worker cursor rows	0	OK
G-9	idle-in-transaction sessions	0	OK
G-10	target subset bounded: governed+BIRTH_REQUIRED collections	35 → subset 3; ceiling 18 / 210	OK
G-11	governance_relations (out-of-scope anchor)	8	OK
—	seam views inert: inventory / containment rows	0 / 0	OK
—	coverage views inert: gap / effective-owner rows	0 / 0	OK

1.2 Schema confirmed before authoring (so no improvisation)

• governance_object_ownership (20 cols): owner_gov_code FK → governance_registry(code); scope FK → governance_responsibility_scope(scope_code); owner_kind CHECK ∈ {accountable, supporting, delegated, exception}; lifecycle_status CHECK ∈ {active, superseded, revoked, expired}; chk_delegated_ttl (delegated ⇒ effective_to NOT NULL); partial-UNIQUE uq_gov_obj_accountable (object_type, object_ref, scope) WHERE owner_kind='accountable' AND lifecycle_status='active' — the one-accountable-per-scope guard.
• 6 active responsibility scopes: approval, audit, execution, health, policy, render.
• 9 valid governance_registry.code owners: GOV-COUNCIL, GOV-DOT, GOV-KG-SYS, GOV-MOIT, GOV-MOT, GOV-MOUT, GOV-MOW, GOV-NRM-SYS, GOV-SIV.
• governance_ruleset: ruleset_version PK, status NOT NULL (no enum CHECK), owner_gov_code, components jsonb.
• candidate_scan_run: scan_mode CHECK ∈ {event_driven, incremental, periodic_full}; status CHECK ∈ {running, completed, failed, throttled}; snapshot/ruleset refs nullable.
• governance_candidate_state: source_snapshot_ref NOT NULL FK → evolution_snapshots(id); ruleset_version NOT NULL FK → governance_ruleset; verdict/risk/lifecycle CHECKs. evolution_snapshots has 1 row (id=1) — used as the FK target.
• Live seam column types are text (not the collection_registry.collection_name varchar(255)) — so the wired inventory expression must cast collection_name::text to keep CREATE OR REPLACE type-compatible (see doc 03 §3.4).

1.3 Trigger safety (F-83-1 class check)

pg_trigger over the 5 INSERT-target tables (governance_object_ownership, governance_ruleset, candidate_scan_run, governance_candidate_state, governance_responsibility_scope) → 0 non-internal triggers. No birth trigger, no emit trigger can fire on F-2 inserts. The F-83-1 argless-birth-trigger trap (which blocks apr_action_types inserts) does not apply to the F-2 target tables.

1.4 Preflight verdict

GO. Every gate green; activation gate (os_proposal_approvals=0) intact; substrate present and inert; idle-tx 0; subset bounded; rollback plan staged (doc 02). No gate failed ⇒ transaction authorized to start.