From aae6d8afaf2f732c2d1a0eea49e5a7a44b216ace Mon Sep 17 00:00:00 2001 From: Svrnty Date: Wed, 17 Jun 2026 08:59:34 -0400 Subject: [PATCH] Record Stage 5 target custody preflight --- ...SE-STAGE5-TARGET-REPOSITORY-ADMISSION.json | 5 +++ WORKBOARD.yaml | 5 +++ docs/LEGACY-INGEST.md | 8 ++++ ...STAGE5-TARGET-SANDBOX-CUSTODY-PREFLIGHT.md | 44 +++++++++++++++++++ .../STAGE5-TARGET-SANDBOX-STALE-CASE-STATE.md | 9 ++++ tools/validate_cto_child.py | 37 +++++++++++++++- 6 files changed, 107 insertions(+), 1 deletion(-) create mode 100644 docs/STAGE5-TARGET-SANDBOX-CUSTODY-PREFLIGHT.md diff --git a/.sot/03-PROTOCOLS/CTO-CASE-STAGE5-TARGET-REPOSITORY-ADMISSION.json b/.sot/03-PROTOCOLS/CTO-CASE-STAGE5-TARGET-REPOSITORY-ADMISSION.json index 89a4d4b..4219043 100644 --- a/.sot/03-PROTOCOLS/CTO-CASE-STAGE5-TARGET-REPOSITORY-ADMISSION.json +++ b/.sot/03-PROTOCOLS/CTO-CASE-STAGE5-TARGET-REPOSITORY-ADMISSION.json @@ -1,5 +1,6 @@ { "admission_status": "admitted", + "admission_lifecycle": "historical-proof-target", "allowed_paths": [ "strings.py", "test_strings.py", @@ -36,11 +37,15 @@ "vendor/", ".git/" ], + "future_execution_authorized": false, + "future_execution_requires_new_admission": true, "noncritical_rationale": "Dedicated owned Stage 5 sandbox repo, not production, no customer data, no secrets, no deploy path, no external users, safe to delete after validation.", "operator_outcome_required": true, "ownership_evidence": "JP chat approval on 2026-06-01 to create this dedicated Stage 5 target sandbox under /home/svrnty/workspaces/cortex-os.", "repository_owner": "jp", "review_trigger": "before Stage 5 execution against any different repository, before target repository path change, before allowed path change, before forbidden action change, before risk classification change", "risk_classification": "low_risk_noncritical", + "root_path_dependency": "historical-reference-only", + "custody_preflight_record": "docs/STAGE5-TARGET-SANDBOX-CUSTODY-PREFLIGHT.md", "target_repository_path": "/home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox" } diff --git a/WORKBOARD.yaml b/WORKBOARD.yaml index 3c25484..1d86b68 100644 --- a/WORKBOARD.yaml +++ b/WORKBOARD.yaml @@ -491,3 +491,8 @@ items: status: validated source: docs/STAGE5-TARGET-SANDBOX-STALE-CASE-STATE.md owner: "" + - id: CTO-WORK-099 + title: Stage 5 Target Sandbox Custody Preflight + status: validated + source: docs/STAGE5-TARGET-SANDBOX-CUSTODY-PREFLIGHT.md + owner: "" diff --git a/docs/LEGACY-INGEST.md b/docs/LEGACY-INGEST.md index a81801e..b7bdf80 100644 --- a/docs/LEGACY-INGEST.md +++ b/docs/LEGACY-INGEST.md @@ -99,6 +99,14 @@ Current evidence: Movement gate: +2026-06-17 custody preflight: the old Stage 5 target admission is now +historical proof context only. The admission record sets +`admission_lifecycle=historical-proof-target`, +`future_execution_authorized=false`, and +`future_execution_requires_new_admission=true`. Physical relocation remains a +separate host-aware custody gate because the MacBook mirror can rehydrate root +paths unless policy is checked first. + Move or archive only after CTO replaces the absolute live path with archive-stable evidence or a new admitted target fixture, reruns `python3 tools/validate_cto_child.py`, reruns `python3 tools/validate_cto_stage5_target_sandbox_child.py`, and records that target ownership remains outside CTO and Core. The target-local Case task residue is now declared stale, but the absolute path dependency remains open. Rejected now: raw move, hard delete, validator path rewrites for cleanup optics, Case rerun, Harness rerun, provider mutation, target source mutation, Core mutation, Seed mutation, readiness claim, release claim. diff --git a/docs/STAGE5-TARGET-SANDBOX-CUSTODY-PREFLIGHT.md b/docs/STAGE5-TARGET-SANDBOX-CUSTODY-PREFLIGHT.md new file mode 100644 index 0000000..e2b8764 --- /dev/null +++ b/docs/STAGE5-TARGET-SANDBOX-CUSTODY-PREFLIGHT.md @@ -0,0 +1,44 @@ +# CTO Stage 5 Target Sandbox Custody Preflight + +Local planning evidence only. Not Core authority. Not Runtime authority. + +Source: CTO-WORK-099. + +## Result + +Status: custody-preflight-complete. + +Original target path remains historical proof context only: + +```text +/home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox +``` + +The target sandbox remains in place during this slice. Do not move the target sandbox in this slice. + +## Admission Lifecycle + +The Stage 5 target admission now declares: + +- `admission_lifecycle`: `historical-proof-target` +- `future_execution_authorized`: `false` +- `future_execution_requires_new_admission`: `true` +- `root_path_dependency`: `historical-reference-only` + +Any future Stage 5 execution requires a new admission record, new approval +text, current target validation, and fresh Harness evidence. The old +2026-06-01 approval remains proof history only. + +## Custody Decision + +Physical relocation remains a separate host-aware custody gate. That gate must: + +- preserve the target sandbox outside the umbrella with a manifest; +- prove the preserved target validator still passes from the preserved path; +- prove root absence or record any MacBook sync rehydration; +- keep target ownership outside CTO and Core; +- avoid hard deletion. + +No target source mutation, Case rerun, Harness rerun, provider call, runtime +start, browser open, branch mutation, Core mutation, readiness claim, or release +claim occurred. diff --git a/docs/STAGE5-TARGET-SANDBOX-STALE-CASE-STATE.md b/docs/STAGE5-TARGET-SANDBOX-STALE-CASE-STATE.md index ef01b96..a1b21ed 100644 --- a/docs/STAGE5-TARGET-SANDBOX-STALE-CASE-STATE.md +++ b/docs/STAGE5-TARGET-SANDBOX-STALE-CASE-STATE.md @@ -56,6 +56,15 @@ no default Runtime activation. ## Remaining Movement Gate +2026-06-17 custody preflight: + +- `docs/STAGE5-TARGET-SANDBOX-CUSTODY-PREFLIGHT.md` declares the original + target path historical proof context only. +- `.sot/03-PROTOCOLS/CTO-CASE-STAGE5-TARGET-REPOSITORY-ADMISSION.json` + now sets `future_execution_authorized=false` and + `future_execution_requires_new_admission=true`. +- The target sandbox was not moved in this slice. + Movement remains deferred until CTO replaces the absolute live path dependency with archive-stable evidence or a new admitted target fixture, then reruns: diff --git a/tools/validate_cto_child.py b/tools/validate_cto_child.py index ddd8973..40c0d74 100644 --- a/tools/validate_cto_child.py +++ b/tools/validate_cto_child.py @@ -17,6 +17,7 @@ REQUIRED_FILES = [ "CONTEXT.md", "docs/LEGACY-INGEST.md", "docs/STAGE5-TARGET-SANDBOX-STALE-CASE-STATE.md", + "docs/STAGE5-TARGET-SANDBOX-CUSTODY-PREFLIGHT.md", ".sot/00-START/CTO-WORKSPACE-INTENT.md", ".sot/03-PROTOCOLS/CTO-CASE-BACKEND-BRIEF.md", ".sot/03-PROTOCOLS/CTO-ARCHITECTURE-BRIEF-CLOSEOUT-PRD.md", @@ -882,6 +883,7 @@ REQUIRED_STAGE5_TARGET_ADMISSION_TEMPLATE_PHRASES = [ REQUIRED_STAGE5_TARGET_ADMISSION_JSON = { "admission_status": "admitted", + "admission_lifecycle": "historical-proof-target", "target_repository_path": "/home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox", "repository_owner": "jp", "ownership_evidence": "JP chat approval on 2026-06-01 to create this dedicated Stage 5 target sandbox under /home/svrnty/workspaces/cortex-os.", @@ -890,6 +892,10 @@ REQUIRED_STAGE5_TARGET_ADMISSION_JSON = { "approval_source": "JP chat approval on 2026-06-01", "approval_timestamp": "2026-06-01", "operator_outcome_required": True, + "future_execution_authorized": False, + "future_execution_requires_new_admission": True, + "root_path_dependency": "historical-reference-only", + "custody_preflight_record": "docs/STAGE5-TARGET-SANDBOX-CUSTODY-PREFLIGHT.md", } REQUIRED_STAGE5_TARGET_FORBIDDEN_ACTIONS = [ @@ -920,6 +926,24 @@ REQUIRED_STAGE5_TARGET_STALE_STATE_PHRASES = [ "No hard delete, Core mutation, Harness rerun, Case rerun, provider", ] +REQUIRED_STAGE5_TARGET_CUSTODY_PREFLIGHT_PHRASES = [ + "Local planning evidence only. Not Core authority. Not Runtime authority.", + "Source: CTO-WORK-099.", + "Status: custody-preflight-complete.", + "Original target path remains historical proof context only", + "/home/svrnty/workspaces/cortex-os/cto-stage5-target-sandbox", + "Do not move the target sandbox in this slice.", + "`admission_lifecycle`: `historical-proof-target`", + "`future_execution_authorized`: `false`", + "`future_execution_requires_new_admission`: `true`", + "`root_path_dependency`: `historical-reference-only`", + "Any future Stage 5 execution requires a new admission record", + "Physical relocation remains a separate host-aware custody gate.", + "preserve the target sandbox outside the umbrella with a manifest", + "prove root absence or record any MacBook sync rehydration", + "No target source mutation, Case rerun, Harness rerun, provider call", +] + REQUIRED_PROVIDER_ADMISSION_PRD_PHRASES = [ "Local planning SOT only. Not a Core Protocol. Not active Core authority.", "https://github.com/workos/case.git", @@ -2689,6 +2713,14 @@ def main() -> int: if phrase not in text: errors.append(f"missing_stage5_target_stale_state_phrase:{phrase}") + stage5_target_custody_preflight = ROOT / "docs/STAGE5-TARGET-SANDBOX-CUSTODY-PREFLIGHT.md" + if stage5_target_custody_preflight.is_file(): + text = stage5_target_custody_preflight.read_text(encoding="utf-8") + for phrase in REQUIRED_STAGE5_TARGET_CUSTODY_PREFLIGHT_PHRASES: + checked.append(f"stage5_target_custody_preflight_phrase:{phrase}") + if phrase not in text: + errors.append(f"missing_stage5_target_custody_preflight_phrase:{phrase}") + stage6_prd = ROOT / ".sot/03-PROTOCOLS/CTO-CASE-STAGE6-CANDIDATE-DEFAULT-PRD.md" if stage6_prd.is_file(): text = stage6_prd.read_text(encoding="utf-8") @@ -3023,7 +3055,7 @@ def main() -> int: checked.append(f"workboard_id:{issue_id}") if issue_id not in text: errors.append(f"missing_workboard_id:{issue_id}") - for issue_id in ["CTO-WORK-098"]: + for issue_id in ["CTO-WORK-098", "CTO-WORK-099"]: checked.append(f"workboard_id:{issue_id}") if issue_id not in text: errors.append(f"missing_workboard_id:{issue_id}") @@ -3123,6 +3155,7 @@ def main() -> int: "CTO-WORK-096": "validated", "CTO-WORK-097": "validated", "CTO-WORK-098": "validated", + "CTO-WORK-099": "validated", } for issue_id, expected in expected_statuses.items(): checked.append(f"workboard_status:{issue_id}:{expected}") @@ -3227,6 +3260,8 @@ def main() -> int: errors.append("workboard_missing_legacy_ingest_source") if "docs/STAGE5-TARGET-SANDBOX-STALE-CASE-STATE.md" not in text: errors.append("workboard_missing_stage5_target_stale_state_source") + if "docs/STAGE5-TARGET-SANDBOX-CUSTODY-PREFLIGHT.md" not in text: + errors.append("workboard_missing_stage5_target_custody_preflight_source") payload = { "ok": not errors,