04 — Clone Revalidation Results

Method & justification

The clone directus_gov_test_20260602 is the golden regression harness — the proven from-scratch result built tier-by-tier across the prior packages and verified. The canonical production files are byte-extracted from it (pg_get_viewdef, 2026-06-03).

A destructive from-scratch reset was deliberately not performed: it would destroy the golden harness, and a fresh 1.2 GB clone is disproportionately expensive for re-proving an already-proven result. Per the mission's allowance ("If reset is unsafe or too expensive, run canonical sequence in a new schema or transaction and justify"), revalidation was run non-destructively, rollback-only, against the live harness. Script: sql/clone_revalidation/revalidate.sql. Channel: ssh contabo → docker exec -i postgres psql -d directus_gov_test_20260602.

Results (executed 2026-06-03)

R1 — canonical verify assertions (read-only). All 8 key invariants = 0: resp_ownership_gap 0 · resp_conflict 0 · containment_gap 0 · resp_axis_gap 0 · divergent 0 · projection_gap 0 · critical_drift 0 · emittable 0. The clone end-state matches the canonical expected end-state exactly. The asserting DO-block raised no exception → the canonical prod/90_verify.sql logic is correct against known-good state.

R2 — consolidated-DDL recompile (BEGIN..ROLLBACK). The canonical v_ui_coverage_dashboard body recompiled against the live dependency graph (rows=1); v_drift_finding resolved 38 findings across all 11 branches; v_reconcile_collection_topic_vs_label returned only reconciled_accept_orthogonal_facet, reconciled_accept_projection_pending, reconciled_accept_quarantine_hold (proving the facet-aware + decision-aware body works and zero un-reconciled divergence remains). Transaction rolled back → golden harness untouched.

R3 — scanner idempotency (BEGIN..ROLLBACK). Open findings stable at 38 across two consecutive fn_governance_scan passes (scan ids issued, open count unchanged). Transaction rolled back → no scan_run/drift mutation persisted.

What this proves

• The canonical verification SQL is correct (R1).
• The consolidated, dependency-ordered DDL compiles and produces identical outputs against the real schema — including the superseding facet-aware/decision-aware/11-branch bodies (R2).
• The scanner is idempotent and bounded (no daemon, single function call) (R3).

Coverage gaps in this revalidation (honest)

• Greenfield apply-from-zero on production-like empty state was not re-run (harness already populated). Mitigation: the prior packages each proved their tier from the relevant prior state; tier-local asserts in every prod/*.sql re-prove on the real target at run time.
• DROP-teardown (99_rollback_full.sql) was not executed (would destroy the harness). Mitigation: it is greenfield-symmetric (drops exactly what Tier 1 creates + tag-DELETEs the Tier-3 seed) and ends with a baseline assertion; tag selectivity is verifiable read-only (doc 06).