Return explicit errors from AlertAPI construction instead of panicking inside the library layer, and let main own process-level failure handling.
Also delete the unused config.MustLoad helper and lock the supported config loading paths with tests.
Add a shorter external-facing announcement derived from the full 2026-04-15 change note.
The brief version keeps the public boundary explicit: repository checks passed, but real staging release clearance is still pending.
Summarize the seven recent governance, verification, testing, and archival commits into a single external-facing change note.
The note also makes the current boundary explicit: key repository checks passed, but real staging release clearance is still pending.
Add the 2026-04-14 and 2026-04-15 gate verification outputs, metric snapshots, trend reports, and design-drift daily reports.
This clears the remaining generated report changes from the worktree while preserving the validation evidence emitted during the refactor follow-up runs.
Reduce the domain outbox surface to the shared retry/backoff contract that is actually consumed by the runtime layer.
Also make batch compensation processing pick up retrying records explicitly and cover that path with tests.
Move gate verification scripts to write and resolve reports from reports/archive/gate_verification.
This keeps newly generated evidence aligned with the archived gate layout and removes stale reports/gates lookups from the active pipeline scripts.
Add archive headers to historical review and report documents so they are explicitly downgraded to snapshot status.
Also add an archive index for the 2026-04-14 history batch to make current fact sources and traceability explicit.
Add a single current machine-review source policy to active review and planning docs.
Mark legacy tok007 references as historical snapshots and point executable examples at the current review draft.
Rewrite module READMEs around the current verified run and test paths, tighten repo_integrity_check.sh with fact-source checks, update supply-api migration baseline, and remove the platform-token-runtime audit query placeholder response.
Use a shared in-memory code store across mock, Tencent, and Aliyun SMS services so send and verify follow the same contract. Also surface batch flush failures through FlushNow and explicit error tracking hooks for audit buffering.