…and security review surfaces (#23)

* refactor(app): global and comprehensive refactoring (Stage #1).
* refactor(app): global and comprehensive refactoring (Stage #2).
* refactor(core): global cleanup of Any
* refactor(analysis,report): remove empty TYPE_CHECKING guards
* fix(cache): prune stale deleted file entries
* refactor(report,mcp): reduce import dependency chains
* test(coverage): cover validation and renderer edges
* refactor(app): global and comprehensive refactoring (Stage #1).
* docs(architecture): refresh docs for b6 layout
* fix(defaults): centralize shared runtime defaults
* fix(readme): make wordmark render on PyPI with absolute asset URLs
* chore(preview): tighten MCP docs and refresh b6 client metadata
* refactor(mcp): split session and remove duplicated CLI helper tails
* feat(cli): show one-time VS Code extension hint in interactive terminals
* refactor(report): move html template into canonical html package

* refactor(analysis,findings): move suppressions and golden fixtures to canonical modules

* fix(dependencies): align depth threshold docs and UI with health model
* feat(dependencies): switch to adaptive depth profiling and surface it in reports
- replace the fixed max-depth penalty with an adaptive dependency depth model
  based on avg_depth, p95_depth, and max_depth
- limit dependency scoring to the internal module graph and keep cycles as the
  hard dependency signal
- surface the dependency profile in HTML, text/markdown, and CLI/CI summaries
- bump report schema to 2.9 and align contracts, docs, snapshots, and tests
- refresh b6 changelog/docs for the new dependency semantics
* chore(cli,report): refine dependency visuals and runtime warnings
- keep dependency SVG aligned with longest chains and detected cycles when the graph is truncated
- switch deep dependency graphs to a wider horizontal layout with extra viewBox padding, lighter secondary labels, and more vertical breathing room
- unify CLI runtime warnings under one calmer lead/detail formatter across cache, worker, parallel fallback, coverage, and summary paths
- clarify in config docs that `coverage_xml` is the pyproject key mapped to CLI --coverage
- refresh the baseline snapshot and README health badge to the current 90(A) state
- include the current uv.lock refresh
* chore(dev): drop codegraphcontext from dev dependencies
* ci(release): add trusted publishing workflow and harden benchmark isolation
* chore(docs, licence): documentation has been updated and the recognition of codeclone license types for GitHub (dual-license model) has been improved. This change does not change the licensing model, but is of a technical nature.
* chore(docs): marking version 1.4.x as no longer supported (EOL)
* chore(release): polish b6 notes, health scoring, and PyPI license links
* fix(mcp): preserve reviewed finding summary payload
* fix(clients,docs): restore local fallback and refresh client surfaces
* fix(clients,docs): make Codex plugin install-safe and parallelize VS Code MCP hydration
* fix(runtime): complete cp314 migration and clean baseline trust UX
* fix(tests): keep provenance mismatch checks matrix-safe
* feat(report): add report-only security surfaces inventory across cache, cli, html, and mcp
* feat(vscode): add source-first Security Surfaces review flow with Coverage Join context
* docs(release): tighten b6 notes and sync report schema with MCP cache-policy contract

… and native agent integrations (#37)

* fix(mcp): cap process pool size

* docs(security): document trust boundaries

* test: cover MCP process cap and symlink resolve edge paths

* feat(mcp): tighten agent contracts and restore baseline health

Add concise tool param descriptions via pydantic Field annotations, reject
cache_policy=refresh at the MCP boundary, and refresh the tool schema
snapshot. Compact agent payloads with next_tool hints, help anti_patterns
in compact mode, trust_boundaries topic, and shorter workflow messages.

Load golden_fixture_paths from pyproject even when respect_pyproject=false
so fixture clones stay suppressed without lowering analysis thresholds.
Refactor duplicated_branches hotspots in workspace intents, session intent
helpers, and Cursor hooks. Update tests, MCP docs, and changelog.

* refactor(mcp): extract agent-facing copy into messages package

Centralize MCP tool descriptions, help topics, and workflow strings under
codeclone/surfaces/mcp/messages/; update CHANGELOG, AGENTS.md, and docs paths.

* refactor(copy): centralize user-facing strings across CLI, report, and MCP

* feat(mcp): add auditable SQLite workspace intent registry

Optional sqlite backend keeps closed intents with status transitions
and retention purge (7d default, 14d OSS max), pydantic wire validation,
schema v2, shared sqlite helpers, and plans/retention docs.

* feat(metrics): refine LCOM4 cohesion and add 2.0.2 migration tip

Exclude Protocol stub methods and Pydantic validation/serialization hooks
from the LCOM4 graph while keeping computed_field in the graph. Add a one-time
CLI note for trusted 2.0.2 baselines and document applicability in metrics docs.

* refactor(mcp): eliminate duplicated_branches in intent registry validators

Refactor Pydantic contract guards and gc/schema control flow without changing
validation semantics or wire payloads.

* docs(mcp): bind change-control skill and advisory acceptance reporting

Codex plugin instructions and bundled skills now mandate start/finish before
edits and require surfacing structural_delta and receipt advisories even when
finish is accepted. Align CLAUDE.md and Cursor workflow rule with the pipeline.

* test(mcp): expand workspace intent registry validation coverage

Cover scope/integrity validators, SQLite store edge paths, and schema migration
branches that were previously untested.

* test: add targeted coverage for CLI, report, and metrics paths

Raise line coverage toward the 99% gate with branch tests for session stats,
patch verify, HTML helpers, extractor edges, and pipeline metrics.

* test(mcp): expand workspace intent registry validation coverage

Cover scope/integrity validators, SQLite store edge paths, and schema migration branches that were previously untested.

* test: add targeted coverage for CLI, report, and metrics paths

Raise line coverage toward the 99% gate with branch tests for session stats,
patch verify, HTML helpers, extractor edges, and pipeline metrics.

* feat(mcp): add gitignore workspace hygiene tip for MCP and CLI

Advise adding `.cache/codeclone/` when the repository root `.gitignore` does
not cover CodeClone ephemeral state. Surfaces: MCP tips[] on analyze, summary,
triage, and start; CLI tip after interactive runs. Shared check lives in
codeclone/paths/gitignore.py; neither surface edits `.gitignore` automatically

* refactor(mcp): extract workspace intent leaf modules and scoped hygiene

Split PID, staleness, registry lock, and git-scoped hygiene into leaf
modules; dedupe lifecycle predicates and route store GC through staleness.

* feat(mcp): harden multi-agent change-control workflow and claim guard

Add continue_own_wip start policy, after_run_not_new verify guard, health regression advisory, recovery hints, queued-foreign finish hygiene, and patch_health_delta on validate_review_claims.

* docs(mcp): sync multi-agent change-control and claim guard contracts

Document dirty_scope_policy, verify advisories, recovery hints, lazy-close
semantics, and patch_health_delta claim-guard wiring across MCP docs and skills.

* fix(cli): count expired intents via recovery listing in session stats

Use list_workspace_intent_records_for_recovery so expired_count includes
TTL-expired recoverable intents instead of filtering them out at list time.

* refactor(mcp): flatten session mixin import chain in session.py

Compose MCP session mixins in session.py instead of serial cross-file
inheritance so module import depth drops without changing runtime MRO. Add mypy overrides for composed mixin modules.

* test(mcp): expand Phase 17 coverage and hygiene test contracts

Add workspace hygiene and sqlite store lifecycle tests, shared runpy guard helper, global intent-store cache autouse, and coverage for session stats, workflow finish paths, and claim guard behavior.

* docs(mcp,changelog): fix doc divergences and condense 2.1.0a1 entry

Fix three documentation-vs-code divergences found during audit:
- add changed_paths/git_diff_ref to analyze_repository param table
- add missing strictness param to finish_controlled_change table
- document all three supported suppression rule IDs

Condense the 2.1.0a1 changelog by merging related items and collapsing

* fix(mcp): restore strict no-any-return typing for composed mixins

Add coerce_repo_path_tuple and coerce_object_dict helpers for cross-mixin
calls after session flattening; drop no-any-return mypy override and keep
99% coverage without dead internal guard branches.

* fix(mcp): extract foreign dirty overlap skip guard

Consolidate duplicated continue branches in workspace hygiene into _skip_foreign_dirty_record without changing overlap semantics.

* docs: align docs and client surfaces with MCP contracts

Fix schema versions, source_kind filters, workflow tool guidance, and
read-only semantics across book chapters, extension READMEs, and plugin manifests after the full documentation audit.

* fix(launcher,vscode): harden poetry probe env and live triage refresh

Filter Poetry launcher probe subprocess env like exec path. Open Production
Triage fetches get_production_triage with a 5s cooldown and in-flight dedup.

* fix(mcp): separate claims_text from review_text and harden workspace finish

finish_controlled_change validates claims via claims_text while review_text
stays a human note; finish responses add summary and workspace hygiene.
Workspace intent I/O is thread-safe with correct sqlite closed_at reactivation, shutdown closes audit writers, and worker caches process_file signature lookup.

* feat(mcp): reconcile finish evidence with git and extract blast-radius core

Move blast-radius graph traversal to codeclone/analysis/blast_radius.py so
CLI and MCP share neutral logic without surface-layer import violations.
finish_hygiene_check cross-checks the full git tree against finish evidence, blocking under-reported in-scope dirty paths and own unscoped edits while ignoring foreign active/stale intent paths outside declared scope. Sync docs, skills, and CHANGELOG with payload semantics and recoverable nuance.

* feat(memory): add Engineering Memory phases 18.1-18.5

SQLite store, init ingestion, scoped retrieval, staleness/vacuum,
governance CLI, coverage metrics, MCP tools (get_relevant_memory,
query_engineering_memory, manage_engineering_memory), finish
propose_memory hook, shared file_lock, and baseline refresh for CI.

* fix(memory): validate cached report on init and fix for-path lookup

Reject stale report.json when inventory misses tracked files; resolve
module subjects via repo_path_to_module_key. Share memory test fixtures to keep CI clone gates green.

* feat(memory): Phase 18.6 FTS search, git ingest, and schema 1.1

Add FTS-backed memory search with any/all match modes, schema migration to 1.1, git provenance and hotspot ingest, refresh staleness, subject deduplication, and normalized document_link statements.

* feat(memory): Rich CLI for memory commands and shared console helpers

Add Rich rendering for all memory subcommands, shared query-console helpers
(width 120), refactor MCP manage_engineering_memory handlers, and align
session-stats with the shared console utilities.

* docs: CHANGELOG for Engineering Memory Phase 18.6

* docs: add Engineering Memory book chapter and site navigation

Introduce docs/book/26-engineering-memory.md with architecture, lifecycle,
agent playbook, and mermaid diagrams. Link from mkdocs, docs index, and README.

* docs: integrate Engineering Memory across contract book and MCP guide

Cross-link the new chapter from architecture map, CLI, MCP interface, versioning, and schema appendix. Expand docs/mcp.md with agent read/write workflow and fix manage_engineering_memory parameter docs in book/20.

* docs(agent): add Engineering Memory playbook to skills and MCP help

Add codeclone-engineering-memory skill for Codex and Cursor, extend change-control with memory step 3, expand CLAUDE.md workflow, and document filters.match_mode in help(topic=engineering_memory) and MCP param descriptions.

* feat(memory,mcp): MCP memory sync and retrieval governance polish

Add mcp_sync_policy with auto bootstrap/refresh on MCP memory reads.
Harden claim validation, scoped ranking, path/module equivalence, agent draft subject links, and bare-filename doc-link ingestion. Align plugin and extension manifests to the Structural Change Controller tagline and 31-tool MCP surface.

* feat(memory): agent retrieval, IDE governance, and VS Code Memory view

Engineering Memory scoped retrieval now surfaces draft agent notes via
get_relevant_memory, for_path, and FTS-backed search; claim validation is
negation-aware with a VS Code human-approval safe harbor. Add IDE governance
channel (ticket + HMAC) so approve/reject/archive run only from the extension
Memory view, plus universal change-control gate rules for Cursor/Codex plugins.

* docs(agent): gate requires MCP memory before finish after incident

Add change-control-gate prohibition and skill steps: record_candidate
(or propose_memory) before finish when the cycle had incident, complexity, or a durable decision. Chat is ephemeral; Engineering Memory is MCP-only.

* docs(agent): spell out Engineering Memory gate in CLAUDE.md

Claude Code reads CLAUDE.md as primary policy: mandate get_relevant_memory,
record_candidate before finish on incident/complexity/decision, and chat is not memory.

* fix(mcp): attribute finish hygiene dirty state

Persist start-time dirty snapshots with workspace intents so finish can distinguish unchanged preexisting dirty paths from new, modified, or unknown unattributed dirt.

Align CLAUDE.md, MCP docs, and bundled Codex/Cursor skills with the updated change-control and Engineering Memory contracts.

* fix(memory): add approval evidence warrant

Record human approval as audit-event evidence when approving evidence-less draft records so active memory remains provenance-linked.

* chore(baseline): update project baseline

* fix(memory): harden governance and tool guidance

* refactor(mcp): simplify workspace hygiene payloads

* feat(cursor): gate writes through workspace intents

* fix(workspace-intent): close sqlite gate reads

* feat(mcp): scope-aware finish hygiene

* feat(mcp): scope-aware finish hygiene

* fix(cursor): stop tracking local hook configs

* feat(mcp): compact finish hygiene payload + detail_level

* docs: fix MkDocs admonitions and document finish hygiene

Re-indent admonition/details bodies so Material renders them correctly,
add a docs lint script with pytest coverage, and align MCP/change-controller docs with finish_controlled_change blocking vs advisory hygiene semantics.

* test(memory): expand memory and MCP coverage edge suites

Add broad edge-case coverage across memory config, governance, retrieval, sqlite store, CLI rendering/commands, and MCP memory management paths to improve reliability around optional dependencies and branch-heavy flows.

* feat(audit): record the human intent description in the audit trail
The intent.declared event recorded an intent's volume (scope_file_count)
but never its substance: the human-authored description was dropped in
every audit_payloads mode — "full" stored the start-response dict, which
never carried it; "compact" kept only counts; "off" stored nothing.

* test(coverage): reach 99% and clear duplicated-branch findings

Expand targeted edge-case coverage suites and apply behavior-preserving branch refactors in gate and hook flows to remove structural duplicated-branches findings while keeping pre-commit checks green.

* docs: align book and guides with current MCP and CI behavior

Document hygiene detail_level (full vs compact), compact audit
intent_description, real docs.yml steps, enforce_scope, 31 MCP tools, and the 99% coverage gate.

* test(cursor): fix hook CI without committed .cursor/hooks.json

Test plugin manifest and install-project-hooks output instead of
gitignored project hooks; add audit/gate coverage. Docs: hooks are generated locally, not committed.

* feat(memory): add optional semantic retrieval index (Phase 20)

Add a semantic-proximity retrieval layer over Engineering Memory and the
audit trail as an optional, rebuildable sidecar that never affects
determinism.

- Config: nested [tool.codeclone.memory.semantic], validated by a pydantic
  SemanticConfig; default disabled + "diagnostic" keeps the community
  default offline and zero-extra-dependency.
- Foundation: deterministic projection + text_hash; EmbeddingProvider
  Protocol + DeterministicHashEmbeddingProvider (diagnostic/test only);
  read SemanticIndex / read+write SemanticIndexWriter Protocols with
  Null/Unavailable degraded indexes; SEMANTIC_INDEX_FORMAT_VERSION.
- Sources: MemoryIndexSource (prose/decision records) and AuditIndexSource
  (the bounded controller_events.summary column), availability-gated.
- rebuild: project -> embed -> upsert, id-keyed, with stale-id reconcile.
- CLI: `codeclone memory semantic status|rebuild|search`; fails clear when
  the backend/provider is unavailable.
- Backend: lazy LanceDB adapter behind the optional `semantic-lancedb`
  extra; the memory package never imports a vector DB at module level.

The index is derived and feeds only mode=search recall — never
fingerprints, baselines, gates, reports, or receipts. Retrieval
(`memory search --semantic`) and MCP integration are follow-ups.

* feat(audit): add workflow payload forensics

* fix(cli): clarify session stats forensics

* feat(memory): enforce scoped retrieval and token hygiene contract

Reject project root as memory scope, require subject_path and scoped get_relevant_memory, add compact detail_level with statement limits, and return human-readable validate_claims guard messages.

* docs(mcp): clarify baseline novelty semantics

* feat(memory): semantic retrieval index for engineering memory + audit

Phase 20 V1: an optional semantic recall layer over the prose/decision
memory subset and audit incidents, behind a backend Protocol (LanceDB is
an optional extra; core never imports it).

- config: nested [tool.codeclone.memory.semantic] contract + defaults
- projection/embedding: deterministic projection + text_hash; diagnostic
  hash provider (always labelled, never masquerades as real recall)
- backend: lazy LanceDB adapter + rebuild/reconcile; Null/Unavailable
  objects so every read path degrades clear, never raises
- retrieval: relevance_score gains an additive semantic_proximity term
  (after the scoped short-circuit); query_engineering_memory(mode=search,
  semantic=true) merges FTS ∪ semantic and returns audit incidents
  typed-separate (payload.audit_events) from the bounded summary column
- audit: event_summary() emits bounded summaries for the indexed incident
  event types (patch_contract.violated, workspace.conflict_detected,
  baseline_abuse.detected, claim_validation.violated, review_receipt.created)
- CLI: memory semantic status|rebuild|search; memory search --semantic
- MCP: query_engineering_memory gains an additive semantic param
  (tool-schema snapshot regenerated; tool count unchanged at 31)

* feat(memory): harden semantic retrieval contracts

* feat(vscode): memory search and IDE-only session/audit insights

Add Engineering Memory search UX (QuickPick, active-file query, secure
webview) and workspace coordination dashboards mirroring CLI
--session-stats and --audit. Introduce controller_insights payloads and
IDE-only MCP tools registered with --ide-governance-channel so agent
launchers never list them. Refactor CLI session-stats rendering onto the shared collector and fix audit footprint workflow field names in the webview (calls/tokens).

* docs: Engineering Memory Phase 20, semantic search, and plugin surfaces

Document semantic index config, CLI/MCP/VS Code memory search, 31 vs 33 MCP
tools, and code-backed Cursor/Codex/Claude guides; sync bundled skills.

* fix(ci): sync integration overlays, docs contracts, and API snapshot

Document integration sync overlays and semantic config keys; fix MkDocs
admonitions; align Cursor plugin skill parity and CLI semantic test messages;
refresh MCP public API snapshot; extend sync_integrations tests.

* ci: run hooks through uv

* docs: migrate site build to zensical

* test: expand memory and contract coverage

* fix(memory): keep semantic lancedb optional in CI

* docs: note zensical migration in changelog

* fix(memory): report semantic provider errors first

* test(memory): decouple semantic cli coverage from lancedb

* feat(memory): harden semantic retrieval contracts

* fix(ci): sync CI tests coverage gate

* feat(memory): add optional fastembed semantic provider

* docs(memory): document fastembed semantic setup

* chore(docs): align docs tooling with zensical

* feat(memory): add MCP semantic index rebuild

* fix(memory): recover semantic index schema mismatches

* chore(memory): configure local fastembed semantic index

* fix(security,mcp): require opt-in external artifacts

Add a policy-based repo path resolver for security-sensitive state paths and apply it to memory, audit, intent registry, cache wire paths, and MCP optional artifacts. MCP analyze requests now reject absolute or out-of-root artifact paths by default, with allow_external_artifacts as explicit opt-in. Update focused tests and the MCP tool schema snapshot.

* fix(security): bound JSON and coverage XML reads

Read JSON documents through an opened-file byte cap, pass cache max_size_bytes into the reader, and harden atomic JSON writes against symlink targets. Parse coverage XML from bounded bytes with lazy defusedxml support behind the coverage-xml extra. Update focused cache, baseline, metrics baseline, coverage, and JSON IO tests.

* fix(mcp): tighten workspace intent lifecycle gates

* fix(mcp): harden run and resource path checks

* chore(docs): reorganize documentation — renumber book, merge integrations, rewrite nav

Complete documentation IA restructuring:

- Renumber book chapters 00→25 in thematic groups (Foundations,
  Pipeline, Contracts, Change control, Quality, System, MCP)
- Merge 4 integration guide+contract splits into single pages
  (VS Code, Claude Desktop, Codex, Cursor); delete book/21,22,23,25
- Move cfg.md → book/04-cfg-semantics.md
- Move mcp.md payload semantics block → book/12 (contract home)
- Rename docs/README.md → index.md (slim goal-router)
- Split publishing.md → publishing.md + releasing.md
- Slim architecture.md to narrative map with links into Reference
- Rewrite zensical.toml nav: 6 tabs (Home, Get started, Guides,
  Reference, Legal & plans, Maintainers)
- Rename scripts/lint_mkdocs_admonitions.py → lint_admonitions.py;
  remove dead mkdocs.yml exclude from pre-commit
- Fix all cross-links across 70+ files; zero broken links verified
- Add doc-scope ownership comments to all 45 doc files to prevent
  agent-driven content drift

* chore(docs): reorganize documentation — renumber book, merge integrations, rewrite nav

Complete documentation IA restructuring:

- Renumber book chapters 00→25 in thematic groups (Foundations,
  Pipeline, Contracts, Change control, Quality, System, MCP)
- Merge 4 integration guide+contract splits into single pages
  (VS Code, Claude Desktop, Codex, Cursor); delete book/21,22,23,25
- Move cfg.md → book/04-cfg-semantics.md
- Move mcp.md payload semantics block → book/12 (contract home)
- Rename docs/README.md → index.md (slim goal-router)
- Split publishing.md → publishing.md + releasing.md
- Slim architecture.md to narrative map with links into Reference
- Rewrite zensical.toml nav: 6 tabs (Home, Get started, Guides,
  Reference, Legal & plans, Maintainers)
- Rename scripts/lint_mkdocs_admonitions.py → lint_admonitions.py;
  remove dead mkdocs.yml exclude from pre-commit
- Fix all cross-links across 70+ files; zero broken links verified
- Add doc-scope ownership comments to all 45 doc files to prevent
  agent-driven content drift

* fix(mcp): require bearer auth for http transport

* fix(memory): require explicit governance break-glass

* chore(docs): fix admonitions

* feat(core): migrate workspace artifacts to .codeclone/

Move default cache, reports, intent registry, engineering memory,
audit, and related paths from .cache/codeclone/ to .codeclone/.
Add workspace path helpers and legacy warnings when home
~/.cache/codeclone/cache.json or a non-empty repo .cache/codeclone/
still exist (no automatic migration).

Update pyproject gitignore hints, blast-radius do_not_touch, CLI/MCP
defaults, docs, GitHub Action report defaults, and VS Code / Claude
Desktop copy. Adjust tests and session-stats fixtures for the new
intents directory layout.

Breaking: consumers pinning .cache/codeclone/* must switch to .codeclone/* (see CHANGELOG).

* fix(test): stop memory CLI tests writing production engineering_memory DB

Isolate init/for-path tests to tmp_path + test-isolated.sqlite3; fix
legacy workspace warning assertions for CI (.cache/codeclone/ marker).

* fix(memory): survive unclean MCP exit and protect drafts from refresh

Two independent bugs caused agent-recorded memory drafts to vanish:

1. WAL + synchronous=NORMAL meant commits lived in OS page cache only.
   When the MCP process was killed (IDE restart, stdio timeout), the
   WAL checkpoint never ran and committed records were lost.
   Fix: open_sqlite_db gains a `synchronous` parameter; open_memory_db
   sets FULL so every commit is fsync'd.  Intent/audit stores keep
   NORMAL — their writes are frequent and TTL/recovery-designed.

2. apply_refresh_staleness checked both active and draft records, but
   linked_path_missing fired for any non-Python subject path.  Agent
   drafts about docs/config files were marked stale on the next
   refresh, then invisible to queries.
   Fix: _skip_refresh_candidate now skips drafts — they become subject
   to staleness only after human promotion to active.

* test(memory,cli): isolate memory DB in tests and fix CI coverage when report.json is missing

* test: keep 99% coverage on Python 3.10 without checkout report.json

Use memory report fallbacks for repo extractor tests, run golden pipeline
smoke on non-cp314 tags instead of skipping, and fold refresh init into the
existing docs/tests ingest fixture test.

* test: keep 99% coverage on Python 3.10 without checkout report.json

Use memory report fallbacks for repo extractor tests, run golden pipeline
smoke on non-cp314 tags instead of skipping, and fold refresh init into the
existing docs/tests ingest fixture test.

* fix(vscode,claude-desktop): unbreak manifest test, humanize audit DB size

- Claude Desktop manifest test pinned a hardcoded 28-tool count that drifted
  to CI-red after the manifest grew to 31; derive the expected count from the
  canonical MCP contract snapshot so the bundle stays in lockstep with the
  server surface instead of a magic number.
- VS Code audit webview renders the controller DB size as KB/MB/GB via a new
  formatBytes helper instead of raw bytes, with unit tests covering unit
  selection, rounding (<10 one decimal, >=10 integer), and invalid input.

* docs: sync chapter headings, expand plans tiers, consolidate changelog

- Sync book chapter H1 heading numbers to their renumbered filenames
  (24 chapters) and fix stale chapter numbers in sarif.md See-also links;
  all 26 chapters now use "# NN. Title" matching their filename.
- Expand plans-and-retention with Engineering Memory tiers (retention,
  record/candidate limits, semantic provider editions fastembed/api/
  local_model) and audit-trail retention per Open Source / Team / Enterprise.
- Consolidate the 2.1.0a1 changelog: collapse phase-numbered dev entries
  into user-facing feature groups; add docs reorg, memory persistence, and
  doc-URL fixes.

* ci: add integrations workflow for extensions and plugins

Run the Node-based VS Code extension and Claude Desktop bundle test
suites (which the main `tests` workflow never executed) plus the Codex
and Cursor plugin contract tests, gated on integration-path changes.

* refactor(typing): drop Any from MCP, CLI memory, semantic, and hook surfaces

* docs: sync chapter headings, expand plans tiers, consolidate changelog

- Sync book chapter H1 heading numbers to their renumbered filenames
  (24 chapters) and fix stale chapter numbers in sarif.md See-also links;
  all 26 chapters now use "# NN. Title" matching their filename.
- Expand plans-and-retention with Engineering Memory tiers (retention,
  record/candidate limits, semantic provider editions fastembed/api/
  local_model) and audit-trail retention per Open Source / Team / Enterprise.
- Consolidate the 2.1.0a1 changelog: collapse phase-numbered dev entries
  into user-facing feature groups; add docs reorg, memory persistence, and
  doc-URL fixes.

* fix(vscode): align formatBytes JSDoc with invalid-input handling

Typecheck failed because tests pass non-numeric values while @param
was number-only; document bytes as unknown to match runtime guards.

* fix(security): tighten config and lock path handling

* fix(security): tighten workspace intent gates

* fix(security): document path policy and hook foreign-intent gate

Sync book/21, mcp.md, and book/25 with repo_paths containment,
allow_external_artifacts default/opt-in, and MCP trust_boundaries help.

Workspace edit gate: authorize FOREIGN_ACTIVE only when allowed via
CODECLONE_HOOK_AUTHORIZE_FOREIGN (default on until hooks pass agent identity;
set 0/false/no/off for strict own-active only).

* fix(cache): allow contained absolute wire paths

* fix(vscode): pass repo-relative coverage_xml to MCP after path hardening

VS Code auto-detect now sends coverage.xml instead of an absolute path.
MCP accepts in-repo absolute coverage_xml via allow_repo_absolute for
backward-compatible clients.

* fix(security): preserve unknown PID ownership

* fix(security): close semantic index resources

* fix(mcp): keep audit token estimates lightweight by default

* feat(design): detect instance-independent methods

* feat(audit): persist analysis.completed for session-stats latest run

Emit MCP/CLI run summaries to the audit trail when audit_enabled, with
agent session binding (pid + start_epoch). Session-stats resolves latest
run from audit events first, then on-disk report.json meta timestamp.

Bump audit schema to v3 (agent_start_epoch column and session indexes).
Resolve MCP internal summary shape (analysis_mode/findings_summary) so
analysis.completed rows are not dropped on empty status validation.

* chore(pre-commit): add new hook

* chore(tests): extending the test coverage

* feat(cursor): ignore foreign intents in stop-hook cleanup warnings

Stop hook reads the workspace intent registry first and warns only on
own or recoverable cursor-vscode intents. Foreign active/stale rows
(e.g. Codex MCP) are excluded from followup_message. Add
list_unclosed_workspace_intents_for_hook_cleanup(), shared test
helpers, and update cursor-plugin docs.

* feat(memory): commit-anchored durability with historical status

Anchor Engineering Memory freshness to subject fingerprint drift at HEAD
instead of analysis inventory membership. Deleted subjects become
historical (preserved); matching fingerprint restores active. Remove
linked_path_missing staleness and stop vacuum from deleting stale or
historical records.

record_candidate writes git anchor only when subject fingerprint
resolves; human-origin records follow the same drift table (draft-only
skip). Harden subject_path_fingerprint with repo path containment.

Add durability tests, update staleness/vacuum coverage, and document
MemoryStatus.historical in engineering-memory docs.

* feat(vscode): bulk Memory inbox/stale governance for extension 0.3.0

Add checkbox and multi-select bulk approve/reject for draft and stale
records, with toolbar presets and one confirmation per batch. Fix stale
approve silent no-op (hydration was inbox-only) and Status Active dash
(records_by_status vs missing active_count). Merge extension changelog into
0.3.0 and add memoryBulkSelection helpers plus tests.

* feat(audit): add replay event core for trajectories

* feat(memory): add trajectory projection storage

* feat(memory): surface trajectory retrieval

* feat(memory): trajectory export, projection jobs, and audit core v2
Add trajectory retrieval and export (Phases 24–25): audit event core v2
with bounded scope facts, path subjects, include_routine filtering, and
disabled-by-default JSONL export profiles.
Add coalesced projection rebuild jobs (Engineering Memory schema 1.3):
async trajectory + semantic rebuild via memory_projection_jobs, CLI
memory jobs *, MCP manage_engineering_memory actions, optional auto-enqueue
on accepted finish (policy off by default, skipped in CI).
Wire CLI/MCP surfaces, refresh contract snapshots, declare missing
setuptools subpackages (memory.jobs, memory.trajectory, findings.design),
and add a packaging guard test. Update engineering memory docs and changelog.

* feat(memory): patch trail, trajectory export v2, and structural cleanup

Add deterministic Patch Trail at finish_controlled_change: scope narrative,
audit patch_trail.computed, memory schema 1.4 / trajectory-v2 projection,
rebuild persistence, retrieval patch_trail_summary, and MCP patch_trail_detail.

Complete trajectory JSONL export (schema 2): memory/trajectory precedents,
citations, patch_trail_summary, canonical dedupe via projection supersede,
and legacy scope backfill from audit payload_json supplements.

Extend claim-validation event core with bounded validated_citations; wire
MCP receipts/finish and projection rebuild. Refactor duplicated branch
families (export_context, events, jobs, staleness, CLI). Fix ruff/mypy
and refresh public_api_surface contract snapshot.

* chore(docs): alignment of docs to the current state of the code

* feat(memory): trajectory/projection jobs, agent docs sync, coverage hardening

Add projection rebuild jobs, trajectory export config keys, and SQLite store
close hygiene. Sync MCP help topics, tool strings, plugin skills, and schema
snapshot with workflow-first agent guidance. Fix config defaults doc table so
nested memory keys are not mistaken for root pyproject options; add jobs/
trajectory coverage tests (98.18% package coverage — 99% gate still open on
semantic/ingest/trajectory projector paths).

* feat(memory): align agent-facing docs with code

* feat(memory,docs): semantic retrieval, configurable ingest, and Phase 27 docs IA

* feat(memory,docs): semantic retrieval, configurable ingest, and Phase 27 docs IA

* feat(memory,docs): semantic retrieval, Phase 27 docs IA, and trajectory labels

* feat(memory,vscode,mcp): trajectory passport and contract-quality scoring

Add deterministic trajectory quality v2: contract-quality score from gate min,
separate complexity with explainable breakdown, and quality_score persistence
on Engineering Memory schema 1.5. Expose trajectory dashboard, anomalies, and
per-agent aggregation via MCP/CLI. Add VS Code Trajectory Passport webview
(KPI rail, contract gates, patch trail, timeline). Refresh MCP tool schema
snapshot and extend trajectory contract tests.

* refactor(core): move memory version constants into contracts

* feat(core): add Experience Layer domain model

* perf(core): replace stdlib json with orjson in memory domain

* feat(core): Experience distiller and persistence (schema 1.6)

* perf(core): incremental semantic rebuild (hash-skip, bounded RSS)

* docs(config): centralize CODECLONE_* env overrides in 10-config-and-defaults

* perf(core): skip redundant projection worker spawn when one is running

* perf(core): incremental trajectory rebuild by watermark

* feat(core): auto experience distillation in projection job

* feat(core): surface experiences[] in get_relevant_memory

* feat(core): promote_experience governance core

* feat(mcp): expose promote_experience action

* feat(core): honest 1-hop retrieval with contradiction down-rank

* feat(core): platform observability config + disabled contract

* feat(core): observability data model + sqlite store

* feat(core): observability write API (operation/span)

* feat(core): observability read model (TraceView + aggregates)

* feat(core): instrument projection worker chain (operation + spans)

* feat(mcp): record per-tool payload sizes via observability registrar

* feat(core): capture psutil RSS/CPU profile on operations and spans

* chore(core): bump psutil perf extra to >=7,<8

* feat(cli): instrument core analyze pipeline (cli.analyze + stage spans)

* feat(cli): add observability trace command (json + branded html)

* feat(core): correlate finish->worker across processes via env handoff

* refactor(html): align observability trace report into a grid layout

* feat(core): observability cost views and waterfall read model

Extend the Phase 29 TraceView read model for the diagnosis cockpit:
- SpanCostView with a deterministic no_op flag (productive counters present
  and summing to zero), AggregatesView.slowest_span / semantic_costs, and
  McpToolAggregate.p95_request_bytes / p95_response_tokens.
- WaterfallGroup / WaterfallRow: one self-contained timeline per causal
  chain, offsets relative to the group start so an idle window never
  crushes the bars. SpanView gains started_at_utc for time positioning.

Dataclasses are extended by appending defaulted fields only (render tests
build McpToolAggregate positionally).

* feat(html): runtime-diagnosis cockpit with waterfall timeline

Rewrite the observability HTML as a top-down diagnosis cockpit instead of a
data dump: executive runtime summary (stat cards + slowest op / hottest
span / peak memory highlights), correlated finish->worker event chains
(horizontal causality breadcrumb + indented detail via a rail, no
card-in-card), a memory-pipeline cost table that flags no-op-but-costly
spans, an MCP tool matrix (latency + request/response/token payload), and a
per-chain waterfall timeline that places bars by start offset and width by
duration so the spawn handoff gap is visible. Self-contained branded SVG,
auto dark/light, no JS.

* feat(core): record memory.projection.spawn op for the worker chain

Add operation B (memory.projection.spawn) in
execute_enqueue_projection_rebuild, wrapping the spawn decision. It inherits
the active finish op (A) as parent + correlation via
current_operation_context(), so the env handoff parents the worker (C)
under B — completing the cross-process A->B->C tree. Inert when
observability is disabled.

* feat(mcp): add stage spans to analyze_repository

Wrap the bootstrap/discover/process/analyze phases of the MCP
analyze_repository handler in pipeline.* spans so mcp.analyze_repository
carries the same stage timing as cli.analyze. This path calls the stages
directly and bypasses run_analysis_stages, so the spans are inline; they
attach to the active operation opened by the server registrar and are inert
when observability is disabled.

* chore(deps): bump transitive lockfile pins

uv.lock re-resolution only: cryptography 44.0->45.0, filelock
3.29.1->3.29.3, readme-renderer 48.0.0->48.0.1. Transitive/dev pins; no
direct dependency or package-set change.

* feat(html): name the top memory consumer in the runtime summary

Turn the Peak RSS metric into a conclusion: the reader records
AggregatesView.peak_memory_span (the span with the largest rss_delta) and
the cockpit highlight names it — "Top memory consumer: <span> in <op> — <MB>
· <share>%" — so the peak points at who took the memory instead of leaving
the reader to do the math.

* feat(core): count SQL queries per observability span (29.DB)

First slice of DB observability (performance-truth, not audit-truth):
observability.runtime.record_db_query is a sqlite set_trace_callback that
attributes each statement to the active span as a db_queries counter (plus
db_writes for insert/update/delete/replace). instrument_db_connection
registers it only when observability is enabled, so disabled processes pay
zero per-query trace overhead; it is hooked into open_memory_db. The counter
flows into the existing span counters, so "semantic.reindex is expensive"
can now be read as "expensive due to N SQL reads". Resolves the add_counter
forward-declared dead-code. Timing/rows/slow and the scattered raw-connect
sites are later slices.

* feat(html): add DB cost table to the cockpit

Aggregate the span-level db_queries/db_writes counters into a DB COST
section (DbCostRow on AggregatesView.db_costs): per span class, the number
of spans, total queries, total writes, queries-per-call (an N+1 signal) and
the worst single instance. On real data this immediately shows
memory.semantic.reindex is SQL-read-bound (1306 queries, 0 writes), turning
"reindex is slow" into "reindex runs N queries". Op-level DB for spanless
MCP operations is a later collection slice.

* feat(html): add Agent context view (token/context pressure)

Aggregate the already-collected MCP token economics into an Agent context
cockpit section (AgentView on AggregatesView.agent): total context pressure
(response tokens pushed back into the agent), total sent, call count, and a
per-tool consumer ranking with each tool's share of context. On real data
it surfaces get_relevant_memory as the dominant consumer (≈59% of context),
answering "which tool eats the agent's context" — the per-call detail stays
in the MCP tool matrix below it.

* feat(html): add Waste view (no-op + high-payload fix candidates)

Consolidate already-collected waste signals into one ranked Waste cockpit
section (WasteItem on AggregatesView.waste), placed under the runtime
summary as the executive "what to fix" digest: costly no-op rebuild spans
(produced nothing yet spent time/memory) and payload-heavy MCP tools (p95
response over a threshold), sorted by severity. On real data it flags
get_relevant_memory as a high-payload candidate. Duplicate-work via
dedupe_key is deferred (the field is not yet populated).

The seed-based reader tests now share a _read_trace helper so the
open->build->close boilerplate no longer fingerprints as a block clone.

* feat(html): surface CPU cost and a pipeline-by-subsystem roll-up

Complete the Cost view with the last collected axis. OperationView now
carries cpu_user_ms/cpu_system_ms; AggregatesView.heaviest_cpu drives a
"Heaviest CPU" summary highlight that prints the CPU-to-wall ratio, so a
parallel op (CPU > wall) reads differently from an I/O-bound one. A new
Pipeline section rolls operations up by subsystem (memory / analysis /
controller / mcp query / cli) with op count, total wall and total CPU,
showing where the run's time and compute actually go. On real data the
memory subsystem is the CPU hog (6.5s CPU on 5.5s wall, parallel) while
analysis is wall-bound.

* feat(core): attribute worker cold-start as a bootstrap span

Make the spawn->job handoff honest. observability.runtime.record_elapsed_span
emits a span with explicit started_at + duration for work that finished
before instrumentation could wrap it; profile.worker_bootstrap_sample reads
the process create_time (psutil) and the elapsed time to now. A spawned
projection worker (one carrying the env handoff) now emits a
memory.projection.worker_bootstrap span positioned at its process creation,
so the previously empty spawn->job gap in the waterfall is labelled with the
real cold-start (process spawn + interpreter + imports + claim). In-process
runs skip it (they share the caller's process); inert when disabled or
psutil is absent.

* fix(memory): honor compact retrieval detail

* fix(memory): refine retrieval evidence context

* fix(memory): prioritize reliable retrieval context

* test(memory): add coverage tests for memory and observability surfaces

* feat(core): centralize DB query instrumentation via read-only openers

Route raw sqlite3.connect bypasses (audit reader, intent gate, semantic
sources, staleness) through instrumented domain openers so the per-span
db_queries/db_writes counters cover read paths, not just writes. Add
open_sqlite_db_readonly plus read-only audit/intent openers (mode=ro URI
+ query_only pragma) that still attach the trace counter. The projection
worker now runs on a single SqliteEngineeringMemoryStore session instead
of reopening a connection per step.

* perf(memory): batch retrieval subject/evidence/trail loads

Replace per-memory N+1 lookups in relevance ranking with batched IN-queries
(list_subjects_for_memories, count_evidence_for_memories,
load_trajectory_patch_trails), chunked at the SQLite variable limit. Wire
the batch loaders into the retrieval service and trajectory hydration, and
honor compact detail_level so list responses stay bounded.

* docs(memory): document records/experiences/trajectories evidence lanes

Explain the three evidence lanes and compact bounds (subject_count /
subjects_truncated, mode=get / detail_level=full for full subjects, agent
facets, trajectory contracts, and root Patch Trail drill-down) across
CLAUDE.md, the engineering-memory book, the MCP tool docs, both skill
manifests, and the engineering_memory help topic.

* test: add CI coverage-uplift tests

* feat(core): add literal-free SQL fingerprint normalizer (29.DB Track B)

Pure helper: reduce a SQL statement to its normalized shape (string/number
literals -> ?, collapsed IN/VALUES placeholder lists), a table hint, and a
kind. Idempotent on its own output, so a persisted fingerprint re-parses for
table_hint/kind without storing them. Not wired into the trace sink yet.

* feat(core): capture per-span SQL query fingerprints (29.DB Track B)

record_db_query now also derives the literal-free shape of each statement, and
SpanHandle flushes the top-8 shapes into a new platform_spans.db_fingerprints
column. The cockpit can then decompose a span's query total into named shapes
('1200x SELECT evidence by memory_id') instead of a bare count. An additive
ALTER-COLUMN migration keeps older stores readable; db_writes semantics (via
_classify_sql, incl. REPLACE) are unchanged.

* feat(html): surface DB query shapes in the cockpit (29.DB Track B.3)

Aggregate the persisted per-span db_fingerprints into a DbFingerprintRow
read-model (reader._db_fingerprints; table_hint re-derived from the stored
shape) and render a 'DB query shapes' section in the HTML cockpit. A span's
query total now decomposes into named statement shapes ranked by count, so an
N+1 reads as '1200x SELECT evidence by memory_id' — concrete to batch and fix.

* feat(html): interpret DB query shapes in the cockpit (29.DB)

describe_fingerprint() parses a normalized fingerprint into kind/table/
where_columns and a one-line predicate summary ('count by repo_root_digest,
workflow_id'). The DB query shapes table is now SPAN | TABLE | KIND | COUNT |
SHAPE — the interpreted predicate is the headline, the raw statement a bounded
secondary line — instead of an unbounded raw-SQL column that overflowed. TOTAL/MAX timing columns remain pending B.2.

* fix(html): align correlated-chains metric columns

The chains rows used a variable last grid column, so per-row meta (reason
chip / payload / rss) stole width from the flexible name column and floated
the bars and durations around as nesting changed. Give .oprow/.spanrow a
fixed 5-column grid [name | bar | dur | mem | extra] with rss in its own mem
cell and payload/reason-chip in extra, so every metric column is right-
anchored and lines up across depths. Drop the now-orphan _rss_badge + .rss/
.meta CSS.

* feat(core): add query_platform_observability slicer core (29 RFC)

A read-only, sectioned diagnostics slicer over build_trace_view/AggregatesView
(RFC specs/rfc-29-observability-query-tool). Nine bounded aggregate sections
(summary, slow_operations, memory_pipeline_cost, db_cost, agent_context,
mcp_tool_matrix, correlated_chains, costly_noops, pipeline) behind a dev-only
guard envelope, with top_diagnostics + recommended_next_sections routing,
limit clamp [1,50]->10, full->normal downgrade (requested_detail_level echoed), disabled-vs-no_store split, ignored_parameters echo. Slicer, not export API: numeric metrics only, never raw SQL/payload, never the full trace. MCP registration lands in a follow-up.

* feat(mcp): register query_platform_observability tool (29 RFC)

Expose the dev-only observability slicer over MCP: title + positioning/anti-
inference description (messages), Annotated param types, a read-only MCPSession handler delegating to observability.query, a service delegate, and the server @tool registration. Regenerate the additive tool-schema and public-API-surface contract snapshots, and extend the expected tool-name / readOnlyHint sets. Read-only, idempotent, structured output; numeric metrics only.

* docs(mcp): add observability help topic for the new tool

help(topic="observability") now surfaces query_platform_observability — its
dev-only / anti-inference framing, the nine sections, detail_level and limit bounds, and disabled/no_store behavior. Registered in _VALID_HELP_TOPICS and listed in the help tool description.

* refactor(memory): dedup get_relevant_memory payload (Track A)

One signal, one place: drop fields that duplicated semantic state already
carried by status or by a nested block — record `stale` (==status),
`draft_unverified` (==status=="draft"), the flat top-level coverage keys that
mirrored `record_coverage`, and the root `patch_trail_summary` copy of
trajectories[0]. The draft guardrail now lives once in `retrieval_policy`
(status_is_authoritative, draft_records_are_unverified). Evidence-bearing
metadata (subject_count, *_truncated, evidence_count, relations, stale_reason)
is kept.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* docs(memory): document lane semantics + fix stale patch_trail refs (Track D)

Engineering Memory retrieval returns independent signal lanes — records =
asserted knowledge, trajectories = episodic evidence, experiences = advisory
patterns, coverage = visibility metadata. Document the invariant in CLAUDE.md
and the engineering_memory help topic: scores are lane-local (never compare
relevance_score across lanes), for_path and plain (non-semantic) search are
unranked. Correct the now-stale 'root Patch Trail' references — Track A removed
the duplicated root patch_trail_summary; it rides each trajectory.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* refactor(memory): slim compact trajectory + coverage payloads (Track B)

Compact diet (decision-dense, not dedup): compact trajectory previews drop the
contract-component numbers complexity_score / scope_accuracy / duration_seconds
(full/detail only), keeping the headline quality_score + anomaly_count + tier +
outcome + patch_trail_summary + summary; labels are sorted and capped at 8.
coverage.agent_diversity is now detail-only (build_context_coverage takes
detail_level) — it is analytics, not a pre-edit signal.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* fix(memory): bootstrap observability before opening worker store (29.DB)

* fix(memory): apply query filters to semantic candidates (#1)

* fix(integrations): sync MCP surfaces with current contract

* feat(core): per-source vector top-K budgets in semantic retrieval

* docs: align documentation with current platform features

* test: expanding test coverage for new branches and reorganizing test modules

* chore(deps): update all deps

* fix(tests): mock CI gate and bootstrap span in projection job tests

* feat(core): rank-preserving RRF fusion for hybrid memory search

* feat(core): lazy FastEmbed model load with resilient embed degradation

* docs(changelog): refine the 2.1.0a1 release narrative

* fix(mcp): wrap tool handlers in a span so MCP DB-query cost is recorded

* feat(integrations): add marketplace install surfaces

* chore(docs, deps): reformat docs and refresh transitive deps

* feat(analytics): corpus analytics slice 1 (intent lane), shared embedding cache

* feat(core): retrieval telemetry counters + record_counter span primitive

* refactor(core): batch trajectory hydration to fix experience.distill N+1

* refactor(core): batch semantic.reindex sources to fix N+1

* feat(analytics): corpus clustering inspectability (sweep, diagnostics, noise) + integrity

* feat(memory): schema 1.7 flush_claimed_by column + projection coalesce config knobs

* fix(tests): align MemoryIndexSource mock with batch subject loader

* refactor(tests): dissolve test_memory_coverage_gaps into taxonomy-aligned modules

* feat(memory): delayed single-shot projection flush worker (--not-before)

* feat(memory): coalesce sub-threshold projection rebuilds via delayed-flush spawn guard

* feat(analytics): add corpus report interpretability

* feat(analytics): add profile control plane with manifests, suitability, and ranked sweeps

* feat(observability): semantic rebuild spans, peak RSS 1.1, cockpit fixes

* feat(memory): length-aware semantic embed batching and lane probe

* refactor(memory): reuse budget token estimator for semantic planning

* feat(memory): add trajectory multi-vector chunking for semantic index v2

* feat(mcp): track run workspace drift

* docs(memory): align semantic v2 chunking docs with probe and search contract

* feat(mcp): add implementation context surface

* feat(mcp): bind context to active intent

* feat(mcp): resolve context symbols

* feat(mcp): complete implementation context v1

* feat(cache): store function relationship facts

* feat(core): resolve cross-module call and reference relationships

* feat(core): resolve intra-module and self/cls relationship edges

* feat(core): aggregate cross-file relationship facts onto the run record

* perf(tests): track sqlite connections instead of per-test gc sweep

* feat(mcp): project call context from run-record relationship facts

* feat(mcp): enable contract mode in implementation context

* feat(mcp): polish get_implementation_context symbol scope and facets

* feat(plugins): add codeclone-implementation-context skill

* feat(skills): synchronized skills

* fix(memory): make persist_batch atomic (audit H1)

* fix(audit): count swallowed best-effort failures (audit M9+M10)

* fix(mcp): compact subject_not_found in get_implementation_context

* feat(mcp): expose raw module imports off-report (track 2 step 1)

* feat(mcp): add graph search via get_implementation_context query param

* docs: align site and agent playbooks with current contracts

* fix(memory): align IDE stale-reject with reject_record

* fix(memory): tolerate corrupt payload_json on read

* docs(skills): sync all plugins to one strict 8-skill set + gate→findings bridge

* chore(tests): extend tests coverage

* chore(deps): update direct and transitive project deps

* fix(test): isolate fastembed import_module mock in foundation test

* chore(vscode): require VS Code 1.120 and bump @types/vscode

* fix(claude-desktop): sync manifest with get_implementation_context MCP tool

* docs: align site and agent playbooks with current contracts

* test(memory): include contracts path in init batch repo smoke registry

* feat(core): drop OSS intent-registry retention cap (default 14, configurable) + honest editions page