Separate local parsing from model indexing, bind review decisions to immutable manifests, persist vectors behind active profiles, and expose retrieval, chat, evaluation, and document workflows through the React workbench.
Constraint: Live Bailian authentication currently fails for all three configured capabilities
Rejected: Direct upload-to-embedding flow | bypasses local review and manifest binding
Confidence: high
Scope-risk: broad
Directive: Keep private-data deployment blocked until authentication, RBAC, and separate database roles land
Tested: make verify; fresh and replay Docker document smoke; worker recovery smoke; frozen synthetic evaluation; migration 0003-0004 roundtrip
Not-tested: Successful live Bailian calls, OCR, real multi-user authorization
The API and ingestion tools now use a fixed internal model gateway while
governed profiles, embedding cache assignments, traceable citations, and
stable API errors establish the boundaries required by later workflows.
Constraint: The current Alibaba Cloud workspace rejects all three live model calls with authentication failures
Rejected: Give the API or seed tools the Bailian key and direct egress | combines database access, cloud credentials, and public network access
Rejected: Mix offline and Bailian vectors in one demo namespace | makes profile activation and retrieval ambiguous
Confidence: high
Scope-risk: moderate
Reversibility: clean
Directive: Keep Bailian credentials and egress exclusive to model-gateway and create a new immutable profile hash for any embedding identity change
Tested: make verify; 121 backend tests; 14 frontend tests; fresh and populated Alembic upgrade-downgrade-upgrade; two idempotent offline seeds; Docker health and HTTP retrieval; isolated provider smoke
Not-tested: Successful live Bailian responses because the supplied workspace credential currently fails authentication
Accept Docker Compose's exact string representation of the fixed 1024-dimensional embedding contract while rejecting every widened or ambiguous value. Entry-level smoke tests now exercise the same environment shape used by the container.
Constraint: The current local Bailian credential still returns 401 for all three capabilities and is not stored in Git.
Rejected: Change the field to an unconstrained integer | would allow a runtime dimension that disagrees with vector(1024).
Confidence: high
Scope-risk: narrow
Directive: Keep the database vector dimension and provider dimension locked together through an ADR-backed migration.
Tested: make verify; 75 backend tests; 14 frontend tests; rebuilt provider-smoke image; normal Compose smoke reached all three provider endpoints.
Not-tested: Successful live provider response remains blocked by external authentication.
The Stage 1 foundation now proves provider contracts with mocks and validates PostgreSQL/pgvector ingestion, approval binding, retrieval, reranking, and idempotency using only synthetic data. Live Bailian validation remains gated on rotating the exposed key.
Constraint: The key shown in chat is compromised and cannot be used or committed
Rejected: Mark Stage 1 complete from mock and offline results | real three-model smoke is still required
Confidence: high
Scope-risk: moderate
Reversibility: clean
Directive: Do not enable real-data ingestion until Stage 3 cloud approval and outbound manifest controls are enforced end to end
Tested: make verify; 41 pytest tests; strict mypy; Ruff; Compose config; pinned image build; empty-volume migration; role denial; two idempotent 20-vector seeds; database restart persistence
Not-tested: Live Bailian calls require a newly rotated key; React product UI is not implemented