AgentLint 1.1.13

Hotfix: revert v1.1.12 F003 (the branch-protection.yml realignment that re-added CodeQL + check-test-pairing). The v1.1.12 release.yml run timed out at attempt 20/20 with Still missing: CodeQL check-test-pairing, confirming the rationale for re-adding them was wrong.

Key insight (worth reading):

• CodeQL is a workflow name. The check-runs API returns job names. The CodeQL workflow's only job is analyze — that's what lands as a check-run on every commit. Listing CodeQL in contexts: made it perpetually missing.
• check-test-pairing runs only on pull_request events. Squash-merge to main produces a new commit; PR-only workflows never re-run on that commit. Parent-SHA fallback (added in v1.1.8 PR #213) covers squash-merges that didn't fire push:main; it does NOT make PR-only check-runs retroactively appear on main commits.

v1.1.8's path (drop both from branch-protection.yml, accept the drift between YAML and live main protection) was correct. v1.1.13 restores it. No other v1.1.12 changes are reverted — F002 (release.yml fail-closed + branch-protection.yml template + setup wiring), F004 (check-template-sync drift guard), F005 (--ignore-scripts default), F006 (behavioral subprocess test), F008 (e2b skipped-scenario logging) all stay. F002's release.yml gate continues to work because the YAML's contexts list is once again only contexts the gate can actually satisfy.

Internal

• .github/branch-protection.yml contexts: revert to the 13-entry list from v1.1.8. Comment block updated to explain why CodeQL + check-test-pairing must NOT be re-added.
• tests/test-registry-consistency.js canonical-required-checks list synced.

AgentLint 1.1.11

Post-release P0 from the same 6-agent production audit that produced v1.1.10. Two user-visible fixes plus a regression guard so the underlying drift class can't reach users again.

You can now…

• Run npm install -g agentlint-ai without it writing to ~/.claude/ — postinstall.js now detects the npm postinstall lifecycle event (process.env.npm_lifecycle_event === "postinstall") and exits with a one-line hint pointing at npx agentlint-ai install instead of silently invoking scripts/install.sh. CLI-only install on every npm path; Claude Code plugin registration is now strictly opt-in. Read-only ~/.claude/ environments (CI runners, sandboxes, enterprise locked-down setups) work without --ignore-scripts. README + INSTALL.md rewritten to describe the new contract.
• Run npx agentlint-ai install and have it actually work — the v1.1.10 CHANGELOG told users to run install for the al.md backup-on-overwrite fix, but the previous arg parser only accepted init and rejected install with a Usage banner. install is now an alias for init; both run the same Claude-Code-detect + plugin install flow. The lifecycle hint also recommends install for UX continuity.
• Trust that releases can't ship a CHANGELOG referencing a non-existent CLI command again — tests/test-surface-sync.js now parses the latest ## v... section, extracts every npx agentlint-ai <token> mention, and asserts the token is in the args[0] !== "X" accepted set parsed from postinstall.js. CI fails before publish if the drift recurs.

Internal

• postinstall.js switched the install.sh invocation from execSync(\bash "${path}"`, ...)(shell string with interpolated path) toexecFileSync("bash", [installPath], ...)(array form, no shell). Defense-in-depth: today the path is from__dirnameand contains no metacharacters, but install paths with quotes /$/ backslash / spaces can no longer be reinterpreted by the shell. The Windowsbash --versionandcommand -v claude/where claudeprobes keep usingexecSync` — those are literal-arg with no concatenation, no injection surface.

Tests added (regression pinning)

• tests/unit/test-postinstall-detection.js extended from 5 → 8 scenarios:
  • lifecycle-no-write — sets npm_lifecycle_event=postinstall + claude=ok, asserts exit 0 + stdout has agentlint CLI is on PATH + stdout does NOT contain Configuring Claude Code plugin (proves install.sh is never invoked from lifecycle).
  • install-alias-accepted — passes argv=["install"], asserts the install branch runs (proves the v1.1.10 CHANGELOG guidance now works).
  • shell-metachar-path — forces the install.sh path through path.join to contain space + $ + ', asserts the execFileSync mock receives the path verbatim (locks the F001 S3 array-form hardening).
• tests/test-surface-sync.js — new "CHANGELOG command surface matches postinstall accepted args" assertion (described above).

AgentLint 1.1.10

P1 hardening bundle from the same 6-agent production audit that produced v1.1.9. One item — the missing release.yml security gates — is the same regression class as the v1.1.9 P0 (in-tree fix landed in v1.1.8, the user-facing template was never updated), so every repo that ran agentlint setup between v1.1.8 and v1.1.10 shipped with a release.yml that bypassed main's CI contract on tag push. The other items close fail-open paths in author hygiene checks, the install script, the version resolver, and the pre-push hook.

You can now…

• Trust your generated release.yml to refuse unmerged-tag publishes — the merge-base --is-ancestor and required-CI-checks gates from v1.1.8's in-tree release.yml are now in templates/universal/release.yml. Required contexts come from .github/branch-protection.yml first, the live branch protection API second, then a graceful skip-with-warning if neither source declares any. Same retry / parent-fallback semantics as the in-tree gate.
• Trust the generated hygiene.yml author check to fail loud, not silent — the two PR author/email checks now use the explicit github.event.pull_request.base.sha and head.sha (not origin/main..HEAD), run under set -euo pipefail, and split git log from the grep filter. The previous form trailed || true on the entire pipeline, so a git log failure (missing base, shallow clone, non-main PR target) silently emptied BAD and the check passed.
• Run agentlint --version through any symlink chain on macOS / BSD — the version case now reuses _al_resolve_self (the portable mirror of scripts/lib/resolve-self.sh) instead of rolling its own readlink -f || readlink fallback that only handled one symlink hop.
• Re-run npx agentlint-ai install without losing your custom ~/.claude/commands/al.md — scripts/install.sh now runs a cmp check before the copy. Identical content is a no-op; different content is moved to al.md.bak.<epoch> (with a log line announcing the backup) before the new template lands; a backup-mv failure aborts the overwrite rather than risk data loss.
• Push from a behind-main branch and get a clear error instead of a silent rebase — templates/hooks/_shared-push.sh no longer fetches and rebases inside the hook. It runs git merge-base --is-ancestor origin/main HEAD; if the branch is behind, the push is refused with a one-line instruction. Updating the branch is now a user decision, not a hook side effect.
• Get an AgentLint GitHub Action snippet that doesn't break green builds on day one — INSTALL.md's copy-paste workflow no longer ships with fail-below: 80. Setting that threshold before knowing your project's natural score turned every existing repo's first scan red. The snippet still scans every PR and reports score; fail-below is now inline guidance for after the user has a baseline.

Tests added (regression pinning)

• tests/test-setup-workflow-local-actions.sh extended with test_setup_locks_security_critical_workflow_content. Asserts that release.yml contains merge-base --is-ancestor and check-runs, that hygiene.yml references the PR base SHA, runs under set -euo pipefail, and does NOT contain origin/main..HEAD. Closes the broader regression class of "in-tree fix landed, template forgotten."
• tests/test-install-al-backup.sh (new, wired into test:core). Three sandboxed scenarios with a stub claude CLI: clobber backs up the original, identical content does not churn, fresh HOME installs cleanly with no stray .bak.

AgentLint 1.1.9

P0 hotfix for v1.1.8: agentlint setup generated a hygiene.yml that referenced ./.github/actions/ensure-base-commit, but the composite action itself was never published as a setup template. New repos shipped with a broken local-action reference and CI failed on the first PR.

You can now…

• Run agentlint setup --workflows-only and get a CI workflow that actually starts — the ensure-base-commit composite action is now published under templates/workflows/actions/ensure-base-commit/action.yml, so scripts/setup.sh emits it alongside hygiene.yml instead of leaving a dangling uses: ./... reference.

Tests added (regression pinning)

• tests/test-setup-workflow-local-actions.sh — wired into npm run test:core. Walks every uses: ./<path> reference in the generated workflows and fails if the target action is missing; an extra targeted assertion locks in the exact ensure-base-commit path so a future template refactor cannot regress it silently.

AgentLint 1.1.8

Deferred-P0 follow-up bundle. Closes the 5 P0 blockers from docs/p0-production-blocker-scan-2026-04-25.md that Round 1 (v1.1.6 / v1.1.7) deferred, all reproduced against the 1.1.7 tarball.

You can now…

• Install agentlint-ai on BSD / macOS without GNU coreutils — the global CLI's symlink resolver no longer relies on readlink -f. New portable _al_resolve_self walks symlink chains via POSIX readlink, resolves relative targets against the symlink's containing directory (not the caller's cwd), and canonicalizes via cd + pwd -P. Mirrored inline in scripts/agentlint.sh and src/scanner.sh; canonical reference in scripts/lib/resolve-self.sh with regression test tests/test-resolve-self.sh. (P0-5)
• Run /al without short project names absorbing unrelated sessions — src/session-analyzer.js no longer substring-matches encoded session names against project aliases. matchProjectFromCatalog now requires either realpath equality on the decoded session path or exact-equality on the sanitized alias (no .includes() fallback). Sessions with no project match are dropped by default; the new --include-unmatched flag opts back in. Even with --include-unmatched --include-raw-snippets, unmatched sessions stay redacted. (P0-8)
• Trust agentlint setup not to silently disable existing hooks — when a repo already has core.hooksPath set (organisation-level hooks) or executable .git/hooks/pre-commit, setup now fails closed and tells the user to pass --force (or merge their hook chain manually). The check uses git rev-parse --git-dir so it covers worktrees and submodules where .git is a file. (P0-3-followup)
• Run agentlint check in a TTY without piped input and get Usage instead of a hang — src/reporter.js checks require('node:tty').isatty(0) before the blocking fs.readFileSync(0) and exits 1 with Usage when no input is piped. (Initially used process.stdin.isTTY, but accessing process.stdin instantiates Node's Readable wrapper around FD 0 and breaks the pipeline path with EAGAIN; tty.isatty is a pure ioctl check with no side effects.) Pipeline use (scorer | reporter) is preserved. (P0-7)
• Trust that v* tags can only release from main — release.yml now (a) refuses to publish unless the tag SHA is an ancestor of origin/main, (b) verifies every required CI check from branch-protection.yml reported success on that SHA before npm publish, and (c) ships under a new repo ruleset tag-protection-v (target=tag, enforcement=active, refs/tags/v*, blocks non_fast_forward + deletion). Apply once via bash scripts/setup-tag-protection.sh --apply. (P0-2-tag)

Internal

• bump-version.sh:139 no longer drops 24 lines from docs/content/contributing.md — the "Branch protection" section is now in both root CONTRIBUTING.md and docs/content/contributing.md, so the GitBook source-of-truth cp is a no-op (release blocker prerequisite for this bump itself).
• Audit doc docs/p0-production-blocker-scan-2026-04-25.md published to main with Round 2 verification marks for P0-5 and P0-8 (precise line numbers), a new sub-section P0-2-tag, and a new P0-3-followup section documenting the v1.1.6 regression.

Tests added (regression pinning)

• tests/test-resolve-self.sh — BSD-readlink stub fixture + 5 cases (non-symlink, absolute symlink, relative symlink in npm-bin shape, chained symlink, negative control).
• tests/test-session-cross-project.js — end-to-end fixture proving an unmatched session named -tmp-other-application-app never leaks into project app even with --include-unmatched --include-raw-snippets together.
• tests/test-setup-hook-fail-closed.sh — 3 fixtures (existing core.hooksPath, existing executable .git/hooks/pre-commit, --force override path).
• tests/test-reporter-tty-noinput.sh — node wrapper overrides process.stdin.isTTY=true, perl alarm 8s watchdog catches the hang regression.
• tests/test-release-yaml-gates.sh — static-shape test asserting tag-protection.yml + release.yml gate ordering.
• Hygiene: tests/test-registry-consistency.js updated to grep for the new portable resolver pattern instead of the broken readlink -f it was hard-coded to.

AgentLint 1.1.7

GitHub Copilot Code Review follow-up — three doc/comment fixes Copilot flagged on PR #196 that landed merged but unaddressed.

You can now…

• Read setup.sh's usage line and see all three supported languages — --lang <ts|python|node> instead of <ts|python>. The runtime validator already accepted node; the comment now matches.
• Get correct path pointers from committer error messages — pointers no longer reference configs/commitlint.config.cjs / configs/node/.gitignore / configs/ts/.gitignore (template-only paths that don't exist after agentlint setup writes them to repo root). Errors now route users to the actual downstream files.
• See the full enforcement story in templates/configs/ship-boundary.md — the bullet covers both husky (TS / Node) and pre-commit (Python) paths instead of claiming .husky/pre-commit for everything.

No code-behavior change; doc/comment corrections only.

AgentLint 1.1.6

Production blocker fix bundle — 5 of 9 P0 items from docs/p0-production-blocker-scan-2026-04-25.md plus the version bump itself. Closes the gaps that broke the canonical install + setup paths after the PR1–PR5 hygiene cleanup.

You can now…

• Trust agentlint setup actually installs husky hooks — templates/hooks/husky/{pre-commit,pre-push,commit-msg} now exist as real shell files. Setup fails loud (die) when zero hooks would be copied, instead of silently writing core.hooksPath=.husky with an empty .husky/ directory. The audit found this had been broken since v0.9.0 absorbed VibeKit. (P0-3)
• Copy-paste the INSTALL.md GitHub Action snippet and have it work — the snippet now includes actions/checkout@v4, surrounding name/on/permissions/jobs boilerplate, and an inline note explaining why checkout is required. (P0-4)
• Trust the INSTALL.md verify commands — agentlint check --help (which exited 1 with "scanner produced no output") is replaced with agentlint help. Both agentlint --version and agentlint help now exit 0 on a fresh global install. (P0-6)
• See the ~/.claude/ side effect up front — INSTALL.md now opens with a "Side effects" section and README links to it inline, instead of burying --ignore-scripts deep in failure modes. (P0-9)
• Run agentlint check, fix, and setup from agentlint-ai@1.1.6 — published from the bumped commit, with the v1 moving major tag fast-forwarded by release.yml. (P0-1)

Tests added (regression pinning)

• INSTALL.md Verify section uses commands that actually exit 0
• public docs GitHub Action snippets include actions/checkout
• INSTALL.md Side effects section is present and lists ~/.claude + --ignore-scripts
• tests/test-husky-hooks.sh — positive + negative path on setup --no-install
• tests/e2b/scenarios/install/run.sh setup-ts now asserts .husky/{pre-commit,pre-push,commit-msg} exist + executable + core.hooksPath is .husky (accepting husky-9 .husky/_)

Deferred (tracked for v1.1.7+)

• P0-2 remote main branch protection enforces declared required checks (GitHub UI/API config drift; decoupled from package release).
• P0-5 portable symlink resolver in scripts/agentlint.sh and src/scanner.sh (current readlink -f fallback chain breaks on environments without GNU readlink).
• P0-7 node src/reporter.js no-stdin TTY hang.
• P0-8 /al session-analyzer cross-attribution tightening.

AgentLint 1.1.5

Hardening release — 24 fixes from a second deep audit. Closes the
production-readiness gaps left after v1.1.4: write transactionality,
release idempotency, scorer fail-loud on partial corruption, doctor
binary smoke-tests, doc copy-pasteability.

You can now…

• Trust setup is transactional — if any write in the install fails
  partway, prior writes roll back. No half-installed state. (#188 P0-4)
• Trust fixer is transactional across multiple items — same
  rollback semantics. (#188 P1-4)
• Trust agentlint doctor to detect a binary that's on PATH but
  broken (corrupted install, wrong arch, missing shared lib). Was:
  trusted PATH presence. Now: requires version command exit 0 + output.
  (#191 P0-5)
• Re-push a release tag idempotently — if the npm version is
  already published or the GH release exists, the workflow prints a
  clear notice and either skips or edits, instead of crashing. (#189
  P1-5)
• Run setup from a subdir and have it install at the git
  top-level (was: arbitrary subdir). Override via --project-dir. (#188 P2-7)
• Copy-paste the docs GitHub Action quickstart verbatim and have
  it produce a passing CI on a fresh repo. (#190 P0-6)
• Verify branch protection matches the declared YAML via
  scripts/setup-branch-protection.sh --verify. (#190 P1-7)
• Uninstall agentlint cleanly following INSTALL.md's Uninstall
  section (npm + Claude plugin + command file + run data + setup
  files). (#190 P2-8)

Fixed — scanner / scorer / session (batch A, #187)

• P0-1 ShellCheck SC2327/SC2328 in scanner.sh malformed-settings
  helper (regression from v1.1.4 batch1 P0-5).
• P0-2 scorer.js exits 1 on partial malformed JSONL with
  malformed JSONL at line(s): N stderr. Was: silent pass + corrupt
  output for any line after the first malformed one.
• P0-3 Session unmatched sessions stay project: null +
  project_path: null instead of borrowing identity from a matched
  catalog entry.
• P0-5 (scanner side) Git smoke check before git-dependent ops.
• P1-1 Reject empty --projects-root= value (was: silent fallback
  to $HOME/Projects).
• P2-4 W8 uses jq instead of python3 for package.json
  parsing. Reduces optional dependency.
• P2-5 NUL-safe project discovery for paths with newlines or
  special chars.

Fixed — setup / fixer (batch B, #188)

• P0-4 Transactional setup writes — manifest collected first,
  atomic apply, rollback on any mid-stream failure.
• P1-4 Fixer per-run transaction tracking + rollback if any
  selected item fails.
• P2-1 Portable path canonicalisation (pwd -P + dirname/
  basename instead of readlink -f which is BSD/macOS-fragile).
• P2-7 Setup defaults to git rev-parse --show-toplevel when
  invoked from a subdir; --project-dir for explicit override.

Fixed — reporter / action / release (batch C, #189)

• P1-2 SARIF URI uses the actual scanned entry file (CLAUDE.md
  vs AGENTS.md) per-repo.
• P1-5 release.yml idempotent on retag — skip immutable npm
  versions with clear notice, edit existing GH release instead of
  crashing.
• P1-6 SARIF upload no longer soft-fails (continue-on-error
  removed).
• P2-2 Action annotations no longer wrapped in || true.
• P2-3 Reporter filename adds 8-char random suffix to HHMMSS so
  sub-second concurrent runs don't collide.

Fixed — docs / al / install (batch D, #190)

• P0-6 docs/content/intro.md GitHub Action quickstart is now a
  complete, copy-paste-runnable workflow.
• P1-3 /al reads its persisted config (PROJECTS_ROOT, Deep,
  Session) instead of writing then ignoring it.
• P1-7 setup-branch-protection.sh adds --verify mode comparing
  live protection to .github/branch-protection.yml.
• P1-8 install.sh /al copy success printed only after mkdir + cp succeed.
• P1-9 README / INSTALL / docs language tightened — npx clearly
  labelled as non-persistent throughout.
• P2-6 commands/al.md shell quoting gaps (paths with spaces).
• P2-8 INSTALL.md gains a complete Uninstall section.

Fixed — doctor (#191)

• P0-5 (doctor side) agentlint doctor requires the version
  command to exit 0 AND emit non-empty output before declaring a
  binary OK. Broken-binary case prints ✗ with reinstall hint.

Production effect

Cumulative gates closed since v1.1.0:

• v1.1.1 — multi-project basename collision
• v1.1.2 — accuracy fail-closed
• v1.1.4 — symlink escape, /al wrong root, transactional release
• v1.1.5 — transactional setup/fixer, doctor smoke-test, release
  idempotency, scorer partial-corruption, /al config persistence

AgentLint 1.1.4

Production-quality release — 23 fixes from a deep five-agent audit.
Subsumes the never-tagged v1.1.3 (merged into main but never published).

You can now…

• Trust accuracy CI to fail closed on coverage gaps. Empty scanner
  output, naming drift, missing labels — all fail loud now instead of
  silently passing. (#182, #183, #184)
• Run agentlint setup --lang ts . without cp: no such file after
  npm install -g. Language gitignore templates now ship in the npm
  tarball (npm strips dotfiles, so source files are now gitignore
  without leading dot, copied to .gitignore at destination). (#182)
• Trust agentlint fix exit codes when called from CI scripts —
  non-zero on any failed item. (already in v1.1.1, hardened here)
• Trust the GitHub Action's --fail-below gate — empty value is
  rejected instead of silently treated as 0. (#184)
• See multi-project SARIF results with project identity — URIs now
  carry project_path so reviewers can tell which repo a finding
  belongs to. (#184)
• Backup of overwritten files — setup.sh writes
  <file>.al-backup-<timestamp> before overwriting differing user
  content. Mirrors the fixer's existing backup pattern. (#185)

Fixed — safety / data correctness

• P0-2 Symlink escape — setup.sh + fixer.js use realpath() to
  enforce writes inside $PROJECT_ROOT. Symlinks pointing outside are
  refused with a clear error. (#185)
• P0-3 /al wrong project root — Project selection canonicalises
  to real path + verifies the directory is a git repo before invoking
  fixer. Ambiguous candidates surface for the user instead of silent
  pick. (#185)
• P0-5 Malformed settings.json full-credit — scanner.sh H1-H6
  now emit score: 0 with a clear detail when .claude/settings.json
  is unparseable JSON. (#183)
• P1-5 fixer git validation strict — Requires .git/HEAD as a
  regular file, validates the project is inside the working tree, and
  refuses dirty trees by default (opt-out: --force-dirty). (#185)
• P1-12 SS3 same-basename collision — session-analyzer.js
buildS3Findings keys by project_path not basename. Mirrors
  SS1/SS2/SS4 fixes from #168/#179. (#183)

Fixed — CI / quality gates

• P0-4 Empty --fail-below= — reporter.js rejects empty value
  instead of coercing to 0. action.yml input also validated. (#184)
• P0-6 Branch protection canonical set —
  .github/branch-protection.yml declares required checks;
  scripts/setup-branch-protection.sh applies them via gh api. CI
  exposes stable npm-e2e + Semgrep check contexts. (#184)
• P0-7 Release workflow npm-first — release.yml publishes npm
  BEFORE creating GitHub release. Failed npm publish no longer leaves
  orphan GH release. (#184)
• P1-8 Scorer empty/malformed input fails loud — scorer.js
  exits 1 with stderr error on zero valid records. Was: silent 0/100
  indistinguishable from a clean repo. (#183)
• P1-9 SARIF preserves project identity — Multi-project URIs
  encode project_path. (#184)
• P1-10 Release version validation complete — release.yml
  validates tag matches all 4 version-carrying files (package.json +
  plugin.json + marketplace.json + release-metadata.json). (#184)
• P1 (#182) Accuracy compare 0-match guard — compare-results.js
  exits 1 when matchedRepos < 90% of labeledRepos OR any core check
  has total=0 after matching. (#182)

Fixed — setup / install / UX

• P1-1 setup.sh overwrites user files — Backup-before-overwrite
  for any differing content. (#185)
• P1-2 npx init not persistent — Banner + README + INSTALL.md
  clarify the npx flow does not install a persistent CLI. (#185)
• P1-3 Plugin install failure silent — install.sh distinguishes
  ✓ npm CLI installed from ⚠ Claude plugin install failed instead
  of one ambiguous OK. (#185)
• P1-6 setup.sh auto-init non-git — Refuses non-git directory
  by default; opt-in via --init-git. (#185)
• P1-7 Default auto-push workflow — autofix.yml workflow is now
  opt-in via --with-auto-push (was: default-installed). (#185)
• P1-13 Deep flow not fully executable — commands/al.md Deep
  section rewritten with concrete per-project + per-check filenames
  and conversion steps. (#185)
• agentlint fix without check id fails fast — already in
  v1.1.1; doc + postinstall examples updated to match. (#182)
• Reporter HTML/MD filename collision — Reports now include
  HHMMSS suffix (al-2026-04-25-153022.html). Two runs same day no
  longer overwrite. (#182)
• package.json repository.url — Now git+https://...git per
  npm canonical form. (#182)

Fixed — plan / session

• P1-11 Session findings appear in plan — plan-generator.js
  retains session findings as plan items including fix_type: null
  informational entries. Was: silently dropped despite affecting
  score. (#183)

Removed

• v1.1.3 was never tagged or npm-published. Its diff was merged to
  main (commit e419268) and is folded into v1.1.4.

Production effect

Any future PR that:

• Adds a core check without labels → CI fails (#182)
• Has scanner output that fails to match labels → CI fails (#182)
• Has setup --protect (removed in v1.1.1) → CLI rejects (#176)
• Tries to write outside $PROJECT_ROOT via symlink → setup/fixer
  refuses (#185)
• Tries to publish a release where tag mismatches any version file
  → release.yml fails (#184)

These were all silent-pass paths in v1.1.1 and earlier.

AgentLint 1.1.2

Patch release closing the two known follow-ups from v1.1.1.

You can now…

• Trust the accuracy CI gate to fail closed on missing labels. Any
  core check with 0 labeled repos in labels-full.jsonl now exits 1
  instead of silently passing. Override per-check with
  ACCURACY_ALLOW_MISSING=<csv> for legitimately unmeasurable checks.
  (#180, closes #177)

Fixed

• SS4 (Missing rule suggestions) now attributes per-project instead
  of hardcoding project: 'global'. Multi-project session runs no longer
  produce a phantom byProject['global'] bucket alongside real repository
  buckets. Mirrors the SS1/SS2 fix from #168. (#179, closes #178)
• 18 previously unlabeled core checks now have deterministic labels:
  C6, F8, F9, H1–H8, I8, S9, W7–W11. labels-full.jsonl rows now carry
  51 label keys (33 → 51), all 4533 rows preserved. New
  tests/accuracy/_merge-labels.js is the canonical merger for future
  label additions. (#180)
• S9 (no personal email in git history) explicitly marked na for
  the corpus snapshot (no .git/ available); allow-listed in
  accuracy.yml via ACCURACY_ALLOW_MISSING=S9. (#180)

Production effect

Future PRs adding a core check without labels will fail CI loudly. The
silent-skip path that allowed v1.1.0–v1.1.1 to ship 18 unmeasured checks
is closed.