# Audit Snapshot — 2026-05-24T15:55Z

## CLI repo (D:\DEV\Project\rclone-jav)
- git rev-parse HEAD: `8d6bdb81af75b5db1f9d71fce48deb0c859b462b`
- git status --short:
  ```
   M AGENTS.md
   M config.json
   M rcjav/__init__.py
   M rcjav/cli.py
   M rcjav/library.py
  ?? bug-audit-plan.md
  ?? cache.json.bak
  ```

## Extension repo (D:\DEV\Extensions\Production\rclone-jav)
- git rev-parse HEAD: `0e230320a9d9a078e1414161dc69d80a8cc3f9ef`
- git status --short:
  ```
  D  CLAUDE.md.bak
   M background.js
   M content.js
   M host/com.rcjav.host.json
   M host/install-host.ps1
   M host/rcjav-host.bat
   M host/rcjav-host.py
   M host/register-host.bat
   M manifest.json
  R  bulk-check.css -> src/bulk-check/bulk-check.css
  R  bulk-check.html -> src/bulk-check/bulk-check.html
  R  bulk-check.js -> src/bulk-check/bulk-check.js
  RM options-cache.js -> src/options/options-cache.js
  RM options-diagnostics.js -> src/options/options-diagnostics.js
  RM options-dupe-review.js -> src/options/options-dupe-review.js
  RM options-library-issues.js -> src/options/options-library-issues.js
  R  options-profiles.js -> src/options/options-profiles.js
  R  options-rules-editors.js -> src/options/options-rules-editors.js
  RM options.css -> src/options/options.css
  RM options.html -> src/options/options.html
  RM options.js -> src/options/options.js
  R  popup.css -> src/popup/popup.css
  R  popup.html -> src/popup/popup.html
  R  popup.js -> src/popup/popup.js
  ?? host/allowed-extension-ids.json
  ?? rclone-jav-library-issues-all-2026-05-24T15-52-01-714Z.json
  ?? src/options/options-shared.js
  ?? src/shared/
  ```

## Versions
- Extension manifest.json version: 0.1.32
- Python: 3.14.5
- Node: v24.14.0
- Brave: not captured (no manual extension verification needed during Phase 1)

## Dirty-state policy
This audit accepts dirty working trees (option b). All file:line citations reference the snapshot AS-IS at this timestamp. No file edits during Phase 1 except audit docs (per allowed-write list in bug-audit-plan.md).

## Notes on dirty state
- Extension repo has codex's roadmap refactor + later edits uncommitted. Renamed file paths (options/*, popup/*, bulk-check/*) reflect step 6/6b/6c/7a outcomes.
- Untracked `src/shared/` and `src/options/options-shared.js` are new module extractions — in audit scope.
- Untracked `rclone-jav-library-issues-all-*.json` is a user-generated export — OUT of audit scope (runtime artifact).
- CLI `cache.json.bak` is excluded per plan.
- Auditors must reference paths AS THEY EXIST ON DISK NOW, not as they appeared in git HEAD.