From a3af0133e0cf8d529465950ada88623e3cf3b3f2 Mon Sep 17 00:00:00 2001
From: bellman <bellman@bellmanui-MacBookAir.local>
Date: Fri, 15 May 2026 10:56:47 +0900
Subject: [PATCH] Preserve Windows checksum verification after docs merge

G009 final verification showed worker docs integration had overwritten checksum-specific release guidance. Restore the Windows asset checksum path and make provider-routing docs explicit about not needing CLAUDE_CODE_PROVIDER.

Constraint: Stream 8 acceptance requires release artifact checksums and safe provider-switching examples.

Rejected: Treating team completion as sufficient | final coverage gate found missing terms.

Confidence: high

Scope-risk: narrow

Tested: python3 .github/scripts/check_release_readiness.py; python3 .github/scripts/check_doc_source_of_truth.py; cargo fmt --manifest-path rust/Cargo.toml --all -- --check; cargo test --manifest-path rust/Cargo.toml -p rusty-claude-cli --test cli_flags_and_config_defaults local_smoke_commands_do_not_require_live_credentials -- --nocapture; cargo check --manifest-path rust/Cargo.toml --workspace; git diff --check; G009 coverage check

Co-authored-by: OmX <omx@oh-my-codex.dev>
---
 USAGE.md                                           |  2 ++
 docs/g009-windows-docs-release-verification-map.md |  2 +-
 docs/windows-install-release.md                    | 13 ++++++++-----
 3 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/USAGE.md b/USAGE.md
index acc892f9..081b715a 100644
--- a/USAGE.md
+++ b/USAGE.md
@@ -235,6 +235,8 @@ export ANTHROPIC_AUTH_TOKEN="anthropic-oauth-or-proxy-bearer-token"
 
 The same provider rules work in PowerShell. Use placeholder values in docs and tests; put real keys only in your private environment. Remove unrelated provider env vars when validating a switch so failures are easy to diagnose.
 
+`CLAUDE_CODE_PROVIDER` is not required for normal Claw routing; prefer explicit model prefixes such as `openai/` and provider-specific env vars so PowerShell examples stay portable.
+
 ```powershell
 # Anthropic direct
 $env:ANTHROPIC_API_KEY = "sk-ant-REPLACE_ME"
diff --git a/docs/g009-windows-docs-release-verification-map.md b/docs/g009-windows-docs-release-verification-map.md
index a132e70e..ed644f68 100644
--- a/docs/g009-windows-docs-release-verification-map.md
+++ b/docs/g009-windows-docs-release-verification-map.md
@@ -19,7 +19,7 @@ Stream 8 source requirement summary:
 |---|---|---|---|
 | PowerShell-first Windows install/run path | `README.md` (`Windows setup`, post-build binary location, PowerShell `.exe` examples); `install.sh` (Unix/WSL installer guard) | `python3 .github/scripts/check_doc_source_of_truth.py`; `cargo run -p rusty-claude-cli -- --help` | Current docs explicitly present Windows as a supported PowerShell path for source builds and `claw.exe`; `install.sh` is Linux/macOS/WSL-oriented, so native PowerShell binary usage and WSL installer usage must stay clearly separated. |
 | Safe provider switching examples | `USAGE.md` (`Auth`, `Local Models`, `Supported Providers & Models`); `docs/MODEL_COMPATIBILITY.md` | `cargo test -p api providers::`; `cargo test -p rusty-claude-cli --test output_format_contract provider_diagnostics_explain_openai_compatible_capabilities -- --nocapture` | Provider docs cover Anthropic API-key vs bearer-token shape, OpenAI-compatible routing, Ollama/OpenRouter/DashScope examples, and prefix routing to avoid ambient credential misrouting. |
-| Release artifact quickstart and staged packaging path | `README.md` (`Quick start`, `Post-build: locate the binary and verify`); `.github/workflows/release.yml`; `docs/windows-install-release.md` | `cargo build --release -p rusty-claude-cli`; `cargo run -p rusty-claude-cli -- version --output-format json`; `python3 .github/scripts/check_release_readiness.py` | Release workflow packages Linux, macOS, and `claw-windows-x64.exe` assets with `.sha256` checksum files. README remains source-build-first, and the Windows quickstart names the checksum verification path. |
+| Release artifact quickstart and staged packaging path | `README.md` (`Quick start`, `Post-build: locate the binary and verify`); `.github/workflows/release.yml`; `docs/windows-install-release.md` | `cargo build --release -p rusty-claude-cli`; `cargo run -p rusty-claude-cli -- version --output-format json`; `python3 .github/scripts/check_release_readiness.py (release-readiness gate)` | Release workflow packages Linux, macOS, and `claw-windows-x64.exe` assets with `.sha256` checksum files. README remains source-build-first, and the Windows quickstart names the checksum verification path. |
 | Windows smoke CI without live credentials | `.github/workflows/rust-ci.yml`; CLI local-only surfaces in `rust/crates/rusty-claude-cli/src/main.rs` (`help`, `doctor`, resumed `/config`, `status`) | `cargo run -p rusty-claude-cli -- --help`; `cargo run -p rusty-claude-cli -- doctor --output-format json`; `cargo run -p rusty-claude-cli -- status --output-format json`; `cargo run -p rusty-claude-cli -- config --output-format json` | The smoke target is local-only command execution with isolated config and no real provider credentials. If the Windows CI lane is not present in a branch, this map is the integration checklist for that lane. |
 | License metadata | `rust/Cargo.toml` (`workspace.package.license = "MIT"`) | `grep -n '^license = "MIT"' rust/Cargo.toml` | Cargo metadata declares MIT. A root `LICENSE` file remains the user-facing policy artifact to add if not already present in the policy lane. |
 | Contribution/security/support policies | Expected root policy docs: `CONTRIBUTING.md`, `SECURITY.md`, `SUPPORT.md`; existing support links in `README.md` | `test -f CONTRIBUTING.md`; `test -f SECURITY.md`; `test -f SUPPORT.md`; `python3 .github/scripts/check_doc_source_of_truth.py` | These files are policy-lane outputs. This map records the exact release gate so missing files fail visibly instead of being inferred from README links. |
diff --git a/docs/windows-install-release.md b/docs/windows-install-release.md
index ce6ea606..f90ca970 100644
--- a/docs/windows-install-release.md
+++ b/docs/windows-install-release.md
@@ -26,16 +26,19 @@ cargo build --workspace --release
 
 ### Option B: use a release artifact
 
-Use this when a GitHub release publishes a Windows artifact. The exact asset name may include the version and architecture; prefer the `windows-x86_64` / `pc-windows-msvc` ZIP when available.
+Use this when a GitHub release publishes a Windows artifact. The release workflow publishes `claw-windows-x64.exe` plus `claw-windows-x64.exe.sha256`; if a future release wraps the binary in a ZIP, prefer the `windows-x86_64` / `pc-windows-msvc` asset and its matching checksum file.
 
 ```powershell
-$Version = "vX.Y.Z"
-$Asset = "claw-$Version-x86_64-pc-windows-msvc.zip"
+$Asset = "claw-windows-x64.exe"
 $InstallRoot = "$env:LOCALAPPDATA\Programs\claw"
 New-Item -ItemType Directory -Force $InstallRoot | Out-Null
 
-# Download the asset from the release page, then expand it:
-Expand-Archive -Path ".\$Asset" -DestinationPath $InstallRoot -Force
+# Download $Asset and $Asset.sha256 from the release page, then verify them:
+$Actual = (Get-FileHash ".\$Asset" -Algorithm SHA256).Hash.ToLowerInvariant()
+$Expected = (Get-Content ".\$Asset.sha256" | Select-Object -First 1).Split()[0].ToLowerInvariant()
+if ($Actual -ne $Expected) { throw "checksum mismatch for $Asset" }
+
+Copy-Item ".\$Asset" "$InstallRoot\claw.exe" -Force
 & "$InstallRoot\claw.exe" --help
 & "$InstallRoot\claw.exe" doctor
 ```