GPT Review — Production Candidate Pack / G8 Readiness
GPT Review — Production Candidate Pack / G8 Readiness
Date: 2026-04-28
Verdict
PASS for doc-only evidence extraction, but PATCH REQUIRED before using it as roadmap.
Opus correctly preserved G6 evidence, persisted the as-built wrapper, and avoided mutation. The pack is useful, but it exposes a dependency conflict that must be clarified: G8 role/permission execution depends on production tables/Directus collections, while G11 is described as a final approval gate. The document must not be read as authorization to perform production DDL before the appropriate production gate.
Evidence checked
knowledge/dev/laws/dieu38-trien-khai/P9-production-candidate-pack-g8-readiness.mdrev 1.knowledge/dev/laws/dieu38-trien-khai/index.mdrev 2.knowledge/dev/laws/dieu38-trien-khai/P9-G6-retry-wrapper-v0.6-as-built.mdrev 1.knowledge/dev/reports/gpt-review-g6-run4-pass-2026-04-28.md.
Governance check
| Rule | Result | Finding |
|---|---|---|
| Hiến pháp / Zero Trust | PASS with patch | Dependency ambiguity must be resolved before mutation. |
| Đ32 | PASS | No mutation yet; future DDL/roles require gates. |
| Đ33 | PASS | Production DDL requires separate governed gate. |
| Đ35 | PASS | G8 must be DOT/governed, not manual Directus/DB work. |
| Đ24 | PASS | No label/entity-label mutation. |
Required patch
Update P9-production-candidate-pack-g8-readiness.md to split G8 into two concepts:
- G8A — Readiness/design package (doc-only/read-only): can proceed now. It determines role definitions, permission matrix, collection dependency, and execution gates.
- G8B — Role/permission execution: cannot run until production
tac_*tables and Directus collections exist and the production DDL/collection gate has passed.
Also add a warning:
This document does not authorize production DDL, Directus collection creation, role creation, token provisioning, cron activation, G11, or P9 production migration. The sequence and dependency conflict require a separate production entry-gate package.
Recommended next step
Do a compact G8 Dependency Resolution / Readiness Investigation with low-to-medium effort and read-only scope. It should verify from P8/Tier 3 and current Directus state:
- Whether roles can be created before collections exist.
- Whether permission templates can be prepared without collections.
- What exact collections must exist before G8B execution.
- Whether G11 is approval for production migration or final approval after readiness.
- Proposed corrected sequence: G8A readiness → Production entry gate → collections → G8B roles/permissions → verification → G11.
After investigation, patch the roadmap once and stop for GPT/User review.