T1 FIX7 Blueprint Patch After Codex Critical Fail - Readme First
00 - Readme First: T1 FIX7 Blueprint Patch After Codex Critical Fail
Date: 2026-06-08
Author: T1 (production Agent for Agent Data)
Macro: PROGRAM_PATCH_T1_FIX7_REFACTOR_BLUEPRINT_AFTER_CODEX_CRITICAL_FAIL
Mode: READ-ONLY production. Blueprint KB-doc direct-revision allowed. No production mutation.
What this is
Codex independently critical-reviewed the FIX7 Existing-System Refactor Execution Blueprint and
FAILED it: FIX7_REFACTOR_BLUEPRINT_CODEX_CRITICAL_REVIEW_FAIL_HARDCODE_OR_PG_NATIVE_GAP, with
7 blockers and an A-K verdict matrix. This package is T1's repair: it patches every Codex blocker
directly in the blueprint documents, then self-reviews against the same Codex checks.
This is NOT implementation, live migration, Stage 2.6B, a permit, REAL_RUN, QT001 apply, manifest activation, owner/ACL cutover, or any production mutation. The only writes are KB blueprint-doc revisions, this patch report, and the patch checkpoint.
Final status
FIX7_REFACTOR_BLUEPRINT_T1_PATCHED_AFTER_CODEX_FAIL_READY_FOR_CODEX_RECHECK
The 7 Codex blockers and where each was fixed
| # | Codex blocker | primary fix | blueprint docs patched |
|---|---|---|---|
| 1 | legacy target set = disguised hardcode (owner+name pattern) | sealed legacy-disposition set in authority_scope_manifest #20 (typed identity + source/priv hash + exact-set both-EXCEPT vs catalog); name/owner scan = diagnostic candidate only; +G-LEGACY-TARGET-SEALED; G-PGNATIVE extended |
01, 02, 03, 04, 06, 07, 08 |
| 2 | G-NOLEGACY phase-deadlock | split G-NOLEGACY into PRE (gates PKG-F) + POST (verifies PKG-F) | 04, 06, 07 |
| 3 | stub-scope contradiction ("stub all" vs "apply/writer only") | 5 dispositions; stub only STUB_FAIL_CLOSED; symmetric, body-bounded rollback |
02, 04, 05, 06, 07, 08 |
| 4 | rollback may reopen PUBLIC EXECUTE with new plane present | atomic deactivation-first rollback + G-NOMIXED-AUTHORITY | 04, 05, 06, 07 |
| 5 | ACL snapshot incomplete | +column ACL + effective role membership + sequence/default/PUBLIC/Directus/cp grants + snapshot hash; both-direction effective-privilege verify | 05, 06, 07 |
| 6 | writer-gateway identity/owner ambiguous at S15/S16 | pinned #26 identity + phase-explicit owner table; +G-WRITER-GATEWAY-IDENTITY | 02, 04, 06, 07, 08 |
| 7 | "permit" ambiguous vs operator authorization | operator_authorization (machine-checkable) vs blocked qt001_backfill_permit vs REAL_RUN_authority; +G-NO-QT001-PERMIT-DURING-FIX7; law §4G citation corrected |
03, 04, 07, 08, 12 |
| 8 | A-K verdict alignment | A-K mapping table in this report + blueprint doc 12 | 12 + report doc 01 |
Live grounding (read-only, DB directus, 2026-06-08, query_pg)
The patch is grounded on fresh live evidence, not the prior PASS claims. The decisive BLOCKER-1 finding: the legacy "set" changes with the name literal -
- views:
qt001%prefix → 0,v_qt001%prefix → 183,%qt001%substring → 196; - routines:
%qt001%substring → 45 functions + 1 procedure (= 46 routines), all ownerdirectus, allproacl=NULL(PUBLIC EXECUTE),prosecdef=false; 0 qt001 routines outsidepublic; - tables: 20;
qt001_cpschema + 3 roles still absent.
A set that swings 0/183/196 by literal cannot be operational authority. The blueprint now binds the target as a sealed, hash-bound, exact-set #20 manifest, not a pattern.
Document map
| doc | content |
|---|---|
| 00 | this readme |
| 01 | Codex failure matrix (A-K) + blocker→fix→docs→self-check |
| 02 | BLOCKER 1 - legacy target authority fix (sealed #20 disposition set) |
| 03 | BLOCKER 2 - G-NOLEGACY phase fix (PRE/POST) |
| 04 | BLOCKER 3 - stub-scope disposition fix (5 dispositions) |
| 05 | BLOCKER 4 - rollback no-mixed-authority fix (atomic deactivation-first) |
| 06 | BLOCKER 5 - ACL snapshot completeness fix (column ACL + effective privilege) |
| 07 | BLOCKER 6 - writer-gateway identity fix (pinned, phase-explicit) |
| 08 | BLOCKER 7 - permit terminology fix (operator_authorization vs blocked permit) |
| 09 | self-review: hardcode / disguised-hardcode / PG-first-native-driven |
| 10 | self-review: cross-layer boundary |
| 11 | direct blueprint revisions applied (every patch, doc, revision) |
| 12 | final verdict |
Boundary status (unchanged by this patch)
Official FIX7 design: approved. Blueprint: patched, pending Codex recheck. Implementation,
Stage 2.6B, qt001_backfill_permit, REAL_RUN, QT001 apply, manifest activation, repoint, owner/ACL
cutover: ALL BLOCKED. Next after PASS is Codex recheck only - not implementation approval.