fix: preserve historical snapshot fingerprints

[steipete]

Summary

• preserve inferred Git file fingerprints when importing legacy historical snapshots
• reject native absolute and volume-qualified historical materialization paths
• prove immutable tags through concurrent remote pushes, branch preservation, historical restore, and DM privacy

Proof

• go test -count=1 ./... (85.0% aggregate coverage)
• go test -race -count=1 ./...
• golangci-lint, go vet, staticcheck, deadcode, gofumpt
• gosec, govulncheck, gitleaks
• GoReleaser snapshot and Docker build/version/help smoke
• exact built CLI doctor, status, and private-safe archive search
• autoreview: no findings
• Public Model Identifier Gate: PASS

Follow-up to #98 after its concurrent merge. This addresses the historical-manifest finding from the review on that PR.

[clawsweeper]

ClawSweeper status: review started.

I am starting a fresh review of this pull request: fix: preserve historical snapshot fingerprints This is item 1/1 in the current shard. Shard 0/1.

This placeholder means the worker is alive and reading the current context. I will edit this same comment with the actual review when the claws are done clicking.

Crustacean status: shell secured, claws on keyboard, evidence pebbles being sorted.

[steipete]

Landed in 05ae103.

Proof on exact PR head a850960ca12fa4d558d93ad3a7a3c45812214602:

• all required GitHub checks passed, including test/race coverage, lint, dependency, security, CodeQL, Docker, and release snapshot checks
• synthetic bare-remote test covered immutable old/new tags, a concurrent non-fast-forward retry, remote and local branch preservation, historical restore without checkout movement, and DM exclusion/preservation
• legacy historical manifests retained Git file fingerprints in stored import state
• exact built CLI passed private-safe doctor, status, and archive search smoke tests
• autoreview returned no findings; Public Model Identifier Gate passed

No release, tag, or publish action was performed.