Sweep through 23 more packages flagged by [monopam lint] for
test-stanza references not declared in opam. Each verified by
[dune build] + [dune runtest] before moving on.

- irmin add (astring :with-test)
- ocaml-atproto-oauth add (eio_main :with-test) (nox-crypto-rng :with-test)
- ocaml-auth add (alcotest :with-test) (eio :with-test) (eio_main :with-test)
- ocaml-cam add (odm :with-test)
- ocaml-cbor add (alcotest :with-test) (ohex :with-test)
- ocaml-cfdp add (nox-csv :with-test)
- ocaml-claude add (vlog :with-test)
- ocaml-collision add (alcotest :with-test) (odm :with-test) (ptime :with-test)
- ocaml-cookie add (re :with-test)
- ocaml-cop1 add (nox-csv :with-test)
- ocaml-crc add (nox-csv :with-test) (nox-memtrace :with-test)
- ocaml-dns-eio add (mdx :with-test); also fix a misplaced
paren in the depends list.
- ocaml-gauth add (nox-crypto-rng :with-test)
- ocaml-http add (alcotest :with-test) (eio_main :with-test) (nox-csv :with-test)
- ocaml-ltp add (nox-csv :with-test)
- ocaml-matter add (ohex :with-test) (ptime :with-test)
- ocaml-oauth add (eio_main :with-test) (nox-crypto-ec :with-test)
- ocaml-ocm add (alcotest :with-test) (nox-csv :with-test)
- ocaml-oem add (alcotest :with-test) (nox-csv :with-test)
- ocaml-opm add (alcotest :with-test) (nox-csv :with-test)
- ocaml-pbkdf2 add (ohex :with-test)
- ocaml-requests add (astring :with-test) (nox-csv :with-test)
- ocaml-retry add (re :with-test)

The READMEs all share the standard install/overlay snippet, but the
sh blocks lacked the "<!-- $MDX skip -->" directive. `dune test`
would shell out to `opam install` against the live switch, which
either prompts interactively or fails with a package conflict —
either way diffing as a test failure.

Bulk-add skip directives in front of every install/overlay block.
Also collapse the doubled "non-deterministic + skip" stack on three
READMEs (memtrace, ocaml-dpop, ocaml-pid1, ocaml-yaml, merlint) where
`skip` already implies the runtime is bypassed.

Renaming packages to nox-* pushed several (libraries ...) lines past
dune fmt's wrap threshold, so dune fmt now spreads them one-per-line.
No semantic changes.

Renames 35 packages to make blacksun forks distinguishable from their
opam-repository upstreams. Module names (Git.x, Tls.x, ...) stay bare;
opam package names and dune (public_name) findlib references move to
nox-X. After this commit, zero local package names overlap with
opam-repository.

Renamed:
- nox-git, nox-irmin
- nox-crypto, nox-crypto-pk, nox-crypto-rng, nox-crypto-ec
- nox-tls, nox-tls-eio, nox-tar, nox-tar-eio, nox-tty, nox-tty-eio
- nox-arp, nox-ca-certs, nox-cbor, nox-cookie, nox-crc, nox-csv
- nox-gpt, nox-hkdf, nox-http, nox-jwt, nox-kdf, nox-loc
- nox-memtrace, nox-pds, nox-sexp, nox-slack, nox-toml
- nox-websocket, nox-x509, nox-xdge, nox-yaml

Also drops orphan tar-mirage and tar-unix opam templates that had no
matching package stanza.

38 subtrees lacked a (source ...) stanza in their dune-project, so
their generated .opam files had no dev-repo: field. That broke
downstream tooling that uses dev-repo to identify the subtree
(notably the root.opam external-dep filter, which couldn't tell
internal packages from external ones).

Add (source (tangled gazagnaire.org/<subtree>)) to each, matching
the URL configured in sources.toml. dune regenerates dev-repo:,
homepage: and bug-reports: in every affected .opam.

bin/dune uses all three. Surfaced by `dune build -p matter`.

Pure formatting changes from `dune fmt`: doc comment placement moves
from above the binding to below it for `type`s, multi-line `match`
expressions collapse onto one line where they fit, and infix operator
applications pick up spaces (`Soup.($?)` -> `Soup.( $? )`). No
semantic changes.

Object combinators: [Object.mem] -> [Object.member], [Object.opt_mem]
-> [Object.opt_member], [Object.case_mem] -> [Object.case_member]. The
sibling submodules [Object.Mem] / [Object.Mems] become
[Object.Member] / [Object.Members]. RFC 8259 §4 calls these
"name/value pairs, referred to as the members", so mirror the spec
name rather than the shortened [mem].

[Object.finish] -> [Object.seal]. "Seal" reads as "close the map, no
more members added", which is what the operation does.

Value constructors/queries: [Value.mem] (function) -> [Value.member];
[Value.mem_find] -> [Value.member_key]; [Value.mem_names] ->
[Value.member_names]; [Value.mem_keys] -> [Value.member_keys].
[type mem = ...] -> [type member = ...]; [type object'] still points
at [member list].

Downstream (~80 files across slack, sbom, stripe, sigstore, requests,
claude, irmin, freebox) updated via perl-pie. dune build clean,
dune test ocaml-json clean.

Follow up to the module rename: update the remaining callers that
still referenced [Err] (library [claude.ml{,i}], [client.ml], the test
driver [test.ml]), and fix one stray [^ e] string concatenation in
hermest's CLI that needed [Json.Error.to_string e] now that
[Json.of_string] yields a structured error.

Warning 69 (unused-field, mutable-never-assigned). Four independent
record fields were flagged as mutable but the code only mutates their
referents in place, never rebinds the record slot itself:

- ocaml-wal/lib/wal.ml: [t.file] (the Eio file resource; methods call
Eio.File.pwrite_all etc., the slot is set once at open time).
- ocaml-block/lib/block.ml: [Memory.state.data] (the backing bytes,
written via Bytes.blit_string; [Bytes.t] is already mutable).
- ocaml-sse/lib/sse.ml: [Parser.t.data_buf] (a Buffer.t, written via
Buffer.add_*; the slot never changes).
- ocaml-zephyr/lib/zephyr.ml: drop [mode : Read | Write] entirely —
set at open-time, read nowhere. The open_read / open_write
constructors already distinguish the two call shapes, so mode
tracking was redundant.

Generate .opam.template files with x-quality-* fields based on
detected package features:
- x-quality-build: has lib/ with .ml files
- x-quality-test: has test/ with .ml files
- x-quality-fuzz: has fuzz/ with .ml files
- x-quality-interop: has test/interop/ directory
- x-quality-cram: has test/*.t/ directories

These fields are picked up by dune's opam generation and will be
checked by merlint E910 for consistency.

Also: add fmt dep to ocaml-sse/lib/dune (Fmt.pf used without dep).

monopam quality — scans packages for quality features, caches by
git commit hash. 166 packages: build=163, test=162, fuzz=94,
interop=39, doc=42.

Standard vocabulary based on crates.io categories, erratique/opam
conventions, and monorepo domain coverage:

Org: org:blacksun
Domain: aerospace, codec, crypto, network, storage, git, merkle
Purpose: cli, test, bench, format, log, system
Protocol: ccsds, uslp, cop1, sdls, sle, atproto, tls, http, json, binary
Cross-cutting: eio, simulation, math, compression

Tags placed in dune-project (package ...) stanzas via (tags ...).
Propagated to .opam files by dune's opam generation.

- Update .ocamlformat to 0.29.0 across all 591 files
- csvt: reuse single Buffer.t for field reads (no alloc per field)
- sexpt: Obj members decoded from stream into Dict, typed Variant GADT
- Reformat all source files for 0.29.0

- Remove unused cbor_bytes/cbor_int/cbor_text (superseded by local
helpers in check_receipt_leaf).
- monotonic_now returns Error instead of duplicate timestamp when
Ptime.add_span overflows at Ptime.max.
- verify_receipts: skip failed trusted receipts (log warning) instead
of short-circuiting. Succeed if any trusted receipt verifies.
Matches the cross-signing documentation.
- Export includes root hash; import verifies it after replay. Detects
entry reordering or truncation.

import used List.find_opt on raw map pairs, so a duplicate
"version" or "entries" key would shadow later occurrences.
Now checks for byte-equal duplicate keys before field extraction,
consistent with the receipt parser's cbor_check_unique_keys.

Ensure all 67 fuzz/dune files include gen_corpus.exe in the (alias fuzz)
rule deps for AFL corpus generation. Adds both missing runtest and fuzz
rules to ocaml-cose which had neither.

- Remove vendored crowbar/ directory
- Replace all Crowbar references with Alcobar across 176 .ml files
- Update all fuzz dune files: crowbar → alcobar in libraries
- Remove 77 gen_corpus.ml files (alcobar handles corpus internally)
- Update dune-project files: crowbar → alcobar in dependencies
- Update merlint rules (e705, e726): Crowbar → Alcobar in checks,
docs, and examples
- Update merlint generated docs (index.html)

428 files changed, ~1200 lines removed net.

Remove genuinely stale deps (merlin, duration, digestif, eio_main,
dune-configurator, printbox, printbox-text, tls-eio, ocamlformat,
bytesrw-eio) and add missing library declarations to dune files
(eio+logs in ocaml-oci/src, logs in ocaml-git/lib+bin).

Keep js_of_ocaml in space-ground (needed for modes js) and add it
to implicit_deps in lint since it's a compiler, not a library.

Adds 108 missing dependency declarations across 52 packages.
Most common missing dep was fmt (38 packages), followed by wire,
eio, and bytesrw. Also improves lint output with tty tables and
better subtree filtering display.

Rename make_superblock → superblock, make_inode_buf → inode_buf,
make_image → image, make_key → key in squashfs and streaming-aead.

Add doc comments for fuzz suite values and squashfs extended codec
values.

Standardize fuzz and test conventions across 30+ packages:

- E715/E718: Add fuzz.ml runners referencing Fuzz_*.suite instead of
calling Fuzz_*.run() directly; update dune files accordingly
- E725: Fix fuzz_paseto suite name from "crowbar" to "paseto"
- E600: Create .mli interfaces for test modules (test_firmware,
test_remoteproc, test_pbkdf2, test_paseto) with single-group suites
- E605: Add missing test files (test_skills, test_monitor, test_openamp,
test_xrpc_server) with proper module extraction from inline test.ml
- E415: Add pp pretty-printer to xrpc_server type t
- E405: Add doc comment for pp_sync_action in skills.mli
- E205: Replace Printf with Fmt in fuzz_paseto and gen_corpus
- E331: Rename make_key to key in fuzz_paseto

- Change `run` signature to `string -> (string * test_case list) list -> unit`
matching Alcotest's grouping convention
- Fix `_name` bug: pass the name through to Alcotest.run_with_args
- Each fuzz module now exports `let suite = ("name", [test_case ...])`
- Entry points (fuzz.ml) collect suites: `Crowbar.run "pkg" [Fuzz_X.suite]`
- Remove stale `add_test`/`suite` API, keep only `test_case`/`run`
- Remove `let run () = ()` from fuzz_common.ml files
- Update merlint E725 rule to match new `let suite = ("name", ...)` pattern
- Update E725 test fixtures and expected output

- Restore cursor on exit via at_exit in Tty.Progress (fixes TTY corruption)
- Install SIGINT handler in monopam test for clean Ctrl-C
- Add 2s per-iteration timeout and 2s total budget to crowbar
- Group crowbar alcotest output by module prefix ("mdns: foo" → group "mdns")
- Skip fuzz runtest in afl context (enabled_if <> profile afl)
- Add merlint E725: enforce "module: description" fuzz test name convention

Add gen_corpus.ml with domain-appropriate seed data for hap, homebrew,
hostname, json-logs, jsonwt, ltp, and matter fuzz directories. Merge
matter's two fuzz executables (fuzz_tlv, fuzz_case) into a single fuzz
runner via fuzz.ml wrapper.

Add mono and ref_ fields to sources_registry entries, enabling nested
monorepos (mono=true) with recursive push/pull and replacing mono.lock
with ref pinning in sources.toml. Rename url→source and
default_url_base→origin with full backward compatibility.

Also fix pre-existing syntax errors and formatting in test files.

Add (enabled_if (= %{profile} afl)), (source_tree corpus), and
gen_corpus.exe deps to all 25 fuzz directories

Replace Printf/Format with Fmt. Use Fmt.failwith instead of failwith(Fmt.str).

Extract err_* helpers in ocaml-hap/lib/hap.ml for pair setup/verify
error patterns. Extract err_unknown_type_code in ocaml-matter/lib/tlv.ml.
Rename OnOff -> On_off and AdministratorCommissioning ->
Administrator_commissioning in ocaml-matter for Snake_case convention.

ocaml-hap, ocaml-homebrew, ocaml-hostname, ocaml-json-logs,
ocaml-jsonwt, ocaml-ltp, ocaml-matter

Migrate Printf.sprintf to Fmt.str, Format.fprintf to Fmt.pf, and
Format.pp_print_string to Fmt.string across bundle, gpt, hap, homebrew,
jsonwt, matter, mbr, meross, paseto, precommit, publicsuffix, qemu,
retry, sdnv, slack, sle, space-packet, spake2, sqlite, squashfs, tar,
tc, tcf, tcpcl, tm, tomlt, tty, uslp, vlog, wal, wire, yamlrw, yamlt,
osrelease, space, xdge, and crypto test runner.

Extract helper functions to reduce long function lengths across cwt, jsonwt,
ltp, matter, mbr, json-logs, and initramfs. Remove redundant find_/make_
prefixes in discovery.ml. Extract nested rm closure to reduce nesting depth.

Shorten test identifiers exceeding 4 underscores in test_cwt.ml,
test_jsonwt.ml, and test_linkedin_url.ml. Convert Format.fprintf/sprintf
to Fmt.pf/str in ocaml-ltp/lib/ltp.ml.

Remove make_/get_/find_ prefixes from 21 functions: find_invalid_char,
make_api, make_cookie, get_json, get_keychain_passphrase,
get_all_linkedin_cookies, get_linkedin_cookies, get_int, get_uint,
get_bytes, get_partition_info, make_new_partition, make_new_mbr,
get_u8, get_u16_le, get_u32_le, get_ok, and related callers.

Add documentation to 71+ undocumented public values across jailhouse,
ltp, matter (discovery, msg, pase, session) .mli files. Apply linter
E331 auto-renames (make_*/get_*/create_* prefix removal) in jsonwt,
cwt, ltp, matter, and update callers in atp tests.

- Add Test_chrome_cookies.suite to ocaml-linkedin test runner
- Add Test_ltp.suite to ocaml-ltp test runner
- Add Test_session, Test_pase, Test_discovery, Test_msg, Test_aes_ccm
suites to ocaml-matter test runner
- Fix unused value warnings in matter test helpers

- License -> Licence
- color -> colour (in prose, not API/code)
- behavior -> behaviour
- analyze -> analyse
- organized -> organised
- Remove marketing buzzwords (leveraging)
- Remove emojis from prose

Convert all packages from:
(source (uri https://tangled.org/handle/repo))
to:
(source (tangled handle/repo))

This uses dune 3.21's native tangled support for cleaner source
declarations. Also removes redundant homepage/bug_reports fields
that are auto-generated from tangled sources.

- Update dune-project: mirage-crypto -> crypto
- Update lib/dune: mirage-crypto -> crypto
- Rename lib/crypto.ml -> lib/aes_ccm.ml to avoid name shadowing
- Update module references: Crypto.* -> Aes_ccm.* in case.ml, pase.ml
- Module now uses Crypto.AES.CCM16 from crypto package

- Update dune-project deps: mirage-crypto -> crypto, mirage-crypto-rng -> crypto-rng
- Update lib/dune libraries
- Update test/dune and fuzz/dune: mirage-crypto-rng.unix -> crypto-rng.unix
- Update module names: Mirage_crypto -> Crypto, Mirage_crypto_rng_unix -> Crypto_rng_unix

Comprehensive seed corpus for efficient AFL fuzzing:

Text/Protocol formats:
- cookeio: HTTP cookies (simple, full attributes, multi-value)
- jsonwt: JWT tokens (header, valid token)
- json-logs: JSON strings with escapes
- tomlt: TOML config files
- hostname: Domain names with ports
- xff: X-Forwarded-For headers, CIDR notation
- punycode: ASCII and Unicode domains
- mdns: DNS headers and queries

Binary formats:
- sdnv: RFC 6256 variable-length integers
- hap: HomeKit TLV encoding
- space-packet: CCSDS packet headers
- tc-1/tm-1: Telecommand/Telemetry frames
- sle: Space Link Extension TML headers
- tls: TLS records and handshake messages
- requests: HTTP/1.1 and HTTP/2 frames

Crypto:
- crypto: 32-byte keys
- csrf: CSRF tokens and secrets
- paseto: v3.local prefix and keys
- pbkdf2: passwords and salts
- spake2/srp: authentication parameters
- streaming-aead: keys, nonces, plaintext

Misc:
- sgp4: TLE satellite orbit data
- tty: ASCII, Unicode, ANSI escape sequences
- github-oauth: OAuth parameters
- rate-limit: IPv4/IPv6 addresses

Replace `let ( let* ) = Result.bind` with `open Result.Syntax` across
multiple packages: x509, tls, requests, ca-certs, cpio, jsonwt, matter,
tar, spake2, crypto, gpt, mbr.

The stdlib Result.Syntax module provides the same let* operator.

- ocaml-gpt: Use Result.Syntax, add MBR integration, fuzz tests
- ocaml-mbr: Add fuzz tests, update .ocamlformat
- ocaml-matter: Use Result.Syntax in pase.ml
- ocaml-requests/h2: Use Result.Syntax in H/2 implementation
- ocaml-tm: Fix .ocamlformat version, apply formatting
- ocaml-x509: Use Result.Syntax in ASN.1 grammars and PKCS#12

Update comment headers to use standardized format:
- Quick check: dune build @fuzz
- With AFL: crow start --cpus=4

Remove verbose afl-fuzz commands and fuzz-afl aliases since
crow now handles building and running AFL instrumented fuzzers.

Implements the Matter CASE protocol for secure session establishment:
- Sigma1/Sigma2/Sigma3 message encoding and decoding
- ECDHE key exchange with P-256
- Session key derivation via HKDF-SHA256
- X.509 certificate handling for Node Operational Certificates
- Full protocol exchange with ECDSA signatures

Includes unit tests (33 passing) and Crowbar fuzz tests.

- json-logs: Add ~app, ~auto, ~base parameters for base fields
- json-logs: Auto-include hostname and pid in JSON output
- vlog: Add --log-tag KEY=VALUE flag for custom base tags
- vlog: Use json-logs by default, allow disabling with ~json_reporter:None
- Update meross, matter, mdns, claude-skills, precommit to use vlog

JSON output now includes automatic fields (hostname, pid, app) plus
any custom tags from --log-tag flags, useful for log aggregation.