klappy · klappy · May 10, 2026 · May 10, 2026
diff --git a/journal/2026-05-10-runtime-canon-merged-provisional.tsv b/journal/2026-05-10-runtime-canon-merged-provisional.tsv
@@ -0,0 +1,9 @@
+type	typeName	facet	quality_score	quality_max	quality_level	title	content
+D	Decision		5	5	high	Merge runtime canon to main as provisional, encoded structurally not by prose hedges	Operator's call: merge PR #187 with the framing "this is the best version we can foresee and will test, journal, and iterate." Translation: do not add prose qualifiers like "this may change" or "subject to revision" — that's already encoded structurally. Persona-shape carries tier=1, status=proposed, stability=evolving with retraction conditions. Runtime-contract carries tier=2, status=draft, stability=evolving with retraction conditions. The metadata IS the provisional declaration. Adding additional hedge language would be redundant and would weaken rather than strengthen the doc. Squash-merged at commit 2b761c2e on main.
+O	Observation		5	5	high	Bugbot history confirmed all flagged TSV alignment issues were on prior commits, fixed before reconciliation commit	Three Bugbot reviews on PR #187 each flagged "TSV column misalignment from extra tab" in different journal files (runtime-canon-divergence.tsv, sessions-mirror-modes-and-encoded-handoff-canon.tsv, runtime-contract-reconciliation-and-governance-override.tsv). All three were on commits prior to the head, and commit 22a2e7a4 ("fix(journal): correct TSV column alignment in reconciliation journal") fixed them. Bugbot's check on the reconciliation head commit b7a981c was completed/success with no new findings. Release-validation-gate canon satisfied: Bugbot reached completed (not in_progress), and the PR was canon-only (no orchestrate.ts / matchers / governance reads / envelope / action behavior changes), so Sonnet 4.6 validator dispatch was not required.
+L	Learning		5	5	high	The "provisional canon" pattern is metadata-encoded, not prose-encoded	Operator pushed back implicitly on the impulse to add hedging language to a doc that's being merged provisionally. The right move is the Vodka-Architecture move: keep the prose declarative and load the provisional posture into structured metadata fields (tier, status, stability) plus a Confidence section with named retraction conditions. Hedges in prose ("this may not be right," "subject to revision") corrode the doc's authority and rarely help future readers; structured metadata is machine-readable, audit-friendly, and can be promoted/demoted by tooling without rewriting the doc body. Apply this pattern to all future provisional-merge decisions.
+L	Learning		5	5	high	PR base SHA is the wrong reference frame for understanding what's in a PR after upstream merges	When PR #187 was opened, its base was de306427 (before #186 merged into main). After #186 merged, the PR's "files diff" against main computed by GitHub showed clean append-after patterns on files like sessions-mirror-modes.md and mode-transitions-require-encoded-handoff.md — the PR was adding to files that #186 had created on main. GitHub's mergeable_state went to clean because the three-way merge had no textual overlap. This means a single PR can functionally bundle: (a) its named work (the runtime canon split), (b) extensions to canon that landed mid-flight from sibling PRs, (c) cross-cutting cleanups like the P0009 DOLCHEO+H sweep. Future review: when a PR's base lags main, audit the file list against main, not against the PR's stated scope.
+C	Constraint		5	5	high	Iteration on provisional canon happens via journal entries against real deployments, not speculative redesigns	Both runtime canon docs are pre-production. The first audit-gate deployment (single-role validator session) is the next signal-source. Iterations to either doc should reference a specific deployment observation, encoded as a journal entry, that warranted the change. Do not redesign the runtime architecture before a real consumer has exercised it. The retraction conditions in each doc's Confidence section are the authority on when to retract or amend, not session-internal speculation.
+H	Handoff		4	5	medium	Next: deploy the audit gate as single-role validator and journal the first three runs	The audit gate substrate is already canonical (klappy://canon/constraints/audit-gates-are-spawned-agent-sessions, klappy://canon/methods/spawned-agent-session-substrate-options). The runtime canon now describes how a session inside that substrate composes from persona + mode + role + surface + engagement. First deployment: validator role, audit surface, agent engagement, on a representative governance-touching PR. Three runs to journal: (1) baseline run against a clean PR, (2) run against a PR with known governance violations, (3) run with operator-override invoked deliberately. After three runs, consolidate findings against the runtime-contract's enforcement points list and amend if reality contradicts the spec.
+E	Encode		5	5	high	Companion Documents callout pattern is now reusable canon	The pattern applied to persona-shape and runtime-contract — Companion Documents callout immediately after the blockquote summary, naming the sibling, partitioning content explicitly, stating the maintenance rule — is reusable for any sibling-layer canon split. Frontmatter complements field updated symmetrically; See Also reordered to put sibling at top with annotated descriptor. Apply this pattern when canon splits into method-vs-spec, principle-vs-constraint, abstract-vs-operational, or any other sibling-altitude pair. Implicit canon authoring rule worth promoting if the pattern recurs.
+O	Open		3	5	medium	Bugbot review timing on canon-only PRs may need its own canonical guidance	Bugbot reviewed three earlier commits and found TSV alignment issues; the fix commit and the reconciliation commit each ran Bugbot to completion successfully. The release-validation-gate canon is written with code PRs in mind (orchestrate.ts / matchers / etc.). For canon-only PRs, the current rule (wait for Bugbot completed; no validator dispatch unless code paths touched) appears correct but not explicitly canonized for this case. If canon-only PRs become a frequent shape, consider amending release-validation-gate to name canon-only as an explicit case with its own clearance requirements. Defer until the pattern recurs enough to warrant the amendment.