Realign fermata around redaction (PostToolUse) as the primary security
layer, with access control (PreToolUse) as supplementary write/bash
protection. Remove botignore.toml — policy rules now live in .botsecrets
[policy] section. Add fermata.toml as an alias for .botsecrets.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Walk-up: .botignore no longer stops the search but is remembered as a
fallback when no strong marker (.git, botignore.toml, .botignore.toml)
is found — prevents fail-open regression for projects without .git
- Extract inline SVGs to policy-layers.svg and architecture.svg
- READMEs reference SVGs via <img> tags
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Only .git, botignore.toml, and .botignore.toml define project boundaries.
A bare .botignore is a policy file, not a root marker.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Move all 29 workspace members from packages/<name>/ to crates/<name>/.
Updates: workspace Cargo.toml (members + path deps), justfile, root
CLAUDE.md, scripts/build/CARGO_INSTALL.md, docs/architecture/crates.md
(renamed from packages.md), structural references in docs/architecture
and docs/configuration, per-crate CLAUDE.md self-references. Historical
plans, reports, and building/ docs are left untouched.
No behavior change; just check-all stays green and fermata tests pass.
g4borg