v2.6.0 — viewer-v2, rich rules, deep-scan skill, telemetry

First npm release since 2.5.3 — an 89-commit catch-up. Highlights:

Added

• Unified local viewer — /archie-viewer now runs the same React UI as the hosted share viewer. Blueprint + Files tabs, per-folder CLAUDE.md browser, click-to-view generated-files tree, an inline rule-management dashboard, and a "Fix this" button that generates agent-agnostic fix prompts for findings & pitfalls.
• Anonymous, opt-in usage telemetry + npm update checks — config.py, telemetry_sync.py, update_check.py, analytics.py. Consent is asked in-session by the slash commands (via a shared _shared/telemetry-consent.md fragment), not by the npx install — so CI / pipe / agent installs can't silently skip it. Three tiers: community / anonymous / off.
• /archie-deep-scan is now a modular skill — a SKILL.md router plus self-contained per-step files and fragments. The long pipeline survives /compact and resumes mid-run (--continue, --from N).
• Rich rules pipeline — rules carry inline severity_class / why / example / forced_by-enables-alternative; the rule synthesizer is the single producer of the unified shape; rule_index.py pre-computes a hot-path enforcement index.
• ARCHIE_TELEMETRY_ENDPOINT env override so test runs can't hit production.

Changed

• AGENTS.md is now the canonical agent context; CLAUDE.md is a thin pointer to it. .claude/rules/ topic files plus a browsable enforcement/ directory.
• Installer hardening — Node 18+ preflight, rejects unknown flags + --help, builds the local viewer at install time (cached by version).
• README + ARCHITECTURE.md fully resynced with the current architecture.

Fixed

• JUST_UPGRADED no longer prints "X → X" (installer overwrote the version marker before mark-upgraded re-read it).
• /archie-scan telemetry runs are now actually uploaded — the legacy telemetry.py path never fired the sync.
• config.py should-prompt answers via a stdout token, so a crash can't masquerade as "already prompted".
• Non-interactive installs surface a clear notice instead of silently skipping telemetry consent.
• Deep-scan Phase 0 scope + Intent Layer prompts are mandatory decision gates, not skippable clarifying questions.
• A degenerate from == to upgrade marker is dropped instead of emitted.

Full changelog: v2.5.3...v2.6.0

v2.5.3

What's new

Features

• feat(landing): v2 — 5-frame deck with live blueprint embed (#60)
• feat(blueprint): pattern preconditions — applicable_when, do_not_apply_when, scope (#61)
  • Blueprint schema gains code-grounded preconditions across implementation_guidelines, communication.patterns, and quick_reference.pattern_selection
  • Wave 1 / Wave 2 prompts ask for preconditions across any paradigm (schema annotation, type signature, lifecycle state, ownership rule, structural contract)
  • Wave 2 §11 reads existing per-folder CLAUDE.md anti-pattern sections and folds maintainer guardrails back into blueprint do_not_apply_when (compound learning)
  • New intent_layer.py inject-scoped subcommand: projects scoped blueprint patterns into the component-root CLAUDE.md between archie:scoped-* markers (idempotent re-runs, scope-shrink clears stale blocks, AI section preserved)
  • /archie-deep-scan Step 7 runs it after merge

Install

npx @bitraptors/archie /path/to/project

v2.5.2

Bug fixes

/archie-scan Phase 4 trend analysis (#58)

The trend-analysis step was asking the agent to write inline Python against .archie/health_history.json. Worked when history was wrapped ({runs: [...]}), crashed with 'list' object has no attribute 'get' when it was a flat list — which is the actual on-disk shape after a fresh scan.

Fix: dedicated python3 .archie/measure_health.py --compare-history command that handles flat list, {history: [...]}, and {runs: [...]} shapes uniformly, prints arrow summary to stderr, JSON to stdout. The slash command now calls this instead of improvising inline parsing.

/archie-share "0 Semantic reimplementations" (#59)

Two upstream sources produce semantic-duplication findings:

• /archie-scan Agent C → .archie/semantic_duplications.json
• /archie-deep-scan deep-drift agent → .archie/drift_report.json deep_findings[*] tagged type="semantic_duplication"

upload.py only read the first one. Projects whose dups came from deep-drift shipped a bundle with no semantic_duplications field at all, the share viewer fell through to the prose heuristic, and landed on 0.

Fix: bundle now merges both sources, accepts the legacy tags array shape, and preserves the structured-zero signal when both files are present-but-empty (so the cover never silently falls through to a prose-regex count).

Verification

420/423 tests pass (3 pre-existing failures unrelated). Verified end-to-end against openmeter (4 deep-drift dups now visible on the share cover).

🤖 Generated with Claude Code

v2.5.1 — Unified CLAUDE.md / AGENTS.md + browsable enforcement.md

Unified agent guidance + browsable enforcement rules

CLAUDE.md and AGENTS.md were two separate render paths producing different content shapes — lean ~120 lines for CLAUDE.md, comprehensive 12-section for AGENTS.md. Two prompts, two surfaces where drift could happen, ~425 lines of duplicated render logic.

This release unifies them into a single lean root that deep-links to topic files. AGENTS.md becomes byte-identical to CLAUDE.md aside from the H1, written under the vendor-neutral name so multi-agent setups (Cursor, Codex, Aider, Continue) find it. Single source of truth at the generator level — drift impossible by construction.

Lean root content

CLAUDE.md / AGENTS.md now carry: header + executive summary + decision-chain top + top-3 trade-offs + deployment + architecture diagram + workspace topology + a curated essentials slice of run commands + deep links + enforcement-rules pointer + per-folder context note. ~119 lines on real-world projects (down from 183 pre-Commands-split).

Topic files

File	Content
architecture.md	Components, file placement, naming conventions
patterns.md	Communication, integrations, decision chain (recursive, with violation_keywords), key decisions, trade-offs (with violation_signals), out-of-scope
technology.md	Tech stack, project structure, full run commands catalog, code templates, testing
guidelines.md	Implementation guidelines per capability
pitfalls.md	Documented traps with evidence + fix direction
dev-rules.md	development_rules only (coding-time imperatives)
infrastructure.md	infrastructure_rules (CI / signing / distribution / secrets / env / registry / git)
enforcement.md	NEW: every rule from rules.json + platform_rules.json, grouped by severity_class, with inline description + why + example + path_glob + collapsible code_shape trigger details
frontend.md	UI architecture, state, routing (conditional)

Lean root Commands curation

The lean root only surfaces the essential subset (build / test / lint / fmt / run / serve / start / dev / up) using a keyword-scored selector that prefers exact matches and shorter names. Full catalog lives in technology.md so projects with rich Makefiles don't bloat session context. On openmeter (41 commands) the lean root shows 8; the full 41 are in technology.md.

Pipeline plumbing

• /archie-deep-scan adds a render step after Step 6 + rule_index.py build so enforcement.md actually emits via the slash command flow.
• /archie-scan adds the same render step after rule adoption + index rebuild.
• finalize.py defensively loads rules.json + platform_rules.json if present, so incremental scans pick up enforcement.md immediately.

Backward compat

• Old-shape rules (severity + rationale, no severity_class / why / example / triggers) render correctly via legacy fallback. The enforcement.md rules from a pre-2.5 blueprint bucket as mechanical_violation (legacy severity: error) or tradeoff_undermined (legacy severity: warn).
• Blueprints without infrastructure_rules render only the Development Rules section.
• Topic files are emitted only when the blueprint has the backing data; the deep-link list filters to match — no dead links.
• CLAUDE.md / AGENTS.md merge markers preserve hand-edits across re-renders (render_mergeable contract unchanged).

What was retired

• The 250-line legacy 12-section AGENTS.md generator. AGENTS.md is now a thin wrapper over the lean root.

Audit results

PR went through a full pre-merge audit:

• One real bug found (enforcement.md not emitted via slash-command flow) → fixed in commit e732b4ac1.
• Verified all external callers handle the new generate_all(bp, enforcement_rules=None) signature.
• Verified npm-package mirror parity (23 scripts, 5 commands).
• Verified hand-edit preservation via merge markers.
• 420/423 tests pass (3 pre-existing failures unrelated to this release).

Install / upgrade

npx @bitraptors/archie /path/to/project

Or upgrade an existing project by re-running the installer — it auto-cleans previous Archie files and rewrites the lean CLAUDE.md / AGENTS.md on the next /archie-deep-scan.

🤖 Generated with Claude Code

v2.5.0 — Richer rules

Richer rules: alignment loop end-to-end

Archie now lifts the architectural depth from the blueprint into the rules the coding agent actually consults at edit-, plan-, and commit-time. The "shallow rules" diagnosis from real-world projects (most rules being one-line forbid/require statements with no architectural context) is closed.

What's new

Inline rule shape. Every rule now carries severity_class (decision_violation / pitfall_triggered / tradeoff_undermined / pattern_divergence / mechanical_violation), inline why (the reasoning copy-pasted from the blueprint section that motivated it), inline example (canonical code shape), and source (provenance: deep_scan / scan / scan-amended / scan-adopted). No more pointers — the agent reads what's in the rule.

Structured edit-time triggers. New code_shape.py + rule_index.py give the pre-edit hook O(1) candidate narrowing via path_glob + regex-based code_shape matching. Trigger-only rules treat trigger-fire as the violation. Zero new dependencies — no tree-sitter.

Plan + commit-time semantic classifier. New align_check.py runs a Haiku call against the architectural rule set on every plan submit (PostToolUse ExitPlanMode) and pre-commit. Blocks on decision_violation / pitfall_triggered. Catches intent violations before any code exists, and semantic leakage edit-time hooks structurally can't see. Falls back to advisory mode if claude CLI is unavailable. Disable via ARCHIE_DISABLE_ALIGN_CHECK=1.

development_rules / infrastructure_rules split. Wave-1's Technology agent was being told to mine config files and label the output "development rules" — resulting in shares full of CI / signing / distribution noise instead of coding guidance. Two-bucket prompt rewrite:

• development_rules — coding-time rules. Inclusion test: "would a coding agent change the file it's editing because of this rule?"
• infrastructure_rules — ops / build / onboarding. CI, distribution, signing, secrets, env_setup, dependency_registry, git.

Renderer + share viewer + local viewer all updated to render both H2 sections separately.

Symlink-resolved project root fix. macOS /var → /private/var symlink caused the pre-validate hook to silently exit 0 for any user with a symlinked project root. git rev-parse returned the realpath while tool_input.file_path stayed unresolved; comparison missed. Fixed by realpath'ing both sides. Regression test added.

Viewer / share viewer

• Local viewer (/archie-viewer) renders new-shape fields (severity_class badge, WHY block, EXAMPLE code block, Trigger details collapsible). Backward compat preserved for old-shape rules via severity + rationale fallbacks.
• Share viewer (https://archie-viewer.vercel.app) gets two new sections: Enforcement Rules (renders rules.json content from the bundle, which was always uploaded but never displayed) and Infrastructure Rules (sister to Development Rules with a teal accent). Sidebar nav and scroll-spy updated.
• /archie-share picker converted to AskUserQuestion (single-choice) for both PROFILE_EXISTS and PROFILE_MISSING flows. Matches the deep-scan UX consistently.

Backward compatibility

• Old-shape rules (no severity_class/why/example/triggers) still fire correctly — severity + rationale fallback into the new rendering, severity gating defaults to mechanical_violation for legacy severity: "error".
• Existing shares (without rules_adopted content interpreted) render unchanged in the new share viewer.
• Blueprints without infrastructure_rules render only the Development Rules section.
• After upgrading, users should re-run /archie-deep-scan to regenerate rules.json in the new shape (same upgrade path Archie has always used when blueprint structure changes).

Retired

• archie/rules/extractor.py::extract_rules() — the deep-scan slash command never called it, and its allowed_dirs lookup was stale (read allowed_dirs/directories while the blueprint produced location). Step 6's AI-synthesized rules cover placement + naming with richer semantic content. Other extractor functions (load_rules, save_rules, promote_rule, demote_rule) kept — used by archie rules CLI.

Tests

• 71 new unit tests across test_rule_shape.py, test_code_shape.py, test_rule_index.py, test_align_check.py
• Regression test for the symlink path bug
• Backward-compat test runs the new hook against real-world old-shape rules
• Full suite: 420/423 (3 pre-existing failures unrelated to this release)

Install

npx @bitraptors/archie /path/to/project

Or upgrade an existing project by re-running the installer — it auto-cleans previous Archie files.

🤖 Generated with Claude Code

v2.4.4 — stop leaking absolute project paths into committable state

What's fixed

.archie/deep_scan_state.json was silently leaking the absolute project path into the run_context.project_root field every time a deep-scan run completed. For users who commit .archie/ (several do, and we encourage it for reproducible blueprints across a team) this meant publishing machine-specific info — user home directories, internal repo layouts — into the repo.

Real example before the fix:

"run_context": {
  "project_root": "/Users/hamutarto/DEV/gbr/openmeter",
  "scope": "whole",
  ...
}

The fix

1. save-run-context no longer writes project_root. The flag is silently accepted for backward-compat with older slash-command prose, but the value is discarded.

2. Defensive scrubbing on next write. Any pre-existing project_root in the file gets removed the next time save-run-context runs. Users with legacy leaked values recover automatically on the next deep-scan step completion — no manual git checkout or file editing required.

3. Resume Prelude derives PROJECT_ROOT from $PWD directly. In the common case (slash command invoked from the repo root, which is how Claude Code is typically used) that's correct. If $PWD differs from where .archie/ lives — e.g., user invoked /archie-deep-scan --continue from a subdirectory — the state-read fails, LAST=0, and the Resume Prelude falls through to a fresh Phase 0 with no corruption.

4. Doc text made honest about the CWD assumption. It's a convention of how Claude Code is typically invoked, not a hard contract. Symlinked .archie/ directories resolve correctly because $PWD/.archie/* follows symlinks on read.

Audit

We verified this was the ONLY path leak in Archie's output files:

• blueprint.json / blueprint_raw.json — clean (false positives in earlier analysis were code comments inside example snippets)
• findings.json / rules.json / scan.json / health.json / enrich_batches.json / enrich_state.json / last_deep_scan.json — clean
• CLAUDE.md / AGENTS.md / per-folder CLAUDE.md — clean
• .claude/rules/*.md — clean
• __pycache__/*.pyc — Python bytecode, never committed, not a concern

Migration for affected users

If you've already committed a .archie/deep_scan_state.json with a leaked project_root:

npx @bitraptors/archie@latest /path/to/project
# Next `/archie-deep-scan` step completion will scrub the stale field automatically.
# Or run this one-liner to scrub immediately:
python3 .archie/intent_layer.py deep-scan-state "$PWD" save-run-context

Tests — 5 new

tests/test_intent_layer_run_context.py:

• Privacy guarantee: passing --project-root /Users/someone/... does NOT land in the file
• Non-project_root fields still round-trip correctly (scope, intent_layer, scan_mode, monorepo_type, start_step, workspaces)
• Legacy leaked values in pre-existing state get scrubbed on next write
• Backward compat: --project-root flag still accepted without error
• General leak guard: no string matching /Users/, /home/, /root/, /var/folders/, or C:\Users\ appears anywhere in the output

All 5 pass. Full regression suite (70 tests) clean.

Zero regression

• Users who never committed .archie/ are unaffected
• Users who committed .archie/ but didn't run deep-scan-state save-run-context explicitly get the auto-scrub on their next step completion
• Backward compat for any external tooling that was passing --project-root (silently accepted + discarded)

Upgrade

npx @bitraptors/archie@latest /path/to/project

v2.4.3 — intent-layer DAG optimization

What's fixed

On real-world Go codebases, /archie-intent-layer was failing or over-running for three reasons that compounded. This release fixes all three with zero blueprint accuracy loss.

1. suggest-batches silently dropped hundreds of folders

On a 632-folder project, the first wave returned 474 ready folders. The orchestrator tried to pass them as bash argv (suggest-batches "$PWD" $FOLDERS) — at that scale, shell word-splitting / unquoted expansion fails silently and the script received zero folders, output [], and the downstream reader crashed trying to parse it.

Fix: suggest-batches now reads a JSON array on stdin when argv is empty. Canonical pattern:

python3 .archie/intent_layer.py next-ready "$PWD" \
  | python3 .archie/intent_layer.py suggest-batches "$PWD"

No shell variables, no word-splitting, works at any folder count. The slash command prose in archie-intent-layer.md was updated to use this as the default production pattern.

2. Generated-code folders inflated the DAG

The scanner correctly tagged Ent ORM codegen (openmeter/ent/db/*), protobuf stubs, minified JS, etc. as bulk in scan.json.file_tree, but cmd_prepare wasn't reading that tag — so folders holding ONLY generated files still became enrichment targets. That meant dozens of Sonnet subagent calls trying to write CLAUDE.md for code that gets regenerated by go generate.

Fix: cmd_prepare now filters bulk-tagged files when building the DAG. Folders with at least one hand-authored file still qualify; pure-codegen folders drop out entirely.

3. Default ignore / bulk patterns missed common cases

The shipped .archieignore didn't cover CI metadata (.github/, .gitlab/, .circleci/, .grype/), agent-tool install dirs (.agents/, .cursor/), or Ent codegen. The shipped .archiebulk didn't cover Ent patterns.

Fix: expanded both default templates. Ent is the dominant Go ORM for API-driven services — catching it by default saves every future user this investigation.

Real-world validation

On a 632-folder Go codebase (openmeter):

Measure	Before	After	Change
DAG folders	632	504	−20%
Leaves	474	357	−117
Subagent calls	~60–120	~45–90	~25% fewer
Noise in subagent prompts	4.5 MB Ent codegen	0	~100% reduction

Dependency graph is preserved — Ent codegen folders still appear in scan.json.file_tree with bulk:{category, framework} tags, so imports TO ent/db continue to resolve as visible (content-skipped) nodes.

Backward compatibility

• suggest-batches still accepts argv for small test invocations
• cmd_prepare's bulk filter is a no-op for scan.json written before the bulk classifier landed (no bulk tag on any file)
• Users with hand-tuned .archieignore / .archiebulk overrides keep them; the default changes only affect new installs and the resumed files on upgrade
• Zero changes to scanner, blueprint schema, or any other code path

Tests — 11 new

• tests/test_intent_layer_suggest_batches.py (7) — stdin input, 500-folder stress test, argv backward compat, malformed input handling
• tests/test_intent_layer_bulk_filter.py (4) — pure-bulk exclusion, mixed-folder retention, sibling independence, legacy no-bulk compat

Upgrade

npx @bitraptors/archie@latest /path/to/project

Existing projects keep their customized .archieignore / .archiebulk (the installer preserves user-modified pattern files). To pick up the expanded defaults, back up your current files, delete them, and re-run the installer.

v2.4.2 — preserve user-authored CLAUDE.md + AGENTS.md

What's fixed

Archie's renderer used to overwrite CLAUDE.md and AGENTS.md unconditionally, clobbering hand-authored project guidance (testing commands, billing rules, domain-specific architecture notes). Real user report on a production project confirmed a hand-curated AGENTS.md was destroyed by a deep-scan run — the only recourse was git checkout.

This release makes the renderer preserve-safe.

How it works

Generated content is bracketed with HTML-comment markers. Anything outside the markers is preserved across regenerations.

<!-- archie:generated:start -->
<!-- Regenerated by Archie on 2026-04-24T09:30Z. Edits between the
     archie:generated markers will be overwritten; edit outside them
     to keep changes. -->

...auto-generated from blueprint...

<!-- archie:generated:end -->

Three cases handled:

• File doesn't exist → fresh wrapped block.
• File exists with markers → replace only the bracketed block. Content outside is byte-for-byte preserved.
• File exists without markers (first-time collision with hand-curated file) → append the wrapped block at the end, so the user's content stays at the top where readers look first.

Rule files under .claude/rules/ continue to overwrite — those are fully Archie-owned and users don't hand-edit them.

What you'll see

main() now prints per-file status so it's clear what happened:

CLAUDE.md: appended Archie block (user content preserved)
AGENTS.md: updated Archie block
Generated .claude/rules/architecture.md (52 lines)

Zero regression

Users who never hand-edited CLAUDE.md / AGENTS.md see no behavioral change — their files get markers added on the next regen and behave identically thereafter.

If you were affected by the overwrite

If a previous Archie run clobbered your hand-authored content:

git checkout CLAUDE.md AGENTS.md              # restore originals
npx @bitraptors/archie@latest /path/to/project  # install 2.4.2
python3 .archie/renderer.py "$PWD"             # regenerate safely

The renderer now appends the Archie block at the end of your existing files — your originals stay intact at the top.

Tests

12 new tests in test_renderer_merge.py: marker wrapping, in-place block replacement, append-preserve, malformed-marker fallback, idempotence across multiple regens, and the critical user-edits-outside-markers-survive compound case. All 12 pass.

Upgrade

npx @bitraptors/archie@latest /path/to/project

v2.4.1 — enterprise share (BYO customer bucket, zero BitRaptors storage)

Highlights

/archie-share gains enterprise mode. For teams whose InfoSec policy doesn't allow uploading architecture data to third-party infrastructure, blueprints now upload directly to the customer's own S3 bucket. BitRaptors' only role in enterprise mode is serving static JS from Vercel — no data at rest, no pointer storage, no metadata captured.

Zero regression for existing users. The default BitRaptors Supabase path is byte-for-byte unchanged — upload() logic, URL shape (/r/{token}), and bundle envelope all identical to v2.4.0. Every existing share URL continues to work.

Enterprise share — three modes at share time

1. Default — BitRaptors Supabase + Vercel viewer (existing behavior).
2. Enterprise (stored credentials) — one-time python3 .archie/share_setup.py writes ~/.archie/share-profile.json (chmod 600); subsequent shares upload directly to your S3 bucket via pure-stdlib sigv4 signing. Validated against AWS's canonical presigned-GET test vector.
3. Enterprise (paste URL) — per-share presigned PUT URL minted by your InfoSec. No credentials ever live on the dev's laptop. Cloud-agnostic (Azure SAS, GCS signed URLs, Artifactory PUT all work).

Zero-knowledge URL architecture

Enterprise share URLs look like https://archie-viewer.vercel.app/r/ext#{base64url-encoded-GET-URL}. The URL fragment (#...) is a browser-only construct — it's never transmitted to any server in HTTP requests. When a teammate opens the URL, their browser fetches the blueprint directly from your bucket. BitRaptors' Supabase is entirely out of the enterprise flow.

Agent-composed InfoSec request

New menu option in /archie-share: "Help me ask InfoSec for a bucket." The agent asks three context questions (company name, preferred bucket name, cloud provider) and composes a ready-to-paste request with CORS + IAM policy JSON inlined, adapted to AWS / Azure / GCS.

Multi-select pickers

Workspace selection (in /archie-scan, /archie-deep-scan, /archie-share per-package/hybrid) and rule adoption (/archie-scan Phase 5) now route to AskUserQuestion multi-select when the item count fits (≤ 4 items), with a comma-separated text fallback when the list is larger. Cleaner UX for small workspace counts + rule adoption.

Scope for Mode 2A

Stored-credentials mode targets AWS S3 virtual-hosted-style URLs ({bucket}.s3.{region}.amazonaws.com). S3-compatible services (Cloudflare R2, Backblaze B2, Minio, Wasabi), Azure Blob, and GCS should use Mode 2B (paste URL) since they need different DNS shapes or signing schemes. An endpoint_url override is on the roadmap for when a non-AWS prospect asks.

Docs

Customer-side setup walkthrough (CORS policy template, IAM policy template, end-to-end bucket configuration) at docs/enterprise-share-setup.md. Hand it to your InfoSec team.

Tests

35 new tests covering: SigV4 signing validated against AWS canonical vector, PUT signing structural + deterministic + payload-hash, end-to-end flow for both enterprise modes (mocked urllib), _read_share_profile edge cases, share_setup.write_profile chmod 600 verification, argparse routing, key-prefix normalization, scan-timestamp precedence in the envelope.

Permission audit

All new slash-command paths stay within the 29-entry Bash allowlist — no inline python, no basename/sed/awk/rm -rf/printf/find/cksum/xargs. Existing /archie-share invocations (no flags) take the exact same code path as before.

Upgrade

npx @bitraptors/archie@latest /path/to/project

v2.4.0 — resume any interrupted scan

Highlights

/archie-deep-scan and /archie-intent-layer now survive any interruption — /compact, Esc, crashed tab, network blip — and resume exactly where they left off. Zero permission prompts mid-run.

Resume paths (three of them)

• --continue — explicit resume after interruption.
• --from N — restart from a specific step (useful when a single phase misbehaved).
• Bare invocation — if state exists from a prior interrupted run, the command detects it on entry and asks: Resume / Finalize / Fresh. No more accidentally wiping a 15-minute run by re-typing /archie-deep-scan.

All three paths share one resume machinery: RESUME_ACTION=resume|fresh + RESUME_INTENT=ask|continue|finalize. The Resume Prelude now honors all of them (previously gated only on the two flags, so bare-invocation resume ran with SCAN_MODE unset and fell through to fresh).

Intent Layer — finalize-partial + /tmp orphan sweep

Interrupted intent-layer runs left the repo in a half-enriched state: some folders merged, others still sitting as raw /tmp/archie_enrichment_*.json blobs. The new Finalize partial path:

1. Sweeps /tmp/archie_* for any orphan enrichments the previous run produced but never called save-enrichment on.
2. Ingests them into .archie/enrichments/.
3. Runs cmd_merge — which now skips enrichments for deleted folders instead of crashing (user restructured between runs, or orphan enrichment for a folder that never landed on disk).

Status-line labeling now reflects the actual mode (fresh/full, fresh/incremental, resume, finalize_partial) instead of always saying "full regeneration".

Permission audit — zero mid-run prompts

Archie scans run long (15–20 min deep-scan, hours on large repos), usually unattended. Any Bash permission prompt stalls the whole pipeline. This release eliminates three prompt triggers that had slipped in:

• basename "$PROJECT_ROOT" in Resume Prelude → shell parameter expansion "${PROJECT_ROOT##*/}"
• basename + sed pipe in /tmp orphan sweep → "${tmp##*/archie_enrichment_}" + "${name%.json}"
• rm -rf "$PROJECT_ROOT/.archie/enrichments" → extended Python cmd_reset_state to wipe the directory (hits the already-allowed python3 .archie/*.py * pattern)

Tests

6 new resume-specific tests covering cmd_merge defensive handling of deleted folders, orphan enrichments, and accurate merge summary counts. Full suite 297 pass.

Upgrade

npx @bitraptors/archie@latest /path/to/project