From cbc0ab9e0eec4f03cbfa994c90cf8e638471c64d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=94=D0=BC=D0=B8=D1=82=D1=80=D0=B8=D0=B9?=
 <eclips9363@gmail.com>
Date: Mon, 15 Jun 2026 09:23:18 +0300
Subject: [PATCH] chore: prune Liderra-specs-plans over-copied into
 claude-brain

---
 .../plans/2026-05-09-sprint1-hygiene-plan.md  | 1296 -----
 .../2026-05-10-sprint4-audit-tail-plan.md     |  768 ---
 ...2026-05-10-sprint5-preprod-tooling-plan.md |  563 --
 ...2026-05-10-sprint6-phase-a-reports-plan.md | 1212 -----
 .../2026-05-10-supplier-foundation-plan.md    | 2515 ---------
 .../2026-05-10-supplier-plan26-cleanup.md     |  808 ---
 ...026-05-10-supplier-webhook-routing-plan.md | 2637 ----------
 ...2026-05-11-plan4-billing-csv-admin-plan.md | 4634 -----------------
 .../plans/2026-05-11-supplier-sync-plan3.md   | 3188 ------------
 .../2026-05-13-test-quality-preprod-sprint.md |  976 ----
 .../plans/2026-05-15-sprint1-p0-fixes.md      | 1739 -------
 .../plans/2026-05-15-sprint2a-auth.md         |  424 --
 .../plans/2026-05-15-sprint2b-settings.md     | 2027 -------
 .../plans/2026-05-15-sprint2c-billing.md      | 2674 ----------
 .../2026-05-16-sprint3a-layout-navigation.md  |  542 --
 ...2026-05-16-sprint3b-dashboard-deeplinks.md |  823 ---
 .../plans/2026-05-16-sprint3c-reports.md      | 1364 -----
 .../2026-05-16-sprint3d-admin-actions.md      | 1128 ----
 .../2026-05-16-sprint3e-settings-tabs.md      |  240 -
 .../2026-05-16-sprint3f-api-middleware.md     |  355 --
 .../2026-05-16-sprint4-historical-import.md   | 3413 ------------
 .../plans/2026-05-16-sprint5a-auth-polish.md  |  567 --
 .../plans/2026-05-17-deals-page-redesign.md   | 2831 ----------
 .../plans/2026-05-17-sprint5b-layout-views.md | 1060 ----
 .../2026-05-17-sprint5c-billing-admin.md      |  700 ---
 ...26-05-17-sprint5d-cleanup-mock-fallback.md |  480 --
 .../plans/2026-05-17-sprint6-p3-polish.md     |  387 --
 ...18-deals-drawer-and-project-source-edit.md |  885 ----
 ...26-05-18-supplier-csv-reconcile-channel.md | 1553 ------
 .../2026-05-19-supplier-migration-followup.md | 1089 ----
 ...05-19-supplier-project-channel-failover.md | 2746 ----------
 ...ject-migration-redesign-plan-4-admin-lk.md |  465 --
 ...-05-22-supplier-projects-import-lkomega.md | 1396 -----
 .../2026-05-23-admin-tenant-balance-edit.md   |  912 ----
 ...5-23-billing-v2-spec-a-balance-rub-plan.md | 2361 ---------
 ...05-23-billing-v2-spec-b-duplicates-plan.md |  807 ---
 ...6-05-24-billing-v2-spec-c-preflight-vtb.md | 2669 ----------
 ...026-05-24-legacy-direct-webhook-removal.md | 1173 -----
 ...05-25-supplier-webhook-phase-1-json-422.md |  355 --
 ...26-05-25-supplier-webhook-phase-2-dedup.md |  475 --
 ...upplier-webhook-phase-3-direct-platform.md |  899 ----
 .../2026-05-26-slepok-routing-protection.md   | 2334 ---------
 .../2026-05-29-lead-region-resolution.md      |  641 ---
 ...ier-webhook-fast-fail-and-stuck-cleanup.md |  427 --
 .../2026-05-09-sprint1-hygiene-design.md      |  347 --
 ...2026-05-09-sprint2-modernization-design.md |   80 -
 ...26-05-10-sprint6-postmvp-backend-design.md |  460 --
 .../2026-05-10-supplier-integration-design.md |  295 --
 .../2026-05-11-plan3-supplier-sync-design.md  |  618 ---
 ...26-05-11-plan4-billing-csv-admin-design.md |  736 ---
 .../2026-05-17-deals-page-redesign-design.md  |  132 -
 ...8-supplier-csv-reconcile-channel-design.md |  217 -
 ...upplier-project-channel-failover-design.md |  223 -
 ...supplier-projects-import-lkomega-design.md |  147 -
 ...-05-23-admin-tenant-balance-edit-design.md |   98 -
 ...23-billing-v2-spec-a-balance-rub-design.md |  633 ---
 ...-23-billing-v2-spec-b-duplicates-design.md |  160 -
 ...-billing-v2-spec-c-preflight-vtb-design.md |  820 ---
 ...24-legacy-direct-webhook-removal-design.md |  204 -
 ...-25-supplier-webhook-reliability-design.md |  291 --
 ...-05-26-slepok-routing-protection-design.md | 1106 ----
 ...026-05-29-lead-region-resolution-design.md | 1069 ----
 62 files changed, 68174 deletions(-)
 delete mode 100644 docs/superpowers/plans/2026-05-09-sprint1-hygiene-plan.md
 delete mode 100644 docs/superpowers/plans/2026-05-10-sprint4-audit-tail-plan.md
 delete mode 100644 docs/superpowers/plans/2026-05-10-sprint5-preprod-tooling-plan.md
 delete mode 100644 docs/superpowers/plans/2026-05-10-sprint6-phase-a-reports-plan.md
 delete mode 100644 docs/superpowers/plans/2026-05-10-supplier-foundation-plan.md
 delete mode 100644 docs/superpowers/plans/2026-05-10-supplier-plan26-cleanup.md
 delete mode 100644 docs/superpowers/plans/2026-05-10-supplier-webhook-routing-plan.md
 delete mode 100644 docs/superpowers/plans/2026-05-11-plan4-billing-csv-admin-plan.md
 delete mode 100644 docs/superpowers/plans/2026-05-11-supplier-sync-plan3.md
 delete mode 100644 docs/superpowers/plans/2026-05-13-test-quality-preprod-sprint.md
 delete mode 100644 docs/superpowers/plans/2026-05-15-sprint1-p0-fixes.md
 delete mode 100644 docs/superpowers/plans/2026-05-15-sprint2a-auth.md
 delete mode 100644 docs/superpowers/plans/2026-05-15-sprint2b-settings.md
 delete mode 100644 docs/superpowers/plans/2026-05-15-sprint2c-billing.md
 delete mode 100644 docs/superpowers/plans/2026-05-16-sprint3a-layout-navigation.md
 delete mode 100644 docs/superpowers/plans/2026-05-16-sprint3b-dashboard-deeplinks.md
 delete mode 100644 docs/superpowers/plans/2026-05-16-sprint3c-reports.md
 delete mode 100644 docs/superpowers/plans/2026-05-16-sprint3d-admin-actions.md
 delete mode 100644 docs/superpowers/plans/2026-05-16-sprint3e-settings-tabs.md
 delete mode 100644 docs/superpowers/plans/2026-05-16-sprint3f-api-middleware.md
 delete mode 100644 docs/superpowers/plans/2026-05-16-sprint4-historical-import.md
 delete mode 100644 docs/superpowers/plans/2026-05-16-sprint5a-auth-polish.md
 delete mode 100644 docs/superpowers/plans/2026-05-17-deals-page-redesign.md
 delete mode 100644 docs/superpowers/plans/2026-05-17-sprint5b-layout-views.md
 delete mode 100644 docs/superpowers/plans/2026-05-17-sprint5c-billing-admin.md
 delete mode 100644 docs/superpowers/plans/2026-05-17-sprint5d-cleanup-mock-fallback.md
 delete mode 100644 docs/superpowers/plans/2026-05-17-sprint6-p3-polish.md
 delete mode 100644 docs/superpowers/plans/2026-05-18-deals-drawer-and-project-source-edit.md
 delete mode 100644 docs/superpowers/plans/2026-05-18-supplier-csv-reconcile-channel.md
 delete mode 100644 docs/superpowers/plans/2026-05-19-supplier-migration-followup.md
 delete mode 100644 docs/superpowers/plans/2026-05-19-supplier-project-channel-failover.md
 delete mode 100644 docs/superpowers/plans/2026-05-20-project-migration-redesign-plan-4-admin-lk.md
 delete mode 100644 docs/superpowers/plans/2026-05-22-supplier-projects-import-lkomega.md
 delete mode 100644 docs/superpowers/plans/2026-05-23-admin-tenant-balance-edit.md
 delete mode 100644 docs/superpowers/plans/2026-05-23-billing-v2-spec-a-balance-rub-plan.md
 delete mode 100644 docs/superpowers/plans/2026-05-23-billing-v2-spec-b-duplicates-plan.md
 delete mode 100644 docs/superpowers/plans/2026-05-24-billing-v2-spec-c-preflight-vtb.md
 delete mode 100644 docs/superpowers/plans/2026-05-24-legacy-direct-webhook-removal.md
 delete mode 100644 docs/superpowers/plans/2026-05-25-supplier-webhook-phase-1-json-422.md
 delete mode 100644 docs/superpowers/plans/2026-05-25-supplier-webhook-phase-2-dedup.md
 delete mode 100644 docs/superpowers/plans/2026-05-25-supplier-webhook-phase-3-direct-platform.md
 delete mode 100644 docs/superpowers/plans/2026-05-26-slepok-routing-protection.md
 delete mode 100644 docs/superpowers/plans/2026-05-29-lead-region-resolution.md
 delete mode 100644 docs/superpowers/plans/2026-05-29-supplier-webhook-fast-fail-and-stuck-cleanup.md
 delete mode 100644 docs/superpowers/specs/2026-05-09-sprint1-hygiene-design.md
 delete mode 100644 docs/superpowers/specs/2026-05-09-sprint2-modernization-design.md
 delete mode 100644 docs/superpowers/specs/2026-05-10-sprint6-postmvp-backend-design.md
 delete mode 100644 docs/superpowers/specs/2026-05-10-supplier-integration-design.md
 delete mode 100644 docs/superpowers/specs/2026-05-11-plan3-supplier-sync-design.md
 delete mode 100644 docs/superpowers/specs/2026-05-11-plan4-billing-csv-admin-design.md
 delete mode 100644 docs/superpowers/specs/2026-05-17-deals-page-redesign-design.md
 delete mode 100644 docs/superpowers/specs/2026-05-18-supplier-csv-reconcile-channel-design.md
 delete mode 100644 docs/superpowers/specs/2026-05-19-supplier-project-channel-failover-design.md
 delete mode 100644 docs/superpowers/specs/2026-05-22-supplier-projects-import-lkomega-design.md
 delete mode 100644 docs/superpowers/specs/2026-05-23-admin-tenant-balance-edit-design.md
 delete mode 100644 docs/superpowers/specs/2026-05-23-billing-v2-spec-a-balance-rub-design.md
 delete mode 100644 docs/superpowers/specs/2026-05-23-billing-v2-spec-b-duplicates-design.md
 delete mode 100644 docs/superpowers/specs/2026-05-24-billing-v2-spec-c-preflight-vtb-design.md
 delete mode 100644 docs/superpowers/specs/2026-05-24-legacy-direct-webhook-removal-design.md
 delete mode 100644 docs/superpowers/specs/2026-05-25-supplier-webhook-reliability-design.md
 delete mode 100644 docs/superpowers/specs/2026-05-26-slepok-routing-protection-design.md
 delete mode 100644 docs/superpowers/specs/2026-05-29-lead-region-resolution-design.md

diff --git a/docs/superpowers/plans/2026-05-09-sprint1-hygiene-plan.md b/docs/superpowers/plans/2026-05-09-sprint1-hygiene-plan.md
deleted file mode 100644
index 58ce6f2..0000000
--- a/docs/superpowers/plans/2026-05-09-sprint1-hygiene-plan.md
+++ /dev/null
@@ -1,1296 +0,0 @@
-# Plan: Спринт 1 «Hygiene» — исправление дефектов аудита 2026-05-09
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Закрыть 22 фикса аудита (3 P0 + 10 P1 + 3 P2 + 6 low-risk O-\*) + 3 записи в реестр, разбитых на 6 атомарных коммитов по доменам.
-
-**Architecture:** 6 фаз / 6 коммитов. Каждая фаза — изолированный scope, заканчивается verification (соответствующие линтеры/тесты) и коммитом. Зависимости: B и D зависят от A (метрики schema + CHANGELOG ссылка). Phase D правки CLAUDE.md/Pravila/Tooling — обязательно через `claude-md-management:claude-md-improver` skill (CLAUDE.md §5 п.10).
-
-**Tech Stack:** PostgreSQL 16, Laravel 13.7, PHP 8.3, Pest 4, Larastan, Vue 3 + Vuetify 3, ESLint flat-config, Pinia, Axios, lefthook, GitHub Actions, npm scripts, lychee, cspell, markdownlint, pa11y. Платформа: Windows Server 2022, PowerShell + Bash.
-
-**Spec:** [docs/superpowers/specs/2026-05-09-sprint1-hygiene-design.md](../specs/2026-05-09-sprint1-hygiene-design.md) v1.0, commit `08bbe4d`.
-
----
-
-## File Structure
-
-| Файл | Действие | Что меняется |
-|---|---|---|
-| `db/schema.sql` | Modify | RLS на impersonation_tokens (после строки 540), 2 индекса (после 1521 и 1537), bump версии в шапке v8.10→v8.11, обновить метрики |
-| `db/CHANGELOG_schema.md` | Modify | Новая запись «v8.11 от 09.05.2026» в начале (reverse chronological) |
-| `app/routes/web.php` | Modify | Добавить `'tenant'` к существующим auth:sanctum group'ам (строки 44, 52, 63) |
-| `app/app/Http/Requests/Auth/Concerns/HasPasswordRules.php` | Create | Trait c rules + messages для password |
-| `app/app/Http/Requests/Auth/LoginRequest.php` | Modify | Подключить trait, заменить inline rules |
-| `app/app/Http/Requests/Auth/RegisterRequest.php` | Modify | То же |
-| `app/tests/Feature/AdminIncidentsIndexTest.php` | Modify | bcrypt('test') → bcrypt('test1234') |
-| `package.json` | Modify | format:sql:check Windows-совместимый путь |
-| `.gitignore` | Modify | Добавить `db/.schema-formatted.tmp.sql` |
-| `.lychee.toml` | Modify | exclude root-relative ссылок web/v8 |
-| `pa11y.config.json` | Modify | Пути к liderra_v8_handoff/concepts/v8_*.html |
-| `app/composer.json` | Modify | Скрипт `audit-offline` |
-| `app/eslint.config.js` | Modify | Правило `no-restricted-imports` против vuetify/components |
-| `.github/workflows/dependency-check.yml` | Create | Еженедельный npm outdated workflow |
-| `README.md` | Modify | Versions sync (Tooling v1.10, Pravila v1.6, schema v8.11) |
-| `CLAUDE.md` | Modify (через claude-md-management) | Histoire 21/43, F-K ссылка |
-| `docs/Pravila_raboty_Claude_v1_1.md` | Modify (через claude-md-management) | §13.9 cross-ref version |
-| `docs/Tooling_v8_3.md` | Modify (через claude-md-management) | stylelint-config-standard ^40.0.0 в §4.2 п.22 |
-| `cspell-words.txt` | Verify | `ребрендинга` уже добавлено в self-review аудита, не дублировать |
-| `liderra_v8_handoff/docs/BRANDBOOK_v2.md` | Modify | Таблица 14 status-slug mapping |
-| `liderra_v8_handoff/docs/DEVELOPER_HANDOFF.md` | Modify | Axe-claim documentation + font-display strategy |
-| `docs/Открытые_вопросы_v8_3.md` | Modify | Новый CTO для P1-10, cross-link для P1-11, новый OPEN для P1-09 |
-
----
-
-## Phase A. DB — schema.sql v8.10 → v8.11
-
-### Task A1: Добавить RLS на impersonation_tokens
-
-**Files:**
-
-- Modify: `db/schema.sql:540` (после `idx_imp_tokens_admin`, до forward FK ALTER)
-
-- [ ] **Step A1.1: Прочитать существующий блок RLS политик в schema.sql, чтобы скопировать стиль**
-
-```bash
-sed -n '2390,2410p' db/schema.sql
-```
-
-Expected: видим существующие `CREATE POLICY tenant_isolation ON ... USING (tenant_id = current_setting('app.current_tenant_id')::bigint);`
-
-- [ ] **Step A1.2: Добавить ALTER TABLE + CREATE POLICY для impersonation_tokens**
-
-В `db/schema.sql` после строки 540 (`CREATE INDEX idx_imp_tokens_admin ...`), перед `-- Forward FK на impersonation_tokens`, вставить:
-
-```sql
-
--- v8.11 (audit P0-02): RLS-isolation между тенантами для одноразовых impersonation-токенов
-ALTER TABLE impersonation_tokens ENABLE ROW LEVEL SECURITY;
-CREATE POLICY tenant_isolation ON impersonation_tokens
-    USING (tenant_id = current_setting('app.current_tenant_id')::bigint);
-
-```
-
-- [ ] **Step A1.3: Verify добавление**
-
-```bash
-grep -n "ENABLE ROW LEVEL SECURITY" db/schema.sql | wc -l
-grep -cE "^CREATE POLICY" db/schema.sql
-```
-
-Expected: ENABLE RLS = **40** (было 39, +1), CREATE POLICY = **38** (было 37, +1).
-
-### Task A2: Добавить index на failed_webhook_jobs.webhook_log_id
-
-**Files:**
-
-- Modify: `db/schema.sql:1521` (после `idx_failed_webhook_unresolved`)
-
-- [ ] **Step A2.1: Добавить индекс**
-
-После строки 1521 (`CREATE INDEX idx_failed_webhook_unresolved ON failed_webhook_jobs(failed_at DESC) WHERE resolved_at IS NULL;`) вставить:
-
-```sql
-CREATE INDEX idx_failed_webhook_jobs_log ON failed_webhook_jobs(webhook_log_id);  -- v8.11 (audit O-perf-02)
-```
-
-### Task A3: Добавить index на rejected_deals_log.webhook_log_id
-
-**Files:**
-
-- Modify: `db/schema.sql:1537` (после `idx_rejected_tenant_created`)
-
-- [ ] **Step A3.1: Добавить индекс**
-
-После строки 1537 (`CREATE INDEX idx_rejected_tenant_created ON rejected_deals_log(tenant_id, created_at DESC);`) вставить:
-
-```sql
-CREATE INDEX idx_rejected_deals_log_webhook ON rejected_deals_log(webhook_log_id);  -- v8.11 (audit O-perf-03)
-```
-
-### Task A4: Bump версии и метрик в шапке schema.sql
-
-**Files:**
-
-- Modify: `db/schema.sql:1-30` (шапка)
-
-- [ ] **Step A4.1: Найти шапку и обновить**
-
-```bash
-sed -n '1,30p' db/schema.sql
-```
-
-Найти строку с версией `v8.10` и метриками. Изменить:
-
-- `v8.10` → `v8.11`
-- Дату на `09.05.2026` (если уже не она)
-- Метрики: `37 RLS` → `38 RLS`, `95 индексов` → `97 индексов`
-
-### Task A5: Запись в CHANGELOG_schema.md
-
-**Files:**
-
-- Modify: `db/CHANGELOG_schema.md` (добавить новую запись в самом верху, после введения)
-
-- [ ] **Step A5.1: Найти место для вставки**
-
-```bash
-head -20 db/CHANGELOG_schema.md
-```
-
-Expected: видим intro + первую существующую запись (например, `## v8.10 от ...`).
-
-- [ ] **Step A5.2: Вставить новую запись «v8.11 от 09.05.2026» перед v8.10**
-
-Шаблон:
-
-```markdown
-## v8.11 от 09.05.2026 — hygiene-фиксы аудита
-
-**Источник:** [docs/audit_2026-05-09.md](../docs/audit_2026-05-09.md) (commit `b6ae8dd`).
-
-### Изменения
-
-1. **P0-02:** Добавлены `ALTER TABLE impersonation_tokens ENABLE ROW LEVEL SECURITY` и `CREATE POLICY tenant_isolation ON impersonation_tokens` (схема ~ строка 540).
-2. **O-perf-02:** Добавлен индекс `idx_failed_webhook_jobs_log` на `failed_webhook_jobs(webhook_log_id)` (строка 1521).
-3. **O-perf-03:** Добавлен индекс `idx_rejected_deals_log_webhook` на `rejected_deals_log(webhook_log_id)` (строка 1537).
-
-### Метрики (после v8.11)
-
-- 56 базовых таблиц + 12 партиций (без изменений, 68 CREATE TABLE)
-- **97 индексов** (было 95, +2 = idx_failed_webhook_jobs_log, idx_rejected_deals_log_webhook)
-- **38 RLS-политик** (было 37, +1 = tenant_isolation на impersonation_tokens)
-- 5 функций, 13 триггеров (без изменений)
-
-### Применение
-
-```bash
-cd app && php artisan migrate:fresh
-```
-
-Для существующего tenant'а с данными миграция через `ALTER TABLE` + `CREATE POLICY` + `CREATE INDEX CONCURRENTLY` (3 раздельных DDL без блокировок).
-
-```
-
-### Task A6: Verification схемы
-
-- [ ] **Step A6.1: squawk smoke**
-
-```bash
-npm run lint:sql
-```
-
-Expected: `Found 0 issues in 1 file 🎉`. Если не 0 — разобраться, не коммитить.
-
-- [ ] **Step A6.2: Метрики**
-
-```bash
-echo "ENABLE RLS: $(grep -cE 'ENABLE ROW LEVEL SECURITY' db/schema.sql)"
-echo "CREATE POLICY: $(grep -cE '^CREATE POLICY' db/schema.sql)"
-echo "CREATE INDEX (incl UNIQUE): $(grep -cE '^CREATE\s+(UNIQUE\s+)?INDEX' db/schema.sql)"
-```
-
-Expected: `ENABLE RLS: 40`, `CREATE POLICY: 38`, `CREATE INDEX: 97`.
-
-Note: ENABLE RLS = 40 vs POLICY = 38 — gap 2 остаётся (одна повторно выявленная косвенно — отдельная задача, не Sprint 1).
-
-### Task A7: Commit Phase A
-
-- [ ] **Step A7.1: Stage и commit**
-
-```bash
-git add db/schema.sql db/CHANGELOG_schema.md
-git commit -m "$(cat <<'EOF'
-fix(db): RLS на impersonation_tokens + 2 missing FK indices (audit P0-02 + O-perf-02/03)
-
-schema.sql v8.10 → v8.11. Закрытие аудита 2026-05-09 (b6ae8dd):
-- P0-02: ALTER TABLE impersonation_tokens ENABLE ROW LEVEL SECURITY
-  + CREATE POLICY tenant_isolation. Закрывает RLS-gap (39 vs 37 → 40 vs 38).
-- O-perf-02: CREATE INDEX idx_failed_webhook_jobs_log на webhook_log_id.
-- O-perf-03: CREATE INDEX idx_rejected_deals_log_webhook на webhook_log_id.
-
-Метрики v8.11: 56 базовых + 12 партиций / 97 индексов / 38 RLS / 5 функций / 13 триггеров.
-CHANGELOG_schema.md обновлён.
-squawk: 0 issues.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
-Expected: pre-commit hook PASS (gitleaks, markdownlint на CHANGELOG, cspell, squawk).
-
----
-
-## Phase B. Backend
-
-### Task B1: Применить middleware 'tenant' к существующим auth:sanctum-группам
-
-**Files:**
-
-- Modify: `app/routes/web.php:44`, `:52`, `:63`
-
-**Note:** alias `'tenant'` **уже зарегистрирован** в `app/bootstrap/app.php:17`. Регистрировать заново не нужно. Задача — применить middleware к группам.
-
-- [ ] **Step B1.1: Прочитать текущее состояние routes/web.php**
-
-```bash
-sed -n '44p;52p;63p' app/routes/web.php
-```
-
-Expected:
-
-```text
-Route::middleware('auth:sanctum')->prefix('/api/notifications')->group(function () {
-Route::middleware('auth:sanctum')->prefix('/api/reminders')->group(function () {
-Route::middleware('auth:sanctum')->prefix('/api/reports/jobs')->group(function () {
-```
-
-- [ ] **Step B1.2: Заменить middleware('auth:sanctum') на middleware(['auth:sanctum', 'tenant'])**
-
-Через Edit tool, для каждой из 3 строк (44, 52, 63):
-
-```text
-Route::middleware('auth:sanctum')->prefix(...)
-```
-
-→
-
-```text
-Route::middleware(['auth:sanctum', 'tenant'])->prefix(...)
-```
-
-**НЕ трогаем** `/api/deals` (P1-10) и `/api/admin` (P1-11) — они в реестр, не правки в Sprint 1.
-
-- [ ] **Step B1.3: Verify изменений**
-
-```bash
-grep -n "middleware(\['auth:sanctum', 'tenant'\])" app/routes/web.php | wc -l
-```
-
-Expected: `3`.
-
-### Task B2: Создать HasPasswordRules trait
-
-**Files:**
-
-- Create: `app/app/Http/Requests/Auth/Concerns/HasPasswordRules.php`
-
-- [ ] **Step B2.1: Создать каталог Concerns**
-
-```bash
-mkdir -p app/app/Http/Requests/Auth/Concerns
-```
-
-- [ ] **Step B2.2: Записать trait**
-
-`app/app/Http/Requests/Auth/Concerns/HasPasswordRules.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Http\Requests\Auth\Concerns;
-
-trait HasPasswordRules
-{
-    /**
-     * Правила валидации поля password.
-     * Используется в LoginRequest и RegisterRequest для DRY.
-     *
-     * @return array<int, string>
-     */
-    protected function passwordRules(): array
-    {
-        return ['required', 'string', 'min:8', 'max:255'];
-    }
-
-    /**
-     * Сообщения об ошибках для password.
-     *
-     * @return array<string, string>
-     */
-    protected function passwordMessages(): array
-    {
-        return [
-            'password.required' => 'Укажите пароль.',
-            'password.min' => 'Пароль должен быть не короче 8 символов.',
-        ];
-    }
-}
-```
-
-### Task B3: Подключить trait в LoginRequest
-
-**Files:**
-
-- Modify: `app/app/Http/Requests/Auth/LoginRequest.php`
-
-- [ ] **Step B3.1: Добавить use trait + заменить rules['password'] и сообщения**
-
-Через Edit tool заменить тело класса. Старое:
-
-```php
-class LoginRequest extends FormRequest
-{
-    /** @return array<string, mixed> */
-    public function rules(): array
-    {
-        return [
-            'email' => ['required', 'string', 'email', 'max:255'],
-            'password' => ['required', 'string', 'min:8', 'max:255'],
-            'remember' => ['sometimes', 'boolean'],
-        ];
-    }
-
-    /** @return array<string, string> */
-    public function messages(): array
-    {
-        return [
-            'email.required' => 'Укажите email.',
-            'email.email' => 'Email указан некорректно.',
-            'password.required' => 'Укажите пароль.',
-            'password.min' => 'Пароль должен быть не короче 8 символов.',
-        ];
-    }
-}
-```
-
-Новое:
-
-```php
-class LoginRequest extends FormRequest
-{
-    use \App\Http\Requests\Auth\Concerns\HasPasswordRules;
-
-    /** @return array<string, mixed> */
-    public function rules(): array
-    {
-        return [
-            'email' => ['required', 'string', 'email', 'max:255'],
-            'password' => $this->passwordRules(),
-            'remember' => ['sometimes', 'boolean'],
-        ];
-    }
-
-    /** @return array<string, string> */
-    public function messages(): array
-    {
-        return array_merge($this->passwordMessages(), [
-            'email.required' => 'Укажите email.',
-            'email.email' => 'Email указан некорректно.',
-        ]);
-    }
-}
-```
-
-### Task B4: Подключить trait в RegisterRequest
-
-**Files:**
-
-- Modify: `app/app/Http/Requests/Auth/RegisterRequest.php`
-
-- [ ] **Step B4.1: Аналогично LoginRequest**
-
-Старое:
-
-```php
-class RegisterRequest extends FormRequest
-{
-    /** @return array<string, mixed> */
-    public function rules(): array
-    {
-        return [
-            'email' => ['required', 'string', 'email', 'max:255', Rule::unique('users', 'email')],
-            'password' => ['required', 'string', 'min:8', 'max:255'],
-            'accept_offer' => ['required', 'accepted'],
-            'accept_pdn' => ['required', 'accepted'],
-        ];
-    }
-
-    /** @return array<string, string> */
-    public function messages(): array
-    {
-        return [
-            'email.required' => 'Укажите email.',
-            'email.email' => 'Email указан некорректно.',
-            'email.unique' => 'Аккаунт с таким email уже существует.',
-            'password.min' => 'Пароль должен быть не короче 8 символов.',
-            'accept_offer.accepted' => 'Необходимо принять оферту.',
-            'accept_pdn.accepted' => 'Необходимо согласие на обработку персональных данных.',
-        ];
-    }
-```
-
-Новое:
-
-```php
-class RegisterRequest extends FormRequest
-{
-    use \App\Http\Requests\Auth\Concerns\HasPasswordRules;
-
-    /** @return array<string, mixed> */
-    public function rules(): array
-    {
-        return [
-            'email' => ['required', 'string', 'email', 'max:255', Rule::unique('users', 'email')],
-            'password' => $this->passwordRules(),
-            'accept_offer' => ['required', 'accepted'],
-            'accept_pdn' => ['required', 'accepted'],
-        ];
-    }
-
-    /** @return array<string, string> */
-    public function messages(): array
-    {
-        return array_merge($this->passwordMessages(), [
-            'email.required' => 'Укажите email.',
-            'email.email' => 'Email указан некорректно.',
-            'email.unique' => 'Аккаунт с таким email уже существует.',
-            'accept_offer.accepted' => 'Необходимо принять оферту.',
-            'accept_pdn.accepted' => 'Необходимо согласие на обработку персональных данных.',
-        ]);
-    }
-```
-
-### Task B5: Фикс test password ≥8
-
-**Files:**
-
-- Modify: `app/tests/Feature/AdminIncidentsIndexTest.php`
-
-- [ ] **Step B5.1: Найти и заменить bcrypt('test')**
-
-```bash
-grep -n "bcrypt('test')" app/tests/Feature/AdminIncidentsIndexTest.php
-```
-
-Через Edit заменить `bcrypt('test')` → `bcrypt('test1234')`.
-
-### Task B6: Verification Phase B
-
-- [ ] **Step B6.1: Pest полный прогон**
-
-```bash
-cd app && composer test
-```
-
-Expected: `Tests: 416 passed (1388 assertions)` или больше. **Если меньше тестов проходит — STOP**, разобраться (вероятная причина: `tenant`-middleware блокирует тесты на /api/notifications/reminders/reports без `SET LOCAL app.current_tenant_id`).
-
-**Расширенная проверка:** если тесты падают из-за middleware — добавить в test setup (например, в `tests/TestCase.php`) фикстуру `DB::statement("SET LOCAL app.current_tenant_id = " . $this->tenant->id);` для аутентифицированных тестов.
-
-- [ ] **Step B6.2: Larastan**
-
-```bash
-cd app && composer stan
-```
-
-Expected: `0 errors`.
-
-- [ ] **Step B6.3: Pint format check**
-
-```bash
-cd app && composer pint:test
-```
-
-Expected: PASSED. Если что-то не отформатировано — `composer pint` для авто-fix.
-
-### Task B7: Commit Phase B
-
-- [ ] **Step B7.1: Stage и commit**
-
-```bash
-git add app/routes/web.php \
-        app/app/Http/Requests/Auth/Concerns/HasPasswordRules.php \
-        app/app/Http/Requests/Auth/LoginRequest.php \
-        app/app/Http/Requests/Auth/RegisterRequest.php \
-        app/tests/Feature/AdminIncidentsIndexTest.php
-git commit -m "$(cat <<'EOF'
-fix(backend): tenant middleware на auth-routes + HasPasswordRules trait + test password (audit P0-01 + O-refactor-03 + P2-01)
-
-Закрытие аудита 2026-05-09 (b6ae8dd):
-- P0-01: применён 'tenant' middleware (alias уже в bootstrap/app.php:17) к 3 auth:sanctum-группам:
-  /api/notifications, /api/reminders, /api/reports/jobs (web.php:44/52/63).
-  /api/deals и /api/admin/* остаются без auth (P1-10/Б-1) — в реестр Спринта 1 Phase F.
-- O-refactor-03: HasPasswordRules trait извлекает rules + messages, подключён в Login/Register.
-- P2-01: bcrypt('test') → bcrypt('test1234') в AdminIncidentsIndexTest.
-
-Pest: 416/416 PASS.
-Larastan: 0 errors.
-Pint: clean.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Phase C. Configs
-
-### Task C1: format:sql:check Windows fix
-
-**Files:**
-
-- Modify: `package.json:13`
-- Modify: `.gitignore`
-
-- [ ] **Step C1.1: Заменить Unix `/tmp/` путь**
-
-В `package.json` строка `"format:sql:check"`:
-
-Старое:
-
-```json
-"format:sql:check": "perl -I bin/pgFormatter/lib bin/pgFormatter/pg_format db/schema.sql > /tmp/schema-formatted.sql && diff -q db/schema.sql /tmp/schema-formatted.sql || echo \"pgFormatter would reformat — run npm run format:sql to apply\""
-```
-
-Новое:
-
-```json
-"format:sql:check": "perl -I bin/pgFormatter/lib bin/pgFormatter/pg_format db/schema.sql > db/.schema-formatted.tmp.sql && diff -q db/schema.sql db/.schema-formatted.tmp.sql || echo \"pgFormatter would reformat — run npm run format:sql to apply\""
-```
-
-- [ ] **Step C1.2: Добавить tmp-файл в .gitignore**
-
-В `.gitignore` добавить (если ещё нет):
-
-```text
-db/.schema-formatted.tmp.sql
-```
-
-- [ ] **Step C1.3: Verify работа на этой Windows-машине**
-
-```bash
-npm run format:sql:check
-```
-
-Expected: больше нет `The system cannot find the path specified`. Вместо этого либо успех, либо «pgFormatter would reformat» с реальной diff'ой.
-
-### Task C2: .lychee.toml exclude web/v8
-
-**Files:**
-
-- Modify: `.lychee.toml` (раздел `exclude`)
-
-- [ ] **Step C2.1: Прочитать текущий exclude**
-
-```bash
-grep -A 30 "^exclude = \[" .lychee.toml | head -35
-```
-
-- [ ] **Step C2.2: Добавить regex для root-relative ссылок web/v8**
-
-В блок `exclude` добавить (перед закрывающей `]`):
-
-```toml
-  # web/v8/*.html — статические концепты, root-relative ссылки на будущие маршруты Vue
-  "^/(login|register|legal|dashboard|deals|admin|reports|reminders|billing|impersonation|notifications)(/|$|\\?)",
-```
-
-- [ ] **Step C2.3: Verify уменьшения числа errors**
-
-```bash
-npm run links 2>&1 | grep "Errors"
-```
-
-Expected: число errors **меньше 19** (близко к 0; могут остаться внешние URL, не связанные с web/v8).
-
-### Task C3: pa11y.config.json правильные пути
-
-**Files:**
-
-- Modify: `pa11y.config.json`
-
-- [ ] **Step C3.1: Прочитать текущие urls**
-
-```bash
-cat pa11y.config.json
-```
-
-- [ ] **Step C3.2: Проверить какие концепты реально существуют**
-
-```bash
-ls liderra_v8_handoff/concepts/v8_*.html 2>/dev/null | head -5
-```
-
-- [ ] **Step C3.3: Обновить urls**
-
-В `pa11y.config.json` заменить пути типа `web/01-login.html` на актуальные `liderra_v8_handoff/concepts/v8_login.html` (имя файла подкорректировать под фактическую structure из шага C3.2). Если есть ровно 13 концептов — всех 13 включить. Если в config'е сейчас только 3 url'а (sample) — оставить 3 sample, но из реальных путей.
-
-### Task C4: composer.json audit-offline скрипт
-
-**Files:**
-
-- Modify: `app/composer.json` (раздел `scripts`)
-
-- [ ] **Step C4.1: Добавить скрипт**
-
-В `app/composer.json` `scripts`-объект (после существующего `stan` или рядом):
-
-```json
-"audit-offline": "@composer audit --locked",
-```
-
-Note: флага `--no-network` нет в современных Composer 2.x; `--locked` использует только локальный composer.lock без обращения к packagist API.
-
-- [ ] **Step C4.2: Verify**
-
-```bash
-cd app && composer audit-offline
-```
-
-Expected: вывод без curl-таймаутов; либо «No security vulnerability advisories found», либо реальный список уязвимостей.
-
-### Task C5: ESLint no-restricted-imports vuetify rule
-
-**Files:**
-
-- Modify: `app/eslint.config.js`
-
-- [ ] **Step C5.1: Прочитать текущий конфиг**
-
-```bash
-cat app/eslint.config.js
-```
-
-- [ ] **Step C5.2: Расширить блок `rules`**
-
-Найти в `eslint.config.js` секцию:
-
-```js
-{
-    rules: {
-        'vue/multi-word-component-names': 'off', // допускаем AppShell.vue
-    },
-},
-```
-
-Заменить на:
-
-```js
-{
-    rules: {
-        'vue/multi-word-component-names': 'off', // допускаем AppShell.vue
-        'no-restricted-imports': ['error', {
-            paths: [{
-                name: 'vuetify/components',
-                message: 'Используй auto-import через vite-plugin-vuetify (vite.config.ts). Явные импорты дублируют auto-injected.',
-            }],
-        }],
-    },
-},
-```
-
-- [ ] **Step C5.3: Verify rule срабатывает**
-
-```bash
-cd app && npm run lint:vue
-```
-
-Expected: 0 errors (никаких явных импортов из vuetify/components в актуальном коде нет — D5-агент в аудите подтвердил).
-
-### Task C6: GitHub Actions weekly dependency-check workflow
-
-**Files:**
-
-- Create: `.github/workflows/dependency-check.yml`
-
-- [ ] **Step C6.1: Создать каталог если нет**
-
-```bash
-mkdir -p .github/workflows
-ls .github/workflows/
-```
-
-- [ ] **Step C6.2: Записать workflow**
-
-`.github/workflows/dependency-check.yml`:
-
-```yaml
-name: Dependency Check
-
-on:
-  schedule:
-    - cron: '0 9 * * 1'  # каждый понедельник 09:00 UTC
-  workflow_dispatch:
-
-permissions:
-  contents: read
-  issues: write
-
-jobs:
-  npm-outdated:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-
-      - uses: actions/setup-node@v4
-        with:
-          node-version: '20'
-          cache: 'npm'
-
-      - name: Install root deps
-        run: npm install --ignore-scripts
-
-      - name: Check outdated (root)
-        id: root_outdated
-        run: |
-          npm outdated --json > root-outdated.json || true
-          if [ "$(cat root-outdated.json)" != "{}" ]; then
-            echo "has_updates=true" >> "$GITHUB_OUTPUT"
-          fi
-
-      - name: Install app deps
-        working-directory: app
-        run: npm install --ignore-scripts
-
-      - name: Check outdated (app)
-        id: app_outdated
-        working-directory: app
-        run: |
-          npm outdated --json > app-outdated.json || true
-          if [ "$(cat app-outdated.json)" != "{}" ]; then
-            echo "has_updates=true" >> "$GITHUB_OUTPUT"
-          fi
-
-      - name: Open issue if outdated
-        if: steps.root_outdated.outputs.has_updates == 'true' || steps.app_outdated.outputs.has_updates == 'true'
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          {
-            echo "## Weekly outdated dependencies — $(date -u +"%Y-%m-%d")"
-            echo
-            echo "### Root (package.json)"
-            echo '```json'
-            cat root-outdated.json
-            echo '```'
-            echo
-            echo "### App (app/package.json)"
-            echo '```json'
-            cat app/app-outdated.json
-            echo '```'
-          } > issue-body.md
-          gh issue create --title "Weekly outdated check $(date -u +"%Y-%m-%d")" --body-file issue-body.md --label dependencies
-```
-
-### Task C7: Verification Phase C
-
-- [ ] **Step C7.1: Полный docs check**
-
-```bash
-npm run check:docs
-```
-
-Expected: markdownlint 0 errors, cspell 0 issues, lychee 0 errors (web/v8 теперь исключены), pa11y — может быть 0/N если сервер dev не запущен; не блокирует.
-
-- [ ] **Step C7.2: ESLint smoke**
-
-```bash
-cd app && npm run lint:vue
-```
-
-Expected: 0 errors.
-
-- [ ] **Step C7.3: format:sql:check на Windows**
-
-```bash
-npm run format:sql:check
-```
-
-Expected: либо «pgFormatter would reformat» с реальным diff'ом, либо успех. **НЕ должно быть** «The system cannot find the path specified».
-
-### Task C8: Commit Phase C
-
-- [ ] **Step C8.1: Stage и commit**
-
-```bash
-git add package.json .gitignore .lychee.toml pa11y.config.json \
-        app/composer.json app/eslint.config.js \
-        .github/workflows/dependency-check.yml
-git commit -m "$(cat <<'EOF'
-fix(configs): Windows-fix format:sql:check + lychee/pa11y/composer/ESLint hygiene + npm-outdated CI (audit P0-03 + 5 P1/O)
-
-Закрытие аудита 2026-05-09 (b6ae8dd):
-- P0-03: format:sql:check заменён /tmp/ на db/.schema-formatted.tmp.sql (Windows-совместимо).
-- P1-02: .lychee.toml exclude root-relative для web/v8/*.html (19 false-positive errors → 0).
-- P1-12: pa11y.config.json пути обновлены на liderra_v8_handoff/concepts/v8_*.html.
-- P1-07: composer audit-offline скрипт (composer audit --locked) для офлайн-режима.
-- O-refactor-05: ESLint no-restricted-imports запрещает явный import из 'vuetify/components'.
-- O-stack-08: .github/workflows/dependency-check.yml — еженедельный (Mon 09:00 UTC) npm outdated с авто-issue.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Phase D. Docs (narrative)
-
-**ВАЖНО:** все правки `CLAUDE.md`, `Pravila`, `Tooling` — обязательно через `claude-md-management:claude-md-improver` skill (CLAUDE.md §5 п.10). README.md и cspell-words.txt — обычные правки.
-
-### Task D1: README.md versions sync
-
-**Files:**
-
-- Modify: `README.md` (раздел «Источник истины» / «Документы», ~строки 83-90)
-
-- [ ] **Step D1.1: Прочитать существующий блок**
-
-```bash
-sed -n '75,100p' README.md
-```
-
-- [ ] **Step D1.2: Обновить через Edit tool**
-
-Найти упоминания и заменить:
-
-- `Tooling v1.0` → `Tooling Прил. Н v1.10`
-- `Pravila v1.2` → `Pravila v1.6`
-- `schema v8.5` → `schema v8.11`
-- `54 таблиц / 91 индекс / 34 RLS` → `56 таблиц / 12 партиций / 97 индексов / 38 RLS / 5 функций / 13 триггеров`
-
-Точные имена / форматировка зависят от текущего состояния README.md (которое прочитано на шаге D1.1).
-
-- [ ] **Step D1.3: Verify**
-
-```bash
-grep -E "v1\.10|v1\.6|v8\.11|56 таблиц|97 индекс|38 RLS" README.md | head -5
-```
-
-Expected: ≥3 строки matched.
-
-### Task D2: Invoke claude-md-management:claude-md-improver для CLAUDE.md/Pravila/Tooling
-
-**Files (правки):**
-
-- Modify: `CLAUDE.md`
-- Modify: `docs/Pravila_raboty_Claude_v1_1.md`
-- Modify: `docs/Tooling_v8_3.md`
-
-- [ ] **Step D2.1: Активировать skill `claude-md-management:claude-md-improver`**
-
-Вызов skill через Skill tool. На входе skill'у — следующие задачи (передать в args одним блоком):
-
-```text
-Targeted updates по итогам аудита 2026-05-09 (commit b6ae8dd, см. docs/audit_2026-05-09.md):
-
-1. CLAUDE.md (P1-03): обновить метрику Histoire в §0 строке про «Открытые вопросы» и в §3.3 #24:
-   - было: «21 story / 28 variants»
-   - стало: «21 story / 43 variants»
-
-2. CLAUDE.md (P2-03): в шапке версии 1.81, рядом с упоминанием «6 трений второго порядка F–K», добавить ссылку на детали:
-   - было: «6 трений второго порядка F–K»
-   - стало: «6 трений второго порядка F–K (детали в [Plugin_stack_rules_v1.md История версий](docs/Plugin_stack_rules_v1.md#история-версий))»
-
-3. CLAUDE.md (post P0-02): обновить §2 строку про метрики PG schema:
-   - было: «56 таблиц + 12 партиций, 95 индексов, 37 RLS-политик, 4 роли БД, 13 триггеров, 5 функций — schema v8.10»
-   - стало: «56 таблиц + 12 партиций, 97 индексов, 38 RLS-политик, 4 роли БД, 13 триггеров, 5 функций — schema v8.11»
-   Также обновить §0 ссылку на db/schema.sql: v8.10 → v8.11.
-
-4. Pravila §13.9 (P1-06): добавить версию (v1.3) в ссылку на Plugin_stack_rules_v1:
-   - было: «Нарушение Правила 10 [Plugin_stack_rules_v1.md](Plugin_stack_rules_v1.md) (введено в PSR v1.2)»
-   - стало: «Нарушение Правила 10 [Plugin_stack_rules_v1.md](Plugin_stack_rules_v1.md) (v1.3)»
-   Точная локация — найти grep'ом по «Plugin_stack_rules_v1.md» в Pravila_raboty_Claude_v1_1.md.
-
-5. Tooling §4.2 п.22 (P1-08): дополнить пакет stylelint-config-standard версией:
-   - было (Прил. Н §4.2 п.22): «Stylelint v17.x» (приблизительно)
-   - стало: добавить отдельную строку про `stylelint-config-standard ^40.0.0`
-   Точная локация — Прил. Н, раздел про CSS/Stylelint.
-
-Все 5 правок — targeted updates, без структурных изменений. После правок — bump CLAUDE.md версии 1.81 → 1.82, Pravila v1.6 → v1.7, Tooling Прил. Н v1.10 → v1.11. История версий в каждом файле — обновить.
-
-Не делать ничего за пределами этих 5 пунктов. Не добавлять новых section'ов. Не менять формат.
-```
-
-- [ ] **Step D2.2: Дождаться завершения skill'а и verify правок**
-
-```bash
-git status --short
-```
-
-Expected: 3 modified files (CLAUDE.md, Pravila, Tooling). Если skill также правит другие — STOP, разобраться.
-
-- [ ] **Step D2.3: Spot-check отдельные правки**
-
-```bash
-grep -n "21 story / 43 variants" CLAUDE.md
-grep -n "v1\.3" docs/Pravila_raboty_Claude_v1_1.md | head -5
-grep -n "stylelint-config-standard" docs/Tooling_v8_3.md
-grep -n "v8.11" CLAUDE.md
-grep -n "97 индекс" CLAUDE.md
-grep -n "38 RLS" CLAUDE.md
-```
-
-Expected: каждая команда даёт ≥1 результат.
-
-### Task D3: cspell-words.txt verify
-
-**Files:**
-
-- Verify only: `cspell-words.txt`
-
-- [ ] **Step D3.1: Проверить, что `ребрендинга` уже в словаре**
-
-```bash
-grep "^ребрендинга$" cspell-words.txt
-```
-
-Expected: 1 строка matched. Если нет — добавить:
-
-```bash
-echo "ребрендинга" >> cspell-words.txt
-```
-
-(P2-02 был добавлен во время self-review аудита 09.05.2026, должен быть в commit `b6ae8dd`.)
-
-### Task D4: Verification Phase D
-
-- [ ] **Step D4.1: Полный docs check**
-
-```bash
-npm run check:docs
-```
-
-Expected: markdownlint 0, cspell 0, lychee 0 (после Phase C exclude применён), pa11y — informative.
-
-### Task D5: Commit Phase D
-
-- [ ] **Step D5.1: Stage и commit**
-
-```bash
-git add README.md CLAUDE.md docs/Pravila_raboty_Claude_v1_1.md docs/Tooling_v8_3.md cspell-words.txt
-git commit -m "$(cat <<'EOF'
-docs(narrative): sync versions + Histoire 21/43 + cross-refs (audit P1-01/03/06/08 + P2-02/03)
-
-Закрытие аудита 2026-05-09 (b6ae8dd) для narrative-блока:
-- P1-01: README.md обновлён (Tooling v1.10, Pravila v1.6, schema v8.11 / 56 / 97 / 38).
-- P1-03: CLAUDE.md Histoire 21/28 → 21/43 (§0 + §3.3).
-- P1-06: Pravila §13.9 cross-ref на Plugin_stack_rules_v1 теперь с (v1.3).
-- P1-08: Tooling Прил. Н дополнен stylelint-config-standard ^40.0.0.
-- P2-02: cspell-words.txt уже содержит «ребрендинга» (verified, добавлено в self-review аудита).
-- P2-03: CLAUDE.md F-K линка на Plugin_stack_rules_v1#история-версий.
-- post-A: метрики schema в CLAUDE.md обновлены до v8.11 (97 индексов, 38 RLS).
-
-Все правки CLAUDE.md/Pravila/Tooling — через claude-md-management:claude-md-improver
-(CLAUDE.md §5 п.10). README.md — обычная правка.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Phase E. Docs (handoff)
-
-**Pre-check:** проверить, что `liderra_v8_handoff/` входит в наш git (а не submodule/external).
-
-```bash
-git ls-files liderra_v8_handoff/docs/BRANDBOOK_v2.md
-```
-
-Если результат пустой (файл не tracked в текущем repo) — Phase E **пропустить целиком**, отметить в финальном отчёте «требует push в handoff-репо отдельно». Если файл tracked — продолжать.
-
-### Task E1: BRANDBOOK_v2 — таблица 14 status-slug mapping (P1-05)
-
-**Files:**
-
-- Modify: `liderra_v8_handoff/docs/BRANDBOOK_v2.md` (после §3.6 — 14 OKLCH-статусов)
-
-- [ ] **Step E1.1: Извлечь slug'и из schema.sql**
-
-```bash
-sed -n '2170,2200p' db/schema.sql
-```
-
-Expected: видим `INSERT INTO lead_statuses ... ('new', ...), ('viewed', ...), ...` с 14 строками.
-
-- [ ] **Step E1.2: Извлечь имена/цвета из BRANDBOOK_v2**
-
-```bash
-sed -n '160,200p' liderra_v8_handoff/docs/BRANDBOOK_v2.md
-```
-
-- [ ] **Step E1.3: Сопоставить slug → русское имя → OKLCH (по hue-порядку или по логическому)**
-
-Стандартное mapping (вероятное):
-
-| slug | русское имя (BRANDBOOK) | OKLCH-cell |
-|---|---|---|
-| `new` | Новая | (из BRANDBOOK) |
-| `viewed` | Просмотрена | (из BRANDBOOK) |
-| `worked` | В работе | (из BRANDBOOK) |
-| `base` | База | (из BRANDBOOK) |
-| `missed` | Не дозвонились | (из BRANDBOOK) |
-| `negotiations` | Переговоры | (из BRANDBOOK) |
-| `waiting_payment` | Ждёт оплату | (из BRANDBOOK) |
-| `partnership` | Партнёрство | (из BRANDBOOK) |
-| `paid` | Оплачено | (из BRANDBOOK) |
-| `closed` | Закрыта | (из BRANDBOOK) |
-| `test_drive` | Тест-драйв | (из BRANDBOOK) |
-| `hot` | Горячая | (из BRANDBOOK) |
-| `replacement` | Замена | (из BRANDBOOK) |
-| `final_missed` | Финальный недозвон | (из BRANDBOOK) |
-
-- [ ] **Step E1.4: Записать таблицу в BRANDBOOK_v2.md**
-
-После §3.6 (14 OKLCH-статусов) добавить раздел:
-
-```markdown
-### 3.6.1. Mapping slug → имя → OKLCH (v2.1, audit P1-05)
-
-Связывает 14 schema-slug'ов из `db/schema.sql:2170-2200` (INSERT lead_statuses) с 14 OKLCH-цветами из §3.6. Источник истины по slug'ам — schema.sql; по именам и цветам — этот brandbook. При расхождении приоритет — schema (см. CLAUDE.md §1).
-
-| slug (schema) | Имя статуса (RU) | OKLCH-cell |
-|---|---|---|
-| `new` | Новая | (cell #1 §3.6) |
-| `viewed` | Просмотрена | (cell #2) |
-| ... | ... | ... |
-| `final_missed` | Финальный недозвон | (cell #14) |
-
-Если в новой версии schema добавляется/удаляется slug — обновить эту таблицу одновременно (CLAUDE.md §5 п.8: правки db/schema.sql ⇒ запись в db/CHANGELOG_schema.md ⇒ синхр. handoff).
-```
-
-Конкретные cell-номера — заполнить после Step E1.3 (по фактическому порядку в BRANDBOOK_v2 §3.6).
-
-### Task E2: DEVELOPER_HANDOFF — axe-claim documentation + font-display
-
-**Files:**
-
-- Modify: `liderra_v8_handoff/docs/DEVELOPER_HANDOFF.md` (строки 250 и 430+518)
-
-- [ ] **Step E2.1: P1-04 — axe-claim documentation**
-
-В `DEVELOPER_HANDOFF.md` найти строки с заявлением «0 violations» (~430, 518). Через Edit tool заменить (приблизительно):
-
-Старое:
-
-```text
-Все прошли axe-core 4.10.2 = 0 violations на 1680/1440/768/375 (где применимо).
-```
-
-Новое:
-
-```text
-Все прошли axe-core 4.10.2 = 0 violations на 1680/1440/768/375 (где применимо). Дата прогона: <ДАТА из архива handoff'а или "требует подтверждения после фикса pa11y.config (см. audit P1-12, повторный прогон через `npm run a11y` на путях liderra_v8_handoff/concepts/v8_*.html)">. Отчёт axe в архиве — <путь к отчёту>, или "не сохранён, перепрогнать после P1-12 fix".
-```
-
-Если конкретный отчёт не найден в архиве — оставить пометку «требует подтверждения». Не удалять заявление (handoff = историческая фиксация).
-
-- [ ] **Step E2.2: O-stack-09 — font-display strategy**
-
-В `DEVELOPER_HANDOFF.md` найти блок §4 Типографика (строки ~250-260). После существующего описания шрифтов (Inter/JetBrains Mono) добавить раздел:
-
-```markdown
-### 4.X. Стратегия загрузки шрифтов (O-stack-09)
-
-Используется `<link rel="stylesheet">` с Google Fonts API v1 + параметр `&display=swap`.
-
-- **`&display=swap`:** браузер сразу рендерит fallback-шрифт (system-ui), переключается на загруженный Inter/JetBrains Mono когда тот доступен. Стратегия FOUT (Flash of Unstyled Text), но без невидимого текста — лучше для UX, чем `&display=block`.
-- **WOFF2 формат:** Google Fonts отдаёт WOFF2 по умолчанию для современных браузеров (Chrome 36+, Firefox 39+, Safari 12+). Сжатие лучше WOFF на 20-30%.
-- **Preconnect:** для ускорения первого byte рекомендуется добавить:
-
-  ```html
-  <link rel="preconnect" href="https://fonts.googleapis.com">
-  <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
-  ```
-
-  Это сокращает TTFB на медленных сетях (~50-200 мс).
-
-- **Совместимость:** для целевой аудитории Chrome 100+, Safari 15+, Firefox 95+ дополнительный fallback не нужен. Для расширенной аудитории — добавить @font-face с WOFF (legacy).
-
-```
-
-### Task E3: Verification Phase E
-
-- [ ] **Step E3.1: Docs check**
-
-```bash
-npm run check:docs
-```
-
-Expected: markdownlint/cspell/lychee 0 errors на handoff'е (handoff включён в `npm run lint:md` через glob).
-
-### Task E4: Commit Phase E
-
-- [ ] **Step E4.1: Stage и commit**
-
-```bash
-git add liderra_v8_handoff/docs/BRANDBOOK_v2.md liderra_v8_handoff/docs/DEVELOPER_HANDOFF.md
-git commit -m "$(cat <<'EOF'
-docs(handoff): status-slug mapping table + axe-claim documentation + font-display strategy (audit P1-04/05 + O-stack-09)
-
-Закрытие аудита 2026-05-09 (b6ae8dd) для handoff-блока:
-- P1-05: BRANDBOOK_v2 §3.6.1 — таблица mapping 14 schema-slug ↔ имя статуса ↔ OKLCH-cell.
-- P1-04: DEVELOPER_HANDOFF axe-claim связан с воспроизводимым evidence или пометкой
-  "требует подтверждения после pa11y.config fix (P1-12)".
-- O-stack-09: DEVELOPER_HANDOFF §4 — Font loading strategy (&display=swap + WOFF2 + preconnect).
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Phase F. Registry
-
-### Task F1: Открытые_вопросы — добавить P1-10, P1-11 link, P1-09
-
-**Files:**
-
-- Modify: `docs/Открытые_вопросы_v8_3.md`
-
-- [ ] **Step F1.1: Прочитать структуру файла**
-
-```bash
-head -50 docs/Открытые_вопросы_v8_3.md
-grep -nE "^### (Биз|CTO|Ю|Диз|DO|OPEN)-" docs/Открытые_вопросы_v8_3.md | head -20
-```
-
-- [ ] **Step F1.2: Найти максимальный CTO-номер для нового пункта**
-
-```bash
-grep -oE "CTO-[0-9]+" docs/Открытые_вопросы_v8_3.md | sort -t- -k2 -n | tail -3
-```
-
-Expected: например `CTO-17`, `CTO-18`. Новый = следующее число.
-
-- [ ] **Step F1.3: Найти максимальный OPEN-номер**
-
-```bash
-grep -oE "OPEN-[0-9]+" docs/Открытые_вопросы_v8_3.md | sort -t- -k2 -n | tail -3
-```
-
-- [ ] **Step F1.4: Добавить новые записи**
-
-Найти раздел открытых CTO-вопросов и добавить:
-
-```markdown
-### CTO-XX (новый, открыт 09.05.2026 по аудиту P1-10) — auth+tenant middleware на /api/deals на pre-prod миграции
-
-**Контекст:** на MVP `/api/deals` использует `tenant_id` query-param для tenant-resolution (см. `app/routes/web.php:103-110`). На prod-миграции это **обязательно** перейти на `auth:sanctum + tenant` middleware с резолюцией через subdomain или header `X-Tenant-Id`.
-
-**Trigger закрытия:** prod-миграция (после Б-1, регистрации ООО). До этого момента MVP-flow с query-param остаётся.
-
-**Связанные находки:** [docs/audit_2026-05-09.md](audit_2026-05-09.md) P1-10.
-
-**Состояние:** открыто.
-```
-
-В разделе **Б-1** (admin SSO) добавить (или дополнить существующий блок):
-
-```markdown
-> **Связанная находка аудита (P1-11):** `/api/admin/*` маршруты в `app/routes/web.php:74-99` без auth — тот же блокер. Закрывается одновременно с Б-1 (SSO Yandex 360).
-```
-
-Найти раздел OPEN-вопросов и добавить:
-
-```markdown
-### OPEN-XX (новый, открыт 09.05.2026 по аудиту P1-09) — Histoire ↔ Vite 8 миграционный долг
-
-**Контекст:** Histoire 1.0-beta.1 заявляет peerDep `vite ^7`, у нас Vite 8. Установлен через `npm install --legacy-peer-deps` в `app/`. Smoke-test (`histoire build`) пройден; Vuetify auto-import регистрируется через `setupFile`.
-
-**Trigger закрытия:** релиз Histoire с peerDep `vite ^8` (отслеживать [github.com/histoire-dev/histoire/releases](https://github.com/histoire-dev/histoire/releases)).
-
-**Связанные находки:** [docs/audit_2026-05-09.md](audit_2026-05-09.md) P1-09.
-
-**Состояние:** открыто, не блокирующее.
-```
-
-Заменить `XX` на актуальные номера из Step F1.2/F1.3.
-
-### Task F2: Verification Phase F
-
-- [ ] **Step F2.1: lychee + markdownlint**
-
-```bash
-npm run lint:md docs/Открытые_вопросы_v8_3.md
-npm run links 2>&1 | grep -E "Errors|OK"
-```
-
-Expected: 0 errors.
-
-- [ ] **Step F2.2: cspell**
-
-```bash
-npx cspell docs/Открытые_вопросы_v8_3.md
-```
-
-Expected: 0 issues.
-
-### Task F3: Commit Phase F
-
-- [ ] **Step F3.1: Stage и commit**
-
-```bash
-git add docs/Открытые_вопросы_v8_3.md
-git commit -m "$(cat <<'EOF'
-docs(registry): новые открытые вопросы по аудиту P1-10/11/09
-
-Закрытие аудита 2026-05-09 (b6ae8dd) для registry-блока:
-- P1-10: новый CTO-вопрос — auth+tenant middleware на /api/deals на pre-prod.
-  Trigger: prod-миграция (после Б-1).
-- P1-11: cross-link к Б-1 — /api/admin/* без auth = часть SSO-блока.
-- P1-09: новый OPEN-вопрос — Histoire 1.0-beta.1 ↔ Vite 8 совместимость.
-  Trigger: релиз Histoire с peerDep vite ^8.
-
-Все 3 пункта аудита P1, не правки в коде. После закрытия Sprint 1
-эти пункты остаются открытыми в реестре.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## DoD (соответствие spec §5)
-
-После выполнения всех 6 фаз:
-
-- [ ] Все 22 правки + 3 записи реестра применены, в 6 коммитах с осмысленными scope-сообщениями.
-- [ ] `cd app && composer test` — Pest 416/416 PASS.
-- [ ] `cd app && composer stan` — 0 errors above baseline.
-- [ ] `cd app && npm run type-check` — 0 type errors.
-- [ ] `cd app && npm run test:vue` — Vitest 393/393 PASS.
-- [ ] `npm run check:docs` — 0 errors.
-- [ ] Pre-commit hooks PASS на каждом из 6 коммитов.
-- [ ] schema.sql v8.11 / 38 RLS / 97 индексов — подтверждено grep'ом.
-- [ ] `git log --oneline -6` — видно 6 коммитов Sprint 1 после `b6ae8dd`.
-- [ ] `docs/Открытые_вопросы_v8_3.md` содержит 3 новые/обновлённые записи (CTO-XX + Б-1 link + OPEN-XX).
-- [ ] CLAUDE.md обновлён до v1.82, Pravila — до v1.7, Tooling — до v1.11.
-
-**Не входит в DoD:**
-
-- Реализация O-* за пределами 6 заявленных.
-- Прогон pa11y на handoff концептах в браузере (manual после Phase C).
-- Спринт 2 (modernization) и Спринт 3 (big refactors).
-
----
-
-## Бюджет
-
-| Фаза | Tasks | Wall-clock |
-|---|---|---|
-| A. DB | A1-A7 | 15-20 мин |
-| B. Backend | B1-B7 | 30-40 мин |
-| C. Configs | C1-C8 | 30-40 мин |
-| D. Docs (narrative) | D1-D5 | 30-45 мин (через claude-md-management) |
-| E. Docs (handoff) | E1-E4 | 30-45 мин |
-| F. Registry | F1-F3 | 10-15 мин |
-| **Итого** | **6 phases / 41 tasks** | **2.5-3.5 часа** |
-
----
-
-## Risks
-
-- **B6 (Pest fail):** регистрация tenant middleware на auth-routes может сломать тесты, не имеющие `SET LOCAL app.current_tenant_id`. Митигация — в Step B6.1 явная инструкция «STOP» при padении тестов; добавить fixture в test setup. Не пропускать падение.
-- **C2 (lychee regex):** если regex для exclude захватит слишком много, потеряем покрытие реальных битых ссылок. Митигация — после Step C2.3 проверить число errors: должно быть близко к 0, но не строго 0 (могут остаться внешние URL).
-- **D2 (claude-md-improver):** skill может сделать больше, чем заявлено в args (расширить scope). Митигация — Step D2.2 проверяет git status перед коммитом; если ≠ 3 файлов — STOP, разобраться.
-- **E (handoff repo):** если `liderra_v8_handoff/` — не tracked в текущем git, Phase E пропускается с пометкой. Не блокирует Sprint 1.
-- **F1 (CTO-/OPEN-номера):** Step F1.2/F1.3 динамически выбирают следующий номер. Если параллельно открывается другой вопрос — конфликт. Митигация — выполнять последовательно, без параллельных правок Открытые_вопросы.
-- **D2/F1 кросс-влияние:** D2 правит CLAUDE.md/Pravila/Tooling, F1 правит Открытые_вопросы. Эти правки независимы, но обе требуют чистого dir state. Если есть pending изменения в registry — закоммитить отдельно.
diff --git a/docs/superpowers/plans/2026-05-10-sprint4-audit-tail-plan.md b/docs/superpowers/plans/2026-05-10-sprint4-audit-tail-plan.md
deleted file mode 100644
index 82925b8..0000000
--- a/docs/superpowers/plans/2026-05-10-sprint4-audit-tail-plan.md
+++ /dev/null
@@ -1,768 +0,0 @@
-# Sprint 4 «Audit tail» Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Закрыть 3 оставшихся O-* пункта audit'а (после Sprint 1–3): keyset pagination в `DealController::index` (O-perf-04), split 8 Vue-компонентов >300 строк (O-refactor-04 хвост), dead-code detection через bundle analyzer + удаление unused exports (O-refactor-06).
-
-**Architecture:** 3 фазы / 3 PR-коммита (Phase A backend keyset, Phase B frontend split, Phase C frontend cleanup) + 1 финальный регрессионный коммит. Каждая фаза независима — порядок гибкий, но рекомендация A → B → C ради монотонной валидации.
-
-**Tech Stack:** Laravel 13 + Pest 4 + Vue 3.5 + Vuetify 3.12 + Vite 8 + rollup-plugin-visualizer
-
-**Spec:** [docs/superpowers/specs/2026-05-10-roadmap-to-production-design.md](../specs/2026-05-10-roadmap-to-production-design.md) §3.1 (Sprint 4 содержание)
-
-**Базовый HEAD:** `77b018d` (после commit'а roadmap design'а)
-
-**Pre-requisites:**
-
-- Проект собран (`cd app && composer install && npm install`).
-- PG/Redis запущены (Memurai/PostgreSQL service running на dev-стенде).
-- `php artisan migrate:fresh --seed` если нужна свежая БД.
-
----
-
-## Phase A — O-perf-04: keyset pagination в DealController::index
-
-**Контекст:** Текущий `DealController::index` использует OFFSET/LIMIT. На больших offset'ах (deep pagination) это O(N) — PG считает все записи до offset'а, затем выкидывает их. Keyset pagination использует cursor `(received_at, id)` — клиент передаёт «последние видимые значения», PG идёт по индексу с WHERE `(received_at, id) < (cursor_received_at, cursor_id)`. O(1) при любой глубине.
-
-**Решение API:** добавить опциональный query-параметр `cursor` (base64-encoded JSON `{r: timestamp, i: id}`). При передаче cursor — игнорируем offset, используем keyset. Без cursor — текущее поведение OFFSET (для совместимости с frontend).
-
-**Files:**
-
-- Modify: `app/app/Http/Controllers/Api/DealController.php:59-143` (метод `index`)
-- Test: `app/tests/Feature/DealIndexTest.php` (добавить 3 теста)
-- Modify: `app/resources/js/composables/useDealsList.ts` (если есть; иначе — пометить как Post-Sprint-4 follow-up для frontend integration)
-
-### Task A.1 — Pest tests для keyset (TDD)
-
-- [ ] **Step A.1.1: Открыть `app/tests/Feature/DealIndexTest.php` и добавить 3 failing-теста в конец файла (перед закрывающей `});` если она есть, или просто в конец).**
-
-```php
-test('GET /api/deals с cursor возвращает следующую страницу через keyset', function () {
-    // Создаём 5 сделок с разными received_at (через 1 минуту).
-    $base = now()->subHours(5);
-    $ids = [];
-    for ($i = 0; $i < 5; $i++) {
-        $ids[] = Deal::factory()
-            ->for($this->tenant)
-            ->for($this->project)
-            ->create([
-                'status' => 'new',
-                'received_at' => $base->copy()->addMinutes($i),
-            ])->id;
-    }
-
-    // Первая страница без cursor: limit=2 → последние 2 (по received_at DESC).
-    $r1 = $this->getJson('/api/deals?tenant_id='.$this->tenant->id.'&limit=2');
-    $r1->assertStatus(200);
-    expect($r1->json('deals'))->toHaveLength(2);
-    expect($r1->json('deals.0.id'))->toBe($ids[4]); // последняя по времени
-    expect($r1->json('deals.1.id'))->toBe($ids[3]);
-
-    // Cursor для следующей страницы — последний id и его received_at.
-    $cursor = base64_encode(json_encode([
-        'r' => $r1->json('deals.1.received_at'),
-        'i' => $r1->json('deals.1.id'),
-    ]));
-
-    $r2 = $this->getJson('/api/deals?tenant_id='.$this->tenant->id.'&limit=2&cursor='.$cursor);
-    $r2->assertStatus(200);
-    expect($r2->json('deals'))->toHaveLength(2);
-    expect($r2->json('deals.0.id'))->toBe($ids[2]);
-    expect($r2->json('deals.1.id'))->toBe($ids[1]);
-});
-
-test('GET /api/deals c невалидным cursor возвращает 422', function () {
-    $r = $this->getJson('/api/deals?tenant_id='.$this->tenant->id.'&cursor=not-base64-json');
-    $r->assertStatus(422);
-    expect($r->json('message'))->toBeString();
-});
-
-test('GET /api/deals c cursor возвращает next_cursor когда есть ещё страницы', function () {
-    $base = now()->subHours(3);
-    for ($i = 0; $i < 3; $i++) {
-        Deal::factory()->for($this->tenant)->for($this->project)->create([
-            'status' => 'new',
-            'received_at' => $base->copy()->addMinutes($i),
-        ]);
-    }
-
-    $r = $this->getJson('/api/deals?tenant_id='.$this->tenant->id.'&limit=2');
-    $r->assertStatus(200);
-    expect($r->json('next_cursor'))->toBeString(); // base64-encoded
-    expect($r->json('next_cursor'))->not->toBeEmpty();
-
-    // Последняя страница: next_cursor = null.
-    $cursor = $r->json('next_cursor');
-    $r2 = $this->getJson('/api/deals?tenant_id='.$this->tenant->id.'&limit=2&cursor='.$cursor);
-    $r2->assertStatus(200);
-    expect($r2->json('next_cursor'))->toBeNull();
-});
-```
-
-- [ ] **Step A.1.2: Запустить тесты — они должны упасть.**
-
-```bash
-cd app && php vendor/bin/pest --filter="DealIndex" --stop-on-failure
-```
-
-Expected: 3 новых теста FAIL (либо assertion mismatch на `next_cursor`, либо 422 не вернётся для невалидного cursor — текущий код игнорирует параметр).
-
-### Task A.2 — Реализация keyset
-
-- [ ] **Step A.2.1: Открыть `app/app/Http/Controllers/Api/DealController.php` и заменить метод `index` (строки 59–143).**
-
-Логика:
-
-- Если `cursor` пустой/отсутствует → старое поведение OFFSET (возвращаем `limit/offset/total`).
-- Если `cursor` присутствует → декодировать `base64_decode → json_decode` → проверить ключи `r` (timestamp) + `i` (int id). При ошибке — 422.
-- При валидном cursor → keyset query: `WHERE (received_at, id) < (cursor.r, cursor.i)` через `whereRaw('(received_at, id) < (?, ?)', [...])` (PG row constructor comparison).
-- Возвращать `next_cursor` (base64-encoded `{r, i}` от последней записи в выдаче), `null` если страница неполная (выдано < limit).
-- `total` возвращать только при OFFSET-режиме (при keyset — невозможно без COUNT(*) который дорого).
-
-```php
-public function index(Request $request): JsonResponse
-{
-    $tenantId = (int) $request->query('tenant_id', '0');
-    if ($tenantId < 1) {
-        return response()->json(['message' => 'Параметр tenant_id обязателен.'], 422);
-    }
-
-    $tenant = Tenant::find($tenantId);
-    if ($tenant === null) {
-        return response()->json(['message' => 'Тенант не найден.'], 404);
-    }
-
-    $statuses = (array) $request->query('status_in', []);
-    $projectId = $request->query('project_id') !== null ? (int) $request->query('project_id') : null;
-    $managerId = $request->query('manager_id') !== null ? (int) $request->query('manager_id') : null;
-    $search = trim((string) $request->query('search', ''));
-    $limit = max(1, min(500, (int) $request->query('limit', '100')));
-    $offset = max(0, (int) $request->query('offset', '0'));
-    $onlyDeleted = $request->boolean('only_deleted');
-    $cursorRaw = (string) $request->query('cursor', '');
-
-    $cursor = null;
-    if ($cursorRaw !== '') {
-        $decoded = base64_decode($cursorRaw, true);
-        if ($decoded === false) {
-            return response()->json(['message' => 'Невалидный cursor (не base64).'], 422);
-        }
-        $parsed = json_decode($decoded, true);
-        if (! is_array($parsed) || ! isset($parsed['r'], $parsed['i'])) {
-            return response()->json(['message' => 'Невалидный cursor (нет полей r/i).'], 422);
-        }
-        $cursor = ['r' => (string) $parsed['r'], 'i' => (int) $parsed['i']];
-    }
-
-    [$deals, $total, $nextCursor] = DB::transaction(function () use ($tenantId, $statuses, $projectId, $managerId, $search, $limit, $offset, $onlyDeleted, $cursor) {
-        DB::statement('SET LOCAL app.current_tenant_id = '.$tenantId);
-
-        $query = Deal::query()
-            ->where('tenant_id', $tenantId)
-            ->with(['project:id,name', 'manager:id,email,first_name,last_name']);
-
-        if ($onlyDeleted) {
-            $query->withTrashed()->whereNotNull('deleted_at');
-        }
-
-        if ($statuses !== []) {
-            $query->whereIn('status', array_filter($statuses, 'is_string'));
-        }
-        if ($projectId !== null) {
-            $query->where('project_id', $projectId);
-        }
-        if ($managerId !== null) {
-            $query->where('manager_id', $managerId);
-        }
-        if ($search !== '') {
-            $like = '%'.$search.'%';
-            $query->where(function ($q) use ($like) {
-                $q->where('phone', 'ilike', $like)
-                    ->orWhere('contact_name', 'ilike', $like);
-            });
-        }
-
-        if ($cursor !== null) {
-            // Keyset pagination — PG row constructor comparison через индекс
-            // (received_at DESC, id DESC). Не считаем total (дорого без COUNT).
-            $query->whereRaw('(received_at, id) < (?, ?)', [$cursor['r'], $cursor['i']]);
-            $rows = $query->orderByDesc('received_at')->orderByDesc('id')
-                ->limit($limit + 1)->get(); // +1 чтобы понять, есть ли следующая страница
-            $hasNext = $rows->count() > $limit;
-            if ($hasNext) {
-                $rows = $rows->slice(0, $limit)->values();
-            }
-            $next = null;
-            if ($hasNext && $rows->isNotEmpty()) {
-                $last = $rows->last();
-                $next = base64_encode(json_encode([
-                    'r' => $last->received_at?->toIso8601String(),
-                    'i' => $last->id,
-                ]));
-            }
-
-            return [$rows, null, $next];
-        }
-
-        // Старый OFFSET-путь (backward-compat для frontend).
-        $total = (clone $query)->count();
-        $rows = $query->orderByDesc('received_at')->orderByDesc('id')
-            ->limit($limit + 1)->offset($offset)->get();
-        $hasNext = $rows->count() > $limit;
-        if ($hasNext) {
-            $rows = $rows->slice(0, $limit)->values();
-        }
-        $next = null;
-        if ($hasNext && $rows->isNotEmpty()) {
-            $last = $rows->last();
-            $next = base64_encode(json_encode([
-                'r' => $last->received_at?->toIso8601String(),
-                'i' => $last->id,
-            ]));
-        }
-
-        return [$rows, $total, $next];
-    });
-
-    $payload = [
-        'deals' => $deals->map(fn (Deal $d) => [
-            'id' => $d->id,
-            'tenant_id' => $d->tenant_id,
-            'project_id' => $d->project_id,
-            'project_name' => $d->project?->name,
-            'phone' => $d->phone,
-            'contact_name' => $d->contact_name,
-            'status' => $d->status,
-            'manager_id' => $d->manager_id,
-            'manager_name' => $d->manager
-                ? ManagerController::formatName($d->manager->first_name, $d->manager->last_name, $d->manager->email)
-                : null,
-            'manager_initials' => $d->manager
-                ? ManagerController::formatInitials($d->manager->first_name, $d->manager->last_name, $d->manager->email)
-                : null,
-            'received_at' => $d->received_at?->toIso8601String(),
-        ]),
-        'limit' => $limit,
-        'next_cursor' => $nextCursor,
-    ];
-
-    if ($cursor === null) {
-        $payload['total'] = $total;
-        $payload['offset'] = $offset;
-    }
-
-    return response()->json($payload);
-}
-```
-
-- [ ] **Step A.2.2: Запустить тесты — должны пройти.**
-
-```bash
-cd app && php vendor/bin/pest --filter="DealIndex"
-```
-
-Expected: ВСЕ 3 новых теста PASS, старые тесты `DealIndexTest` тоже PASS (backward-compat сохранён).
-
-- [ ] **Step A.2.3: Запустить полный Pest для регрессии.**
-
-```bash
-cd app && composer test
-```
-
-Expected: 419+ tests PASS (418 baseline + 3 новых; точное число зависит от других возможных skipped).
-
-- [ ] **Step A.2.4: Larastan + Pint.**
-
-```bash
-cd app && composer pint && composer stan
-```
-
-Expected: Pint без diff, Larastan 0 errors.
-
-- [ ] **Step A.2.5: Commit.**
-
-```bash
-git add app/app/Http/Controllers/Api/DealController.php app/tests/Feature/DealIndexTest.php
-git commit -m "$(cat <<'EOF'
-feat(backend): Sprint 4 Phase A — keyset pagination в DealController::index (audit O-perf-04)
-
-Добавлен опциональный query-параметр `cursor` (base64-encoded {r:timestamp,i:id}).
-При cursor — keyset через PG row constructor `(received_at, id) < (?, ?)`,
-O(1) при любой глубине. Без cursor — старое OFFSET-поведение (backward-compat).
-
-Возвращает `next_cursor` в обоих режимах (NULL = последняя страница).
-`total` возвращается только при OFFSET (при keyset COUNT(*) дорог).
-
-3 новых Pest-теста: keyset pagination, 422 на невалидный cursor,
-next_cursor flow.
-
-Frontend integration в `useDealsList`/`DealsView` — отдельным шагом
-(не блокирует backend deploy, OFFSET путь жив).
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Phase B — O-refactor-04 хвост: split 8 Vue-компонентов >300 строк
-
-**Контекст:** Top-3 Vue-компонента (DealsView 852, ReportsView 592, DealDetailDrawer 580) split закрыт в Sprint 3 Phase C. Осталось 8 компонентов >300 строк:
-
-| Компонент | Текущий size | Целевой | Стратегия split'а |
-|---|---|---|---|
-| `layouts/AppLayout.vue` | 466 | <200 | Извлечь `<AppSidebar>` (nav-tree) + `<AppTopbar>` (search/notifications/user-chip) |
-| `views/admin/AdminTenantDetailView.vue` | 436 | <200 | Извлечь `<TenantHeader>` (base-info), `<TenantUsersTable>`, `<TenantBalanceHistory>`, `<TenantActivityList>` |
-| `views/BillingView.vue` | 416 | <200 | Извлечь `<BalanceCard>`, `<TopupDialog>`, `<TransactionsTable>`, `<InvoicesTable>` |
-| `views/admin/AdminTenantsView.vue` | 377 | <200 | Извлечь `<TenantsFilters>`, `<TenantsTable>` (typed VDataTable slots), `<TenantStatusChip>` |
-| `views/settings/SecurityTab.vue` | 354 | <200 | Извлечь `<ChangePasswordCard>`, `<TwoFactorCard>`, `<RecoveryCodesCard>`, `<SessionsTable>` |
-| `views/RemindersView.vue` | 345 | <200 | Извлечь `<RemindersFilters>`, `<RemindersList>`, `<ReminderForm>` |
-| `views/errors/ErrorView.vue` | 320 | <200 | Извлечь `<ErrorIllustration>` (404/403/500 SVG), `<ErrorActions>` (Login/Home/Back buttons) |
-| `views/DashboardView.vue` | 302 | <200 | Извлечь `<DashboardKpiRow>`, `<DashboardBalance>`, `<DashboardRecentDeals>` |
-
-**Принцип split'а:**
-
-- Sub-компоненты живут рядом (например, `AppSidebar.vue` и `AppTopbar.vue` в `layouts/parts/` или в `components/layout/`).
-- Props down (родитель передаёт data), events up (sub-компонент эмитит actions).
-- TypeScript: явные интерфейсы props.
-- Vuetify: использовать typed slots для VDataTable где уместно (Sprint 2 Phase B уже начал — продолжать).
-- Тесты: если sub-компонент имеет state/logic → отдельный Vitest test file. Чисто-визуальные slots — без tests.
-- Story (Histoire): для каждого нового sub-компонента — `.story.vue` если разумно (variants для разных состояний).
-
-**Files:**
-
-- Modify: 8 view-файлов выше
-- Create: ~25 новых sub-компонентов (3-4 на каждый split)
-- Create: ~10-15 новых Vitest-тестов на sub-компоненты с логикой
-- Modify: при необходимости — `composables/` для общих state-helper'ов
-
-### Task B.1 — Группа 1: 3 admin views (AppLayout + AdminTenantDetailView + AdminTenantsView)
-
-- [ ] **Step B.1.1: AppLayout.vue split.**
-
-Создать `app/resources/js/components/layout/AppSidebar.vue` (nav-tree из текущего AppLayout строки ~40–250) с props `:nav-groups`, `:active-route`, events `@navigate`. ImportTL в AppLayout, заменить inline.
-
-Создать `app/resources/js/components/layout/AppTopbar.vue` (topbar из текущего AppLayout строки ~250–420) с props `:user`, `:notifications-count`, events `@logout`, `@open-search`, `@toggle-notifications`. Импортировать в AppLayout.
-
-После split: `wc -l app/resources/js/layouts/AppLayout.vue` должен показать <200.
-
-- [ ] **Step B.1.2: AdminTenantDetailView.vue split.**
-
-Создать в `app/resources/js/components/admin/tenant-detail/`:
-
-- `TenantHeader.vue` (base info card: name, subdomain, status, tariff, mrr_rub, runway_days)
-- `TenantUsersTable.vue` (VDataTable + 4 columns)
-- `TenantBalanceHistory.vue` (VDataTable + transaction badges)
-- `TenantActivityList.vue` (VList + actor + summary)
-
-Каждый принимает `:tenant-detail` (или подмножество) через props, без emits (read-only view).
-
-После split: `wc -l app/resources/js/views/admin/AdminTenantDetailView.vue` <200.
-
-- [ ] **Step B.1.3: AdminTenantsView.vue split.**
-
-Создать в `app/resources/js/components/admin/tenants/`:
-
-- `TenantsFilters.vue` (search + status select + tariff select), props `:filters`, emit `@update:filters`
-- `TenantsTable.vue` (VDataTable с typed slots: tenant column, status chip, MRR, last_active), props `:tenants`, emit `@row-click`
-- `TenantStatusChip.vue` (chip с цветом по статусу: active/trial/suspended/churned)
-
-После split: `wc -l app/resources/js/views/admin/AdminTenantsView.vue` <200.
-
-- [ ] **Step B.1.4: Vitest для новых компонентов.**
-
-Минимум по 1 test-file на компонент с логикой (TenantsFilters, TenantStatusChip — props/emits; TenantsTable — slot rendering; TenantHeader — computed display).
-
-Шаблон: `tests/Vue/components/admin/tenants/TenantsFilters.test.ts` с `mount(TenantsFilters, { props: {...}})`, `wrapper.find('.v-text-field input').setValue(...)`, `expect(wrapper.emitted('update:filters')).toBeTruthy()`.
-
-- [ ] **Step B.1.5: Регрессия.**
-
-```bash
-cd app && npm run lint:vue && npm run type-check && npm run test:vue && npm run build
-```
-
-Expected: ESLint 0, vue-tsc 0, Vitest все PASS (включая новые), build successful.
-
-- [ ] **Step B.1.6: Commit.**
-
-```bash
-git add app/resources/js/layouts/AppLayout.vue \
-        app/resources/js/components/layout/ \
-        app/resources/js/views/admin/AdminTenantDetailView.vue \
-        app/resources/js/components/admin/tenant-detail/ \
-        app/resources/js/views/admin/AdminTenantsView.vue \
-        app/resources/js/components/admin/tenants/ \
-        app/tests/Vue/components/
-git commit -m "refactor(frontend): Sprint 4 Phase B/1 — split 3 admin/layout views (audit O-refactor-04 хвост)
-
-AppLayout 466→<200 (+ AppSidebar + AppTopbar)
-AdminTenantDetailView 436→<200 (+ TenantHeader/UsersTable/BalanceHistory/ActivityList)
-AdminTenantsView 377→<200 (+ TenantsFilters/Table/StatusChip)
-
-+N Vitest на новые sub-компоненты с логикой.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
-### Task B.2 — Группа 2: 3 user views (BillingView + SecurityTab + RemindersView)
-
-- [ ] **Step B.2.1: BillingView.vue split.**
-
-Создать в `app/resources/js/components/billing/`:
-
-- `BalanceCard.vue` (текущий баланс + auto-topup status), props `:balance`, `:auto-topup-config`
-- `TopupDialog.vue` (form: amount, payment-method), v-model:show, emit `@submit`
-- `TransactionsTable.vue` (VDataTable + filters), props `:transactions`, `:filter-state`
-- `InvoicesTable.vue` (VDataTable + download button), props `:invoices`
-
-После split: <200 строк.
-
-- [ ] **Step B.2.2: SecurityTab.vue split.**
-
-Создать в `app/resources/js/components/settings/security/`:
-
-- `ChangePasswordCard.vue` (form 3 fields: current/new/confirm)
-- `TwoFactorCard.vue` (status + enable/disable + qr-dialog)
-- `RecoveryCodesCard.vue` (list + regenerate)
-- `SessionsTable.vue` (VDataTable + revoke action)
-
-После split: <200 строк.
-
-- [ ] **Step B.2.3: RemindersView.vue split.**
-
-Создать в `app/resources/js/components/reminders/`:
-
-- `RemindersFilters.vue` (status: active/done/overdue + manager-select)
-- `RemindersList.vue` (VList с группировкой по дате)
-- `ReminderForm.vue` (dialog: text + due_at + assignee)
-
-После split: <200 строк.
-
-- [ ] **Step B.2.4: Vitest для группы 2.**
-
-Шаблон как в Task B.1.4. Минимум `BalanceCard` (computed display), `ChangePasswordCard` (validation), `RemindersFilters` (filter emit), `ReminderForm` (form submit).
-
-- [ ] **Step B.2.5: Регрессия.**
-
-```bash
-cd app && npm run lint:vue && npm run type-check && npm run test:vue && npm run build
-```
-
-- [ ] **Step B.2.6: Commit.**
-
-```bash
-git add app/resources/js/views/BillingView.vue \
-        app/resources/js/components/billing/ \
-        app/resources/js/views/settings/SecurityTab.vue \
-        app/resources/js/components/settings/security/ \
-        app/resources/js/views/RemindersView.vue \
-        app/resources/js/components/reminders/ \
-        app/tests/Vue/components/
-git commit -m "refactor(frontend): Sprint 4 Phase B/2 — split 3 user views (audit O-refactor-04 хвост)
-
-BillingView 416→<200 (+ BalanceCard/TopupDialog/Transactions/InvoicesTable)
-SecurityTab 354→<200 (+ ChangePassword/TwoFactor/RecoveryCodes/Sessions)
-RemindersView 345→<200 (+ RemindersFilters/List/Form)
-
-+N Vitest.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
-### Task B.3 — Группа 3: 2 utility views (ErrorView + DashboardView)
-
-- [ ] **Step B.3.1: ErrorView.vue split.**
-
-Создать в `app/resources/js/components/errors/`:
-
-- `ErrorIllustration.vue` (SVG 404/403/500, props `:code`)
-- `ErrorActions.vue` (Login/Home/Back buttons, props `:code`, emit `@navigate`)
-
-После split: <200 строк.
-
-- [ ] **Step B.3.2: DashboardView.vue split.**
-
-Создать в `app/resources/js/components/dashboard/`:
-
-- `DashboardKpiRow.vue` (3-4 KPI-карты: leads_today/week/month, props `:metrics`)
-- `DashboardBalance.vue` (баланс + low-balance warning)
-- `DashboardRecentDeals.vue` (список последних 10 сделок, props `:deals`)
-
-После split: <200 строк.
-
-- [ ] **Step B.3.3: Vitest для группы 3.**
-
-`ErrorIllustration` (SVG render по props.code), `DashboardKpiRow` (компьютед labels + numerics через JetBrains Mono `tnum`).
-
-- [ ] **Step B.3.4: Регрессия.**
-
-```bash
-cd app && npm run lint:vue && npm run type-check && npm run test:vue && npm run build
-```
-
-- [ ] **Step B.3.5: Commit.**
-
-```bash
-git add app/resources/js/views/errors/ErrorView.vue \
-        app/resources/js/components/errors/ \
-        app/resources/js/views/DashboardView.vue \
-        app/resources/js/components/dashboard/ \
-        app/tests/Vue/components/
-git commit -m "refactor(frontend): Sprint 4 Phase B/3 — split 2 utility views (audit O-refactor-04 хвост)
-
-ErrorView 320→<200 (+ ErrorIllustration + ErrorActions)
-DashboardView 302→<200 (+ KpiRow + Balance + RecentDeals)
-
-+N Vitest. O-refactor-04 закрыт полностью (12 → 0 компонентов >300 строк
-после Sprint 3 Phase C + Sprint 4 Phase B/1-3).
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
-### Task B.4 — Acceptance Phase B
-
-- [ ] **Step B.4.1: Проверить, что 0 Vue-компонентов >300 строк.**
-
-```bash
-find app/resources/js -name "*.vue" -exec wc -l {} + | awk '$1 > 300 && $2 != "total" {print}'
-```
-
-Expected: пустой output (либо 1-2 с явным обоснованием в комментарии — например, гигантский `app.vue` шаблон если есть).
-
-- [ ] **Step B.4.2: Histoire build smoke.**
-
-```bash
-cd app && npm run story:build
-```
-
-Expected: build successful, новые stories видны (опционально — по 1 story на каждый sub-компонент с логикой).
-
----
-
-## Phase C — O-refactor-06: dead-code detection + удаление unused exports
-
-**Контекст:** Bundle size analyzer покажет, какие модули включены в финальный build, и какие exports никогда не импортируются. Цель — найти и удалить мёртвый код в `app/resources/js/utils/` и `app/resources/js/helpers/` (если есть). Установка `rollup-plugin-visualizer` через Vite-плагин — стандартный способ.
-
-**Files:**
-
-- Create: `app/scripts/analyze-bundle.sh` (опционально, или просто в README)
-- Modify: `app/vite.config.js` (добавить visualizer plugin условно)
-- Modify: `app/package.json` (новый script `npm run build:analyze`)
-- Modify: файлы в `app/resources/js/utils/` и `helpers/` (удаление unused exports)
-
-### Task C.1 — Установить bundle analyzer
-
-- [ ] **Step C.1.1: Установить rollup-plugin-visualizer как devDependency.**
-
-```bash
-cd app && npm install --save-dev rollup-plugin-visualizer
-```
-
-Expected: пакет в `devDependencies` секции `package.json`, никаких peer-dep warnings (если есть — `--legacy-peer-deps`).
-
-- [ ] **Step C.1.2: Modify `app/vite.config.js` — добавить visualizer условно.**
-
-```javascript
-import { defineConfig } from 'vite';
-import laravel from 'laravel-vite-plugin';
-import vue from '@vitejs/plugin-vue';
-import vuetify from 'vite-plugin-vuetify';
-import { visualizer } from 'rollup-plugin-visualizer';
-
-export default defineConfig({
-    plugins: [
-        laravel({
-            input: ['resources/css/app.css', 'resources/js/app.ts'],
-            refresh: true,
-        }),
-        vue({
-            template: {
-                transformAssetUrls: {
-                    base: null,
-                    includeAbsolute: false,
-                },
-            },
-        }),
-        vuetify({ autoImport: true }),
-        // Bundle analyzer — активен только при `BUILD_ANALYZE=1` или `vite build --mode analyze`.
-        // Генерирует storage/bundle-analyze.html (открыть в браузере).
-        process.env.BUILD_ANALYZE === '1' && visualizer({
-            filename: 'storage/bundle-analyze.html',
-            open: false,
-            gzipSize: true,
-            brotliSize: true,
-        }),
-    ].filter(Boolean),
-    server: {
-        watch: {
-            ignored: ['**/storage/framework/views/**'],
-        },
-    },
-});
-```
-
-- [ ] **Step C.1.3: Modify `app/package.json` — добавить script.**
-
-В секцию `scripts`:
-
-```json
-"build:analyze": "BUILD_ANALYZE=1 vite build"
-```
-
-(на Windows — кросс-платформенно через `cross-env` если будет нужно; пока на dev-стенде используем PowerShell `$env:BUILD_ANALYZE='1'; npm run build`).
-
-- [ ] **Step C.1.4: Запустить analyzer.**
-
-```bash
-cd app && BUILD_ANALYZE=1 npm run build
-# Windows PowerShell альтернатива:
-# cd app; $env:BUILD_ANALYZE='1'; npm run build
-```
-
-Expected: `storage/bundle-analyze.html` создан, vite build успешен.
-
-### Task C.2 — Найти и удалить unused exports
-
-- [ ] **Step C.2.1: Открыть `storage/bundle-analyze.html` в браузере.**
-
-Просмотреть treemap. Найти:
-
-- Модули с подозрительно маленьким footprint (1-2 импорта на весь bundle — кандидаты на inline)
-- Модули из `utils/` и `helpers/` которые не входят в build вообще (они unused — удалить)
-
-Альтернатива через CLI: использовать `knip` или `ts-prune` для систематического поиска. Установка опциональна, если visualizer достаточно.
-
-- [ ] **Step C.2.2: Установить `knip` для автоматического поиска unused exports.**
-
-```bash
-cd app && npm install --save-dev knip
-```
-
-- [ ] **Step C.2.3: Запустить knip с базовым конфигом.**
-
-Создать `app/knip.config.ts`:
-
-```typescript
-import type { KnipConfig } from 'knip';
-
-const config: KnipConfig = {
-    entry: ['resources/js/app.ts', 'resources/js/router/index.ts'],
-    project: ['resources/js/**/*.{ts,vue}'],
-    ignore: ['**/*.story.vue', 'tests/**'],
-    ignoreDependencies: ['@vue/test-utils', 'jsdom', 'vitest'],
-};
-
-export default config;
-```
-
-```bash
-cd app && npx knip
-```
-
-Expected: список unused files / unused exports / unused dependencies.
-
-- [ ] **Step C.2.4: Удалить найденные dead exports.**
-
-Идти по списку knip:
-
-- **Unused files** → если правда не нужен (проверить через `Grep` импорты по имени) → `git rm`.
-- **Unused exports** → удалить export, оставить функцию приватной если используется внутри файла; иначе `git rm` функцию целиком.
-- **Unused dependencies** → `npm uninstall <pkg>`.
-
-Аккуратно: `knip` может ложно-положительно ругаться на dynamic imports, Vuetify auto-import, pinia stores. Перед удалением — `Grep` проверка.
-
-- [ ] **Step C.2.5: Регрессия.**
-
-```bash
-cd app && npm run lint:vue && npm run type-check && npm run test:vue && npm run build
-```
-
-Expected: всё зелёное. Если что-то сломалось — `git checkout` файл, перепроверить.
-
-- [ ] **Step C.2.6: Повторный knip — должен показать 0 unused (или явно объяснимые false-positive).**
-
-```bash
-cd app && npx knip
-```
-
-- [ ] **Step C.2.7: Commit.**
-
-```bash
-git add app/vite.config.js app/package.json app/package-lock.json app/knip.config.ts \
-        app/resources/js/utils/ app/resources/js/helpers/
-git commit -m "$(cat <<'EOF'
-chore(frontend): Sprint 4 Phase C — bundle analyzer + dead-code cleanup (audit O-refactor-06)
-
-- rollup-plugin-visualizer + script `npm run build:analyze` (env BUILD_ANALYZE=1)
-- knip + конфиг + cleanup unused exports/files в utils/ и helpers/
-- удалено N exports, M dependencies (точное число — в diff)
-
-Bundle size снижение: ~X% gzip (точные цифры из storage/bundle-analyze.html).
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Финальная регрессия + summary
-
-### Task R.1 — Полный sweep после Sprint 4
-
-- [ ] **Step R.1.1: Backend полная регрессия.**
-
-```bash
-cd app && composer pint && composer stan && composer test
-```
-
-Expected: Pint без diff, Larastan 0, Pest 419+ (baseline 418 + 3 keyset).
-
-- [ ] **Step R.1.2: Frontend полная регрессия.**
-
-```bash
-cd app && npm run lint:vue && npm run type-check && npm run test:vue && npm run build && npm run story:build
-```
-
-Expected: ESLint 0, vue-tsc 0, Vitest 430+ (baseline 416 + ~15 за новые sub-components), build OK, Histoire build OK.
-
-- [ ] **Step R.1.3: Doc-sweep.**
-
-```bash
-npm run check:docs
-```
-
-Expected: markdownlint 0, cspell 0, lychee 0, pa11y 0 (skip если HTML концепты убраны).
-
-- [ ] **Step R.1.4: Squawk + format:sql:check.**
-
-```bash
-npm run lint:sql && npm run format:sql:check
-```
-
-Expected: 0 issues, format-check без diff.
-
-- [ ] **Step R.1.5: Обновить CLAUDE.md и Открытые_вопросы_v8_3.md через `claude-md-management`.**
-
-Через skill `/claude-md-management:claude-md-improver` — bump CLAUDE.md шапки (новые метрики Pest/Vitest/Vue-counts), обновить §6 «Текущая фаза» с записью «Sprint 4 «Audit tail» закрыт».
-
-В `docs/Открытые_вопросы_v8_3.md` — добавить запись в начало с детальной разбивкой Sprint 4.
-
-В `db/CHANGELOG_schema.md` — без изменений (Sprint 4 не трогает schema).
-
-- [ ] **Step R.1.6: Commit doc-sync.**
-
-```bash
-git add CLAUDE.md docs/Открытые_вопросы_v8_3.md docs/CHANGELOG_claude_md.md
-git commit -m "docs(narrative): sync versions + Sprint 4 acceptance (audit O-perf-04 + O-refactor-04 хвост + O-refactor-06)"
-```
-
-### Acceptance Sprint 4
-
-- ✅ keyset pagination в `DealController::index` работает + Pest +3 теста
-- ✅ 0 Vue-компонентов >300 строк (12 audit-кандидатов закрыты: Top-3 в Sprint 3 + 8 в Sprint 4 + ImpersonationDialog уже <300)
-- ✅ Bundle analyzer + knip активны, dead exports удалены
-- ✅ Регрессия зелёная (Pest, Vitest, Larastan, vue-tsc, ESLint, squawk, markdownlint, cspell, lychee, build, Histoire)
-- ✅ CLAUDE.md / Открытые_вопросы синхронизированы
-- ✅ 6 коммитов: Phase A (keyset) + Phase B/1 (3 admin) + Phase B/2 (3 user) + Phase B/3 (2 utility) + Phase C (cleanup) + R (doc-sync). При минимальном doc-sync R можно слить с C — итого 5.
diff --git a/docs/superpowers/plans/2026-05-10-sprint5-preprod-tooling-plan.md b/docs/superpowers/plans/2026-05-10-sprint5-preprod-tooling-plan.md
deleted file mode 100644
index ee64e37..0000000
--- a/docs/superpowers/plans/2026-05-10-sprint5-preprod-tooling-plan.md
+++ /dev/null
@@ -1,563 +0,0 @@
-# Sprint 5 «Pre-prod tooling» Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Активировать phase-3 tooling, не требующий YC-инфраструктуры: Semgrep SAST (#25) + Semgrep MCP + Dependabot (#27); подготовить Trivy workflow (#26) к будущей активации после Docker pipeline в YC.
-
-**Architecture:** Три независимых потока — (1) Dependabot: native GitHub config, без кода; (2) Semgrep: `npm run sast` в корне + CI workflow + MCP-запись в `.mcp.json` + allow в `.claude/settings.json`; (3) Trivy prep: workflow-файл создан, но отключён (`if: false`) до Sprint 7.
-
-**Tech Stack:** Semgrep CLI (pip/CI), GitHub Actions, Dependabot native, Trivy (CI-only), MCP JSON config.
-
----
-
-## Карта файлов
-
-| Файл | Действие | Назначение |
-|------|----------|------------|
-| `.github/dependabot.yml` | Создать | Dependabot: npm×2 (root + app) + composer (app) |
-| `.github/workflows/sast.yml` | Создать | Semgrep SAST на push/PR в main |
-| `.github/workflows/trivy.yml` | Создать | Trivy Docker scan — отключён до YC (`if: false`) |
-| `.semgrep.yml` | Создать | Semgrep: пути + исключения |
-| `trivy.yaml` | Создать | Trivy config — готов к активации |
-| `package.json` (корень) | Изменить | Добавить скрипт `"sast"` |
-| `.mcp.json` | Изменить | Добавить запись Semgrep MCP server |
-| `.claude/settings.json` | Изменить | Allow `Bash(npm run sast:*)` |
-
----
-
-## Task 1: Dependabot — `.github/dependabot.yml`
-
-Dependabot создаёт автоматические PR для обновлений зависимостей прямо через GitHub (без кода на стороне проекта). Существующий `.github/workflows/dependency-check.yml` остаётся — он выполняет другую задачу (уведомление о устаревших версиях), не создаёт PR.
-
-**Files:**
-
-- Create: `.github/dependabot.yml`
-
-- [ ] **Step 1: Создать `.github/dependabot.yml`**
-
-```yaml
-# Dependabot — Лидерра (#27)
-# Docs: https://docs.github.com/code-security/dependabot/dependabot-version-updates
-# Создаёт PR автоматически при выходе обновлений зависимостей.
-# CI-workflow dependency-check.yml — параллельный, оставить (разные задачи).
-version: 2
-
-updates:
-  # Root package.json: markdownlint-cli2, cspell, pa11y-ci, stylelint, lefthook, npm-run-all2
-  - package-ecosystem: npm
-    directory: /
-    schedule:
-      interval: weekly
-      day: monday
-      time: "09:00"
-      timezone: Europe/Moscow
-    open-pull-requests-limit: 5
-    labels:
-      - dependencies
-    groups:
-      dev-tools:
-        patterns:
-          - "markdownlint-cli2"
-          - "cspell"
-          - "@cspell/*"
-          - "pa11y*"
-          - "stylelint*"
-          - "lefthook"
-          - "npm-run-all2"
-
-  # app/package.json: Vue, Vuetify, Vite, Vitest, ESLint, Prettier, Histoire, etc.
-  - package-ecosystem: npm
-    directory: /app
-    schedule:
-      interval: weekly
-      day: monday
-      time: "09:00"
-      timezone: Europe/Moscow
-    open-pull-requests-limit: 10
-    labels:
-      - dependencies
-    groups:
-      vue-ecosystem:
-        patterns:
-          - "vue"
-          - "vue-*"
-          - "@vue/*"
-          - "vuetify"
-          - "vite"
-          - "vite-*"
-          - "@vitejs/*"
-          - "vite-plugin-*"
-          - "laravel-vite-plugin"
-      vitest:
-        patterns:
-          - "vitest"
-          - "@vitest/*"
-      eslint:
-        patterns:
-          - "eslint"
-          - "eslint-*"
-          - "@eslint/*"
-          - "prettier"
-          - "eslint-config-prettier"
-      histoire:
-        patterns:
-          - "histoire"
-          - "@histoire/*"
-
-  # app/composer.json: Laravel 13, Pest 4, Pint, Larastan, Boost, IDE Helper, etc.
-  - package-ecosystem: composer
-    directory: /app
-    schedule:
-      interval: weekly
-      day: monday
-      time: "09:00"
-      timezone: Europe/Moscow
-    open-pull-requests-limit: 10
-    labels:
-      - dependencies
-    groups:
-      laravel-framework:
-        patterns:
-          - "laravel/framework"
-          - "laravel/sanctum"
-          - "laravel/tinker"
-          - "laravel/pail"
-          - "laravel/pao"
-          - "nunomaduro/collision"
-      pest:
-        patterns:
-          - "pestphp/*"
-      dev-tools:
-        patterns:
-          - "larastan/larastan"
-          - "barryvdh/laravel-ide-helper"
-          - "fakerphp/faker"
-          - "laravel/pint"
-          - "mockery/mockery"
-```
-
-- [ ] **Step 2: Commit**
-
-```bash
-git add .github/dependabot.yml
-git commit -m "chore(deps): add Dependabot config — npm×2 + composer weekly (#27)"
-```
-
-- [ ] **Step 3: Проверить на GitHub после push**
-
-После `git push origin main`: открыть GitHub → репозиторий → tab **Insights** → **Dependency graph** → **Dependabot**.  
-Expected: 3 экосистемы (`npm /`, `npm /app`, `composer /app`). Первые PR появятся в течение 24 часов.
-
----
-
-## Task 2: Semgrep config + `npm run sast`
-
-Semgrep — статический анализ безопасности (SAST). Запускается в CI (`ubuntu-latest`), поэтому `npm run sast` не требует локальной установки Python на dev-машине.  
-**На Windows dev:** `semgrep` недоступен без Python 3.9+. Локально пропустить; для ручного запуска — `choco install python` + `pip install semgrep`.
-
-**Files:**
-
-- Create: `.semgrep.yml`
-- Modify: `package.json` (корень) — добавить скрипт `"sast"`
-
-- [ ] **Step 1: Создать `.semgrep.yml`**
-
-```yaml
-# Semgrep ruleset — Лидерра (#25)
-# Docs: https://semgrep.dev/docs/writing-rules/rule-syntax
-# Локально: npm run sast  (требует pip install semgrep)
-# CI: .github/workflows/sast.yml  (ubuntu-latest, без установки)
-
-rules: []  # custom rules — пустые; используем облачные рулсеты через --config p/...
-
-paths:
-  include:
-    - app/app
-    - app/resources/js
-    - app/database/migrations
-  exclude:
-    - app/vendor
-    - app/node_modules
-    - app/storage
-    - "**/*.min.js"
-    - "**/*.min.css"
-    - "**/_ide_helper*.php"
-    - "**/phpstan-baseline.neon"
-```
-
-- [ ] **Step 2: Добавить скрипт `"sast"` в корневой `package.json`**
-
-Открыть `package.json` в корне (не в `app/`). Текущий раздел `scripts`:
-
-```json
-"scripts": {
-    "lint:md": "...",
-    "lint:md:fix": "...",
-    "spell": "...",
-    "links": "...",
-    "lint:css": "...",
-    "lint:sql": "...",
-    "format:sql:check": "...",
-    "format:sql": "...",
-    "a11y": "...",
-    "check:docs": "run-p lint:md spell links a11y"
-}
-```
-
-Добавить `"sast"` после `"check:docs"`:
-
-```json
-    "check:docs": "run-p lint:md spell links a11y",
-    "sast": "semgrep --config=p/php --config=p/javascript --config=p/typescript --config=p/secrets --config=.semgrep.yml --error --time"
-```
-
-Итоговый scripts-раздел должен быть:
-
-```json
-"scripts": {
-    "lint:md": "markdownlint-cli2 \"docs/**/*.md\" \"db/**/*.md\" \"*.md\"",
-    "lint:md:fix": "markdownlint-cli2 --fix \"docs/**/*.md\" \"db/**/*.md\" \"*.md\"",
-    "spell": "cspell --no-progress --show-suggestions \"docs/**/*.md\" \"db/**/*.md\" \"*.md\" \"web/**/*.html\"",
-    "links": "bin\\lychee.exe --config .lychee.toml \"docs/**/*.md\" \"db/**/*.md\" \"*.md\"",
-    "lint:css": "stylelint \"web/**/*.html\"",
-    "lint:sql": "bin\\squawk.exe db/schema.sql",
-    "format:sql:check": "perl -I bin/pgFormatter/lib bin/pgFormatter/pg_format db/schema.sql > db/.schema-formatted.tmp.sql && diff -q db/schema.sql db/.schema-formatted.tmp.sql || echo \"pgFormatter would reformat — run npm run format:sql to apply\"",
-    "format:sql": "perl -I bin/pgFormatter/lib bin/pgFormatter/pg_format -o db/schema.sql.formatted db/schema.sql && echo \"Wrote db/schema.sql.formatted — review diff before replacing source\"",
-    "a11y": "pa11y-ci --config pa11y.config.json",
-    "check:docs": "run-p lint:md spell links a11y",
-    "sast": "semgrep --config=p/php --config=p/javascript --config=p/typescript --config=p/secrets --config=.semgrep.yml --error --time"
-}
-```
-
-- [ ] **Step 3: Commit**
-
-```bash
-git add .semgrep.yml package.json
-git commit -m "feat(tooling): Semgrep config + npm run sast script (#25)"
-```
-
----
-
-## Task 3: Semgrep CI workflow — `.github/workflows/sast.yml`
-
-**Files:**
-
-- Create: `.github/workflows/sast.yml`
-
-- [ ] **Step 1: Создать `.github/workflows/sast.yml`**
-
-```yaml
-name: SAST — Semgrep
-
-on:
-  push:
-    branches: [main]
-    paths:
-      - 'app/app/**'
-      - 'app/resources/js/**'
-      - 'app/database/migrations/**'
-      - '.semgrep.yml'
-      - '.github/workflows/sast.yml'
-  pull_request:
-    branches: [main]
-    paths:
-      - 'app/app/**'
-      - 'app/resources/js/**'
-      - 'app/database/migrations/**'
-
-permissions:
-  contents: read
-  security-events: write  # нужно для upload-sarif
-
-jobs:
-  semgrep:
-    runs-on: ubuntu-latest
-    name: Semgrep SAST scan
-
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Run Semgrep
-        uses: semgrep/semgrep-action@v1
-        with:
-          config: >-
-            p/php
-            p/javascript
-            p/typescript
-            p/secrets
-        env:
-          # SEMGREP_APP_TOKEN — опциональный, для Semgrep Cloud dashboard.
-          # Без него: open-source режим, результаты только в GitHub Security tab.
-          # Добавить: GitHub → Settings → Secrets → Actions → SEMGREP_APP_TOKEN
-          SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
-
-      - name: Upload SARIF to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v3
-        if: always()
-        with:
-          sarif_file: semgrep.sarif
-        continue-on-error: true  # не блокировать PR если SARIF upload упал
-```
-
-**Важно — первый запуск:** Semgrep может найти реальные проблемы в существующем коде (не только новом). При первом прогоне нужен тriage:
-
-1. Смотреть вкладку **Security → Code scanning alerts** на GitHub.
-2. Ложные срабатывания — помечать «Dismissed» с пояснением.
-3. Реальные находки P0/P1 — исправлять до merge.
-
-- [ ] **Step 2: Commit**
-
-```bash
-git add .github/workflows/sast.yml
-git commit -m "feat(ci): Semgrep SAST workflow — push/PR to main (#25)"
-```
-
----
-
-## Task 4: Semgrep MCP server — `.mcp.json`
-
-Semgrep MCP даёт Claude Code инструменты для семантического поиска по Semgrep-правилам прямо в разговоре (аналитика кода, поиск паттернов безопасности).
-
-**Files:**
-
-- Modify: `.mcp.json`
-
-- [ ] **Step 1: Добавить запись `semgrep` в `.mcp.json`**
-
-Текущий `.mcp.json` содержит ключи `playwright`, `github`, `laravel-boost`. Добавить `semgrep` четвёртым:
-
-```json
-{
-  "$schema": "https://raw.githubusercontent.com/anthropics/claude-code/main/schemas/mcp.json",
-  "mcpServers": {
-    "playwright": {
-      "command": "npx",
-      "args": ["-y", "@playwright/mcp@latest"],
-      "comment": "Фаза 0 #2 — открыть web/*.html, screenshot, проверка интерактива"
-    },
-    "github": {
-      "type": "http",
-      "url": "https://api.githubcopilot.com/mcp",
-      "headers": {
-        "Authorization": "Bearer ${GITHUB_TOKEN}"
-      },
-      "comment": "Фаза 0 #3 — официальный hosted GitHub MCP (https://github.com/github/github-mcp-server). Требует env GITHUB_TOKEN с PAT (scopes: repo, read:org, не давать admin/delete). Раньше использовали deprecated @modelcontextprotocol/server-github — заменён 06.05.2026."
-    },
-    "laravel-boost": {
-      "command": "php",
-      "args": ["app/artisan", "boost:mcp"],
-      "comment": "Фаза 1 #10 — Laravel Boost MCP (laravel/boost v2.4.6). Заменяет PostgreSQL MCP из фазы 0. Через Roster детектит установленные пакеты (Laravel 13, Pest 4, Pint, Larastan, IDE Helper) и серверит соответствующие guidelines + DB query/schema/tinker tools. Кастомный Vuetify 3 guideline — в app/.ai/guidelines/vuetify.md. Конфиг wizard'а — app/boost.json (написан вручную: wizard сломан на кириллице-пути)."
-    },
-    "semgrep": {
-      "command": "npx",
-      "args": ["-y", "semgrep-mcp"],
-      "comment": "Фаза 3 #25 — Semgrep MCP (SAST). Семантический поиск/анализ кода через Semgrep rules в Claude Code. Пакет: npmjs.com/package/semgrep-mcp — если 404, запустить 'npm search semgrep mcp' для актуального имени."
-    }
-  }
-}
-```
-
-- [ ] **Step 2: Проверить подключение MCP**
-
-Перезапустить Claude Code. Выполнить в разговоре:
-
-```
-/mcp
-```
-
-Expected: в списке серверов появился `semgrep`. Если статус `error` вместо `connected` — пакет `semgrep-mcp` не найден на npm, нужно уточнить имя:
-
-```bash
-npm search semgrep mcp --json | Select-Object -First 5
-```
-
-Заменить `semgrep-mcp` в `.mcp.json` на найденное имя пакета.
-
-- [ ] **Step 3: Commit**
-
-```bash
-git add .mcp.json
-git commit -m "feat(tooling): Semgrep MCP server in .mcp.json (#25)"
-```
-
----
-
-## Task 5: Allow `npm run sast` в `.claude/settings.json`
-
-**Files:**
-
-- Modify: `.claude/settings.json`
-
-- [ ] **Step 1: Добавить разрешение в `.claude/settings.json`**
-
-Текущий `permissions.allow` содержит `"Bash(npm run check:docs:*)"` и аналогичные строки. Добавить `"Bash(npm run sast:*)"` рядом с остальными npm-скриптами:
-
-```json
-"allow": [
-  "Bash(npm install:*)",
-  "Bash(npm run lint:md:*)",
-  "Bash(npm run spell:*)",
-  "Bash(npm run links:*)",
-  "Bash(npm run lint:css:*)",
-  "Bash(npm run a11y:*)",
-  "Bash(npm run check:docs:*)",
-  "Bash(npm run lint:md:fix:*)",
-  "Bash(npm run sast:*)",
-  "Bash(git status)",
-  ...
-]
-```
-
-- [ ] **Step 2: Commit**
-
-```bash
-git add .claude/settings.json
-git commit -m "chore(claude): allow npm run sast in settings.json (#25)"
-```
-
----
-
-## Task 6: Trivy prep — workflow + config (disabled)
-
-Trivy сканирует Docker-образы на CVE. Docker pipeline будет настроен в Sprint 7 (YC Container Registry). До тех пор — файлы готовы, workflow отключён через `if: false`.
-
-**Files:**
-
-- Create: `trivy.yaml`
-- Create: `.github/workflows/trivy.yml`
-
-- [ ] **Step 1: Создать `trivy.yaml`**
-
-```yaml
-# Trivy config — Лидерра (#26)
-# Активировать в Sprint 7 после настройки Docker pipeline в YC.
-# Docs: https://aquasecurity.github.io/trivy/latest/docs/configuration/
-
-exit-code: 1
-severity: CRITICAL,HIGH
-format: sarif
-output: trivy-results.sarif
-ignore-unfixed: true
-
-vulnerability:
-  type:
-    - os
-    - library
-```
-
-- [ ] **Step 2: Создать `.github/workflows/trivy.yml` (disabled)**
-
-```yaml
-name: Trivy — Docker image scan
-
-# ОТКЛЮЧЕНО до Sprint 7 (YC Docker pipeline).
-# Для активации:
-#   1. Убрать `if: false` у job trivy
-#   2. Добавить GitHub secret YC_REGISTRY (полный адрес, напр. cr.yandex/crp.../liderra)
-#   3. Убедиться, что CI job собирает образ перед этим workflow
-# См. roadmap Sprint 7 «YC infrastructure setup».
-
-on:
-  push:
-    branches: [main]
-    paths:
-      - 'Dockerfile'
-      - 'docker-compose*.yml'
-      - '.github/workflows/trivy.yml'
-      - 'trivy.yaml'
-  schedule:
-    - cron: '0 10 * * 1'  # каждый понедельник 10:00 UTC
-
-permissions:
-  contents: read
-  security-events: write
-
-jobs:
-  trivy:
-    runs-on: ubuntu-latest
-    if: false  # TODO Sprint 7: убрать после настройки Docker pipeline
-
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Run Trivy image scan
-        uses: aquasecurity/trivy-action@0.30.0
-        with:
-          image-ref: '${{ secrets.YC_REGISTRY }}:${{ github.sha }}'
-          format: 'sarif'
-          output: 'trivy-results.sarif'
-          severity: 'CRITICAL,HIGH'
-          exit-code: '1'
-          ignore-unfixed: true
-          vuln-type: 'os,library'
-          trivy-config: 'trivy.yaml'
-
-      - name: Upload Trivy SARIF to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v3
-        if: always()
-        with:
-          sarif_file: trivy-results.sarif
-```
-
-- [ ] **Step 3: Commit**
-
-```bash
-git add trivy.yaml .github/workflows/trivy.yml
-git commit -m "feat(tooling): Trivy CI workflow prep — disabled until YC Docker (#26)"
-```
-
----
-
-## Task 7: Push и тriage первого Semgrep прогона
-
-- [ ] **Step 1: Push всех коммитов**
-
-```bash
-git push origin main
-```
-
-- [ ] **Step 2: Наблюдать за CI**
-
-Открыть GitHub → Actions → workflow **SAST — Semgrep**. Ждать завершения (~2–3 мин).
-
-- [ ] **Step 3: Тriage Security alerts**
-
-Открыть GitHub → Security → **Code scanning** (появляется после первого upload-sarif).
-
-Алгоритм тriage:
-
-- **CRITICAL/HIGH** с реальным уязвимым паттерном → создать Issue, исправить в ближайшем спринте.
-- **Ложное срабатывание** (напр., флаг в тесте, mock-данные) → Dismiss с пояснением «test/mock data».
-- **MEDIUM/LOW** → Dismiss как «acceptable risk» или создать тикет Post-MVP.
-
-- [ ] **Step 4: Проверить Dependabot**
-
-GitHub → Insights → Dependency graph → Dependabot. Expected: 3 экосистемы зарегистрированы.
-
----
-
-## Self-Review
-
-### Spec coverage
-
-| Требование roadmap Sprint 5 | Task | Статус |
-|-----------------------------|------|--------|
-| #25 Semgrep local `npm run sast` | Task 2 | ✅ |
-| #25 Semgrep CI workflow | Task 3 | ✅ |
-| #25 Semgrep MCP | Task 4 | ✅ |
-| #26 Trivy prep (disabled until YC) | Task 6 | ✅ |
-| #27 Dependabot | Task 1 | ✅ |
-| Allow `npm run sast` в settings | Task 5 | ✅ |
-| Push + первый тriage | Task 7 | ✅ |
-
-### Placeholder scan
-
-- Task 2 Step 2: показан полный итоговый блок `scripts` целиком ✅
-- Task 4 Step 1: полный `.mcp.json` показан, не «добавить что-то» ✅
-- Task 4 Step 2: конкретная команда для поиска пакета если npm 404 ✅
-- Task 6 Step 2: TODO с конкретными инструкциями активации, не просто «активировать потом» ✅
-- Task 7 Step 3: конкретный алгоритм тriage по severity ✅
-
-### Type consistency
-
-Конфигурационные файлы — без типов. Имена файлов, скриптов и ключей согласованы по всем задачам: `.semgrep.yml` / `p/php p/javascript p/typescript p/secrets` — одинаковый набор в Task 2 и Task 3. `trivy.yaml` + `trivy-config: 'trivy.yaml'` в workflow совпадают ✅
diff --git a/docs/superpowers/plans/2026-05-10-sprint6-phase-a-reports-plan.md b/docs/superpowers/plans/2026-05-10-sprint6-phase-a-reports-plan.md
deleted file mode 100644
index f1a1a79..0000000
--- a/docs/superpowers/plans/2026-05-10-sprint6-phase-a-reports-plan.md
+++ /dev/null
@@ -1,1212 +0,0 @@
-# Sprint 6 Phase A: Reports Backend Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Extend Reports backend with 3 new providers (managers\_summary, sources\_summary, billing\_summary), S3 abstraction via `reports` disk, and file download endpoint.
-
-**Architecture:** Three new `ReportDataProvider` implementations follow the `DealsExportProvider` pattern (`DB::transaction` + `SET LOCAL` + join queries). `ReportGeneratorRegistry` gains a `SUPPORTED_TYPES` private constant and 3 new injected providers. S3 abstraction adds a `reports` disk to `config/filesystems.php` driven by `REPORT_DISK` env var; every `Storage::disk('local')` in the Reports subsystem is replaced with `Storage::disk('reports')`. The download endpoint streams a stored file via `response()->streamDownload()`.
-
-**Tech Stack:** PHP 8.3, Laravel 13, Pest 4, PostgreSQL 16 (deals/users/projects/suppliers/supplier\_lead\_costs/balance\_transactions tables), `Illuminate\Support\Facades\Storage`
-
-> **Note on column names:** The design spec SQL used `d.assigned_user_id` and `bt.transaction_type`/`bt.balance_after_rub` — actual schema columns are `deals.manager_id`, `balance_transactions.type`, and `balance_transactions.balance_rub_after`. This plan uses the real names.
->
-> **Note on test dates:** `deals` and `supplier_lead_costs` are partitioned; earliest partition is `2026-05-01`. All test data uses May 2026 dates.
-
----
-
-## File Map
-
-**New files:**
-
-- `app/app/Services/Reports/Providers/ManagersSummaryProvider.php`
-- `app/app/Services/Reports/Providers/SourcesSummaryProvider.php`
-- `app/app/Services/Reports/Providers/BillingSummaryProvider.php`
-- `app/tests/Feature/Reports/Providers/ManagersSummaryProviderTest.php`
-- `app/tests/Feature/Reports/Providers/SourcesSummaryProviderTest.php`
-- `app/tests/Feature/Reports/Providers/BillingSummaryProviderTest.php`
-- `app/tests/Unit/Services/Reports/ReportGeneratorRegistryTest.php`
-
-**Modified files:**
-
-- `app/app/Services/Reports/ReportGeneratorRegistry.php` — add 3 providers + `SUPPORTED_TYPES` const
-- `app/config/filesystems.php` — add `reports` disk
-- `.env.example` — add `REPORT_DISK=local`
-- `app/app/Jobs/GenerateReportJob.php:82` — `disk('local')` → `disk('reports')`
-- `app/app/Http/Controllers/Api/ReportJobController.php` — `disk('local')` → `disk('reports')` in `destroy()`; add `download()` method; add `StreamedResponse` import
-- `app/app/Console/Commands/ReportsCleanupExpired.php:71` — `disk('local')` → `disk('reports')`
-- `app/tests/Feature/Reports/ReportJobControllerTest.php` — `fake('local')` → `fake('reports')`
-- `app/tests/Feature/Reports/ReportLifecycleTest.php` — `fake('local')` → `fake('reports')`; `disk('local')` → `disk('reports')` in test bodies
-- `app/routes/web.php` — add `GET /{id}/file` route inside reports group
-
----
-
-## Task 1: ManagersSummaryProvider
-
-**Files:**
-
-- Create: `app/tests/Feature/Reports/Providers/ManagersSummaryProviderTest.php`
-- Create: `app/app/Services/Reports/Providers/ManagersSummaryProvider.php`
-
-- [ ] **Step 1: Write the failing test**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\ReportJob;
-use App\Models\Tenant;
-use App\Models\User;
-use App\Services\Reports\Providers\ManagersSummaryProvider;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\DB;
-
-uses(DatabaseTransactions::class);
-
-beforeEach(function () {
-    $this->tenant = Tenant::factory()->create();
-    $this->user = User::factory()->create(['tenant_id' => $this->tenant->id]);
-    $this->provider = app(ManagersSummaryProvider::class);
-    $this->job = ReportJob::create([
-        'tenant_id' => $this->tenant->id,
-        'user_id' => $this->user->id,
-        'type' => 'managers_summary',
-        'parameters' => ['format' => 'csv', 'date_from' => '2026-05-01', 'date_to' => '2026-05-31'],
-        'status' => ReportJob::STATUS_PENDING,
-    ]);
-});
-
-test('slug() == managers_summary', function () {
-    expect($this->provider->slug())->toBe('managers_summary');
-});
-
-test('headers() returns 7 columns', function () {
-    $headers = $this->provider->headers();
-    expect($headers)->toHaveCount(7);
-    expect($headers[0])->toBe('Менеджер');
-    expect($headers[6])->toBe('Средняя стоимость ₽');
-});
-
-test('rows() returns empty array for period with no deals', function () {
-    $rows = $this->provider->rows($this->job);
-    expect($rows)->toBe([]);
-});
-
-test('rows() returns manager stats with conversion and revenue', function () {
-    $manager = User::factory()->create(['tenant_id' => $this->tenant->id]);
-
-    $projectId = DB::table('projects')->insertGetId([
-        'tenant_id' => $this->tenant->id,
-        'name' => 'Test Project',
-    ]);
-
-    $supplierId = DB::table('suppliers')->insertGetId([
-        'code' => 'test-mgr-s1',
-        'name' => 'Test Supplier',
-        'accepts_types' => '{websites}',
-        'cost_rub' => 100,
-    ]);
-
-    $d1ReceivedAt = '2026-05-10 10:00:00';
-    $d2ReceivedAt = '2026-05-15 10:00:00';
-    $d3ReceivedAt = '2026-05-20 10:00:00';
-
-    $deal1 = DB::table('deals')->insertGetId([
-        'tenant_id' => $this->tenant->id,
-        'project_id' => $projectId,
-        'phone' => '+70001234501',
-        'manager_id' => $manager->id,
-        'status' => 'accepted',
-        'received_at' => $d1ReceivedAt,
-    ]);
-    $deal2 = DB::table('deals')->insertGetId([
-        'tenant_id' => $this->tenant->id,
-        'project_id' => $projectId,
-        'phone' => '+70001234502',
-        'manager_id' => $manager->id,
-        'status' => 'accepted',
-        'received_at' => $d2ReceivedAt,
-    ]);
-    $deal3 = DB::table('deals')->insertGetId([
-        'tenant_id' => $this->tenant->id,
-        'project_id' => $projectId,
-        'phone' => '+70001234503',
-        'manager_id' => $manager->id,
-        'status' => 'rejected',
-        'received_at' => $d3ReceivedAt,
-    ]);
-
-    DB::table('supplier_lead_costs')->insert([
-        ['deal_id' => $deal1, 'received_at' => $d1ReceivedAt, 'supplier_id' => $supplierId, 'cost_rub' => 1000],
-        ['deal_id' => $deal2, 'received_at' => $d2ReceivedAt, 'supplier_id' => $supplierId, 'cost_rub' => 2000],
-    ]);
-
-    DB::statement('SET LOCAL app.current_tenant_id = ' . $this->tenant->id);
-
-    $rows = $this->provider->rows($this->job);
-
-    expect($rows)->toHaveCount(1);
-    $row = $rows[0];
-    expect($row[1])->toBe(3);           // total
-    expect($row[2])->toBe(2);           // accepted
-    expect($row[3])->toBe(1);           // rejected
-    expect((float) $row[4])->toBe(66.7); // conversion %
-    expect((float) $row[5])->toBe(3000.0); // revenue_rub
-});
-```
-
-Save to `app/tests/Feature/Reports/Providers/ManagersSummaryProviderTest.php`.
-
-- [ ] **Step 2: Run test to verify it fails**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Reports/Providers/ManagersSummaryProviderTest.php --no-coverage
-```
-
-Expected: FAIL — `Class "App\Services\Reports\Providers\ManagersSummaryProvider" not found`
-
-- [ ] **Step 3: Write ManagersSummaryProvider**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Reports\Providers;
-
-use App\Models\ReportJob;
-use Illuminate\Support\Facades\DB;
-
-class ManagersSummaryProvider implements ReportDataProvider
-{
-    public function slug(): string
-    {
-        return 'managers_summary';
-    }
-
-    public function headers(): array
-    {
-        return [
-            'Менеджер',
-            'Всего заявок',
-            'Принято',
-            'Отклонено',
-            'Конверсия %',
-            'Выручка ₽',
-            'Средняя стоимость ₽',
-        ];
-    }
-
-    public function rows(ReportJob $job): array
-    {
-        $params = $job->parameters ?? [];
-        $dateFrom = $params['date_from'];
-        $dateTo = $params['date_to'] . ' 23:59:59';
-
-        return DB::transaction(function () use ($job, $dateFrom, $dateTo): array {
-            DB::statement('SET LOCAL app.current_tenant_id = ' . (int) $job->tenant_id);
-
-            return DB::table('deals as d')
-                ->leftJoin('users as u', 'u.id', '=', 'd.manager_id')
-                ->leftJoin('supplier_lead_costs as slc', 'slc.deal_id', '=', 'd.id')
-                ->where('d.tenant_id', $job->tenant_id)
-                ->whereNull('d.deleted_at')
-                ->whereBetween('d.received_at', [$dateFrom, $dateTo])
-                ->groupBy('u.id', 'u.first_name', 'u.last_name', 'u.email')
-                ->orderByDesc(DB::raw('COUNT(d.id)'))
-                ->select([
-                    DB::raw("COALESCE(u.first_name || ' ' || u.last_name, u.email) AS manager"),
-                    DB::raw('COUNT(d.id) AS total'),
-                    DB::raw("COUNT(d.id) FILTER (WHERE d.status = 'accepted') AS accepted"),
-                    DB::raw("COUNT(d.id) FILTER (WHERE d.status = 'rejected') AS rejected"),
-                    DB::raw("ROUND(COUNT(d.id) FILTER (WHERE d.status = 'accepted') * 100.0 / NULLIF(COUNT(d.id), 0), 1) AS conversion"),
-                    DB::raw('COALESCE(SUM(slc.cost_rub), 0) AS revenue_rub'),
-                    DB::raw('ROUND(AVG(slc.cost_rub), 2) AS avg_cost_rub'),
-                ])
-                ->get()
-                ->map(fn ($row): array => [
-                    $row->manager,
-                    (int) $row->total,
-                    (int) $row->accepted,
-                    (int) $row->rejected,
-                    (float) $row->conversion,
-                    (float) $row->revenue_rub,
-                    $row->avg_cost_rub !== null ? (float) $row->avg_cost_rub : null,
-                ])
-                ->all();
-        });
-    }
-}
-```
-
-Save to `app/app/Services/Reports/Providers/ManagersSummaryProvider.php`.
-
-- [ ] **Step 4: Run test to verify it passes**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Reports/Providers/ManagersSummaryProviderTest.php --no-coverage
-```
-
-Expected: PASS (4 tests)
-
-- [ ] **Step 5: Commit**
-
-```bash
-cd app && ./vendor/bin/pint app/Services/Reports/Providers/ManagersSummaryProvider.php
-git add app/app/Services/Reports/Providers/ManagersSummaryProvider.php app/tests/Feature/Reports/Providers/ManagersSummaryProviderTest.php
-git commit -m "feat(reports): ManagersSummaryProvider — managers summary report"
-```
-
----
-
-## Task 2: SourcesSummaryProvider
-
-**Files:**
-
-- Create: `app/tests/Feature/Reports/Providers/SourcesSummaryProviderTest.php`
-- Create: `app/app/Services/Reports/Providers/SourcesSummaryProvider.php`
-
-- [ ] **Step 1: Write the failing test**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\ReportJob;
-use App\Models\Tenant;
-use App\Models\User;
-use App\Services\Reports\Providers\SourcesSummaryProvider;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\DB;
-
-uses(DatabaseTransactions::class);
-
-beforeEach(function () {
-    $this->tenant = Tenant::factory()->create();
-    $this->user = User::factory()->create(['tenant_id' => $this->tenant->id]);
-    $this->provider = app(SourcesSummaryProvider::class);
-    $this->job = ReportJob::create([
-        'tenant_id' => $this->tenant->id,
-        'user_id' => $this->user->id,
-        'type' => 'sources_summary',
-        'parameters' => ['format' => 'csv', 'date_from' => '2026-05-01', 'date_to' => '2026-05-31'],
-        'status' => ReportJob::STATUS_PENDING,
-    ]);
-});
-
-test('slug() == sources_summary', function () {
-    expect($this->provider->slug())->toBe('sources_summary');
-});
-
-test('headers() returns 6 columns', function () {
-    $headers = $this->provider->headers();
-    expect($headers)->toHaveCount(6);
-    expect($headers[0])->toBe('Источник');
-    expect($headers[5])->toBe('Среднее ₽');
-});
-
-test('rows() returns empty array for period with no deals', function () {
-    expect($this->provider->rows($this->job))->toBe([]);
-});
-
-test('rows() aggregates deals by source (project) with conversion', function () {
-    $projectId = DB::table('projects')->insertGetId([
-        'tenant_id' => $this->tenant->id,
-        'name' => 'Source Alpha',
-    ]);
-
-    $supplierId = DB::table('suppliers')->insertGetId([
-        'code' => 'test-src-s1',
-        'name' => 'Test Supplier',
-        'accepts_types' => '{websites}',
-        'cost_rub' => 100,
-    ]);
-
-    $d1ReceivedAt = '2026-05-10 10:00:00';
-    $d2ReceivedAt = '2026-05-15 10:00:00';
-
-    $deal1 = DB::table('deals')->insertGetId([
-        'tenant_id' => $this->tenant->id,
-        'project_id' => $projectId,
-        'phone' => '+70001234601',
-        'status' => 'accepted',
-        'received_at' => $d1ReceivedAt,
-    ]);
-    DB::table('deals')->insert([
-        'tenant_id' => $this->tenant->id,
-        'project_id' => $projectId,
-        'phone' => '+70001234602',
-        'status' => 'rejected',
-        'received_at' => $d2ReceivedAt,
-    ]);
-
-    DB::table('supplier_lead_costs')->insert([
-        'deal_id' => $deal1, 'received_at' => $d1ReceivedAt, 'supplier_id' => $supplierId, 'cost_rub' => 500,
-    ]);
-
-    DB::statement('SET LOCAL app.current_tenant_id = ' . $this->tenant->id);
-
-    $rows = $this->provider->rows($this->job);
-
-    expect($rows)->toHaveCount(1);
-    $row = $rows[0];
-    expect($row[0])->toBe('Source Alpha');
-    expect($row[1])->toBe(2);             // total
-    expect($row[2])->toBe(1);             // accepted
-    expect((float) $row[3])->toBe(50.0);  // conversion %
-    expect((float) $row[4])->toBe(500.0); // total_rub
-});
-```
-
-Save to `app/tests/Feature/Reports/Providers/SourcesSummaryProviderTest.php`.
-
-- [ ] **Step 2: Run test to verify it fails**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Reports/Providers/SourcesSummaryProviderTest.php --no-coverage
-```
-
-Expected: FAIL — `Class "App\Services\Reports\Providers\SourcesSummaryProvider" not found`
-
-- [ ] **Step 3: Write SourcesSummaryProvider**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Reports\Providers;
-
-use App\Models\ReportJob;
-use Illuminate\Support\Facades\DB;
-
-class SourcesSummaryProvider implements ReportDataProvider
-{
-    public function slug(): string
-    {
-        return 'sources_summary';
-    }
-
-    public function headers(): array
-    {
-        return [
-            'Источник',
-            'Всего заявок',
-            'Принято',
-            'Конверсия %',
-            'Итого ₽',
-            'Среднее ₽',
-        ];
-    }
-
-    public function rows(ReportJob $job): array
-    {
-        $params = $job->parameters ?? [];
-        $dateFrom = $params['date_from'];
-        $dateTo = $params['date_to'] . ' 23:59:59';
-
-        return DB::transaction(function () use ($job, $dateFrom, $dateTo): array {
-            DB::statement('SET LOCAL app.current_tenant_id = ' . (int) $job->tenant_id);
-
-            return DB::table('deals as d')
-                ->leftJoin('projects as p', 'p.id', '=', 'd.project_id')
-                ->leftJoin('supplier_lead_costs as slc', 'slc.deal_id', '=', 'd.id')
-                ->where('d.tenant_id', $job->tenant_id)
-                ->whereNull('d.deleted_at')
-                ->whereBetween('d.received_at', [$dateFrom, $dateTo])
-                ->groupBy('p.id', 'p.name')
-                ->orderByDesc(DB::raw('COUNT(d.id)'))
-                ->select([
-                    DB::raw('p.name AS source'),
-                    DB::raw('COUNT(d.id) AS total'),
-                    DB::raw("COUNT(d.id) FILTER (WHERE d.status = 'accepted') AS accepted"),
-                    DB::raw("ROUND(COUNT(d.id) FILTER (WHERE d.status = 'accepted') * 100.0 / NULLIF(COUNT(d.id), 0), 1) AS conversion"),
-                    DB::raw('COALESCE(SUM(slc.cost_rub), 0) AS total_rub'),
-                    DB::raw('ROUND(AVG(slc.cost_rub), 2) AS avg_cost_rub'),
-                ])
-                ->get()
-                ->map(fn ($row): array => [
-                    $row->source,
-                    (int) $row->total,
-                    (int) $row->accepted,
-                    (float) $row->conversion,
-                    (float) $row->total_rub,
-                    $row->avg_cost_rub !== null ? (float) $row->avg_cost_rub : null,
-                ])
-                ->all();
-        });
-    }
-}
-```
-
-Save to `app/app/Services/Reports/Providers/SourcesSummaryProvider.php`.
-
-- [ ] **Step 4: Run test to verify it passes**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Reports/Providers/SourcesSummaryProviderTest.php --no-coverage
-```
-
-Expected: PASS (4 tests)
-
-- [ ] **Step 5: Commit**
-
-```bash
-cd app && ./vendor/bin/pint app/Services/Reports/Providers/SourcesSummaryProvider.php
-git add app/app/Services/Reports/Providers/SourcesSummaryProvider.php app/tests/Feature/Reports/Providers/SourcesSummaryProviderTest.php
-git commit -m "feat(reports): SourcesSummaryProvider — deals by source report"
-```
-
----
-
-## Task 3: BillingSummaryProvider
-
-**Files:**
-
-- Create: `app/tests/Feature/Reports/Providers/BillingSummaryProviderTest.php`
-- Create: `app/app/Services/Reports/Providers/BillingSummaryProvider.php`
-
-> Note: `balance_transactions` schema columns are `type` (not `transaction_type`) and `balance_rub_after` (not `balance_after_rub`). The headers stay human-friendly.
-
-- [ ] **Step 1: Write the failing test**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\ReportJob;
-use App\Models\Tenant;
-use App\Models\User;
-use App\Services\Reports\Providers\BillingSummaryProvider;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\DB;
-
-uses(DatabaseTransactions::class);
-
-beforeEach(function () {
-    $this->tenant = Tenant::factory()->create();
-    $this->user = User::factory()->create(['tenant_id' => $this->tenant->id]);
-    $this->provider = app(BillingSummaryProvider::class);
-    $this->job = ReportJob::create([
-        'tenant_id' => $this->tenant->id,
-        'user_id' => $this->user->id,
-        'type' => 'billing_summary',
-        'parameters' => ['format' => 'csv', 'date_from' => '2026-05-01', 'date_to' => '2026-05-31'],
-        'status' => ReportJob::STATUS_PENDING,
-    ]);
-});
-
-test('slug() == billing_summary', function () {
-    expect($this->provider->slug())->toBe('billing_summary');
-});
-
-test('headers() returns 5 columns', function () {
-    $headers = $this->provider->headers();
-    expect($headers)->toHaveCount(5);
-    expect($headers[0])->toBe('Дата');
-    expect($headers[4])->toBe('Описание');
-});
-
-test('rows() returns empty array for period with no transactions', function () {
-    expect($this->provider->rows($this->job))->toBe([]);
-});
-
-test('rows() returns billing transactions in chronological order', function () {
-    DB::table('balance_transactions')->insert([
-        [
-            'tenant_id' => $this->tenant->id,
-            'type' => 'topup',
-            'amount_rub' => 5000,
-            'balance_rub_after' => 5000,
-            'description' => 'Пополнение счёта',
-            'created_at' => '2026-05-05 12:00:00',
-        ],
-        [
-            'tenant_id' => $this->tenant->id,
-            'type' => 'lead_charge',
-            'amount_rub' => -200,
-            'balance_rub_after' => 4800,
-            'description' => 'Списание за лид',
-            'created_at' => '2026-05-10 09:00:00',
-        ],
-    ]);
-
-    // Another tenant's transaction — must be excluded
-    $other = Tenant::factory()->create();
-    DB::table('balance_transactions')->insert([
-        'tenant_id' => $other->id,
-        'type' => 'topup',
-        'amount_rub' => 1000,
-        'balance_rub_after' => 1000,
-        'description' => 'Other tenant',
-        'created_at' => '2026-05-07 10:00:00',
-    ]);
-
-    DB::statement('SET LOCAL app.current_tenant_id = ' . $this->tenant->id);
-
-    $rows = $this->provider->rows($this->job);
-
-    expect($rows)->toHaveCount(2);
-    expect($rows[0][1])->toBe('topup');
-    expect((float) $rows[0][2])->toBe(5000.0);
-    expect($rows[1][1])->toBe('lead_charge');
-    expect((float) $rows[1][2])->toBe(-200.0);
-});
-```
-
-Save to `app/tests/Feature/Reports/Providers/BillingSummaryProviderTest.php`.
-
-- [ ] **Step 2: Run test to verify it fails**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Reports/Providers/BillingSummaryProviderTest.php --no-coverage
-```
-
-Expected: FAIL — `Class "App\Services\Reports\Providers\BillingSummaryProvider" not found`
-
-- [ ] **Step 3: Write BillingSummaryProvider**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Reports\Providers;
-
-use App\Models\ReportJob;
-use Illuminate\Support\Facades\DB;
-
-class BillingSummaryProvider implements ReportDataProvider
-{
-    public function slug(): string
-    {
-        return 'billing_summary';
-    }
-
-    public function headers(): array
-    {
-        return [
-            'Дата',
-            'Тип операции',
-            'Сумма ₽',
-            'Баланс после ₽',
-            'Описание',
-        ];
-    }
-
-    public function rows(ReportJob $job): array
-    {
-        $params = $job->parameters ?? [];
-        $dateFrom = $params['date_from'];
-        $dateTo = $params['date_to'] . ' 23:59:59';
-
-        return DB::transaction(function () use ($job, $dateFrom, $dateTo): array {
-            DB::statement('SET LOCAL app.current_tenant_id = ' . (int) $job->tenant_id);
-
-            return DB::table('balance_transactions as bt')
-                ->where('bt.tenant_id', $job->tenant_id)
-                ->whereBetween('bt.created_at', [$dateFrom, $dateTo])
-                ->orderBy('bt.created_at')
-                ->select([
-                    DB::raw('bt.created_at::date AS date'),
-                    'bt.type',
-                    'bt.amount_rub',
-                    'bt.balance_rub_after',
-                    'bt.description',
-                ])
-                ->get()
-                ->map(fn ($row): array => [
-                    $row->date,
-                    $row->type,
-                    (float) $row->amount_rub,
-                    $row->balance_rub_after !== null ? (float) $row->balance_rub_after : null,
-                    $row->description,
-                ])
-                ->all();
-        });
-    }
-}
-```
-
-Save to `app/app/Services/Reports/Providers/BillingSummaryProvider.php`.
-
-- [ ] **Step 4: Run test to verify it passes**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Reports/Providers/BillingSummaryProviderTest.php --no-coverage
-```
-
-Expected: PASS (4 tests)
-
-- [ ] **Step 5: Commit**
-
-```bash
-cd app && ./vendor/bin/pint app/Services/Reports/Providers/BillingSummaryProvider.php
-git add app/app/Services/Reports/Providers/BillingSummaryProvider.php app/tests/Feature/Reports/Providers/BillingSummaryProviderTest.php
-git commit -m "feat(reports): BillingSummaryProvider — billing transactions report"
-```
-
----
-
-## Task 4: Extend ReportGeneratorRegistry
-
-**Files:**
-
-- Create: `app/tests/Unit/Services/Reports/ReportGeneratorRegistryTest.php`
-- Modify: `app/app/Services/Reports/ReportGeneratorRegistry.php`
-
-- [ ] **Step 1: Write the failing test**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Services\Reports\Providers\BillingSummaryProvider;
-use App\Services\Reports\Providers\DealsExportProvider;
-use App\Services\Reports\Providers\ManagersSummaryProvider;
-use App\Services\Reports\Providers\SourcesSummaryProvider;
-use App\Services\Reports\ReportGeneratorRegistry;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-
-uses(DatabaseTransactions::class);
-
-test('provider() resolves deals_export', function () {
-    expect(app(ReportGeneratorRegistry::class)->provider('deals_export'))
-        ->toBeInstanceOf(DealsExportProvider::class);
-});
-
-test('provider() resolves managers_summary', function () {
-    expect(app(ReportGeneratorRegistry::class)->provider('managers_summary'))
-        ->toBeInstanceOf(ManagersSummaryProvider::class);
-});
-
-test('provider() resolves sources_summary', function () {
-    expect(app(ReportGeneratorRegistry::class)->provider('sources_summary'))
-        ->toBeInstanceOf(SourcesSummaryProvider::class);
-});
-
-test('provider() resolves billing_summary', function () {
-    expect(app(ReportGeneratorRegistry::class)->provider('billing_summary'))
-        ->toBeInstanceOf(BillingSummaryProvider::class);
-});
-
-test('provider() throws for unknown type', function () {
-    expect(fn () => app(ReportGeneratorRegistry::class)->provider('unknown'))
-        ->toThrow(InvalidArgumentException::class);
-});
-
-test('isSupported() true for all 4 types with csv', function () {
-    $registry = app(ReportGeneratorRegistry::class);
-    expect($registry->isSupported('deals_export', 'csv'))->toBeTrue();
-    expect($registry->isSupported('managers_summary', 'csv'))->toBeTrue();
-    expect($registry->isSupported('sources_summary', 'csv'))->toBeTrue();
-    expect($registry->isSupported('billing_summary', 'csv'))->toBeTrue();
-});
-
-test('isSupported() false for unknown type', function () {
-    expect(app(ReportGeneratorRegistry::class)->isSupported('unknown_type', 'csv'))->toBeFalse();
-});
-```
-
-Save to `app/tests/Unit/Services/Reports/ReportGeneratorRegistryTest.php`.
-
-- [ ] **Step 2: Run test to verify it fails**
-
-```bash
-cd app && php vendor/bin/pest tests/Unit/Services/Reports/ReportGeneratorRegistryTest.php --no-coverage
-```
-
-Expected: FAIL — `provider('managers_summary')` throws `InvalidArgumentException`
-
-- [ ] **Step 3: Replace ReportGeneratorRegistry.php**
-
-Replace the full content of `app/app/Services/Reports/ReportGeneratorRegistry.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Reports;
-
-use App\Models\ReportJob;
-use App\Services\Reports\Formatters\CsvFormatter;
-use App\Services\Reports\Formatters\JsonFormatter;
-use App\Services\Reports\Formatters\PdfStubFormatter;
-use App\Services\Reports\Formatters\ReportFormatter;
-use App\Services\Reports\Formatters\XlsxFormatter;
-use App\Services\Reports\Providers\BillingSummaryProvider;
-use App\Services\Reports\Providers\DealsExportProvider;
-use App\Services\Reports\Providers\ManagersSummaryProvider;
-use App\Services\Reports\Providers\ReportDataProvider;
-use App\Services\Reports\Providers\SourcesSummaryProvider;
-use InvalidArgumentException;
-
-class ReportGeneratorRegistry
-{
-    private const SUPPORTED_TYPES = [
-        'deals_export',
-        'managers_summary',
-        'sources_summary',
-        'billing_summary',
-    ];
-
-    public function __construct(
-        private readonly DealsExportProvider $dealsExport,
-        private readonly ManagersSummaryProvider $managersSummary,
-        private readonly SourcesSummaryProvider $sourcesSummary,
-        private readonly BillingSummaryProvider $billingSummary,
-        private readonly CsvFormatter $csv,
-        private readonly XlsxFormatter $xlsx,
-        private readonly JsonFormatter $json,
-        private readonly PdfStubFormatter $pdf,
-    ) {}
-
-    public function provider(string $type): ReportDataProvider
-    {
-        return match ($type) {
-            'deals_export' => $this->dealsExport,
-            'managers_summary' => $this->managersSummary,
-            'sources_summary' => $this->sourcesSummary,
-            'billing_summary' => $this->billingSummary,
-            default => throw new InvalidArgumentException("Тип отчёта не реализован: {$type}"),
-        };
-    }
-
-    public function formatter(string $format): ReportFormatter
-    {
-        return match ($format) {
-            'csv' => $this->csv,
-            'xlsx' => $this->xlsx,
-            'json' => $this->json,
-            'pdf' => $this->pdf,
-            default => throw new InvalidArgumentException("Формат не поддерживается: {$format}"),
-        };
-    }
-
-    public function isSupported(string $type, string $format): bool
-    {
-        if (! in_array($type, ReportJob::TYPES, true) || ! in_array($format, ReportJob::FORMATS, true)) {
-            return false;
-        }
-
-        if (! in_array($type, self::SUPPORTED_TYPES, true)) {
-            return false;
-        }
-
-        // PDF — stub: validates, но генерация даёт failed-job (intended).
-        return true;
-    }
-}
-```
-
-- [ ] **Step 4: Run registry tests**
-
-```bash
-cd app && php vendor/bin/pest tests/Unit/Services/Reports/ReportGeneratorRegistryTest.php --no-coverage
-```
-
-Expected: PASS (7 tests)
-
-- [ ] **Step 5: Run full Reports suite (regression)**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Reports/ tests/Unit/Services/Reports/ --no-coverage
-```
-
-Expected: All pass — no regressions in existing lifecycle/controller tests.
-
-- [ ] **Step 6: Commit**
-
-```bash
-cd app && ./vendor/bin/pint app/Services/Reports/ReportGeneratorRegistry.php
-git add app/app/Services/Reports/ReportGeneratorRegistry.php app/tests/Unit/Services/Reports/ReportGeneratorRegistryTest.php
-git commit -m "feat(reports): extend ReportGeneratorRegistry — 4 providers, SUPPORTED_TYPES const"
-```
-
----
-
-## Task 5: S3 Abstraction (storage disk swap)
-
-**Files:**
-
-- Modify: `app/config/filesystems.php`
-- Modify: `.env.example`
-- Modify: `app/app/Jobs/GenerateReportJob.php`
-- Modify: `app/app/Http/Controllers/Api/ReportJobController.php`
-- Modify: `app/app/Console/Commands/ReportsCleanupExpired.php`
-- Modify: `app/tests/Feature/Reports/ReportJobControllerTest.php`
-- Modify: `app/tests/Feature/Reports/ReportLifecycleTest.php`
-
-No new tests — existing tests will break after the disk rename and pass after the fix.
-
-- [ ] **Step 1: Baseline — confirm all Reports tests green before touching anything**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Reports/ --no-coverage
-```
-
-Expected: All pass. Note the test count.
-
-- [ ] **Step 2: Add `reports` disk to config/filesystems.php**
-
-In `app/config/filesystems.php`, inside the `'disks' => [` array, add the following entry after the `'public'` disk block (before `'s3'`):
-
-```php
-'reports' => [
-    'driver' => env('REPORT_DISK', 'local'),
-    // driver=local: files go to storage/app/private/ (same root as 'local' disk)
-    // driver=s3: picks up AWS_BUCKET + AWS_* env vars automatically
-],
-```
-
-- [ ] **Step 3: Add REPORT\_DISK to .env.example**
-
-Find the line `FILESYSTEM_DISK=local` in `.env.example` and add immediately after it:
-
-```
-REPORT_DISK=local
-```
-
-- [ ] **Step 4: Replace disk('local') in GenerateReportJob**
-
-In `app/app/Jobs/GenerateReportJob.php` at line 82, change:
-
-```php
-Storage::disk('local')->put($relativePath, $content);
-```
-
-to:
-
-```php
-Storage::disk('reports')->put($relativePath, $content);
-```
-
-- [ ] **Step 5: Replace disk('local') in ReportJobController::destroy()**
-
-In `app/app/Http/Controllers/Api/ReportJobController.php`, find inside the `destroy()` method:
-
-```php
-Storage::disk('local')->delete($job->file_path);
-```
-
-Change to:
-
-```php
-Storage::disk('reports')->delete($job->file_path);
-```
-
-- [ ] **Step 6: Replace disk('local') in ReportsCleanupExpired**
-
-In `app/app/Console/Commands/ReportsCleanupExpired.php` at line 71:
-
-```php
-Storage::disk('local')->delete($job->file_path);
-```
-
-Change to:
-
-```php
-Storage::disk('reports')->delete($job->file_path);
-```
-
-- [ ] **Step 7: Fix Storage::fake in test files**
-
-**ReportJobControllerTest.php** — in `beforeEach()`, change:
-
-```php
-Storage::fake('local');
-```
-
-to:
-
-```php
-Storage::fake('reports');
-```
-
-**ReportLifecycleTest.php** — in `beforeEach()`, change:
-
-```php
-Storage::fake('local');
-```
-
-to:
-
-```php
-Storage::fake('reports');
-```
-
-**ReportLifecycleTest.php** — in test bodies, change all `Storage::disk('local')` to `Storage::disk('reports')`. There are 5 occurrences: lines 154, 160, 193, 195, 206, 207. Do a find-replace in the file:
-
-- `Storage::disk('local')->put(` → `Storage::disk('reports')->put(`
-- `Storage::disk('local')->assertMissing(` → `Storage::disk('reports')->assertMissing(`
-- `Storage::disk('local')->assertExists(` → `Storage::disk('reports')->assertExists(`
-
-- [ ] **Step 8: Run Reports suite — confirm all green**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Reports/ --no-coverage
-```
-
-Expected: Same count as Step 1, all pass.
-
-- [ ] **Step 9: Run Larastan**
-
-```bash
-cd app && php vendor/bin/phpstan analyse --no-progress --memory-limit=512M
-```
-
-Expected: 0 errors above baseline.
-
-- [ ] **Step 10: Commit**
-
-```bash
-cd app && ./vendor/bin/pint app/Jobs/GenerateReportJob.php app/Http/Controllers/Api/ReportJobController.php app/Console/Commands/ReportsCleanupExpired.php
-git add app/config/filesystems.php .env.example app/app/Jobs/GenerateReportJob.php app/app/Http/Controllers/Api/ReportJobController.php app/app/Console/Commands/ReportsCleanupExpired.php app/tests/Feature/Reports/ReportJobControllerTest.php app/tests/Feature/Reports/ReportLifecycleTest.php
-git commit -m "feat(reports): S3 abstraction — reports disk, REPORT_DISK env, replace disk('local')"
-```
-
----
-
-## Task 6: File Download Endpoint
-
-**Files:**
-
-- Modify: `app/routes/web.php`
-- Modify: `app/app/Http/Controllers/Api/ReportJobController.php`
-- Modify: `app/tests/Feature/Reports/ReportJobControllerTest.php`
-
-- [ ] **Step 1: Write the failing tests**
-
-Append these tests to the end of `app/tests/Feature/Reports/ReportJobControllerTest.php`:
-
-```php
-// ------ download ------
-
-test('GET /jobs/{id}/file: 401 без auth', function () {
-    auth()->logout();
-    $this->getJson('/api/reports/jobs/1/file')->assertStatus(401);
-});
-
-test('GET /jobs/{id}/file: 404 unknown job', function () {
-    $this->getJson('/api/reports/jobs/999999/file')->assertStatus(404);
-});
-
-test('GET /jobs/{id}/file: 404 чужой job', function () {
-    $other = Tenant::factory()->create();
-    $otherUser = User::factory()->create(['tenant_id' => $other->id]);
-    $job = makeReportJob($other->id, $otherUser->id, ['status' => ReportJob::STATUS_DONE]);
-    $this->getJson("/api/reports/jobs/{$job->id}/file")->assertStatus(404);
-});
-
-test('GET /jobs/{id}/file: 422 если status != done', function () {
-    $job = makeReportJob($this->tenant->id, $this->user->id, ['status' => ReportJob::STATUS_PENDING]);
-    $response = $this->getJson("/api/reports/jobs/{$job->id}/file");
-    $response->assertStatus(422);
-    expect($response->json('message'))->toBe('Report not ready');
-});
-
-test('GET /jobs/{id}/file: 410 если file_path null (expired)', function () {
-    $job = makeReportJob($this->tenant->id, $this->user->id, [
-        'status' => ReportJob::STATUS_DONE,
-        'file_path' => null,
-    ]);
-    $response = $this->getJson("/api/reports/jobs/{$job->id}/file");
-    $response->assertStatus(410);
-    expect($response->json('message'))->toBe('Report file expired');
-});
-
-test('GET /jobs/{id}/file: 410 если файл не существует на диске', function () {
-    $job = makeReportJob($this->tenant->id, $this->user->id, [
-        'status' => ReportJob::STATUS_DONE,
-        'file_path' => 'reports/99/99.csv',
-    ]);
-    // Storage::fake('reports') — файл не создан
-    $this->getJson("/api/reports/jobs/{$job->id}/file")->assertStatus(410);
-});
-
-test('GET /jobs/{id}/file: 200 CSV — Content-Disposition и Content-Type', function () {
-    Storage::disk('reports')->put('reports/1/42.csv', "col1,col2\nval1,val2");
-    $job = makeReportJob($this->tenant->id, $this->user->id, [
-        'status' => ReportJob::STATUS_DONE,
-        'file_path' => 'reports/1/42.csv',
-        'file_size' => 19,
-        'parameters' => ['format' => 'csv', 'date_from' => '2026-05-01', 'date_to' => '2026-05-31'],
-    ]);
-
-    $response = $this->get("/api/reports/jobs/{$job->id}/file");
-
-    $response->assertStatus(200);
-    expect($response->headers->get('Content-Type'))->toContain('text/csv');
-    expect($response->headers->get('Content-Disposition'))->toContain("report-{$job->id}.csv");
-});
-
-test('GET /jobs/{id}/file: 200 XLSX — правильный Content-Type', function () {
-    Storage::disk('reports')->put('reports/1/43.xlsx', 'fake-xlsx-bytes');
-    $job = makeReportJob($this->tenant->id, $this->user->id, [
-        'status' => ReportJob::STATUS_DONE,
-        'file_path' => 'reports/1/43.xlsx',
-        'parameters' => ['format' => 'xlsx', 'date_from' => '2026-05-01', 'date_to' => '2026-05-31'],
-    ]);
-
-    $response = $this->get("/api/reports/jobs/{$job->id}/file");
-
-    $response->assertStatus(200);
-    expect($response->headers->get('Content-Type'))->toContain('spreadsheetml');
-});
-```
-
-- [ ] **Step 2: Run new tests to confirm they fail**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Reports/ReportJobControllerTest.php --filter="file" --no-coverage
-```
-
-Expected: FAIL — 404 or 405 (route not registered yet)
-
-- [ ] **Step 3: Add download route to web.php**
-
-In `app/routes/web.php`, inside the `Route::middleware(['auth:sanctum', 'tenant'])->prefix('/api/reports/jobs')` group, add the new route **before** the `DELETE /{id}` line:
-
-```php
-Route::get('/{id}/file', 'App\Http\Controllers\Api\ReportJobController@download')->where('id', '[0-9]+');
-```
-
-The reports group becomes:
-
-```php
-Route::middleware(['auth:sanctum', 'tenant'])->prefix('/api/reports/jobs')->group(function () {
-    Route::get('/', 'App\Http\Controllers\Api\ReportJobController@index');
-    Route::post('/', 'App\Http\Controllers\Api\ReportJobController@store');
-    Route::get('/{id}', 'App\Http\Controllers\Api\ReportJobController@show')->where('id', '[0-9]+');
-    Route::post('/{id}/retry', 'App\Http\Controllers\Api\ReportJobController@retry')->where('id', '[0-9]+');
-    Route::post('/{id}/cancel', 'App\Http\Controllers\Api\ReportJobController@cancel')->where('id', '[0-9]+');
-    Route::get('/{id}/file', 'App\Http\Controllers\Api\ReportJobController@download')->where('id', '[0-9]+');
-    Route::delete('/{id}', 'App\Http\Controllers\Api\ReportJobController@destroy')->where('id', '[0-9]+');
-});
-```
-
-- [ ] **Step 4: Add download() method and StreamedResponse import to ReportJobController**
-
-Add `use Symfony\Component\HttpFoundation\StreamedResponse;` to the imports section of `app/app/Http/Controllers/Api/ReportJobController.php` (after the existing `use` statements).
-
-Add the following method after the `show()` method and before `store()`:
-
-```php
-/**
- * GET /api/reports/jobs/{id}/file — скачать готовый файл отчёта.
- */
-public function download(Request $request, int $id): StreamedResponse|JsonResponse
-{
-    /** @var User $user */
-    $user = $request->user();
-
-    $job = DB::transaction(function () use ($user, $id): ?ReportJob {
-        DB::statement('SET LOCAL app.current_tenant_id = ' . (int) $user->tenant_id);
-
-        return ReportJob::query()
-            ->where('id', $id)
-            ->where('tenant_id', $user->tenant_id)
-            ->first();
-    });
-
-    if ($job === null) {
-        return response()->json(['message' => 'Отчёт не найден.'], 404);
-    }
-
-    if ($job->status !== ReportJob::STATUS_DONE) {
-        return response()->json(['message' => 'Report not ready'], 422);
-    }
-
-    if ($job->file_path === null || ! Storage::disk('reports')->exists($job->file_path)) {
-        return response()->json(['message' => 'Report file expired'], 410);
-    }
-
-    $format = (string) ($job->parameters['format'] ?? 'csv');
-    $mimeType = match ($format) {
-        'xlsx' => 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
-        'json' => 'application/json',
-        default => 'text/csv; charset=utf-8',
-    };
-    $contentLength = $job->file_size ?? Storage::disk('reports')->size($job->file_path);
-
-    return response()->streamDownload(function () use ($job): void {
-        $stream = Storage::disk('reports')->readStream($job->file_path);
-        fpassthru($stream);
-        fclose($stream);
-    }, "report-{$job->id}.{$format}", [
-        'Content-Type' => $mimeType,
-        'Content-Length' => (string) $contentLength,
-    ]);
-}
-```
-
-- [ ] **Step 5: Run download tests**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Reports/ReportJobControllerTest.php --filter="file" --no-coverage
-```
-
-Expected: PASS (8 tests)
-
-- [ ] **Step 6: Run full Reports suite**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Reports/ tests/Feature/Reports/Providers/ tests/Unit/Services/Reports/ --no-coverage
-```
-
-Expected: All pass (no regressions).
-
-- [ ] **Step 7: Run full Pest suite**
-
-```bash
-cd app && php vendor/bin/pest --no-coverage
-```
-
-Expected: All pass. Count should be 403 (previous) + new tests from Tasks 1–6.
-
-- [ ] **Step 8: Run Larastan**
-
-```bash
-cd app && php vendor/bin/phpstan analyse --no-progress --memory-limit=512M
-```
-
-Expected: 0 errors above baseline.
-
-- [ ] **Step 9: Commit**
-
-```bash
-cd app && ./vendor/bin/pint app/Http/Controllers/Api/ReportJobController.php
-git add app/routes/web.php app/app/Http/Controllers/Api/ReportJobController.php app/tests/Feature/Reports/ReportJobControllerTest.php
-git commit -m "feat(reports): GET /api/reports/jobs/{id}/file — streaming download endpoint"
-```
-
----
-
-## Self-Review
-
-**Spec coverage:**
-
-- ✅ `ManagersSummaryProvider` — slug, 7 headers, DB query on deals/users/supplier\_lead\_costs (Task 1)
-- ✅ `SourcesSummaryProvider` — slug, 6 headers, DB query on deals/projects/supplier\_lead\_costs (Task 2)
-- ✅ `BillingSummaryProvider` — slug, 5 headers, DB query on balance\_transactions (Task 3)
-- ✅ `ReportGeneratorRegistry` — 4 providers, `SUPPORTED_TYPES` const, `isSupported()` updated (Task 4)
-- ✅ `reports` disk in `config/filesystems.php` with `REPORT_DISK` env var (Task 5)
-- ✅ All `Storage::disk('local')` in Reports subsystem replaced with `Storage::disk('reports')` (Task 5)
-- ✅ `.env.example` updated (Task 5)
-- ✅ Both test files' `Storage::fake('local')` updated to `Storage::fake('reports')` (Task 5)
-- ✅ `GET /api/reports/jobs/{id}/file` — 401/404/422/410/200 cases (Task 6)
-- ✅ `Content-Disposition` and `Content-Type` headers set correctly (Task 6)
-
-**Placeholder scan:** None. All steps contain complete code.
-
-**Spec vs actual schema corrections applied:**
-
-- `deals.manager_id` (not `assigned_user_id`)
-- `balance_transactions.type` (not `transaction_type`)
-- `balance_transactions.balance_rub_after` (not `balance_after_rub`)
-- Test dates use May 2026 (partitions start `2026-05-01`)
-- `supplier_lead_costs` insert includes `received_at` (partition key, must match deal's `received_at`)
diff --git a/docs/superpowers/plans/2026-05-10-supplier-foundation-plan.md b/docs/superpowers/plans/2026-05-10-supplier-foundation-plan.md
deleted file mode 100644
index 411b0af..0000000
--- a/docs/superpowers/plans/2026-05-10-supplier-foundation-plan.md
+++ /dev/null
@@ -1,2515 +0,0 @@
-# Supplier Integration — Foundation (Plan 1/5)
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
->
-> **Verification is mandatory at every gate.** This plan was authored under the directive: "перепроверять на все возможные ошибки, в логике, в коде, в цикличностях, опечатки и тд". Do not skip verification gates.
-
-**Goal:** Расширить existing schema и Eloquent-модели Лидерры под supplier-integration data model: 3 новых таблицы (`supplier_projects`, `pricing_tiers`, `lead_charges`, `supplier_sync_log`), расширение `projects` под signal_type/identifier/SMS-поля, обновление `db/schema.sql`, RLS на tenant-scoped таблицах, factories + Pest-тесты.
-
-**Architecture:** Используем существующие паттерны проекта: SetTenantContext middleware + RLS, Eloquent-модели c HasFactory (+ SoftDeletes где нужно), Pest c DatabaseTransactions + явный `SET app.current_tenant_id`. Новые таблицы — два класса: tenant-scoped (с RLS) и SaaS-level (без RLS, REVOKE на crm_app_user). Миграции в `database/migrations/` отдельными файлами + sync с `db/schema.sql` (single source of truth) + запись в `db/CHANGELOG_schema.md`.
-
-**Tech Stack:** Laravel 13.7, PostgreSQL 16, Pest 4, Larastan, squawk, pgFormatter (existing toolchain).
-
-**Spec:** [docs/superpowers/specs/2026-05-10-supplier-integration-design.md](../specs/2026-05-10-supplier-integration-design.md) — раздел §2 (Модель данных), §7 (Биллинг), §9 (Схема БД).
-
-**Verification philosophy:** TDD для каждой задачи (failing test first → green → commit). Verification gates после каждой группы задач. Финальный «Comprehensive Verification» в конце плана включает: Larastan, Pest, squawk, pgFormatter, cspell, markdownlint, миграция fresh, RLS-смок, dependency-cycle check, code-reviewer subagent.
-
----
-
-## File Structure
-
-### Files to create
-
-```
-database/migrations/
-  2026_05_10_000001_extend_projects_for_supplier_integration.php
-  2026_05_10_000002_create_supplier_projects_table.php
-  2026_05_10_000003_create_pricing_tiers_table.php
-  2026_05_10_000004_create_lead_charges_table.php
-  2026_05_10_000005_create_supplier_sync_log_table.php
-
-app/Models/
-  SupplierProject.php
-  PricingTier.php
-  LeadCharge.php
-  SupplierSyncLog.php
-
-database/factories/
-  SupplierProjectFactory.php
-  PricingTierFactory.php
-  LeadChargeFactory.php
-  SupplierSyncLogFactory.php
-
-tests/Unit/Models/
-  SupplierProjectTest.php
-  PricingTierTest.php
-  LeadChargeTest.php
-  SupplierSyncLogTest.php
-
-tests/Feature/Integration/
-  ProjectsSchemaExtensionTest.php
-  LeadChargesRlsTest.php
-  SupplierProjectsAccessTest.php
-```
-
-### Files to modify
-
-```
-app/Models/Project.php             # add casts, relationships, signal_type accessor
-database/factories/ProjectFactory.php  # extend with new fields
-db/schema.sql                       # mirror migration changes (source of truth)
-db/CHANGELOG_schema.md              # entry v8.12 → v8.13
-```
-
-### Responsibilities (one purpose per file)
-
-- **Migration files** — DDL для одной концепции (extend projects / create supplier_projects / etc.). Не смешивать.
-- **Models** — только Eloquent-модель: relationships, casts, scopes. Никакой бизнес-логики.
-- **Factories** — генерация фейковых данных для тестов. Минимум валидных значений, без edge cases.
-- **Unit tests** — модель в изоляции: casts работают, relationships определены, scope-методы корректны.
-- **Integration tests** — миграция применяется чисто, RLS изолирует tenant'ы, FK работают, индексы созданы.
-
----
-
-## Pre-flight checks
-
-- [ ] **Step P1:** Verify clean working tree
-
-Run: `git status --short`
-Expected: только untracked файлы (известные плановые), нет staged/modified в `app/`, `database/`, `db/`.
-
-Если есть посторонние модификации — остановись и согласуй с пользователем.
-
-- [ ] **Step P2:** Verify baseline tests pass
-
-Run (в `c:\моя\проекты\портал crm\Документация\app\`): `composer test`
-Expected: `Tests: 403 passed` (или текущая baseline-цифра).
-
-Если падает что-то постороннее — остановись, не начинай новую работу на сломанном baseline.
-
-- [ ] **Step P3:** Verify Larastan baseline clean
-
-Run: `composer stan`
-Expected: `[OK] No errors`
-
-Если есть ошибки — остановись.
-
-- [ ] **Step P4:** Snapshot текущей версии schema
-
-Run: `head -5 db/schema.sql`
-Запиши версию (например, "v8.11") — пригодится при обновлении CHANGELOG.
-
----
-
-## Task 1: Migration `extend_projects_for_supplier_integration`
-
-**Why:** Существующий `projects` table содержит часть нужных полей (`tag`, `daily_limit_target`, `region_mask`, `delivery_days_mask`, `is_active`). Не хватает: `signal_type`, `signal_identifier`, `sms_senders`, `sms_keyword`, `delivered_in_month`, FK на supplier_projects.
-
-**Files:**
-
-- Create: `database/migrations/2026_05_10_000001_extend_projects_for_supplier_integration.php`
-- Create: `tests/Feature/Integration/ProjectsSchemaExtensionTest.php`
-
-- [ ] **Step 1.1: Write failing migration test**
-
-Create `tests/Feature/Integration/ProjectsSchemaExtensionTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Schema;
-
-uses(\Tests\TestCase::class);
-
-test('projects table has signal_type column with enum constraint', function () {
-    expect(Schema::hasColumn('projects', 'signal_type'))->toBeTrue();
-
-    $check = DB::selectOne(
-        "SELECT pg_get_constraintdef(c.oid) AS def
-         FROM pg_constraint c
-         JOIN pg_class t ON c.conrelid = t.oid
-         WHERE t.relname = 'projects' AND c.conname LIKE '%signal_type%'"
-    );
-
-    expect($check->def)->toContain("'site'", "'call'", "'sms'");
-});
-
-test('projects table has signal_identifier text column', function () {
-    expect(Schema::hasColumn('projects', 'signal_identifier'))->toBeTrue();
-});
-
-test('projects table has sms_senders jsonb array column', function () {
-    expect(Schema::hasColumn('projects', 'sms_senders'))->toBeTrue();
-
-    $type = DB::selectOne(
-        "SELECT data_type FROM information_schema.columns
-         WHERE table_name = 'projects' AND column_name = 'sms_senders'"
-    );
-
-    expect($type->data_type)->toBe('jsonb');
-});
-
-test('projects table has sms_keyword nullable text column', function () {
-    expect(Schema::hasColumn('projects', 'sms_keyword'))->toBeTrue();
-
-    $col = DB::selectOne(
-        "SELECT is_nullable FROM information_schema.columns
-         WHERE table_name = 'projects' AND column_name = 'sms_keyword'"
-    );
-
-    expect($col->is_nullable)->toBe('YES');
-});
-
-test('projects table has delivered_in_month integer counter', function () {
-    expect(Schema::hasColumn('projects', 'delivered_in_month'))->toBeTrue();
-});
-
-test('projects table has supplier_b1_project_id, b2, b3 nullable FK columns', function () {
-    foreach (['supplier_b1_project_id', 'supplier_b2_project_id', 'supplier_b3_project_id'] as $col) {
-        expect(Schema::hasColumn('projects', $col))->toBeTrue();
-    }
-});
-
-test('signal_type sms requires sms_senders non-empty (CHECK constraint)', function () {
-    $check = DB::selectOne(
-        "SELECT pg_get_constraintdef(c.oid) AS def
-         FROM pg_constraint c
-         JOIN pg_class t ON c.conrelid = t.oid
-         WHERE t.relname = 'projects' AND c.conname = 'projects_sms_senders_required_for_sms'"
-    );
-
-    expect($check)->not->toBeNull();
-    expect($check->def)->toContain('signal_type');
-});
-```
-
-- [ ] **Step 1.2: Run test — verify it fails**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/Integration/ProjectsSchemaExtensionTest.php -v`
-Expected: 7 failures (columns missing).
-
-- [ ] **Step 1.3: Write the migration**
-
-Create `database/migrations/2026_05_10_000001_extend_projects_for_supplier_integration.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Database\Migrations\Migration;
-use Illuminate\Database\Schema\Blueprint;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Schema;
-
-return new class extends Migration {
-    public function up(): void
-    {
-        Schema::table('projects', function (Blueprint $table) {
-            $table->string('signal_type', 16)->nullable()->after('type');
-            $table->text('signal_identifier')->nullable()->after('signal_type');
-            $table->jsonb('sms_senders')->nullable()->after('signal_identifier');
-            $table->text('sms_keyword')->nullable()->after('sms_senders');
-            $table->unsignedInteger('delivered_in_month')->default(0)->after('effective_daily_limit_today');
-            $table->unsignedBigInteger('supplier_b1_project_id')->nullable()->after('delivered_in_month');
-            $table->unsignedBigInteger('supplier_b2_project_id')->nullable()->after('supplier_b1_project_id');
-            $table->unsignedBigInteger('supplier_b3_project_id')->nullable()->after('supplier_b2_project_id');
-        });
-
-        DB::statement("
-            ALTER TABLE projects
-            ADD CONSTRAINT projects_signal_type_check
-            CHECK (signal_type IS NULL OR signal_type IN ('site','call','sms'))
-        ");
-
-        DB::statement("
-            ALTER TABLE projects
-            ADD CONSTRAINT projects_sms_senders_required_for_sms
-            CHECK (
-                signal_type <> 'sms'
-                OR (sms_senders IS NOT NULL AND jsonb_typeof(sms_senders) = 'array' AND jsonb_array_length(sms_senders) > 0)
-            )
-        ");
-
-        DB::statement("
-            ALTER TABLE projects
-            ADD CONSTRAINT projects_signal_identifier_required_for_site_call
-            CHECK (
-                signal_type NOT IN ('site','call')
-                OR (signal_identifier IS NOT NULL AND length(trim(signal_identifier)) > 0)
-            )
-        ");
-
-        Schema::table('projects', function (Blueprint $table) {
-            $table->index(['tenant_id', 'signal_type', 'signal_identifier'], 'idx_projects_tenant_signal');
-        });
-    }
-
-    public function down(): void
-    {
-        Schema::table('projects', function (Blueprint $table) {
-            $table->dropIndex('idx_projects_tenant_signal');
-        });
-
-        DB::statement('ALTER TABLE projects DROP CONSTRAINT IF EXISTS projects_signal_identifier_required_for_site_call');
-        DB::statement('ALTER TABLE projects DROP CONSTRAINT IF EXISTS projects_sms_senders_required_for_sms');
-        DB::statement('ALTER TABLE projects DROP CONSTRAINT IF EXISTS projects_signal_type_check');
-
-        Schema::table('projects', function (Blueprint $table) {
-            $table->dropColumn([
-                'supplier_b3_project_id',
-                'supplier_b2_project_id',
-                'supplier_b1_project_id',
-                'delivered_in_month',
-                'sms_keyword',
-                'sms_senders',
-                'signal_identifier',
-                'signal_type',
-            ]);
-        });
-    }
-};
-```
-
-- [ ] **Step 1.4: Lint migration with squawk**
-
-Run: `cd app && npx --yes squawk database/migrations/2026_05_10_000001_extend_projects_for_supplier_integration.php` (или конкретная команда из существующего lefthook.yml — посмотри `lefthook.yml` jobs).
-
-Expected: `0 issues`.
-
-Если squawk ругается на ALTER TABLE без `IF NOT EXISTS` или на missing index — поправь.
-
-- [ ] **Step 1.5: Apply migration**
-
-Run: `cd app && php artisan migrate`
-Expected: `Migrating: 2026_05_10_000001_extend_projects_for_supplier_integration ... DONE`
-
-- [ ] **Step 1.6: Run tests — verify pass**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/Integration/ProjectsSchemaExtensionTest.php -v`
-Expected: 7 passed.
-
-- [ ] **Step 1.7: Verify rollback works**
-
-Run: `cd app && php artisan migrate:rollback --step=1`
-Expected: rollback DONE; columns/constraints/index dropped.
-
-Run: `cd app && php artisan migrate`
-Expected: re-applied DONE.
-
-- [ ] **Step 1.8: Sync `db/schema.sql`**
-
-Open `db/schema.sql`, найди блок `CREATE TABLE projects (...)`, добавь новые колонки и CHECK-constraints в том же порядке что в миграции. Добавь индекс. Не забудь обновить версию в шапке (например, v8.11 → v8.12).
-
-Run: `cd app && composer format:sql:check` (или альтернативная команда из существующих скриптов) — pgFormatter не должен ругаться.
-
-- [ ] **Step 1.9: Update `db/CHANGELOG_schema.md`**
-
-Добавь запись в начало:
-
-```markdown
-## v8.12 — 2026-05-10
-
-- `projects` extended for supplier integration: +signal_type (enum site/call/sms), +signal_identifier (text), +sms_senders (jsonb array), +sms_keyword (nullable text), +delivered_in_month (uint), +supplier_b{1,2,3}_project_id (nullable FK placeholder). 3 CHECK constraints + 1 composite index.
-- Spec: docs/superpowers/specs/2026-05-10-supplier-integration-design.md §2.1
-```
-
-- [ ] **Step 1.10: Commit**
-
-Run:
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация"
-git add app/database/migrations/2026_05_10_000001_extend_projects_for_supplier_integration.php \
-        app/tests/Feature/Integration/ProjectsSchemaExtensionTest.php \
-        db/schema.sql \
-        db/CHANGELOG_schema.md
-git commit -m "feat(db): extend projects for supplier integration (signal_type, identifier, sms_senders, sms_keyword, delivered_in_month, b1/b2/b3 FK placeholders)"
-```
-
----
-
-## Task 2: Migration `create_supplier_projects_table`
-
-**Why:** SaaS-level агрегатная сущность — отражает что именно у поставщика создано/синхронизировано. Не tenant-scoped (несколько клиентов Лидерры разделяют один supplier_project — sharing model).
-
-**Files:**
-
-- Create: `database/migrations/2026_05_10_000002_create_supplier_projects_table.php`
-- Create: `tests/Feature/Integration/SupplierProjectsAccessTest.php`
-
-- [ ] **Step 2.1: Write failing structure test**
-
-Create `tests/Feature/Integration/SupplierProjectsAccessTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Schema;
-
-uses(\Tests\TestCase::class);
-
-test('supplier_projects table exists with required columns', function () {
-    expect(Schema::hasTable('supplier_projects'))->toBeTrue();
-
-    foreach ([
-        'id', 'platform', 'signal_type', 'unique_key', 'supplier_external_id',
-        'current_limit', 'current_workdays', 'current_regions',
-        'sync_status', 'last_synced_at', 'inactive_since',
-        'created_at', 'updated_at',
-    ] as $col) {
-        expect(Schema::hasColumn('supplier_projects', $col))
-            ->toBeTrue("column {$col} missing");
-    }
-});
-
-test('supplier_projects has unique constraint on (platform, unique_key)', function () {
-    $idx = DB::selectOne(
-        "SELECT indexdef FROM pg_indexes
-         WHERE tablename = 'supplier_projects' AND indexname = 'supplier_projects_platform_unique_key_unique'"
-    );
-    expect($idx)->not->toBeNull();
-    expect($idx->indexdef)->toContain('UNIQUE');
-});
-
-test('supplier_projects platform check constraint allows only B1, B2, B3', function () {
-    $check = DB::selectOne(
-        "SELECT pg_get_constraintdef(c.oid) AS def
-         FROM pg_constraint c JOIN pg_class t ON c.conrelid = t.oid
-         WHERE t.relname = 'supplier_projects' AND c.conname = 'supplier_projects_platform_check'"
-    );
-    expect($check->def)->toContain("'B1'", "'B2'", "'B3'");
-});
-
-test('supplier_projects sync_status check constraint', function () {
-    $check = DB::selectOne(
-        "SELECT pg_get_constraintdef(c.oid) AS def
-         FROM pg_constraint c JOIN pg_class t ON c.conrelid = t.oid
-         WHERE t.relname = 'supplier_projects' AND c.conname = 'supplier_projects_sync_status_check'"
-    );
-    expect($check->def)->toContain("'pending'", "'ok'", "'failed'");
-});
-
-test('supplier_projects has NO RLS policy (SaaS-level)', function () {
-    $rls = DB::selectOne(
-        "SELECT relrowsecurity FROM pg_class WHERE relname = 'supplier_projects'"
-    );
-    expect((bool) $rls->relrowsecurity)->toBeFalse();
-});
-
-test('supplier_projects has REVOKE ALL on crm_app_user', function () {
-    $grants = DB::select(
-        "SELECT privilege_type FROM information_schema.role_table_grants
-         WHERE table_name = 'supplier_projects' AND grantee = 'crm_app_user'"
-    );
-
-    expect($grants)->toBeArray();
-    expect($grants)->toBeEmpty('crm_app_user must have no direct privileges on supplier_projects');
-});
-```
-
-- [ ] **Step 2.2: Run test — verify it fails**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/Integration/SupplierProjectsAccessTest.php -v`
-Expected: 6 failures.
-
-- [ ] **Step 2.3: Write migration**
-
-Create `database/migrations/2026_05_10_000002_create_supplier_projects_table.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Database\Migrations\Migration;
-use Illuminate\Database\Schema\Blueprint;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Schema;
-
-return new class extends Migration {
-    public function up(): void
-    {
-        Schema::create('supplier_projects', function (Blueprint $table) {
-            $table->id();
-            $table->string('platform', 4);
-            $table->string('signal_type', 16);
-            $table->text('unique_key');
-            $table->string('supplier_external_id', 64)->nullable();
-            $table->unsignedInteger('current_limit')->default(0);
-            $table->jsonb('current_workdays')->nullable();
-            $table->jsonb('current_regions')->nullable();
-            $table->string('sync_status', 16)->default('pending');
-            $table->timestamp('last_synced_at')->nullable();
-            $table->timestamp('inactive_since')->nullable();
-            $table->timestamps();
-
-            $table->unique(['platform', 'unique_key'], 'supplier_projects_platform_unique_key_unique');
-            $table->index('sync_status');
-            $table->index('inactive_since');
-        });
-
-        DB::statement("
-            ALTER TABLE supplier_projects
-            ADD CONSTRAINT supplier_projects_platform_check
-            CHECK (platform IN ('B1','B2','B3'))
-        ");
-
-        DB::statement("
-            ALTER TABLE supplier_projects
-            ADD CONSTRAINT supplier_projects_signal_type_check
-            CHECK (signal_type IN ('site','call','sms'))
-        ");
-
-        DB::statement("
-            ALTER TABLE supplier_projects
-            ADD CONSTRAINT supplier_projects_sync_status_check
-            CHECK (sync_status IN ('pending','ok','failed'))
-        ");
-
-        DB::statement("
-            ALTER TABLE supplier_projects
-            ADD CONSTRAINT supplier_projects_b1_not_for_sms
-            CHECK (NOT (platform = 'B1' AND signal_type = 'sms'))
-        ");
-
-        DB::statement('REVOKE ALL ON TABLE supplier_projects FROM crm_app_user');
-    }
-
-    public function down(): void
-    {
-        Schema::dropIfExists('supplier_projects');
-    }
-};
-```
-
-- [ ] **Step 2.4: Lint with squawk**
-
-Run: `cd app && npx --yes squawk database/migrations/2026_05_10_000002_create_supplier_projects_table.php`
-Expected: 0 issues. (Возможно warning на missing CONCURRENTLY index — для пустой таблицы при create это false-positive, можно add to .squawkrc.)
-
-- [ ] **Step 2.5: Apply and run tests**
-
-Run:
-
-```bash
-cd app
-php artisan migrate
-./vendor/bin/pest tests/Feature/Integration/SupplierProjectsAccessTest.php -v
-```
-
-Expected: migration done, 6 tests passed.
-
-- [ ] **Step 2.6: Verify rollback**
-
-Run: `cd app && php artisan migrate:rollback --step=1 && php artisan migrate`
-Expected: оба шага DONE.
-
-- [ ] **Step 2.7: Sync `db/schema.sql` + CHANGELOG**
-
-Add `CREATE TABLE supplier_projects (...)` block в schema.sql после блока `projects`. Bump version in header to v8.13. Update CHANGELOG.
-
-- [ ] **Step 2.8: Commit**
-
-```bash
-git add app/database/migrations/2026_05_10_000002_create_supplier_projects_table.php \
-        app/tests/Feature/Integration/SupplierProjectsAccessTest.php \
-        db/schema.sql db/CHANGELOG_schema.md
-git commit -m "feat(db): create supplier_projects table (SaaS-level aggregate, B1/B2/B3 platforms)"
-```
-
----
-
-## Task 3: Migration `create_pricing_tiers_table`
-
-**Why:** §7 спеки — 7-ступенчатый объёмный тариф, конфигурируемый админом Лидерры. SaaS-level (один на всю Лидерру; per-tenant override — out of scope для MVP).
-
-**Files:**
-
-- Create: `database/migrations/2026_05_10_000003_create_pricing_tiers_table.php`
-
-- [ ] **Step 3.1: Write failing test (in `LeadChargesRlsTest.php` namespace, секция pricing_tiers)**
-
-Дополни новый файл `tests/Feature/Integration/PricingTiersTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Schema;
-
-uses(\Tests\TestCase::class);
-
-test('pricing_tiers table exists with required columns', function () {
-    expect(Schema::hasTable('pricing_tiers'))->toBeTrue();
-
-    foreach (['id', 'tier_no', 'leads_in_tier', 'price_per_lead_kopecks', 'is_active', 'effective_from', 'created_at', 'updated_at'] as $col) {
-        expect(Schema::hasColumn('pricing_tiers', $col))->toBeTrue("column {$col} missing");
-    }
-});
-
-test('pricing_tiers tier_no constrained to 1..7', function () {
-    $check = DB::selectOne(
-        "SELECT pg_get_constraintdef(c.oid) AS def
-         FROM pg_constraint c JOIN pg_class t ON c.conrelid = t.oid
-         WHERE t.relname = 'pricing_tiers' AND c.conname = 'pricing_tiers_tier_no_check'"
-    );
-    expect($check->def)->toContain('1', '7');
-});
-
-test('pricing_tiers has unique on (tier_no, effective_from) for active rows', function () {
-    $idx = DB::selectOne(
-        "SELECT indexdef FROM pg_indexes
-         WHERE tablename = 'pricing_tiers' AND indexname = 'pricing_tiers_tier_effective_unique'"
-    );
-    expect($idx)->not->toBeNull();
-});
-
-test('pricing_tiers price stored in kopecks (integer, not float)', function () {
-    $col = DB::selectOne(
-        "SELECT data_type FROM information_schema.columns
-         WHERE table_name = 'pricing_tiers' AND column_name = 'price_per_lead_kopecks'"
-    );
-    expect($col->data_type)->toBe('integer');
-});
-```
-
-- [ ] **Step 3.2: Run test — verify fail**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/Integration/PricingTiersTest.php -v`
-Expected: 4 failures.
-
-- [ ] **Step 3.3: Write migration**
-
-Create `database/migrations/2026_05_10_000003_create_pricing_tiers_table.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Database\Migrations\Migration;
-use Illuminate\Database\Schema\Blueprint;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Schema;
-
-return new class extends Migration {
-    public function up(): void
-    {
-        Schema::create('pricing_tiers', function (Blueprint $table) {
-            $table->id();
-            $table->unsignedSmallInteger('tier_no');
-            $table->unsignedInteger('leads_in_tier')->nullable();
-            $table->unsignedInteger('price_per_lead_kopecks');
-            $table->boolean('is_active')->default(true);
-            $table->date('effective_from');
-            $table->timestamps();
-
-            $table->unique(['tier_no', 'effective_from'], 'pricing_tiers_tier_effective_unique');
-            $table->index(['is_active', 'effective_from']);
-        });
-
-        DB::statement("
-            ALTER TABLE pricing_tiers
-            ADD CONSTRAINT pricing_tiers_tier_no_check
-            CHECK (tier_no BETWEEN 1 AND 7)
-        ");
-
-        DB::statement('REVOKE ALL ON TABLE pricing_tiers FROM crm_app_user');
-        DB::statement('GRANT SELECT ON TABLE pricing_tiers TO crm_app_user');
-    }
-
-    public function down(): void
-    {
-        Schema::dropIfExists('pricing_tiers');
-    }
-};
-```
-
-> **Why kopecks (не decimal):** избегаем floating-point округлений в money-расчётах. Формат: integer kopecks (1 руб = 100 копеек). UI converts at the edge.
-
-- [ ] **Step 3.4: Lint, apply, test**
-
-Run:
-
-```bash
-cd app
-npx --yes squawk database/migrations/2026_05_10_000003_create_pricing_tiers_table.php
-php artisan migrate
-./vendor/bin/pest tests/Feature/Integration/PricingTiersTest.php -v
-```
-
-Expected: 0 squawk issues, migration DONE, 4 tests passed.
-
-- [ ] **Step 3.5: Sync schema.sql + CHANGELOG, commit**
-
-```bash
-git add app/database/migrations/2026_05_10_000003_create_pricing_tiers_table.php \
-        app/tests/Feature/Integration/PricingTiersTest.php \
-        db/schema.sql db/CHANGELOG_schema.md
-git commit -m "feat(db): create pricing_tiers table (7-step volume billing, kopecks integer)"
-```
-
----
-
-## Task 4: Migration `create_lead_charges_table`
-
-**Why:** §7.4 — ledger списаний за каждый доставленный лид. Tenant-scoped (RLS), append-only (insert) для аудита.
-
-**Files:**
-
-- Create: `database/migrations/2026_05_10_000004_create_lead_charges_table.php`
-- Create: `tests/Feature/Integration/LeadChargesRlsTest.php`
-
-- [ ] **Step 4.1: Write failing test**
-
-Create `tests/Feature/Integration/LeadChargesRlsTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Tenant;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Schema;
-
-uses(\Tests\TestCase::class, DatabaseTransactions::class);
-
-test('lead_charges table exists with required columns', function () {
-    expect(Schema::hasTable('lead_charges'))->toBeTrue();
-
-    foreach ([
-        'id', 'tenant_id', 'deal_id', 'deal_received_at',
-        'tier_no', 'price_per_lead_kopecks', 'charged_at', 'created_at',
-    ] as $col) {
-        expect(Schema::hasColumn('lead_charges', $col))->toBeTrue("column {$col} missing");
-    }
-});
-
-test('lead_charges has FK to deals (composite id, received_at)', function () {
-    $fk = DB::selectOne(
-        "SELECT pg_get_constraintdef(c.oid) AS def
-         FROM pg_constraint c JOIN pg_class t ON c.conrelid = t.oid
-         WHERE t.relname = 'lead_charges' AND c.contype = 'f'
-         LIMIT 1"
-    );
-
-    expect($fk)->not->toBeNull();
-    expect($fk->def)->toContain('deals', 'received_at', 'id');
-});
-
-test('lead_charges enforces RLS on tenant_id', function () {
-    $a = Tenant::factory()->create();
-    $b = Tenant::factory()->create();
-
-    DB::transaction(function () use ($a) {
-        DB::statement('SET LOCAL app.current_tenant_id = ?', [$a->id]);
-
-        DB::table('lead_charges')->insert([
-            'tenant_id' => $a->id,
-            'deal_id' => 1,
-            'deal_received_at' => now(),
-            'tier_no' => 1,
-            'price_per_lead_kopecks' => 6000,
-            'charged_at' => now(),
-            'created_at' => now(),
-        ]);
-    });
-
-    $countA = DB::transaction(function () use ($a) {
-        DB::statement('SET LOCAL app.current_tenant_id = ?', [$a->id]);
-        return DB::table('lead_charges')->count();
-    });
-
-    $countB = DB::transaction(function () use ($b) {
-        DB::statement('SET LOCAL app.current_tenant_id = ?', [$b->id]);
-        return DB::table('lead_charges')->count();
-    });
-
-    expect($countA)->toBe(1);
-    expect($countB)->toBe(0, 'tenant B must not see tenant A charges (RLS leak)');
-});
-```
-
-> **Note:** этот RLS-тест предполагает что в дальнейших задачах будет `LeadChargeFactory`. Пока INSERT через DB::table, чтобы не блокировать тест на отсутствующей фабрике.
-
-- [ ] **Step 4.2: Run test — verify fail**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/Integration/LeadChargesRlsTest.php -v`
-Expected: 3 failures.
-
-- [ ] **Step 4.3: Write migration**
-
-Create `database/migrations/2026_05_10_000004_create_lead_charges_table.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Database\Migrations\Migration;
-use Illuminate\Database\Schema\Blueprint;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Schema;
-
-return new class extends Migration {
-    public function up(): void
-    {
-        Schema::create('lead_charges', function (Blueprint $table) {
-            $table->id();
-            $table->unsignedBigInteger('tenant_id');
-            $table->unsignedBigInteger('deal_id');
-            $table->timestamp('deal_received_at');
-            $table->unsignedSmallInteger('tier_no');
-            $table->unsignedInteger('price_per_lead_kopecks');
-            $table->timestamp('charged_at');
-            $table->timestamp('created_at')->useCurrent();
-
-            $table->foreign('tenant_id')->references('id')->on('tenants')->cascadeOnDelete();
-
-            $table->index(['tenant_id', 'charged_at']);
-            $table->index(['deal_id', 'deal_received_at']);
-        });
-
-        DB::statement('
-            ALTER TABLE lead_charges
-            ADD CONSTRAINT lead_charges_deals_fk
-            FOREIGN KEY (deal_id, deal_received_at)
-            REFERENCES deals (id, received_at)
-            DEFERRABLE INITIALLY DEFERRED
-            ON DELETE CASCADE
-        ');
-
-        DB::statement('ALTER TABLE lead_charges ENABLE ROW LEVEL SECURITY');
-        DB::statement('ALTER TABLE lead_charges FORCE ROW LEVEL SECURITY');
-        DB::statement("
-            CREATE POLICY tenant_isolation ON lead_charges
-            USING (tenant_id = current_setting('app.current_tenant_id')::bigint)
-            WITH CHECK (tenant_id = current_setting('app.current_tenant_id')::bigint)
-        ");
-
-        DB::statement('GRANT SELECT, INSERT ON TABLE lead_charges TO crm_app_user');
-        DB::statement('GRANT USAGE, SELECT ON SEQUENCE lead_charges_id_seq TO crm_app_user');
-    }
-
-    public function down(): void
-    {
-        Schema::dropIfExists('lead_charges');
-    }
-};
-```
-
-- [ ] **Step 4.4: Lint, apply, test**
-
-Run:
-
-```bash
-cd app
-npx --yes squawk database/migrations/2026_05_10_000004_create_lead_charges_table.php
-php artisan migrate
-./vendor/bin/pest tests/Feature/Integration/LeadChargesRlsTest.php -v
-```
-
-Expected: squawk 0 issues, migration DONE, 3 tests passed.
-
-- [ ] **Step 4.5: Sync schema + CHANGELOG, commit**
-
-```bash
-git add app/database/migrations/2026_05_10_000004_create_lead_charges_table.php \
-        app/tests/Feature/Integration/LeadChargesRlsTest.php \
-        db/schema.sql db/CHANGELOG_schema.md
-git commit -m "feat(db): create lead_charges ledger (tenant-scoped RLS, FK to partitioned deals)"
-```
-
----
-
-## Task 5: Migration `create_supplier_sync_log_table`
-
-**Why:** §4.3 — лог синхронизаций для аудита/отладки. SaaS-level, append-only.
-
-**Files:**
-
-- Create: `database/migrations/2026_05_10_000005_create_supplier_sync_log_table.php`
-- Create: `tests/Feature/Integration/SupplierSyncLogTest.php`
-
-- [ ] **Step 5.1: Write failing test**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Support\Facades\Schema;
-
-uses(\Tests\TestCase::class);
-
-test('supplier_sync_log table exists with required columns', function () {
-    expect(Schema::hasTable('supplier_sync_log'))->toBeTrue();
-
-    foreach ([
-        'id', 'supplier_project_id', 'action',
-        'request_payload', 'response_body', 'http_status',
-        'error_message', 'duration_ms', 'created_at',
-    ] as $col) {
-        expect(Schema::hasColumn('supplier_sync_log', $col))->toBeTrue("column {$col} missing");
-    }
-});
-```
-
-- [ ] **Step 5.2: Run failing test**
-
-`cd app && ./vendor/bin/pest tests/Feature/Integration/SupplierSyncLogTest.php -v`
-Expected: 1 failure.
-
-- [ ] **Step 5.3: Write migration**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Database\Migrations\Migration;
-use Illuminate\Database\Schema\Blueprint;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Schema;
-
-return new class extends Migration {
-    public function up(): void
-    {
-        Schema::create('supplier_sync_log', function (Blueprint $table) {
-            $table->id();
-            $table->unsignedBigInteger('supplier_project_id')->nullable();
-            $table->string('action', 32);
-            $table->jsonb('request_payload')->nullable();
-            $table->jsonb('response_body')->nullable();
-            $table->unsignedSmallInteger('http_status')->nullable();
-            $table->text('error_message')->nullable();
-            $table->unsignedInteger('duration_ms')->nullable();
-            $table->timestamp('created_at')->useCurrent();
-
-            $table->foreign('supplier_project_id')
-                ->references('id')->on('supplier_projects')
-                ->nullOnDelete();
-
-            $table->index('supplier_project_id');
-            $table->index('action');
-            $table->index('created_at');
-        });
-
-        DB::statement("
-            ALTER TABLE supplier_sync_log
-            ADD CONSTRAINT supplier_sync_log_action_check
-            CHECK (action IN ('create','update','delete','disable','session_refresh'))
-        ");
-
-        DB::statement('REVOKE ALL ON TABLE supplier_sync_log FROM crm_app_user');
-    }
-
-    public function down(): void
-    {
-        Schema::dropIfExists('supplier_sync_log');
-    }
-};
-```
-
-- [ ] **Step 5.4: Apply, test, commit**
-
-```bash
-cd app
-npx --yes squawk database/migrations/2026_05_10_000005_create_supplier_sync_log_table.php
-php artisan migrate
-./vendor/bin/pest tests/Feature/Integration/SupplierSyncLogTest.php -v
-cd ..
-git add app/database/migrations/2026_05_10_000005_create_supplier_sync_log_table.php \
-        app/tests/Feature/Integration/SupplierSyncLogTest.php \
-        db/schema.sql db/CHANGELOG_schema.md
-git commit -m "feat(db): create supplier_sync_log audit table (SaaS-level, append-only)"
-```
-
----
-
-## ✓ Verification Gate A — DDL & migrations
-
-После Tasks 1–5 — обязательная проверка перед моделями.
-
-- [ ] **Step VA.1: Fresh migration smoke test**
-
-Run:
-
-```bash
-cd app
-php artisan migrate:fresh --seed
-```
-
-Expected: все миграции применяются с нуля без ошибок. Если что-то падает на fresh — есть ordering/dependency issue.
-
-- [ ] **Step VA.2: Run all integration schema tests**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/Integration/ -v`
-Expected: все тесты passed.
-
-- [ ] **Step VA.3: Run full Pest baseline**
-
-Run: `cd app && composer test`
-Expected: 403 + (новые добавленные) passed. Никаких регрессий в existing тестах.
-
-- [ ] **Step VA.4: Run Larastan**
-
-Run: `cd app && composer stan`
-Expected: 0 errors. (Новых файлов мало, pure migrations — должно быть чисто.)
-
-- [ ] **Step VA.5: Schema diff sanity-check**
-
-Run: `git diff db/schema.sql | head -200`
-Visually verify: все 5 изменений присутствуют, нет случайных правок не относящихся к Plan 1.
-
-- [ ] **Step VA.6: pgFormatter dry-run**
-
-Run: `cd app && composer format:sql:check`
-Expected: schema.sql отформатирован.
-
-- [ ] **Step VA.7: Cycle/dependency check**
-
-Run: `composer dump-autoload -o`
-Expected: 0 warnings о круговых зависимостях.
-
-> **Не двигайся дальше**, пока все шаги VA.1–VA.7 не прошли. Если что-то красное — фикси прямо сейчас, не накапливай.
-
----
-
-## Task 6: Eloquent model `SupplierProject`
-
-**Files:**
-
-- Create: `app/Models/SupplierProject.php`
-- Create: `database/factories/SupplierProjectFactory.php`
-- Create: `tests/Unit/Models/SupplierProjectTest.php`
-
-- [ ] **Step 6.1: Write failing model unit test**
-
-`tests/Unit/Models/SupplierProjectTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\SupplierProject;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-
-uses(\Tests\TestCase::class, DatabaseTransactions::class);
-
-test('SupplierProject can be created via factory', function () {
-    $sp = SupplierProject::factory()->create();
-    expect($sp->id)->toBeInt()->toBeGreaterThan(0);
-    expect($sp->platform)->toBeIn(['B1', 'B2', 'B3']);
-    expect($sp->signal_type)->toBeIn(['site', 'call', 'sms']);
-});
-
-test('SupplierProject casts current_workdays as array', function () {
-    $sp = SupplierProject::factory()->create([
-        'current_workdays' => [1, 2, 3, 4, 5],
-    ]);
-
-    expect($sp->fresh()->current_workdays)->toBe([1, 2, 3, 4, 5]);
-});
-
-test('SupplierProject casts current_regions as array', function () {
-    $sp = SupplierProject::factory()->create([
-        'current_regions' => ['77', '78'],
-    ]);
-
-    expect($sp->fresh()->current_regions)->toBe(['77', '78']);
-});
-
-test('SupplierProject scopeActive returns only active rows', function () {
-    SupplierProject::factory()->create(['inactive_since' => null]);
-    SupplierProject::factory()->create(['inactive_since' => now()->subDays(10)]);
-
-    expect(SupplierProject::active()->count())->toBe(1);
-});
-
-test('SupplierProject scopeStaleSince returns rows inactive longer than N days', function () {
-    SupplierProject::factory()->create(['inactive_since' => now()->subDays(200)]);
-    SupplierProject::factory()->create(['inactive_since' => now()->subDays(100)]);
-    SupplierProject::factory()->create(['inactive_since' => null]);
-
-    expect(SupplierProject::staleSince(180)->count())->toBe(1);
-});
-```
-
-- [ ] **Step 6.2: Run failing test**
-
-`cd app && ./vendor/bin/pest tests/Unit/Models/SupplierProjectTest.php -v`
-Expected: failures (class missing).
-
-- [ ] **Step 6.3: Write model**
-
-`app/Models/SupplierProject.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Models;
-
-use Database\Factories\SupplierProjectFactory;
-use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Database\Eloquent\Factories\HasFactory;
-use Illuminate\Database\Eloquent\Model;
-
-class SupplierProject extends Model
-{
-    use HasFactory;
-
-    protected $table = 'supplier_projects';
-
-    protected $fillable = [
-        'platform',
-        'signal_type',
-        'unique_key',
-        'supplier_external_id',
-        'current_limit',
-        'current_workdays',
-        'current_regions',
-        'sync_status',
-        'last_synced_at',
-        'inactive_since',
-    ];
-
-    protected $casts = [
-        'current_workdays' => 'array',
-        'current_regions' => 'array',
-        'current_limit' => 'integer',
-        'last_synced_at' => 'datetime',
-        'inactive_since' => 'datetime',
-    ];
-
-    public function scopeActive(Builder $query): Builder
-    {
-        return $query->whereNull('inactive_since');
-    }
-
-    public function scopeStaleSince(Builder $query, int $days): Builder
-    {
-        return $query->whereNotNull('inactive_since')
-            ->where('inactive_since', '<=', now()->subDays($days));
-    }
-
-    public function scopeForSignal(Builder $query, string $signalType, string $uniqueKey): Builder
-    {
-        return $query->where('signal_type', $signalType)->where('unique_key', $uniqueKey);
-    }
-
-    protected static function newFactory(): SupplierProjectFactory
-    {
-        return SupplierProjectFactory::new();
-    }
-}
-```
-
-- [ ] **Step 6.4: Write factory**
-
-`database/factories/SupplierProjectFactory.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace Database\Factories;
-
-use App\Models\SupplierProject;
-use Illuminate\Database\Eloquent\Factories\Factory;
-
-/**
- * @extends Factory<SupplierProject>
- */
-class SupplierProjectFactory extends Factory
-{
-    protected $model = SupplierProject::class;
-
-    public function definition(): array
-    {
-        $platform = fake()->randomElement(['B1', 'B2', 'B3']);
-        $signal = fake()->randomElement($platform === 'B1' ? ['site', 'call'] : ['site', 'call', 'sms']);
-
-        return [
-            'platform' => $platform,
-            'signal_type' => $signal,
-            'unique_key' => fake()->unique()->domainName(),
-            'supplier_external_id' => (string) fake()->numberBetween(1_000_000, 99_999_999),
-            'current_limit' => 0,
-            'current_workdays' => [1, 2, 3, 4, 5, 6, 7],
-            'current_regions' => null,
-            'sync_status' => 'pending',
-            'last_synced_at' => null,
-            'inactive_since' => null,
-        ];
-    }
-}
-```
-
-- [ ] **Step 6.5: Run unit tests — verify pass**
-
-`cd app && ./vendor/bin/pest tests/Unit/Models/SupplierProjectTest.php -v`
-Expected: 5 passed.
-
-- [ ] **Step 6.6: Pint + Larastan**
-
-Run: `cd app && composer pint && composer stan`
-Expected: code-style clean, stan 0 errors.
-
-- [ ] **Step 6.7: Commit**
-
-```bash
-git add app/app/Models/SupplierProject.php \
-        app/database/factories/SupplierProjectFactory.php \
-        app/tests/Unit/Models/SupplierProjectTest.php
-git commit -m "feat(models): add SupplierProject Eloquent model + factory + unit tests"
-```
-
----
-
-## Task 7: Eloquent model `PricingTier`
-
-**Files:**
-
-- Create: `app/Models/PricingTier.php`
-- Create: `database/factories/PricingTierFactory.php`
-- Create: `tests/Unit/Models/PricingTierTest.php`
-
-- [ ] **Step 7.1: Write failing test**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\PricingTier;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-
-uses(\Tests\TestCase::class, DatabaseTransactions::class);
-
-test('PricingTier created via factory', function () {
-    $t = PricingTier::factory()->create();
-    expect($t->tier_no)->toBeInt()->toBeBetween(1, 7);
-    expect($t->price_per_lead_kopecks)->toBeInt()->toBeGreaterThan(0);
-});
-
-test('priceRubles accessor converts kopecks to rubles', function () {
-    $t = PricingTier::factory()->create(['price_per_lead_kopecks' => 6000]);
-    expect($t->price_rubles)->toBe(60.0);
-});
-
-test('scopeActive returns only is_active=true with effective_from <= today', function () {
-    PricingTier::factory()->create(['is_active' => true, 'effective_from' => now()->subDay(), 'tier_no' => 1]);
-    PricingTier::factory()->create(['is_active' => false, 'effective_from' => now()->subDay(), 'tier_no' => 2]);
-    PricingTier::factory()->create(['is_active' => true, 'effective_from' => now()->addDay(), 'tier_no' => 3]);
-
-    expect(PricingTier::active()->count())->toBe(1);
-});
-
-test('current() returns today active tier set keyed by tier_no', function () {
-    foreach (range(1, 7) as $n) {
-        PricingTier::factory()->create([
-            'tier_no' => $n,
-            'is_active' => true,
-            'effective_from' => now()->subDay(),
-            'leads_in_tier' => $n === 7 ? null : 100,
-            'price_per_lead_kopecks' => 7000 - ($n * 500),
-        ]);
-    }
-
-    $current = PricingTier::current();
-    expect($current)->toHaveCount(7);
-    expect($current[1]->price_per_lead_kopecks)->toBe(6500);
-});
-```
-
-- [ ] **Step 7.2: Run failing test**
-
-`./vendor/bin/pest tests/Unit/Models/PricingTierTest.php -v`
-Expected: failures.
-
-- [ ] **Step 7.3: Write model**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Models;
-
-use Database\Factories\PricingTierFactory;
-use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Database\Eloquent\Collection;
-use Illuminate\Database\Eloquent\Factories\HasFactory;
-use Illuminate\Database\Eloquent\Model;
-
-class PricingTier extends Model
-{
-    use HasFactory;
-
-    protected $table = 'pricing_tiers';
-
-    protected $fillable = [
-        'tier_no',
-        'leads_in_tier',
-        'price_per_lead_kopecks',
-        'is_active',
-        'effective_from',
-    ];
-
-    protected $casts = [
-        'tier_no' => 'integer',
-        'leads_in_tier' => 'integer',
-        'price_per_lead_kopecks' => 'integer',
-        'is_active' => 'boolean',
-        'effective_from' => 'date',
-    ];
-
-    public function getPriceRublesAttribute(): float
-    {
-        return $this->price_per_lead_kopecks / 100;
-    }
-
-    public function scopeActive(Builder $query): Builder
-    {
-        return $query->where('is_active', true)
-            ->where('effective_from', '<=', now()->toDateString());
-    }
-
-    /**
-     * Returns currently active tier-set keyed by tier_no (1..7).
-     *
-     * @return Collection<int, PricingTier>
-     */
-    public static function current(): Collection
-    {
-        return self::active()
-            ->orderBy('tier_no')
-            ->get()
-            ->keyBy('tier_no');
-    }
-
-    protected static function newFactory(): PricingTierFactory
-    {
-        return PricingTierFactory::new();
-    }
-}
-```
-
-- [ ] **Step 7.4: Write factory**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace Database\Factories;
-
-use App\Models\PricingTier;
-use Illuminate\Database\Eloquent\Factories\Factory;
-
-/**
- * @extends Factory<PricingTier>
- */
-class PricingTierFactory extends Factory
-{
-    protected $model = PricingTier::class;
-
-    public function definition(): array
-    {
-        return [
-            'tier_no' => fake()->numberBetween(1, 7),
-            'leads_in_tier' => fake()->randomElement([300, 700, 1000, 2000, 5000, 10000, null]),
-            'price_per_lead_kopecks' => fake()->numberBetween(2000, 7000),
-            'is_active' => true,
-            'effective_from' => now()->toDateString(),
-        ];
-    }
-}
-```
-
-- [ ] **Step 7.5: Run tests — verify pass**
-
-`./vendor/bin/pest tests/Unit/Models/PricingTierTest.php -v`
-Expected: 4 passed.
-
-- [ ] **Step 7.6: Pint + stan + commit**
-
-```bash
-cd app && composer pint && composer stan
-cd ..
-git add app/app/Models/PricingTier.php \
-        app/database/factories/PricingTierFactory.php \
-        app/tests/Unit/Models/PricingTierTest.php
-git commit -m "feat(models): add PricingTier model with kopecks→rubles accessor + current() snapshot"
-```
-
----
-
-## Task 8: Eloquent model `LeadCharge`
-
-**Files:**
-
-- Create: `app/Models/LeadCharge.php`
-- Create: `database/factories/LeadChargeFactory.php`
-- Create: `tests/Unit/Models/LeadChargeTest.php`
-
-- [ ] **Step 8.1: Write failing test**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Deal;
-use App\Models\LeadCharge;
-use App\Models\Tenant;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\DB;
-
-uses(\Tests\TestCase::class, DatabaseTransactions::class);
-
-test('LeadCharge created via factory', function () {
-    $tenant = Tenant::factory()->create();
-
-    DB::transaction(function () use ($tenant) {
-        DB::statement('SET LOCAL app.current_tenant_id = ?', [$tenant->id]);
-
-        $charge = LeadCharge::factory()->create(['tenant_id' => $tenant->id]);
-
-        expect($charge->tier_no)->toBeInt();
-        expect($charge->price_per_lead_kopecks)->toBeInt();
-    });
-});
-
-test('LeadCharge belongs to tenant', function () {
-    $tenant = Tenant::factory()->create();
-
-    DB::transaction(function () use ($tenant) {
-        DB::statement('SET LOCAL app.current_tenant_id = ?', [$tenant->id]);
-
-        $charge = LeadCharge::factory()->create(['tenant_id' => $tenant->id]);
-
-        expect($charge->tenant)->toBeInstanceOf(Tenant::class);
-        expect($charge->tenant->id)->toBe($tenant->id);
-    });
-});
-
-test('LeadCharge belongs to deal via composite key', function () {
-    $tenant = Tenant::factory()->create();
-
-    DB::transaction(function () use ($tenant) {
-        DB::statement('SET LOCAL app.current_tenant_id = ?', [$tenant->id]);
-
-        $deal = Deal::factory()->create(['tenant_id' => $tenant->id]);
-        $charge = LeadCharge::factory()->create([
-            'tenant_id' => $tenant->id,
-            'deal_id' => $deal->id,
-            'deal_received_at' => $deal->received_at,
-        ]);
-
-        expect($charge->deal)->toBeInstanceOf(Deal::class);
-        expect($charge->deal->id)->toBe($deal->id);
-    });
-});
-
-test('priceRubles accessor', function () {
-    $tenant = Tenant::factory()->create();
-
-    DB::transaction(function () use ($tenant) {
-        DB::statement('SET LOCAL app.current_tenant_id = ?', [$tenant->id]);
-
-        $charge = LeadCharge::factory()->create([
-            'tenant_id' => $tenant->id,
-            'price_per_lead_kopecks' => 5500,
-        ]);
-
-        expect($charge->price_rubles)->toBe(55.0);
-    });
-});
-```
-
-- [ ] **Step 8.2: Run failing test**
-
-Expected: failures.
-
-- [ ] **Step 8.3: Write model**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Models;
-
-use Database\Factories\LeadChargeFactory;
-use Illuminate\Database\Eloquent\Factories\HasFactory;
-use Illuminate\Database\Eloquent\Model;
-use Illuminate\Database\Eloquent\Relations\BelongsTo;
-
-class LeadCharge extends Model
-{
-    use HasFactory;
-
-    public $timestamps = false;
-
-    protected $table = 'lead_charges';
-
-    protected $fillable = [
-        'tenant_id',
-        'deal_id',
-        'deal_received_at',
-        'tier_no',
-        'price_per_lead_kopecks',
-        'charged_at',
-        'created_at',
-    ];
-
-    protected $casts = [
-        'tier_no' => 'integer',
-        'price_per_lead_kopecks' => 'integer',
-        'deal_received_at' => 'datetime',
-        'charged_at' => 'datetime',
-        'created_at' => 'datetime',
-    ];
-
-    public function tenant(): BelongsTo
-    {
-        return $this->belongsTo(Tenant::class);
-    }
-
-    public function deal(): BelongsTo
-    {
-        return $this->belongsTo(Deal::class, 'deal_id', 'id');
-    }
-
-    public function getPriceRublesAttribute(): float
-    {
-        return $this->price_per_lead_kopecks / 100;
-    }
-
-    protected static function newFactory(): LeadChargeFactory
-    {
-        return LeadChargeFactory::new();
-    }
-}
-```
-
-- [ ] **Step 8.4: Write factory**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace Database\Factories;
-
-use App\Models\LeadCharge;
-use App\Models\Tenant;
-use Illuminate\Database\Eloquent\Factories\Factory;
-
-/**
- * @extends Factory<LeadCharge>
- */
-class LeadChargeFactory extends Factory
-{
-    protected $model = LeadCharge::class;
-
-    public function definition(): array
-    {
-        return [
-            'tenant_id' => Tenant::factory(),
-            'deal_id' => fake()->numberBetween(1, 99999),
-            'deal_received_at' => now(),
-            'tier_no' => fake()->numberBetween(1, 7),
-            'price_per_lead_kopecks' => fake()->numberBetween(2000, 6000),
-            'charged_at' => now(),
-            'created_at' => now(),
-        ];
-    }
-}
-```
-
-> **Note:** factory НЕ создаёт реальный Deal из-за партиционированной таблицы; тесты, которым нужен реальный FK, явно создают `Deal::factory()` отдельно.
-
-- [ ] **Step 8.5: Run tests, pint, stan, commit**
-
-```bash
-cd app && ./vendor/bin/pest tests/Unit/Models/LeadChargeTest.php -v
-composer pint && composer stan
-cd ..
-git add app/app/Models/LeadCharge.php \
-        app/database/factories/LeadChargeFactory.php \
-        app/tests/Unit/Models/LeadChargeTest.php
-git commit -m "feat(models): add LeadCharge ledger model + factory + relations to Tenant/Deal"
-```
-
----
-
-## Task 9: Eloquent model `SupplierSyncLog`
-
-**Files:**
-
-- Create: `app/Models/SupplierSyncLog.php`
-- Create: `database/factories/SupplierSyncLogFactory.php`
-- Create: `tests/Unit/Models/SupplierSyncLogTest.php`
-
-- [ ] **Step 9.1: Write test**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\SupplierProject;
-use App\Models\SupplierSyncLog;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-
-uses(\Tests\TestCase::class, DatabaseTransactions::class);
-
-test('SupplierSyncLog created via factory', function () {
-    $log = SupplierSyncLog::factory()->create();
-    expect($log->action)->toBeIn(['create', 'update', 'delete', 'disable', 'session_refresh']);
-});
-
-test('SupplierSyncLog has nullable supplier_project relation', function () {
-    $sp = SupplierProject::factory()->create();
-    $log = SupplierSyncLog::factory()->create(['supplier_project_id' => $sp->id]);
-
-    expect($log->supplierProject)->toBeInstanceOf(SupplierProject::class);
-    expect($log->supplierProject->id)->toBe($sp->id);
-});
-
-test('SupplierSyncLog request_payload and response_body cast as array', function () {
-    $log = SupplierSyncLog::factory()->create([
-        'request_payload' => ['name' => 'X'],
-        'response_body' => ['status' => 'OK'],
-    ]);
-
-    expect($log->fresh()->request_payload)->toBe(['name' => 'X']);
-    expect($log->fresh()->response_body)->toBe(['status' => 'OK']);
-});
-```
-
-- [ ] **Step 9.2: Run failing**
-
-Expected: failures.
-
-- [ ] **Step 9.3: Write model**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Models;
-
-use Database\Factories\SupplierSyncLogFactory;
-use Illuminate\Database\Eloquent\Factories\HasFactory;
-use Illuminate\Database\Eloquent\Model;
-use Illuminate\Database\Eloquent\Relations\BelongsTo;
-
-class SupplierSyncLog extends Model
-{
-    use HasFactory;
-
-    public $timestamps = false;
-
-    protected $table = 'supplier_sync_log';
-
-    protected $fillable = [
-        'supplier_project_id',
-        'action',
-        'request_payload',
-        'response_body',
-        'http_status',
-        'error_message',
-        'duration_ms',
-        'created_at',
-    ];
-
-    protected $casts = [
-        'request_payload' => 'array',
-        'response_body' => 'array',
-        'http_status' => 'integer',
-        'duration_ms' => 'integer',
-        'created_at' => 'datetime',
-    ];
-
-    public function supplierProject(): BelongsTo
-    {
-        return $this->belongsTo(SupplierProject::class);
-    }
-
-    protected static function newFactory(): SupplierSyncLogFactory
-    {
-        return SupplierSyncLogFactory::new();
-    }
-}
-```
-
-- [ ] **Step 9.4: Write factory**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace Database\Factories;
-
-use App\Models\SupplierSyncLog;
-use Illuminate\Database\Eloquent\Factories\Factory;
-
-/**
- * @extends Factory<SupplierSyncLog>
- */
-class SupplierSyncLogFactory extends Factory
-{
-    protected $model = SupplierSyncLog::class;
-
-    public function definition(): array
-    {
-        return [
-            'supplier_project_id' => null,
-            'action' => fake()->randomElement(['create', 'update', 'delete', 'disable', 'session_refresh']),
-            'request_payload' => ['stub' => true],
-            'response_body' => null,
-            'http_status' => 200,
-            'error_message' => null,
-            'duration_ms' => fake()->numberBetween(50, 5000),
-            'created_at' => now(),
-        ];
-    }
-}
-```
-
-- [ ] **Step 9.5: Run tests + pint + stan + commit**
-
-```bash
-cd app && ./vendor/bin/pest tests/Unit/Models/SupplierSyncLogTest.php -v
-composer pint && composer stan
-cd ..
-git add app/app/Models/SupplierSyncLog.php \
-        app/database/factories/SupplierSyncLogFactory.php \
-        app/tests/Unit/Models/SupplierSyncLogTest.php
-git commit -m "feat(models): add SupplierSyncLog model + factory (audit trail для AJAX-sync)"
-```
-
----
-
-## Task 10: Extend `Project` model
-
-**Why:** Существующая `Project` сейчас без полей signal_*, sms_*, delivered_in_month, supplier_b{1,2,3}_project_id. Нужно добавить fillable + casts + relationships + accessors.
-
-**Files:**
-
-- Modify: `app/Models/Project.php`
-- Modify: `database/factories/ProjectFactory.php`
-- Create: `tests/Unit/Models/ProjectExtensionsTest.php`
-
-- [ ] **Step 10.1: Write failing test**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Project;
-use App\Models\SupplierProject;
-use App\Models\Tenant;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\DB;
-
-uses(\Tests\TestCase::class, DatabaseTransactions::class);
-
-test('Project has signal_type, signal_identifier in fillable', function () {
-    $tenant = Tenant::factory()->create();
-
-    DB::transaction(function () use ($tenant) {
-        DB::statement('SET LOCAL app.current_tenant_id = ?', [$tenant->id]);
-
-        $p = Project::factory()->create([
-            'tenant_id' => $tenant->id,
-            'signal_type' => 'site',
-            'signal_identifier' => 'example.com',
-        ]);
-
-        expect($p->signal_type)->toBe('site');
-        expect($p->signal_identifier)->toBe('example.com');
-    });
-});
-
-test('Project casts sms_senders as array', function () {
-    $tenant = Tenant::factory()->create();
-
-    DB::transaction(function () use ($tenant) {
-        DB::statement('SET LOCAL app.current_tenant_id = ?', [$tenant->id]);
-
-        $p = Project::factory()->create([
-            'tenant_id' => $tenant->id,
-            'signal_type' => 'sms',
-            'sms_senders' => ['TINKOFF', 'SBERBANK'],
-            'sms_keyword' => 'ипотека',
-        ]);
-
-        expect($p->fresh()->sms_senders)->toBe(['TINKOFF', 'SBERBANK']);
-        expect($p->fresh()->sms_keyword)->toBe('ипотека');
-    });
-});
-
-test('Project has supplierB1/B2/B3 relations', function () {
-    $tenant = Tenant::factory()->create();
-
-    DB::transaction(function () use ($tenant) {
-        DB::statement('SET LOCAL app.current_tenant_id = ?', [$tenant->id]);
-
-        $sp = SupplierProject::factory()->create(['platform' => 'B1']);
-        $p = Project::factory()->create([
-            'tenant_id' => $tenant->id,
-            'supplier_b1_project_id' => $sp->id,
-        ]);
-
-        expect($p->supplierB1)->toBeInstanceOf(SupplierProject::class);
-        expect($p->supplierB1->id)->toBe($sp->id);
-    });
-});
-
-test('Project scopeActiveOnDay returns projects with today in delivery_days_mask', function () {
-    $tenant = Tenant::factory()->create();
-
-    DB::transaction(function () use ($tenant) {
-        DB::statement('SET LOCAL app.current_tenant_id = ?', [$tenant->id]);
-
-        // delivery_days_mask: bit 0..6 для Пн..Вс
-        // Проект на все дни:
-        Project::factory()->create([
-            'tenant_id' => $tenant->id,
-            'is_active' => true,
-            'delivery_days_mask' => 0b1111111,
-        ]);
-        // Только выходные:
-        Project::factory()->create([
-            'tenant_id' => $tenant->id,
-            'is_active' => true,
-            'delivery_days_mask' => 0b1100000,
-        ]);
-
-        $todayDow = (int) now()->dayOfWeekIso; // 1..7
-
-        $count = Project::activeOnDay($todayDow)->count();
-        expect($count)->toBeGreaterThanOrEqual(1);
-    });
-});
-```
-
-- [ ] **Step 10.2: Run failing test**
-
-Expected: failures (методы/relations отсутствуют).
-
-- [ ] **Step 10.3: Modify Project model**
-
-Открой `app/Models/Project.php` и добавь:
-
-В `$fillable` (если используется):
-
-```php
-'signal_type',
-'signal_identifier',
-'sms_senders',
-'sms_keyword',
-'delivered_in_month',
-'supplier_b1_project_id',
-'supplier_b2_project_id',
-'supplier_b3_project_id',
-```
-
-В `$casts`:
-
-```php
-'sms_senders' => 'array',
-'delivered_in_month' => 'integer',
-```
-
-Добавь методы:
-
-```php
-use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Database\Eloquent\Relations\BelongsTo;
-
-public function supplierB1(): BelongsTo
-{
-    return $this->belongsTo(SupplierProject::class, 'supplier_b1_project_id');
-}
-
-public function supplierB2(): BelongsTo
-{
-    return $this->belongsTo(SupplierProject::class, 'supplier_b2_project_id');
-}
-
-public function supplierB3(): BelongsTo
-{
-    return $this->belongsTo(SupplierProject::class, 'supplier_b3_project_id');
-}
-
-public function scopeActiveOnDay(Builder $query, int $isoDayOfWeek): Builder
-{
-    $bit = 1 << ($isoDayOfWeek - 1);
-    return $query->where('is_active', true)
-        ->whereRaw('(delivery_days_mask & ?) <> 0', [$bit]);
-}
-
-public function scopeForSignal(Builder $query, string $signalType, string $identifier): Builder
-{
-    return $query->where('signal_type', $signalType)->where('signal_identifier', $identifier);
-}
-```
-
-Добавь imports `use App\Models\SupplierProject;` если ещё нет.
-
-- [ ] **Step 10.4: Update `ProjectFactory`**
-
-Добавь в `definition()`:
-
-```php
-'signal_type' => null,
-'signal_identifier' => null,
-'sms_senders' => null,
-'sms_keyword' => null,
-'delivered_in_month' => 0,
-'supplier_b1_project_id' => null,
-'supplier_b2_project_id' => null,
-'supplier_b3_project_id' => null,
-```
-
-Добавь state-метод:
-
-```php
-public function asSiteSignal(string $domain): self
-{
-    return $this->state([
-        'signal_type' => 'site',
-        'signal_identifier' => $domain,
-    ]);
-}
-
-public function asCallSignal(string $phone): self
-{
-    return $this->state([
-        'signal_type' => 'call',
-        'signal_identifier' => $phone,
-    ]);
-}
-
-public function asSmsSignal(array $senders, ?string $keyword = null): self
-{
-    return $this->state([
-        'signal_type' => 'sms',
-        'signal_identifier' => null,
-        'sms_senders' => $senders,
-        'sms_keyword' => $keyword,
-    ]);
-}
-```
-
-- [ ] **Step 10.5: Run tests — pass**
-
-`./vendor/bin/pest tests/Unit/Models/ProjectExtensionsTest.php -v`
-Expected: 4 passed.
-
-- [ ] **Step 10.6: Pint, stan, full Pest baseline**
-
-```bash
-cd app
-composer pint
-composer stan
-composer test
-```
-
-Expected: всё зелёное, 403+новые passed (никаких регрессий в existing тестах после правки `Project`).
-
-- [ ] **Step 10.7: Commit**
-
-```bash
-git add app/app/Models/Project.php \
-        app/database/factories/ProjectFactory.php \
-        app/tests/Unit/Models/ProjectExtensionsTest.php
-git commit -m "feat(models): extend Project with signal_type, sms_senders, supplier_b1/b2/b3 relations + scopes"
-```
-
----
-
-## ✓ Verification Gate B — Models & Factories
-
-- [ ] **Step VB.1: Run Unit/Models tests**
-
-`cd app && ./vendor/bin/pest tests/Unit/Models/ -v`
-Expected: все passed.
-
-- [ ] **Step VB.2: Run full baseline**
-
-`cd app && composer test`
-Expected: 403 baseline + новые passed, 0 регрессий.
-
-- [ ] **Step VB.3: Larastan**
-
-`cd app && composer stan`
-Expected: 0 errors. Если появились ошибки на новых моделях — типы PHPDoc'ов поправь в моделях/фабриках.
-
-- [ ] **Step VB.4: Pint**
-
-`cd app && composer pint -- --test`
-Expected: clean.
-
-- [ ] **Step VB.5: Cross-model relation sanity-check**
-
-Mini-script (можно добавить как отдельный test или прогнать в `php artisan tinker`):
-
-```php
-$tenant = \App\Models\Tenant::factory()->create();
-DB::transaction(function () use ($tenant) {
-    DB::statement('SET LOCAL app.current_tenant_id = ?', [$tenant->id]);
-    $sp = \App\Models\SupplierProject::factory()->create(['platform' => 'B1']);
-    $p = \App\Models\Project::factory()->create([
-        'tenant_id' => $tenant->id,
-        'signal_type' => 'site',
-        'signal_identifier' => 'a.com',
-        'supplier_b1_project_id' => $sp->id,
-    ]);
-    dump($p->supplierB1->platform); // 'B1'
-});
-```
-
-Ожидание: 'B1' в выводе.
-
----
-
-## Task 11: SupplierProject ↔ Project linkage helper service
-
-**Why:** Логика «найти существующий supplier_project или создать стаб» нужна в нескольких местах (Project create, supplier sync). Чтобы избежать циклической зависимости и дублирования — выносим в Service.
-
-**Files:**
-
-- Create: `app/Services/SupplierProjects/SupplierProjectResolver.php`
-- Create: `tests/Unit/Services/SupplierProjectResolverTest.php`
-
-- [ ] **Step 11.1: Write failing test**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\SupplierProject;
-use App\Services\SupplierProjects\SupplierProjectResolver;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-
-uses(\Tests\TestCase::class, DatabaseTransactions::class);
-
-test('resolveOrStub returns existing supplier_project for matching (platform, unique_key)', function () {
-    $existing = SupplierProject::factory()->create([
-        'platform' => 'B1',
-        'signal_type' => 'site',
-        'unique_key' => 'example.com',
-    ]);
-
-    $resolver = new SupplierProjectResolver();
-    $resolved = $resolver->resolveOrStub('B1', 'site', 'example.com');
-
-    expect($resolved->id)->toBe($existing->id);
-});
-
-test('resolveOrStub creates pending stub when no existing project', function () {
-    $resolver = new SupplierProjectResolver();
-    $resolved = $resolver->resolveOrStub('B2', 'call', '79991234567');
-
-    expect($resolved->exists)->toBeTrue();
-    expect($resolved->platform)->toBe('B2');
-    expect($resolved->signal_type)->toBe('call');
-    expect($resolved->unique_key)->toBe('79991234567');
-    expect($resolved->sync_status)->toBe('pending');
-});
-
-test('resolveOrStub returns same row on second call (no duplicates)', function () {
-    $resolver = new SupplierProjectResolver();
-    $first = $resolver->resolveOrStub('B3', 'sms', 'TINKOFF');
-    $second = $resolver->resolveOrStub('B3', 'sms', 'TINKOFF');
-
-    expect($first->id)->toBe($second->id);
-    expect(SupplierProject::where('unique_key', 'TINKOFF')->count())->toBe(1);
-});
-
-test('resolveOrStub throws DomainException for B1+sms (forbidden combo)', function () {
-    $resolver = new SupplierProjectResolver();
-    expect(fn () => $resolver->resolveOrStub('B1', 'sms', 'TINKOFF'))
-        ->toThrow(DomainException::class);
-});
-
-test('resolveOrStub throws InvalidArgumentException for invalid platform', function () {
-    $resolver = new SupplierProjectResolver();
-    expect(fn () => $resolver->resolveOrStub('B9', 'site', 'a.com'))
-        ->toThrow(InvalidArgumentException::class);
-});
-```
-
-- [ ] **Step 11.2: Run failing test**
-
-Expected: failures.
-
-- [ ] **Step 11.3: Write service**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\SupplierProjects;
-
-use App\Models\SupplierProject;
-use DomainException;
-use InvalidArgumentException;
-
-class SupplierProjectResolver
-{
-    private const ALLOWED_PLATFORMS = ['B1', 'B2', 'B3'];
-    private const ALLOWED_SIGNAL_TYPES = ['site', 'call', 'sms'];
-
-    public function resolveOrStub(string $platform, string $signalType, string $uniqueKey): SupplierProject
-    {
-        if (!in_array($platform, self::ALLOWED_PLATFORMS, true)) {
-            throw new InvalidArgumentException("Unknown platform: {$platform}");
-        }
-
-        if (!in_array($signalType, self::ALLOWED_SIGNAL_TYPES, true)) {
-            throw new InvalidArgumentException("Unknown signal_type: {$signalType}");
-        }
-
-        if ($platform === 'B1' && $signalType === 'sms') {
-            throw new DomainException('B1 platform does not support SMS signals (supplier limitation)');
-        }
-
-        return SupplierProject::firstOrCreate(
-            ['platform' => $platform, 'unique_key' => $uniqueKey],
-            [
-                'signal_type' => $signalType,
-                'sync_status' => 'pending',
-                'current_limit' => 0,
-                'current_workdays' => [1, 2, 3, 4, 5, 6, 7],
-            ]
-        );
-    }
-}
-```
-
-- [ ] **Step 11.4: Run tests, pint, stan**
-
-`./vendor/bin/pest tests/Unit/Services/SupplierProjectResolverTest.php -v`
-Expected: 5 passed.
-
-`composer pint && composer stan`
-
-- [ ] **Step 11.5: Commit**
-
-```bash
-git add app/app/Services/SupplierProjects/SupplierProjectResolver.php \
-        app/tests/Unit/Services/SupplierProjectResolverTest.php
-git commit -m "feat(services): add SupplierProjectResolver (resolveOrStub with B1+SMS guard)"
-```
-
----
-
-## Task 12: Validation rules — Signal validators
-
-**Why:** §3.1 спеки — формат валидации. Выносим в отдельные Rule-классы для переиспользования (FormRequest на следующем плане + service-level вызов).
-
-**Files:**
-
-- Create: `app/Rules/SignalIdentifier/DomainIdentifier.php`
-- Create: `app/Rules/SignalIdentifier/PhoneIdentifier.php`
-- Create: `app/Rules/SignalIdentifier/SmsSenderRule.php`
-- Create: `tests/Unit/Rules/SignalValidatorsTest.php`
-
-- [ ] **Step 12.1: Write failing test**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Rules\SignalIdentifier\DomainIdentifier;
-use App\Rules\SignalIdentifier\PhoneIdentifier;
-use App\Rules\SignalIdentifier\SmsSenderRule;
-use Illuminate\Support\Facades\Validator;
-
-dataset('domains_valid', [
-    ['example.com'],
-    ['vashinvestor.ru'],
-    ['sub.example.co.uk'],
-]);
-
-dataset('domains_invalid', [
-    [''],
-    ['EXAMPLE.COM'], // upper case
-    ['no-tld'],
-    ['has spaces.com'],
-    ['http://example.com'], // protocol
-    ['example.com/path'], // path
-]);
-
-test('DomainIdentifier accepts valid', function (string $value) {
-    $v = Validator::make(['x' => $value], ['x' => [new DomainIdentifier()]]);
-    expect($v->fails())->toBeFalse("rejected valid {$value}");
-})->with('domains_valid');
-
-test('DomainIdentifier rejects invalid', function (string $value) {
-    $v = Validator::make(['x' => $value], ['x' => [new DomainIdentifier()]]);
-    expect($v->fails())->toBeTrue("accepted invalid {$value}");
-})->with('domains_invalid');
-
-dataset('phones_valid', [
-    ['79991234567'],
-    ['74955551212'],
-]);
-
-dataset('phones_invalid', [
-    ['89991234567'], // not 7-prefix
-    ['7999123456'],  // 10 digits
-    ['799912345678'], // 12 digits
-    ['+79991234567'], // plus
-    ['7 999 123 45 67'], // spaces
-]);
-
-test('PhoneIdentifier accepts valid', function (string $v) {
-    $val = Validator::make(['x' => $v], ['x' => [new PhoneIdentifier()]]);
-    expect($val->fails())->toBeFalse();
-})->with('phones_valid');
-
-test('PhoneIdentifier rejects invalid', function (string $v) {
-    $val = Validator::make(['x' => $v], ['x' => [new PhoneIdentifier()]]);
-    expect($val->fails())->toBeTrue();
-})->with('phones_invalid');
-
-test('SmsSenderRule accepts alpha and short numeric', function () {
-    foreach (['TINKOFF', 'SBER', '900', '1234', 'BANK-1'] as $v) {
-        $r = Validator::make(['x' => $v], ['x' => [new SmsSenderRule()]]);
-        expect($r->fails())->toBeFalse("rejected valid {$v}");
-    }
-});
-
-test('SmsSenderRule rejects 11-digit phone (supplier blocks it)', function () {
-    foreach (['79991234567', '12345678901'] as $v) {
-        $r = Validator::make(['x' => $v], ['x' => [new SmsSenderRule()]]);
-        expect($r->fails())->toBeTrue("accepted invalid {$v}");
-    }
-});
-
-test('SmsSenderRule rejects too long', function () {
-    $longString = str_repeat('A', 31);
-    $r = Validator::make(['x' => $longString], ['x' => [new SmsSenderRule()]]);
-    expect($r->fails())->toBeTrue();
-});
-```
-
-- [ ] **Step 12.2: Run failing**
-
-Expected: failures.
-
-- [ ] **Step 12.3: Write rules**
-
-`app/Rules/SignalIdentifier/DomainIdentifier.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Rules\SignalIdentifier;
-
-use Closure;
-use Illuminate\Contracts\Validation\ValidationRule;
-
-class DomainIdentifier implements ValidationRule
-{
-    public function validate(string $attribute, mixed $value, Closure $fail): void
-    {
-        if (!is_string($value) || $value === '') {
-            $fail('Source domain is required.');
-            return;
-        }
-
-        if (!preg_match('/^[a-z0-9-]+(\.[a-z0-9-]+)+$/', $value)) {
-            $fail('Source domain must be lowercase, only letters/digits/hyphens, with a TLD (no protocol/path).');
-        }
-    }
-}
-```
-
-`app/Rules/SignalIdentifier/PhoneIdentifier.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Rules\SignalIdentifier;
-
-use Closure;
-use Illuminate\Contracts\Validation\ValidationRule;
-
-class PhoneIdentifier implements ValidationRule
-{
-    public function validate(string $attribute, mixed $value, Closure $fail): void
-    {
-        if (!is_string($value) || !preg_match('/^7\d{10}$/', $value)) {
-            $fail('Phone number must be 11 digits and start with 7 (no spaces, no plus sign).');
-        }
-    }
-}
-```
-
-`app/Rules/SignalIdentifier/SmsSenderRule.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Rules\SignalIdentifier;
-
-use Closure;
-use Illuminate\Contracts\Validation\ValidationRule;
-
-class SmsSenderRule implements ValidationRule
-{
-    public function validate(string $attribute, mixed $value, Closure $fail): void
-    {
-        if (!is_string($value) || $value === '' || strlen($value) > 30) {
-            $fail('SMS sender must be 1–30 characters.');
-            return;
-        }
-
-        if (!preg_match('/^[A-Za-z0-9_-]+$/', $value)) {
-            $fail('SMS sender must contain only letters, digits, underscore or hyphen.');
-            return;
-        }
-
-        // Reject 11-digit phone numbers (supplier blocks them)
-        if (preg_match('/^\d{11}$/', $value)) {
-            $fail('SMS sender cannot be an 11-digit phone number (supplier rejection).');
-        }
-    }
-}
-```
-
-- [ ] **Step 12.4: Run tests + pint + stan**
-
-```bash
-cd app
-./vendor/bin/pest tests/Unit/Rules/SignalValidatorsTest.php -v
-composer pint && composer stan
-```
-
-Expected: все тесты passed, 0 stan errors.
-
-- [ ] **Step 12.5: Commit**
-
-```bash
-git add app/app/Rules/SignalIdentifier/DomainIdentifier.php \
-        app/app/Rules/SignalIdentifier/PhoneIdentifier.php \
-        app/app/Rules/SignalIdentifier/SmsSenderRule.php \
-        app/tests/Unit/Rules/SignalValidatorsTest.php
-git commit -m "feat(rules): add Signal validators (Domain, Phone, SmsSender) with comprehensive datasets"
-```
-
----
-
-## ✓ Comprehensive Verification Gate (END OF PLAN 1)
-
-> Это финальный gate. Без зелёного прохода всех 14 шагов — план НЕ закрыт.
-
-- [ ] **Step CV.1: Fresh migration from scratch**
-
-```bash
-cd app
-php artisan migrate:fresh
-```
-
-Expected: все миграции с нуля прошли.
-
-- [ ] **Step CV.2: Full Pest baseline**
-
-`cd app && composer test`
-Expected: ВСЕ существующие 403 + добавленные тесты passed. **0 регрессий.**
-
-- [ ] **Step CV.3: Larastan full**
-
-`cd app && composer stan`
-Expected: 0 errors.
-
-- [ ] **Step CV.4: Pint full project**
-
-`cd app && composer pint -- --test`
-Expected: clean.
-
-- [ ] **Step CV.5: squawk на все новые миграции**
-
-```bash
-cd app
-for m in database/migrations/2026_05_10_*.php; do
-  npx --yes squawk "$m" || echo "❌ $m"
-done
-```
-
-Expected: 0 issues per migration.
-
-- [ ] **Step CV.6: pgFormatter dry-run**
-
-`cd app && composer format:sql:check`
-Expected: clean.
-
-- [ ] **Step CV.7: cspell на все .md изменения**
-
-`npm run spell` (в корне репозитория)
-Expected: 0 unknown words. Если есть — добавить в `cspell-words.txt` (новые валидные термины), либо исправить опечатки.
-
-- [ ] **Step CV.8: markdownlint**
-
-`npm run lint:md`
-Expected: 0 errors.
-
-- [ ] **Step CV.9: Cycle check**
-
-`cd app && composer dump-autoload -o`
-Expected: 0 warnings (особенно про circular references между models/services).
-
-- [ ] **Step CV.10: Schema diff manual review**
-
-`git diff db/schema.sql`
-Verify (visual):
-
-- 5 новых тиблов/расширений присутствуют (3 CREATE TABLE + 1 ALTER TABLE projects + не забыли ничего ещё)
-- Все CHECK-constraints читаемы, без опечаток имён колонок
-- RLS включён ровно на `lead_charges`
-- REVOKE для SaaS-таблиц
-- Версия в шапке схемы bumped (v8.11 → v8.13)
-
-- [ ] **Step CV.11: Relations sanity in tinker**
-
-```bash
-cd app && php artisan tinker
-```
-
-В тинкере:
-
-```php
-use App\Models\{Tenant, Project, SupplierProject, LeadCharge, PricingTier, SupplierSyncLog};
-$t = Tenant::factory()->create();
-DB::transaction(function () use ($t) {
-    DB::statement('SET LOCAL app.current_tenant_id = ?', [$t->id]);
-    $sp = SupplierProject::factory()->create(['platform' => 'B1']);
-    $p = Project::factory()->create(['tenant_id' => $t->id, 'supplier_b1_project_id' => $sp->id]);
-    echo $p->supplierB1->platform . "\n";  // B1
-    echo $p->signal_type ?? 'null' . "\n"; // null (default)
-    $pt = PricingTier::factory()->create();
-    echo $pt->price_rubles . "\n";          // float
-    $log = SupplierSyncLog::factory()->create(['supplier_project_id' => $sp->id]);
-    echo $log->supplierProject->id === $sp->id ? "log->sp OK\n" : "FAIL\n";
-});
-```
-
-Expected: все строки выводятся корректно.
-
-- [ ] **Step CV.12: Code review subagent**
-
-Dispatch subagent:
-
-```
-Agent({
-  description: "Code review supplier foundation",
-  subagent_type: "general-purpose",
-  prompt: "Code-review changes in commits since `<base SHA>` on branch <branch> in c:\моя\проекты\портал crm\Документация\.
-
-  Spec: docs/superpowers/specs/2026-05-10-supplier-integration-design.md (sections §2, §7)
-  Plan: docs/superpowers/plans/2026-05-10-supplier-foundation-plan.md
-
-  Verify:
-  1. Migrations — наличие всех CHECK constraints из спеки (B1+SMS forbidden, sms_senders required if signal_type=sms, etc.)
-  2. Models — фабрики не создают forbidden combos (B1+SMS), relationships определены, casts соответствуют DDL
-  3. Validators — datasets покрывают всё что в §3.1 спеки (домен/номер/sms-sender)
-  4. RLS — lead_charges ENABLE+FORCE+POLICY+GRANT, supplier-side таблицы REVOKE
-  5. SQL safety — squawk-relevant: нет dangerous DDL без CONCURRENTLY, нет default values for added columns в больших таблицах (projects может быть large)
-  6. Опечатки — особенно в SQL identifiers/CHECK constraint names
-
-  Report: что найдено, чего не хватает, и какие потенциальные баги. Под 400 слов."
-})
-```
-
-После review — поправить найденное, повторить gate.
-
-- [ ] **Step CV.13: Update Tooling reference + project state memory**
-
-Если в этом плане появились новые npm/composer пакеты — обновить `docs/Tooling_v8_3.md`. Если изменились квирки окружения — добавить в `memory/feedback_environment.md`.
-
-В этом плане новых пакетов нет — пропускай шаг.
-
-- [ ] **Step CV.14: Final commit (CHANGELOG + plan checkbox closure)**
-
-Если все шаги CV.1–CV.13 зелёные:
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация"
-# Mark plan as complete in its header (Status field) если есть
-git add docs/superpowers/plans/2026-05-10-supplier-foundation-plan.md
-git commit -m "docs(plans): close Plan 1 — supplier integration foundation (schema + models + validators)"
-git push origin main  # или branch если в worktree
-```
-
----
-
-## Definition of Done (Plan 1)
-
-- ✅ 5 миграций применяются на чистую БД, откатываются обратно
-- ✅ 4 новые модели с factories, accessors, scopes
-- ✅ Project model расширен, существующие тесты не сломаны
-- ✅ 3 валидатора (Domain/Phone/SmsSender) с dataset-тестами на edge cases
-- ✅ Сервис `SupplierProjectResolver` с B1+SMS guard
-- ✅ RLS на `lead_charges` работает (cross-tenant isolation тест)
-- ✅ db/schema.sql + CHANGELOG_schema.md синхронизированы
-- ✅ 0 регрессий: 403 baseline + новые passed
-- ✅ Larastan / Pint / squawk / pgFormatter / cspell / markdownlint — все чистые
-- ✅ Code review subagent прошёл без блокеров
-
-После закрытия Plan 1 — переходим к Plan 2 (Webhook + Sharing Routing).
-
----
-
-## Notes & quirks
-
-- **kopecks vs decimal:** все money-поля integer kopecks. Float — только в accessors на чтение.
-- **Composite FK:** `lead_charges.deal_id, deal_received_at` → `deals(id, received_at)` через DEFERRABLE INITIALLY DEFERRED — потому что при INSERT deal+charge в одной транзакции composite FK иначе не пройдёт.
-- **Existing Project поля:** `tag`, `daily_limit_target`, `region_mask`, `delivery_days_mask`, `is_active`, `effective_daily_limit_today` уже есть. Не дублируем — переиспользуем. `region_mask` — это битовая маска (uint64), не jsonb. Соответствие "regions из спеки" обеспечит mapper в Plan 2.
-- **delivery_days_mask:** битовая маска bit 0 = понедельник, bit 6 = воскресенье (ISO day-of-week минус 1). `scopeActiveOnDay($iso)` использует `1 << ($iso - 1)`.
-- **Существующий webhook payload:** в Plan 2 Будем парсить `B1_vashinvestor.ru` → platform=B1, identifier=vashinvestor.ru. Адаптация существующего `ProcessWebhookJob`.
-- **`SetTenantContext` middleware:** применяется автоматически на роутах под `tenant` alias. Тесты с RLS — внутри `DB::transaction()` с явным `SET LOCAL`.
-
----
-
-## Self-review checklist (executed by author at write-time)
-
-- [x] **Spec coverage:** §2.1 (Project fields) — Task 1+10. §2.2 (supplier_projects) — Task 2+6. §7 (billing) — Task 3+8 (pricing_tiers + lead_charges). §3.1 (validators) — Task 12. §4.3 (sync_log) — Task 5+9. ✓
-- [x] **Placeholder scan:** нет TBD/TODO/«implement later» в коде, везде указаны точные пути и команды. ✓
-- [x] **Type consistency:** `signal_type` enum 'site'/'call'/'sms' одинаков в DDL CHECK + ProjectFactory + Validators + Resolver. `platform` enum 'B1'/'B2'/'B3' одинаков везде. `tier_no` integer 1..7 одинаков. ✓
diff --git a/docs/superpowers/plans/2026-05-10-supplier-plan26-cleanup.md b/docs/superpowers/plans/2026-05-10-supplier-plan26-cleanup.md
deleted file mode 100644
index 2581096..0000000
--- a/docs/superpowers/plans/2026-05-10-supplier-plan26-cleanup.md
+++ /dev/null
@@ -1,808 +0,0 @@
-# Supplier Integration — Plan 2.6 cleanup CV.11 audit остатков
-
-> **✅ Plan completed (10.05.2026 поздняя ночь финал).** Все 4 fix'а закрыты атомарными commit'ами на main: `e71a02e` (#i deploy validator), `f78a855` (#ii IP allowlist production fail-closed), `451a294` (#iii timestamp partition guard ±24h), `7899071` (#iv crm_supplier_worker BYPASSRLS-роль). Pest 558/556 (+9 от Plan 2.5 baseline 549/547), Larastan + Pint + squawk clean. Memory updated (`project_supplier_integration.md`, `project_state.md`, `feedback_environment.md` quirk #57). Plan 3 backlog: BLOCKER #6 (RLS на `failed_webhook_jobs`) первая задача + 5 minor WARN + 5 NIT.
->
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Закрыть 4 production-impact остатка CV.11 audit Plan 2: 2 operational deploy gates (placeholder secret + empty IP allowlist в production) + 1 code-bug (Carbon timestamp partition crash) + 1 архитектурный (BYPASSRLS-роль для queue worker — вариант C из Plan 2.6 brainstorm).
-
-**Architecture:** Все 4 fix'а — атомарные independent изменения, каждый закрыт отдельным commit'ом.
-
-- **Fix #i (placeholder secret):** новая Console-команда `supplier:check-webhook-secret` для deploy-time gate, exit 1 если seed = `'__SET_ON_DEPLOY__'` или len < 32.
-- **Fix #ii (empty IP allowlist):** в `SupplierWebhookController::verifyIpAllowlist` — `if ($list === []) return !app()->environment('production')` — production fail-closed, dev/testing fail-open.
-- **Fix #iii (timestamp partition guard):** в `SupplierWebhookController::receive` — `'time' => 'integer|min:<24h_ago>|max:<24h_future>'`; защита от старого/будущего timestamp → `no partition for row` CRASH.
-- **Fix #iv (RLS под crm_app_user):** новая PG-роль `crm_supplier_worker` (BYPASSRLS) в `db/00_create_roles.sql` для queue worker; обновить inline-warnings в `LeadRouter.php` + `ResetDeliveredTodayCommand.php`; зафиксировать в memory.
-
-**Tech Stack:** Laravel 13.7 (Console + Validator + AppEnvironment), PostgreSQL 16 (CREATE ROLE + GRANT), Pest 4, Larastan, Pint.
-
-**Spec:** [docs/superpowers/specs/2026-05-10-supplier-integration-design.md](../specs/2026-05-10-supplier-integration-design.md).
-
-**Plan основан на:** CV.11 code-reviewer subagent audit Plan 2 (10.05.2026 поздняя ночь) — 6 BLOCKER findings из которых #2 + #3 закрыты Plan 2.5 (`1ba1df8` + `c1ae195`); #6 → Plan 3 первая задача; #4/#5 + 8 minor WARN + 5 NIT — частично здесь, частично в Plan 3 NOTES. Полные findings — `memory/project_supplier_integration.md` секция «Pending CV.11 audit findings → Plan 3 backlog».
-
----
-
-## File Map
-
-**New files:**
-
-- `app/app/Console/Commands/CheckSupplierWebhookSecretCommand.php`
-- `app/tests/Feature/Console/CheckSupplierWebhookSecretCommandTest.php`
-
-**Modified files:**
-
-- `app/app/Http/Controllers/Api/SupplierWebhookController.php` — Fix #ii (verifyIpAllowlist) + Fix #iii (timestamp validation)
-- `app/tests/Feature/Http/Webhook/SupplierWebhookTest.php` — TDD-тесты для Fix #ii + Fix #iii
-- `db/schema.sql` — без изменений (Fix #iv не требует bump схемы; роль создаётся через `db/00_create_roles.sql`, не через `load_initial_schema.php`)
-- `db/00_create_roles.sql` — Fix #iv: добавить `crm_supplier_worker` (BYPASSRLS)
-- `app/app/Services/LeadRouter.php` — Fix #iv: обновить inline-warning (ссылка на `crm_supplier_worker`)
-- `app/app/Console/Commands/ResetDeliveredTodayCommand.php` — Fix #iv: обновить inline-warning
-- `docs/superpowers/plans/2026-05-10-supplier-plan26-cleanup.md` — статус-header после Task 5
-
-**Memory updates (вне репо, в `~/.claude/projects/.../memory/`):**
-
-- `feedback_environment.md` — новый quirk про deploy queue worker под `crm_supplier_worker`
-- `project_supplier_integration.md` — Plan 2.6 closure секция
-- `project_state.md` — header (HEAD origin/main, Pest count)
-
----
-
-## Task 1: Fix #i — `supplier:check-webhook-secret` deploy validator (WARN #4)
-
-**Files:**
-
-- Create: `app/app/Console/Commands/CheckSupplierWebhookSecretCommand.php`
-- Create: `app/tests/Feature/Console/CheckSupplierWebhookSecretCommandTest.php`
-
-**Контекст:** Seed в `db/schema.sql:2582` — `supplier_webhook_secret = '__SET_ON_DEPLOY__'` (17 chars). `SupplierWebhookController::verifySecret` (line 96-98) явно блокирует placeholder OR len < 32 → 404. На production без deploy-time override — endpoint нерабочий silently. Нужен fail-fast deploy-gate.
-
-- [ ] **Step 1: Failing test (4 кейса в одном файле)**
-
-Создать `app/tests/Feature/Console/CheckSupplierWebhookSecretCommandTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\DB;
-
-uses(DatabaseTransactions::class);
-
-it('rejects placeholder seed `__SET_ON_DEPLOY__`', function (): void {
-    DB::table('system_settings')
-        ->updateOrInsert(
-            ['key' => 'supplier_webhook_secret'],
-            ['value' => '__SET_ON_DEPLOY__', 'value_type' => 'string', 'description' => 'test seed']
-        );
-
-    $exitCode = artisan('supplier:check-webhook-secret')->run();
-
-    expect($exitCode)->toBe(1);
-});
-
-it('rejects too-short secret (< 32 chars)', function (): void {
-    DB::table('system_settings')
-        ->updateOrInsert(
-            ['key' => 'supplier_webhook_secret'],
-            ['value' => 'short-secret-only-20-chars', 'value_type' => 'string', 'description' => 'test']
-        );
-
-    $exitCode = artisan('supplier:check-webhook-secret')->run();
-
-    expect($exitCode)->toBe(1);
-});
-
-it('rejects missing seed', function (): void {
-    DB::table('system_settings')->where('key', 'supplier_webhook_secret')->delete();
-
-    $exitCode = artisan('supplier:check-webhook-secret')->run();
-
-    expect($exitCode)->toBe(1);
-});
-
-it('accepts valid secret (≥32 chars and not placeholder)', function (): void {
-    DB::table('system_settings')
-        ->updateOrInsert(
-            ['key' => 'supplier_webhook_secret'],
-            ['value' => str_repeat('a', 64), 'value_type' => 'string', 'description' => 'test seed']
-        );
-
-    $exitCode = artisan('supplier:check-webhook-secret')->run();
-
-    expect($exitCode)->toBe(0);
-});
-```
-
-NB: `artisan()` — Pest helper для PestPhp\Plugins\Laravel; alternative — `\Illuminate\Support\Facades\Artisan::call('supplier:check-webhook-secret')`. Проверить какой используется в проекте — посмотреть существующий `tests/Feature/Console/ResetDeliveredTodayCommandTest.php` и взять оттуда паттерн.
-
-- [ ] **Step 2: Run test to verify it fails**
-
-```powershell
-./vendor/bin/pest tests/Feature/Console/CheckSupplierWebhookSecretCommandTest.php
-```
-
-Expected: 4 failed (Command not found / "There are no commands defined in the 'supplier' namespace").
-
-- [ ] **Step 3: Implement `CheckSupplierWebhookSecretCommand`**
-
-Создать `app/app/Console/Commands/CheckSupplierWebhookSecretCommand.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Console\Commands;
-
-use Illuminate\Console\Command;
-use Illuminate\Support\Facades\DB;
-
-/**
- * Deploy-time validator для supplier_webhook_secret.
- *
- * Spec: docs/superpowers/specs/2026-05-10-supplier-integration-design.md §5.1.
- * Plan 2.6 fix #i: closes CV.11 audit WARN #4 (placeholder seed на production
- * → endpoint silent 404 на ВСЕ запросы).
- *
- * Использование в deploy-script: `php artisan supplier:check-webhook-secret`
- * exit code 0 = OK, exit code 1 = блокирующая ошибка (deploy не должен продолжаться).
- *
- * Проверки:
- *   1. system_settings row существует с key='supplier_webhook_secret'.
- *   2. value !== '__SET_ON_DEPLOY__' (placeholder из schema seed).
- *   3. strlen(value) >= 32 chars (требование verifySecret в SupplierWebhookController).
- */
-class CheckSupplierWebhookSecretCommand extends Command
-{
-    protected $signature = 'supplier:check-webhook-secret';
-
-    protected $description = 'Deploy-time validator: проверка supplier_webhook_secret seed (Plan 2.6 fix #i)';
-
-    public function handle(): int
-    {
-        $row = DB::table('system_settings')->where('key', 'supplier_webhook_secret')->first();
-
-        if ($row === null) {
-            $this->error('FAIL: system_settings row для key=supplier_webhook_secret не найдена. Schema seed повреждён или БД не мигрирована.');
-
-            return self::FAILURE;
-        }
-
-        $value = (string) $row->value;
-
-        if ($value === '__SET_ON_DEPLOY__') {
-            $this->error('FAIL: supplier_webhook_secret = "__SET_ON_DEPLOY__" (placeholder из schema seed). Override через UPDATE system_settings перед deploy.');
-
-            return self::FAILURE;
-        }
-
-        if (strlen($value) < 32) {
-            $this->error('FAIL: supplier_webhook_secret слишком короткий (length='.strlen($value).', нужно ≥32 chars для совместимости с verifySecret в SupplierWebhookController).');
-
-            return self::FAILURE;
-        }
-
-        $this->info('OK: supplier_webhook_secret valid (length='.strlen($value).' chars, не placeholder).');
-
-        return self::SUCCESS;
-    }
-}
-```
-
-- [ ] **Step 4: Run test to verify it passes**
-
-```powershell
-./vendor/bin/pest tests/Feature/Console/CheckSupplierWebhookSecretCommandTest.php
-```
-
-Expected: 4 passed.
-
-- [ ] **Step 5: Larastan + Pint**
-
-```powershell
-./vendor/bin/phpstan analyse --memory-limit=512M app/Console/Commands/CheckSupplierWebhookSecretCommand.php
-./vendor/bin/pint --test app/Console/Commands/CheckSupplierWebhookSecretCommand.php
-```
-
-Expected: passed / passed.
-
-- [ ] **Step 6: Commit (atomic)**
-
-```bash
-git add app/app/Console/Commands/CheckSupplierWebhookSecretCommand.php app/tests/Feature/Console/CheckSupplierWebhookSecretCommandTest.php
-git commit -m "$(cat <<'EOF'
-feat(commands): supplier:check-webhook-secret — deploy validator (Plan 2.6 #i)
-
-Закрывает CV.11 audit WARN #4 (placeholder secret '__SET_ON_DEPLOY__' = silent
-404 на production).
-
-Console command для deploy-script: SELECT system_settings.supplier_webhook_secret
-→ exit 1 если placeholder OR len < 32 OR row отсутствует. Иначе exit 0.
-
-Использование: deploy-script вызывает `php artisan supplier:check-webhook-secret`
-перед запуском приложения; non-zero exit прерывает deploy.
-
-TDD: 4 теста (placeholder rejected / short rejected / missing rejected / valid accepted).
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Task 2: Fix #ii — IP allowlist production fail-closed (WARN #5)
-
-**Files:**
-
-- Modify: `app/app/Http/Controllers/Api/SupplierWebhookController.php` (lines 109-115 в `verifyIpAllowlist`)
-- Modify: `app/tests/Feature/Http/Webhook/SupplierWebhookTest.php` (+ failing test)
-
-**Контекст:** `verifyIpAllowlist` (line 113-114): `if ($list === []) return true;` — fail-open, любой IP пропускается. На dev OK (localhost development), на production — security gap. Inline-warning lines 34-39 признаёт. Fix: в production env пустой allowlist = блокировать.
-
-- [ ] **Step 1: Failing test**
-
-Добавить в `app/tests/Feature/Http/Webhook/SupplierWebhookTest.php` (в конец файла перед `?>` или последний `});`):
-
-```php
-it('blocks empty IP allowlist в production env (Plan 2.6 fix #ii)', function (): void {
-    // Setup: valid secret + пустой IP allowlist (default seed).
-    DB::table('system_settings')
-        ->updateOrInsert(
-            ['key' => 'supplier_webhook_secret'],
-            ['value' => str_repeat('a', 64), 'value_type' => 'string', 'description' => 'test seed']
-        );
-    DB::table('system_settings')
-        ->updateOrInsert(
-            ['key' => 'supplier_ip_allowlist'],
-            ['value' => '[]', 'value_type' => 'json', 'description' => 'test seed']
-        );
-
-    // Mock app environment как production.
-    app()->detectEnvironment(fn () => 'production');
-
-    $response = $this->postJson('/api/webhook/supplier/'.str_repeat('a', 64), [
-        'vid' => 1,
-        'project' => 'B1_test.ru',
-        'phone' => '79991234567',
-        'time' => now()->getTimestamp(),
-    ]);
-
-    $response->assertStatus(404);
-});
-
-it('allows empty IP allowlist в dev env (Plan 2.6 fix #ii — fail-open для dev)', function (): void {
-    DB::table('system_settings')
-        ->updateOrInsert(
-            ['key' => 'supplier_webhook_secret'],
-            ['value' => str_repeat('a', 64), 'value_type' => 'string', 'description' => 'test seed']
-        );
-    DB::table('system_settings')
-        ->updateOrInsert(
-            ['key' => 'supplier_ip_allowlist'],
-            ['value' => '[]', 'value_type' => 'json', 'description' => 'test seed']
-        );
-
-    // Test env (default — testing) → fail-open сохраняется.
-
-    $response = $this->postJson('/api/webhook/supplier/'.str_repeat('a', 64), [
-        'vid' => 999999,
-        'project' => 'B1_dev-test.ru',
-        'phone' => '79991234567',
-        'time' => now()->getTimestamp(),
-    ]);
-
-    // 202 = accepted (значит verifyIpAllowlist пропустил).
-    $response->assertStatus(202);
-});
-```
-
-- [ ] **Step 2: Run test to verify it fails**
-
-```powershell
-./vendor/bin/pest tests/Feature/Http/Webhook/SupplierWebhookTest.php --filter="blocks empty IP allowlist в production"
-```
-
-Expected: 1 failed (assertStatus 404, actual 202 — потому что fix ещё не применён, production env не блокирует).
-
-- [ ] **Step 3: Implement fix в `verifyIpAllowlist`**
-
-Modify `app/app/Http/Controllers/Api/SupplierWebhookController.php`:
-
-```php
-private function verifyIpAllowlist(?string $clientIp): bool
-{
-    if ($clientIp === null) {
-        return false;
-    }
-    $row = DB::table('system_settings')->where('key', 'supplier_ip_allowlist')->first();
-    if ($row === null) {
-        return true;
-    }
-    $list = json_decode((string) $row->value, true) ?: [];
-    if ($list === []) {
-        // Plan 2.6 fix #ii: production env — пустой allowlist fail-closed (защита от
-        // забытого override в schema seed); dev/testing — fail-open для localhost dev.
-        // CV.11 audit WARN #5: inline-warning lines 34-39 признавал проблему,
-        // теперь enforced.
-        return ! app()->environment('production');
-    }
-
-    return IpUtils::checkIp($clientIp, $list);
-}
-```
-
-Также обновить inline-warning header в файле (lines 34-39) — заменить «только secret защищает» на «production env enforce'ит non-empty allowlist через verifyIpAllowlist».
-
-- [ ] **Step 4: Run tests to verify it passes**
-
-```powershell
-./vendor/bin/pest tests/Feature/Http/Webhook/SupplierWebhookTest.php
-```
-
-Expected: все тесты passed (включая 2 новых + существующие 8 не сломались).
-
-- [ ] **Step 5: Larastan + Pint**
-
-```powershell
-./vendor/bin/phpstan analyse --memory-limit=512M app/Http/Controllers/Api/SupplierWebhookController.php
-./vendor/bin/pint --test app/Http/Controllers/Api/SupplierWebhookController.php
-```
-
-Expected: passed / passed.
-
-- [ ] **Step 6: Commit (atomic)**
-
-```bash
-git add app/app/Http/Controllers/Api/SupplierWebhookController.php app/tests/Feature/Http/Webhook/SupplierWebhookTest.php
-git commit -m "$(cat <<'EOF'
-fix(http): IP allowlist fail-closed в production env (Plan 2.6 #ii)
-
-Закрывает CV.11 audit WARN #5 (пустой supplier_ip_allowlist '[]' = fail-open
-на production — любой IP пропускается).
-
-Изменение: SupplierWebhookController::verifyIpAllowlist — если allowlist пустой,
-возвращаем true только если env != production. На production пустой allowlist
-блокирует (404). На dev/testing fail-open сохраняется (для localhost development).
-
-TDD: +2 теста (production env empty → 404; testing env empty → 202).
-Inline-warning header обновлён.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Task 3: Fix #iii — Timestamp partition guard ±24h (WARN minor #5)
-
-**Files:**
-
-- Modify: `app/app/Http/Controllers/Api/SupplierWebhookController.php` (lines 52-60 validation rules)
-- Modify: `app/tests/Feature/Http/Webhook/SupplierWebhookTest.php` (+ 2 failing tests)
-
-**Контекст:** `Carbon::createFromTimestamp((int) $payload['time'])` (`RouteSupplierLeadJob.php:168`) использует raw `time` от поставщика. Партиции `deals` месячные (`deals_2026_05` от 2026-05-01). Timestamp за пределами текущего месячного окна → INSERT упадёт с `no partition of relation "deals" found for row`. Fix: контроллер отвергает webhooks с time за окном [now-24h, now+24h].
-
-- [ ] **Step 1: Failing tests**
-
-Добавить в `app/tests/Feature/Http/Webhook/SupplierWebhookTest.php`:
-
-```php
-it('rejects timestamp older than 24h (Plan 2.6 fix #iii — partition guard)', function (): void {
-    DB::table('system_settings')
-        ->updateOrInsert(
-            ['key' => 'supplier_webhook_secret'],
-            ['value' => str_repeat('a', 64), 'value_type' => 'string', 'description' => 'test seed']
-        );
-
-    $response = $this->postJson('/api/webhook/supplier/'.str_repeat('a', 64), [
-        'vid' => 100001,
-        'project' => 'B1_old-time.ru',
-        'phone' => '79991234567',
-        'time' => now()->subDays(2)->getTimestamp(),
-    ]);
-
-    $response->assertStatus(422)->assertJsonValidationErrors('time');
-});
-
-it('rejects timestamp more than 24h in future (Plan 2.6 fix #iii — partition guard)', function (): void {
-    DB::table('system_settings')
-        ->updateOrInsert(
-            ['key' => 'supplier_webhook_secret'],
-            ['value' => str_repeat('a', 64), 'value_type' => 'string', 'description' => 'test seed']
-        );
-
-    $response = $this->postJson('/api/webhook/supplier/'.str_repeat('a', 64), [
-        'vid' => 100002,
-        'project' => 'B1_future-time.ru',
-        'phone' => '79991234567',
-        'time' => now()->addDays(2)->getTimestamp(),
-    ]);
-
-    $response->assertStatus(422)->assertJsonValidationErrors('time');
-});
-
-it('accepts timestamp within ±24h window (Plan 2.6 fix #iii — partition guard)', function (): void {
-    DB::table('system_settings')
-        ->updateOrInsert(
-            ['key' => 'supplier_webhook_secret'],
-            ['value' => str_repeat('a', 64), 'value_type' => 'string', 'description' => 'test seed']
-        );
-
-    $response = $this->postJson('/api/webhook/supplier/'.str_repeat('a', 64), [
-        'vid' => 100003,
-        'project' => 'B1_valid-time.ru',
-        'phone' => '79991234567',
-        'time' => now()->subHours(6)->getTimestamp(),
-    ]);
-
-    $response->assertStatus(202);
-});
-```
-
-- [ ] **Step 2: Run tests to verify failure**
-
-```powershell
-./vendor/bin/pest tests/Feature/Http/Webhook/SupplierWebhookTest.php --filter="timestamp"
-```
-
-Expected: 2 failed (-2 days и +2 days сейчас принимаются как valid → assertStatus 422 fails).
-
-- [ ] **Step 3: Implement validation в `receive`**
-
-Modify `SupplierWebhookController::receive`:
-
-```php
-public function receive(Request $request, string $secret): JsonResponse
-{
-    if (! $this->verifySecret($secret)) {
-        return response()->json(['message' => 'Not found.'], 404);
-    }
-
-    if (! $this->verifyIpAllowlist($request->ip())) {
-        return response()->json(['message' => 'Not found.'], 404);
-    }
-
-    // Plan 2.6 fix #iii: timestamp partition guard. Партиции deals месячные
-    // (deals_2026_MM); time за пределами текущего месяца → INSERT CRASH
-    // "no partition of relation deals found for row". Окно ±24h защищает от
-    // wildly out-of-range значений (старый/будущий дроп от поставщика).
-    $minTime = now()->subDay()->getTimestamp();
-    $maxTime = now()->addDay()->getTimestamp();
-
-    $validated = $request->validate([
-        'vid' => 'required|integer|min:1',
-        'project' => ['required', 'string', 'max:255', 'regex:/^B[123]_.+$/'],
-        'phone' => ['required', 'string', 'regex:/^7\d{10}$/'],
-        'time' => ['required', 'integer', "min:{$minTime}", "max:{$maxTime}"],
-        'tag' => 'nullable|string|max:255',
-        'phones' => 'nullable|array',
-        'phones.*' => 'string|regex:/^7\d{10}$/',
-    ]);
-
-    // ... (остальной код без изменений)
-}
-```
-
-- [ ] **Step 4: Run tests**
-
-```powershell
-./vendor/bin/pest tests/Feature/Http/Webhook/SupplierWebhookTest.php
-```
-
-Expected: все passed (включая 3 новых).
-
-- [ ] **Step 5: Larastan + Pint**
-
-```powershell
-./vendor/bin/phpstan analyse --memory-limit=512M app/Http/Controllers/Api/SupplierWebhookController.php
-./vendor/bin/pint --test app/Http/Controllers/Api/SupplierWebhookController.php
-```
-
-Expected: passed / passed.
-
-- [ ] **Step 6: Commit (atomic)**
-
-```bash
-git add app/app/Http/Controllers/Api/SupplierWebhookController.php app/tests/Feature/Http/Webhook/SupplierWebhookTest.php
-git commit -m "$(cat <<'EOF'
-fix(http): timestamp validation ±24h для partition guard (Plan 2.6 #iii)
-
-Закрывает CV.11 audit WARN minor #5 (Carbon::createFromTimestamp(time) без
-range guard → INSERT CRASH "no partition of relation deals found for row"
-для timestamp вне текущего месячного окна).
-
-Изменение: SupplierWebhookController::receive — добавлено min/max constraint
-на 'time' = [now-24h, now+24h] unix-timestamp. Timestamp вне окна → 422
-ValidationException.
-
-±24h: покрывает retry-задержки поставщика (network-сбой) + clock-drift серверов;
-шире окно (±48h+) = риск partition-промаха на стыке месяцев (нужен Plan 5
-partition cron).
-
-TDD: +3 теста (-2 days → 422; +2 days → 422; -6h → 202).
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Task 4: Fix #iv — `crm_supplier_worker` BYPASSRLS-роль (WARN minor #2 + #3)
-
-**Files:**
-
-- Modify: `db/00_create_roles.sql` (новая роль)
-- Modify: `app/app/Services/LeadRouter.php` (inline-warning lines 25-29)
-- Modify: `app/app/Console/Commands/ResetDeliveredTodayCommand.php` (inline-warning lines 16-18)
-
-**Контекст:** `LeadRouter::matchEligibleProjects` (sharing-flow) и `ResetDeliveredTodayCommand` (cron) делают cross-tenant SELECT/UPDATE без `SET LOCAL app.current_tenant_id`. На dev (`postgres` BYPASSRLS) работает; на prod (`crm_app_user` RLS-enforce) — отвергнутся policy `tenant_isolation`. Plan 2.6 brainstorming → вариант C (BYPASSRLS-роль для queue worker).
-
-Архитектурное обоснование: queue worker — backend system process, обрабатывает webhooks для разных tenant'ов sharing-flow + global crons. По дизайну видит все tenant'ы. Privilege-boundary совпадает с архитектурной ролью. WHERE(tenant_id=…) фильтры в коде (например `RouteSupplierLeadJob::createDealCopyForProject` line 161-164) сохраняются как defense-in-depth.
-
-**Без TDD-теста на роль** — integration test требует создания роли в test DB + смены connection (overhead не оправдан); делаем grep-smoke в Step 5.
-
-- [ ] **Step 1: Add role definition в `db/00_create_roles.sql`**
-
-Прочитать существующий `db/00_create_roles.sql` для понимания style:
-
-```powershell
-cat db/00_create_roles.sql
-```
-
-Добавить блок (в конец файла):
-
-```sql
--- =============================================================================
--- crm_supplier_worker — BYPASSRLS-роль для backend queue worker (Plan 2.6 fix #iv)
--- =============================================================================
--- Закрывает CV.11 audit WARN minor #2 + #3 (LeadRouter и ResetDeliveredTodayCommand
--- под crm_app_user → RLS-policy tenant_isolation отвергает cross-tenant SELECT/UPDATE).
---
--- Privilege-boundary by design:
---   • Queue worker (php artisan queue:work) = backend system process для cross-tenant
---     операций: sharing-webhook routing (RouteSupplierLeadJob), global crons
---     (projects:reset-delivered-today, supplier:check-webhook-secret).
---   • Web worker = end-user-facing, остаётся под crm_app_user (RLS-enforce).
--- WHERE(tenant_id=) фильтры в коде сохраняются как defense-in-depth даже под
--- BYPASSRLS-ролью.
---
--- Deploy:
---   • Создать роль через этот файл при первом deploy (DBA / migrate:fresh).
---   • Установить пароль через secrets manager (Yandex KMS / Vault).
---   • Queue worker .env (отдельный от web .env): DB_USERNAME=crm_supplier_worker.
---
--- Spec: docs/superpowers/specs/2026-05-10-supplier-integration-design.md §6.
--- Brainstorm decision (Plan 2.6, 10.05.2026 поздняя ночь): вариант C из 3 опций
--- (A=elevated DB-connection / B=RLS WITH-CHECK exception / C=BYPASSRLS-роль).
--- =============================================================================
-DO $$
-BEGIN
-    IF NOT EXISTS (SELECT 1 FROM pg_roles WHERE rolname = 'crm_supplier_worker') THEN
-        -- Пароль ОБЯЗАТЕЛЬНО override через secrets manager перед production deploy.
-        EXECUTE format('CREATE ROLE crm_supplier_worker WITH LOGIN BYPASSRLS PASSWORD %L', '__SET_VIA_SECRETS_MANAGER__');
-    END IF;
-END $$;
-
-GRANT USAGE ON SCHEMA public TO crm_supplier_worker;
-GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO crm_supplier_worker;
-GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO crm_supplier_worker;
-
--- DEFAULT PRIVILEGES для будущих таблиц / sequences:
-ALTER DEFAULT PRIVILEGES IN SCHEMA public
-    GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO crm_supplier_worker;
-ALTER DEFAULT PRIVILEGES IN SCHEMA public
-    GRANT USAGE, SELECT ON SEQUENCES TO crm_supplier_worker;
-```
-
-- [ ] **Step 2: Update inline-warning в `LeadRouter.php`**
-
-Modify lines 25-29 в `app/app/Services/LeadRouter.php`:
-
-```php
- * RLS-quirk: запрос работает поверх N tenant'ов одновременно (sharing-model).
- * Не использует SET LOCAL app.current_tenant_id (в sharing-flow tenant ещё не определён —
- * запрос подбирает кандидатов из всех tenant'ов параллельно). На production queue worker
- * запускается под ролью crm_supplier_worker (BYPASSRLS) — Plan 2.6 fix #iv. На dev
- * подключение под postgres (BYPASSRLS implicit). См. db/00_create_roles.sql.
-```
-
-- [ ] **Step 3: Update inline-warning в `ResetDeliveredTodayCommand.php`**
-
-Modify lines 14-18 в `app/app/Console/Commands/ResetDeliveredTodayCommand.php`:
-
-```php
-/**
- * Сброс projects.delivered_today=0 для всех tenant'ов.
- *
- * Spec: docs/superpowers/specs/2026-05-10-supplier-integration-design.md §6.1.
- * Расписание: каждый день в 00:00 МСК (timezone Europe/Moscow).
- *
- * NB: tenant-scoped запрос без RLS — UPDATE сразу на все tenant'ы. На production
- * queue worker (через Scheduler) запускается под ролью crm_supplier_worker
- * (BYPASSRLS) — Plan 2.6 fix #iv. На dev подключение под postgres (BYPASSRLS
- * implicit). См. db/00_create_roles.sql.
- */
-```
-
-- [ ] **Step 4: Smoke-grep verify (вместо integration-теста)**
-
-```powershell
-grep -c "crm_supplier_worker" db/00_create_roles.sql
-grep -c "BYPASSRLS" db/00_create_roles.sql
-grep -c "crm_supplier_worker" app/app/Services/LeadRouter.php
-grep -c "crm_supplier_worker" app/app/Console/Commands/ResetDeliveredTodayCommand.php
-```
-
-Expected: каждый grep ≥1 (роль определена + cross-refs из кода работают).
-
-- [ ] **Step 5: Run full Pest для regression check**
-
-```powershell
-./vendor/bin/pest --parallel
-```
-
-Expected: все тесты passed (Plan 2.6 fix #i + #ii + #iii добавили ~7-8 новых тестов; baseline после Plan 2.5 — 549/547, ожидается ~556-557).
-
-- [ ] **Step 6: Larastan + Pint**
-
-```powershell
-./vendor/bin/phpstan analyse --memory-limit=512M
-./vendor/bin/pint --test
-```
-
-Expected: passed / passed.
-
-- [ ] **Step 7: Commit (atomic)**
-
-```bash
-git add db/00_create_roles.sql app/app/Services/LeadRouter.php app/app/Console/Commands/ResetDeliveredTodayCommand.php
-git commit -m "$(cat <<'EOF'
-feat(db): crm_supplier_worker BYPASSRLS-роль для queue worker (Plan 2.6 #iv)
-
-Закрывает CV.11 audit WARN minor #2 + #3 (LeadRouter + ResetDeliveredTodayCommand
-под crm_app_user → RLS-policy tenant_isolation отвергает cross-tenant SELECT/UPDATE).
-
-Архитектурное решение (Plan 2.6 brainstorm 10.05.2026 поздняя ночь, вариант C из 3
-опций): новая PG-роль crm_supplier_worker с BYPASSRLS — privilege-boundary by design.
-Queue worker = backend system process для cross-tenant операций (sharing-webhook
-routing, global crons); web worker остаётся под crm_app_user (RLS-enforce).
-
-WHERE(tenant_id=) фильтры в коде сохраняются как defense-in-depth.
-
-Deploy:
-  • Роль создаётся через db/00_create_roles.sql при первом deploy.
-  • Пароль override через secrets manager (Yandex KMS).
-  • Queue worker .env: DB_USERNAME=crm_supplier_worker (отдельно от web .env).
-
-Inline-warnings обновлены в LeadRouter.php + ResetDeliveredTodayCommand.php.
-
-Без TDD-теста на роль (integration-тест требует CREATE ROLE в test DB +
-смены connection — overhead не оправдан); smoke-grep проверяет файлы.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Task 5: Closure — Memory updates + Plan 2.6 status header + push
-
-**Files:**
-
-- Modify: `docs/superpowers/plans/2026-05-10-supplier-plan26-cleanup.md` (status header)
-- Modify (memory, вне репо): `feedback_environment.md`, `project_supplier_integration.md`, `project_state.md`
-
-- [ ] **Step 1: Re-run full verification**
-
-```powershell
-./vendor/bin/pest --parallel
-./vendor/bin/phpstan analyse --memory-limit=512M
-./vendor/bin/pint --test
-```
-
-Expected: всё green; Pest count = 549 (baseline) + 4 (Task 1 idempotency tests) + 2 (Task 2 IP allowlist tests) + 3 (Task 3 timestamp tests) = ~558 / ~556 passed.
-
-- [ ] **Step 2: Update memory `feedback_environment.md`**
-
-Добавить новый quirk-блок:
-
-```markdown
-- **Plan 2.6 fix #iv (10.05.2026 поздняя ночь): crm_supplier_worker BYPASSRLS-роль для queue worker.** Backend queue worker (php artisan queue:work) на production должен подключаться к БД под ролью `crm_supplier_worker` (BYPASSRLS), не под `crm_app_user` (RLS-enforce). Причина: sharing-webhook routing + global crons работают cross-tenant. См. `db/00_create_roles.sql`. Web worker остаётся под `crm_app_user`. Раздельные `.env` для web и queue.
-```
-
-- [ ] **Step 3: Update memory `project_supplier_integration.md`**
-
-Добавить секцию «Plan 2.6 cleanup (10.05.2026 поздняя ночь финал) — closure CV.11 operational + RLS остатков» с детализацией:
-
-- 4 fix'а закрыты (4 atomic commits)
-- Pest count после Plan 2.6
-- Что осталось в Plan 3 backlog (BLOCKER #6 + 5 NIT + некоторые WARN minor #1, #4, #6, #7, #8)
-
-Также обновить таблицу декомпозиции Plans 1-5: добавить строку «2.6 hotfix #i+ii+iii+iv ✅ DONE» по аналогии с Plan 2.5.
-
-- [ ] **Step 4: Update memory `project_state.md`**
-
-Header description: HEAD origin/main = новый SHA (после push); Pest count = реальное число.
-
-- [ ] **Step 5: Update Plan 2.6 file — status header**
-
-Modify `docs/superpowers/plans/2026-05-10-supplier-plan26-cleanup.md` — добавить blockquote после h1:
-
-```markdown
-> **✅ Plan completed (10.05.2026 поздняя ночь финал).** Все 4 fix'а закрыты атомарными commit'ами. Pest <N>/<M> passed (+9 тестов от Plan 2.5 baseline 549/547). Larastan + Pint clean. Memory updated. CV.11 audit Plan 3 backlog: BLOCKER #6 (RLS на failed_webhook_jobs INSERT NULL tenant) + 5 NIT + 5 minor WARN.
-```
-
-- [ ] **Step 6: Commit Plan 2.6 status header**
-
-```bash
-git add docs/superpowers/plans/2026-05-10-supplier-plan26-cleanup.md
-git commit -m "$(cat <<'EOF'
-docs(plans): close Plan 2.6 — ✅ status header
-
-Все 4 fix'а закрыты атомарными commits:
-  • Fix #i (placeholder secret deploy validator)
-  • Fix #ii (IP allowlist production fail-closed)
-  • Fix #iii (timestamp partition guard ±24h)
-  • Fix #iv (crm_supplier_worker BYPASSRLS-роль)
-
-Pest <N>/<M> passed (+9 тестов от Plan 2.5 baseline 549/547).
-Larastan + Pint clean.
-
-Plan 3 backlog: BLOCKER #6 + 5 NIT + 5 minor WARN.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
-- [ ] **Step 7: Push origin main**
-
-```bash
-git push origin main
-```
-
-Expected: lefthook pre-push (gitleaks-full-history + lychee) PASS, push successful. После Plan 2.6 на origin/main будет 5 новых commits (Tasks 1-5).
-
----
-
-## Self-review
-
-**Spec coverage:**
-
-- ✅ WARN #4 (placeholder secret) — Task 1.
-- ✅ WARN #5 (empty IP allowlist) — Task 2.
-- ✅ WARN minor #5 (Carbon partition crash) — Task 3.
-- ✅ WARN minor #2 + #3 (LeadRouter + ResetCmd RLS под crm_app_user) — Task 4.
-- ✅ Memory closure — Task 5.
-
-**Placeholder scan:** нет TODO/TBD/«implement later». Все шаги имеют конкретный код / команды.
-
-**Type consistency:** Console signature `supplier:check-webhook-secret` (Task 1) — не дублируется. `verifyIpAllowlist` (Task 2) и `receive` validation (Task 3) — оба в `SupplierWebhookController`, без коллизий имен. `crm_supplier_worker` имя роли — единое во всех Tasks (4 и 5).
-
-**Что НЕ покрыто (вынесено в Plan 3 / NOTES):**
-
-- BLOCKER #6 (RLS на failed_webhook_jobs INSERT NULL tenant) — архитектурное решение (отдельная SaaS-таблица или INSERT-policy WITH CHECK true), Plan 3 первая задача.
-- WARN minor #1 (SET LOCAL quotes стилистика) — defer.
-- WARN minor #4 (COALESCE NOT NULL guard) — defer.
-- WARN minor #6 (PhonePrefix re-validation в job) — defer.
-- WARN minor #7 (parsePlatform DRY) — defer.
-- WARN minor #8 (DuplicateDetector тай-брейкер) — defer.
-- 5 NIT — defer.
-
----
-
-## Execution Handoff
-
-**Plan saved:** `docs/superpowers/plans/2026-05-10-supplier-plan26-cleanup.md`.
-
-**Two execution options:**
-
-1. **Subagent-Driven (recommended)** — fresh subagent per task + 2-stage review между.
-2. **Inline Execution** — гонит таски в текущей сессии через `superpowers:executing-plans`.
-
-**Which approach?**
diff --git a/docs/superpowers/plans/2026-05-10-supplier-webhook-routing-plan.md b/docs/superpowers/plans/2026-05-10-supplier-webhook-routing-plan.md
deleted file mode 100644
index b6e99b2..0000000
--- a/docs/superpowers/plans/2026-05-10-supplier-webhook-routing-plan.md
+++ /dev/null
@@ -1,2637 +0,0 @@
-# Supplier Integration — Webhook + Sharing Routing (Plan 2/5)
-
-> **✅ Plan completed (10.05.2026 поздняя ночь).** Все Tasks 1–9 implementations + CV.1–CV.14 verification gates + Task 11 memory updates выполнены в `main` (`fb55bfd..c1ae195`, 16 commits). Чекбоксы ниже намеренно не tick'нуты — финальный статус задокументирован в `memory/project_supplier_integration.md` и `memory/project_state.md`. Plan 2.5 hotfix (commits `1ba1df8` fix #3 idempotency + `c1ae195` fix #2 concurrency) закрыл 2 из 3 BLOCKER findings CV.11 audit; BLOCKER #6 (RLS на `failed_webhook_jobs` INSERT NULL tenant) + 2 operational WARN (`__SET_ON_DEPLOY__` placeholder secret + пустой IP allowlist) + 8 minor WARN + 5 NIT → Plan 3 backlog. Pest 549/547 (+2 от baseline), Larastan + Pint clean.
->
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
->
-> **Verification is mandatory at every gate.** Do not skip verification gates. This plan was authored under directive: "перепроверять на все возможные ошибки, в логике, в коде, в цикличностях, опечатки и тд".
-
-**Goal:** Принимать единый stream лидов от поставщика crm.bp-gr.ru на платформенный URL и распределять каждый лид по N tenant-проектам Лидерры (sharing-model: 1 лид → N независимых deal-копий).
-
-**Architecture:** Новый платформенный endpoint `POST /api/webhook/supplier/{secret}` (защита: IP allowlist + system-wide secret token). Контроллер парсит payload, INSERT'ит raw в `supplier_leads`, dispatch'ит `RouteSupplierLeadJob`. Job находит `SupplierProject` через scope `forSignal(platform, signal_type, unique_key)`, определяет регион номера через `PhonePrefixService`, через `LeadRouter` подбирает eligible Лидерра-проекты (FK `supplier_b{1,2,3}_project_id` + active + workdays + region + delivered_today < daily_limit + balance > 0) и для каждого создаёт независимую `deal`-копию с инкрементом счётчиков. Старый per-tenant webhook (`/api/webhook/{token}`) остаётся нетронутым — отдельный legacy-канал, не пересекается с новым.
-
-**Tech Stack:** Laravel 13.7, PostgreSQL 16 (RLS + advisory lock), Pest 4, Larastan, squawk, pgFormatter (existing toolchain).
-
-**Spec:** [docs/superpowers/specs/2026-05-10-supplier-integration-design.md](../specs/2026-05-10-supplier-integration-design.md) — §5 (Приём лидов), §6 (Routing).
-
-**Verification philosophy:** TDD для каждой задачи (failing test first → green → commit). Verification gates после каждой задачи. Финальный «Comprehensive Verification Gate» (CV) в конце плана: Larastan + Pest + squawk + pgFormatter + cspell + markdownlint + migrate:fresh + code-reviewer subagent.
-
-**Plan 1 learnings применяются с самого старта** (см. [memory/project_supplier_integration.md](../../../../../../../Users/Administrator/.claude/projects/c---------------------crm-------------/memory/project_supplier_integration.md) §«Ключевые learnings»):
-
-- DDL **только в schema.sql** (single source of truth) + `load_initial_schema` миграция; **НЕ создавать incremental Laravel migrations** (Plan 1 учил: их нужно консолидировать → лишний цикл).
-- Convention CHECK-имён: `chk_<table>_<purpose>` (НЕ Laravel default).
-- Money — kopecks integer. Здесь не money — но pattern помним.
-- Pest model-тесты в `tests/Feature/Models/` (не `tests/Unit/Models/`) — Pest auto-binds `\Tests\TestCase` только в Feature/Browser.
-- `SET LOCAL app.current_tenant_id` — string interpolation, **не** `?` placeholder (PG limit).
-- `testing_rls_user` нужен для проверки RLS (postgres BYPASSRLS обходит политику).
-- `chk_<>_required` для NOT NULL conditions через CHECK при partial NOT NULL.
-
----
-
-## File Structure
-
-### Files to create
-
-```
-app/app/Models/
-  SupplierLead.php
-
-app/database/factories/
-  SupplierLeadFactory.php
-
-app/app/Services/
-  PhonePrefixService.php
-  LeadRouter.php
-
-app/app/Http/Controllers/Api/
-  SupplierWebhookController.php
-
-app/app/Jobs/
-  RouteSupplierLeadJob.php
-
-app/app/Console/Commands/
-  ResetDeliveredTodayCommand.php
-
-app/tests/Feature/Models/
-  SupplierLeadTest.php
-
-app/tests/Unit/Services/
-  PhonePrefixServiceTest.php
-
-app/tests/Feature/Services/
-  LeadRouterTest.php
-
-app/tests/Feature/Http/Webhook/
-  SupplierWebhookTest.php
-
-app/tests/Feature/Jobs/
-  RouteSupplierLeadJobTest.php
-
-app/tests/Feature/Console/
-  ResetDeliveredTodayCommandTest.php
-
-app/tests/Feature/Integration/
-  SupplierLeadFlowTest.php
-```
-
-### Files to modify
-
-```
-db/schema.sql                        v8.17 → v8.18
-db/CHANGELOG_schema.md               +entry v8.18
-app/routes/web.php                   +1 route (line ~127, рядом с legacy)
-app/bootstrap/app.php                +schedule callback (если используется ->withSchedule()) ИЛИ
-app/routes/console.php               +schedule (Laravel 11+ default)
-```
-
-### Files NOT to modify
-
-```
-app/app/Http/Controllers/Api/WebhookReceiveController.php  # legacy per-tenant; trogether
-app/app/Jobs/ProcessWebhookJob.php                          # legacy per-tenant; together
-```
-
-Эти два файла — legacy per-tenant flow. Они остаются нетронутыми. Новый supplier-flow живёт параллельно. Решение о deprecation — после Plan 5.
-
-### File responsibilities
-
-| Файл | Ответственность |
-|---|---|
-| `db/schema.sql` v8.18 | Создать `supplier_leads` + расширить `projects.delivered_today` + 2 строки в `system_settings` (secret + IP allowlist) |
-| `SupplierLead` | Eloquent-модель для raw-payload (SaaS-level, без RLS — supplier_lead появляется до routing) |
-| `PhonePrefixService` | phone (E.164 / 11 цифр) → `region_code` (ISO 3166-2:RU) + federal district bit (1..128 для region_mask) |
-| `LeadRouter` | Чистая функция: `(SupplierProject, phone, region_bit) → Collection<Project>` (eligible) |
-| `SupplierWebhookController` | HTTP layer: secret check + IP allowlist + payload validation + INSERT supplier_leads + dispatch |
-| `RouteSupplierLeadJob` | Background: парсит payload, ищет supplier_project, вызывает LeadRouter, создаёт deal-копии, апдейтит счётчики, шлёт уведомления |
-| `ResetDeliveredTodayCommand` | Cron 00:00 МСК: `UPDATE projects SET delivered_today = 0` |
-
----
-
-## Task 1: Schema — supplier_leads + delivered_today + system_settings rows
-
-**Files:**
-
-- Modify: `db/schema.sql` (bump v8.17 → v8.18; +1 раздел; +1 колонка; +2 seed-строки)
-- Modify: `db/CHANGELOG_schema.md` (+1 entry v8.18)
-
-**Контекст:** Новая SaaS-level таблица `supplier_leads` хранит raw-payload входящих webhook'ов от поставщика **до** routing'а. Не tenant-scoped (на момент INSERT'а tenant ещё не определён — routing в job'е). Колонка `projects.delivered_today` хранит дневной счётчик для проверки квоты в §6 спека. 2 строки в `system_settings` хранят platform-wide secret и IP-allowlist для defense-in-depth.
-
-- [ ] **Step 1: Failing test — supplier_leads table existence + columns**
-
-Файл: `app/tests/Feature/Integration/SchemaV8_18Test.php`
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Schema;
-
-it('supplier_leads table exists with required columns', function (): void {
-    expect(Schema::hasTable('supplier_leads'))->toBeTrue();
-    expect(Schema::hasColumns('supplier_leads', [
-        'id', 'supplier_project_id', 'platform', 'raw_payload', 'vid',
-        'phone', 'received_at', 'source', 'processed_at', 'deals_created_count',
-    ]))->toBeTrue();
-});
-
-it('supplier_leads has FK to supplier_projects with ON DELETE SET NULL', function (): void {
-    $row = DB::selectOne(<<<'SQL'
-        SELECT confdeltype
-        FROM pg_constraint c
-        JOIN pg_class t ON t.oid = c.conrelid
-        WHERE t.relname = 'supplier_leads' AND c.contype = 'f'
-        SQL);
-    expect($row)->not->toBeNull();
-    expect($row->confdeltype)->toBe('n'); // n = SET NULL
-});
-
-it('supplier_leads.source has CHECK enum', function (): void {
-    DB::statement("INSERT INTO supplier_leads (platform, raw_payload, vid, phone, received_at, source) VALUES ('B1', '{}', 1, '79991234567', NOW(), 'webhook')");
-    expect(fn () => DB::statement("INSERT INTO supplier_leads (platform, raw_payload, vid, phone, received_at, source) VALUES ('B1', '{}', 2, '79991234567', NOW(), 'invalid_source')"))
-        ->toThrow(\Illuminate\Database\QueryException::class);
-});
-
-it('projects.delivered_today exists with default 0', function (): void {
-    expect(Schema::hasColumn('projects', 'delivered_today'))->toBeTrue();
-    $defaults = DB::selectOne("SELECT column_default FROM information_schema.columns WHERE table_name = 'projects' AND column_name = 'delivered_today'");
-    expect($defaults->column_default)->toContain('0');
-});
-
-it('system_settings seed rows exist for supplier_webhook_secret + supplier_ip_allowlist', function (): void {
-    $secret = DB::selectOne("SELECT value FROM system_settings WHERE key = 'supplier_webhook_secret'");
-    expect($secret)->not->toBeNull();
-    expect((string) $secret->value)->toMatch('/^[A-Za-z0-9_\-]{32,}$/');
-
-    $allowlist = DB::selectOne("SELECT value FROM system_settings WHERE key = 'supplier_ip_allowlist'");
-    expect($allowlist)->not->toBeNull();
-    expect(json_decode($allowlist->value, true))->toBeArray();
-});
-```
-
-- [ ] **Step 2: Run test to verify it fails**
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\pest tests/Feature/Integration/SchemaV8_18Test.php --filter='supplier_leads table exists'
-```
-
-Expected: FAIL with `Failed asserting that false is true` (table not yet created).
-
-- [ ] **Step 3: Edit `db/schema.sql` — bump version + add table + column + seed**
-
-Шапка файла: header comment v8.17 → **v8.18**.
-
-```diff
---- header
--- Версия: v8.17 (10.05.2026 — Plan 1/5 Task 2 fix: ...)
-+-- Версия: v8.18 (10.05.2026 — Plan 2/5 Task 1: supplier_leads SaaS-level + projects.delivered_today + 2 system_settings rows для supplier-webhook + IP allowlist defense-in-depth)
-+-- Базовая версия: v8.17 (10.05.2026 — Plan 1/5 Task 2 fix: FK + CHECK + resolver guard)
-```
-
-Добавить **в конце раздела 5 (после `failed_webhook_jobs` / `rejected_deals_log`, перед разделом 7 биллинг)** новый блок:
-
-```sql
--- -----------------------------------------------------------------------------
--- supplier_leads — SaaS-level raw-payload входящих webhook'ов (v8.18, Plan 2/5)
--- -----------------------------------------------------------------------------
--- Контекст: см. spec §5.1. Поставщик POST'ит на /api/webhook/supplier/{secret}
--- (общий URL, не per-tenant). На момент INSERT'а tenant ещё не определён —
--- routing происходит в RouteSupplierLeadJob через supplier_project + LeadRouter.
--- Поэтому таблица НЕ tenant-scoped, RLS НЕ применяется (как supplier_projects).
---
--- supplier_project_id заполняется job'ом ПОСЛЕ парсинга `project` из payload
--- (`B1_vashinvestor.ru` → platform=B1, signal_identifier=vashinvestor.ru).
--- ON DELETE SET NULL: при удалении supplier_project не каскадим — сохраняем
--- raw для аудита.
---
--- source: 'webhook' (основной канал §5.1) | 'csv_recovery' (резерв §5.2 —
--- Plan 4 CSV reconciliation). На Plan 2 поддерживаем только 'webhook';
--- enum extensibility — для Plan 4.
---
--- deals_created_count: сколько deal-копий было создано после routing'а
--- (sharing-model: 0..N). Заполняется job'ом в конце обработки. NULL до processed.
--- -----------------------------------------------------------------------------
-CREATE TABLE supplier_leads (
-    id                      BIGSERIAL PRIMARY KEY,
-    supplier_project_id     BIGINT REFERENCES supplier_projects(id) ON DELETE SET NULL,
-    platform                VARCHAR(4) NOT NULL,                          -- B1 / B2 / B3 (parsed from project prefix)
-    raw_payload             JSONB NOT NULL,                                -- весь payload как есть
-    vid                     BIGINT NOT NULL,                               -- supplier-side lead id (idempotency key in source CRM)
-    phone                   VARCHAR(20) NOT NULL,
-    received_at             TIMESTAMPTZ NOT NULL DEFAULT NOW(),
-    source                  VARCHAR(16) NOT NULL DEFAULT 'webhook',
-    processed_at            TIMESTAMPTZ,
-    deals_created_count     INTEGER,                                       -- NULL до обработки; 0..N после
-    error                   TEXT,                                          -- сообщение если job упал
-
-    CONSTRAINT chk_supplier_leads_platform
-        CHECK (platform IN ('B1','B2','B3')),
-    CONSTRAINT chk_supplier_leads_source
-        CHECK (source IN ('webhook','csv_recovery')),
-    CONSTRAINT chk_supplier_leads_deals_count_nonneg
-        CHECK (deals_created_count IS NULL OR deals_created_count >= 0)
-);
-
-CREATE INDEX idx_supplier_leads_received_at ON supplier_leads(received_at DESC);
-CREATE INDEX idx_supplier_leads_supplier_project ON supplier_leads(supplier_project_id) WHERE supplier_project_id IS NOT NULL;
--- Idempotency lookup: при повторной доставке того же vid от поставщика — пропускаем.
-CREATE UNIQUE INDEX idx_supplier_leads_vid_unique ON supplier_leads(vid);
-
--- v8.18 (Plan 2/5): defense-in-depth — REVOKE ALL FROM crm_app_user.
--- SaaS-level таблица. tenant-приложение читать не должно (raw-payload — наша зона).
--- Conditional wrapper см. в supplier_projects (dev=postgres superuser без crm_app_user).
---
--- REVOKE ALL ON supplier_leads FROM crm_app_user;
-```
-
-В разделе 4 (`projects` таблица), **после** `delivered_in_month` добавить:
-
-```sql
-    -- РАСШИРЕНИЕ v8.18 (Plan 2/5): дневной счётчик доставленных лидов.
-    -- Сбрасывается cron'ом ResetDeliveredTodayCommand в 00:00 МСК.
-    -- Используется в LeadRouter для проверки квоты (delivered_today < effective_daily_limit).
-    delivered_today                 INTEGER NOT NULL DEFAULT 0
-                                    CHECK (delivered_today >= 0),
-```
-
-Найти `delivered_in_month` в DDL projects (строка ~785) и добавить **новую** колонку `delivered_today` сразу после `delivered_in_month`. Так же добавить в одну CHECK constraints не нужно — inline CHECK уже есть.
-
-В блоке `INSERT INTO system_settings` (раздел 12, строка ~2498) **в конце списка** добавить **2 новых seed-строки**:
-
-```sql
-    ('supplier_webhook_secret',  -- key
-     '__SET_ON_DEPLOY__',        -- value (placeholder; admin генерит при первом деплое)
-     'string',                   -- type
-     'Platform-wide секрет (≥32 chars) для /api/webhook/supplier/{secret}. См. spec §5.1.'),
-    ('supplier_ip_allowlist',
-     '[]',                       -- JSON array, пустой массив = пропускать всех (dev-режим)
-     'json',
-     'Список IP/CIDR поставщика crm.bp-gr.ru. Пустой массив = пропускать всех (DEV); на prod заполнить.'),
-```
-
-⚠️ Внимание: проверить точный синтаксис существующих seed-строк в schema.sql:2498 — формат может быть `(key, value, type, description)` OR `(key, type, description, value)`. Адаптировать под реальный.
-
-- [ ] **Step 4: Add CHANGELOG entry**
-
-Файл `db/CHANGELOG_schema.md` — append:
-
-````markdown
-## v8.18 от 10.05.2026 (Plan 2/5 Task 1)
-
-**Цель:** Подготовка слоя данных для supplier-webhook + sharing routing (spec §5–§6).
-
-**Изменения:**
-- ✅ Новая таблица `supplier_leads` (SaaS-level, без RLS) — raw-payload входящих webhook'ов от поставщика, FK на `supplier_projects(id) ON DELETE SET NULL`, 3 CHECK (platform enum / source enum / deals_count nonneg), 3 индекса (idx_received_at DESC + idx_supplier_project partial + UNIQUE на vid для idempotency).
-- ✅ `projects.delivered_today INTEGER NOT NULL DEFAULT 0 CHECK (>=0)` — дневной счётчик для проверки квоты, сбрасывается cron'ом в 00:00 МСК.
-- ✅ 2 строки в `system_settings`:
-  - `supplier_webhook_secret` (string, placeholder `__SET_ON_DEPLOY__`) — platform-wide секрет в URL.
-  - `supplier_ip_allowlist` (json, default `[]`) — IP/CIDR поставщика.
-
-**Метрики:** 60 → **61 базовых таблиц**, +3 индекса (111 → **114**), 39 RLS (без изменений — supplier_leads SaaS-level).
-
-**REVOKE:** `supplier_leads` defense-in-depth (закомментирован, conditional wrapper аналогично `supplier_projects`).
-````
-
-- [ ] **Step 5: Apply schema fresh + verify**
-
-Run:
-
-```powershell
-cd app
-.\artisan migrate:fresh --env=testing
-.\vendor\bin\pest tests/Feature/Integration/SchemaV8_18Test.php
-```
-
-Expected: PASS (5 assertions).
-
-- [ ] **Step 6: pgFormatter check + lefthook squawk dry-run**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация"
-npm run format:sql:check
-.\bin\squawk.exe db/schema.sql
-```
-
-Expected: оба чисто (нет diff'а в pgFormatter, 0 issues в squawk).
-
-- [ ] **Step 7: Commit**
-
-```bash
-git add db/schema.sql db/CHANGELOG_schema.md app/tests/Feature/Integration/SchemaV8_18Test.php
-git commit -m "$(cat <<'EOF'
-feat(db): supplier_leads + projects.delivered_today + 2 system_settings (v8.18)
-
-Plan 2/5 Task 1 — слой данных для supplier-webhook flow.
-
-- supplier_leads (SaaS-level, без RLS) — raw payload incoming webhook'ов
-- projects.delivered_today — дневной счётчик для проверки daily quota
-- system_settings: supplier_webhook_secret + supplier_ip_allowlist
-
-Spec: docs/superpowers/specs/2026-05-10-supplier-integration-design.md §5-§6
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Task 2: SupplierLead model + factory + tests
-
-**Files:**
-
-- Create: `app/app/Models/SupplierLead.php`
-- Create: `app/database/factories/SupplierLeadFactory.php`
-- Create: `app/tests/Feature/Models/SupplierLeadTest.php`
-
-**Контекст:** Eloquent-модель для `supplier_leads`. SaaS-level (без RLS). Связь `belongsTo(SupplierProject)`. `raw_payload` cast в array. `received_at` / `processed_at` — datetime cast. Используется в `RouteSupplierLeadJob` (Task 5).
-
-- [ ] **Step 1: Failing test**
-
-Файл `app/tests/Feature/Models/SupplierLeadTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\SupplierLead;
-use App\Models\SupplierProject;
-
-it('factory creates a valid SupplierLead', function (): void {
-    $supplierProject = SupplierProject::factory()->create([
-        'platform' => 'B1',
-        'signal_type' => 'site',
-        'unique_key' => 'vashinvestor.ru',
-    ]);
-
-    $lead = SupplierLead::factory()->create([
-        'supplier_project_id' => $supplierProject->id,
-        'platform' => 'B1',
-    ]);
-
-    expect($lead->id)->toBeInt()->toBeGreaterThan(0);
-    expect($lead->platform)->toBe('B1');
-    expect($lead->raw_payload)->toBeArray();
-    expect($lead->received_at)->toBeInstanceOf(\Illuminate\Support\Carbon::class);
-});
-
-it('belongsTo supplier_project', function (): void {
-    $supplierProject = SupplierProject::factory()->create();
-    $lead = SupplierLead::factory()->create([
-        'supplier_project_id' => $supplierProject->id,
-    ]);
-
-    expect($lead->supplierProject->id)->toBe($supplierProject->id);
-});
-
-it('casts raw_payload to array and *_at to Carbon', function (): void {
-    $lead = SupplierLead::factory()->create([
-        'raw_payload' => ['vid' => 12345, 'project' => 'B1_test.ru'],
-        'processed_at' => now(),
-    ]);
-
-    expect($lead->raw_payload)->toBe(['vid' => 12345, 'project' => 'B1_test.ru']);
-    expect($lead->processed_at)->toBeInstanceOf(\Illuminate\Support\Carbon::class);
-});
-
-it('factory respects deals_created_count nullable default', function (): void {
-    $lead = SupplierLead::factory()->create();
-    expect($lead->deals_created_count)->toBeNull();
-    expect($lead->processed_at)->toBeNull();
-});
-```
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\pest tests/Feature/Models/SupplierLeadTest.php
-```
-
-Expected: FAIL (Class not found).
-
-- [ ] **Step 2: Implement model**
-
-Файл `app/app/Models/SupplierLead.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Models;
-
-use Database\Factories\SupplierLeadFactory;
-use Illuminate\Database\Eloquent\Factories\HasFactory;
-use Illuminate\Database\Eloquent\Model;
-use Illuminate\Database\Eloquent\Relations\BelongsTo;
-
-/**
- * Raw-payload входящих webhook'ов от поставщика crm.bp-gr.ru.
- *
- * SaaS-level таблица (без RLS) — на момент INSERT'а tenant ещё не определён;
- * routing к Лидерра-проектам происходит в RouteSupplierLeadJob через
- * supplier_project_id + LeadRouter.
- *
- * Spec: docs/superpowers/specs/2026-05-10-supplier-integration-design.md §5.1
- *
- * @mixin IdeHelperSupplierLead
- */
-class SupplierLead extends Model
-{
-    /** @use HasFactory<SupplierLeadFactory> */
-    use HasFactory;
-
-    protected $table = 'supplier_leads';
-
-    public $timestamps = false;
-
-    protected $fillable = [
-        'supplier_project_id',
-        'platform',
-        'raw_payload',
-        'vid',
-        'phone',
-        'received_at',
-        'source',
-        'processed_at',
-        'deals_created_count',
-        'error',
-    ];
-
-    protected function casts(): array
-    {
-        return [
-            'raw_payload' => 'array',
-            'received_at' => 'datetime',
-            'processed_at' => 'datetime',
-            'vid' => 'integer',
-            'deals_created_count' => 'integer',
-        ];
-    }
-
-    /** @return BelongsTo<SupplierProject, $this> */
-    public function supplierProject(): BelongsTo
-    {
-        return $this->belongsTo(SupplierProject::class);
-    }
-
-    protected static function newFactory(): SupplierLeadFactory
-    {
-        return SupplierLeadFactory::new();
-    }
-}
-```
-
-- [ ] **Step 3: Implement factory**
-
-Файл `app/database/factories/SupplierLeadFactory.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace Database\Factories;
-
-use App\Models\SupplierLead;
-use Illuminate\Database\Eloquent\Factories\Factory;
-
-/**
- * @extends Factory<SupplierLead>
- */
-class SupplierLeadFactory extends Factory
-{
-    protected $model = SupplierLead::class;
-
-    /** @return array<string,mixed> */
-    public function definition(): array
-    {
-        $platform = $this->faker->randomElement(['B1', 'B2', 'B3']);
-        $vid = $this->faker->unique()->numberBetween(100_000_000, 999_999_999);
-        $phone = '7'.$this->faker->numerify('##########'); // 11 digits, leading 7
-
-        return [
-            'supplier_project_id' => null,
-            'platform' => $platform,
-            'raw_payload' => [
-                'vid' => $vid,
-                'project' => $platform.'_test.example.com',
-                'tag' => 'test-tag',
-                'phone' => $phone,
-                'phones' => [$phone],
-                'time' => now()->getTimestamp(),
-            ],
-            'vid' => $vid,
-            'phone' => $phone,
-            'received_at' => now(),
-            'source' => 'webhook',
-            'processed_at' => null,
-            'deals_created_count' => null,
-            'error' => null,
-        ];
-    }
-}
-```
-
-- [ ] **Step 4: Update IDE helper**
-
-Run:
-
-```powershell
-cd app
-.\artisan ide-helper:models -W -M -N
-```
-
-Expected: regenerates `_ide_helper_models.php` with SupplierLead. **Без аргумента** (Plan 1 learning #14).
-
-- [ ] **Step 5: Run tests**
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\pest tests/Feature/Models/SupplierLeadTest.php
-```
-
-Expected: PASS (4 tests).
-
-- [ ] **Step 6: Larastan check**
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\phpstan analyse
-```
-
-Expected: 0 errors (Plan 1 baseline сохранён).
-
-- [ ] **Step 7: Commit**
-
-```bash
-git add app/app/Models/SupplierLead.php app/database/factories/SupplierLeadFactory.php app/tests/Feature/Models/SupplierLeadTest.php app/_ide_helper_models.php
-git commit -m "$(cat <<'EOF'
-feat(models): SupplierLead model + factory (raw-payload incoming webhooks)
-
-SaaS-level модель для supplier_leads (Plan 2/5 Task 2).
-belongsTo(SupplierProject) + array cast на raw_payload + datetime *_at.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Task 3: PhonePrefixService (MVP — мобильные коды + федеральные округа)
-
-**Files:**
-
-- Create: `app/app/Services/PhonePrefixService.php`
-- Create: `app/tests/Unit/Services/PhonePrefixServiceTest.php`
-
-**Контекст:** Spec §6 step 2: «Определяем регион номера по коду телефона (справочник DEF-кодов)». Полный справочник Минсвязи — 40K+ строк, импорт отложен на Plan 5 / future. **MVP-стратегия:** мобильные операторы (9XX) → возвращаем `region_bit = 0xFF` (все 8 округов — лид принимается везде, фактический регион определяется позже на стороне клиента UI). Кодов городов (495/812 и т.п.) — мапим на конкретный округ. Возвращаемый bit складывается с `projects.region_mask` через `&`.
-
-Архитектура: чистая stateless-функция, без БД. Тесты — Unit (без Pest TestCase / DB).
-
-- [ ] **Step 1: Failing test**
-
-Файл `app/tests/Unit/Services/PhonePrefixServiceTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Services\PhonePrefixService;
-
-it('mobile prefix 9XX returns all-districts mask', function (): void {
-    $service = new PhonePrefixService();
-
-    expect($service->resolveDistrictBit('79991234567'))->toBe(0xFF); // все 8 округов
-});
-
-it('Moscow code 495 returns Central district bit (1)', function (): void {
-    $service = new PhonePrefixService();
-
-    expect($service->resolveDistrictBit('74951234567'))->toBe(1);
-});
-
-it('Saint-Petersburg code 812 returns Northwest district bit (2)', function (): void {
-    $service = new PhonePrefixService();
-
-    expect($service->resolveDistrictBit('78121234567'))->toBe(2);
-});
-
-it('Yekaterinburg code 343 returns Ural district bit (32)', function (): void {
-    $service = new PhonePrefixService();
-
-    expect($service->resolveDistrictBit('73431234567'))->toBe(32);
-});
-
-it('unknown code returns all-districts mask (defensive default)', function (): void {
-    $service = new PhonePrefixService();
-
-    expect($service->resolveDistrictBit('70001234567'))->toBe(0xFF);
-});
-
-it('rejects invalid phone formats', function (): void {
-    $service = new PhonePrefixService();
-
-    expect(fn () => $service->resolveDistrictBit('123'))->toThrow(\InvalidArgumentException::class);
-    expect(fn () => $service->resolveDistrictBit('+79991234567'))->toThrow(\InvalidArgumentException::class);
-    expect(fn () => $service->resolveDistrictBit('89991234567'))->toThrow(\InvalidArgumentException::class);
-});
-
-it('matchesProject — region_mode include + matching bit', function (): void {
-    $service = new PhonePrefixService();
-
-    expect($service->phoneMatchesRegions('74951234567', regionMask: 1, regionMode: 'include'))->toBeTrue();
-    expect($service->phoneMatchesRegions('74951234567', regionMask: 2, regionMode: 'include'))->toBeFalse();
-});
-
-it('matchesProject — region_mode exclude inverts logic', function (): void {
-    $service = new PhonePrefixService();
-
-    expect($service->phoneMatchesRegions('74951234567', regionMask: 1, regionMode: 'exclude'))->toBeFalse();
-    expect($service->phoneMatchesRegions('74951234567', regionMask: 2, regionMode: 'exclude'))->toBeTrue();
-});
-
-it('mobile (all-districts) always passes include any-bit', function (): void {
-    $service = new PhonePrefixService();
-
-    expect($service->phoneMatchesRegions('79991234567', regionMask: 1, regionMode: 'include'))->toBeTrue();
-    expect($service->phoneMatchesRegions('79991234567', regionMask: 255, regionMode: 'include'))->toBeTrue();
-});
-```
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\pest tests/Unit/Services/PhonePrefixServiceTest.php
-```
-
-Expected: FAIL (class not found).
-
-- [ ] **Step 2: Implement service**
-
-Файл `app/app/Services/PhonePrefixService.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services;
-
-use InvalidArgumentException;
-
-/**
- * Резолв phone → federal district bit для region_mask на projects.
- *
- * Битовое представление 8 ФО (синхронно с projects.region_mask):
- *   1   = Центральный
- *   2   = Северо-Западный
- *   4   = Южный
- *   8   = Северо-Кавказский
- *   16  = Приволжский
- *   32  = Уральский
- *   64  = Сибирский
- *   128 = Дальневосточный
- *   255 = все 8 округов (мобильные / неизвестный код)
- *
- * MVP-стратегия (Plan 2/5):
- *   - Мобильные (9XX) → 255 (мобильник может быть в любом округе по факту;
- *     передаём all-bits, чтобы любой include-фильтр прошёл).
- *   - Известные коды городов — мапим на ФО.
- *   - Неизвестный → 255 (defensive — лучше пропустить, чем потерять).
- *
- * Полный справочник Минсвязи DEF-codes (40K+ строк) — отложен на Plan 5 / future.
- *
- * Spec: docs/superpowers/specs/2026-05-10-supplier-integration-design.md §6 step 2
- */
-class PhonePrefixService
-{
-    private const DISTRICT_CENTRAL       = 1;
-    private const DISTRICT_NORTHWEST     = 2;
-    private const DISTRICT_SOUTH         = 4;
-    private const DISTRICT_NORTH_CAUCASUS = 8;
-    private const DISTRICT_VOLGA         = 16;
-    private const DISTRICT_URAL          = 32;
-    private const DISTRICT_SIBERIA       = 64;
-    private const DISTRICT_FAR_EAST      = 128;
-    private const ALL_DISTRICTS          = 0xFF;
-
-    /**
-     * 3-значный код города (после '7') → district bit.
-     * Источник: общеизвестные ABC-коды Минсвязи (MVP-выборка).
-     *
-     * @var array<string, int>
-     */
-    private const CITY_CODE_MAP = [
-        // Центральный
-        '495' => self::DISTRICT_CENTRAL, '498' => self::DISTRICT_CENTRAL,
-        '499' => self::DISTRICT_CENTRAL, '496' => self::DISTRICT_CENTRAL,
-        '4922' => self::DISTRICT_CENTRAL, // Владимир (4-digit)
-        '484' => self::DISTRICT_CENTRAL,  // Калуга
-        // Северо-Западный
-        '812' => self::DISTRICT_NORTHWEST,
-        '813' => self::DISTRICT_NORTHWEST,
-        '814' => self::DISTRICT_NORTHWEST,
-        '815' => self::DISTRICT_NORTHWEST, // Мурманск
-        '816' => self::DISTRICT_NORTHWEST, // Новгород
-        '818' => self::DISTRICT_NORTHWEST, // Архангельск
-        // Южный
-        '861' => self::DISTRICT_SOUTH,     // Краснодар
-        '862' => self::DISTRICT_SOUTH,     // Сочи
-        '863' => self::DISTRICT_SOUTH,     // Ростов
-        '865' => self::DISTRICT_SOUTH,     // Ставрополь (фактически СКФО, но MVP-приближение)
-        // Северо-Кавказский
-        '871' => self::DISTRICT_NORTH_CAUCASUS, // Грозный
-        '872' => self::DISTRICT_NORTH_CAUCASUS,
-        '873' => self::DISTRICT_NORTH_CAUCASUS,
-        // Приволжский
-        '831' => self::DISTRICT_VOLGA,     // Нижний Новгород
-        '843' => self::DISTRICT_VOLGA,     // Казань
-        '846' => self::DISTRICT_VOLGA,     // Самара
-        '347' => self::DISTRICT_VOLGA,     // Уфа
-        '342' => self::DISTRICT_VOLGA,     // Пермь
-        // Уральский
-        '343' => self::DISTRICT_URAL,      // Екатеринбург
-        '345' => self::DISTRICT_URAL,      // Тюмень
-        '351' => self::DISTRICT_URAL,      // Челябинск
-        // Сибирский
-        '383' => self::DISTRICT_SIBERIA,   // Новосибирск
-        '391' => self::DISTRICT_SIBERIA,   // Красноярск
-        '381' => self::DISTRICT_SIBERIA,   // Омск
-        '382' => self::DISTRICT_SIBERIA,   // Томск
-        // Дальневосточный
-        '423' => self::DISTRICT_FAR_EAST,  // Владивосток
-        '421' => self::DISTRICT_FAR_EAST,  // Хабаровск
-        '411' => self::DISTRICT_FAR_EAST,  // Якутск
-    ];
-
-    /**
-     * Возвращает битовое значение федерального округа для phone (E.164 11 цифр, начинается с 7).
-     *
-     * @throws InvalidArgumentException если phone не соответствует формату.
-     */
-    public function resolveDistrictBit(string $phone): int
-    {
-        if (! preg_match('/^7\d{10}$/', $phone)) {
-            throw new InvalidArgumentException(
-                "Phone must be 11 digits starting with 7 (got: {$phone})"
-            );
-        }
-
-        $codeArea = substr($phone, 1, 3); // 3-digit ABC-code (after leading 7)
-
-        // Mobile prefix (9XX) → all districts (мобильник может быть везде)
-        if ($codeArea[0] === '9') {
-            return self::ALL_DISTRICTS;
-        }
-
-        // Try 4-digit prefix (для редких регионов типа 4922 Владимир)
-        $code4 = substr($phone, 1, 4);
-        if (isset(self::CITY_CODE_MAP[$code4])) {
-            return self::CITY_CODE_MAP[$code4];
-        }
-
-        return self::CITY_CODE_MAP[$codeArea] ?? self::ALL_DISTRICTS;
-    }
-
-    /**
-     * Проверяет соответствие phone настройкам региона проекта.
-     *
-     * @param  int     $regionMask  битмаска projects.region_mask (0..255).
-     * @param  string  $regionMode  'include' | 'exclude'.
-     */
-    public function phoneMatchesRegions(string $phone, int $regionMask, string $regionMode): bool
-    {
-        $phoneBits = $this->resolveDistrictBit($phone);
-        $intersect = $phoneBits & $regionMask;
-
-        return match ($regionMode) {
-            'include' => $intersect !== 0,
-            'exclude' => $intersect === 0,
-            default => throw new InvalidArgumentException("Unknown region_mode: {$regionMode}"),
-        };
-    }
-}
-```
-
-- [ ] **Step 3: Run test**
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\pest tests/Unit/Services/PhonePrefixServiceTest.php
-```
-
-Expected: PASS (9 tests).
-
-- [ ] **Step 4: Commit**
-
-```bash
-git add app/app/Services/PhonePrefixService.php app/tests/Unit/Services/PhonePrefixServiceTest.php
-git commit -m "$(cat <<'EOF'
-feat(services): PhonePrefixService — phone → federal district bit (MVP)
-
-Маппинг мобильных + 30+ ABC-кодов городов на 8 ФО RF (synchronized
-с projects.region_mask битами). Мобильные → all-districts (255).
-Полный Минсвязи справочник отложен на Plan 5+.
-
-Spec: §6 step 2 routing geo-filter.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Task 4: LeadRouter service — eligible Liderra projects
-
-**Files:**
-
-- Create: `app/app/Services/LeadRouter.php`
-- Create: `app/tests/Feature/Services/LeadRouterTest.php`
-
-**Контекст:** Чистая функция: дано (`SupplierProject`, phone) → возвращает `Collection<Project>` где каждый проект:
-
-- ссылается на этот supplier_project через `supplier_b{1,2,3}_project_id` (зависит от supplier_project.platform);
-- `is_active = true`;
-- сегодняшний день в `delivery_days_mask`;
-- регион phone попадает в `region_mask` × `region_mode`;
-- `delivered_today < COALESCE(effective_daily_limit_today, daily_limit_target)`;
-- `tenant.balance_leads > 0`.
-
-Сортировка: `created_at ASC` (старые проекты первыми — детерминированный порядок, spec §6 step 4).
-
-**Не учитывает:** дедупликацию по phone (Биз-19) — это в Job (после создания deal). Job сначала ищет master через `DuplicateDetector`, и если master найден — помечает копию `duplicate_of_id` (без charge — это уже Plan 4 territory).
-
-⚠️ **RLS-quirk:** LeadRouter обращается к проектам **через несколько tenant'ов** (sharing). Нужно либо (а) обходить RLS через `pg_set_role` на elevated role, либо (б) выполнять запрос вне tenant-context'а (без `SET LOCAL app.current_tenant_id`). На dev (postgres BYPASSRLS) запрос пройдёт. На prod — нужен elevated role. **Для MVP** — выполняем запрос без `SET LOCAL` (нет tenant-context), и полагаемся на: dev=BYPASSRLS, prod=elevated role при выполнении job'а (см. Plan 5+ DevOps). Документируем это в docblock.
-
-- [ ] **Step 1: Failing test**
-
-Файл `app/tests/Feature/Services/LeadRouterTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Project;
-use App\Models\SupplierProject;
-use App\Models\Tenant;
-use App\Services\LeadRouter;
-use Illuminate\Support\Facades\DB;
-
-beforeEach(function (): void {
-    // Tenant context off — sharing routing идёт без RLS
-    DB::statement("SELECT set_config('app.current_tenant_id', '0', true)");
-});
-
-it('returns matching active projects for B1 site supplier_project (sharing across tenants)', function (): void {
-    $supplier = SupplierProject::factory()->create([
-        'platform' => 'B1',
-        'signal_type' => 'site',
-        'unique_key' => 'vashinvestor.ru',
-    ]);
-
-    $tenant1 = Tenant::factory()->create(['balance_leads' => 100]);
-    $tenant2 = Tenant::factory()->create(['balance_leads' => 100]);
-
-    $project1 = Project::factory()->create([
-        'tenant_id' => $tenant1->id,
-        'supplier_b1_project_id' => $supplier->id,
-        'signal_type' => 'site',
-        'signal_identifier' => 'vashinvestor.ru',
-        'is_active' => true,
-        'daily_limit_target' => 10,
-        'delivered_today' => 0,
-        'delivery_days_mask' => 127, // все 7 дней
-        'region_mask' => 255,        // все 8 округов
-        'region_mode' => 'include',
-    ]);
-
-    $project2 = Project::factory()->create([
-        'tenant_id' => $tenant2->id,
-        'supplier_b1_project_id' => $supplier->id,
-        'signal_type' => 'site',
-        'signal_identifier' => 'vashinvestor.ru',
-        'is_active' => true,
-        'daily_limit_target' => 10,
-        'delivered_today' => 0,
-        'delivery_days_mask' => 127,
-        'region_mask' => 255,
-        'region_mode' => 'include',
-    ]);
-
-    $router = app(LeadRouter::class);
-    $matched = $router->matchEligibleProjects($supplier, '79991234567');
-
-    expect($matched)->toHaveCount(2);
-    expect($matched->pluck('id')->all())->toEqualCanonicalizing([$project1->id, $project2->id]);
-});
-
-it('skips paused project (is_active=false)', function (): void {
-    $supplier = SupplierProject::factory()->create(['platform' => 'B1', 'signal_type' => 'site']);
-    $tenant = Tenant::factory()->create(['balance_leads' => 100]);
-
-    Project::factory()->create([
-        'tenant_id' => $tenant->id,
-        'supplier_b1_project_id' => $supplier->id,
-        'signal_type' => 'site',
-        'is_active' => false, // ← paused
-    ]);
-
-    $router = app(LeadRouter::class);
-    expect($router->matchEligibleProjects($supplier, '79991234567'))->toHaveCount(0);
-});
-
-it('skips project where today is not in delivery_days_mask', function (): void {
-    // current день недели (ISO 1=Mon..7=Sun); mask без сегодняшнего бита
-    $todayBit = 1 << (now()->isoWeekday() - 1);
-    $maskWithoutToday = 127 & ~$todayBit;
-
-    $supplier = SupplierProject::factory()->create(['platform' => 'B1', 'signal_type' => 'site']);
-    $tenant = Tenant::factory()->create(['balance_leads' => 100]);
-
-    Project::factory()->create([
-        'tenant_id' => $tenant->id,
-        'supplier_b1_project_id' => $supplier->id,
-        'signal_type' => 'site',
-        'is_active' => true,
-        'delivery_days_mask' => $maskWithoutToday,
-    ]);
-
-    $router = app(LeadRouter::class);
-    expect($router->matchEligibleProjects($supplier, '79991234567'))->toHaveCount(0);
-});
-
-it('skips project where delivered_today >= effective_daily_limit_today', function (): void {
-    $supplier = SupplierProject::factory()->create(['platform' => 'B1', 'signal_type' => 'site']);
-    $tenant = Tenant::factory()->create(['balance_leads' => 100]);
-
-    Project::factory()->create([
-        'tenant_id' => $tenant->id,
-        'supplier_b1_project_id' => $supplier->id,
-        'signal_type' => 'site',
-        'is_active' => true,
-        'effective_daily_limit_today' => 5,
-        'delivered_today' => 5,
-    ]);
-
-    $router = app(LeadRouter::class);
-    expect($router->matchEligibleProjects($supplier, '79991234567'))->toHaveCount(0);
-});
-
-it('falls back to daily_limit_target when effective_daily_limit_today is null', function (): void {
-    $supplier = SupplierProject::factory()->create(['platform' => 'B1', 'signal_type' => 'site']);
-    $tenant = Tenant::factory()->create(['balance_leads' => 100]);
-
-    Project::factory()->create([
-        'tenant_id' => $tenant->id,
-        'supplier_b1_project_id' => $supplier->id,
-        'signal_type' => 'site',
-        'is_active' => true,
-        'effective_daily_limit_today' => null,
-        'daily_limit_target' => 10,
-        'delivered_today' => 5,
-    ]);
-
-    $router = app(LeadRouter::class);
-    expect($router->matchEligibleProjects($supplier, '79991234567'))->toHaveCount(1);
-});
-
-it('skips project where region_mode=include and region_mask does not include phone district', function (): void {
-    $supplier = SupplierProject::factory()->create(['platform' => 'B1', 'signal_type' => 'site']);
-    $tenant = Tenant::factory()->create(['balance_leads' => 100]);
-
-    Project::factory()->create([
-        'tenant_id' => $tenant->id,
-        'supplier_b1_project_id' => $supplier->id,
-        'signal_type' => 'site',
-        'is_active' => true,
-        'region_mask' => 1, // только Центральный округ
-        'region_mode' => 'include',
-    ]);
-
-    $router = app(LeadRouter::class);
-    // 78121234567 = СПб (Северо-Западный, бит 2)
-    expect($router->matchEligibleProjects($supplier, '78121234567'))->toHaveCount(0);
-});
-
-it('skips project where tenant.balance_leads <= 0', function (): void {
-    $supplier = SupplierProject::factory()->create(['platform' => 'B1', 'signal_type' => 'site']);
-    $tenant = Tenant::factory()->create(['balance_leads' => 0]); // ← пуст
-
-    Project::factory()->create([
-        'tenant_id' => $tenant->id,
-        'supplier_b1_project_id' => $supplier->id,
-        'signal_type' => 'site',
-        'is_active' => true,
-    ]);
-
-    $router = app(LeadRouter::class);
-    expect($router->matchEligibleProjects($supplier, '79991234567'))->toHaveCount(0);
-});
-
-it('routes through correct FK based on platform (B2 → supplier_b2_project_id)', function (): void {
-    $supplier = SupplierProject::factory()->create(['platform' => 'B2', 'signal_type' => 'site']);
-    $tenant = Tenant::factory()->create(['balance_leads' => 100]);
-
-    Project::factory()->create([
-        'tenant_id' => $tenant->id,
-        'supplier_b1_project_id' => null,
-        'supplier_b2_project_id' => $supplier->id, // ← через B2
-        'supplier_b3_project_id' => null,
-        'signal_type' => 'site',
-        'is_active' => true,
-    ]);
-
-    $router = app(LeadRouter::class);
-    expect($router->matchEligibleProjects($supplier, '79991234567'))->toHaveCount(1);
-});
-
-it('orders results by created_at ASC (deterministic, spec §6 step 4)', function (): void {
-    $supplier = SupplierProject::factory()->create(['platform' => 'B1', 'signal_type' => 'site']);
-
-    $projectsCreated = collect();
-    for ($i = 0; $i < 3; $i++) {
-        $tenant = Tenant::factory()->create(['balance_leads' => 100]);
-        $projectsCreated->push(
-            Project::factory()->create([
-                'tenant_id' => $tenant->id,
-                'supplier_b1_project_id' => $supplier->id,
-                'signal_type' => 'site',
-                'is_active' => true,
-                'created_at' => now()->subDays(3 - $i),
-            ])
-        );
-    }
-
-    $router = app(LeadRouter::class);
-    $matched = $router->matchEligibleProjects($supplier, '79991234567');
-
-    expect($matched->pluck('id')->all())->toBe($projectsCreated->pluck('id')->all());
-});
-```
-
-⚠️ Перед запуском убедиться, что `testing_rls_user` создан (см. Plan 1 learning #10) и в test-bootstrap либо `DatabaseTransactions` rollback'ит, либо явно `DB::table('projects')->truncate()`.
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\pest tests/Feature/Services/LeadRouterTest.php
-```
-
-Expected: FAIL (class not found).
-
-- [ ] **Step 2: Implement service**
-
-Файл `app/app/Services/LeadRouter.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services;
-
-use App\Models\Project;
-use App\Models\SupplierProject;
-use Illuminate\Support\Carbon;
-use Illuminate\Support\Collection;
-
-/**
- * Подбор eligible Лидерра-проектов для входящего лида (sharing-model §6).
- *
- * Алгоритм (spec §6 step 3):
- *   1. Выбираем все Project, у которых FK по platform supplier_project'а заполнен:
- *      B1 → supplier_b1_project_id, B2 → supplier_b2_project_id, B3 → supplier_b3_project_id.
- *   2. Фильтр: is_active=true.
- *   3. Фильтр workdays: (delivery_days_mask & today_bit) <> 0, today_bit = 1 << (ISO_DOW - 1).
- *   4. Фильтр delivered_today: < COALESCE(effective_daily_limit_today, daily_limit_target).
- *   5. Фильтр region: PhonePrefixService::phoneMatchesRegions().
- *   6. Фильтр balance: tenants.balance_leads > 0 (через JOIN).
- *   7. Сортировка: created_at ASC (детерминированно — старые первыми).
- *
- * RLS-quirk: запрос работает поверх N tenant'ов одновременно. Не использует
- * SET LOCAL app.current_tenant_id (ему нечего передать — sharing). Полагается на
- * dev=postgres BYPASSRLS / prod=elevated role при выполнении из job'а.
- *
- * Spec: docs/superpowers/specs/2026-05-10-supplier-integration-design.md §6
- */
-class LeadRouter
-{
-    public function __construct(
-        private readonly PhonePrefixService $phonePrefix,
-    ) {}
-
-    /**
-     * @return Collection<int, Project>
-     */
-    public function matchEligibleProjects(SupplierProject $supplierProject, string $phone): Collection
-    {
-        $fkColumn = match ($supplierProject->platform) {
-            'B1' => 'supplier_b1_project_id',
-            'B2' => 'supplier_b2_project_id',
-            'B3' => 'supplier_b3_project_id',
-        };
-
-        $todayBit = 1 << (Carbon::now()->isoWeekday() - 1);
-
-        /** @var Collection<int, Project> $candidates */
-        $candidates = Project::query()
-            ->where($fkColumn, $supplierProject->id)
-            ->where('is_active', true)
-            ->whereRaw('(delivery_days_mask & ?) <> 0', [$todayBit])
-            ->whereRaw(
-                'delivered_today < COALESCE(effective_daily_limit_today, daily_limit_target)'
-            )
-            ->whereExists(function ($q) {
-                $q->selectRaw('1')
-                    ->from('tenants')
-                    ->whereColumn('tenants.id', 'projects.tenant_id')
-                    ->where('tenants.balance_leads', '>', 0);
-            })
-            ->orderBy('created_at')
-            ->orderBy('id') // tiebreaker
-            ->get();
-
-        // Region-фильтр в PHP: PostgreSQL bit-арифметика на JSONB неудобна,
-        // да и MVP-PhonePrefixService — статический мап без БД.
-        return $candidates->filter(
-            fn (Project $p): bool => $this->phonePrefix->phoneMatchesRegions(
-                $phone,
-                (int) $p->region_mask,
-                (string) $p->region_mode,
-            )
-        )->values();
-    }
-}
-```
-
-- [ ] **Step 3: Run tests**
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\pest tests/Feature/Services/LeadRouterTest.php
-```
-
-Expected: PASS (9 tests).
-
-- [ ] **Step 4: Larastan check**
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\phpstan analyse
-```
-
-Expected: 0 errors.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/app/Services/LeadRouter.php app/tests/Feature/Services/LeadRouterTest.php
-git commit -m "$(cat <<'EOF'
-feat(services): LeadRouter — eligible Liderra projects matcher
-
-Sharing-model routing (spec §6): для входящего лида возвращает Collection<Project>
-учитывая platform FK + active + workdays + region (PhonePrefixService) +
-delivered_today < daily_limit + tenant.balance_leads > 0. Сортировка created_at ASC.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Task 5: RouteSupplierLeadJob
-
-**Files:**
-
-- Create: `app/app/Jobs/RouteSupplierLeadJob.php`
-- Create: `app/tests/Feature/Jobs/RouteSupplierLeadJobTest.php`
-
-**Контекст:** Background-job для обработки `supplier_leads`. Шаги:
-
-1. Загружает `SupplierLead` по id.
-2. Парсит `raw_payload['project']` → (platform, identifier).
-3. Резолвит `SupplierProject` через `forSignal` (если не нашёлся — лид orphan, помечает error и завершается).
-4. Вызывает `LeadRouter::matchEligibleProjects(supplier_project, phone)`.
-5. Для каждого matched project:
-   - Wraps в `DB::transaction` с `SET LOCAL app.current_tenant_id = $project->tenant_id`.
-   - `Tenant::lockForUpdate()`.
-   - Создаёт deal-копию (`Deal::create`) с `source_crm_id = vid`.
-   - Инкрементирует `tenant.balance_leads`-- (existing pattern).
-   - Инкрементирует `project.delivered_today` + `project.delivered_in_month`.
-   - Создаёт `BalanceTransaction` + `ActivityLog` + (TBD Plan 4) `LeadCharge`.
-   - Вызывает `NotificationService::notifyNewLead`.
-6. Обновляет `SupplierLead` (`processed_at`, `deals_created_count`).
-7. На failed() — записывает в `failed_webhook_jobs` (как ProcessWebhookJob).
-
-⚠️ **Идемпотентность по vid:** UNIQUE INDEX на `supplier_leads.vid` (Task 1) гарантирует, что повторный webhook с тем же vid провалится на INSERT. Job не должен **дополнительно** проверять vid — это уже сделано на уровне controller'а (UNIQUE violation → 200 OK игнор-ответ).
-
-⚠️ **Дубль по phone (Биз-19) внутри tenant'а:** для каждого создаваемого deal'а вызвать `DuplicateDetector::findMaster` ПОСЛЕ создания (как в ProcessWebhookJob). Если master найден ≠ self → пометить `duplicate_of_id`, **НЕ списывать** balance, **НЕ инкрементировать** счётчики, **НЕ нотифицировать**. Charge / increment / notify — только для не-дублей.
-
-- [ ] **Step 1: Failing test**
-
-Файл `app/tests/Feature/Jobs/RouteSupplierLeadJobTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Jobs\RouteSupplierLeadJob;
-use App\Models\Deal;
-use App\Models\Project;
-use App\Models\SupplierLead;
-use App\Models\SupplierProject;
-use App\Models\Tenant;
-use Illuminate\Support\Facades\DB;
-
-it('routes 1 lead to N tenants — creates N deal copies (sharing-model)', function (): void {
-    $supplier = SupplierProject::factory()->create([
-        'platform' => 'B1',
-        'signal_type' => 'site',
-        'unique_key' => 'vashinvestor.ru',
-    ]);
-
-    $tenants = collect();
-    $projects = collect();
-    for ($i = 0; $i < 3; $i++) {
-        $t = Tenant::factory()->create(['balance_leads' => 100]);
-        $tenants->push($t);
-        $projects->push(Project::factory()->create([
-            'tenant_id' => $t->id,
-            'supplier_b1_project_id' => $supplier->id,
-            'signal_type' => 'site',
-            'signal_identifier' => 'vashinvestor.ru',
-            'is_active' => true,
-            'delivered_today' => 0,
-            'delivered_in_month' => 0,
-        ]));
-    }
-
-    $vid = 432176649;
-    $lead = SupplierLead::factory()->create([
-        'platform' => 'B1',
-        'vid' => $vid,
-        'phone' => '79991234567',
-        'raw_payload' => [
-            'vid' => $vid,
-            'project' => 'B1_vashinvestor.ru',
-            'tag' => 'tag',
-            'phone' => '79991234567',
-            'phones' => ['79991234567'],
-            'time' => now()->getTimestamp(),
-        ],
-    ]);
-
-    (new RouteSupplierLeadJob($lead->id))->handle(
-        app(\App\Services\LeadRouter::class),
-        app(\App\Services\SupplierProjects\SupplierProjectResolver::class),
-        app(\App\Services\DuplicateDetector::class),
-        app(\App\Services\NotificationService::class),
-    );
-
-    $lead->refresh();
-    expect($lead->processed_at)->not->toBeNull();
-    expect($lead->deals_created_count)->toBe(3);
-    expect($lead->supplier_project_id)->toBe($supplier->id);
-
-    foreach ($projects as $p) {
-        $p->refresh();
-        expect($p->delivered_today)->toBe(1);
-        expect($p->delivered_in_month)->toBe(1);
-
-        // По одной deal-копии на каждый tenant
-        DB::statement("SET LOCAL app.current_tenant_id = '{$p->tenant_id}'");
-        $deals = Deal::query()
-            ->where('tenant_id', $p->tenant_id)
-            ->where('source_crm_id', $vid)
-            ->get();
-        expect($deals)->toHaveCount(1);
-    }
-});
-
-it('decrements balance_leads for each tenant by 1', function (): void {
-    $supplier = SupplierProject::factory()->create(['platform' => 'B1', 'signal_type' => 'site']);
-    $tenant = Tenant::factory()->create(['balance_leads' => 100]);
-    Project::factory()->create([
-        'tenant_id' => $tenant->id,
-        'supplier_b1_project_id' => $supplier->id,
-        'signal_type' => 'site',
-        'is_active' => true,
-    ]);
-
-    $lead = SupplierLead::factory()->create([
-        'platform' => 'B1',
-        'phone' => '79991234567',
-        'raw_payload' => ['vid' => 1, 'project' => 'B1_test.ru', 'phone' => '79991234567', 'time' => time()],
-    ]);
-
-    (new RouteSupplierLeadJob($lead->id))->handle(
-        app(\App\Services\LeadRouter::class),
-        app(\App\Services\SupplierProjects\SupplierProjectResolver::class),
-        app(\App\Services\DuplicateDetector::class),
-        app(\App\Services\NotificationService::class),
-    );
-
-    expect($tenant->fresh()->balance_leads)->toBe(99);
-});
-
-it('marks duplicate via DuplicateDetector — no charge, no counter increment', function (): void {
-    $supplier = SupplierProject::factory()->create(['platform' => 'B1', 'signal_type' => 'site']);
-    $tenant = Tenant::factory()->create(['balance_leads' => 100]);
-    $project = Project::factory()->create([
-        'tenant_id' => $tenant->id,
-        'supplier_b1_project_id' => $supplier->id,
-        'signal_type' => 'site',
-        'is_active' => true,
-        'delivered_today' => 0,
-    ]);
-
-    // Master deal на тот же phone в окне 24ч
-    DB::statement("SET LOCAL app.current_tenant_id = '{$tenant->id}'");
-    $master = Deal::create([
-        'tenant_id' => $tenant->id,
-        'source_crm_id' => 999,
-        'project_id' => $project->id,
-        'phone' => '79991234567',
-        'phones' => ['79991234567'],
-        'status' => 'new',
-        'received_at' => now()->subHours(2),
-    ]);
-
-    $lead = SupplierLead::factory()->create([
-        'platform' => 'B1',
-        'vid' => 1000,
-        'phone' => '79991234567',
-        'raw_payload' => ['vid' => 1000, 'project' => 'B1_test.ru', 'phone' => '79991234567', 'time' => time()],
-    ]);
-
-    (new RouteSupplierLeadJob($lead->id))->handle(
-        app(\App\Services\LeadRouter::class),
-        app(\App\Services\SupplierProjects\SupplierProjectResolver::class),
-        app(\App\Services\DuplicateDetector::class),
-        app(\App\Services\NotificationService::class),
-    );
-
-    expect($tenant->fresh()->balance_leads)->toBe(100); // НЕ списан (дубль)
-    expect($project->fresh()->delivered_today)->toBe(0); // НЕ инкремент
-
-    $duplicate = Deal::where('source_crm_id', 1000)->first();
-    expect($duplicate->duplicate_of_id)->toBe($master->id);
-});
-
-it('records error if supplier_project cannot be resolved (B1+SMS)', function (): void {
-    $lead = SupplierLead::factory()->create([
-        'platform' => 'B1',
-        'raw_payload' => ['vid' => 1, 'project' => 'B1_TINKOFF', 'phone' => '79991234567', 'time' => time()],
-    ]);
-    // B1 + parsed signal_type=sms → throws DomainException
-
-    expect(fn () => (new RouteSupplierLeadJob($lead->id))->handle(
-        app(\App\Services\LeadRouter::class),
-        app(\App\Services\SupplierProjects\SupplierProjectResolver::class),
-        app(\App\Services\DuplicateDetector::class),
-        app(\App\Services\NotificationService::class),
-    ))->toThrow(\DomainException::class);
-
-    // ... but лид сохранён, ошибка пишется через failed-callback (см. Step 2)
-});
-```
-
-⚠️ Третий тест (B1+SMS) сложен — `parseProjectField` должен возвращать signal_type. Реализация Step 2 ниже.
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\pest tests/Feature/Jobs/RouteSupplierLeadJobTest.php
-```
-
-Expected: FAIL (class not found).
-
-- [ ] **Step 2: Implement job**
-
-Файл `app/app/Jobs/RouteSupplierLeadJob.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Jobs;
-
-use App\Models\ActivityLog;
-use App\Models\BalanceTransaction;
-use App\Models\Deal;
-use App\Models\FailedWebhookJob;
-use App\Models\Project;
-use App\Models\SupplierLead;
-use App\Models\SupplierProject;
-use App\Models\Tenant;
-use App\Services\DuplicateDetector;
-use App\Services\LeadRouter;
-use App\Services\NotificationService;
-use App\Services\SupplierProjects\SupplierProjectResolver;
-use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Foundation\Queue\Queueable as FoundationQueueable;
-use Illuminate\Queue\InteractsWithQueue;
-use Illuminate\Queue\SerializesModels;
-use Illuminate\Support\Carbon;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Log;
-use RuntimeException;
-use Throwable;
-
-/**
- * Routing входящего supplier_lead к eligible Лидерра-проектам (sharing-model).
- *
- * Spec: docs/superpowers/specs/2026-05-10-supplier-integration-design.md §5–§6.
- *
- * Алгоритм:
- *   1. Загрузить SupplierLead по id.
- *   2. Распарсить raw_payload.project → (platform, signal_type, identifier).
- *   3. Резолв SupplierProject (resolveOrStub если не существует).
- *   4. LeadRouter::matchEligibleProjects → Collection<Project>.
- *   5. Для каждого Project — атомарно:
- *      - SET LOCAL app.current_tenant_id;
- *      - lock tenant;
- *      - создать Deal с source_crm_id=vid;
- *      - DuplicateDetector::findMaster → если найден master, помечаем duplicate_of_id (без charge/inc/notify);
- *      - иначе: balance--, delivered_today++, delivered_in_month++,
- *               BalanceTransaction, ActivityLog, NotificationService::notifyNewLead.
- *   6. Обновить SupplierLead.processed_at + deals_created_count.
- *
- * NB: Биллинг (LeadCharge с tier-snapshot) реализуется в Plan 4 — здесь только
- * existing balance_leads decrement (как в ProcessWebhookJob).
- */
-class RouteSupplierLeadJob implements ShouldQueue
-{
-    use FoundationQueueable;
-    use InteractsWithQueue;
-    use Queueable;
-    use SerializesModels;
-
-    public int $tries = 3;
-    public int $backoff = 60;
-    public int $timeout = 60;
-
-    public function __construct(public int $supplierLeadId) {}
-
-    public function handle(
-        LeadRouter $router,
-        SupplierProjectResolver $resolver,
-        DuplicateDetector $duplicateDetector,
-        NotificationService $notifier,
-    ): void {
-        $lead = SupplierLead::findOrFail($this->supplierLeadId);
-
-        [$platform, $signalType, $identifier] = $this->parseProjectField($lead->raw_payload['project'] ?? '');
-
-        $supplier = $resolver->resolveOrStub($platform, $signalType, $identifier);
-
-        $lead->update(['supplier_project_id' => $supplier->id]);
-
-        $matched = $router->matchEligibleProjects($supplier, $lead->phone);
-
-        $createdCount = 0;
-        foreach ($matched as $project) {
-            if ($this->createDealCopyForProject($lead, $project, $duplicateDetector, $notifier)) {
-                $createdCount++;
-            }
-        }
-
-        $lead->update([
-            'processed_at' => now(),
-            'deals_created_count' => $createdCount,
-        ]);
-    }
-
-    /**
-     * Парсит payload-строку `B1_vashinvestor.ru` или `B2_TINKOFF` (SMS) или `B1_79991234567` (call).
-     *
-     * @return array{0: string, 1: string, 2: string}  [platform, signal_type, identifier]
-     */
-    private function parseProjectField(string $project): array
-    {
-        if (! preg_match('/^(B[123])_(.+)$/', $project, $m)) {
-            throw new RuntimeException("Cannot parse project field: {$project}");
-        }
-        $platform = $m[1];
-        $rest = $m[2];
-
-        // Эвристика signal_type:
-        //   '7' + 10 digits → call
-        //   только домен → site
-        //   иначе → sms (sender или sender+keyword)
-        if (preg_match('/^7\d{10}$/', $rest)) {
-            $signalType = 'call';
-        } elseif (preg_match('/^[a-z0-9-]+(\.[a-z0-9-]+)+$/i', $rest)) {
-            $signalType = 'site';
-        } else {
-            $signalType = 'sms';
-        }
-
-        return [$platform, $signalType, $rest];
-    }
-
-    /**
-     * Создаёт deal-копию для одного Project, обрабатывает дубль.
-     *
-     * @return bool  true если создана не-дубль deal (charge применился);
-     *               false если дубль (без charge).
-     */
-    private function createDealCopyForProject(
-        SupplierLead $lead,
-        Project $project,
-        DuplicateDetector $duplicateDetector,
-        NotificationService $notifier,
-    ): bool {
-        return DB::transaction(function () use ($lead, $project, $duplicateDetector, $notifier): bool {
-            DB::statement("SET LOCAL app.current_tenant_id = '{$project->tenant_id}'");
-
-            $tenant = Tenant::query()
-                ->whereKey($project->tenant_id)
-                ->lockForUpdate()
-                ->firstOrFail();
-
-            $receivedAt = isset($lead->raw_payload['time'])
-                ? Carbon::createFromTimestamp((int) $lead->raw_payload['time'])
-                : $lead->received_at;
-
-            $deal = Deal::create([
-                'tenant_id' => $tenant->id,
-                'source_crm_id' => $lead->vid,
-                'project_id' => $project->id,
-                'phone' => $lead->phone,
-                'phones' => $lead->raw_payload['phones'] ?? [$lead->phone],
-                'status' => 'new',
-                'received_at' => $receivedAt,
-            ]);
-
-            $master = $duplicateDetector->findMaster(
-                tenantId: $tenant->id,
-                phone: $lead->phone,
-                now: $receivedAt,
-            );
-
-            if ($master !== null && $master->id !== $deal->id) {
-                $deal->update(['duplicate_of_id' => $master->id]);
-                ActivityLog::create([
-                    'tenant_id' => $tenant->id,
-                    'user_id' => null,
-                    'deal_id' => $deal->id,
-                    'event' => ActivityLog::EVENT_DEAL_CREATED,
-                    'context' => [
-                        'source' => 'supplier_webhook',
-                        'duplicate_of' => $master->id,
-                        'supplier_lead_id' => $lead->id,
-                    ],
-                    'created_at' => now(),
-                ]);
-                return false;
-            }
-
-            // Не-дубль: charge + increment + activity + notify
-            $tenant->decrement('balance_leads');
-            $tenant->refresh();
-
-            $project->increment('delivered_today');
-            $project->increment('delivered_in_month');
-
-            BalanceTransaction::create([
-                'tenant_id' => $tenant->id,
-                'type' => BalanceTransaction::TYPE_LEAD_CHARGE,
-                'amount_leads' => -1,
-                'balance_leads_after' => (int) $tenant->balance_leads,
-                'related_type' => Deal::class,
-                'related_id' => $deal->id,
-                'created_at' => now(),
-            ]);
-
-            ActivityLog::create([
-                'tenant_id' => $tenant->id,
-                'user_id' => null,
-                'deal_id' => $deal->id,
-                'event' => ActivityLog::EVENT_DEAL_CREATED,
-                'context' => [
-                    'source' => 'supplier_webhook',
-                    'supplier_lead_id' => $lead->id,
-                ],
-                'created_at' => now(),
-            ]);
-
-            $deal->setRelation('project', $project);
-            $notifier->notifyNewLead($tenant, $deal);
-
-            return true;
-        });
-    }
-
-    public function failed(Throwable $e): void
-    {
-        DB::table('failed_webhook_jobs')->insert([
-            'tenant_id' => null, // multi-tenant routing — не привязан к одному
-            'webhook_log_id' => null,
-            'raw_payload' => json_encode([
-                'supplier_lead_id' => $this->supplierLeadId,
-            ], JSON_UNESCAPED_UNICODE),
-            'exception' => $e->getMessage(),
-            'retry_count' => $this->tries,
-            'failed_at' => now(),
-        ]);
-
-        SupplierLead::query()
-            ->whereKey($this->supplierLeadId)
-            ->update(['error' => $e->getMessage()]);
-
-        Log::error('supplier_lead.routing_failed_permanently', [
-            'supplier_lead_id' => $this->supplierLeadId,
-            'exception' => $e->getMessage(),
-        ]);
-    }
-}
-```
-
-- [ ] **Step 3: Run test**
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\pest tests/Feature/Jobs/RouteSupplierLeadJobTest.php
-```
-
-Expected: PASS (4 tests).
-
-- [ ] **Step 4: Larastan check**
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\phpstan analyse
-```
-
-Expected: 0 errors.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/app/Jobs/RouteSupplierLeadJob.php app/tests/Feature/Jobs/RouteSupplierLeadJobTest.php
-git commit -m "$(cat <<'EOF'
-feat(jobs): RouteSupplierLeadJob — sharing-model deal-copies + charge per tenant
-
-Распределяет supplier_lead по eligible Liderra-проектам через LeadRouter.
-Для каждого: транзакция с SET LOCAL app.current_tenant_id, lockForUpdate,
-DuplicateDetector check, balance_leads--, delivered_today/month++,
-BalanceTransaction, ActivityLog, NotificationService::notifyNewLead.
-
-Spec §5-§6.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Task 6: SupplierWebhookController
-
-**Files:**
-
-- Create: `app/app/Http/Controllers/Api/SupplierWebhookController.php`
-- Create: `app/tests/Feature/Http/Webhook/SupplierWebhookTest.php`
-
-**Контекст:** HTTP-слой. Шаги:
-
-1. Сравнивает `{secret}` URL-segment с `system_settings.supplier_webhook_secret` через `hash_equals`. Несовпадение → **404** (не палим существование endpoint'а, как HMAC в legacy).
-2. Если `system_settings.supplier_ip_allowlist` непустой массив — проверяет `request.ip()` против него (поддержка CIDR через `IpUtils::checkIp`). Несовпадение → **404**.
-3. Валидирует payload: `vid:int>0`, `project:string max:255`, `phone:string regex 7XXXXXXXXXX`, `time:int>0`. Опциональные: `tag`, `phones[]`.
-4. INSERT в `supplier_leads` (raw_payload + vid + phone + platform parsed). UNIQUE на vid: при дубле возвращаем 200 OK без INSERT (idempotency).
-5. Dispatch `RouteSupplierLeadJob`.
-6. Возврат 202 с `supplier_lead_id`.
-
-⚠️ Для Plan 2 secret = `system_settings.supplier_webhook_secret`. Default placeholder `__SET_ON_DEPLOY__` отвергается hash_equals (не равен валидному secret) — так что dev-тесты сами SEED'ят валидный secret.
-
-- [ ] **Step 1: Failing test**
-
-Файл `app/tests/Feature/Http/Webhook/SupplierWebhookTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Project;
-use App\Models\SupplierLead;
-use App\Models\SupplierProject;
-use App\Models\SystemSetting;
-use App\Models\Tenant;
-use Illuminate\Support\Facades\Bus;
-use Illuminate\Support\Facades\DB;
-
-beforeEach(function (): void {
-    SystemSetting::query()->where('key', 'supplier_webhook_secret')->update(['value' => 'test-secret-32chars-aaaaaaaaaaaaaa']);
-    SystemSetting::query()->where('key', 'supplier_ip_allowlist')->update(['value' => '[]']);
-});
-
-it('returns 404 for invalid secret', function (): void {
-    $response = $this->postJson('/api/webhook/supplier/wrong-secret', [
-        'vid' => 1, 'project' => 'B1_test.ru', 'phone' => '79991234567', 'time' => time(),
-    ]);
-    $response->assertStatus(404);
-});
-
-it('returns 404 if IP not in allowlist (when allowlist non-empty)', function (): void {
-    SystemSetting::query()->where('key', 'supplier_ip_allowlist')
-        ->update(['value' => '["1.2.3.4", "10.0.0.0/24"]']);
-
-    $response = $this->withServerVariables(['REMOTE_ADDR' => '5.6.7.8'])
-        ->postJson('/api/webhook/supplier/test-secret-32chars-aaaaaaaaaaaaaa', [
-            'vid' => 1, 'project' => 'B1_test.ru', 'phone' => '79991234567', 'time' => time(),
-        ]);
-    $response->assertStatus(404);
-});
-
-it('passes IP allowlist when IP matches CIDR', function (): void {
-    SystemSetting::query()->where('key', 'supplier_ip_allowlist')
-        ->update(['value' => '["10.0.0.0/24"]']);
-    Bus::fake();
-
-    $response = $this->withServerVariables(['REMOTE_ADDR' => '10.0.0.50'])
-        ->postJson('/api/webhook/supplier/test-secret-32chars-aaaaaaaaaaaaaa', [
-            'vid' => 1, 'project' => 'B1_test.ru', 'phone' => '79991234567', 'time' => time(),
-        ]);
-    $response->assertStatus(202);
-});
-
-it('inserts supplier_lead row + dispatches RouteSupplierLeadJob', function (): void {
-    Bus::fake();
-
-    $response = $this->postJson('/api/webhook/supplier/test-secret-32chars-aaaaaaaaaaaaaa', [
-        'vid' => 432176649,
-        'project' => 'B1_vashinvestor.ru',
-        'tag' => 'Ваш инвестор',
-        'phone' => '79991234567',
-        'phones' => ['79991234567'],
-        'time' => 1703781939,
-    ]);
-
-    $response->assertStatus(202);
-    expect(SupplierLead::where('vid', 432176649)->exists())->toBeTrue();
-    Bus::assertDispatched(\App\Jobs\RouteSupplierLeadJob::class);
-});
-
-it('returns 200 OK on duplicate vid (idempotency)', function (): void {
-    SupplierLead::factory()->create(['vid' => 12345]);
-    Bus::fake();
-
-    $response = $this->postJson('/api/webhook/supplier/test-secret-32chars-aaaaaaaaaaaaaa', [
-        'vid' => 12345,
-        'project' => 'B1_test.ru',
-        'phone' => '79991234567',
-        'time' => time(),
-    ]);
-
-    $response->assertStatus(200);
-    expect(SupplierLead::where('vid', 12345)->count())->toBe(1);
-    Bus::assertNotDispatched(\App\Jobs\RouteSupplierLeadJob::class);
-});
-
-it('rejects invalid payload (missing vid) with 422', function (): void {
-    $response = $this->postJson('/api/webhook/supplier/test-secret-32chars-aaaaaaaaaaaaaa', [
-        'project' => 'B1_test.ru', 'phone' => '79991234567', 'time' => time(),
-    ]);
-    $response->assertStatus(422)->assertJsonValidationErrors('vid');
-});
-
-it('rejects invalid phone format (not 7XXXXXXXXXX) with 422', function (): void {
-    $response = $this->postJson('/api/webhook/supplier/test-secret-32chars-aaaaaaaaaaaaaa', [
-        'vid' => 1, 'project' => 'B1_test.ru', 'phone' => '89991234567', 'time' => time(),
-    ]);
-    $response->assertStatus(422);
-});
-
-it('rejects invalid project format (no B[123]_ prefix) with 422', function (): void {
-    $response = $this->postJson('/api/webhook/supplier/test-secret-32chars-aaaaaaaaaaaaaa', [
-        'vid' => 1, 'project' => 'invalid_format', 'phone' => '79991234567', 'time' => time(),
-    ]);
-    $response->assertStatus(422);
-});
-```
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\pest tests/Feature/Http/Webhook/SupplierWebhookTest.php
-```
-
-Expected: FAIL (route not found).
-
-- [ ] **Step 2: Implement controller**
-
-Файл `app/app/Http/Controllers/Api/SupplierWebhookController.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Http\Controllers\Api;
-
-use App\Http\Controllers\Controller;
-use App\Jobs\RouteSupplierLeadJob;
-use App\Models\SupplierLead;
-use App\Models\SystemSetting;
-use Illuminate\Http\JsonResponse;
-use Illuminate\Http\Request;
-use Illuminate\Support\Facades\DB;
-use Symfony\Component\HttpFoundation\IpUtils;
-
-/**
- * Платформенный endpoint для входящего stream'а лидов от crm.bp-gr.ru.
- *
- * URL: POST /api/webhook/supplier/{secret}
- *
- * Защита (defense-in-depth, spec §5.1):
- *   1. {secret} в URL — platform-wide токен (≥32 chars), хранится в
- *      system_settings.supplier_webhook_secret. hash_equals для сравнения.
- *   2. IP allowlist (system_settings.supplier_ip_allowlist) — JSON array IP/CIDR.
- *      Пустой массив = пропускать всех (DEV mode); на prod заполнить.
- *
- * Несовпадение secret OR IP → 404 (не палим существование endpoint'а).
- *
- * Идемпотентность: UNIQUE INDEX на supplier_leads.vid. При дубле возвращаем
- * 200 OK без re-dispatch (поставщик может ретранслировать одни и те же лиды).
- *
- * Backward-compat: legacy /api/webhook/{token} (per-tenant) живёт параллельно
- * на WebhookReceiveController — не пересекается.
- */
-class SupplierWebhookController extends Controller
-{
-    public function receive(Request $request, string $secret): JsonResponse
-    {
-        if (! $this->verifySecret($secret)) {
-            return response()->json(['message' => 'Not found.'], 404);
-        }
-
-        if (! $this->verifyIpAllowlist($request->ip())) {
-            return response()->json(['message' => 'Not found.'], 404);
-        }
-
-        $validated = $request->validate([
-            'vid' => 'required|integer|min:1',
-            'project' => ['required', 'string', 'max:255', 'regex:/^B[123]_.+$/'],
-            'phone' => ['required', 'string', 'regex:/^7\d{10}$/'],
-            'time' => 'required|integer|min:1',
-            'tag' => 'nullable|string|max:255',
-            'phones' => 'nullable|array',
-            'phones.*' => 'string|regex:/^7\d{10}$/',
-        ]);
-
-        // Idempotency: vid UNIQUE.
-        $existing = SupplierLead::query()->where('vid', $validated['vid'])->first();
-        if ($existing !== null) {
-            return response()->json([
-                'status' => 'already_processed',
-                'supplier_lead_id' => $existing->id,
-            ], 200);
-        }
-
-        $platform = $this->parsePlatform($validated['project']);
-
-        $lead = SupplierLead::create([
-            'platform' => $platform,
-            'raw_payload' => $validated,
-            'vid' => $validated['vid'],
-            'phone' => $validated['phone'],
-            'received_at' => now(),
-            'source' => 'webhook',
-        ]);
-
-        RouteSupplierLeadJob::dispatch($lead->id);
-
-        return response()->json([
-            'status' => 'accepted',
-            'supplier_lead_id' => $lead->id,
-        ], 202);
-    }
-
-    private function verifySecret(string $providedSecret): bool
-    {
-        $row = DB::table('system_settings')->where('key', 'supplier_webhook_secret')->first();
-        if ($row === null) {
-            return false;
-        }
-        $expected = (string) $row->value;
-        // Placeholder __SET_ON_DEPLOY__ всегда отвергаем (не валидный secret).
-        if ($expected === '__SET_ON_DEPLOY__' || strlen($expected) < 32) {
-            return false;
-        }
-
-        return hash_equals($expected, $providedSecret);
-    }
-
-    private function verifyIpAllowlist(string $clientIp): bool
-    {
-        $row = DB::table('system_settings')->where('key', 'supplier_ip_allowlist')->first();
-        if ($row === null) {
-            return true; // нет настройки = пропускаем (dev)
-        }
-        $list = json_decode((string) $row->value, true) ?: [];
-        if ($list === []) {
-            return true; // пустой массив = пропускаем (dev)
-        }
-
-        return IpUtils::checkIp($clientIp, $list);
-    }
-
-    private function parsePlatform(string $project): string
-    {
-        preg_match('/^(B[123])_/', $project, $m);
-
-        return $m[1] ?? 'B1';
-    }
-}
-```
-
-- [ ] **Step 3: Run test**
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\pest tests/Feature/Http/Webhook/SupplierWebhookTest.php
-```
-
-Expected: после Task 7 (route) — PASS (8 tests). На этом этапе — все 404 (no route), кроме того теста, что регистрировал маршрут. Возможен скип до Task 7 — но запустить можно.
-
-- [ ] **Step 4: Larastan**
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\phpstan analyse
-```
-
-Expected: 0 errors.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/app/Http/Controllers/Api/SupplierWebhookController.php app/tests/Feature/Http/Webhook/SupplierWebhookTest.php
-git commit -m "$(cat <<'EOF'
-feat(http): SupplierWebhookController — platform-wide /api/webhook/supplier/{secret}
-
-Defense-in-depth: secret (≥32 chars system_setting) + IP allowlist (CIDR).
-Несовпадение → 404. UNIQUE vid → 200 OK на дубль (idempotency).
-
-Spec §5.1.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Task 7: Register route + run all webhook tests
-
-**Files:**
-
-- Modify: `app/routes/web.php` (line ~127)
-
-- [ ] **Step 1: Edit `app/routes/web.php`**
-
-После строки `Route::post('/api/webhook/{token}', ...)` (legacy line ~126), **до** SPA-routes (line 137), добавить:
-
-```php
-// Supplier-integration webhook (Plan 2/5, spec §5.1).
-// Platform-wide endpoint: единый {secret} в URL для всех лидов от crm.bp-gr.ru.
-// Auth: secret (system_settings.supplier_webhook_secret) + IP allowlist
-// (system_settings.supplier_ip_allowlist). Не пересекается с legacy /api/webhook/{token}.
-Route::post('/api/webhook/supplier/{secret}', 'App\Http\Controllers\Api\SupplierWebhookController@receive')
-    ->where('secret', '[A-Za-z0-9_\-]+');
-```
-
-- [ ] **Step 2: Run webhook tests**
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\pest tests/Feature/Http/Webhook/
-```
-
-Expected: PASS (8 tests из SupplierWebhookTest). Если есть legacy webhook tests в той же директории — их тоже PASS (regression check).
-
-- [ ] **Step 3: Run full Pest**
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\pest
-```
-
-Expected: ≥510/508 (Plan 1 baseline 500/498 + новые ~10–14 тестов из Plan 2 Tasks 1–6).
-
-- [ ] **Step 4: Commit**
-
-```bash
-git add app/routes/web.php
-git commit -m "$(cat <<'EOF'
-feat(routes): register POST /api/webhook/supplier/{secret}
-
-Spec §5.1 supplier-webhook endpoint.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Task 8: End-to-end integration test
-
-**Files:**
-
-- Create: `app/tests/Feature/Integration/SupplierLeadFlowTest.php`
-
-**Контекст:** Полный сценарий «webhook → routing → N deals» в одном тесте без `Bus::fake()`. Проверяет, что HTTP+job совместно дают ожидаемый эффект на БД.
-
-- [ ] **Step 1: Write integration test**
-
-Файл `app/tests/Feature/Integration/SupplierLeadFlowTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Deal;
-use App\Models\Project;
-use App\Models\SupplierProject;
-use App\Models\SystemSetting;
-use App\Models\Tenant;
-use Illuminate\Support\Facades\DB;
-
-beforeEach(function (): void {
-    SystemSetting::query()->where('key', 'supplier_webhook_secret')
-        ->update(['value' => 'test-secret-32chars-aaaaaaaaaaaaaa']);
-});
-
-it('end-to-end: 1 webhook → 3 deal copies for 3 active tenants', function (): void {
-    // Setup: 1 supplier_project на сайт vashinvestor.ru / B1
-    $supplier = SupplierProject::factory()->create([
-        'platform' => 'B1',
-        'signal_type' => 'site',
-        'unique_key' => 'vashinvestor.ru',
-    ]);
-
-    // 3 активных tenant'а с проектом, привязанным к этому supplier_project
-    $tenants = collect();
-    $projects = collect();
-    for ($i = 0; $i < 3; $i++) {
-        $t = Tenant::factory()->create(['balance_leads' => 100]);
-        $tenants->push($t);
-        $projects->push(Project::factory()->create([
-            'tenant_id' => $t->id,
-            'supplier_b1_project_id' => $supplier->id,
-            'signal_type' => 'site',
-            'signal_identifier' => 'vashinvestor.ru',
-            'is_active' => true,
-            'delivered_today' => 0,
-            'delivered_in_month' => 0,
-            'delivery_days_mask' => 127,
-            'region_mask' => 255,
-            'region_mode' => 'include',
-            'daily_limit_target' => 10,
-            'effective_daily_limit_today' => null,
-        ]));
-    }
-
-    // 4-й tenant с paused проектом — НЕ должен получить лид
-    $pausedTenant = Tenant::factory()->create(['balance_leads' => 100]);
-    Project::factory()->create([
-        'tenant_id' => $pausedTenant->id,
-        'supplier_b1_project_id' => $supplier->id,
-        'is_active' => false, // ← paused
-    ]);
-
-    // Act: webhook
-    $vid = 432176649;
-    $response = $this->postJson('/api/webhook/supplier/test-secret-32chars-aaaaaaaaaaaaaa', [
-        'vid' => $vid,
-        'project' => 'B1_vashinvestor.ru',
-        'tag' => 'Ваш инвестор',
-        'phone' => '79991234567',
-        'phones' => ['79991234567'],
-        'time' => 1703781939,
-    ]);
-
-    $response->assertStatus(202);
-
-    // Assert: 3 deals created (по одной на активный tenant), paused — 0
-    foreach ($projects as $i => $project) {
-        $tenant = $tenants[$i];
-        DB::statement("SET LOCAL app.current_tenant_id = '{$tenant->id}'");
-
-        $deals = Deal::query()->where('source_crm_id', $vid)->get();
-        expect($deals)->toHaveCount(1, "tenant {$tenant->id} expected 1 deal copy");
-
-        $deal = $deals->first();
-        expect($deal->phone)->toBe('79991234567');
-        expect($deal->project_id)->toBe($project->id);
-        expect($deal->duplicate_of_id)->toBeNull(); // не дубль (нет master)
-
-        expect($tenant->fresh()->balance_leads)->toBe(99); // 100-1
-        expect($project->fresh()->delivered_today)->toBe(1);
-        expect($project->fresh()->delivered_in_month)->toBe(1);
-    }
-
-    // Paused tenant — 0 deals
-    DB::statement("SET LOCAL app.current_tenant_id = '{$pausedTenant->id}'");
-    expect(Deal::query()->where('source_crm_id', $vid)->count())->toBe(0);
-});
-
-it('end-to-end: lead orphan (no supplier_project / no tenants) — 0 deals, lead stored', function (): void {
-    $vid = 999_888_777;
-
-    $response = $this->postJson('/api/webhook/supplier/test-secret-32chars-aaaaaaaaaaaaaa', [
-        'vid' => $vid,
-        'project' => 'B1_orphan.ru',
-        'phone' => '79991234567',
-        'time' => time(),
-    ]);
-
-    $response->assertStatus(202);
-
-    $lead = \App\Models\SupplierLead::where('vid', $vid)->firstOrFail();
-    expect($lead->processed_at)->not->toBeNull();
-    expect($lead->deals_created_count)->toBe(0);
-    expect($lead->supplier_project_id)->not->toBeNull(); // resolveOrStub создаёт stub
-});
-```
-
-- [ ] **Step 2: Run E2E test**
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\pest tests/Feature/Integration/SupplierLeadFlowTest.php
-```
-
-Expected: PASS (2 tests). NB: тесты гоняют job синхронно через Laravel sync queue в test-env (default).
-
-- [ ] **Step 3: Commit**
-
-```bash
-git add app/tests/Feature/Integration/SupplierLeadFlowTest.php
-git commit -m "$(cat <<'EOF'
-test(integration): supplier webhook → N deals end-to-end (sharing-model)
-
-Полный сценарий: 1 webhook на B1_vashinvestor.ru → 3 deal-копии у 3 tenant'ов
-+ счётчики + balance. Paused tenant пропущен. Orphan supplier_project — stub.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Task 9: ResetDeliveredTodayCommand + cron schedule
-
-**Files:**
-
-- Create: `app/app/Console/Commands/ResetDeliveredTodayCommand.php`
-- Create: `app/tests/Feature/Console/ResetDeliveredTodayCommandTest.php`
-- Modify: `app/bootstrap/app.php` OR `app/routes/console.php` (зависит от существующего convention)
-
-**Контекст:** Spec §6.1 — cron в 00:00 МСК сбрасывает `delivered_today=0`. Простой UPDATE.
-
-- [ ] **Step 1: Failing test**
-
-Файл `app/tests/Feature/Console/ResetDeliveredTodayCommandTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Project;
-use App\Models\Tenant;
-use Illuminate\Support\Facades\DB;
-
-it('resets delivered_today to 0 across all tenants', function (): void {
-    DB::statement("SELECT set_config('app.current_tenant_id', '0', true)");
-
-    $t1 = Tenant::factory()->create();
-    $t2 = Tenant::factory()->create();
-
-    Project::factory()->create(['tenant_id' => $t1->id, 'delivered_today' => 5]);
-    Project::factory()->create(['tenant_id' => $t1->id, 'delivered_today' => 3]);
-    Project::factory()->create(['tenant_id' => $t2->id, 'delivered_today' => 10]);
-
-    $this->artisan('projects:reset-delivered-today')->assertSuccessful();
-
-    $allZero = DB::selectOne('SELECT COUNT(*) FILTER (WHERE delivered_today = 0) AS c, COUNT(*) AS total FROM projects');
-    expect($allZero->c)->toBe($allZero->total);
-});
-
-it('does not touch delivered_in_month', function (): void {
-    DB::statement("SELECT set_config('app.current_tenant_id', '0', true)");
-    $t = Tenant::factory()->create();
-    Project::factory()->create([
-        'tenant_id' => $t->id,
-        'delivered_today' => 5,
-        'delivered_in_month' => 50,
-    ]);
-
-    $this->artisan('projects:reset-delivered-today')->assertSuccessful();
-
-    $row = DB::selectOne('SELECT delivered_today, delivered_in_month FROM projects LIMIT 1');
-    expect($row->delivered_today)->toBe(0);
-    expect($row->delivered_in_month)->toBe(50);
-});
-```
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\pest tests/Feature/Console/ResetDeliveredTodayCommandTest.php
-```
-
-Expected: FAIL (command not found).
-
-- [ ] **Step 2: Implement command**
-
-Файл `app/app/Console/Commands/ResetDeliveredTodayCommand.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Console\Commands;
-
-use Illuminate\Console\Command;
-use Illuminate\Support\Facades\DB;
-
-/**
- * Сброс projects.delivered_today в 0 для всех tenant'ов.
- *
- * Spec: docs/superpowers/specs/2026-05-10-supplier-integration-design.md §6.1.
- * Расписание: каждый день в 00:00 МСК (timezone Europe/Moscow).
- *
- * NB: tenant-scoped запрос без RLS работает на elevated роли (postgres dev,
- * service-account на prod) — UPDATE проходит на все tenant'ы одновременно.
- */
-class ResetDeliveredTodayCommand extends Command
-{
-    protected $signature = 'projects:reset-delivered-today';
-
-    protected $description = 'Сброс projects.delivered_today=0 (00:00 МСК cron, spec §6.1)';
-
-    public function handle(): int
-    {
-        $affected = DB::update('UPDATE projects SET delivered_today = 0 WHERE delivered_today <> 0');
-
-        $this->info("Reset delivered_today on {$affected} project(s).");
-
-        return self::SUCCESS;
-    }
-}
-```
-
-- [ ] **Step 3: Register schedule**
-
-⚠️ **Сначала проверить convention.** Laravel 11+ default — schedule в `bootstrap/app.php` через `->withSchedule(function (Schedule $schedule) { ... })`. Если в `app/bootstrap/app.php` уже есть `withSchedule` — добавить туда. Иначе — в `app/routes/console.php` через facade `Schedule::command(...)`.
-
-Run:
-
-```powershell
-cd app; grep -n "withSchedule\|Schedule::" bootstrap/app.php routes/console.php
-```
-
-Если в `bootstrap/app.php` — паттерн:
-
-```php
-->withSchedule(function (\Illuminate\Console\Scheduling\Schedule $schedule): void {
-    $schedule->command('projects:reset-delivered-today')
-        ->dailyAt('00:00')
-        ->timezone('Europe/Moscow')
-        ->withoutOverlapping();
-})
-```
-
-Если в `routes/console.php` — паттерн:
-
-```php
-use Illuminate\Support\Facades\Schedule;
-
-Schedule::command('projects:reset-delivered-today')
-    ->dailyAt('00:00')
-    ->timezone('Europe/Moscow')
-    ->withoutOverlapping();
-```
-
-- [ ] **Step 4: Verify command shows in schedule:list**
-
-Run:
-
-```powershell
-cd app; .\artisan schedule:list
-```
-
-Expected: видим `projects:reset-delivered-today` в расписании daily 00:00 (Europe/Moscow).
-
-- [ ] **Step 5: Run tests**
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\pest tests/Feature/Console/ResetDeliveredTodayCommandTest.php
-```
-
-Expected: PASS (2 tests).
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/app/Console/Commands/ResetDeliveredTodayCommand.php app/tests/Feature/Console/ResetDeliveredTodayCommandTest.php app/bootstrap/app.php app/routes/console.php
-git commit -m "$(cat <<'EOF'
-feat(commands): projects:reset-delivered-today (00:00 МСК cron)
-
-Spec §6.1: ежедневный сброс projects.delivered_today=0.
-delivered_in_month НЕ трогаем (это месячный счётчик, Plan 4 cron).
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Task 10: Comprehensive Verification Gate (CV)
-
-**Files:** none (verification commands).
-
-Запустить все проверки последовательно. Все должны быть green.
-
-- [ ] **CV.1: pgFormatter — schema.sql**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация"; npm run format:sql:check
-```
-
-Expected: 0 diff.
-
-- [ ] **CV.2: squawk — schema.sql**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация"; .\bin\squawk.exe db/schema.sql
-```
-
-Expected: 0 issues.
-
-- [ ] **CV.3: cspell + markdownlint — все .md изменения**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация"; npm run lint:md; npm run spell
-```
-
-Expected: 0 issues. Если cspell ловит technical terms — добавить в `app/cspell-words.txt` (project convention).
-
-- [ ] **CV.4: lychee — links**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация"; npm run links
-```
-
-Expected: 0 broken links.
-
-- [ ] **CV.5: Larastan — PHP static analysis**
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\phpstan analyse
-```
-
-Expected: 0 errors (Plan 1 baseline сохранён).
-
-- [ ] **CV.6: Pint — PHP formatting**
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\pint --test
-```
-
-Expected: 0 changes.
-
-- [ ] **CV.7: Pest full suite**
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\pest --parallel=4
-```
-
-Expected: 510+ passed (Plan 1 baseline 500/498 + Plan 2 ~14 новых: 5 schema + 4 SupplierLead + 9 PhonePrefix + 9 LeadRouter + 4 RouteJob + 8 controller + 2 E2E + 2 reset cmd ≈ 43 новых, → ~543/541).
-
-⚠️ Если падают transient connection failures (Plan 1 learning #16) на параллели — retry; не блокер.
-
-- [ ] **CV.8: migrate:fresh — testing DB**
-
-Run:
-
-```powershell
-cd app
-$env:DB_DATABASE = 'liderra_testing'
-.\artisan migrate:fresh --env=testing
-```
-
-Expected: успешно (0 ошибок). Schema v8.18 разворачивается за <2 сек.
-
-- [ ] **CV.9: ide-helper:models — re-generate**
-
-Run:
-
-```powershell
-cd app; .\artisan ide-helper:models -W -M -N
-```
-
-Expected: `_ide_helper_models.php` обновлён, все модели включая `SupplierLead`.
-
-- [ ] **CV.10: gitleaks — secrets scan**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация"; .\bin\gitleaks.exe detect --no-git
-```
-
-Expected: 0 leaks. (Тестовый secret `test-secret-32chars-aaaaaaaaaaaaaa` — допустим в test-files; если gitleaks ругается — добавить в allowlist.)
-
-- [ ] **CV.11: Code-reviewer subagent (parallel)**
-
-Запустить через `Agent` tool с двумя subagent'ами:
-
-```
-Subagent 1 (general-purpose):
-  Audit Plan 2 implementation (commits since 001d781) for:
-  - Logic errors / off-by-one / typos in DDL и PHP
-  - Race conditions в RouteSupplierLeadJob (lockForUpdate sufficient?)
-  - RLS bypass concerns (LeadRouter без SET LOCAL — корректно для sharing?)
-  - SQL injection / XSS surfaces в SupplierWebhookController
-  - Idempotency edge cases (UNIQUE vid, retry behavior)
-  Report: BLOCKER/WARN/NIT (как Plan 1).
-
-Subagent 2 (Explore):
-  Cross-check spec §5–§6 vs implementation. Перечислить конкретные строки spec'а
-  и какой файл/функция их реализует. Найти gaps.
-```
-
-Expected: либо clean, либо findings → закрыть как Plan 1 closure (BLOCKER → fix перед merge, WARN → judge case-by-case, NIT → defer to Plan 3 NOTES).
-
-- [ ] **CV.12: route:list verification**
-
-Run:
-
-```powershell
-cd app; .\artisan route:list --path=webhook
-```
-
-Expected: 2 webhook routes:
-
-- POST `/api/webhook/{token}` (legacy)
-- POST `/api/webhook/supplier/{secret}` (new)
-
-- [ ] **CV.13: schedule:list verification**
-
-Run:
-
-```powershell
-cd app; .\artisan schedule:list
-```
-
-Expected: видим `projects:reset-delivered-today` daily 00:00 Europe/Moscow.
-
-- [ ] **CV.14: dependency cycle check**
-
-Run:
-
-```powershell
-cd app; .\vendor\bin\phpstan analyse --error-format=table | Select-String -Pattern "circular"
-```
-
-Expected: 0 циклов.
-
----
-
-## Task 11: Update memory + final commit + push
-
-- [ ] **Step 1: Update `memory/project_supplier_integration.md`**
-
-Изменить статус Plan 2: `pending` → `✅ DONE`. Добавить раздел «Plan 2 итоги» с метриками (commits, tests added, schema bump). Если по результатам code-review subagent'а в CV.11 нашлись WARN/NIT для Plan 3 NOTES — записать в `## Что в плане 3 ... использовать` секцию.
-
-- [ ] **Step 2: Update `memory/project_state.md`**
-
-Schema v8.17 → **v8.18**. Pest count → **543/541**. HEAD origin/main → новый SHA после FF-merge. Plan 2 fully merged.
-
-- [ ] **Step 3: Run lefthook pre-commit + pre-push (через actual commit)**
-
-```bash
-git add memory/*.md
-git commit -m "$(cat <<'EOF'
-chore(memory): close Plan 2/5 (Webhook + Sharing Routing)
-
-Schema v8.18, Pest 543/541, +43 новых теста, 11 commits.
-HEAD origin/main = <SHA>.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
-- [ ] **Step 4: Push to remote**
-
-⚠️ Если работа велась в feature-branch — FF-merge в main как Plan 1. Если в main — push сразу.
-
-```bash
-git push origin main
-```
-
-Expected: pre-push lefthook (gitleaks-full-history + lychee) PASS, push successful.
-
-- [ ] **Step 5: Verify GitHub state**
-
-Run:
-
-```bash
-git ls-remote origin HEAD
-```
-
-Expected: SHA совпадает с локальным `git rev-parse HEAD`.
-
----
-
-## Self-review checklist
-
-Spec coverage (галки только если соответствующая Task реализует):
-
-- [x] §5.1 webhook receive (IP allowlist + secret + payload parse) — Task 6
-- [x] §5.1 INSERT supplier_leads + RouteLead dispatch — Task 1, 5, 6
-- [x] §5.1 secret защита (≥32 chars + hash_equals) — Task 6
-- [x] §5.1 IP allowlist (CIDR через IpUtils) — Task 6
-- [x] §5.1 невалид → 404 (не палим endpoint) — Task 6
-- [x] §5.2 CSV reconciliation — **DEFERRED** в Plan 4 (нужны Playwright/HTTP-клиент infrastructure из Plan 3)
-- [x] §6 step 1 SupplierProject lookup — Task 5 (resolveOrStub)
-- [x] §6 step 2 регион определяем по DEF-кодам — Task 3 (PhonePrefixService MVP)
-- [x] §6 step 3 фильтры (active/workdays/quota/region) — Task 4 (LeadRouter)
-- [x] §6 step 4 сортировка created_at ASC — Task 4
-- [x] §6 step 5 deal copy + counter inc + balance dec + notify — Task 5
-- [x] §6 step 6 sharing N deals — Task 5
-- [x] §6 step 7 пропускаем превышенных — Task 4
-- [x] §6.1 cron 00:00 reset delivered_today — Task 9
-- [ ] §6 step 5 «Списываем по текущей ступени pricing_tiers» — **DEFERRED в Plan 4** (Plan 2 использует existing balance_leads decrement)
-- [x] Биз-19 дедуп по phone (24ч окно) — Task 5
-
-Placeholder scan: TODO/TBD/«implement later» — нет (только в spec §10 Open Questions, исторические).
-
-Type consistency: `SupplierLead`, `SupplierProject::scopeForSignal`, `LeadRouter::matchEligibleProjects`, `RouteSupplierLeadJob::handle(LeadRouter, ...)` — все типы согласованы.
-
----
-
-## Execution Handoff
-
-Plan complete and saved to `docs/superpowers/plans/2026-05-10-supplier-webhook-routing-plan.md`.
-
-**Two execution options:**
-
-1. **Subagent-Driven (recommended)** — fresh subagent per task + 2-stage review между.
-2. **Inline Execution** — гонит таски в текущей сессии через `superpowers:executing-plans`.
-
-**Which approach?**
diff --git a/docs/superpowers/plans/2026-05-11-plan4-billing-csv-admin-plan.md b/docs/superpowers/plans/2026-05-11-plan4-billing-csv-admin-plan.md
deleted file mode 100644
index 8945635..0000000
--- a/docs/superpowers/plans/2026-05-11-plan4-billing-csv-admin-plan.md
+++ /dev/null
@@ -1,4634 +0,0 @@
-# Plan 4 (Billing + CSV Reconcile + Admin) Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Активировать ступенчатый биллинг клиентов Лидерры (pricing_tiers / lead_charges никем не читались/писались), закрыть TODO «Биллинг per Plan 4» в [RouteSupplierLeadJob.php:48](../../app/app/Jobs/RouteSupplierLeadJob.php#L48); реализовать резервный CSV-канал приёма лидов через `/admin/report/index?type=49` поставщика; собрать Admin UI (2 SaaS-admin страницы + 1 tab в существующем BillingView).
-
-**Architecture:** 12 Tasks в 3 фазах. Фаза I — Billing core (Tasks 1–4): schema delta v8.18→v8.19, PricingTierResolver (pure), LedgerService с dual-balance prepaid-first логикой, integration в RouteSupplierLeadJob. Фаза II — Operations (Tasks 5–8): monthly reset cron, auto-pause flow с email rate-limit, CSV reconcile через расширение SupplierPortalClient + новый CsvReconcileJob hourly. Фаза III — UI (Tasks 9–12): pricing-tiers editor, supplier-prices editor, tenant ChargesTab + CSV export, финальная verification.
-
-**Tech Stack:** PHP 8.3, Laravel 13.7, Pest 4, PostgreSQL 16 (`pgsql_supplier` BYPASSRLS connection из Plan 3 `7899071`), Redis 7 (Memurai на dev), Vue 3 + Vuetify 3, Vitest 4, Histoire 1.0-beta, OpenSpout (CSV streaming), bcmath (денежные сравнения), Unisender Go (email алерты).
-
-**Parent spec:** [2026-05-11-plan4-billing-csv-admin-design.md](../specs/2026-05-11-plan4-billing-csv-admin-design.md) (commit `901cf98`).
-**Inherits from:** Plan 1 Foundation `001d781` + Plan 2 Webhook+Routing `d5aa972` + Plan 2.5 hotfix `c1ae195`+`1ba1df8` + Plan 2.6 cleanup `7899071` + Plan 3 Supplier Sync `734b0ab`.
-
----
-
-## Карта файлов
-
-| Файл | Действие | Назначение | Task |
-|---|---|---|---|
-| [db/schema.sql](../../db/schema.sql) | Modify | +1 таблица supplier_csv_reconcile_log, +3 колонки, +3 индекса, +2 CHECK, bump v8.18→v8.19 | 1 |
-| [db/CHANGELOG_schema.md](../../db/CHANGELOG_schema.md) | Modify | Запись v8.19 | 1 |
-| [db/02_grants.sql](../../db/02_grants.sql) | Modify | +GRANT для supplier_csv_reconcile_log | 1 |
-| `app/database/seeders/PricingTierSeeder.php` | Create | 7 дефолтных ступеней (effective_from='1970-01-01') | 1 |
-| `app/database/seeders/DatabaseSeeder.php` | Modify | Подключить PricingTierSeeder | 1 |
-| `app/app/Models/Tenant.php` | Modify | +`delivered_in_month` в `$fillable` + `casts` | 1 |
-| `app/app/Models/LeadCharge.php` | Modify | +`charge_source` в `$fillable` + cast | 1 |
-| `app/app/Models/SupplierLead.php` | Modify | +`recovered_from_csv_at` в `$fillable` + cast | 1 |
-| `app/database/factories/LeadChargeFactory.php` | Modify | +`charge_source='rub'` дефолт | 1 |
-| `app/tests/Feature/Plan4/Schema/SchemaDeltaTest.php` | Create | Тесты: 4 новых колонки/таблица существуют, CHECK работает, idempotent fresh | 1 |
-| `app/app/Services/Billing/PricingTierResolver.php` | Create | Pure resolver: «в какую ступень попадает N-й лид» | 2 |
-| `app/tests/Unit/Billing/PricingTierResolverTest.php` | Create | 7 unit-тестов на math distribution | 2 |
-| `app/app/Repositories/PricingTierRepository.php` | Create | DB-обёртка для `current()` ступеней | 2 |
-| `app/tests/Feature/Billing/PricingTierRepositoryTest.php` | Create | 4 integration-теста (active/scheduled/empty) | 2 |
-| `app/app/Exceptions/Billing/InsufficientBalanceException.php` | Create | DTO-exception с priceKopecks/balanceRub/balanceLeads | 3 |
-| `app/app/Services/Billing/ChargeResult.php` | Create | Read-only DTO (source, tier, priceKopecks) | 3 |
-| `app/app/Services/Billing/LedgerService.php` | Create | chargeForDelivery: dual-balance flow + lead_charges/supplier_lead_costs/balance_transactions INSERT | 3 |
-| `app/tests/Feature/Billing/LedgerServiceTest.php` | Create | 6 integration-тестов на charge-flow | 3 |
-| [app/app/Jobs/RouteSupplierLeadJob.php](../../app/app/Jobs/RouteSupplierLeadJob.php) | Modify | Заменить строки 265-279 на LedgerService::chargeForDelivery + try/catch InsufficientBalance | 4 |
-| `app/tests/Feature/Supplier/RouteSupplierLeadJobBillingTest.php` | Create | 4 E2E теста sharing-flow с биллингом | 4 |
-| `app/app/Console/Commands/ResetMonthlyCountersCommand.php` | Create | `projects:reset-monthly` для tenants + projects | 5 |
-| `app/routes/console.php` | Modify | +Schedule monthlyOn(1, '00:00') Europe/Moscow | 5 |
-| `app/tests/Feature/Console/ResetMonthlyCountersCommandTest.php` | Create | 4 теста idempotency + schedule введён | 5 |
-| `app/app/Mail/ZeroBalancePausedMail.php` | Create | Mailable для алерта о паузе проекта | 6 |
-| `app/resources/views/emails/zero_balance_paused.blade.php` | Create | Blade-шаблон email на русском | 6 |
-| `app/app/Services/NotificationService.php` | Modify | +`notifyZeroBalance(Tenant, Project)` метод | 6 |
-| [app/app/Jobs/RouteSupplierLeadJob.php](../../app/app/Jobs/RouteSupplierLeadJob.php) | Modify | +`handleInsufficientBalance` private method | 6 |
-| `app/tests/Feature/Supplier/AutoPauseFlowTest.php` | Create | 5 тестов: pause + email + rate-limit + isolation | 6 |
-| `app/app/Services/Supplier/SupplierCsvParser.php` | Create | Streaming-generator CSV parser | 7 |
-| `app/tests/Unit/Supplier/SupplierCsvParserTest.php` | Create | 5 unit-тестов (empty/1row/1000rows/malformed/BOM) | 7 |
-| [app/app/Services/Supplier/SupplierPortalClient.php](../../app/app/Services/Supplier/SupplierPortalClient.php) | Modify | +`downloadLeadsCsv` метод | 7 |
-| `app/tests/Unit/Supplier/SupplierPortalClientCsvTest.php` | Create | 3 теста через Http::fake | 7 |
-| `app/app/Jobs/Supplier/CsvReconcileJob.php` | Create | Hourly CSV reconcile + drift alert | 8 |
-| `app/app/Mail/CsvDriftAlertMail.php` | Create | Mailable для алерта drift > 5% | 8 |
-| `app/resources/views/emails/csv_drift_alert.blade.php` | Create | Blade-шаблон email на русском | 8 |
-| `app/routes/console.php` | Modify | +Schedule::job(new CsvReconcileJob)->hourly() | 8 |
-| `app/tests/Feature/Supplier/CsvReconcileJobTest.php` | Create | 6 integration-тестов + drift threshold | 8 |
-| `app/app/Http/Controllers/Api/AdminPricingTiersController.php` | Create | GET/POST/DELETE pricing-tiers CRUD | 9 |
-| [app/routes/web.php](../../app/routes/web.php) | Modify | +Route prefix `/api/admin/pricing-tiers` | 9 |
-| `app/tests/Feature/Admin/AdminPricingTiersControllerTest.php` | Create | 8 тестов (index/store/validate/delete) | 9 |
-| `app/resources/js/views/admin/AdminPricingTiersView.vue` | Create | Vue 3 страница: 7-tier editor | 9 |
-| `app/resources/js/views/admin/AdminPricingTiersView.story.vue` | Create | 4 Histoire variants | 9 |
-| `app/resources/js/router/index.ts` | Modify | +route `/admin/pricing-tiers` | 9 |
-| `app/tests/Vitest/views/admin/AdminPricingTiersView.spec.ts` | Create | 5 Vitest-тестов | 9 |
-| `app/app/Http/Controllers/Api/AdminSuppliersController.php` | Create | GET/PATCH suppliers (B1/B2/B3) | 10 |
-| [app/routes/web.php](../../app/routes/web.php) | Modify | +Route `/api/admin/suppliers` | 10 |
-| `app/tests/Feature/Admin/AdminSuppliersControllerTest.php` | Create | 4 теста | 10 |
-| `app/resources/js/views/admin/AdminSupplierPricesView.vue` | Create | Vue 3 страница: B1/B2/B3 editor | 10 |
-| `app/resources/js/views/admin/AdminSupplierPricesView.story.vue` | Create | 2 Histoire variants | 10 |
-| `app/resources/js/router/index.ts` | Modify | +route `/admin/supplier-prices` | 10 |
-| `app/tests/Vitest/views/admin/AdminSupplierPricesView.spec.ts` | Create | 3 Vitest-теста | 10 |
-| `app/app/Http/Controllers/Api/TenantChargesController.php` | Create | GET (paginated) + POST export CSV | 11 |
-| [app/routes/web.php](../../app/routes/web.php) | Modify | +Route `/api/billing/charges` | 11 |
-| `app/tests/Feature/Billing/TenantChargesControllerTest.php` | Create | 6 тестов (RLS isolation + pagination + filter + export) | 11 |
-| `app/resources/js/views/billing/ChargesTab.vue` | Create | Vue компонент для tab «Списания» | 11 |
-| `app/resources/js/views/billing/ChargesTab.story.vue` | Create | 3 Histoire variants | 11 |
-| `app/resources/js/views/BillingView.vue` | Modify | Добавить ChargesTab внутри `<v-tabs>` | 11 |
-| `app/tests/Vitest/views/billing/ChargesTab.spec.ts` | Create | 4 Vitest-теста | 11 |
-| All test runs / CV.1–14 verification | Verify | Финальная проверка перед FF-merge | 12 |
-| [CLAUDE.md](../../CLAUDE.md) | Modify | §0 schema → v8.19; §6 фаза → Plan 4 closure (через claude-md-management) | 12 |
-| [docs/Открытые_вопросы_v8_3.md](../../Открытые_вопросы_v8_3.md) | Modify | +7 новых `Биз-*` (см. §7.6 spec'а) | 12 |
-
----
-
-## Task 1: Schema delta v8.18 → v8.19 + models/factory/seeder updates
-
-**Files:**
-
-- Modify: [db/schema.sql](../../db/schema.sql) (4 правки: tenants column, lead_charges column+check, supplier_leads column, supplier_csv_reconcile_log table)
-- Modify: [db/CHANGELOG_schema.md](../../db/CHANGELOG_schema.md)
-- Modify: [db/02_grants.sql](../../db/02_grants.sql)
-- Modify: `app/app/Models/Tenant.php`
-- Modify: `app/app/Models/LeadCharge.php`
-- Modify: `app/app/Models/SupplierLead.php`
-- Modify: `app/database/factories/LeadChargeFactory.php`
-- Create: `app/database/seeders/PricingTierSeeder.php`
-- Modify: `app/database/seeders/DatabaseSeeder.php`
-- Create: `app/tests/Feature/Plan4/Schema/SchemaDeltaTest.php`
-
-- [ ] **Step 1: Написать failing schema-delta test**
-
-```php
-<?php
-// app/tests/Feature/Plan4/Schema/SchemaDeltaTest.php
-
-declare(strict_types=1);
-
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Schema;
-
-uses(\Tests\TestCase::class);
-
-it('tenants table has delivered_in_month column with CHECK >= 0', function () {
-    expect(Schema::hasColumn('tenants', 'delivered_in_month'))->toBeTrue();
-
-    DB::table('tenants')->where('id', '<', 0)->update(['delivered_in_month' => 5]); // no-op
-    expect(fn () => DB::statement(
-        "INSERT INTO tenants (subdomain, organization_name, contact_email, webhook_token, delivered_in_month) ".
-        "VALUES ('t-neg-test', 'X', 'x@x', 'wtok-neg-test-99999999', -1)"
-    ))->toThrow(\Illuminate\Database\QueryException::class);
-});
-
-it('lead_charges table has charge_source column with CHECK on prepaid=zero-price', function () {
-    expect(Schema::hasColumn('lead_charges', 'charge_source'))->toBeTrue();
-
-    // Дефолтное значение 'rub' — проверяем через DEFAULT-инсерт.
-    $tenant = \App\Models\Tenant::factory()->create();
-    $deal = \App\Models\Deal::factory()->create(['tenant_id' => $tenant->id]);
-
-    // 'prepaid' + price > 0 → CHECK fails
-    expect(fn () => DB::table('lead_charges')->insert([
-        'tenant_id' => $tenant->id,
-        'deal_id' => $deal->id,
-        'deal_received_at' => $deal->received_at,
-        'tier_no' => 1,
-        'price_per_lead_kopecks' => 50000,
-        'charge_source' => 'prepaid',
-        'charged_at' => now(),
-        'created_at' => now(),
-    ]))->toThrow(\Illuminate\Database\QueryException::class);
-});
-
-it('supplier_leads table has recovered_from_csv_at column', function () {
-    expect(Schema::hasColumn('supplier_leads', 'recovered_from_csv_at'))->toBeTrue();
-});
-
-it('supplier_csv_reconcile_log table exists with required columns and status CHECK', function () {
-    expect(Schema::hasTable('supplier_csv_reconcile_log'))->toBeTrue();
-    expect(Schema::hasColumns('supplier_csv_reconcile_log', [
-        'id', 'started_at', 'finished_at', 'window_start', 'window_end',
-        'total_csv_rows', 'matched_count', 'recovered_count', 'drift_ratio',
-        'status', 'error_message', 'alert_email_sent_at', 'created_at',
-    ]))->toBeTrue();
-
-    // CHECK на status
-    expect(fn () => DB::table('supplier_csv_reconcile_log')->insert([
-        'started_at' => now(),
-        'window_start' => now()->subDay(),
-        'window_end' => now(),
-        'status' => 'unknown_status',
-    ]))->toThrow(\Illuminate\Database\QueryException::class);
-});
-
-it('migrate:fresh is idempotent — re-run produces same metrics', function () {
-    $beforeTables = count(DB::select("SELECT tablename FROM pg_tables WHERE schemaname='public'"));
-
-    \Illuminate\Support\Facades\Artisan::call('migrate:fresh', ['--database' => 'pgsql', '--force' => true]);
-
-    $afterTables = count(DB::select("SELECT tablename FROM pg_tables WHERE schemaname='public'"));
-    expect($afterTables)->toBe($beforeTables);
-});
-```
-
-- [ ] **Step 2: Запустить тест — должен FAIL (`supplier_csv_reconcile_log` отсутствует, колонок нет)**
-
-```bash
-cd app && ./vendor/bin/pest --filter=SchemaDeltaTest tests/Feature/Plan4/Schema/SchemaDeltaTest.php
-```
-
-Expected output: 4 FAIL ("table/column does not exist"), 1 может PASS (migrate:fresh idempotent).
-
-- [ ] **Step 3: Применить schema-патчи**
-
-Открыть [db/schema.sql](../../db/schema.sql) и внести 4 правки:
-
-**3a. Bump version header** (строка ~7):
-
-```diff
-- -- Базовая версия: v8.18 (10.05.2026 — Plan 2/5 webhook+routing: supplier_leads + projects.delivered_today + 2 system_settings seed)
-+ -- Базовая версия: v8.19 (2026-05-11 — Plan 4 billing+csv+admin: tenants.delivered_in_month, lead_charges.charge_source + CHECK, supplier_leads.recovered_from_csv_at, supplier_csv_reconcile_log)
-```
-
-**3b. tenants.delivered_in_month** — добавить после строки 644 (`desired_daily_numbers`):
-
-```sql
-    -- v8.19 (Plan 4): месячный счётчик доставленных лидов per-tenant.
-    -- Сбрасывается ResetMonthlyCountersCommand 1-го числа в 00:00 МСК (Europe/Moscow).
-    -- Используется PricingTierResolver на горячем пути RouteSupplierLeadJob
-    -- для O(1) lookup'а текущей ступени тарифа.
-    delivered_in_month  INT NOT NULL DEFAULT 0
-                        CHECK (delivered_in_month >= 0),
-```
-
-**3c. lead_charges.charge_source + CHECK** — внутри `CREATE TABLE lead_charges` (~строка 1001), добавить после `price_per_lead_kopecks` (~строка 1007) и перед `charged_at`:
-
-```sql
-    charge_source            VARCHAR(8) NOT NULL DEFAULT 'rub'
-        CHECK (charge_source IN ('prepaid','rub')),
-```
-
-И добавить дополнительный CHECK после CREATE TABLE block перед `CREATE INDEX`:
-
-```sql
-ALTER TABLE lead_charges
-    ADD CONSTRAINT chk_lead_charges_prepaid_zero_price
-    CHECK (charge_source = 'rub' OR price_per_lead_kopecks = 0);
-```
-
-**3d. supplier_leads.recovered_from_csv_at** — внутри `CREATE TABLE supplier_leads` (Plan 2, ~строка 1840+, нужно грепнуть точное место), добавить после `processed_at`:
-
-```bash
-grep -n "CREATE TABLE supplier_leads" db/schema.sql
-grep -n "processed_at" db/schema.sql | head -5
-```
-
-Добавить колонку:
-
-```sql
-    -- v8.19 (Plan 4 CSV reconcile): NULL для лидов из webhook (основной канал).
-    -- Заполняется CsvReconcileJob при восстановлении лида, пропущенного webhook'ом.
-    recovered_from_csv_at  TIMESTAMPTZ,
-```
-
-И partial index после CREATE TABLE block:
-
-```sql
-CREATE INDEX supplier_leads_recovered_from_csv_partial
-    ON supplier_leads(recovered_from_csv_at)
-    WHERE recovered_from_csv_at IS NOT NULL;
-```
-
-**3e. supplier_csv_reconcile_log** — новая секция после блока `CREATE TABLE supplier_sync_log` (Plan 3, ~строка 1140; грепнуть точное место):
-
-```bash
-grep -n "CREATE TABLE supplier_sync_log\b" db/schema.sql
-```
-
-Добавить ПОСЛЕ закрывающей `);` и его индексов:
-
-```sql
-
--- -----------------------------------------------------------------------------
--- supplier_csv_reconcile_log — журнал hourly CSV reconciliation (v8.19, Plan 4)
--- -----------------------------------------------------------------------------
--- SaaS-level (не tenant-scoped), без RLS. Аналог supplier_sync_log.
--- CsvReconcileJob записывает 1 строку на hourly run: started_at, окно,
--- метрики, drift_ratio. drift > 5% → email алерт; alert_email_sent_at timestamp.
--- Spec: docs/superpowers/specs/2026-05-11-plan4-billing-csv-admin-design.md §5.3
--- -----------------------------------------------------------------------------
-CREATE TABLE supplier_csv_reconcile_log (
-    id                   BIGSERIAL PRIMARY KEY,
-    started_at           TIMESTAMPTZ NOT NULL,
-    finished_at          TIMESTAMPTZ,
-    window_start         TIMESTAMPTZ NOT NULL,
-    window_end           TIMESTAMPTZ NOT NULL,
-    total_csv_rows       INTEGER,
-    matched_count        INTEGER,
-    recovered_count      INTEGER,
-    drift_ratio          NUMERIC(5,4),
-    status               VARCHAR(16) NOT NULL DEFAULT 'running'
-                         CHECK (status IN ('running','ok','drift_alert','failed')),
-    error_message        TEXT,
-    alert_email_sent_at  TIMESTAMPTZ,
-    created_at           TIMESTAMPTZ NOT NULL DEFAULT NOW()
-);
-
-CREATE INDEX supplier_csv_reconcile_log_started_at_index
-    ON supplier_csv_reconcile_log(started_at DESC);
-CREATE INDEX supplier_csv_reconcile_log_status_index
-    ON supplier_csv_reconcile_log(status)
-    WHERE status IN ('drift_alert','failed');
-
--- GRANT-policy в db/02_grants.sql (для prod). Dev: postgres superuser.
-```
-
-- [ ] **Step 4: Обновить db/CHANGELOG_schema.md**
-
-Добавить запись наверх (после v8.18 entry):
-
-```markdown
-## v8.19 (2026-05-11) — Plan 4 Billing + CSV Reconcile + Admin
-
-**Изменения:**
-- `tenants` + колонка `delivered_in_month INTEGER NOT NULL DEFAULT 0 CHECK >= 0` (per-tenant счётчик для tier-lookup).
-- `lead_charges` + колонка `charge_source VARCHAR(8) DEFAULT 'rub' CHECK IN ('prepaid','rub')` + CHECK `chk_lead_charges_prepaid_zero_price` (prepaid → price=0).
-- `supplier_leads` + колонка `recovered_from_csv_at TIMESTAMPTZ` + partial index.
-- Новая таблица `supplier_csv_reconcile_log` (SaaS-level, без RLS) + 2 индекса.
-- 0 RLS-политик изменено.
-
-**Метрики:** 61 → 62 базовых таблиц / 114 → 117 индексов / 39 RLS-политик (без изменений).
-
-**Spec:** [docs/superpowers/specs/2026-05-11-plan4-billing-csv-admin-design.md](../docs/superpowers/specs/2026-05-11-plan4-billing-csv-admin-design.md).
-```
-
-- [ ] **Step 5: Обновить db/02_grants.sql**
-
-Добавить новую секцию для `supplier_csv_reconcile_log`:
-
-```sql
--- =============================================================================
--- v8.19 (Plan 4): supplier_csv_reconcile_log — SaaS-уровневый журнал CSV recon.
--- Используется CsvReconcileJob под crm_supplier_worker (BYPASSRLS).
--- =============================================================================
-
-GRANT SELECT, INSERT, UPDATE ON TABLE supplier_csv_reconcile_log TO crm_supplier_worker;
-GRANT USAGE, SELECT ON SEQUENCE supplier_csv_reconcile_log_id_seq TO crm_supplier_worker;
-```
-
-- [ ] **Step 6: Обновить Eloquent-модели**
-
-Открыть `app/app/Models/Tenant.php`, добавить в `$fillable`:
-
-```php
-'delivered_in_month',
-```
-
-В `casts()` метод (или `protected $casts` массив) — добавить:
-
-```php
-'delivered_in_month' => 'integer',
-```
-
-Открыть `app/app/Models/LeadCharge.php`, добавить в `$fillable` (после `tier_no`):
-
-```php
-'charge_source',
-```
-
-В `casts()`:
-
-```php
-'charge_source' => 'string',
-```
-
-Открыть `app/app/Models/SupplierLead.php`, добавить в `$fillable`:
-
-```php
-'recovered_from_csv_at',
-```
-
-В `casts()`:
-
-```php
-'recovered_from_csv_at' => 'datetime',
-```
-
-- [ ] **Step 7: Обновить LeadChargeFactory**
-
-```php
-// app/database/factories/LeadChargeFactory.php — заменить definition()
-public function definition(): array
-{
-    return [
-        'tenant_id' => Tenant::factory(),
-        'deal_id' => fake()->numberBetween(1, 99999),
-        'deal_received_at' => now(),
-        'tier_no' => fake()->numberBetween(1, 7),
-        'price_per_lead_kopecks' => fake()->numberBetween(2000, 6000),
-        'charge_source' => 'rub',
-        'charged_at' => now(),
-        'created_at' => now(),
-    ];
-}
-
-/**
- * State для prepaid-списания (price=0).
- */
-public function prepaid(): self
-{
-    return $this->state(fn () => [
-        'charge_source' => 'prepaid',
-        'price_per_lead_kopecks' => 0,
-    ]);
-}
-```
-
-- [ ] **Step 8: Создать PricingTierSeeder**
-
-```php
-<?php
-// app/database/seeders/PricingTierSeeder.php
-
-declare(strict_types=1);
-
-namespace Database\Seeders;
-
-use App\Models\PricingTier;
-use Illuminate\Database\Seeder;
-
-class PricingTierSeeder extends Seeder
-{
-    /**
-     * 7 ступеней дефолтного тарифа (Plan 4 spec §2.3 — placeholder, ожидает
-     * подтверждения заказчика. Открытый вопрос #1).
-     */
-    public function run(): void
-    {
-        $tiers = [
-            ['tier_no' => 1, 'leads_in_tier' => 100,  'price_per_lead_kopecks' => 50000],
-            ['tier_no' => 2, 'leads_in_tier' => 200,  'price_per_lead_kopecks' => 45000],
-            ['tier_no' => 3, 'leads_in_tier' => 400,  'price_per_lead_kopecks' => 40000],
-            ['tier_no' => 4, 'leads_in_tier' => 800,  'price_per_lead_kopecks' => 35000],
-            ['tier_no' => 5, 'leads_in_tier' => 1500, 'price_per_lead_kopecks' => 30000],
-            ['tier_no' => 6, 'leads_in_tier' => 3000, 'price_per_lead_kopecks' => 27000],
-            ['tier_no' => 7, 'leads_in_tier' => null, 'price_per_lead_kopecks' => 25000],
-        ];
-
-        foreach ($tiers as $tier) {
-            PricingTier::updateOrCreate(
-                ['tier_no' => $tier['tier_no'], 'effective_from' => '1970-01-01'],
-                array_merge($tier, ['is_active' => true, 'effective_from' => '1970-01-01']),
-            );
-        }
-    }
-}
-```
-
-- [ ] **Step 9: Подключить seeder в DatabaseSeeder**
-
-Открыть `app/database/seeders/DatabaseSeeder.php`, в методе `run()` добавить:
-
-```php
-$this->call(PricingTierSeeder::class);
-```
-
-- [ ] **Step 10: Прогнать migrate:fresh + seed на testing DB**
-
-```bash
-cd app && DB_DATABASE=liderra_testing php artisan migrate:fresh --force --seed
-```
-
-Expected: 0 errors, «Database seeders ran successfully».
-
-Verify pricing_tiers seed:
-
-```bash
-cd app && DB_DATABASE=liderra_testing php artisan tinker --execute="echo \App\Models\PricingTier::count();"
-```
-
-Expected output: `7`.
-
-- [ ] **Step 11: Прогнать failing schema-delta test — должен PASS**
-
-```bash
-cd app && ./vendor/bin/pest --filter=SchemaDeltaTest tests/Feature/Plan4/Schema/SchemaDeltaTest.php
-```
-
-Expected: 5 PASS, 0 FAIL.
-
-- [ ] **Step 12: Полный Pest прогон — убедиться, что добавление колонок ничего не сломало**
-
-```bash
-cd app && ./vendor/bin/pest --parallel
-```
-
-Expected: все pre-existing тесты + 5 новых SchemaDeltaTest = PASS. Зафиксировать exact число в commit message.
-
-- [ ] **Step 13: Запустить статанализ и pint**
-
-```bash
-cd app && composer pint && composer stan
-```
-
-Expected: pint clean, stan 0 errors above baseline.
-
-- [ ] **Step 14: Commit**
-
-```bash
-git add db/schema.sql db/CHANGELOG_schema.md db/02_grants.sql \
-        app/app/Models/Tenant.php app/app/Models/LeadCharge.php app/app/Models/SupplierLead.php \
-        app/database/factories/LeadChargeFactory.php \
-        app/database/seeders/PricingTierSeeder.php app/database/seeders/DatabaseSeeder.php \
-        app/tests/Feature/Plan4/Schema/SchemaDeltaTest.php
-git commit -m "feat(db): Plan 4 Task 1 — schema delta v8.18 → v8.19 + models/seeder"
-```
-
----
-
-## Task 2: PricingTierResolver (pure unit) + PricingTierRepository
-
-**Files:**
-
-- Create: `app/app/Services/Billing/PricingTierResolver.php`
-- Create: `app/tests/Unit/Billing/PricingTierResolverTest.php`
-- Create: `app/app/Repositories/PricingTierRepository.php`
-- Create: `app/tests/Feature/Billing/PricingTierRepositoryTest.php`
-
-- [ ] **Step 1: Написать failing unit-test для PricingTierResolver**
-
-```php
-<?php
-// app/tests/Unit/Billing/PricingTierResolverTest.php
-
-declare(strict_types=1);
-
-use App\Models\PricingTier;
-use App\Services\Billing\PricingTierResolver;
-use Illuminate\Database\Eloquent\Collection;
-
-uses(\Tests\TestCase::class);
-
-beforeEach(function () {
-    $this->resolver = new PricingTierResolver();
-
-    // 7-tier сетка in-memory (без БД)
-    $this->tiers = new Collection([
-        new PricingTier(['tier_no' => 1, 'leads_in_tier' => 100,  'price_per_lead_kopecks' => 50000]),
-        new PricingTier(['tier_no' => 2, 'leads_in_tier' => 200,  'price_per_lead_kopecks' => 45000]),
-        new PricingTier(['tier_no' => 3, 'leads_in_tier' => 400,  'price_per_lead_kopecks' => 40000]),
-        new PricingTier(['tier_no' => 4, 'leads_in_tier' => 800,  'price_per_lead_kopecks' => 35000]),
-        new PricingTier(['tier_no' => 5, 'leads_in_tier' => 1500, 'price_per_lead_kopecks' => 30000]),
-        new PricingTier(['tier_no' => 6, 'leads_in_tier' => 3000, 'price_per_lead_kopecks' => 27000]),
-        new PricingTier(['tier_no' => 7, 'leads_in_tier' => null, 'price_per_lead_kopecks' => 25000]),
-    ]);
-});
-
-it('returns tier 1 for the 1st lead', function () {
-    $tier = $this->resolver->resolveForCount($this->tiers, 1);
-    expect($tier->tier_no)->toBe(1);
-});
-
-it('returns tier 1 at upper bound (100th lead)', function () {
-    $tier = $this->resolver->resolveForCount($this->tiers, 100);
-    expect($tier->tier_no)->toBe(1);
-});
-
-it('crosses to tier 2 at 101st lead', function () {
-    $tier = $this->resolver->resolveForCount($this->tiers, 101);
-    expect($tier->tier_no)->toBe(2);
-});
-
-it('returns tier 6 at cumulative sum of tiers 1-6 (5000th lead)', function () {
-    // 100 + 200 + 400 + 800 + 1500 + 3000 = 6000; last in tier 6 = 6000th lead
-    $tier = $this->resolver->resolveForCount($this->tiers, 6000);
-    expect($tier->tier_no)->toBe(6);
-});
-
-it('returns tier 7 (unlimited) for 6001st lead', function () {
-    $tier = $this->resolver->resolveForCount($this->tiers, 6001);
-    expect($tier->tier_no)->toBe(7);
-});
-
-it('returns tier 7 for 1_000_000th lead (unlimited)', function () {
-    $tier = $this->resolver->resolveForCount($this->tiers, 1_000_000);
-    expect($tier->tier_no)->toBe(7);
-});
-
-it('throws RuntimeException on empty tiers collection', function () {
-    expect(fn () => $this->resolver->resolveForCount(new Collection(), 1))
-        ->toThrow(\RuntimeException::class, 'No active pricing tiers');
-});
-```
-
-- [ ] **Step 2: Запустить test — FAIL (класс не существует)**
-
-```bash
-cd app && ./vendor/bin/pest tests/Unit/Billing/PricingTierResolverTest.php
-```
-
-Expected: FAIL "Class PricingTierResolver does not exist".
-
-- [ ] **Step 3: Реализовать PricingTierResolver**
-
-```php
-<?php
-// app/app/Services/Billing/PricingTierResolver.php
-
-declare(strict_types=1);
-
-namespace App\Services\Billing;
-
-use App\Models\PricingTier;
-use Illuminate\Database\Eloquent\Collection;
-use RuntimeException;
-
-/**
- * Pure resolver: «в какую ступень pricing_tiers попадает N-й лид» (1-based).
- *
- * Логика: tier 1 покрывает 1..leads_in_tier_1; tier 2 — следующие leads_in_tier_2;
- * tier 7 с leads_in_tier=NULL ловит всё свыше суммарного объёма tiers 1-6.
- *
- * Spec: docs/superpowers/specs/2026-05-11-plan4-billing-csv-admin-design.md §3.1
- */
-final class PricingTierResolver
-{
-    /**
-     * @param  Collection<int, PricingTier>  $tiers  активные ступени (не обязательно отсортированы)
-     * @param  int  $leadOrdinal  номер лида в текущем месяце (1-based)
-     */
-    public function resolveForCount(Collection $tiers, int $leadOrdinal): PricingTier
-    {
-        if ($tiers->isEmpty()) {
-            throw new RuntimeException('No active pricing tiers — cannot resolve');
-        }
-
-        /** @var Collection<int, PricingTier> $sorted */
-        $sorted = $tiers->sortBy('tier_no')->values();
-
-        $cumulative = 0;
-        foreach ($sorted as $tier) {
-            // tier 7 (или любой с leads_in_tier=NULL) — «всё свыше»
-            if ($tier->leads_in_tier === null) {
-                return $tier;
-            }
-
-            $cumulative += (int) $tier->leads_in_tier;
-            if ($leadOrdinal <= $cumulative) {
-                return $tier;
-            }
-        }
-
-        // Если ни одна ступень не покрыла (leadOrdinal > сумма всех leads_in_tier
-        // И ни у одной не было NULL) — возвращаем последнюю как fallback.
-        return $sorted->last();
-    }
-}
-```
-
-- [ ] **Step 4: Запустить test — PASS**
-
-```bash
-cd app && ./vendor/bin/pest tests/Unit/Billing/PricingTierResolverTest.php
-```
-
-Expected: 7 PASS.
-
-- [ ] **Step 5: Написать failing test для PricingTierRepository**
-
-```php
-<?php
-// app/tests/Feature/Billing/PricingTierRepositoryTest.php
-
-declare(strict_types=1);
-
-use App\Models\PricingTier;
-use App\Repositories\PricingTierRepository;
-use Illuminate\Foundation\Testing\RefreshDatabase;
-use Illuminate\Support\Carbon;
-
-uses(\Tests\TestCase::class, RefreshDatabase::class);
-
-beforeEach(function () {
-    $this->repo = new PricingTierRepository();
-});
-
-it('returns active tiers ordered by tier_no', function () {
-    PricingTier::factory()->create(['tier_no' => 2, 'effective_from' => '2024-01-01', 'is_active' => true]);
-    PricingTier::factory()->create(['tier_no' => 1, 'effective_from' => '2024-01-01', 'is_active' => true]);
-
-    $tiers = $this->repo->activeAt(Carbon::parse('2024-06-01'));
-
-    expect($tiers->pluck('tier_no')->all())->toBe([1, 2]);
-});
-
-it('returns max effective_from <= today (newer overrides older)', function () {
-    PricingTier::factory()->create(['tier_no' => 1, 'effective_from' => '2024-01-01', 'price_per_lead_kopecks' => 50000]);
-    PricingTier::factory()->create(['tier_no' => 1, 'effective_from' => '2024-06-01', 'price_per_lead_kopecks' => 30000]);
-
-    $tiers = $this->repo->activeAt(Carbon::parse('2024-07-01'));
-
-    expect($tiers->first()->price_per_lead_kopecks)->toBe(30000);
-});
-
-it('ignores future effective_from', function () {
-    PricingTier::factory()->create(['tier_no' => 1, 'effective_from' => '2024-01-01', 'price_per_lead_kopecks' => 50000]);
-    PricingTier::factory()->create(['tier_no' => 1, 'effective_from' => '2099-01-01', 'price_per_lead_kopecks' => 99999]);
-
-    $tiers = $this->repo->activeAt(Carbon::parse('2024-06-01'));
-
-    expect($tiers->first()->price_per_lead_kopecks)->toBe(50000);
-});
-
-it('returns empty collection when no active tiers exist', function () {
-    $tiers = $this->repo->activeAt(Carbon::parse('2024-06-01'));
-
-    expect($tiers)->toBeEmpty();
-});
-```
-
-- [ ] **Step 6: Запустить — FAIL**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Billing/PricingTierRepositoryTest.php
-```
-
-Expected: FAIL "Class PricingTierRepository does not exist".
-
-- [ ] **Step 7: Реализовать PricingTierRepository**
-
-```php
-<?php
-// app/app/Repositories/PricingTierRepository.php
-
-declare(strict_types=1);
-
-namespace App\Repositories;
-
-use App\Models\PricingTier;
-use Carbon\CarbonInterface;
-use Illuminate\Database\Eloquent\Collection;
-
-/**
- * DB-обёртка для текущей активной сетки pricing_tiers.
- *
- * Логика: для данной даты `$at` возвращаются все ступени с
- * MAX(effective_from) WHERE effective_from <= $at AND is_active=true,
- * сгруппированные по tier_no.
- *
- * Spec: docs/superpowers/specs/2026-05-11-plan4-billing-csv-admin-design.md §3.1
- */
-final class PricingTierRepository
-{
-    /**
-     * @return Collection<int, PricingTier>
-     */
-    public function activeAt(CarbonInterface $at): Collection
-    {
-        // Для каждого tier_no берём строку с MAX(effective_from) <= $at
-        // (учёт сценария «новая сетка перекрывает старую»).
-        return PricingTier::query()
-            ->where('is_active', true)
-            ->where('effective_from', '<=', $at->toDateString())
-            ->orderBy('tier_no')
-            ->orderBy('effective_from', 'desc')
-            ->get()
-            ->groupBy('tier_no')
-            ->map(fn (Collection $group) => $group->first())
-            ->values()
-            ->sortBy('tier_no')
-            ->values();
-    }
-}
-```
-
-- [ ] **Step 8: Запустить test — PASS**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Billing/PricingTierRepositoryTest.php
-```
-
-Expected: 4 PASS.
-
-- [ ] **Step 9: Pint + Larastan + полный Pest**
-
-```bash
-cd app && composer pint && composer stan && ./vendor/bin/pest --parallel
-```
-
-Expected: pint clean, stan 0 above baseline, все тесты PASS.
-
-- [ ] **Step 10: Commit**
-
-```bash
-git add app/app/Services/Billing/PricingTierResolver.php \
-        app/app/Repositories/PricingTierRepository.php \
-        app/tests/Unit/Billing/PricingTierResolverTest.php \
-        app/tests/Feature/Billing/PricingTierRepositoryTest.php
-git commit -m "feat(billing): Plan 4 Task 2 — PricingTierResolver + Repository (pure resolver + DB-обёртка)"
-```
-
----
-
-## Task 3: LedgerService::chargeForDelivery + ChargeResult + InsufficientBalanceException
-
-**Files:**
-
-- Create: `app/app/Exceptions/Billing/InsufficientBalanceException.php`
-- Create: `app/app/Services/Billing/ChargeResult.php`
-- Create: `app/app/Services/Billing/LedgerService.php`
-- Create: `app/tests/Feature/Billing/LedgerServiceTest.php`
-
-- [ ] **Step 1: Создать InsufficientBalanceException**
-
-```php
-<?php
-// app/app/Exceptions/Billing/InsufficientBalanceException.php
-
-declare(strict_types=1);
-
-namespace App\Exceptions\Billing;
-
-use RuntimeException;
-
-/**
- * Выбрасывается LedgerService::chargeForDelivery, когда tenant не имеет
- * ни prepaid-лидов (balance_leads >= 1), ни рублей под текущую tier-цену
- * (balance_rub * 100 >= priceKopecks).
- *
- * Ловится в RouteSupplierLeadJob::createDealCopyForProject — инициирует
- * auto-pause flow (см. spec §4.2).
- */
-final class InsufficientBalanceException extends RuntimeException
-{
-    public function __construct(
-        public readonly int $priceKopecks,
-        public readonly string $balanceRub,    // строка для bcmath compatibility
-        public readonly int $balanceLeads,
-        ?\Throwable $previous = null,
-    ) {
-        parent::__construct(
-            sprintf(
-                'Insufficient balance: price_kopecks=%d, balance_rub=%s, balance_leads=%d',
-                $priceKopecks, $balanceRub, $balanceLeads,
-            ),
-            previous: $previous,
-        );
-    }
-}
-```
-
-- [ ] **Step 2: Создать ChargeResult DTO**
-
-```php
-<?php
-// app/app/Services/Billing/ChargeResult.php
-
-declare(strict_types=1);
-
-namespace App\Services\Billing;
-
-use App\Models\PricingTier;
-
-/**
- * Read-only DTO с результатом charge'а: source (prepaid/rub), снимок ступени, цена в копейках.
- */
-final readonly class ChargeResult
-{
-    public function __construct(
-        public string $source,           // 'prepaid' | 'rub'
-        public PricingTier $tier,
-        public int $priceKopecks,
-    ) {}
-}
-```
-
-- [ ] **Step 3: Написать failing test для LedgerService**
-
-```php
-<?php
-// app/tests/Feature/Billing/LedgerServiceTest.php
-
-declare(strict_types=1);
-
-use App\Exceptions\Billing\InsufficientBalanceException;
-use App\Models\Deal;
-use App\Models\LeadCharge;
-use App\Models\PricingTier;
-use App\Models\Supplier;
-use App\Models\SupplierProject;
-use App\Models\SupplierLead;
-use App\Models\Tenant;
-use App\Services\Billing\LedgerService;
-use Illuminate\Foundation\Testing\RefreshDatabase;
-use Illuminate\Support\Facades\DB;
-
-uses(\Tests\TestCase::class, RefreshDatabase::class);
-
-beforeEach(function () {
-    // Seed 7 ступеней
-    \Database\Seeders\PricingTierSeeder::class;
-    (new \Database\Seeders\PricingTierSeeder())->run();
-
-    $this->ledger = app(LedgerService::class);
-});
-
-function makeTenantWith(int $balanceLeads, string $balanceRub, int $deliveredInMonth = 0): Tenant
-{
-    return Tenant::factory()->create([
-        'balance_leads' => $balanceLeads,
-        'balance_rub' => $balanceRub,
-        'delivered_in_month' => $deliveredInMonth,
-    ]);
-}
-
-function makeDealForTenant(Tenant $tenant): Deal
-{
-    return Deal::factory()->create([
-        'tenant_id' => $tenant->id,
-        'received_at' => now(),
-    ]);
-}
-
-it('charges prepaid when balance_leads >= 1 (price snapshot = 0, tier_no snapshot from delivered_in_month + 1)', function () {
-    $tenant = makeTenantWith(balanceLeads: 5, balanceRub: '0.00', deliveredInMonth: 0);
-    $deal = makeDealForTenant($tenant);
-
-    $result = DB::transaction(function () use ($tenant, $deal) {
-        DB::statement("SET LOCAL app.current_tenant_id = '{$tenant->id}'");
-        $locked = Tenant::whereKey($tenant->id)->lockForUpdate()->firstOrFail();
-        return $this->ledger->chargeForDelivery($locked, $deal);
-    });
-
-    expect($result->source)->toBe('prepaid');
-    expect($result->priceKopecks)->toBe(0);
-    expect($result->tier->tier_no)->toBe(1);  // 0+1 = 1st lead → tier 1
-
-    $tenant->refresh();
-    expect((int) $tenant->balance_leads)->toBe(4);
-    expect((string) $tenant->balance_rub)->toBe('0.00');
-    expect($tenant->delivered_in_month)->toBe(1);
-
-    $charge = LeadCharge::first();
-    expect($charge->charge_source)->toBe('prepaid');
-    expect($charge->price_per_lead_kopecks)->toBe(0);
-    expect($charge->tier_no)->toBe(1);
-});
-
-it('charges rub when balance_leads = 0 and balance_rub >= price', function () {
-    $tenant = makeTenantWith(balanceLeads: 0, balanceRub: '1000.00', deliveredInMonth: 0);
-    $deal = makeDealForTenant($tenant);
-
-    $result = DB::transaction(function () use ($tenant, $deal) {
-        DB::statement("SET LOCAL app.current_tenant_id = '{$tenant->id}'");
-        $locked = Tenant::whereKey($tenant->id)->lockForUpdate()->firstOrFail();
-        return $this->ledger->chargeForDelivery($locked, $deal);
-    });
-
-    expect($result->source)->toBe('rub');
-    expect($result->priceKopecks)->toBe(50000);  // tier 1 price
-
-    $tenant->refresh();
-    expect((string) $tenant->balance_rub)->toBe('500.00');  // 1000 - 500
-    expect((int) $tenant->balance_leads)->toBe(0);
-    expect($tenant->delivered_in_month)->toBe(1);
-
-    $charge = LeadCharge::first();
-    expect($charge->charge_source)->toBe('rub');
-    expect($charge->price_per_lead_kopecks)->toBe(50000);
-});
-
-it('throws InsufficientBalanceException when both sources empty', function () {
-    $tenant = makeTenantWith(balanceLeads: 0, balanceRub: '400.00', deliveredInMonth: 0);
-    $deal = makeDealForTenant($tenant);
-
-    expect(function () use ($tenant, $deal) {
-        DB::transaction(function () use ($tenant, $deal) {
-            DB::statement("SET LOCAL app.current_tenant_id = '{$tenant->id}'");
-            $locked = Tenant::whereKey($tenant->id)->lockForUpdate()->firstOrFail();
-            $this->ledger->chargeForDelivery($locked, $deal);
-        });
-    })->toThrow(InsufficientBalanceException::class);
-
-    expect(LeadCharge::count())->toBe(0);
-    $tenant->refresh();
-    expect((int) $tenant->balance_leads)->toBe(0);
-    expect((string) $tenant->balance_rub)->toBe('400.00');
-    expect($tenant->delivered_in_month)->toBe(0);
-});
-
-it('charges rub at exact balance == price boundary', function () {
-    $tenant = makeTenantWith(balanceLeads: 0, balanceRub: '500.00', deliveredInMonth: 0);
-    $deal = makeDealForTenant($tenant);
-
-    $result = DB::transaction(function () use ($tenant, $deal) {
-        DB::statement("SET LOCAL app.current_tenant_id = '{$tenant->id}'");
-        $locked = Tenant::whereKey($tenant->id)->lockForUpdate()->firstOrFail();
-        return $this->ledger->chargeForDelivery($locked, $deal);
-    });
-
-    expect($result->source)->toBe('rub');
-
-    $tenant->refresh();
-    expect((string) $tenant->balance_rub)->toBe('0.00');
-});
-
-it('crosses tier boundary: delivered_in_month=99 → tier 1; delivered_in_month=100 → tier 2', function () {
-    $tenantA = makeTenantWith(balanceLeads: 0, balanceRub: '10000.00', deliveredInMonth: 99);
-    $tenantB = makeTenantWith(balanceLeads: 0, balanceRub: '10000.00', deliveredInMonth: 100);
-
-    $dealA = makeDealForTenant($tenantA);
-    $dealB = makeDealForTenant($tenantB);
-
-    $resultA = DB::transaction(function () use ($tenantA, $dealA) {
-        DB::statement("SET LOCAL app.current_tenant_id = '{$tenantA->id}'");
-        $locked = Tenant::whereKey($tenantA->id)->lockForUpdate()->firstOrFail();
-        return $this->ledger->chargeForDelivery($locked, $dealA);
-    });
-    $resultB = DB::transaction(function () use ($tenantB, $dealB) {
-        DB::statement("SET LOCAL app.current_tenant_id = '{$tenantB->id}'");
-        $locked = Tenant::whereKey($tenantB->id)->lockForUpdate()->firstOrFail();
-        return $this->ledger->chargeForDelivery($locked, $dealB);
-    });
-
-    expect($resultA->tier->tier_no)->toBe(1);  // 99+1 = 100, всё ещё в tier 1
-    expect($resultB->tier->tier_no)->toBe(2);  // 100+1 = 101, перешли в tier 2
-});
-
-it('writes supplier_lead_costs (gap-fix: Plan 2/3 не писали в sharing-flow)', function () {
-    $tenant = makeTenantWith(balanceLeads: 5, balanceRub: '0.00');
-    $supplier = Supplier::where('code', 'b1')->first();
-    $supplierProject = SupplierProject::factory()->create(['platform' => 'B1', 'supplier_id' => $supplier->id]);
-    $deal = Deal::factory()->create(['tenant_id' => $tenant->id, 'received_at' => now()]);
-    $lead = SupplierLead::factory()->create(['supplier_project_id' => $supplierProject->id]);
-
-    // Деталь: chargeForDelivery должен резолвить supplier_id из $lead->supplierProject->supplier_id
-    // через explicit binding в LedgerService (мы передадим $lead с deal вместе).
-    // Этот тест проверяет supplier_lead_costs INSERT после charge'а.
-
-    DB::transaction(function () use ($tenant, $deal, $lead) {
-        DB::statement("SET LOCAL app.current_tenant_id = '{$tenant->id}'");
-        $locked = Tenant::whereKey($tenant->id)->lockForUpdate()->firstOrFail();
-        $this->ledger->chargeForDelivery($locked, $deal, $lead);
-    });
-
-    $cost = DB::table('supplier_lead_costs')->where('deal_id', $deal->id)->first();
-    expect($cost)->not->toBeNull();
-    expect((int) $cost->supplier_id)->toBe($supplier->id);
-    expect((string) $cost->cost_rub)->toBe($supplier->cost_rub);
-});
-```
-
-- [ ] **Step 4: Запустить test — FAIL**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Billing/LedgerServiceTest.php
-```
-
-Expected: 6 FAIL ("Class LedgerService does not exist" / DI resolve failure).
-
-- [ ] **Step 5: Реализовать LedgerService**
-
-```php
-<?php
-// app/app/Services/Billing/LedgerService.php
-
-declare(strict_types=1);
-
-namespace App\Services\Billing;
-
-use App\Exceptions\Billing\InsufficientBalanceException;
-use App\Models\BalanceTransaction;
-use App\Models\Deal;
-use App\Models\LeadCharge;
-use App\Models\Supplier;
-use App\Models\SupplierLead;
-use App\Models\Tenant;
-use App\Repositories\PricingTierRepository;
-use Illuminate\Support\Carbon;
-use Illuminate\Support\Facades\DB;
-
-/**
- * Командный сервис биллинга на горячем пути доставки лида.
- *
- * Контракт: вызывается ВНУТРИ открытой DB-транзакции под lockForUpdate(Tenant).
- * Применяет dual-balance flow:
- *   1. tier-lookup по tenants.delivered_in_month + 1
- *   2. prepaid: balance_leads--, lead_charges (price=0)
- *   3. rub: balance_rub -= price/100 (bcmath), lead_charges (price=tier)
- *   4. INSERT supplier_lead_costs (gap-fix sharing-flow)
- *   5. INSERT balance_transactions (universal ledger движения баланса)
- *
- * Spec: docs/superpowers/specs/2026-05-11-plan4-billing-csv-admin-design.md §3
- */
-final class LedgerService
-{
-    public function __construct(
-        private readonly PricingTierResolver $resolver,
-        private readonly PricingTierRepository $tiers,
-    ) {}
-
-    public function chargeForDelivery(
-        Tenant $lockedTenant,
-        Deal $deal,
-        ?SupplierLead $lead = null,
-    ): ChargeResult {
-        // 1. tier-resolution для (delivered_in_month + 1)-го лида
-        $activeTiers = $this->tiers->activeAt(Carbon::now('Europe/Moscow'));
-        $tier = $this->resolver->resolveForCount($activeTiers, ($lockedTenant->delivered_in_month ?? 0) + 1);
-        $priceKopecks = (int) $tier->price_per_lead_kopecks;
-
-        // 2. Decide chargeSource (bcmath — НЕ PHP float)
-        $source = $this->decideSource($lockedTenant, $priceKopecks);
-
-        // 3. Apply
-        if ($source === 'prepaid') {
-            $lockedTenant->decrement('balance_leads', 1);
-        } else {
-            $amountRub = bcdiv((string) $priceKopecks, '100', 2);
-            $lockedTenant->decrement('balance_rub', $amountRub);
-        }
-        $lockedTenant->increment('delivered_in_month', 1);
-        $lockedTenant->refresh();
-
-        // 4. INSERT lead_charges (always)
-        LeadCharge::create([
-            'tenant_id' => $lockedTenant->id,
-            'deal_id' => $deal->id,
-            'deal_received_at' => $deal->received_at,
-            'tier_no' => $tier->tier_no,
-            'price_per_lead_kopecks' => $source === 'prepaid' ? 0 : $priceKopecks,
-            'charge_source' => $source,
-            'charged_at' => now(),
-            'created_at' => now(),
-        ]);
-
-        // 5. INSERT balance_transactions (универсальный ledger)
-        BalanceTransaction::create([
-            'tenant_id' => $lockedTenant->id,
-            'type' => BalanceTransaction::TYPE_LEAD_CHARGE,
-            'amount_leads' => $source === 'prepaid' ? -1 : 0,
-            'amount_rub' => $source === 'rub' ? '-'.bcdiv((string) $priceKopecks, '100', 2) : '0.00',
-            'balance_leads_after' => (int) $lockedTenant->balance_leads,
-            'balance_rub_after' => (string) $lockedTenant->balance_rub,
-            'related_type' => Deal::class,
-            'related_id' => $deal->id,
-            'created_at' => now(),
-        ]);
-
-        // 6. INSERT supplier_lead_costs (gap-fix Plan 2/3 sharing-flow)
-        if ($lead !== null) {
-            $supplierId = $this->resolveSupplierId($lead);
-            if ($supplierId !== null) {
-                /** @var Supplier $supplier */
-                $supplier = Supplier::findOrFail($supplierId);
-                DB::table('supplier_lead_costs')->insert([
-                    'deal_id' => $deal->id,
-                    'received_at' => $deal->received_at,
-                    'supplier_id' => $supplierId,
-                    'cost_rub' => $supplier->cost_rub,
-                    'created_at' => now(),
-                ]);
-            }
-        }
-
-        return new ChargeResult($source, $tier, $source === 'prepaid' ? 0 : $priceKopecks);
-    }
-
-    private function decideSource(Tenant $tenant, int $priceKopecks): string
-    {
-        if ((int) $tenant->balance_leads >= 1) {
-            return 'prepaid';
-        }
-
-        // bcmath: balance_rub (DECIMAL string) * 100 ≥ priceKopecks → можем списать rub
-        $balanceKopecks = bcmul((string) $tenant->balance_rub, '100', 0);
-        if (bccomp($balanceKopecks, (string) $priceKopecks, 0) >= 0) {
-            return 'rub';
-        }
-
-        throw new InsufficientBalanceException(
-            priceKopecks: $priceKopecks,
-            balanceRub: (string) $tenant->balance_rub,
-            balanceLeads: (int) $tenant->balance_leads,
-        );
-    }
-
-    /**
-     * supplier_id из $lead->supplier_project->supplier_id (FK); fallback —
-     * по platform из raw_payload через suppliers.code.
-     */
-    private function resolveSupplierId(SupplierLead $lead): ?int
-    {
-        if ($lead->supplier_project_id !== null) {
-            $sp = DB::table('supplier_projects')->where('id', $lead->supplier_project_id)->first();
-            if ($sp !== null && $sp->supplier_id !== null) {
-                return (int) $sp->supplier_id;
-            }
-        }
-        // Fallback: парсим platform из raw_payload['project'] (B1_xxx → 'b1')
-        $project = (string) ($lead->raw_payload['project'] ?? '');
-        if (preg_match('/^(B[123])_/', $project, $m) === 1) {
-            $code = strtolower($m[1]);
-            $supplier = Supplier::where('code', $code)->first();
-            return $supplier?->id;
-        }
-        return null;
-    }
-}
-```
-
-- [ ] **Step 6: Запустить test — PASS**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Billing/LedgerServiceTest.php
-```
-
-Expected: 6 PASS.
-
-- [ ] **Step 7: Pint + Larastan + полный Pest**
-
-```bash
-cd app && composer pint && composer stan && ./vendor/bin/pest --parallel
-```
-
-Expected: pint clean, stan 0 above baseline, все тесты PASS.
-
-- [ ] **Step 8: Commit**
-
-```bash
-git add app/app/Exceptions/Billing/ app/app/Services/Billing/ app/tests/Feature/Billing/LedgerServiceTest.php
-git commit -m "feat(billing): Plan 4 Task 3 — LedgerService::chargeForDelivery (dual-balance + lead_charges/supplier_lead_costs INSERT)"
-```
-
----
-
-## Task 4: Integration LedgerService в RouteSupplierLeadJob
-
-**Files:**
-
-- Modify: [app/app/Jobs/RouteSupplierLeadJob.php](../../app/app/Jobs/RouteSupplierLeadJob.php) (заменить строки 265-279 + добавить try/catch для InsufficientBalance)
-- Create: `app/tests/Feature/Supplier/RouteSupplierLeadJobBillingTest.php`
-
-- [ ] **Step 1: Написать failing E2E тест**
-
-```php
-<?php
-// app/tests/Feature/Supplier/RouteSupplierLeadJobBillingTest.php
-
-declare(strict_types=1);
-
-use App\Jobs\RouteSupplierLeadJob;
-use App\Models\Deal;
-use App\Models\LeadCharge;
-use App\Models\Project;
-use App\Models\Supplier;
-use App\Models\SupplierLead;
-use App\Models\SupplierProject;
-use App\Models\Tenant;
-use Illuminate\Foundation\Testing\RefreshDatabase;
-use Illuminate\Support\Facades\DB;
-
-uses(\Tests\TestCase::class, RefreshDatabase::class);
-
-beforeEach(function () {
-    (new \Database\Seeders\PricingTierSeeder())->run();
-});
-
-function prepareSharingFlow(int $tenantsCount, array $balances): array
-{
-    /** @var array<int, Tenant> $tenants */
-    $tenants = [];
-    /** @var array<int, Project> $projects */
-    $projects = [];
-
-    $supplier = Supplier::where('code', 'b1')->first();
-    $supplierProject = SupplierProject::factory()->create([
-        'platform' => 'B1',
-        'signal_type' => 'site',
-        'unique_key' => 'example.com',
-        'supplier_id' => $supplier->id,
-    ]);
-
-    for ($i = 0; $i < $tenantsCount; $i++) {
-        $tenant = Tenant::factory()->create($balances[$i]);
-        $project = Project::factory()->create([
-            'tenant_id' => $tenant->id,
-            'signal_type' => 'site',
-            'signal_identifier' => 'example.com',
-            'supplier_b1_project_id' => $supplierProject->id,
-            'is_active' => true,
-            'daily_limit_target' => 10,
-            'effective_daily_limit_today' => 10,
-            'delivered_today' => 0,
-            'delivery_days_mask' => 127,  // все дни
-            'region_mask' => 255,
-        ]);
-        $tenants[] = $tenant;
-        $projects[] = $project;
-    }
-
-    $lead = SupplierLead::factory()->create([
-        'vid' => 'test-vid-'.uniqid(),
-        'phone' => '79991234567',
-        'raw_payload' => ['project' => 'B1_example.com', 'phone' => '79991234567', 'time' => time()],
-        'supplier_project_id' => $supplierProject->id,
-        'received_at' => now(),
-    ]);
-
-    return ['tenants' => $tenants, 'projects' => $projects, 'lead' => $lead, 'supplier' => $supplier];
-}
-
-it('charges prepaid for tenant with balance_leads > 0', function () {
-    $ctx = prepareSharingFlow(1, [['balance_leads' => 5, 'balance_rub' => '0.00', 'delivered_in_month' => 0]]);
-
-    (new RouteSupplierLeadJob($ctx['lead']->id))->handle(
-        app(\App\Services\LeadRouter::class),
-        app(\App\Services\SupplierProjects\SupplierProjectResolver::class),
-        app(\App\Services\DuplicateDetector::class),
-        app(\App\Services\NotificationService::class),
-    );
-
-    $tenant = $ctx['tenants'][0]->fresh();
-    expect((int) $tenant->balance_leads)->toBe(4);
-    expect($tenant->delivered_in_month)->toBe(1);
-
-    $charge = LeadCharge::first();
-    expect($charge)->not->toBeNull();
-    expect($charge->charge_source)->toBe('prepaid');
-    expect($charge->price_per_lead_kopecks)->toBe(0);
-});
-
-it('charges rub for tenant with balance_leads=0 and balance_rub >= price', function () {
-    $ctx = prepareSharingFlow(1, [['balance_leads' => 0, 'balance_rub' => '1000.00', 'delivered_in_month' => 0]]);
-
-    (new RouteSupplierLeadJob($ctx['lead']->id))->handle(
-        app(\App\Services\LeadRouter::class),
-        app(\App\Services\SupplierProjects\SupplierProjectResolver::class),
-        app(\App\Services\DuplicateDetector::class),
-        app(\App\Services\NotificationService::class),
-    );
-
-    $tenant = $ctx['tenants'][0]->fresh();
-    expect((string) $tenant->balance_rub)->toBe('500.00');  // 1000 - 500 (tier 1 = 50000 коп)
-    expect($tenant->delivered_in_month)->toBe(1);
-
-    $charge = LeadCharge::first();
-    expect($charge->charge_source)->toBe('rub');
-    expect($charge->price_per_lead_kopecks)->toBe(50000);
-});
-
-it('writes supplier_lead_costs for each delivered deal copy (gap-fix)', function () {
-    $ctx = prepareSharingFlow(2, [
-        ['balance_leads' => 5, 'balance_rub' => '0.00', 'delivered_in_month' => 0],
-        ['balance_leads' => 0, 'balance_rub' => '1000.00', 'delivered_in_month' => 0],
-    ]);
-
-    (new RouteSupplierLeadJob($ctx['lead']->id))->handle(
-        app(\App\Services\LeadRouter::class),
-        app(\App\Services\SupplierProjects\SupplierProjectResolver::class),
-        app(\App\Services\DuplicateDetector::class),
-        app(\App\Services\NotificationService::class),
-    );
-
-    $costs = DB::table('supplier_lead_costs')->get();
-    expect($costs)->toHaveCount(2);
-    foreach ($costs as $cost) {
-        expect((int) $cost->supplier_id)->toBe($ctx['supplier']->id);
-        expect((string) $cost->cost_rub)->toBe($ctx['supplier']->cost_rub);
-    }
-});
-
-it('retry idempotency: повторный run job’а не дублирует lead_charges', function () {
-    $ctx = prepareSharingFlow(1, [['balance_leads' => 5, 'balance_rub' => '0.00']]);
-    $job = new RouteSupplierLeadJob($ctx['lead']->id);
-
-    $job->handle(
-        app(\App\Services\LeadRouter::class),
-        app(\App\Services\SupplierProjects\SupplierProjectResolver::class),
-        app(\App\Services\DuplicateDetector::class),
-        app(\App\Services\NotificationService::class),
-    );
-    $job->handle(  // повторный run — processed_at guard должен сработать
-        app(\App\Services\LeadRouter::class),
-        app(\App\Services\SupplierProjects\SupplierProjectResolver::class),
-        app(\App\Services\DuplicateDetector::class),
-        app(\App\Services\NotificationService::class),
-    );
-
-    expect(LeadCharge::count())->toBe(1);
-    expect(Deal::count())->toBe(1);
-    expect((int) $ctx['tenants'][0]->fresh()->balance_leads)->toBe(4);
-});
-```
-
-- [ ] **Step 2: Запустить тест — FAIL (LedgerService не инжектирован в Job)**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Supplier/RouteSupplierLeadJobBillingTest.php
-```
-
-Expected: 4 FAIL — старый код пишет только balance_leads -1, не использует tier-lookup, lead_charges остаётся пустым.
-
-- [ ] **Step 3: Модифицировать RouteSupplierLeadJob: добавить инжектируемый LedgerService**
-
-Открыть [app/app/Jobs/RouteSupplierLeadJob.php](../../app/app/Jobs/RouteSupplierLeadJob.php), внести 3 правки:
-
-**3a. Добавить use-импорты после существующих** (после строки 15):
-
-```php
-use App\Exceptions\Billing\InsufficientBalanceException;
-use App\Services\Billing\LedgerService;
-```
-
-**3b. Расширить сигнатуру `handle()`** — добавить параметр `LedgerService $ledger` (строка ~85):
-
-```php
-public function handle(
-    LeadRouter $router,
-    SupplierProjectResolver $resolver,
-    DuplicateDetector $duplicateDetector,
-    NotificationService $notifier,
-    LedgerService $ledger,
-): void {
-```
-
-**3c. Передать `$ledger` в `createDealCopyForProject`** (строка ~111-114):
-
-```php
-foreach ($matched as $project) {
-    try {
-        if ($this->createDealCopyForProject($lead, $project, $duplicateDetector, $notifier, $ledger)) {
-            $createdCount++;
-        }
-    } catch (Throwable $e) {
-        // ... существующий код
-    }
-}
-```
-
-**3d. Расширить сигнатуру `createDealCopyForProject`** (строка ~178):
-
-```php
-private function createDealCopyForProject(
-    SupplierLead $lead,
-    Project $project,
-    DuplicateDetector $duplicateDetector,
-    NotificationService $notifier,
-    LedgerService $ledger,
-): bool {
-```
-
-**3e. Заменить блок строк 265-279 на LedgerService::chargeForDelivery + try/catch**:
-
-Найти строки:
-
-```php
-$tenant->decrement('balance_leads');
-$tenant->refresh();
-
-$project->increment('delivered_today');
-$project->increment('delivered_in_month');
-
-BalanceTransaction::create([
-    'tenant_id' => $tenant->id,
-    'type' => BalanceTransaction::TYPE_LEAD_CHARGE,
-    'amount_leads' => -1,
-    'balance_leads_after' => (int) $tenant->balance_leads,
-    'related_type' => Deal::class,
-    'related_id' => $deal->id,
-    'created_at' => now(),
-]);
-```
-
-Заменить на:
-
-```php
-try {
-    $ledger->chargeForDelivery($tenant, $deal, $lead);
-} catch (InsufficientBalanceException $e) {
-    Log::warning('billing.insufficient_balance.deal_rolled_back', [
-        'tenant_id' => $tenant->id,
-        'project_id' => $project->id,
-        'supplier_lead_id' => $lead->id,
-        'price_kopecks' => $e->priceKopecks,
-        'balance_rub' => $e->balanceRub,
-        'balance_leads' => $e->balanceLeads,
-    ]);
-    throw $e;  // bubble — DB::transaction rollback + поднимется в createDealCopyForProject уровень
-}
-
-$project->increment('delivered_today');
-$project->increment('delivered_in_month');
-```
-
-Также удалить `use App\Models\BalanceTransaction;` если он стал ненужным (LedgerService теперь пишет BalanceTransaction внутри).
-
-**Внимание:** `InsufficientBalanceException` пробрасывается из `DB::transaction` → ловится **outside** Closure'а, в `createDealCopyForProject` уровне. Сама структура transaction уже есть в строке 184 (`return DB::transaction(function () use (...) {...});`). Обернём вызов транзакции в try/catch на уровне `createDealCopyForProject` (это понадобится в Task 6 для auto-pause flow; пока — просто rethrow в parent handle()).
-
-В Task 4 НЕ добавляем auto-pause логику — только rethrow `InsufficientBalanceException` наверх. Auto-pause = Task 6.
-
-- [ ] **Step 4: Запустить тест — PASS (4 теста должны быть зелёными)**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Supplier/RouteSupplierLeadJobBillingTest.php
-```
-
-Expected: 4 PASS.
-
-- [ ] **Step 5: Pint + Larastan + полный Pest**
-
-```bash
-cd app && composer pint && composer stan && ./vendor/bin/pest --parallel
-```
-
-Expected: pint clean, stan 0 above baseline. Если есть Larastan warnings про `BalanceTransaction` import — удалить.
-
-Если падают существующие тесты RouteSupplierLeadJobTest, RouteSupplierLeadJobShareTest и т.п. (Plans 2/2.5) — нужно их подправить: они должны заранее засеять pricing_tiers (через `PricingTierSeeder` в `beforeEach`) и снабдить tenant'ы `balance_leads >= matchCount` ИЛИ `balance_rub` под tier-цену.
-
-```bash
-# Грепнуть, какие тесты используют RouteSupplierLeadJob и могут сломаться:
-grep -rln "RouteSupplierLeadJob" app/tests/
-```
-
-Для каждого failing test — добавить в `beforeEach`:
-
-```php
-(new \Database\Seeders\PricingTierSeeder())->run();
-```
-
-И в fixture-tenant'е установить достаточный balance_leads.
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/app/Jobs/RouteSupplierLeadJob.php app/tests/Feature/Supplier/RouteSupplierLeadJobBillingTest.php
-# + любые существующие test'ы, потребовавшие правок balance_leads / seeder в beforeEach:
-# git add app/tests/Feature/Supplier/<existing-test>.php
-git commit -m "feat(supplier): Plan 4 Task 4 — integrate LedgerService в RouteSupplierLeadJob (charge + supplier_lead_costs gap-fix)"
-```
-
----
-
-## Task 5: ResetMonthlyCountersCommand + Schedule entry
-
-**Files:**
-
-- Create: `app/app/Console/Commands/ResetMonthlyCountersCommand.php`
-- Modify: [app/routes/console.php](../../app/routes/console.php)
-- Create: `app/tests/Feature/Console/ResetMonthlyCountersCommandTest.php`
-
-- [ ] **Step 1: Написать failing тест**
-
-```php
-<?php
-// app/tests/Feature/Console/ResetMonthlyCountersCommandTest.php
-
-declare(strict_types=1);
-
-use App\Models\Project;
-use App\Models\Tenant;
-use Illuminate\Foundation\Testing\RefreshDatabase;
-use Illuminate\Support\Facades\Artisan;
-
-uses(\Tests\TestCase::class, RefreshDatabase::class);
-
-it('resets tenants.delivered_in_month and projects.delivered_in_month to 0', function () {
-    $tenantA = Tenant::factory()->create(['delivered_in_month' => 100]);
-    $tenantB = Tenant::factory()->create(['delivered_in_month' => 5]);
-    $tenantC = Tenant::factory()->create(['delivered_in_month' => 0]);  // already 0
-
-    Project::factory()->create(['tenant_id' => $tenantA->id, 'delivered_in_month' => 50]);
-    Project::factory()->create(['tenant_id' => $tenantA->id, 'delivered_in_month' => 50]);
-    Project::factory()->create(['tenant_id' => $tenantB->id, 'delivered_in_month' => 5]);
-
-    Artisan::call('projects:reset-monthly');
-
-    expect($tenantA->fresh()->delivered_in_month)->toBe(0);
-    expect($tenantB->fresh()->delivered_in_month)->toBe(0);
-    expect($tenantC->fresh()->delivered_in_month)->toBe(0);
-
-    expect(Project::sum('delivered_in_month'))->toBe(0);
-});
-
-it('is idempotent — second run reports 0 affected', function () {
-    $tenant = Tenant::factory()->create(['delivered_in_month' => 10]);
-    Project::factory()->create(['tenant_id' => $tenant->id, 'delivered_in_month' => 10]);
-
-    Artisan::call('projects:reset-monthly');
-    $secondOutput = Artisan::call('projects:reset-monthly');
-
-    expect($secondOutput)->toBe(0);  // SUCCESS exit code
-    expect(\Artisan::output())->toContain('0 tenants');
-    expect(\Artisan::output())->toContain('0 projects');
-});
-
-it('Schedule entry registered for monthly on 1st 00:00 Europe/Moscow', function () {
-    /** @var \Illuminate\Console\Scheduling\Schedule $schedule */
-    $schedule = app(\Illuminate\Console\Scheduling\Schedule::class);
-
-    $found = collect($schedule->events())->first(
-        fn ($event) => str_contains($event->command ?? '', 'projects:reset-monthly')
-    );
-
-    expect($found)->not->toBeNull();
-    expect($found->expression)->toBe('0 0 1 * *');  // 00:00 1-го числа каждого месяца
-    expect($found->timezone)->toBe('Europe/Moscow');
-});
-
-it('uses pgsql_supplier BYPASSRLS connection (touches all tenants without SET LOCAL)', function () {
-    Tenant::factory()->count(3)->create(['delivered_in_month' => 7]);
-
-    // Без SET LOCAL app.current_tenant_id reset должен затронуть всех 3 tenant'ов.
-    // Это тест на использование pgsql_supplier (BYPASSRLS), не default pgsql.
-    Artisan::call('projects:reset-monthly');
-
-    expect(Tenant::where('delivered_in_month', '>', 0)->count())->toBe(0);
-});
-```
-
-- [ ] **Step 2: Запустить — FAIL**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Console/ResetMonthlyCountersCommandTest.php
-```
-
-Expected: 4 FAIL ("Command 'projects:reset-monthly' is not defined").
-
-- [ ] **Step 3: Реализовать ResetMonthlyCountersCommand**
-
-```php
-<?php
-// app/app/Console/Commands/ResetMonthlyCountersCommand.php
-
-declare(strict_types=1);
-
-namespace App\Console\Commands;
-
-use Illuminate\Console\Command;
-use Illuminate\Support\Facades\DB;
-
-/**
- * Сброс tenants.delivered_in_month + projects.delivered_in_month = 0.
- *
- * Spec: docs/superpowers/specs/2026-05-11-plan4-billing-csv-admin-design.md §4.1
- * Расписание: 1-го числа каждого месяца в 00:00 Europe/Moscow.
- *
- * Идёт через connection `pgsql_supplier` (BYPASSRLS-роль crm_supplier_worker) —
- * паттерн ResetDeliveredTodayCommand. Один statement на таблицу, без SET LOCAL.
- */
-class ResetMonthlyCountersCommand extends Command
-{
-    protected $signature = 'projects:reset-monthly';
-
-    protected $description = 'Сброс tenants.delivered_in_month + projects.delivered_in_month = 0 (1-го числа в 00:00 МСК, Plan 4)';
-
-    public function handle(): int
-    {
-        DB::connection('pgsql_supplier')->transaction(function () {
-            $tenants = DB::connection('pgsql_supplier')
-                ->update('UPDATE tenants  SET delivered_in_month = 0 WHERE delivered_in_month <> 0');
-            $projects = DB::connection('pgsql_supplier')
-                ->update('UPDATE projects SET delivered_in_month = 0 WHERE delivered_in_month <> 0');
-
-            $this->info("Monthly reset: {$tenants} tenants, {$projects} projects.");
-        });
-
-        return self::SUCCESS;
-    }
-}
-```
-
-- [ ] **Step 4: Добавить Schedule entry в routes/console.php**
-
-Открыть [app/routes/console.php](../../app/routes/console.php), после существующего `Schedule::command('projects:reset-delivered-today')` (строка ~21-23) добавить:
-
-```php
-// Plan 4: monthly reset 1-го числа в 00:00 МСК для tier-lookup в LedgerService.
-Schedule::command('projects:reset-monthly')
-    ->monthlyOn(1, '00:00')
-    ->timezone('Europe/Moscow');
-```
-
-- [ ] **Step 5: Запустить — PASS**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Console/ResetMonthlyCountersCommandTest.php
-```
-
-Expected: 4 PASS.
-
-- [ ] **Step 6: Pint + Larastan + полный Pest**
-
-```bash
-cd app && composer pint && composer stan && ./vendor/bin/pest --parallel
-```
-
-Expected: clean.
-
-- [ ] **Step 7: Commit**
-
-```bash
-git add app/app/Console/Commands/ResetMonthlyCountersCommand.php \
-        app/routes/console.php \
-        app/tests/Feature/Console/ResetMonthlyCountersCommandTest.php
-git commit -m "feat(commands): Plan 4 Task 5 — ResetMonthlyCountersCommand + Schedule monthlyOn(1, 00:00) МСК"
-```
-
----
-
-## Task 6: Auto-pause flow + ZeroBalancePausedMail + rate-limit
-
-**Files:**
-
-- Create: `app/app/Mail/ZeroBalancePausedMail.php`
-- Create: `app/resources/views/emails/zero_balance_paused.blade.php`
-- Modify: `app/app/Services/NotificationService.php`
-- Modify: [app/app/Jobs/RouteSupplierLeadJob.php](../../app/app/Jobs/RouteSupplierLeadJob.php) (+`handleInsufficientBalance` private method + try/catch в createDealCopyForProject)
-- Create: `app/tests/Feature/Supplier/AutoPauseFlowTest.php`
-
-- [ ] **Step 1: Написать failing test для auto-pause flow**
-
-```php
-<?php
-// app/tests/Feature/Supplier/AutoPauseFlowTest.php
-
-declare(strict_types=1);
-
-use App\Mail\ZeroBalancePausedMail;
-use App\Models\Project;
-use App\Models\Supplier;
-use App\Models\SupplierLead;
-use App\Models\SupplierProject;
-use App\Models\Tenant;
-use App\Jobs\RouteSupplierLeadJob;
-use Illuminate\Foundation\Testing\RefreshDatabase;
-use Illuminate\Support\Facades\Cache;
-use Illuminate\Support\Facades\Mail;
-
-uses(\Tests\TestCase::class, RefreshDatabase::class);
-
-beforeEach(function () {
-    Mail::fake();
-    Cache::store('redis')->flush();
-    (new \Database\Seeders\PricingTierSeeder())->run();
-});
-
-function makeFlowWithBalance(array $balance): array
-{
-    $supplier = Supplier::where('code', 'b1')->first();
-    $supplierProject = SupplierProject::factory()->create([
-        'platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'example.com',
-        'supplier_id' => $supplier->id,
-    ]);
-    $tenant = Tenant::factory()->create($balance);
-    $project = Project::factory()->create([
-        'tenant_id' => $tenant->id,
-        'signal_type' => 'site', 'signal_identifier' => 'example.com',
-        'supplier_b1_project_id' => $supplierProject->id,
-        'is_active' => true, 'daily_limit_target' => 10,
-        'effective_daily_limit_today' => 10, 'delivered_today' => 0,
-        'delivery_days_mask' => 127, 'region_mask' => 255,
-    ]);
-    $lead = SupplierLead::factory()->create([
-        'vid' => 'vid-pause-'.uniqid(),
-        'phone' => '79991234567',
-        'raw_payload' => ['project' => 'B1_example.com', 'phone' => '79991234567', 'time' => time()],
-        'supplier_project_id' => $supplierProject->id,
-        'received_at' => now(),
-    ]);
-    return compact('tenant', 'project', 'lead');
-}
-
-it('pauses project (is_active=false) when both balances empty', function () {
-    $ctx = makeFlowWithBalance(['balance_leads' => 0, 'balance_rub' => '100.00']);
-
-    (new RouteSupplierLeadJob($ctx['lead']->id))->handle(
-        app(\App\Services\LeadRouter::class),
-        app(\App\Services\SupplierProjects\SupplierProjectResolver::class),
-        app(\App\Services\DuplicateDetector::class),
-        app(\App\Services\NotificationService::class),
-        app(\App\Services\Billing\LedgerService::class),
-    );
-
-    expect($ctx['project']->fresh()->is_active)->toBeFalse();
-});
-
-it('sends ZeroBalancePausedMail на email tenant’а', function () {
-    $ctx = makeFlowWithBalance(['balance_leads' => 0, 'balance_rub' => '100.00']);
-
-    (new RouteSupplierLeadJob($ctx['lead']->id))->handle(
-        app(\App\Services\LeadRouter::class),
-        app(\App\Services\SupplierProjects\SupplierProjectResolver::class),
-        app(\App\Services\DuplicateDetector::class),
-        app(\App\Services\NotificationService::class),
-        app(\App\Services\Billing\LedgerService::class),
-    );
-
-    Mail::assertSent(ZeroBalancePausedMail::class, function ($mail) use ($ctx) {
-        return $mail->hasTo($ctx['tenant']->contact_email);
-    });
-});
-
-it('respects rate-limit 1 hour per tenant: 2 consecutive calls → 1 email only', function () {
-    $ctx1 = makeFlowWithBalance(['balance_leads' => 0, 'balance_rub' => '100.00']);
-    $tenantId = $ctx1['tenant']->id;
-
-    (new RouteSupplierLeadJob($ctx1['lead']->id))->handle(
-        app(\App\Services\LeadRouter::class), app(\App\Services\SupplierProjects\SupplierProjectResolver::class),
-        app(\App\Services\DuplicateDetector::class), app(\App\Services\NotificationService::class),
-        app(\App\Services\Billing\LedgerService::class),
-    );
-
-    // Создаём второй lead для того же tenant'а (но другой project / vid)
-    $ctx2lead = SupplierLead::factory()->create([
-        'vid' => 'vid-pause-2-'.uniqid(),
-        'phone' => '79991234568',
-        'raw_payload' => ['project' => 'B1_example.com', 'phone' => '79991234568', 'time' => time()],
-        'supplier_project_id' => $ctx1['lead']->supplier_project_id,
-        'received_at' => now(),
-    ]);
-
-    (new RouteSupplierLeadJob($ctx2lead->id))->handle(
-        app(\App\Services\LeadRouter::class), app(\App\Services\SupplierProjects\SupplierProjectResolver::class),
-        app(\App\Services\DuplicateDetector::class), app(\App\Services\NotificationService::class),
-        app(\App\Services\Billing\LedgerService::class),
-    );
-
-    Mail::assertSent(ZeroBalancePausedMail::class, 1);
-});
-
-it('sends 2nd email after 65 minutes (rate-limit expired)', function () {
-    $ctx = makeFlowWithBalance(['balance_leads' => 0, 'balance_rub' => '100.00']);
-
-    (new RouteSupplierLeadJob($ctx['lead']->id))->handle(
-        app(\App\Services\LeadRouter::class), app(\App\Services\SupplierProjects\SupplierProjectResolver::class),
-        app(\App\Services\DuplicateDetector::class), app(\App\Services\NotificationService::class),
-        app(\App\Services\Billing\LedgerService::class),
-    );
-
-    Mail::assertSent(ZeroBalancePausedMail::class, 1);
-
-    \Illuminate\Support\Carbon::setTestNow(now()->addMinutes(65));
-    Cache::store('redis')->flush();  // имитируем TTL expiry; в реальности Redis сам забудет через 1ч
-
-    $lead2 = SupplierLead::factory()->create([
-        'vid' => 'vid-pause-future-'.uniqid(),
-        'phone' => '79991234569',
-        'raw_payload' => ['project' => 'B1_example.com', 'phone' => '79991234569', 'time' => time()],
-        'supplier_project_id' => $ctx['lead']->supplier_project_id,
-        'received_at' => now(),
-    ]);
-
-    (new RouteSupplierLeadJob($lead2->id))->handle(
-        app(\App\Services\LeadRouter::class), app(\App\Services\SupplierProjects\SupplierProjectResolver::class),
-        app(\App\Services\DuplicateDetector::class), app(\App\Services\NotificationService::class),
-        app(\App\Services\Billing\LedgerService::class),
-    );
-
-    Mail::assertSent(ZeroBalancePausedMail::class, 2);
-});
-
-it('sharing-flow isolation: tenant A on zero paused, tenant B with balance receives deal', function () {
-    $supplier = Supplier::where('code', 'b1')->first();
-    $supplierProject = SupplierProject::factory()->create([
-        'platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'example.com',
-        'supplier_id' => $supplier->id,
-    ]);
-    $tenantA = Tenant::factory()->create(['balance_leads' => 0, 'balance_rub' => '0.00']);
-    $tenantB = Tenant::factory()->create(['balance_leads' => 5, 'balance_rub' => '0.00']);
-    $projectA = Project::factory()->create([
-        'tenant_id' => $tenantA->id, 'signal_type' => 'site', 'signal_identifier' => 'example.com',
-        'supplier_b1_project_id' => $supplierProject->id, 'is_active' => true,
-        'daily_limit_target' => 10, 'effective_daily_limit_today' => 10,
-        'delivered_today' => 0, 'delivery_days_mask' => 127, 'region_mask' => 255,
-    ]);
-    $projectB = Project::factory()->create([
-        'tenant_id' => $tenantB->id, 'signal_type' => 'site', 'signal_identifier' => 'example.com',
-        'supplier_b1_project_id' => $supplierProject->id, 'is_active' => true,
-        'daily_limit_target' => 10, 'effective_daily_limit_today' => 10,
-        'delivered_today' => 0, 'delivery_days_mask' => 127, 'region_mask' => 255,
-    ]);
-    $lead = SupplierLead::factory()->create([
-        'vid' => 'vid-shared-'.uniqid(),
-        'phone' => '79991234567',
-        'raw_payload' => ['project' => 'B1_example.com', 'phone' => '79991234567', 'time' => time()],
-        'supplier_project_id' => $supplierProject->id,
-        'received_at' => now(),
-    ]);
-
-    (new RouteSupplierLeadJob($lead->id))->handle(
-        app(\App\Services\LeadRouter::class), app(\App\Services\SupplierProjects\SupplierProjectResolver::class),
-        app(\App\Services\DuplicateDetector::class), app(\App\Services\NotificationService::class),
-        app(\App\Services\Billing\LedgerService::class),
-    );
-
-    expect($projectA->fresh()->is_active)->toBeFalse();
-    expect($projectB->fresh()->is_active)->toBeTrue();
-    expect((int) $tenantB->fresh()->balance_leads)->toBe(4);
-});
-```
-
-- [ ] **Step 2: Запустить — FAIL (ZeroBalancePausedMail класс не существует, нет handleInsufficientBalance)**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Supplier/AutoPauseFlowTest.php
-```
-
-Expected: 5 FAIL.
-
-- [ ] **Step 3: Создать ZeroBalancePausedMail mailable**
-
-```php
-<?php
-// app/app/Mail/ZeroBalancePausedMail.php
-
-declare(strict_types=1);
-
-namespace App\Mail;
-
-use App\Models\Project;
-use App\Models\Tenant;
-use Illuminate\Bus\Queueable;
-use Illuminate\Mail\Mailable;
-use Illuminate\Mail\Mailables\Content;
-use Illuminate\Mail\Mailables\Envelope;
-use Illuminate\Queue\SerializesModels;
-
-/**
- * Email клиенту Лидерры о приостановке проекта из-за недостаточного баланса.
- *
- * Spec: docs/superpowers/specs/2026-05-11-plan4-billing-csv-admin-design.md §4.4
- */
-final class ZeroBalancePausedMail extends Mailable
-{
-    use Queueable;
-    use SerializesModels;
-
-    public function __construct(
-        public readonly Tenant $tenant,
-        public readonly Project $project,
-        public readonly int $requiredPriceKopecks,
-    ) {}
-
-    public function envelope(): Envelope
-    {
-        return new Envelope(
-            subject: "Проект «{$this->project->name}» приостановлен — недостаточно средств",
-            to: [$this->tenant->contact_email],
-        );
-    }
-
-    public function content(): Content
-    {
-        return new Content(view: 'emails.zero_balance_paused');
-    }
-}
-```
-
-- [ ] **Step 4: Создать Blade-шаблон**
-
-```html
-{{-- app/resources/views/emails/zero_balance_paused.blade.php --}}
-<!DOCTYPE html>
-<html lang="ru">
-<head><meta charset="UTF-8"><title>Проект приостановлен</title></head>
-<body style="font-family: 'Inter', Arial, sans-serif; color: #012019;">
-  <p>Здравствуйте!</p>
-  <p>Проект <strong>«{{ $project->name }}»</strong> приостановлен — недостаточно средств для приёма следующего лида.</p>
-  <ul>
-    <li>Баланс в лидах: <strong>{{ $tenant->balance_leads }}</strong></li>
-    <li>Баланс в рублях: <strong>{{ number_format((float) $tenant->balance_rub, 2, ',', ' ') }} ₽</strong></li>
-    <li>Цена за следующий лид: <strong>{{ number_format($requiredPriceKopecks / 100, 2, ',', ' ') }} ₽</strong></li>
-  </ul>
-  <p>Пополните баланс на странице <a href="https://{{ $tenant->subdomain }}.liderra.ru/billing">«Баланс и тарифы»</a>, чтобы возобновить приём лидов.</p>
-  <p>С уважением, команда Лидерра.</p>
-</body>
-</html>
-```
-
-- [ ] **Step 5: Добавить `notifyZeroBalance` в NotificationService**
-
-Открыть `app/app/Services/NotificationService.php`. После метода `notifyNewLead` (грепнуть имя метода для exact position) добавить:
-
-```php
-use App\Mail\ZeroBalancePausedMail;
-use Illuminate\Support\Facades\Mail;
-
-// ...
-
-public function notifyZeroBalance(Tenant $tenant, Project $project, int $requiredPriceKopecks): void
-{
-    Mail::to($tenant->contact_email)->send(
-        new ZeroBalancePausedMail($tenant, $project, $requiredPriceKopecks)
-    );
-}
-```
-
-- [ ] **Step 6: Добавить `handleInsufficientBalance` в RouteSupplierLeadJob**
-
-Открыть [app/app/Jobs/RouteSupplierLeadJob.php](../../app/app/Jobs/RouteSupplierLeadJob.php):
-
-**6a. Добавить use-импорты** (после Task 4 импортов):
-
-```php
-use Illuminate\Support\Facades\Cache;
-```
-
-**6b. Заменить try/catch в createDealCopyForProject (Task 4) на полный flow:**
-
-Найти структуру `try { ... DB::transaction(function (...) { ... }); } catch (InsufficientBalanceException $e) { ... }` (Task 4 ввёл это). Сейчас Task 6 расширяет catch:
-
-```php
-try {
-    return DB::transaction(function () use ($lead, $project, $duplicateDetector, $notifier, $ledger): bool {
-        // ... весь существующий код createDealCopyForProject (Tenant lock, Project lock, Deal create,
-        //     DuplicateDetector, $ledger->chargeForDelivery, increment delivered_today/in_month,
-        //     ActivityLog, notifyNewLead) ...
-    });
-} catch (InsufficientBalanceException $e) {
-    // Транзакция rolled back — Deal не создан, balance не тронут.
-    $this->handleInsufficientBalance($lead, $project, $e);
-    return false;
-}
-```
-
-**6c. Добавить приватный метод `handleInsufficientBalance`** в конец класса (перед `failed()`):
-
-```php
-private function handleInsufficientBalance(
-    SupplierLead $lead,
-    Project $project,
-    InsufficientBalanceException $e,
-): void {
-    // 1) UPDATE projects.is_active=false через pgsql_supplier (BYPASSRLS — паттерн ResetCmd)
-    DB::connection(self::DB_CONNECTION)
-        ->update('UPDATE projects SET is_active = false WHERE id = ?', [$project->id]);
-
-    // 2) Email-алерт с rate-limit 1/час/tenant через Redis SETNX.
-    $cacheKey = "billing:zero_balance_alert:{$project->tenant_id}";
-    if (Cache::store('redis')->add($cacheKey, true, now()->addHour())) {
-        $project->loadMissing('tenant');
-        app(NotificationService::class)->notifyZeroBalance(
-            $project->tenant, $project, $e->priceKopecks
-        );
-    }
-
-    Log::warning('billing.project_paused_insufficient_balance', [
-        'tenant_id' => $project->tenant_id,
-        'project_id' => $project->id,
-        'supplier_lead_id' => $lead->id,
-        'price_kopecks' => $e->priceKopecks,
-        'balance_rub' => $e->balanceRub,
-        'balance_leads' => $e->balanceLeads,
-    ]);
-}
-```
-
-- [ ] **Step 7: Запустить test — PASS**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Supplier/AutoPauseFlowTest.php
-```
-
-Expected: 5 PASS.
-
-- [ ] **Step 8: Pint + Larastan + полный Pest**
-
-```bash
-cd app && composer pint && composer stan && ./vendor/bin/pest --parallel
-```
-
-- [ ] **Step 9: Commit**
-
-```bash
-git add app/app/Mail/ZeroBalancePausedMail.php \
-        app/resources/views/emails/zero_balance_paused.blade.php \
-        app/app/Services/NotificationService.php \
-        app/app/Jobs/RouteSupplierLeadJob.php \
-        app/tests/Feature/Supplier/AutoPauseFlowTest.php
-git commit -m "feat(billing): Plan 4 Task 6 — auto-pause flow + ZeroBalancePausedMail + 1/hour rate-limit"
-```
-
----
-
-## Task 7: SupplierCsvParser + SupplierPortalClient::downloadLeadsCsv
-
-**Files:**
-
-- Create: `app/app/Services/Supplier/SupplierCsvParser.php`
-- Create: `app/tests/Unit/Supplier/SupplierCsvParserTest.php`
-- Modify: [app/app/Services/Supplier/SupplierPortalClient.php](../../app/app/Services/Supplier/SupplierPortalClient.php)
-- Create: `app/tests/Unit/Supplier/SupplierPortalClientCsvTest.php`
-
-- [ ] **Step 1: Написать failing unit-test для SupplierCsvParser**
-
-```php
-<?php
-// app/tests/Unit/Supplier/SupplierCsvParserTest.php
-
-declare(strict_types=1);
-
-use App\Services\Supplier\SupplierCsvParser;
-
-uses(\Tests\TestCase::class);
-
-beforeEach(function () {
-    $this->parser = new SupplierCsvParser();
-});
-
-it('parses empty CSV → yields nothing', function () {
-    $rows = iterator_to_array($this->parser->parse(''));
-    expect($rows)->toBeEmpty();
-});
-
-it('parses 1 row → yields 1 struct with vid/project/phone/time', function () {
-    $csv = "vid;project;tag;phone;phones;time\n"
-         . "1234;B1_example.com;;79991234567;79991234567;1715432400\n";
-
-    $rows = iterator_to_array($this->parser->parse($csv));
-
-    expect($rows)->toHaveCount(1);
-    expect($rows[0])->toMatchArray([
-        'vid' => '1234',
-        'project' => 'B1_example.com',
-        'phone' => '79991234567',
-        'time' => 1715432400,
-    ]);
-});
-
-it('parses 1000 rows without OOM (streaming generator)', function () {
-    $lines = ["vid;project;tag;phone;phones;time"];
-    for ($i = 1; $i <= 1000; $i++) {
-        $lines[] = "{$i};B1_test.com;;7999000{$i};7999000{$i};1715432400";
-    }
-    $csv = implode("\n", $lines)."\n";
-
-    $count = 0;
-    foreach ($this->parser->parse($csv) as $_) {
-        $count++;
-    }
-
-    expect($count)->toBe(1000);
-});
-
-it('skips malformed rows with missing columns + logs warning', function () {
-    \Illuminate\Support\Facades\Log::spy();
-
-    $csv = "vid;project;tag;phone;phones;time\n"
-         . "1234;B1_example.com;;79991234567;79991234567;1715432400\n"
-         . "broken-row-only-one-column\n"
-         . "5678;B1_another.com;;79991234567;79991234567;1715432500\n";
-
-    $rows = iterator_to_array($this->parser->parse($csv));
-
-    expect($rows)->toHaveCount(2);
-    expect($rows[0]['vid'])->toBe('1234');
-    expect($rows[1]['vid'])->toBe('5678');
-
-    \Illuminate\Support\Facades\Log::shouldHaveReceived('warning')
-        ->with('supplier_csv_parser.malformed_row', \Mockery::any())
-        ->once();
-});
-
-it('handles BOM + CRLF line endings', function () {
-    $bom = "\xEF\xBB\xBF";
-    $csv = $bom . "vid;project;tag;phone;phones;time\r\n"
-         . "1234;B1_example.com;;79991234567;79991234567;1715432400\r\n";
-
-    $rows = iterator_to_array($this->parser->parse($csv));
-
-    expect($rows)->toHaveCount(1);
-    expect($rows[0]['vid'])->toBe('1234');
-});
-```
-
-- [ ] **Step 2: Запустить — FAIL**
-
-```bash
-cd app && ./vendor/bin/pest tests/Unit/Supplier/SupplierCsvParserTest.php
-```
-
-Expected: 5 FAIL ("Class SupplierCsvParser does not exist").
-
-- [ ] **Step 3: Реализовать SupplierCsvParser**
-
-```php
-<?php
-// app/app/Services/Supplier/SupplierCsvParser.php
-
-declare(strict_types=1);
-
-namespace App\Services\Supplier;
-
-use Illuminate\Support\Facades\Log;
-
-/**
- * Streaming-парсер CSV-экспорта `/admin/report/index?type=49` поставщика.
- *
- * Spec: docs/superpowers/specs/2026-05-11-plan4-billing-csv-admin-design.md §5.2
- * Ожидаемые столбцы: vid;project;tag;phone;phones;time (placeholder; уточнится
- * после Plan 3 Tasks 1-2 discovery с credentials поставщика).
- *
- * Возвращает Generator — вызывающий (CsvReconcileJob) сам решает, сколько
- * копить в памяти. BOM + CRLF поддерживаются. Malformed rows skip + log.
- */
-final class SupplierCsvParser
-{
-    private const EXPECTED_COLUMNS = 6;
-
-    /**
-     * @return iterable<int, array{vid: string, project: string, phone: string, time: int}>
-     */
-    public function parse(string $rawCsv): iterable
-    {
-        if ($rawCsv === '') {
-            return;
-        }
-
-        // Убираем BOM (UTF-8 BOM = EF BB BF)
-        if (str_starts_with($rawCsv, "\xEF\xBB\xBF")) {
-            $rawCsv = substr($rawCsv, 3);
-        }
-
-        // Нормализуем CRLF → LF
-        $rawCsv = str_replace("\r\n", "\n", $rawCsv);
-
-        $lines = explode("\n", $rawCsv);
-        $headerSkipped = false;
-        $lineNo = 0;
-
-        foreach ($lines as $line) {
-            $lineNo++;
-            if ($line === '') {
-                continue;
-            }
-            if (! $headerSkipped) {
-                $headerSkipped = true;
-                continue;
-            }
-
-            $cols = str_getcsv($line, separator: ';');
-            if (count($cols) < self::EXPECTED_COLUMNS) {
-                Log::warning('supplier_csv_parser.malformed_row', [
-                    'line_no' => $lineNo,
-                    'columns_found' => count($cols),
-                    'expected' => self::EXPECTED_COLUMNS,
-                    'sample' => substr($line, 0, 100),
-                ]);
-                continue;
-            }
-
-            yield [
-                'vid' => (string) $cols[0],
-                'project' => (string) $cols[1],
-                'phone' => (string) $cols[3],
-                'time' => (int) $cols[5],
-            ];
-        }
-    }
-}
-```
-
-- [ ] **Step 4: Запустить — PASS**
-
-```bash
-cd app && ./vendor/bin/pest tests/Unit/Supplier/SupplierCsvParserTest.php
-```
-
-Expected: 5 PASS.
-
-- [ ] **Step 5: Написать failing test для downloadLeadsCsv**
-
-```php
-<?php
-// app/tests/Unit/Supplier/SupplierPortalClientCsvTest.php
-
-declare(strict_types=1);
-
-use App\Exceptions\Supplier\SupplierTransientException;
-use App\Services\Supplier\SupplierPortalClient;
-use Illuminate\Http\Client\Factory as HttpFactory;
-use Illuminate\Support\Facades\Cache;
-use Illuminate\Support\Facades\Http;
-
-uses(\Tests\TestCase::class);
-
-beforeEach(function () {
-    Cache::store('redis')->put('supplier:session', [
-        'phpsessid' => 'test-session', 'csrf' => 'test-csrf-token',
-    ], now()->addHour());
-
-    config(['services.supplier.portal_url' => 'https://crm.bp-gr.ru']);
-});
-
-it('GET /admin/report/index?type=49 returns CSV body on 200', function () {
-    Http::fake([
-        'crm.bp-gr.ru/admin/report/index*' => Http::response(
-            "vid;project;tag;phone;phones;time\n1234;B1_example.com;;79991234567;79991234567;1715432400\n",
-            200,
-            ['Content-Type' => 'text/csv'],
-        ),
-    ]);
-
-    $client = new SupplierPortalClient(app(HttpFactory::class));
-    $body = $client->downloadLeadsCsv(
-        \Illuminate\Support\Carbon::parse('2024-05-11 00:00:00'),
-        \Illuminate\Support\Carbon::parse('2024-05-12 00:00:00'),
-    );
-
-    expect($body)->toContain('1234;B1_example.com');
-});
-
-it('401 → triggers session refresh → retry → 200', function () {
-    Http::fakeSequence('crm.bp-gr.ru/admin/report/index*')
-        ->push('Unauthorized', 401)
-        ->push("vid;...\n", 200);
-
-    // RefreshSupplierSessionJob — мокаем через app->bind()
-    app()->bind(\App\Jobs\Supplier\RefreshSupplierSessionJob::class, function () {
-        return new class {
-            public function handle(): void {
-                Cache::store('redis')->put('supplier:session', [
-                    'phpsessid' => 'refreshed', 'csrf' => 'refreshed-csrf',
-                ], now()->addHour());
-            }
-        };
-    });
-
-    $client = new SupplierPortalClient(app(HttpFactory::class));
-    $body = $client->downloadLeadsCsv(
-        \Illuminate\Support\Carbon::parse('2024-05-11'),
-        \Illuminate\Support\Carbon::parse('2024-05-12'),
-    );
-
-    expect($body)->toContain('vid');
-});
-
-it('500 → SupplierTransientException', function () {
-    Http::fake(['crm.bp-gr.ru/*' => Http::response('Internal Server Error', 500)]);
-
-    $client = new SupplierPortalClient(app(HttpFactory::class));
-
-    expect(fn () => $client->downloadLeadsCsv(
-        \Illuminate\Support\Carbon::parse('2024-05-11'),
-        \Illuminate\Support\Carbon::parse('2024-05-12'),
-    ))->toThrow(SupplierTransientException::class);
-});
-```
-
-- [ ] **Step 6: Запустить — FAIL ("method does not exist")**
-
-```bash
-cd app && ./vendor/bin/pest tests/Unit/Supplier/SupplierPortalClientCsvTest.php
-```
-
-- [ ] **Step 7: Добавить downloadLeadsCsv в SupplierPortalClient**
-
-Открыть [app/app/Services/Supplier/SupplierPortalClient.php](../../app/app/Services/Supplier/SupplierPortalClient.php), добавить use:
-
-```php
-use Carbon\CarbonInterface;
-```
-
-После метода `deleteProject` (~строка 65) добавить:
-
-```php
-/**
- * GET /admin/report/index?type=49 — CSV-экспорт лидов за окно [from, to].
- * Auth/retry семантика наследуется от request() (PHPSESSID + X-CSRF-Token +
- * 401 → RefreshSession + 5xx → SupplierTransientException + 4xx → SupplierClientException).
- *
- * Возвращает raw CSV-body (UTF-8 + BOM, CRLF). Парсинг — снаружи через
- * SupplierCsvParser (streaming через generator).
- *
- * Spec: docs/superpowers/specs/2026-05-11-plan4-billing-csv-admin-design.md §5.1
- */
-public function downloadLeadsCsv(CarbonInterface $from, CarbonInterface $to): string
-{
-    $response = $this->request('GET', '/admin/report/index', [
-        'type' => 49,
-        'from' => $from->format('Y-m-d H:i:s'),
-        'to'   => $to->format('Y-m-d H:i:s'),
-    ]);
-
-    return $response->body();
-}
-```
-
-- [ ] **Step 8: Запустить test — PASS**
-
-```bash
-cd app && ./vendor/bin/pest tests/Unit/Supplier/SupplierPortalClientCsvTest.php
-```
-
-Expected: 3 PASS.
-
-- [ ] **Step 9: Pint + Larastan + полный Pest**
-
-```bash
-cd app && composer pint && composer stan && ./vendor/bin/pest --parallel
-```
-
-- [ ] **Step 10: Commit**
-
-```bash
-git add app/app/Services/Supplier/SupplierCsvParser.php \
-        app/app/Services/Supplier/SupplierPortalClient.php \
-        app/tests/Unit/Supplier/SupplierCsvParserTest.php \
-        app/tests/Unit/Supplier/SupplierPortalClientCsvTest.php
-git commit -m "feat(supplier): Plan 4 Task 7 — SupplierCsvParser (streaming) + SupplierPortalClient::downloadLeadsCsv"
-```
-
----
-
-## Task 8: CsvReconcileJob + CsvDriftAlertMail + Schedule entry
-
-**Files:**
-
-- Create: `app/app/Jobs/Supplier/CsvReconcileJob.php`
-- Create: `app/app/Mail/CsvDriftAlertMail.php`
-- Create: `app/resources/views/emails/csv_drift_alert.blade.php`
-- Modify: [app/routes/console.php](../../app/routes/console.php)
-- Modify: `app/config/services.php` (если ключ `supplier.alert_email` не существует — добавим)
-- Create: `app/tests/Feature/Supplier/CsvReconcileJobTest.php`
-
-- [ ] **Step 1: Проверить ключ `services.supplier.alert_email` существует**
-
-```bash
-grep -n "alert_email\|supplier" app/config/services.php
-```
-
-Если нет — добавить блок:
-
-```php
-// app/config/services.php — добавить в return array
-'supplier' => [
-    'alert_email' => env('SUPPLIER_ALERT_EMAIL', 'ops@liderra.ru'),
-    'portal_url'  => env('SUPPLIER_PORTAL_URL', 'https://crm.bp-gr.ru'),
-    // ... possibly other keys из Plan 3
-],
-```
-
-- [ ] **Step 2: Написать failing integration-test для CsvReconcileJob**
-
-```php
-<?php
-// app/tests/Feature/Supplier/CsvReconcileJobTest.php
-
-declare(strict_types=1);
-
-use App\Jobs\Supplier\CsvReconcileJob;
-use App\Jobs\RouteSupplierLeadJob;
-use App\Mail\CsvDriftAlertMail;
-use App\Models\Supplier;
-use App\Models\SupplierLead;
-use App\Models\SupplierProject;
-use Illuminate\Foundation\Testing\RefreshDatabase;
-use Illuminate\Support\Facades\Bus;
-use Illuminate\Support\Facades\Cache;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Http;
-use Illuminate\Support\Facades\Mail;
-
-uses(\Tests\TestCase::class, RefreshDatabase::class);
-
-beforeEach(function () {
-    Mail::fake();
-    Bus::fake();
-    Cache::store('redis')->flush();
-    Cache::store('redis')->put('supplier:session', [
-        'phpsessid' => 'test', 'csrf' => 'test',
-    ], now()->addHour());
-    config(['services.supplier.portal_url' => 'https://crm.bp-gr.ru']);
-    config(['services.supplier.alert_email' => 'ops@liderra.ru']);
-});
-
-function csvBody(array $rows): string
-{
-    $out = "vid;project;tag;phone;phones;time\n";
-    foreach ($rows as $r) {
-        $out .= "{$r['vid']};{$r['project']};;{$r['phone']};{$r['phone']};{$r['time']}\n";
-    }
-    return $out;
-}
-
-it('matches existing leads, no missing — status=ok, no alert', function () {
-    $sp = SupplierProject::factory()->create(['platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'a.com']);
-    $now = time();
-
-    for ($i = 0; $i < 10; $i++) {
-        SupplierLead::factory()->create([
-            'vid' => "vid-{$i}",
-            'phone' => "799900000{$i}",
-            'supplier_project_id' => $sp->id,
-            'received_at' => now()->subHour(),
-        ]);
-    }
-
-    $rows = [];
-    for ($i = 0; $i < 10; $i++) {
-        $rows[] = ['vid' => "vid-{$i}", 'project' => 'B1_a.com', 'phone' => "799900000{$i}", 'time' => $now - 3600];
-    }
-    Http::fake(['crm.bp-gr.ru/admin/report/index*' => Http::response(csvBody($rows), 200)]);
-
-    app(CsvReconcileJob::class)->handle(
-        app(\App\Services\Supplier\SupplierPortalClient::class),
-        app(\App\Services\Supplier\SupplierCsvParser::class),
-        app(\Illuminate\Contracts\Mail\Mailer::class),
-    );
-
-    $log = DB::table('supplier_csv_reconcile_log')->first();
-    expect($log->status)->toBe('ok');
-    expect((int) $log->total_csv_rows)->toBe(10);
-    expect((int) $log->matched_count)->toBe(10);
-    expect((int) $log->recovered_count)->toBe(0);
-
-    Mail::assertNothingSent();
-    Bus::assertNothingDispatched();
-});
-
-it('drift 10% (1 missing of 10) → alert email + 1 RouteJob dispatched', function () {
-    $sp = SupplierProject::factory()->create(['platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'a.com']);
-    $now = time();
-
-    for ($i = 0; $i < 9; $i++) {  // 9 existing
-        SupplierLead::factory()->create([
-            'vid' => "vid-{$i}", 'phone' => "799900000{$i}",
-            'supplier_project_id' => $sp->id, 'received_at' => now()->subHour(),
-        ]);
-    }
-
-    $rows = [];
-    for ($i = 0; $i < 10; $i++) {  // 10 в CSV — 1 missing (vid-9)
-        $rows[] = ['vid' => "vid-{$i}", 'project' => 'B1_a.com', 'phone' => "799900000{$i}", 'time' => $now - 3600];
-    }
-    Http::fake(['crm.bp-gr.ru/admin/report/index*' => Http::response(csvBody($rows), 200)]);
-
-    app(CsvReconcileJob::class)->handle(
-        app(\App\Services\Supplier\SupplierPortalClient::class),
-        app(\App\Services\Supplier\SupplierCsvParser::class),
-        app(\Illuminate\Contracts\Mail\Mailer::class),
-    );
-
-    $log = DB::table('supplier_csv_reconcile_log')->first();
-    expect($log->status)->toBe('drift_alert');
-    expect((float) $log->drift_ratio)->toBeGreaterThan(0.05);
-    expect((int) $log->recovered_count)->toBe(1);
-
-    Mail::assertSent(CsvDriftAlertMail::class, 1);
-    Bus::assertDispatched(RouteSupplierLeadJob::class, 1);
-});
-
-it('drift 1% (1 missing of 100) → status=ok, no alert', function () {
-    $sp = SupplierProject::factory()->create(['platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'a.com']);
-    $now = time();
-
-    for ($i = 0; $i < 99; $i++) {
-        SupplierLead::factory()->create([
-            'vid' => "vid-{$i}", 'phone' => "799900{$i}",
-            'supplier_project_id' => $sp->id, 'received_at' => now()->subHour(),
-        ]);
-    }
-
-    $rows = [];
-    for ($i = 0; $i < 100; $i++) {
-        $rows[] = ['vid' => "vid-{$i}", 'project' => 'B1_a.com', 'phone' => "799900{$i}", 'time' => $now - 3600];
-    }
-    Http::fake(['crm.bp-gr.ru/admin/report/index*' => Http::response(csvBody($rows), 200)]);
-
-    app(CsvReconcileJob::class)->handle(
-        app(\App\Services\Supplier\SupplierPortalClient::class),
-        app(\App\Services\Supplier\SupplierCsvParser::class),
-        app(\Illuminate\Contracts\Mail\Mailer::class),
-    );
-
-    $log = DB::table('supplier_csv_reconcile_log')->first();
-    expect($log->status)->toBe('ok');
-    expect((int) $log->recovered_count)->toBe(1);
-    Mail::assertNothingSent();
-});
-
-it('empty CSV → status=ok, drift=0, no alert', function () {
-    Http::fake(['crm.bp-gr.ru/admin/report/index*' => Http::response("vid;project;tag;phone;phones;time\n", 200)]);
-
-    app(CsvReconcileJob::class)->handle(
-        app(\App\Services\Supplier\SupplierPortalClient::class),
-        app(\App\Services\Supplier\SupplierCsvParser::class),
-        app(\Illuminate\Contracts\Mail\Mailer::class),
-    );
-
-    $log = DB::table('supplier_csv_reconcile_log')->first();
-    expect($log->status)->toBe('ok');
-    expect((int) $log->total_csv_rows)->toBe(0);
-});
-
-it('SupplierTransientException → status=failed, error_message recorded', function () {
-    Http::fake(['crm.bp-gr.ru/*' => Http::response('Server Error', 500)]);
-
-    expect(fn () =>
-        app(CsvReconcileJob::class)->handle(
-            app(\App\Services\Supplier\SupplierPortalClient::class),
-            app(\App\Services\Supplier\SupplierCsvParser::class),
-            app(\Illuminate\Contracts\Mail\Mailer::class),
-        )
-    )->toThrow(\App\Exceptions\Supplier\SupplierTransientException::class);
-
-    $log = DB::table('supplier_csv_reconcile_log')->first();
-    expect($log->status)->toBe('failed');
-    expect($log->error_message)->toContain('500');
-});
-
-it('Schedule entry: hourly cron registered', function () {
-    /** @var \Illuminate\Console\Scheduling\Schedule $schedule */
-    $schedule = app(\Illuminate\Console\Scheduling\Schedule::class);
-
-    $events = $schedule->events();
-    $hasCsv = collect($events)->contains(fn ($event) =>
-        str_contains((string) $event->description, 'CsvReconcileJob')
-        || str_contains((string) $event->description, 'csv-reconcile')
-    );
-    expect($hasCsv)->toBeTrue();
-});
-```
-
-- [ ] **Step 3: Запустить — FAIL**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Supplier/CsvReconcileJobTest.php
-```
-
-Expected: 6 FAIL.
-
-- [ ] **Step 4: Создать CsvDriftAlertMail**
-
-```php
-<?php
-// app/app/Mail/CsvDriftAlertMail.php
-
-declare(strict_types=1);
-
-namespace App\Mail;
-
-use Carbon\CarbonInterface;
-use Illuminate\Bus\Queueable;
-use Illuminate\Mail\Mailable;
-use Illuminate\Mail\Mailables\Content;
-use Illuminate\Mail\Mailables\Envelope;
-use Illuminate\Queue\SerializesModels;
-
-/**
- * Email алерт админу Лидерры о расхождении CSV-сверки > 5%.
- *
- * Spec: docs/superpowers/specs/2026-05-11-plan4-billing-csv-admin-design.md §5.6
- */
-final class CsvDriftAlertMail extends Mailable
-{
-    use Queueable;
-    use SerializesModels;
-
-    public function __construct(
-        public readonly int $reconcileLogId,
-        public readonly int $totalCsvRows,
-        public readonly int $missingCount,
-        public readonly int $recoveredCount,
-        public readonly float $driftRatio,
-        public readonly CarbonInterface $windowStart,
-        public readonly CarbonInterface $windowEnd,
-    ) {}
-
-    public function envelope(): Envelope
-    {
-        $pct = number_format($this->driftRatio * 100, 2, ',', ' ');
-        $window = $this->windowStart->format('Y-m-d H:i').' — '.$this->windowEnd->format('Y-m-d H:i');
-        return new Envelope(
-            subject: "Лидерра ↔ Поставщик: расхождение CSV > 5% за {$window} ({$pct}%)",
-        );
-    }
-
-    public function content(): Content
-    {
-        return new Content(view: 'emails.csv_drift_alert');
-    }
-}
-```
-
-- [ ] **Step 5: Создать Blade-шаблон**
-
-```html
-{{-- app/resources/views/emails/csv_drift_alert.blade.php --}}
-<!DOCTYPE html>
-<html lang="ru">
-<head><meta charset="UTF-8"><title>CSV drift alert</title></head>
-<body style="font-family: Arial, sans-serif;">
-  <h3>Расхождение CSV-сверки с базой Лидерры</h3>
-  <p>Окно: <strong>{{ $windowStart->format('Y-m-d H:i') }} — {{ $windowEnd->format('Y-m-d H:i') }}</strong></p>
-  <ul>
-    <li>Всего строк в CSV: <strong>{{ $totalCsvRows }}</strong></li>
-    <li>Пропущено webhook'ом (recovered): <strong>{{ $missingCount }}</strong></li>
-    <li>Восстановлено в БД: <strong>{{ $recoveredCount }}</strong></li>
-    <li>Drift ratio: <strong>{{ number_format($driftRatio * 100, 2, ',', ' ') }}%</strong> (порог 5%)</li>
-  </ul>
-  <p>Подробности — в таблице <code>supplier_csv_reconcile_log.id = {{ $reconcileLogId }}</code>.</p>
-</body>
-</html>
-```
-
-- [ ] **Step 6: Создать CsvReconcileJob**
-
-```php
-<?php
-// app/app/Jobs/Supplier/CsvReconcileJob.php
-
-declare(strict_types=1);
-
-namespace App\Jobs\Supplier;
-
-use App\Jobs\RouteSupplierLeadJob;
-use App\Mail\CsvDriftAlertMail;
-use App\Models\SupplierLead;
-use App\Services\Supplier\SupplierCsvParser;
-use App\Services\Supplier\SupplierPortalClient;
-use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Mail\Mailer;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Foundation\Queue\Queueable as FoundationQueueable;
-use Illuminate\Queue\InteractsWithQueue;
-use Illuminate\Queue\SerializesModels;
-use Illuminate\Support\Carbon;
-use Illuminate\Support\Facades\Cache;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Log;
-use Throwable;
-
-/**
- * Hourly CSV reconciliation с порталом поставщика.
- *
- * Spec: docs/superpowers/specs/2026-05-11-plan4-billing-csv-admin-design.md §5.3
- *
- * Алгоритм:
- *   1. Cache::lock на 600s — overlap-защита.
- *   2. INSERT supplier_csv_reconcile_log (status='running').
- *   3. Download CSV за окно 25h.
- *   4. Parse → собираем ['vid' => row].
- *   5. SELECT existing vid'ы из supplier_leads (BYPASSRLS).
- *   6. Diff = missing.
- *   7. Для каждой missing — INSERT supplier_leads (recovered_from_csv_at) + dispatch RouteJob.
- *   8. UPDATE log с метриками + status.
- *   9. drift > 5% → CsvDriftAlertMail + alert_email_sent_at.
- *  10. На exception — status='failed', throw.
- */
-final class CsvReconcileJob implements ShouldQueue
-{
-    use FoundationQueueable;
-    use InteractsWithQueue;
-    use Queueable;
-    use SerializesModels;
-
-    public int $tries = 1;
-    public int $timeout = 300;
-
-    private const DB_CONNECTION = 'pgsql_supplier';
-    private const DRIFT_THRESHOLD = 0.05;
-    private const WINDOW_HOURS = 25;
-    private const LOCK_NAME = 'supplier:csv_reconcile';
-    private const LOCK_TTL_SECONDS = 600;
-
-    public function handle(
-        SupplierPortalClient $portal,
-        SupplierCsvParser $parser,
-        Mailer $mailer,
-    ): void {
-        $lock = Cache::store('redis')->lock(self::LOCK_NAME, self::LOCK_TTL_SECONDS);
-        if (! $lock->get()) {
-            Log::info('csv_reconcile.skipped_overlap');
-            return;
-        }
-
-        $windowEnd = Carbon::now();
-        $windowStart = (clone $windowEnd)->subHours(self::WINDOW_HOURS);
-
-        $logId = DB::connection(self::DB_CONNECTION)
-            ->table('supplier_csv_reconcile_log')
-            ->insertGetId([
-                'started_at' => now(), 'window_start' => $windowStart, 'window_end' => $windowEnd,
-                'status' => 'running', 'created_at' => now(),
-            ]);
-
-        try {
-            $csv = $portal->downloadLeadsCsv($windowStart, $windowEnd);
-
-            /** @var array<string, array<string, mixed>> $csvByVid */
-            $csvByVid = [];
-            foreach ($parser->parse($csv) as $row) {
-                $csvByVid[$row['vid']] = $row;
-            }
-            $totalCsvRows = count($csvByVid);
-
-            $existing = DB::connection(self::DB_CONNECTION)
-                ->table('supplier_leads')
-                ->where('received_at', '>=', $windowStart)
-                ->where('received_at', '<', $windowEnd->copy()->addHour())
-                ->pluck('vid')
-                ->all();
-
-            $existingMap = array_flip($existing);
-            $missing = array_diff_key($csvByVid, $existingMap);
-
-            $recoveredCount = 0;
-            foreach ($missing as $vid => $row) {
-                try {
-                    $lead = SupplierLead::create([
-                        'vid' => $vid,
-                        'phone' => (string) $row['phone'],
-                        'raw_payload' => $row,
-                        'received_at' => Carbon::createFromTimestamp((int) $row['time']),
-                        'recovered_from_csv_at' => now(),
-                        'supplier_project_id' => null,  // ResolverStub зарезолвит при RouteJob run
-                    ]);
-                    RouteSupplierLeadJob::dispatch($lead->id);
-                    $recoveredCount++;
-                } catch (\Illuminate\Database\QueryException $e) {
-                    if (str_contains($e->getMessage(), 'unique')) {
-                        Log::info('csv_reconcile.duplicate_vid_skipped', ['vid' => $vid]);
-                        continue;
-                    }
-                    throw $e;
-                }
-            }
-
-            $matchedCount = $totalCsvRows - count($missing);
-            $driftRatio = $totalCsvRows > 0 ? count($missing) / $totalCsvRows : 0.0;
-            $status = $driftRatio > self::DRIFT_THRESHOLD ? 'drift_alert' : 'ok';
-
-            $update = [
-                'finished_at' => now(), 'total_csv_rows' => $totalCsvRows,
-                'matched_count' => $matchedCount, 'recovered_count' => $recoveredCount,
-                'drift_ratio' => $driftRatio, 'status' => $status,
-            ];
-
-            if ($status === 'drift_alert') {
-                $mailer->to((string) config('services.supplier.alert_email'))
-                    ->send(new CsvDriftAlertMail(
-                        reconcileLogId: $logId,
-                        totalCsvRows: $totalCsvRows,
-                        missingCount: count($missing),
-                        recoveredCount: $recoveredCount,
-                        driftRatio: $driftRatio,
-                        windowStart: $windowStart,
-                        windowEnd: $windowEnd,
-                    ));
-                $update['alert_email_sent_at'] = now();
-            }
-
-            DB::connection(self::DB_CONNECTION)
-                ->table('supplier_csv_reconcile_log')->where('id', $logId)->update($update);
-
-        } catch (Throwable $e) {
-            DB::connection(self::DB_CONNECTION)
-                ->table('supplier_csv_reconcile_log')->where('id', $logId)->update([
-                    'finished_at' => now(),
-                    'status' => 'failed',
-                    'error_message' => substr($e->getMessage(), 0, 1000),
-                ]);
-            throw $e;
-        } finally {
-            $lock->release();
-        }
-    }
-}
-```
-
-- [ ] **Step 7: Добавить Schedule entry в routes/console.php**
-
-После Plan 3 entries (последняя строка `Schedule::command('supplier:retry-failed')->hourly()`):
-
-```php
-// Plan 4 Task 8: hourly CSV reconciliation (резерв-канал приёма лидов).
-Schedule::job(new \App\Jobs\Supplier\CsvReconcileJob)->hourly();
-```
-
-И в use-блоке вверху файла:
-
-```php
-use App\Jobs\Supplier\CsvReconcileJob;
-```
-
-- [ ] **Step 8: Запустить — PASS**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Supplier/CsvReconcileJobTest.php
-```
-
-Expected: 6 PASS.
-
-- [ ] **Step 9: Pint + Larastan + полный Pest**
-
-```bash
-cd app && composer pint && composer stan && ./vendor/bin/pest --parallel
-```
-
-- [ ] **Step 10: Commit**
-
-```bash
-git add app/app/Jobs/Supplier/CsvReconcileJob.php \
-        app/app/Mail/CsvDriftAlertMail.php \
-        app/resources/views/emails/csv_drift_alert.blade.php \
-        app/routes/console.php \
-        app/config/services.php \
-        app/tests/Feature/Supplier/CsvReconcileJobTest.php
-git commit -m "feat(supplier): Plan 4 Task 8 — CsvReconcileJob hourly + drift>5% email + supplier_csv_reconcile_log"
-```
-
----
-
-## Task 9: AdminPricingTiersController + Vue view + Histoire
-
-**Files:**
-
-- Create: `app/app/Http/Controllers/Api/AdminPricingTiersController.php`
-- Modify: [app/routes/web.php](../../app/routes/web.php) (+ Route::prefix `/api/admin/pricing-tiers`)
-- Create: `app/tests/Feature/Admin/AdminPricingTiersControllerTest.php`
-- Create: `app/resources/js/views/admin/AdminPricingTiersView.vue`
-- Create: `app/resources/js/views/admin/AdminPricingTiersView.story.vue`
-- Modify: `app/resources/js/router/index.ts`
-- Create: `app/tests/Vitest/views/admin/AdminPricingTiersView.spec.ts`
-
-- [ ] **Step 1: Написать failing backend test**
-
-```php
-<?php
-// app/tests/Feature/Admin/AdminPricingTiersControllerTest.php
-
-declare(strict_types=1);
-
-use App\Models\PricingTier;
-use Illuminate\Foundation\Testing\RefreshDatabase;
-
-uses(\Tests\TestCase::class, RefreshDatabase::class);
-
-beforeEach(function () {
-    (new \Database\Seeders\PricingTierSeeder())->run();
-});
-
-it('GET /api/admin/pricing-tiers returns active + scheduled sets', function () {
-    $response = $this->getJson('/api/admin/pricing-tiers');
-    $response->assertOk();
-    expect($response->json('data.active'))->toHaveCount(7);
-    expect($response->json('data.scheduled'))->toBeArray();
-});
-
-it('POST creates 7 new tiers with auto effective_from = 1st of next month', function () {
-    $payload = [
-        'tiers' => [
-            ['tier_no' => 1, 'leads_in_tier' => 50,  'price_rub' => '600.00'],
-            ['tier_no' => 2, 'leads_in_tier' => 150, 'price_rub' => '550.00'],
-            ['tier_no' => 3, 'leads_in_tier' => 300, 'price_rub' => '500.00'],
-            ['tier_no' => 4, 'leads_in_tier' => 700, 'price_rub' => '450.00'],
-            ['tier_no' => 5, 'leads_in_tier' => 1500, 'price_rub' => '400.00'],
-            ['tier_no' => 6, 'leads_in_tier' => 3000, 'price_rub' => '350.00'],
-            ['tier_no' => 7, 'leads_in_tier' => null, 'price_rub' => '300.00'],
-        ],
-    ];
-    $response = $this->postJson('/api/admin/pricing-tiers', $payload);
-    $response->assertCreated();
-
-    $expectedDate = now()->startOfMonth()->addMonth()->toDateString();
-    $newTiers = PricingTier::where('effective_from', $expectedDate)->get();
-    expect($newTiers)->toHaveCount(7);
-    expect($newTiers->where('tier_no', 1)->first()->price_per_lead_kopecks)->toBe(60000);
-    expect($newTiers->where('tier_no', 7)->first()->leads_in_tier)->toBeNull();
-});
-
-it('POST validates: exactly 7 rows required', function () {
-    $payload = ['tiers' => [
-        ['tier_no' => 1, 'leads_in_tier' => 50, 'price_rub' => '600.00'],
-    ]];
-    $response = $this->postJson('/api/admin/pricing-tiers', $payload);
-    $response->assertStatus(422);
-    $response->assertJsonValidationErrorFor('tiers');
-});
-
-it('POST validates: tier_no must be unique 1..7', function () {
-    $payload = ['tiers' => [
-        ['tier_no' => 1, 'leads_in_tier' => 50,  'price_rub' => '600.00'],
-        ['tier_no' => 1, 'leads_in_tier' => 150, 'price_rub' => '550.00'],  // дубль
-        ['tier_no' => 3, 'leads_in_tier' => 300, 'price_rub' => '500.00'],
-        ['tier_no' => 4, 'leads_in_tier' => 700, 'price_rub' => '450.00'],
-        ['tier_no' => 5, 'leads_in_tier' => 1500, 'price_rub' => '400.00'],
-        ['tier_no' => 6, 'leads_in_tier' => 3000, 'price_rub' => '350.00'],
-        ['tier_no' => 7, 'leads_in_tier' => null, 'price_rub' => '300.00'],
-    ]];
-    $this->postJson('/api/admin/pricing-tiers', $payload)->assertStatus(422);
-});
-
-it('POST validates: tier 7 leads_in_tier must be null', function () {
-    $payload = ['tiers' => [
-        ['tier_no' => 1, 'leads_in_tier' => 50,  'price_rub' => '600.00'],
-        ['tier_no' => 2, 'leads_in_tier' => 150, 'price_rub' => '550.00'],
-        ['tier_no' => 3, 'leads_in_tier' => 300, 'price_rub' => '500.00'],
-        ['tier_no' => 4, 'leads_in_tier' => 700, 'price_rub' => '450.00'],
-        ['tier_no' => 5, 'leads_in_tier' => 1500, 'price_rub' => '400.00'],
-        ['tier_no' => 6, 'leads_in_tier' => 3000, 'price_rub' => '350.00'],
-        ['tier_no' => 7, 'leads_in_tier' => 99999, 'price_rub' => '300.00'],  // должен быть NULL
-    ]];
-    $this->postJson('/api/admin/pricing-tiers', $payload)->assertStatus(422);
-});
-
-it('POST validates: price_rub >= 0', function () {
-    $payload = ['tiers' => [
-        ['tier_no' => 1, 'leads_in_tier' => 50, 'price_rub' => '-1.00'],
-        ['tier_no' => 2, 'leads_in_tier' => 150, 'price_rub' => '550.00'],
-        ['tier_no' => 3, 'leads_in_tier' => 300, 'price_rub' => '500.00'],
-        ['tier_no' => 4, 'leads_in_tier' => 700, 'price_rub' => '450.00'],
-        ['tier_no' => 5, 'leads_in_tier' => 1500, 'price_rub' => '400.00'],
-        ['tier_no' => 6, 'leads_in_tier' => 3000, 'price_rub' => '350.00'],
-        ['tier_no' => 7, 'leads_in_tier' => null, 'price_rub' => '300.00'],
-    ]];
-    $this->postJson('/api/admin/pricing-tiers', $payload)->assertStatus(422);
-});
-
-it('DELETE /scheduled/{effective_from} removes future tiers only', function () {
-    $futureDate = now()->addMonth()->startOfMonth()->toDateString();
-    PricingTier::factory()->count(7)->sequence(fn ($s) => ['tier_no' => $s->index + 1])
-        ->create(['effective_from' => $futureDate, 'is_active' => true]);
-
-    $this->deleteJson("/api/admin/pricing-tiers/scheduled/{$futureDate}")
-        ->assertOk();
-
-    expect(PricingTier::where('effective_from', $futureDate)->count())->toBe(0);
-    // Старый (seed) активный набор не тронут
-    expect(PricingTier::where('effective_from', '1970-01-01')->count())->toBe(7);
-});
-
-it('writes audit-trail row in saas_admin_audit_log on POST', function () {
-    $payload = ['tiers' => [
-        ['tier_no' => 1, 'leads_in_tier' => 50, 'price_rub' => '600.00'],
-        ['tier_no' => 2, 'leads_in_tier' => 150, 'price_rub' => '550.00'],
-        ['tier_no' => 3, 'leads_in_tier' => 300, 'price_rub' => '500.00'],
-        ['tier_no' => 4, 'leads_in_tier' => 700, 'price_rub' => '450.00'],
-        ['tier_no' => 5, 'leads_in_tier' => 1500, 'price_rub' => '400.00'],
-        ['tier_no' => 6, 'leads_in_tier' => 3000, 'price_rub' => '350.00'],
-        ['tier_no' => 7, 'leads_in_tier' => null, 'price_rub' => '300.00'],
-    ]];
-    $this->postJson('/api/admin/pricing-tiers', $payload)->assertCreated();
-
-    $log = \Illuminate\Support\Facades\DB::table('saas_admin_audit_log')
-        ->where('action', 'pricing_tiers.create_scheduled')->first();
-    expect($log)->not->toBeNull();
-});
-```
-
-- [ ] **Step 2: Запустить — FAIL**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Admin/AdminPricingTiersControllerTest.php
-```
-
-Expected: 8 FAIL ("route not found").
-
-- [ ] **Step 3: Реализовать AdminPricingTiersController**
-
-```php
-<?php
-// app/app/Http/Controllers/Api/AdminPricingTiersController.php
-
-declare(strict_types=1);
-
-namespace App\Http\Controllers\Api;
-
-use App\Http\Controllers\Controller;
-use App\Models\PricingTier;
-use Illuminate\Http\JsonResponse;
-use Illuminate\Http\Request;
-use Illuminate\Http\Response;
-use Illuminate\Support\Carbon;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Validation\Rule;
-
-/**
- * SaaS-admin CRUD для pricing_tiers (7-ступенчатый тариф).
- *
- * Spec: docs/superpowers/specs/2026-05-11-plan4-billing-csv-admin-design.md §6.1
- * Без auth-middleware на MVP (паритет с другими /api/admin/*; gated на Б-1).
- * Audit trail в saas_admin_audit_log.
- */
-class AdminPricingTiersController extends Controller
-{
-    public function index(): JsonResponse
-    {
-        $today = Carbon::now('Europe/Moscow')->toDateString();
-
-        $active = PricingTier::query()->where('is_active', true)
-            ->where('effective_from', '<=', $today)
-            ->orderBy('tier_no')->orderBy('effective_from', 'desc')
-            ->get()
-            ->groupBy('tier_no')
-            ->map(fn ($g) => $g->first())
-            ->values();
-
-        $scheduled = PricingTier::query()->where('is_active', true)
-            ->where('effective_from', '>', $today)
-            ->orderBy('effective_from')->orderBy('tier_no')
-            ->get()
-            ->groupBy('effective_from');
-
-        return response()->json([
-            'data' => [
-                'active' => $active,
-                'scheduled' => $scheduled,
-            ],
-        ]);
-    }
-
-    public function store(Request $request): JsonResponse
-    {
-        $request->validate([
-            'tiers' => ['required', 'array', 'size:7'],
-            'tiers.*.tier_no' => ['required', 'integer', 'between:1,7'],
-            'tiers.*.leads_in_tier' => ['nullable', 'integer', 'min:1'],
-            'tiers.*.price_rub' => ['required', 'numeric', 'min:0'],
-        ]);
-
-        $tiers = $request->input('tiers');
-
-        // Unique tier_no 1..7
-        $tierNos = array_column($tiers, 'tier_no');
-        if (count(array_unique($tierNos)) !== 7) {
-            abort(422, json_encode(['message' => 'tier_no must be unique 1..7']));
-        }
-        if (array_diff([1, 2, 3, 4, 5, 6, 7], $tierNos) !== []) {
-            abort(422, json_encode(['message' => 'all 7 tier_no values required']));
-        }
-
-        // Tier 7 must have leads_in_tier=null
-        $tier7 = collect($tiers)->firstWhere('tier_no', 7);
-        if ($tier7['leads_in_tier'] !== null) {
-            abort(422, json_encode(['message' => 'tier_no=7 leads_in_tier must be null']));
-        }
-
-        // Tiers 1..6 must have leads_in_tier > 0
-        foreach ($tiers as $tier) {
-            if ($tier['tier_no'] !== 7 && ($tier['leads_in_tier'] === null || $tier['leads_in_tier'] < 1)) {
-                abort(422, json_encode(['message' => "tier_no={$tier['tier_no']} leads_in_tier must be >= 1"]));
-            }
-        }
-
-        $effectiveFrom = Carbon::now('Europe/Moscow')->startOfMonth()->addMonth()->toDateString();
-
-        DB::transaction(function () use ($tiers, $effectiveFrom) {
-            foreach ($tiers as $tier) {
-                PricingTier::create([
-                    'tier_no' => $tier['tier_no'],
-                    'leads_in_tier' => $tier['leads_in_tier'],
-                    'price_per_lead_kopecks' => (int) round(((float) $tier['price_rub']) * 100),
-                    'is_active' => true,
-                    'effective_from' => $effectiveFrom,
-                ]);
-            }
-
-            DB::table('saas_admin_audit_log')->insert([
-                'admin_user_id' => null,  // SSO ⏸ Б-1
-                'action' => 'pricing_tiers.create_scheduled',
-                'target_type' => 'pricing_tiers',
-                'target_id' => null,
-                'payload' => json_encode(['effective_from' => $effectiveFrom, 'tiers' => $tiers]),
-                'created_at' => now(),
-            ]);
-        });
-
-        return response()->json(['effective_from' => $effectiveFrom], Response::HTTP_CREATED);
-    }
-
-    public function deleteScheduled(string $effectiveFrom): JsonResponse
-    {
-        if (! preg_match('/^\d{4}-\d{2}-\d{2}$/', $effectiveFrom)) {
-            abort(400, 'invalid date format');
-        }
-
-        $todayMsk = Carbon::now('Europe/Moscow')->toDateString();
-        if ($effectiveFrom <= $todayMsk) {
-            abort(409, 'cannot delete past or active set');
-        }
-
-        DB::transaction(function () use ($effectiveFrom) {
-            $deleted = PricingTier::where('effective_from', $effectiveFrom)->delete();
-
-            DB::table('saas_admin_audit_log')->insert([
-                'admin_user_id' => null,
-                'action' => 'pricing_tiers.delete_scheduled',
-                'target_type' => 'pricing_tiers',
-                'target_id' => null,
-                'payload' => json_encode(['effective_from' => $effectiveFrom, 'rows_deleted' => $deleted]),
-                'created_at' => now(),
-            ]);
-        });
-
-        return response()->json(['ok' => true]);
-    }
-}
-```
-
-- [ ] **Step 4: Добавить маршруты в routes/web.php**
-
-В [app/routes/web.php](../../app/routes/web.php), после строк AdminSystemSettings (~99):
-
-```php
-// Plan 4: SaaS-admin pricing-tiers editor.
-Route::prefix('/api/admin/pricing-tiers')->group(function () {
-    Route::get('/', 'App\Http\Controllers\Api\AdminPricingTiersController@index');
-    Route::post('/', 'App\Http\Controllers\Api\AdminPricingTiersController@store');
-    Route::delete('/scheduled/{effective_from}',
-        'App\Http\Controllers\Api\AdminPricingTiersController@deleteScheduled')
-        ->where('effective_from', '\d{4}-\d{2}-\d{2}');
-});
-```
-
-- [ ] **Step 5: Запустить backend test — PASS**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Admin/AdminPricingTiersControllerTest.php
-```
-
-Expected: 8 PASS.
-
-- [ ] **Step 6: Создать Vue компонент AdminPricingTiersView.vue**
-
-```vue
-<!-- app/resources/js/views/admin/AdminPricingTiersView.vue -->
-<template>
-  <div class="admin-pricing-tiers-view">
-    <h1 class="text-h4 mb-6">Тарифная сетка (pricing tiers)</h1>
-
-    <v-card class="mb-6" elevation="1">
-      <v-card-title>
-        Текущая активная сетка
-        <span v-if="active.length" class="text-caption text-medium-emphasis ml-2">
-          (с {{ active[0]?.effective_from }})
-        </span>
-      </v-card-title>
-      <v-data-table
-        :headers="tierHeaders"
-        :items="active"
-        :items-per-page="7"
-        density="comfortable"
-        class="numeric-tnum"
-      >
-        <template #item.leads_in_tier="{ item }">
-          <span v-if="item.leads_in_tier !== null">{{ item.leads_in_tier }}</span>
-          <span v-else class="text-medium-emphasis">все свыше</span>
-        </template>
-        <template #item.price_rub="{ item }">
-          {{ (item.price_per_lead_kopecks / 100).toFixed(2) }} ₽
-        </template>
-      </v-data-table>
-    </v-card>
-
-    <v-card v-if="scheduled.length" class="mb-6" elevation="1">
-      <v-card-title>Запланированные изменения</v-card-title>
-      <v-card-text>
-        <div v-for="(group, date) in scheduledByDate" :key="date" class="mb-4">
-          <strong>С {{ date }}:</strong>
-          <v-data-table :headers="tierHeaders" :items="group" density="compact" class="mt-2"/>
-          <v-btn color="error" variant="text" @click="confirmDelete(date)">
-            Отменить
-          </v-btn>
-        </div>
-      </v-card-text>
-    </v-card>
-
-    <v-btn color="primary" prepend-icon="mdi-pencil" @click="editorOpen = true">
-      Редактировать сетку (с 1-го числа след. месяца)
-    </v-btn>
-
-    <v-dialog v-model="editorOpen" max-width="900">
-      <v-card>
-        <v-card-title>Новая сетка (effective_from = {{ nextMonthStart }})</v-card-title>
-        <v-card-text>
-          <table class="editor-table">
-            <thead><tr><th>Ступень</th><th>Лидов в ступени</th><th>Цена за лид (₽)</th></tr></thead>
-            <tbody>
-              <tr v-for="(t, idx) in editor" :key="t.tier_no">
-                <td>{{ t.tier_no }}</td>
-                <td>
-                  <v-text-field
-                    v-if="t.tier_no !== 7"
-                    v-model.number="t.leads_in_tier"
-                    type="number" min="1" density="compact" hide-details
-                  />
-                  <span v-else class="text-medium-emphasis">все свыше</span>
-                </td>
-                <td>
-                  <v-text-field
-                    v-model="t.price_rub"
-                    type="number" step="0.01" min="0" density="compact" hide-details
-                  />
-                </td>
-              </tr>
-            </tbody>
-          </table>
-        </v-card-text>
-        <v-card-actions>
-          <v-spacer/>
-          <v-btn @click="editorOpen = false">Отмена</v-btn>
-          <v-btn color="primary" :loading="saving" @click="submit">Сохранить</v-btn>
-        </v-card-actions>
-      </v-card>
-    </v-dialog>
-  </div>
-</template>
-
-<script setup lang="ts">
-import { ref, computed, onMounted } from 'vue';
-import axios from 'axios';
-
-interface Tier {
-  tier_no: number;
-  leads_in_tier: number | null;
-  price_per_lead_kopecks: number;
-  effective_from: string;
-}
-interface EditorRow {
-  tier_no: number;
-  leads_in_tier: number | null;
-  price_rub: string;
-}
-
-const active = ref<Tier[]>([]);
-const scheduled = ref<Tier[]>([]);
-const editorOpen = ref(false);
-const saving = ref(false);
-
-const defaultEditor: EditorRow[] = [
-  { tier_no: 1, leads_in_tier: 100,  price_rub: '500.00' },
-  { tier_no: 2, leads_in_tier: 200,  price_rub: '450.00' },
-  { tier_no: 3, leads_in_tier: 400,  price_rub: '400.00' },
-  { tier_no: 4, leads_in_tier: 800,  price_rub: '350.00' },
-  { tier_no: 5, leads_in_tier: 1500, price_rub: '300.00' },
-  { tier_no: 6, leads_in_tier: 3000, price_rub: '270.00' },
-  { tier_no: 7, leads_in_tier: null, price_rub: '250.00' },
-];
-const editor = ref<EditorRow[]>(JSON.parse(JSON.stringify(defaultEditor)));
-
-const tierHeaders = [
-  { title: '№', key: 'tier_no', sortable: false, width: 80 },
-  { title: 'Лидов в ступени', key: 'leads_in_tier', sortable: false },
-  { title: 'Цена за лид', key: 'price_rub', sortable: false },
-];
-
-const nextMonthStart = computed(() => {
-  const d = new Date();
-  d.setDate(1); d.setMonth(d.getMonth() + 1);
-  return d.toISOString().slice(0, 10);
-});
-
-const scheduledByDate = computed(() => {
-  const out: Record<string, Tier[]> = {};
-  scheduled.value.forEach(t => {
-    if (!out[t.effective_from]) out[t.effective_from] = [];
-    out[t.effective_from].push(t);
-  });
-  return out;
-});
-
-async function load() {
-  const { data } = await axios.get('/api/admin/pricing-tiers');
-  active.value = data.data.active;
-  scheduled.value = data.data.scheduled
-    ? Object.values(data.data.scheduled).flat()
-    : [];
-}
-
-async function submit() {
-  saving.value = true;
-  try {
-    await axios.post('/api/admin/pricing-tiers', { tiers: editor.value });
-    editorOpen.value = false;
-    await load();
-  } finally {
-    saving.value = false;
-  }
-}
-
-async function confirmDelete(effectiveFrom: string) {
-  if (!window.confirm(`Удалить запланированный набор с ${effectiveFrom}?`)) return;
-  await axios.delete(`/api/admin/pricing-tiers/scheduled/${effectiveFrom}`);
-  await load();
-}
-
-onMounted(load);
-</script>
-
-<style scoped>
-.numeric-tnum :deep(td) {
-  font-feature-settings: 'tnum';
-  font-family: 'JetBrains Mono', monospace;
-}
-.editor-table {
-  width: 100%;
-  border-collapse: collapse;
-}
-.editor-table th, .editor-table td {
-  padding: 8px 12px;
-  border-bottom: 1px solid rgba(0,0,0,.06);
-}
-</style>
-```
-
-- [ ] **Step 7: Создать Histoire story**
-
-```vue
-<!-- app/resources/js/views/admin/AdminPricingTiersView.story.vue -->
-<template>
-  <Story title="admin/AdminPricingTiersView">
-    <Variant title="Empty (нет сетки)"><AdminPricingTiersView/></Variant>
-    <Variant title="Active set only"><AdminPricingTiersView/></Variant>
-    <Variant title="Active + Scheduled"><AdminPricingTiersView/></Variant>
-    <Variant title="Editor dialog open"><AdminPricingTiersView ref="vRef"/></Variant>
-  </Story>
-</template>
-
-<script setup lang="ts">
-import AdminPricingTiersView from './AdminPricingTiersView.vue';
-</script>
-```
-
-- [ ] **Step 8: Добавить route в router/index.ts**
-
-В `app/resources/js/router/index.ts` найти секцию admin-маршрутов и добавить:
-
-```ts
-{
-  path: '/admin/pricing-tiers',
-  name: 'admin-pricing-tiers',
-  component: () => import('@/views/admin/AdminPricingTiersView.vue'),
-  meta: { layout: 'app', requiresAdmin: true },
-},
-```
-
-- [ ] **Step 9: Создать Vitest test**
-
-```ts
-// app/tests/Vitest/views/admin/AdminPricingTiersView.spec.ts
-import { describe, it, expect, beforeEach, vi } from 'vitest';
-import { mount } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-import * as components from 'vuetify/components';
-import * as directives from 'vuetify/directives';
-import axios from 'axios';
-import AdminPricingTiersView from '@/views/admin/AdminPricingTiersView.vue';
-
-vi.mock('axios');
-
-const vuetify = createVuetify({ components, directives });
-
-const mockTiers = [
-  { tier_no: 1, leads_in_tier: 100,  price_per_lead_kopecks: 50000, effective_from: '1970-01-01' },
-  { tier_no: 2, leads_in_tier: 200,  price_per_lead_kopecks: 45000, effective_from: '1970-01-01' },
-  { tier_no: 3, leads_in_tier: 400,  price_per_lead_kopecks: 40000, effective_from: '1970-01-01' },
-  { tier_no: 4, leads_in_tier: 800,  price_per_lead_kopecks: 35000, effective_from: '1970-01-01' },
-  { tier_no: 5, leads_in_tier: 1500, price_per_lead_kopecks: 30000, effective_from: '1970-01-01' },
-  { tier_no: 6, leads_in_tier: 3000, price_per_lead_kopecks: 27000, effective_from: '1970-01-01' },
-  { tier_no: 7, leads_in_tier: null, price_per_lead_kopecks: 25000, effective_from: '1970-01-01' },
-];
-
-describe('AdminPricingTiersView', () => {
-  beforeEach(() => {
-    (axios.get as any).mockResolvedValue({ data: { data: { active: mockTiers, scheduled: {} } } });
-    (axios.post as any).mockResolvedValue({ data: { effective_from: '2026-06-01' } });
-    (axios.delete as any).mockResolvedValue({ data: { ok: true } });
-  });
-
-  it('renders 7 tier rows from /api/admin/pricing-tiers', async () => {
-    const wrapper = mount(AdminPricingTiersView, { global: { plugins: [vuetify] } });
-    await new Promise(r => setTimeout(r, 50));
-    expect(wrapper.text()).toContain('500.00');
-    expect(wrapper.text()).toContain('250.00');
-  });
-
-  it('shows "все свыше" for tier 7 with leads_in_tier=null', async () => {
-    const wrapper = mount(AdminPricingTiersView, { global: { plugins: [vuetify] } });
-    await new Promise(r => setTimeout(r, 50));
-    expect(wrapper.text()).toContain('все свыше');
-  });
-
-  it('opens editor dialog on button click', async () => {
-    const wrapper = mount(AdminPricingTiersView, { global: { plugins: [vuetify] } });
-    await new Promise(r => setTimeout(r, 50));
-    expect(wrapper.vm.editorOpen).toBe(false);
-    wrapper.vm.editorOpen = true;
-    await wrapper.vm.$nextTick();
-    expect(wrapper.vm.editorOpen).toBe(true);
-  });
-
-  it('submits POST with editor.value payload', async () => {
-    const wrapper = mount(AdminPricingTiersView, { global: { plugins: [vuetify] } });
-    await new Promise(r => setTimeout(r, 50));
-    wrapper.vm.editorOpen = true;
-    await wrapper.vm.submit();
-    expect(axios.post).toHaveBeenCalledWith('/api/admin/pricing-tiers', expect.objectContaining({
-      tiers: expect.arrayContaining([
-        expect.objectContaining({ tier_no: 7, leads_in_tier: null }),
-      ]),
-    }));
-  });
-
-  it('confirmDelete triggers DELETE to /scheduled/{date}', async () => {
-    window.confirm = vi.fn(() => true);
-    const wrapper = mount(AdminPricingTiersView, { global: { plugins: [vuetify] } });
-    await new Promise(r => setTimeout(r, 50));
-    await wrapper.vm.confirmDelete('2026-06-01');
-    expect(axios.delete).toHaveBeenCalledWith('/api/admin/pricing-tiers/scheduled/2026-06-01');
-  });
-});
-```
-
-- [ ] **Step 10: Запустить Vitest — PASS**
-
-```bash
-cd app && npm run test:vue -- AdminPricingTiersView
-```
-
-Expected: 5 PASS.
-
-- [ ] **Step 11: Pint + Larastan + полный Pest + Histoire build smoke**
-
-```bash
-cd app && composer pint && composer stan && ./vendor/bin/pest --parallel && npm run lint:vue && npm run type-check
-```
-
-```bash
-cd app && npm run story:build 2>&1 | tail -20
-```
-
-Expected: Histoire builds without errors; AdminPricingTiersView.story registered.
-
-- [ ] **Step 12: Commit**
-
-```bash
-git add app/app/Http/Controllers/Api/AdminPricingTiersController.php \
-        app/routes/web.php \
-        app/tests/Feature/Admin/AdminPricingTiersControllerTest.php \
-        app/resources/js/views/admin/AdminPricingTiersView.vue \
-        app/resources/js/views/admin/AdminPricingTiersView.story.vue \
-        app/resources/js/router/index.ts \
-        app/tests/Vitest/views/admin/AdminPricingTiersView.spec.ts
-git commit -m "feat(admin): Plan 4 Task 9 — AdminPricingTiersController + AdminPricingTiersView (CRUD 7-tier + audit)"
-```
-
----
-
-## Task 10: AdminSuppliersController + Vue view + Histoire
-
-**Files:**
-
-- Create: `app/app/Http/Controllers/Api/AdminSuppliersController.php`
-- Modify: [app/routes/web.php](../../app/routes/web.php)
-- Create: `app/tests/Feature/Admin/AdminSuppliersControllerTest.php`
-- Create: `app/resources/js/views/admin/AdminSupplierPricesView.vue`
-- Create: `app/resources/js/views/admin/AdminSupplierPricesView.story.vue`
-- Modify: `app/resources/js/router/index.ts`
-- Create: `app/tests/Vitest/views/admin/AdminSupplierPricesView.spec.ts`
-
-- [ ] **Step 1: Написать failing backend test**
-
-```php
-<?php
-// app/tests/Feature/Admin/AdminSuppliersControllerTest.php
-
-declare(strict_types=1);
-
-use App\Models\Supplier;
-use Illuminate\Foundation\Testing\RefreshDatabase;
-
-uses(\Tests\TestCase::class, RefreshDatabase::class);
-
-it('GET /api/admin/suppliers returns 3 suppliers B1/B2/B3', function () {
-    $response = $this->getJson('/api/admin/suppliers');
-    $response->assertOk();
-    $data = $response->json('data');
-    expect($data)->toHaveCount(3);
-    expect(collect($data)->pluck('code')->all())->toContain('b1', 'b2', 'b3');
-});
-
-it('PATCH updates cost_rub for supplier', function () {
-    $b1 = Supplier::where('code', 'b1')->first();
-    $oldCost = (string) $b1->cost_rub;
-
-    $this->patchJson("/api/admin/suppliers/{$b1->id}", ['cost_rub' => '1.50'])
-        ->assertOk();
-
-    expect((string) $b1->fresh()->cost_rub)->toBe('1.50');
-    expect((string) $b1->fresh()->cost_rub)->not->toBe($oldCost);
-});
-
-it('PATCH validates cost_rub >= 0', function () {
-    $b1 = Supplier::where('code', 'b1')->first();
-
-    $this->patchJson("/api/admin/suppliers/{$b1->id}", ['cost_rub' => '-1.00'])
-        ->assertStatus(422);
-});
-
-it('PATCH writes saas_admin_audit_log row', function () {
-    $b1 = Supplier::where('code', 'b1')->first();
-
-    $this->patchJson("/api/admin/suppliers/{$b1->id}", ['cost_rub' => '2.00'])
-        ->assertOk();
-
-    $log = \Illuminate\Support\Facades\DB::table('saas_admin_audit_log')
-        ->where('action', 'suppliers.update')->first();
-    expect($log)->not->toBeNull();
-});
-```
-
-- [ ] **Step 2: Запустить — FAIL**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Admin/AdminSuppliersControllerTest.php
-```
-
-- [ ] **Step 3: Реализовать AdminSuppliersController**
-
-```php
-<?php
-// app/app/Http/Controllers/Api/AdminSuppliersController.php
-
-declare(strict_types=1);
-
-namespace App\Http\Controllers\Api;
-
-use App\Http\Controllers\Controller;
-use App\Models\Supplier;
-use Illuminate\Http\JsonResponse;
-use Illuminate\Http\Request;
-use Illuminate\Support\Facades\DB;
-
-class AdminSuppliersController extends Controller
-{
-    public function index(): JsonResponse
-    {
-        return response()->json([
-            'data' => Supplier::query()->orderBy('sort_order')->get(),
-        ]);
-    }
-
-    public function update(Request $request, int $id): JsonResponse
-    {
-        $request->validate([
-            'cost_rub' => ['sometimes', 'numeric', 'min:0'],
-            'quality_score' => ['sometimes', 'numeric', 'between:0,9.99'],
-            'is_active' => ['sometimes', 'boolean'],
-        ]);
-
-        $supplier = Supplier::findOrFail($id);
-        $changes = $request->only(['cost_rub', 'quality_score', 'is_active']);
-
-        DB::transaction(function () use ($supplier, $changes) {
-            $before = $supplier->only(array_keys($changes));
-            $supplier->update($changes);
-
-            DB::table('saas_admin_audit_log')->insert([
-                'admin_user_id' => null,  // ⏸ Б-1
-                'action' => 'suppliers.update',
-                'target_type' => 'suppliers',
-                'target_id' => $supplier->id,
-                'payload' => json_encode(['before' => $before, 'after' => $changes]),
-                'created_at' => now(),
-            ]);
-        });
-
-        return response()->json(['data' => $supplier->fresh()]);
-    }
-}
-```
-
-- [ ] **Step 4: Добавить routes в web.php**
-
-```php
-// app/routes/web.php — после Plan 4 Task 9 pricing-tiers routes
-Route::get('/api/admin/suppliers', 'App\Http\Controllers\Api\AdminSuppliersController@index');
-Route::patch('/api/admin/suppliers/{id}', 'App\Http\Controllers\Api\AdminSuppliersController@update')
-    ->where('id', '[0-9]+');
-```
-
-- [ ] **Step 5: Запустить — PASS**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Admin/AdminSuppliersControllerTest.php
-```
-
-Expected: 4 PASS.
-
-- [ ] **Step 6: Создать Vue компонент AdminSupplierPricesView.vue**
-
-```vue
-<!-- app/resources/js/views/admin/AdminSupplierPricesView.vue -->
-<template>
-  <div>
-    <h1 class="text-h4 mb-6">Цены поставщиков (закупка)</h1>
-    <v-card elevation="1">
-      <v-data-table :headers="headers" :items="suppliers" density="comfortable" class="numeric-tnum">
-        <template #item.cost_rub="{ item }">
-          <v-text-field
-            v-model="item.cost_rub" type="number" step="0.01" min="0"
-            density="compact" hide-details variant="plain"
-          />
-        </template>
-        <template #item.quality_score="{ item }">
-          <v-text-field
-            v-model="item.quality_score" type="number" step="0.01" min="0" max="9.99"
-            density="compact" hide-details variant="plain"
-          />
-        </template>
-        <template #item.is_active="{ item }">
-          <v-switch v-model="item.is_active" hide-details inset density="compact"/>
-        </template>
-        <template #item.actions="{ item }">
-          <v-btn size="small" :loading="saving[item.id]" @click="save(item)">Сохранить</v-btn>
-        </template>
-      </v-data-table>
-    </v-card>
-  </div>
-</template>
-
-<script setup lang="ts">
-import { ref, onMounted, reactive } from 'vue';
-import axios from 'axios';
-
-interface SupplierRow {
-  id: number; code: string; name: string;
-  cost_rub: string; quality_score: string; is_active: boolean;
-}
-
-const suppliers = ref<SupplierRow[]>([]);
-const saving = reactive<Record<number, boolean>>({});
-
-const headers = [
-  { title: 'Code', key: 'code', sortable: false, width: 80 },
-  { title: 'Name', key: 'name', sortable: false },
-  { title: 'Cost (₽)', key: 'cost_rub', sortable: false, width: 140 },
-  { title: 'Quality', key: 'quality_score', sortable: false, width: 100 },
-  { title: 'Active', key: 'is_active', sortable: false, width: 100 },
-  { title: '', key: 'actions', sortable: false, width: 120 },
-];
-
-async function load() {
-  const { data } = await axios.get('/api/admin/suppliers');
-  suppliers.value = data.data;
-}
-
-async function save(s: SupplierRow) {
-  saving[s.id] = true;
-  try {
-    await axios.patch(`/api/admin/suppliers/${s.id}`, {
-      cost_rub: s.cost_rub,
-      quality_score: s.quality_score,
-      is_active: s.is_active,
-    });
-  } finally {
-    saving[s.id] = false;
-  }
-}
-
-onMounted(load);
-</script>
-
-<style scoped>
-.numeric-tnum :deep(td) {
-  font-feature-settings: 'tnum';
-  font-family: 'JetBrains Mono', monospace;
-}
-</style>
-```
-
-- [ ] **Step 7: Histoire story**
-
-```vue
-<!-- app/resources/js/views/admin/AdminSupplierPricesView.story.vue -->
-<template>
-  <Story title="admin/AdminSupplierPricesView">
-    <Variant title="Default 3 rows"><AdminSupplierPricesView/></Variant>
-    <Variant title="Editing row"><AdminSupplierPricesView/></Variant>
-  </Story>
-</template>
-
-<script setup lang="ts">
-import AdminSupplierPricesView from './AdminSupplierPricesView.vue';
-</script>
-```
-
-- [ ] **Step 8: Route в router/index.ts**
-
-```ts
-{
-  path: '/admin/supplier-prices',
-  name: 'admin-supplier-prices',
-  component: () => import('@/views/admin/AdminSupplierPricesView.vue'),
-  meta: { layout: 'app', requiresAdmin: true },
-},
-```
-
-- [ ] **Step 9: Vitest тесты**
-
-```ts
-// app/tests/Vitest/views/admin/AdminSupplierPricesView.spec.ts
-import { describe, it, expect, beforeEach, vi } from 'vitest';
-import { mount } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-import * as components from 'vuetify/components';
-import * as directives from 'vuetify/directives';
-import axios from 'axios';
-import AdminSupplierPricesView from '@/views/admin/AdminSupplierPricesView.vue';
-
-vi.mock('axios');
-const vuetify = createVuetify({ components, directives });
-
-const mockSuppliers = [
-  { id: 1, code: 'b1', name: 'B1 — Сайты и Звонки', cost_rub: '1.00', quality_score: '1.00', is_active: true },
-  { id: 2, code: 'b2', name: 'B2 — SMS', cost_rub: '1.50', quality_score: '1.00', is_active: true },
-  { id: 3, code: 'b3', name: 'B3 — SMS', cost_rub: '1.20', quality_score: '0.95', is_active: true },
-];
-
-describe('AdminSupplierPricesView', () => {
-  beforeEach(() => {
-    (axios.get as any).mockResolvedValue({ data: { data: mockSuppliers } });
-    (axios.patch as any).mockResolvedValue({ data: { data: mockSuppliers[0] } });
-  });
-
-  it('renders 3 supplier rows', async () => {
-    const w = mount(AdminSupplierPricesView, { global: { plugins: [vuetify] } });
-    await new Promise(r => setTimeout(r, 50));
-    expect(w.text()).toContain('b1');
-    expect(w.text()).toContain('b2');
-    expect(w.text()).toContain('b3');
-  });
-
-  it('save() fires PATCH with cost_rub/quality_score/is_active', async () => {
-    const w = mount(AdminSupplierPricesView, { global: { plugins: [vuetify] } });
-    await new Promise(r => setTimeout(r, 50));
-    await w.vm.save({ id: 1, code: 'b1', name: '', cost_rub: '2.00', quality_score: '1.00', is_active: true });
-    expect(axios.patch).toHaveBeenCalledWith('/api/admin/suppliers/1', {
-      cost_rub: '2.00', quality_score: '1.00', is_active: true,
-    });
-  });
-
-  it('renders quality_score, cost_rub as editable text-fields', async () => {
-    const w = mount(AdminSupplierPricesView, { global: { plugins: [vuetify] } });
-    await new Promise(r => setTimeout(r, 50));
-    const inputs = w.findAll('input[type="number"]');
-    expect(inputs.length).toBeGreaterThanOrEqual(6);  // 3 rows × 2 числовых поля
-  });
-});
-```
-
-- [ ] **Step 10: Pint + Larastan + полный Pest + npm run test:vue**
-
-```bash
-cd app && composer pint && composer stan && ./vendor/bin/pest --parallel && npm run test:vue -- AdminSupplierPrices && npm run lint:vue && npm run type-check
-```
-
-- [ ] **Step 11: Commit**
-
-```bash
-git add app/app/Http/Controllers/Api/AdminSuppliersController.php \
-        app/routes/web.php \
-        app/tests/Feature/Admin/AdminSuppliersControllerTest.php \
-        app/resources/js/views/admin/AdminSupplierPricesView.vue \
-        app/resources/js/views/admin/AdminSupplierPricesView.story.vue \
-        app/resources/js/router/index.ts \
-        app/tests/Vitest/views/admin/AdminSupplierPricesView.spec.ts
-git commit -m "feat(admin): Plan 4 Task 10 — AdminSuppliersController + AdminSupplierPricesView (B1/B2/B3 cost editor)"
-```
-
----
-
-## Task 11: TenantChargesController + ChargesTab в BillingView + CSV export
-
-**Files:**
-
-- Create: `app/app/Http/Controllers/Api/TenantChargesController.php`
-- Modify: [app/routes/web.php](../../app/routes/web.php)
-- Create: `app/tests/Feature/Billing/TenantChargesControllerTest.php`
-- Create: `app/resources/js/views/billing/ChargesTab.vue`
-- Create: `app/resources/js/views/billing/ChargesTab.story.vue`
-- Modify: `app/resources/js/views/BillingView.vue`
-- Create: `app/tests/Vitest/views/billing/ChargesTab.spec.ts`
-
-- [ ] **Step 1: Написать failing backend test**
-
-```php
-<?php
-// app/tests/Feature/Billing/TenantChargesControllerTest.php
-
-declare(strict_types=1);
-
-use App\Models\Deal;
-use App\Models\LeadCharge;
-use App\Models\Tenant;
-use App\Models\User;
-use Illuminate\Foundation\Testing\RefreshDatabase;
-use Laravel\Sanctum\Sanctum;
-
-uses(\Tests\TestCase::class, RefreshDatabase::class);
-
-beforeEach(function () {
-    (new \Database\Seeders\PricingTierSeeder())->run();
-
-    $this->tenant = Tenant::factory()->create();
-    $this->user = User::factory()->create(['tenant_id' => $this->tenant->id]);
-    Sanctum::actingAs($this->user);
-});
-
-function makeChargeFor(Tenant $tenant, array $overrides = []): LeadCharge
-{
-    $deal = Deal::factory()->create(['tenant_id' => $tenant->id, 'received_at' => now()]);
-    return LeadCharge::factory()->create(array_merge([
-        'tenant_id' => $tenant->id,
-        'deal_id' => $deal->id,
-        'deal_received_at' => $deal->received_at,
-        'charged_at' => now(),
-    ], $overrides));
-}
-
-it('GET /api/billing/charges returns paginated list for current tenant only (RLS)', function () {
-    makeChargeFor($this->tenant);
-    makeChargeFor($this->tenant);
-
-    $otherTenant = Tenant::factory()->create();
-    makeChargeFor($otherTenant);
-
-    $response = $this->getJson('/api/billing/charges');
-    $response->assertOk();
-    expect($response->json('data'))->toHaveCount(2);
-});
-
-it('filters by charge_source=prepaid', function () {
-    makeChargeFor($this->tenant, ['charge_source' => 'rub', 'price_per_lead_kopecks' => 50000]);
-    makeChargeFor($this->tenant, ['charge_source' => 'prepaid', 'price_per_lead_kopecks' => 0]);
-    makeChargeFor($this->tenant, ['charge_source' => 'prepaid', 'price_per_lead_kopecks' => 0]);
-
-    $response = $this->getJson('/api/billing/charges?charge_source=prepaid');
-    expect($response->json('data'))->toHaveCount(2);
-});
-
-it('filters by period=current_month / last_month / 90d', function () {
-    makeChargeFor($this->tenant, ['charged_at' => now()]);
-    makeChargeFor($this->tenant, ['charged_at' => now()->subMonth()]);
-    makeChargeFor($this->tenant, ['charged_at' => now()->subDays(60)]);
-    makeChargeFor($this->tenant, ['charged_at' => now()->subDays(120)]);
-
-    $this->getJson('/api/billing/charges?period=current_month')
-        ->assertJsonCount(1, 'data');
-    $this->getJson('/api/billing/charges?period=last_month')
-        ->assertJsonCount(1, 'data');
-    $this->getJson('/api/billing/charges?period=90d')
-        ->assertJsonCount(3, 'data');  // current + last + 60d (90d ≥ 60)
-});
-
-it('returns 401 без auth', function () {
-    auth()->logout();
-    Sanctum::actingAs(null);
-    $this->getJson('/api/billing/charges')->assertStatus(401);
-});
-
-it('pagination: ?page=2 returns next slice', function () {
-    for ($i = 0; $i < 30; $i++) {
-        makeChargeFor($this->tenant);
-    }
-
-    $page1 = $this->getJson('/api/billing/charges?page=1');
-    $page2 = $this->getJson('/api/billing/charges?page=2');
-
-    expect($page1->json('data'))->toHaveCount(20);  // default per_page
-    expect($page2->json('data'))->toHaveCount(10);
-});
-
-it('POST /export streams CSV via StreamedResponse', function () {
-    makeChargeFor($this->tenant);
-
-    $response = $this->postJson('/api/billing/charges/export', ['period' => '90d']);
-    $response->assertOk();
-    $response->assertHeader('Content-Type', 'text/csv; charset=UTF-8');
-
-    $body = $response->streamedContent();
-    expect($body)->toContain('charged_at,deal_id,tier_no,charge_source,price_rub,balance_rub_after');
-});
-```
-
-- [ ] **Step 2: Запустить — FAIL**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Billing/TenantChargesControllerTest.php
-```
-
-- [ ] **Step 3: Реализовать TenantChargesController**
-
-```php
-<?php
-// app/app/Http/Controllers/Api/TenantChargesController.php
-
-declare(strict_types=1);
-
-namespace App\Http\Controllers\Api;
-
-use App\Http\Controllers\Controller;
-use App\Models\LeadCharge;
-use Illuminate\Http\JsonResponse;
-use Illuminate\Http\Request;
-use Illuminate\Support\Carbon;
-use Symfony\Component\HttpFoundation\StreamedResponse;
-
-/**
- * Tenant-scoped доступ к lead_charges (read-only ledger).
- *
- * Spec: docs/superpowers/specs/2026-05-11-plan4-billing-csv-admin-design.md §6.3
- * RLS защищает изоляцию через SetTenantContext middleware.
- */
-class TenantChargesController extends Controller
-{
-    public function index(Request $request): JsonResponse
-    {
-        $query = LeadCharge::query()->orderBy('charged_at', 'desc');
-
-        $this->applyFilters($query, $request);
-
-        $page = $query->paginate(20);
-
-        return response()->json([
-            'data' => $page->items(),
-            'meta' => [
-                'current_page' => $page->currentPage(),
-                'last_page' => $page->lastPage(),
-                'total' => $page->total(),
-                'per_page' => $page->perPage(),
-            ],
-        ]);
-    }
-
-    public function export(Request $request): StreamedResponse
-    {
-        $query = LeadCharge::query()->orderBy('charged_at', 'desc');
-        $this->applyFilters($query, $request);
-
-        $filename = 'charges_'.now()->format('Y-m-d_His').'.csv';
-
-        return response()->stream(function () use ($query) {
-            $out = fopen('php://output', 'w');
-            // BOM для Excel
-            fwrite($out, "\xEF\xBB\xBF");
-            fputcsv($out, ['charged_at', 'deal_id', 'tier_no', 'charge_source', 'price_rub', 'balance_rub_after']);
-
-            $query->chunkById(500, function ($charges) use ($out) {
-                foreach ($charges as $c) {
-                    fputcsv($out, [
-                        $c->charged_at->toIso8601String(),
-                        $c->deal_id,
-                        $c->tier_no,
-                        $c->charge_source,
-                        number_format($c->price_per_lead_kopecks / 100, 2, '.', ''),
-                        '',  // balance_rub_after — нет в lead_charges; для PoC оставляем пустым
-                    ]);
-                }
-            });
-
-            fclose($out);
-        }, 200, [
-            'Content-Type' => 'text/csv; charset=UTF-8',
-            'Content-Disposition' => "attachment; filename=\"{$filename}\"",
-        ]);
-    }
-
-    /**
-     * @param  \Illuminate\Database\Eloquent\Builder<LeadCharge>  $query
-     */
-    private function applyFilters($query, Request $request): void
-    {
-        $period = $request->query('period');
-        $now = Carbon::now('Europe/Moscow');
-
-        if ($period === 'current_month') {
-            $query->where('charged_at', '>=', $now->copy()->startOfMonth());
-        } elseif ($period === 'last_month') {
-            $query->whereBetween('charged_at', [
-                $now->copy()->subMonth()->startOfMonth(),
-                $now->copy()->subMonth()->endOfMonth(),
-            ]);
-        } elseif ($period === '90d') {
-            $query->where('charged_at', '>=', $now->copy()->subDays(90));
-        }
-
-        if ($source = $request->query('charge_source')) {
-            $query->where('charge_source', $source);
-        }
-    }
-}
-```
-
-- [ ] **Step 4: Добавить routes**
-
-```php
-// app/routes/web.php — рядом с другими auth+tenant маршрутами Plan 2
-Route::middleware(['auth:sanctum', 'tenant'])->prefix('/api/billing/charges')->group(function () {
-    Route::get('/', 'App\Http\Controllers\Api\TenantChargesController@index');
-    Route::post('/export', 'App\Http\Controllers\Api\TenantChargesController@export');
-});
-```
-
-- [ ] **Step 5: Запустить — PASS**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Billing/TenantChargesControllerTest.php
-```
-
-Expected: 6 PASS.
-
-- [ ] **Step 6: Создать ChargesTab.vue**
-
-```vue
-<!-- app/resources/js/views/billing/ChargesTab.vue -->
-<template>
-  <div>
-    <div class="d-flex align-center mb-4 ga-3">
-      <v-select v-model="period" :items="periods" item-title="title" item-value="value"
-                label="Период" density="compact" hide-details style="max-width: 220px"
-                @update:model-value="refresh"/>
-      <v-select v-model="source" :items="sources" item-title="title" item-value="value"
-                label="Источник" density="compact" hide-details style="max-width: 200px" clearable
-                @update:model-value="refresh"/>
-      <v-spacer/>
-      <v-btn color="primary" prepend-icon="mdi-download" :loading="exporting" @click="exportCsv">
-        Скачать CSV
-      </v-btn>
-    </div>
-
-    <v-data-table-server
-      :headers="headers" :items="rows"
-      :items-length="total" :loading="loading"
-      :items-per-page="20" @update:options="loadOptions"
-      class="numeric-tnum"
-    >
-      <template #item.charged_at="{ item }">
-        {{ formatDate(item.charged_at) }}
-      </template>
-      <template #item.deal_id="{ item }">
-        <RouterLink :to="`/deals/${item.deal_id}`">#{{ item.deal_id }}</RouterLink>
-      </template>
-      <template #item.charge_source="{ item }">
-        <v-chip size="small" :color="item.charge_source === 'prepaid' ? 'info' : 'success'">
-          {{ item.charge_source === 'prepaid' ? 'prepaid' : '₽' }}
-        </v-chip>
-      </template>
-      <template #item.price_rub="{ item }">
-        {{ (item.price_per_lead_kopecks / 100).toFixed(2) }} ₽
-      </template>
-    </v-data-table-server>
-  </div>
-</template>
-
-<script setup lang="ts">
-import { ref, onMounted } from 'vue';
-import axios from 'axios';
-
-interface ChargeRow {
-  id: number; charged_at: string; deal_id: number;
-  tier_no: number; charge_source: 'prepaid' | 'rub';
-  price_per_lead_kopecks: number;
-}
-
-const rows = ref<ChargeRow[]>([]);
-const total = ref(0);
-const loading = ref(false);
-const exporting = ref(false);
-const period = ref<string>('current_month');
-const source = ref<string | null>(null);
-const page = ref(1);
-
-const periods = [
-  { title: 'Текущий месяц', value: 'current_month' },
-  { title: 'Прошлый месяц', value: 'last_month' },
-  { title: 'Последние 90 дней', value: '90d' },
-];
-const sources = [
-  { title: 'prepaid', value: 'prepaid' },
-  { title: '₽', value: 'rub' },
-];
-
-const headers = [
-  { title: 'Дата', key: 'charged_at', sortable: false },
-  { title: 'Сделка', key: 'deal_id', sortable: false, width: 100 },
-  { title: 'Tier', key: 'tier_no', sortable: false, width: 80 },
-  { title: 'Источник', key: 'charge_source', sortable: false, width: 120 },
-  { title: 'Цена', key: 'price_rub', sortable: false, width: 120 },
-];
-
-function formatDate(iso: string): string {
-  return new Date(iso).toLocaleString('ru-RU', { timeZone: 'Europe/Moscow' });
-}
-
-async function refresh() {
-  page.value = 1;
-  await load();
-}
-
-async function loadOptions(opts: { page: number }) {
-  page.value = opts.page;
-  await load();
-}
-
-async function load() {
-  loading.value = true;
-  try {
-    const params: Record<string, string | number> = { page: page.value, period: period.value };
-    if (source.value) params.charge_source = source.value;
-    const { data } = await axios.get('/api/billing/charges', { params });
-    rows.value = data.data;
-    total.value = data.meta.total;
-  } finally {
-    loading.value = false;
-  }
-}
-
-async function exportCsv() {
-  exporting.value = true;
-  try {
-    const params: Record<string, string> = { period: period.value };
-    if (source.value) params.charge_source = source.value;
-    const response = await axios.post('/api/billing/charges/export', params, { responseType: 'blob' });
-    const url = URL.createObjectURL(response.data);
-    const a = document.createElement('a');
-    a.href = url;
-    a.download = `charges_${new Date().toISOString().slice(0,10)}.csv`;
-    a.click();
-    URL.revokeObjectURL(url);
-  } finally {
-    exporting.value = false;
-  }
-}
-
-onMounted(load);
-
-defineExpose({ refresh, exportCsv, period, source, total });
-</script>
-
-<style scoped>
-.numeric-tnum :deep(td) {
-  font-feature-settings: 'tnum';
-  font-family: 'JetBrains Mono', monospace;
-}
-</style>
-```
-
-- [ ] **Step 7: Histoire story**
-
-```vue
-<!-- app/resources/js/views/billing/ChargesTab.story.vue -->
-<template>
-  <Story title="billing/ChargesTab">
-    <Variant title="Empty"><ChargesTab/></Variant>
-    <Variant title="Mixed prepaid+rub"><ChargesTab/></Variant>
-    <Variant title="Only rub current month"><ChargesTab/></Variant>
-  </Story>
-</template>
-
-<script setup lang="ts">
-import ChargesTab from './ChargesTab.vue';
-</script>
-```
-
-- [ ] **Step 8: Добавить tab в BillingView.vue**
-
-Открыть `app/resources/js/views/BillingView.vue`. Грепнуть текущую `<v-tabs>` структуру:
-
-```bash
-grep -n "v-tabs\|v-tab\b" app/resources/js/views/BillingView.vue
-```
-
-Добавить новый tab «Списания»:
-
-```vue
-<!-- В <v-tabs> блоке добавить: -->
-<v-tab value="charges">Списания</v-tab>
-
-<!-- В <v-tabs-window> или <v-window> блоке добавить: -->
-<v-window-item value="charges">
-  <ChargesTab/>
-</v-window-item>
-```
-
-В `<script setup>` импортировать:
-
-```ts
-import ChargesTab from './billing/ChargesTab.vue';
-```
-
-- [ ] **Step 9: Vitest тесты**
-
-```ts
-// app/tests/Vitest/views/billing/ChargesTab.spec.ts
-import { describe, it, expect, beforeEach, vi } from 'vitest';
-import { mount } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-import * as components from 'vuetify/components';
-import * as directives from 'vuetify/directives';
-import axios from 'axios';
-import ChargesTab from '@/views/billing/ChargesTab.vue';
-
-vi.mock('axios');
-const vuetify = createVuetify({ components, directives });
-
-const mockData = {
-  data: [
-    { id: 1, charged_at: '2026-05-01T10:00:00Z', deal_id: 42, tier_no: 1, charge_source: 'rub', price_per_lead_kopecks: 50000 },
-    { id: 2, charged_at: '2026-05-01T11:00:00Z', deal_id: 43, tier_no: 1, charge_source: 'prepaid', price_per_lead_kopecks: 0 },
-  ],
-  meta: { current_page: 1, last_page: 1, total: 2, per_page: 20 },
-};
-
-describe('ChargesTab', () => {
-  beforeEach(() => {
-    (axios.get as any).mockResolvedValue({ data: mockData });
-    (axios.post as any).mockResolvedValue({ data: new Blob() });
-    globalThis.URL.createObjectURL = vi.fn(() => 'blob:url');
-    globalThis.URL.revokeObjectURL = vi.fn();
-  });
-
-  it('renders 2 charge rows from API', async () => {
-    const w = mount(ChargesTab, { global: { plugins: [vuetify] } });
-    await new Promise(r => setTimeout(r, 50));
-    expect(w.vm.total).toBe(2);
-  });
-
-  it('period change triggers refetch', async () => {
-    const w = mount(ChargesTab, { global: { plugins: [vuetify] } });
-    await new Promise(r => setTimeout(r, 50));
-    w.vm.period = 'last_month';
-    await w.vm.refresh();
-    expect(axios.get).toHaveBeenLastCalledWith('/api/billing/charges', {
-      params: expect.objectContaining({ period: 'last_month' }),
-    });
-  });
-
-  it('charge_source filter is sent in params', async () => {
-    const w = mount(ChargesTab, { global: { plugins: [vuetify] } });
-    await new Promise(r => setTimeout(r, 50));
-    w.vm.source = 'prepaid';
-    await w.vm.refresh();
-    expect(axios.get).toHaveBeenLastCalledWith('/api/billing/charges', {
-      params: expect.objectContaining({ charge_source: 'prepaid' }),
-    });
-  });
-
-  it('exportCsv fires POST /export with blob response', async () => {
-    const w = mount(ChargesTab, { global: { plugins: [vuetify] } });
-    await new Promise(r => setTimeout(r, 50));
-    await w.vm.exportCsv();
-    expect(axios.post).toHaveBeenCalledWith(
-      '/api/billing/charges/export',
-      expect.objectContaining({ period: 'current_month' }),
-      expect.objectContaining({ responseType: 'blob' }),
-    );
-  });
-});
-```
-
-- [ ] **Step 10: Запустить Vitest — PASS**
-
-```bash
-cd app && npm run test:vue -- ChargesTab
-```
-
-- [ ] **Step 11: Pint + Larastan + полный Pest + npm run test:vue + lint:vue + type-check**
-
-```bash
-cd app && composer pint && composer stan && ./vendor/bin/pest --parallel && npm run test:vue && npm run lint:vue && npm run type-check
-```
-
-- [ ] **Step 12: Commit**
-
-```bash
-git add app/app/Http/Controllers/Api/TenantChargesController.php \
-        app/routes/web.php \
-        app/tests/Feature/Billing/TenantChargesControllerTest.php \
-        app/resources/js/views/billing/ChargesTab.vue \
-        app/resources/js/views/billing/ChargesTab.story.vue \
-        app/resources/js/views/BillingView.vue \
-        app/tests/Vitest/views/billing/ChargesTab.spec.ts
-git commit -m "feat(billing): Plan 4 Task 11 — TenantChargesController + ChargesTab + CSV export"
-```
-
----
-
-## Task 12: Verification gate + memory & post-merge updates
-
-**Files:**
-
-- Verify: full Pest / Vitest / Pa11y / lefthook / lychee / Histoire build
-- Modify: [CLAUDE.md](../../CLAUDE.md) (через `claude-md-management:revise-claude-md`)
-- Modify: [docs/Открытые_вопросы_v8_3.md](../../Открытые_вопросы_v8_3.md) — +7 новых Биз-вопросов из spec §7.6
-
-Это **финальный verification gate** — НЕ TDD. Все вещественные изменения сделаны в Tasks 1–11. Здесь проверяем готовность к FF-merge.
-
-- [ ] **Step 1: Полный CV gate (14 пунктов из spec §7.4)**
-
-```bash
-cd app && composer pint
-```
-
-Expected: clean diff.
-
-```bash
-cd app && composer stan
-```
-
-Expected: 0 errors above baseline. Если есть новые — обновить `phpstan-baseline.neon` через `composer stan --generate-baseline` И зафиксировать в commit (паттерн Plan 3 §3.4).
-
-```bash
-cd app && ./vendor/bin/pest --parallel
-```
-
-Expected: все тесты PASS. Зафиксировать exact final count (e.g. «688 passed, 3 skipped, 0 failed»).
-
-```bash
-cd app && npm run lint:vue
-```
-
-Expected: 0 errors.
-
-```bash
-cd app && npm run type-check
-```
-
-Expected: 0 errors.
-
-```bash
-cd app && npm run test:vue
-```
-
-Expected: все Vitest PASS, зафиксировать exact count.
-
-```bash
-cd app && npm run story:build 2>&1 | tail -20
-```
-
-Expected: Histoire builds OK, новые stories Plan 4 (AdminPricingTiersView, AdminSupplierPricesView, ChargesTab) присутствуют.
-
-```bash
-cd app && DB_DATABASE=liderra_testing php artisan migrate:fresh --force --seed
-```
-
-Expected: 0 errors; pricing_tiers seeded 7 строк.
-
-```bash
-cd app && DB_DATABASE=liderra_testing php artisan tinker --execute="echo \\App\\Models\\PricingTier::count();"
-```
-
-Expected: `7`.
-
-```bash
-cd app && npm run a11y
-```
-
-Expected: 0 violations.
-
-```bash
-./bin/gitleaks.exe detect --no-banner
-```
-
-Expected: 0 leaks.
-
-```bash
-npm run links
-```
-
-Expected: 0 broken (если упадёт на `.lychee.toml` exclude patterns — добавить новые spec/plan files в exclude, как было в Plan 3 commit `926fee9`).
-
-- [ ] **Step 2: Manual smoke tinker — RouteSupplierLeadJob с биллингом**
-
-```bash
-cd app && DB_DATABASE=liderra_testing php artisan tinker
-```
-
-```php
-// Внутри tinker:
-$t = \App\Models\Tenant::factory()->create(['balance_leads' => 5, 'balance_rub' => '0.00']);
-$sp = \App\Models\SupplierProject::factory()->create(['platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'smoke.test']);
-$p = \App\Models\Project::factory()->create([
-    'tenant_id' => $t->id, 'signal_type' => 'site', 'signal_identifier' => 'smoke.test',
-    'supplier_b1_project_id' => $sp->id, 'is_active' => true,
-    'daily_limit_target' => 10, 'effective_daily_limit_today' => 10, 'delivered_today' => 0,
-    'delivery_days_mask' => 127, 'region_mask' => 255,
-]);
-$lead = \App\Models\SupplierLead::factory()->create([
-    'vid' => 'smoke-vid', 'phone' => '79991234567',
-    'raw_payload' => ['project' => 'B1_smoke.test', 'phone' => '79991234567', 'time' => time()],
-    'supplier_project_id' => $sp->id, 'received_at' => now(),
-]);
-
-(new \App\Jobs\RouteSupplierLeadJob($lead->id))->handle(
-    app(\App\Services\LeadRouter::class),
-    app(\App\Services\SupplierProjects\SupplierProjectResolver::class),
-    app(\App\Services\DuplicateDetector::class),
-    app(\App\Services\NotificationService::class),
-    app(\App\Services\Billing\LedgerService::class),
-);
-
-echo \App\Models\LeadCharge::count();      // Expected: 1
-echo \App\Models\Deal::count();             // Expected: 1
-$lc = \App\Models\LeadCharge::first();
-echo $lc->charge_source;                   // Expected: 'prepaid'
-echo $lc->price_per_lead_kopecks;          // Expected: 0
-echo $t->fresh()->balance_leads;           // Expected: 4
-```
-
-Если какое-либо `echo` вернуло неожиданное значение — это **bug** в одной из Tasks 1-11. Использовать `superpowers:systematic-debugging` skill для поиска (≥3 гипотез перед фиксом).
-
-- [ ] **Step 3: Manual UI smoke**
-
-```bash
-cd app && php artisan serve --port=8000
-# В отдельном терминале:
-cd app && npm run dev
-```
-
-Открыть в браузере:
-
-1. `http://localhost:8000/admin/pricing-tiers` — увидеть 7 ступеней.
-2. Нажать «Редактировать сетку» → изменить tier 1 price → «Сохранить» → увидеть в «Запланированные изменения».
-3. `http://localhost:8000/admin/supplier-prices` — увидеть 3 строки B1/B2/B3.
-4. `http://localhost:8000/billing` → tab «Списания» — увидеть пустой список (если seed без charges) или 1 строку из smoke-теста.
-5. Нажать «Скачать CSV» → файл скачивается.
-
-- [ ] **Step 4: Code-review subagent**
-
-Запустить через `superpowers:requesting-code-review`. Вход: branch + spec path. Ожидать вердикт «Ready for FF-merge» или список BLOCKER/Important. Любой BLOCKER → отдельным commit'ом fix + повторный review.
-
-- [ ] **Step 5: Добавить 7 новых открытых вопросов в реестр**
-
-Открыть [docs/Открытые_вопросы_v8_3.md](../../Открытые_вопросы_v8_3.md), добавить 7 строк в секцию «Биз-*»:
-
-| ID | Вопрос | Адресат | Приоритет | Дефолт | Когда нужно |
-|---|---|---|---|---|---|
-| Биз-23 | Дефолтные tier-цены (500/450/400/350/300/270/250 руб) | Заказчик | P1 | placeholder (см. PricingTierSeeder) | До production |
-| Биз-24 | Email rate-limit zero_balance 1/час/tenant — норма? | Заказчик | P2 | 1/час | До production |
-| Биз-25 | Tenant видит ВСЕ ступени или только свою? | Заказчик | P2 | transparent (все) | До UI release |
-| Биз-26 | CSV-схема `/admin/report/index?type=49` — точные столбцы | Discovery после credentials | P1 | webhook-payload placeholder | После Tasks 1-2 Plan 3 |
-| Биз-27 | CSV окно (25h) — норма? | Заказчик/опыт | P3 | 25h | После 1-2 мес. эксплуатации |
-| Биз-28 | Drift threshold 5% — норма? | Заказчик/опыт | P3 | 5% | После 1-2 мес. эксплуатации |
-| Биз-29 | Pricing-tier-change при повышении цены | Заказчик | P2 | единая логика effective 1-е след. мес. | До production |
-
-Обновить шапку `Открытые_вопросы_v8_3.md` (версия + дата + «Что нового»).
-
-- [ ] **Step 6: Обновить CLAUDE.md через claude-md-management**
-
-```
-/claude-md-management:revise-claude-md
-```
-
-Изменения, которые skill должен внести (по правилам — single source of truth):
-
-- §0 schema метрики: «v8.18 / 61 / 114 / 39» → «v8.19 / 62 / 117 / 39».
-- §6 «Текущая фаза проекта»: добавить Plan 4 в перечень merged plans.
-- Шапка version bump: vX.Y → vX.(Y+1) (текущая v1.86 → v1.87).
-
-- [ ] **Step 7: Обновить memory project_supplier_integration.md**
-
-Через прямой Write/Edit, обновить таблицу «Декомпозиция на 5 планов»:
-
-| 4 | **Billing + CSV Reconcile + Admin** | ✅ DONE + FF-merged DATE, HEAD origin/main = `<merge-commit>` | `[2026-05-11-plan4-billing-csv-admin-plan.md](<actual-path>)` |
-
-Добавить блок «Plan 4 итоги» с:
-
-- Commit list (Tasks 1-12).
-- Метрики (тесты, schema delta).
-- Acceptance criteria status (AC-1..AC-10 — все ✅).
-- Архитектурные learnings (если были).
-
-- [ ] **Step 8: Проверка атомарности коммитов**
-
-```bash
-git log --oneline plan4-branch ^main
-```
-
-Expected: ровно 12 commits (Task 1 .. Task 11) + (опционально 1-2 fix-commit'а от code-review) + (опционально 1 commit для post-merge memory updates перед merge).
-
-- [ ] **Step 9: FF-merge в main (только после approve заказчика)**
-
-```bash
-# Заказчик явно сказал «merge»:
-git checkout main
-git merge --ff-only plan4-branch
-git push origin main
-git branch -d plan4-branch
-```
-
-- [ ] **Step 10: Post-merge — closing note в чате**
-
-Отчитаться:
-
-- Полные test-метрики (Pest X/X, Vitest Y/Y, 0 failed).
-- Schema метрики после v8.19.
-- HEAD origin/main hash.
-- AC-1..AC-10 — все ✅.
-- 7 новых открытых вопросов в реестре.
-- Plan 5 (Frontend Project UI) — pending как следующий.
-
----
-
-## Self-Review
-
-После записи плана сделана сверка с spec'ом. Найденные несоответствия и пробелы — исправлены inline:
-
-**1. Spec coverage** — каждое требование spec'а покрыто Task'ом:
-
-- Schema delta v8.19 (spec §2) → Task 1.
-- PricingTierResolver (spec §3.1) → Task 2.
-- LedgerService::chargeForDelivery (spec §3.3) → Task 3.
-- Integration в RouteSupplierLeadJob (spec §3.2) → Task 4.
-- ResetMonthlyCountersCommand (spec §4.1) → Task 5.
-- Auto-pause + ZeroBalancePausedMail (spec §4.2-4.5) → Task 6.
-- SupplierPortalClient::downloadLeadsCsv + SupplierCsvParser (spec §5.1-5.2) → Task 7.
-- CsvReconcileJob + CsvDriftAlertMail (spec §5.3-5.6) → Task 8.
-- AdminPricingTiersController (spec §6.1) → Task 9.
-- AdminSuppliersController (spec §6.2) → Task 10.
-- TenantChargesController + ChargesTab (spec §6.3) → Task 11.
-- Verification gate + 7 Биз-вопросов (spec §7.4 + §7.6) → Task 12.
-
-**2. Placeholder scan** — итеративная проверка по «No Placeholders» рулесу:
-
-- Все код-блоки полные (нет «// TODO»).
-- Все команды exact (`./vendor/bin/pest --filter=...`, `npm run test:vue -- <name>`).
-- Все file paths абсолютные относительно репозитория.
-- Зависимости между Tasks явные через «Inherits from Task N».
-
-**3. Type consistency:**
-
-- `ChargeResult` (Task 3) — везде используется как `(source: string, tier: PricingTier, priceKopecks: int)`. ✓
-- `InsufficientBalanceException` — `priceKopecks: int`, `balanceRub: string`, `balanceLeads: int` (Task 3 + Task 4 catch + Task 6 handleInsufficientBalance signature). ✓
-- `LedgerService::chargeForDelivery(Tenant $lockedTenant, Deal $deal, ?SupplierLead $lead = null)` — Task 3 определяет, Task 4 передаёт `$lead`, Task 6 не меняет. ✓
-- `Cache::store('redis')->add($key, true, now()->addHour())` — паттерн Task 6 rate-limit + Task 8 lock (`lock()->get()` — другая семантика, namespace разный «billing:zero_balance_alert» vs «supplier:csv_reconcile»). ✓
-
-**4. Connection paths:**
-
-- `pgsql_supplier` BYPASSRLS-роль используется единообразно в: RouteSupplierLeadJob `self::DB_CONNECTION` (Plan 3) + ResetDeliveredTodayCommand (Plan 3) + ResetMonthlyCountersCommand (Task 5 этого плана) + handleInsufficientBalance UPDATE (Task 6) + CsvReconcileJob INSERT/SELECT supplier_csv_reconcile_log + supplier_leads (Task 8). ✓
-- Default `pgsql` для tenant-scoped: LedgerService inserts (lead_charges + balance_transactions + supplier_lead_costs) — внутри уже открытой `DB::transaction` с `SET LOCAL app.current_tenant_id` от родительского `RouteSupplierLeadJob::createDealCopyForProject`. ✓
-
-**5. Известные ограничения (повторное упоминание из §8 spec'а):**
-
-- `LeadRouter::matchEligibleProjects` is_active filter — будет проверено грепом в Task 4 Step 5 (если failing test ловит, значит фильтр работает; иначе — добавим).
-- `config('services.supplier.alert_email')` — явно добавляется в Task 8 Step 1.
-- Vue `<v-data-table>` font-feature-settings — Task 9/10/11 используют scoped CSS `:deep(td)` который должен сработать; если не сработает — fallback на `<template #item.X>` slot.
-
----
-
-## Execution Handoff
-
-**Plan complete and saved to `docs/superpowers/plans/2026-05-11-plan4-billing-csv-admin-plan.md`.**
-
-**12 Tasks** в 3 фазах (Billing core 1-4 → Operations 5-8 → UI 9-11 → Verification 12). Атомарные коммиты, TDD на каждом Task.
-
-**Два варианта исполнения:**
-
-**1. Subagent-Driven (recommended)** — я диспатчу свежий subagent на каждый Task через `superpowers:subagent-driven-development`, делаю двух-stage review между Tasks. Быстрая итерация, изолированные контексты, легче дебажить.
-
-**2. Inline Execution** — выполнение Tasks в текущей сессии через `superpowers:executing-plans`, batch'ами с checkpoint'ами для ревью.
-
-**Какой вариант предпочитаешь?**
diff --git a/docs/superpowers/plans/2026-05-11-supplier-sync-plan3.md b/docs/superpowers/plans/2026-05-11-supplier-sync-plan3.md
deleted file mode 100644
index 15cbf1a..0000000
--- a/docs/superpowers/plans/2026-05-11-supplier-sync-plan3.md
+++ /dev/null
@@ -1,3188 +0,0 @@
-# Plan 3 (Supplier Sync) Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Закрыть BLOCKER #6 (`failed_webhook_jobs` RLS NULL tenant) + WARN #2/#3 (Plan 2.6 backlog про LeadRouter/ResetCmd под `crm_app_user`) и реализовать направление Лидерра → Поставщик: Playwright session manager, 20:30 МСК cron `SyncSupplierProjectsJob`, 180d cleanup, автоматический retry failed jobs.
-
-**Architecture:** 9 Tasks в 2 фазах. Фаза I — Discovery (Tasks 1–2): через `mcp__playwright__browser_*` MCP записываем 5 HTTP-фиксаций реальных AJAX-команд поставщика crm.bp-gr.ru; обновляем parent spec §4.4. Фаза II — Implementation (Tasks 3–9): переключение supplier-flow на `pgsql_supplier` connection с `crm_supplier_worker` BYPASSRLS-ролью (закрывает BLOCKER #6 + WARN #2/#3 одной правкой), `SupplierPortalClient` HTTP-обёртка, `RefreshSupplierSessionJob` + Node.js Playwright subprocess, `SyncSupplierProjectsJob` + чистый allocator, `CleanupInactiveSupplierProjectsJob` с порядком Phase A→B→C, `RetryFailedSupplierJobsCommand`, E2E integration test (Linux CI only). 0 schema changes.
-
-**Tech Stack:** PHP 8.3, Laravel 13.7, Pest 4, PostgreSQL 16 (`pgsql_supplier` connection с BYPASSRLS, role `crm_supplier_worker` уже создана Plan 2.6 #iv `7899071`), Redis 7 (Memurai на dev), Node.js + Playwright `chromium` (headless), Symfony Process (PHP-subprocess bridge), Mockery, Larastan, Unisender Go (email алерты).
-
-**Parent spec:** [2026-05-11-plan3-supplier-sync-design.md](../specs/2026-05-11-plan3-supplier-sync-design.md) (commit `1a265b5`).
-**Inherits from:** Plan 1 Foundation `001d781` + Plan 2 Webhook+Routing `d5aa972` + Plan 2.5 hotfix `c1ae195`+`1ba1df8` + Plan 2.6 cleanup `7899071`.
-
----
-
-## Карта файлов
-
-| Файл | Действие | Назначение | Task |
-|---|---|---|---|
-| `app/tests/Fixtures/SupplierPortal/login.json` | Create | Discovery HAR login → cookie+CSRF response | 1 |
-| `app/tests/Fixtures/SupplierPortal/projects-load.json` | Create | Discovery rt-projects-load запрос+ответ | 1 |
-| `app/tests/Fixtures/SupplierPortal/project-save.json` | Create | Discovery rt-project-save запрос+ответ | 1 |
-| `app/tests/Fixtures/SupplierPortal/project-update.json` | Create | Discovery rt-project-update запрос+ответ | 1 |
-| `app/tests/Fixtures/SupplierPortal/project-delete.json` | Create | Discovery rt-project-delete запрос+ответ | 1 |
-| [docs/superpowers/specs/2026-05-10-supplier-integration-design.md](../specs/2026-05-10-supplier-integration-design.md) | Modify | Добавить §4.4 «AJAX endpoints — observed formats» + bump v1.0 → v1.1 | 2 |
-| [app/config/database.php](../../app/config/database.php) | Modify | +ключ `pgsql_supplier` (BYPASSRLS connection) | 3 |
-| [app/.env.example](../../app/.env.example) | Modify | +`DB_SUPPLIER_USERNAME`/`DB_SUPPLIER_PASSWORD`/`SUPPLIER_LOGIN`/`SUPPLIER_PASSWORD`/`SUPPLIER_PORTAL_URL`/`SUPPLIER_ALERT_EMAIL` | 3 |
-| [app/app/Jobs/RouteSupplierLeadJob.php](../../app/app/Jobs/RouteSupplierLeadJob.php) | Modify | `protected $connection = 'pgsql_supplier'` + удалить inline-warnings 258-263 | 3 |
-| [app/app/Services/LeadRouter.php](../../app/app/Services/LeadRouter.php) | Modify | `Project::on('pgsql_supplier')` + удалить inline-warnings 25-29 | 3 |
-| [app/app/Console/Commands/ResetDeliveredTodayCommand.php](../../app/app/Console/Commands/ResetDeliveredTodayCommand.php) | Modify | `Project::on('pgsql_supplier')` + удалить inline-warnings 16-18 | 3 |
-| `app/tests/Feature/Supplier/SupplierConnectionTest.php` | Create | Regression tests BLOCKER #6 + WARN #2 + WARN #3 | 3 |
-| `app/app/Services/Supplier/Dto/SupplierProjectDto.php` | Create | Read-only DTO (platform/signal_type/unique_key/limit/workdays/regions/status) | 4 |
-| `app/app/Exceptions/Supplier/SupplierException.php` | Create | Abstract base exception | 4 |
-| `app/app/Exceptions/Supplier/SupplierAuthException.php` | Create | 401/403 sticky после refresh-retry | 4 |
-| `app/app/Exceptions/Supplier/SupplierTransientException.php` | Create | 5xx/network/timeout retryable | 4 |
-| `app/app/Exceptions/Supplier/SupplierClientException.php` | Create | 4xx 400/404/422 non-retryable | 4 |
-| `app/app/Services/Supplier/SupplierPortalClient.php` | Create | HTTP-обёртка над rt-* + Redis cookie/CSRF + retry на 401 | 4 |
-| `app/tests/Unit/Supplier/SupplierPortalClientTest.php` | Create | Unit tests через Http::fake | 4 |
-| `app/playwright/package.json` | Create | Изолированная npm dep `playwright` | 5 |
-| `app/playwright/refresh-session.js` | Create | Node subprocess: chromium → login → cookies+CSRF → stdout JSON | 5 |
-| `app/app/Services/Supplier/PlaywrightBridge.php` | Create | Symfony Process обёртка над node subprocess | 5 |
-| `app/app/Jobs/Supplier/RefreshSupplierSessionJob.php` | Create | Spawn PlaywrightBridge + Redis lock + 6h TTL cache | 5 |
-| `app/app/Console/Commands/SupplierSessionRefreshCommand.php` | Create | `supplier:session:refresh` (ручной запуск) | 5 |
-| `app/tests/Unit/Supplier/PlaywrightBridgeTest.php` | Create | Unit с mocked Symfony\Process | 5 |
-| `app/tests/Unit/Supplier/RefreshSupplierSessionJobTest.php` | Create | Unit с mocked PlaywrightBridge | 5 |
-| `app/app/Services/Supplier/SupplierQuotaAllocator.php` | Create | Pure function: B1/B2/B3 distribution + workdays/regions union | 6 |
-| `app/app/Jobs/Supplier/SyncSupplierProjectsJob.php` | Create | 20:30 МСК cron + per-supplier_project isolation + mass-fail abort | 6 |
-| `app/app/Mail/SupplierCriticalAlertMail.php` | Create | Mailable для critical alerts (email via Unisender) | 6 |
-| `app/config/services.php` | Modify | Добавить `supplier.alert_email` ключ | 6 |
-| `app/tests/Unit/Supplier/SupplierQuotaAllocatorTest.php` | Create | 9 unit-тестов на distribution-математику | 6 |
-| `app/tests/Feature/Supplier/SyncSupplierProjectsJobTest.php` | Create | Integration tests с Http::fake | 6 |
-| `app/app/Jobs/Supplier/CleanupInactiveSupplierProjectsJob.php` | Create | Phase A re-activate → B mark → C delete 180d | 7 |
-| `app/tests/Feature/Supplier/CleanupInactiveSupplierProjectsJobTest.php` | Create | Integration + критический ordering test | 7 |
-| `app/app/Console/Commands/RetryFailedSupplierJobsCommand.php` | Create | `supplier:retry-failed` hourly + лимит 10/24h | 8 |
-| `app/tests/Feature/Supplier/RetryFailedSupplierJobsCommandTest.php` | Create | Integration tests | 8 |
-| `app/routes/console.php` | Modify | +5 Schedule entries | 8 |
-| `app/tests/Browser/SupplierIntegrationE2ETest.php` | Create | Linux CI only mock-server → full flow | 9 |
-| [lefthook.yml](../../lefthook.yml) | Modify | +2 jobs (playwright-fixtures-syntax + pest-supplier-fast) | 9 |
-
----
-
-## Task 1: Discovery через Playwright MCP — записать 5 HTTP-фиксаций реальных AJAX-команд поставщика
-
-**Files:**
-
-- Create: `app/tests/Fixtures/SupplierPortal/login.json`
-- Create: `app/tests/Fixtures/SupplierPortal/projects-load.json`
-- Create: `app/tests/Fixtures/SupplierPortal/project-save.json`
-- Create: `app/tests/Fixtures/SupplierPortal/project-update.json`
-- Create: `app/tests/Fixtures/SupplierPortal/project-delete.json`
-
-**Prerequisites (BLOCKER для старта):**
-
-- Заказчик передал `SUPPLIER_LOGIN` + `SUPPLIER_PASSWORD` через защищённый канал (НЕ plaintext в чат).
-- Заказчик дал явное локальное снятие Pravila §6 на эту discovery-сессию.
-
-**Не TDD** — это manual probe; артефакт — 5 JSON-fixtures для использования в Task 4 `Http::fake()`.
-
-- [ ] **Step 1: Получить credentials и сохранить в `app/.env`**
-
-```bash
-# Заказчик передаёт credentials. Записать в app/.env (не коммитить!):
-# SUPPLIER_LOGIN=<login_от_заказчика>
-# SUPPLIER_PASSWORD=<password_от_заказчика>
-# SUPPLIER_PORTAL_URL=https://crm.bp-gr.ru
-```
-
-Verify: `grep -c "SUPPLIER_LOGIN" app/.env` должен вернуть 1.
-
-- [ ] **Step 2: Создать директорию для фикстур**
-
-```bash
-mkdir -p app/tests/Fixtures/SupplierPortal
-```
-
-Verify: `ls -la app/tests/Fixtures/SupplierPortal` существует, пуст.
-
-- [ ] **Step 3: Через Playwright MCP залогиниться, записать login fixture**
-
-Использовать MCP-tools:
-
-1. `mcp__playwright__browser_navigate` → `https://crm.bp-gr.ru/admin/user/login` (или другой login URL — узнаем при навигации)
-2. `mcp__playwright__browser_snapshot` — увидеть DOM, найти input-names для login/password
-3. `mcp__playwright__browser_fill_form` → заполнить login + password
-4. `mcp__playwright__browser_network_requests` — записать ВСЕ requests за login flow
-5. `mcp__playwright__browser_click` на submit
-6. Снова `mcp__playwright__browser_network_requests` — увидеть login POST с cookie+CSRF response
-
-Сохранить в `app/tests/Fixtures/SupplierPortal/login.json`:
-
-```json
-{
-  "step": "login",
-  "request": {
-    "method": "POST",
-    "url": "<observed-url>",
-    "headers": {
-      "<observed-headers>"
-    },
-    "body": "<observed-body-form-or-json>"
-  },
-  "response": {
-    "status": 200,
-    "headers": {
-      "set-cookie": [
-        "<observed-cookies>"
-      ]
-    },
-    "body": "<observed-response-body-or-redirect>"
-  },
-  "extracted": {
-    "session_cookie_name": "<PHPSESSID-или-JSESSIONID-или-другое>",
-    "csrf_token_selector": "<meta[name=csrf-token] или hidden input или другое>",
-    "csrf_token_value": "<observed-value>"
-  },
-  "discovered_at": "2026-05-11T..."
-}
-```
-
-- [ ] **Step 4: Записать projects-load fixture (rt-projects-load)**
-
-Через MCP:
-
-1. `mcp__playwright__browser_navigate` → URL списка проектов (например `/admin/project/list`)
-2. `mcp__playwright__browser_network_requests` — найти AJAX-запрос с `rt-projects-load` или аналог
-3. Извлечь полный request+response
-
-Сохранить в `app/tests/Fixtures/SupplierPortal/projects-load.json` тем же форматом (request/response).
-
-- [ ] **Step 5: Записать project-save fixture (rt-project-save)**
-
-Через MCP создать тестовый проект `__claude_probe_<unix_timestamp>`:
-
-1. `mcp__playwright__browser_navigate` → форма создания проекта
-2. `mcp__playwright__browser_fill_form` → заполнить минимум обязательных полей (name=`__claude_probe_<ts>`, signal_type=`site`, identifier=`example.com`, daily_limit=`1`, workdays=`Пн-Пт`)
-3. `mcp__playwright__browser_click` Save
-4. `mcp__playwright__browser_network_requests` — извлечь rt-project-save request+response (response должен содержать новый supplier_external_id)
-
-Сохранить в `app/tests/Fixtures/SupplierPortal/project-save.json`. Запомнить `supplier_external_id` для Step 6/7.
-
-- [ ] **Step 6: Записать project-update fixture (rt-project-update)**
-
-Через MCP изменить daily_limit тестового проекта на 2:
-
-1. Navigate в edit-форму
-2. Изменить daily_limit
-3. Submit
-4. `mcp__playwright__browser_network_requests` — извлечь rt-project-update
-
-Сохранить в `app/tests/Fixtures/SupplierPortal/project-update.json`.
-
-- [ ] **Step 7: Записать project-delete fixture (rt-project-delete)**
-
-Через MCP удалить тестовый проект `__claude_probe_<ts>`:
-
-1. Найти Delete button или контекстное меню
-2. Click Delete
-3. `mcp__playwright__browser_handle_dialog` accept (если confirm dialog)
-4. `mcp__playwright__browser_network_requests` — извлечь rt-project-delete
-
-Сохранить в `app/tests/Fixtures/SupplierPortal/project-delete.json`. Запомнить: вернул ли поставщик 200/204/404, soft-delete или hard?
-
-- [ ] **Step 8: Verify все 5 fixtures валидные JSON**
-
-```bash
-for f in app/tests/Fixtures/SupplierPortal/*.json; do
-  echo "Checking: $f"
-  python -m json.tool "$f" > /dev/null && echo "  OK" || echo "  INVALID JSON"
-done
-```
-
-Expected: 5 «OK», 0 «INVALID JSON».
-
-- [ ] **Step 9: Verify нет credentials в фикстурах**
-
-```bash
-grep -i "$SUPPLIER_LOGIN\|$SUPPLIER_PASSWORD" app/tests/Fixtures/SupplierPortal/*.json && echo "LEAK FOUND" || echo "Clean"
-```
-
-Expected: «Clean». Если LEAK FOUND — заменить значение на `<REDACTED>` или dummy `test_login`/`test_password`.
-
-- [ ] **Step 10: Commit fixtures**
-
-```bash
-git add app/tests/Fixtures/SupplierPortal/
-git commit -m "feat(supplier): Plan 3 Task 1 — discovery fixtures (5 rt-* HTTP-recordings)
-
-Записаны через mcp__playwright__browser_network_requests на crm.bp-gr.ru
-с явным локальным снятием Pravila §6 на discovery-сессию.
-
-Артефакт: 5 JSON-фиксаций (login, projects-load, project-save,
-project-update, project-delete) → baseline для Task 4 Http::fake().
-
-Тестовый supplier-проект __claude_probe_<ts> создан и удалён за собой."
-```
-
-Verify: `git log --oneline -1` показывает новый commit.
-
----
-
-## Task 2: Spec update — добавить §4.4 «AJAX endpoints — observed formats»
-
-**Files:**
-
-- Modify: [docs/superpowers/specs/2026-05-10-supplier-integration-design.md](../specs/2026-05-10-supplier-integration-design.md)
-
-**Не TDD** — pure documentation.
-
-- [ ] **Step 1: Открыть spec, добавить §4.4 после §4.3 «Резервирование push'а настроек»**
-
-Контент §4.4 базируется на разобранных Task 1 фикстурах. Структура:
-
-```markdown
-### 4.4. AJAX endpoints — observed formats (v1.1, 2026-05-11)
-
-Разобрано через Playwright MCP discovery 2026-05-11 (см. fixtures
-`app/tests/Fixtures/SupplierPortal/*.json`).
-
-**Login flow:**
-- URL: `<observed>`
-- Method: POST application/x-www-form-urlencoded
-- Поля: `login` / `password` (или альтернативные имена)
-- Success signal: `<observed redirect или cookie>`
-- Session cookie: `<PHPSESSID|JSESSIONID|...>`, HttpOnly: true/false
-- CSRF: `<meta name=csrf-token content=...>` ИЛИ hidden input ИЛИ header
-
-**rt-projects-load:**
-- URL: `<observed>`
-- Method: GET/POST
-- Response: JSON `[{id, name, signal_type, ...}]` или другой формат
-
-**rt-project-save:**
-- URL: `<observed>`
-- Method: POST
-- Required fields: `<observed>`
-- Response: `{id: <new_id>, ...}` или другой
-
-**rt-project-update:**
-- URL: `<observed>`  
-- Method: POST/PATCH
-- Required fields: `<observed>`
-- Принимает: полный объект ИЛИ diff
-
-**rt-project-delete:**
-- URL: `<observed>`
-- Method: POST/DELETE
-- Семантика: soft / hard
-- Response при повторе: 200 / 404
-
-**HTTP error semantics:**
-- bad payload: <400|422>
-- auth fail: <401|403>
-- rate limit: <429 если есть>
-```
-
-- [ ] **Step 2: Bump версию spec'а v1.0 → v1.1 в шапке**
-
-В начале файла найти `**Дата:** 2026-05-10` и заменить на:
-
-```markdown
-**Дата:** 2026-05-10 (v1.0) → 2026-05-11 (v1.1 — Plan 3 Task 2: добавлен §4.4 AJAX observed formats)
-```
-
-- [ ] **Step 3: Lint markdown локально**
-
-```bash
-npx markdownlint-cli2 docs/superpowers/specs/2026-05-10-supplier-integration-design.md
-```
-
-Expected: 0 errors. Если есть — fix.
-
-- [ ] **Step 4: Commit**
-
-```bash
-git add docs/superpowers/specs/2026-05-10-supplier-integration-design.md
-git commit -m "docs(specs): Plan 3 Task 2 — spec v1.0 → v1.1, добавлен §4.4 observed AJAX formats
-
-Базируется на 5 фиксациях Task 1. Закрывает open question §11 spec'а
-(«план реализации после подтверждения дизайна»)."
-```
-
-- [ ] **Step 5: STOP-GATE — ждать «ок, формат разобран корректно» от заказчика**
-
-Перед стартом Task 4 (SupplierPortalClient) необходимо подтверждение что разобранные формы корректны. Task 3 можно начинать параллельно (он не зависит от формата AJAX).
-
----
-
-## Task 3: Switch supplier-flow на `pgsql_supplier` (BYPASSRLS) — закрыть BLOCKER #6 + WARN #2 + WARN #3
-
-**Files:**
-
-- Modify: `app/config/database.php`
-- Modify: `app/.env.example`
-- Modify: `app/app/Jobs/RouteSupplierLeadJob.php`
-- Modify: `app/app/Services/LeadRouter.php`
-- Modify: `app/app/Console/Commands/ResetDeliveredTodayCommand.php`
-- Create: `app/tests/Feature/Supplier/SupplierConnectionTest.php`
-
-- [ ] **Step 1: Добавить `pgsql_supplier` connection в `app/config/database.php`**
-
-Найти секцию `'connections' => [...]` и добавить рядом с существующим `'pgsql' => [...]`:
-
-```php
-'pgsql_supplier' => array_merge(
-    config('database.connections.pgsql', []),
-    [
-        'username' => env('DB_SUPPLIER_USERNAME', env('DB_USERNAME')),
-        'password' => env('DB_SUPPLIER_PASSWORD', env('DB_PASSWORD')),
-        'options' => array_merge(
-            config('database.connections.pgsql.options', []),
-            ['_role_purpose' => 'crm_supplier_worker (BYPASSRLS) for supplier-flow jobs']
-        ),
-    ]
-),
-```
-
-- [ ] **Step 2: Добавить env-keys в `app/.env.example`**
-
-В конец файла (или в соответствующую секцию):
-
-```
-# Supplier Sync (Plan 3) — crm_supplier_worker BYPASSRLS connection
-DB_SUPPLIER_USERNAME=crm_supplier_worker
-DB_SUPPLIER_PASSWORD=
-
-# Supplier Portal credentials (Playwright login)
-SUPPLIER_LOGIN=
-SUPPLIER_PASSWORD=
-SUPPLIER_PORTAL_URL=https://crm.bp-gr.ru
-
-# Supplier alerts (email через Unisender Go relay)
-SUPPLIER_ALERT_EMAIL=
-```
-
-Дублировать те же entries в `app/.env` локально (без коммита `.env`).
-
-- [ ] **Step 3: Создать failing test — RouteSupplierLeadJob использует pgsql_supplier**
-
-Create `app/tests/Feature/Supplier/SupplierConnectionTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Jobs\RouteSupplierLeadJob;
-use App\Models\SupplierLead;
-use App\Models\Tenant;
-use App\Models\Project;
-use App\Models\FailedWebhookJob;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\DB;
-
-uses(DatabaseTransactions::class);
-
-test('RouteSupplierLeadJob uses pgsql_supplier connection by default', function () {
-    $job = new RouteSupplierLeadJob(supplierLeadId: 1);
-    expect((new ReflectionProperty($job, 'connection'))->getValue($job))
-        ->toBe('pgsql_supplier');
-});
-```
-
-- [ ] **Step 4: Run failing test**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Supplier/SupplierConnectionTest.php --filter="uses pgsql_supplier connection" 2>&1
-```
-
-Expected: FAIL — `$connection` undefined or = `null` (default).
-
-- [ ] **Step 5: Установить `$connection = 'pgsql_supplier'` в RouteSupplierLeadJob**
-
-Открыть [app/app/Jobs/RouteSupplierLeadJob.php](../../app/app/Jobs/RouteSupplierLeadJob.php). В начале класса добавить:
-
-```php
-class RouteSupplierLeadJob implements ShouldQueue
-{
-    use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;
-
-    /**
-     * Plan 3 Task 3: supplier-flow работает под BYPASSRLS-роль crm_supplier_worker.
-     * Закрывает BLOCKER #6 (NULL tenant в failed_webhook_jobs) + WARN #2/#3
-     * (LeadRouter/ResetCmd под crm_app_user без tenant-context).
-     * Brainstorm decision: вариант C, см. docs/superpowers/specs/2026-05-11-plan3-supplier-sync-design.md §1.
-     */
-    public $connection = 'pgsql_supplier';
-
-    // ... rest of class
-}
-```
-
-Также удалить inline-warnings lines 258-263 (старый комментарий о RLS-проблеме failed_webhook_jobs — теперь закрыто).
-
-- [ ] **Step 6: Run test to verify pass**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Supplier/SupplierConnectionTest.php --filter="uses pgsql_supplier connection" 2>&1
-```
-
-Expected: PASS.
-
-- [ ] **Step 7: Failing test — failed_webhook_jobs accepts NULL tenant (BLOCKER #6 regression)**
-
-В тот же `SupplierConnectionTest.php` добавить:
-
-```php
-test('failed_webhook_jobs INSERT with tenant_id=NULL succeeds under pgsql_supplier (BLOCKER #6)', function () {
-    // Имитируем INSERT который раньше падал silent под crm_app_user RLS
-    DB::connection('pgsql_supplier')->table('failed_webhook_jobs')->insert([
-        'tenant_id' => null,
-        'payload' => json_encode(['vid' => 42, 'project' => 'B1_test.ru']),
-        'error_message' => 'simulated failure',
-        'failed_at' => now(),
-    ]);
-
-    expect(
-        DB::connection('pgsql_supplier')
-            ->table('failed_webhook_jobs')
-            ->whereNull('tenant_id')
-            ->where('error_message', 'simulated failure')
-            ->exists()
-    )->toBeTrue();
-});
-```
-
-- [ ] **Step 8: Run test**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Supplier/SupplierConnectionTest.php --filter="BLOCKER #6" 2>&1
-```
-
-Expected: PASS — `crm_supplier_worker` BYPASSRLS пропускает NULL tenant_id. Если на dev `pgsql_supplier` user = `postgres` (superuser) тоже BYPASSRLS, тест проходит.
-
-- [ ] **Step 9: Failing test — LeadRouter sees all tenant projects under BYPASSRLS (WARN #2 regression)**
-
-В тот же test-файл:
-
-```php
-test('LeadRouter::matchEligibleProjects sees projects across tenants under pgsql_supplier (WARN #2)', function () {
-    // Создаём 3 tenant'а × 2 supplier-eligible projects (signal_type=site, has B1)
-    $supplierProject = \App\Models\SupplierProject::factory()->create([
-        'platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'example.com',
-    ]);
-
-    $tenants = Tenant::factory()->count(3)->create();
-    foreach ($tenants as $tenant) {
-        Project::factory()->count(2)->create([
-            'tenant_id' => $tenant->id,
-            'status' => 'active',
-            'signal_type' => 'site',
-            'signal_identifier' => 'example.com',
-            'supplier_b1_project_id' => $supplierProject->id,
-            'delivered_today' => 0,
-            'daily_limit' => 10,
-        ]);
-    }
-
-    // БЕЗ SET LOCAL — LeadRouter должен видеть все 6 проектов через BYPASSRLS
-    $router = app(\App\Services\LeadRouter::class);
-    $eligible = $router->matchEligibleProjects(
-        signalType: 'site',
-        signalIdentifier: 'example.com',
-        regionMask: 255,
-    );
-
-    expect($eligible)->toHaveCount(6);
-});
-```
-
-- [ ] **Step 10: Run failing test**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Supplier/SupplierConnectionTest.php --filter="WARN #2" 2>&1
-```
-
-Expected: FAIL — LeadRouter использует default connection (`pgsql`), под `crm_app_user` без SET LOCAL вернёт 0 projects (или вернёт 6 если на dev `pgsql` user = `postgres` superuser; тогда тест зелёный изначально — это OK на dev, на prod тест отловит регрессию).
-
-- [ ] **Step 11: Изменить LeadRouter на `Project::on('pgsql_supplier')`**
-
-Открыть [app/app/Services/LeadRouter.php](../../app/app/Services/LeadRouter.php). В методе `matchEligibleProjects` заменить:
-
-```php
-// Было:
-return Project::where('status', 'active')
-    ->where('signal_type', $signalType)
-    ->where('signal_identifier', $signalIdentifier)
-    // ...
-    ->get();
-
-// Стало:
-return Project::on('pgsql_supplier')
-    ->where('status', 'active')
-    ->where('signal_type', $signalType)
-    ->where('signal_identifier', $signalIdentifier)
-    // ...
-    ->get();
-```
-
-Удалить inline-warnings lines 25-29 (старый комментарий о RLS-проблеме — теперь закрыто).
-
-- [ ] **Step 12: Run test to verify pass**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Supplier/SupplierConnectionTest.php --filter="WARN #2" 2>&1
-```
-
-Expected: PASS.
-
-- [ ] **Step 13: Failing test — ResetDeliveredTodayCommand updates all tenants (WARN #3)**
-
-В тот же test-файл:
-
-```php
-test('ResetDeliveredTodayCommand resets delivered_today across all tenants under pgsql_supplier (WARN #3)', function () {
-    $tenants = Tenant::factory()->count(3)->create();
-    foreach ($tenants as $tenant) {
-        Project::factory()->create([
-            'tenant_id' => $tenant->id,
-            'delivered_today' => 5,
-        ]);
-    }
-
-    // Запускаем команду БЕЗ SET LOCAL
-    $this->artisan('projects:reset-delivered-today')->assertExitCode(0);
-
-    // Все 3 tenant'а должны быть reset через BYPASSRLS
-    $remaining = DB::connection('pgsql_supplier')
-        ->table('projects')
-        ->where('delivered_today', '>', 0)
-        ->count();
-
-    expect($remaining)->toBe(0);
-});
-```
-
-- [ ] **Step 14: Run failing test**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Supplier/SupplierConnectionTest.php --filter="WARN #3" 2>&1
-```
-
-Expected: FAIL on prod (или PASS на dev superuser).
-
-- [ ] **Step 15: Изменить ResetDeliveredTodayCommand на `Project::on('pgsql_supplier')`**
-
-Открыть [app/app/Console/Commands/ResetDeliveredTodayCommand.php](../../app/app/Console/Commands/ResetDeliveredTodayCommand.php). В `handle()` заменить:
-
-```php
-// Было:
-$count = Project::where('delivered_today', '!=', 0)->update(['delivered_today' => 0]);
-
-// Стало:
-$count = Project::on('pgsql_supplier')
-    ->where('delivered_today', '!=', 0)
-    ->update(['delivered_today' => 0]);
-```
-
-Удалить inline-warnings lines 16-18.
-
-- [ ] **Step 16: Run test to verify pass**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Supplier/SupplierConnectionTest.php 2>&1
-```
-
-Expected: все 4 теста (uses-connection + BLOCKER#6 + WARN#2 + WARN#3) PASS.
-
-- [ ] **Step 17: Запустить полный test-suite для regression**
-
-```bash
-cd app && php vendor/bin/pest --parallel 2>&1 | tail -20
-```
-
-Expected: ≥562/562 PASS (Plan 2.6 baseline 558/556 + 4 новых). 0 failed.
-
-- [ ] **Step 18: Запустить larastan**
-
-```bash
-cd app && php vendor/bin/phpstan analyse --no-progress --memory-limit=512M 2>&1 | tail -10
-```
-
-Expected: 0 errors above baseline.
-
-- [ ] **Step 19: Commit**
-
-```bash
-git add app/config/database.php app/.env.example \
-        app/app/Jobs/RouteSupplierLeadJob.php \
-        app/app/Services/LeadRouter.php \
-        app/app/Console/Commands/ResetDeliveredTodayCommand.php \
-        app/tests/Feature/Supplier/SupplierConnectionTest.php
-
-git commit -m "feat(supplier): Plan 3 Task 3 — switch supplier-flow на pgsql_supplier (BYPASSRLS)
-
-Закрывает 3 backlog-айтема Plan 2.6 одной правкой:
-- BLOCKER #6: failed_webhook_jobs INSERT с tenant_id=NULL теперь проходит
-  (BYPASSRLS обходит RLS-политику отвергавшую NULL)
-- WARN #2: LeadRouter::matchEligibleProjects видит projects всех tenant'ов
-- WARN #3: ResetDeliveredTodayCommand обновляет projects всех tenant'ов
-
-Архитектура: crm_supplier_worker BYPASSRLS-роль (создана Plan 2.6 #iv 7899071)
-+ новый pgsql_supplier connection в config/database.php. WHERE(tenant_id=)
-фильтры сохраняются как defense-in-depth.
-
-Brainstorm decision: вариант C из 3 опций (A=schema bump, B=отдельная таблица,
-C=BYPASSRLS-role). См. docs/superpowers/specs/2026-05-11-plan3-supplier-sync-design.md §1.
-
-+4 теста (uses-connection + BLOCKER#6 + WARN#2 + WARN#3) в Feature/Supplier/SupplierConnectionTest.php.
-0 schema changes."
-```
-
----
-
-## Task 4: SupplierPortalClient — HTTP-обёртка над rt-* с Redis cookie/CSRF + retry на 401
-
-**Files:**
-
-- Create: `app/app/Services/Supplier/Dto/SupplierProjectDto.php`
-- Create: `app/app/Exceptions/Supplier/SupplierException.php`
-- Create: `app/app/Exceptions/Supplier/SupplierAuthException.php`
-- Create: `app/app/Exceptions/Supplier/SupplierTransientException.php`
-- Create: `app/app/Exceptions/Supplier/SupplierClientException.php`
-- Create: `app/app/Services/Supplier/SupplierPortalClient.php`
-- Create: `app/tests/Unit/Supplier/SupplierPortalClientTest.php`
-
-- [ ] **Step 1: Создать DTO SupplierProjectDto**
-
-`app/app/Services/Supplier/Dto/SupplierProjectDto.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Supplier\Dto;
-
-use App\Models\SupplierProject;
-
-/**
- * Read-only DTO для передачи aggregate-состояния supplier_project
- * между SupplierQuotaAllocator и SupplierPortalClient.
- */
-final readonly class SupplierProjectDto
-{
-    public function __construct(
-        public string $platform,           // B1 / B2 / B3
-        public string $signalType,         // site / call / sms
-        public string $uniqueKey,          // domain / phone / sender+keyword / sender
-        public int $limit,                 // daily quota
-        public array $workdays,            // [1,2,3,4,5,6,7] (Пн..Вс)
-        public array $regions,             // массив кодов регионов РФ
-        public bool $regionsReverse,       // false = include (default), true = exclude
-        public string $status,             // active / paused
-    ) {}
-
-    public static function fromModel(SupplierProject $sp): self
-    {
-        return new self(
-            platform: $sp->platform,
-            signalType: $sp->signal_type,
-            uniqueKey: $sp->unique_key,
-            limit: $sp->current_limit,
-            workdays: (array) ($sp->current_workdays ?? []),
-            regions: (array) ($sp->current_regions ?? []),
-            regionsReverse: false,
-            status: $sp->inactive_since === null ? 'active' : 'paused',
-        );
-    }
-
-    public function equals(self $other): bool
-    {
-        return $this->platform === $other->platform
-            && $this->signalType === $other->signalType
-            && $this->uniqueKey === $other->uniqueKey
-            && $this->limit === $other->limit
-            && $this->workdays === $other->workdays
-            && $this->regions === $other->regions
-            && $this->regionsReverse === $other->regionsReverse
-            && $this->status === $other->status;
-    }
-}
-```
-
-- [ ] **Step 2: Создать abstract base exception**
-
-`app/app/Exceptions/Supplier/SupplierException.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Exceptions\Supplier;
-
-use RuntimeException;
-
-abstract class SupplierException extends RuntimeException
-{
-    public function __construct(
-        string $message,
-        public readonly ?int $httpStatus = null,
-        public readonly ?string $responseBody = null,
-        ?\Throwable $previous = null,
-    ) {
-        parent::__construct($message, 0, $previous);
-    }
-}
-```
-
-- [ ] **Step 3: Создать 3 concrete exceptions**
-
-`app/app/Exceptions/Supplier/SupplierAuthException.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Exceptions\Supplier;
-
-/**
- * Sticky 401/403 — Task 5 RefreshSupplierSessionJob не помог. Эскалация
- * через email + Sentry critical.
- */
-final class SupplierAuthException extends SupplierException
-{
-}
-```
-
-`app/app/Exceptions/Supplier/SupplierTransientException.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Exceptions\Supplier;
-
-/**
- * 5xx, network timeout, connection refused — retryable на job-уровне.
- */
-final class SupplierTransientException extends SupplierException
-{
-}
-```
-
-`app/app/Exceptions/Supplier/SupplierClientException.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Exceptions\Supplier;
-
-/**
- * 4xx (400/404/422) — наша ошибка payload'а, retry бесполезен.
- */
-final class SupplierClientException extends SupplierException
-{
-}
-```
-
-- [ ] **Step 4: Failing test — attachSession adds cookies and CSRF header**
-
-Create `app/tests/Unit/Supplier/SupplierPortalClientTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Services\Supplier\SupplierPortalClient;
-use App\Services\Supplier\Dto\SupplierProjectDto;
-use App\Exceptions\Supplier\SupplierAuthException;
-use App\Exceptions\Supplier\SupplierTransientException;
-use App\Exceptions\Supplier\SupplierClientException;
-use Illuminate\Support\Facades\Cache;
-use Illuminate\Support\Facades\Http;
-
-beforeEach(function () {
-    Cache::store('redis')->put('supplier:session', [
-        'phpsessid' => 'abc123sessid',
-        'csrf' => 'csrf-token-xyz',
-        'refreshed_at' => now()->toIso8601String(),
-    ], now()->addHours(6));
-
-    config(['services.supplier.portal_url' => 'https://crm.bp-gr.ru']);
-});
-
-afterEach(function () {
-    Cache::store('redis')->forget('supplier:session');
-});
-
-test('listProjects attaches PHPSESSID cookie and X-CSRF-Token header', function () {
-    Http::fake([
-        'crm.bp-gr.ru/admin/rt-projects-load*' => Http::response('[]', 200),
-    ]);
-
-    app(SupplierPortalClient::class)->listProjects();
-
-    Http::assertSent(function ($request) {
-        return str_contains($request->header('Cookie')[0] ?? '', 'PHPSESSID=abc123sessid')
-            && ($request->header('X-CSRF-Token')[0] ?? '') === 'csrf-token-xyz';
-    });
-});
-```
-
-- [ ] **Step 5: Run failing test**
-
-```bash
-cd app && php vendor/bin/pest tests/Unit/Supplier/SupplierPortalClientTest.php --filter="attaches PHPSESSID" 2>&1
-```
-
-Expected: FAIL — `SupplierPortalClient` class not found.
-
-- [ ] **Step 6: Создать минимальный SupplierPortalClient**
-
-`app/app/Services/Supplier/SupplierPortalClient.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Supplier;
-
-use App\Exceptions\Supplier\SupplierAuthException;
-use App\Exceptions\Supplier\SupplierClientException;
-use App\Exceptions\Supplier\SupplierTransientException;
-use App\Jobs\Supplier\RefreshSupplierSessionJob;
-use App\Services\Supplier\Dto\SupplierProjectDto;
-use Illuminate\Http\Client\Factory as HttpFactory;
-use Illuminate\Http\Client\PendingRequest;
-use Illuminate\Http\Client\Response;
-use Illuminate\Support\Facades\Cache;
-
-final class SupplierPortalClient
-{
-    public function __construct(
-        private readonly HttpFactory $http,
-    ) {}
-
-    public function listProjects(): array
-    {
-        $response = $this->request('GET', '/admin/rt-projects-load');
-        return $response->json() ?? [];
-    }
-
-    public function saveProject(SupplierProjectDto $dto): int
-    {
-        $response = $this->request('POST', '/admin/rt-project-save', $this->toPayload($dto));
-        return (int) ($response->json('id') ?? 0);
-    }
-
-    public function updateProject(int $externalId, SupplierProjectDto $dto): void
-    {
-        $this->request('POST', '/admin/rt-project-update', array_merge(
-            ['id' => $externalId],
-            $this->toPayload($dto)
-        ));
-    }
-
-    public function deleteProject(int $externalId): void
-    {
-        $this->request('POST', '/admin/rt-project-delete', ['id' => $externalId]);
-    }
-
-    private function request(string $method, string $path, array $body = [], bool $isRetry = false): Response
-    {
-        $session = $this->loadSession();
-        $url = rtrim(config('services.supplier.portal_url'), '/') . $path;
-
-        $request = $this->http
-            ->withCookies(['PHPSESSID' => $session['phpsessid']], parse_url($url, PHP_URL_HOST))
-            ->withHeaders(['X-CSRF-Token' => $session['csrf']])
-            ->timeout(30)
-            ->retry(0);  // retry handled here, не через Laravel HTTP retry
-
-        try {
-            $response = $request->send($method, $url, [
-                'form_params' => $body,
-            ]);
-        } catch (\Illuminate\Http\Client\ConnectionException $e) {
-            throw new SupplierTransientException(
-                "Network error: {$e->getMessage()}",
-                previous: $e,
-            );
-        }
-
-        if ($response->status() === 401 || $response->status() === 403) {
-            if ($isRetry) {
-                throw new SupplierAuthException(
-                    "Sticky auth failure on {$path}",
-                    httpStatus: $response->status(),
-                    responseBody: $response->body(),
-                );
-            }
-            dispatch_sync(new RefreshSupplierSessionJob);
-            return $this->request($method, $path, $body, isRetry: true);
-        }
-
-        if ($response->status() >= 500) {
-            throw new SupplierTransientException(
-                "Supplier server error {$response->status()} on {$path}",
-                httpStatus: $response->status(),
-                responseBody: $response->body(),
-            );
-        }
-
-        if ($response->status() >= 400) {
-            throw new SupplierClientException(
-                "Supplier rejected {$path}: HTTP {$response->status()}",
-                httpStatus: $response->status(),
-                responseBody: $response->body(),
-            );
-        }
-
-        return $response;
-    }
-
-    private function loadSession(): array
-    {
-        $session = Cache::store('redis')->get('supplier:session');
-        if ($session === null || !isset($session['phpsessid'], $session['csrf'])) {
-            dispatch_sync(new RefreshSupplierSessionJob);
-            $session = Cache::store('redis')->get('supplier:session');
-            if ($session === null) {
-                throw new SupplierAuthException('Session refresh failed: cache still empty');
-            }
-        }
-        return $session;
-    }
-
-    private function toPayload(SupplierProjectDto $dto): array
-    {
-        return [
-            'platform' => $dto->platform,
-            'signal_type' => $dto->signalType,
-            'unique_key' => $dto->uniqueKey,
-            'limit' => $dto->limit,
-            'workdays' => $dto->workdays,
-            'regions' => $dto->regions,
-            'regions_reverse' => $dto->regionsReverse ? 1 : 0,
-            'status' => $dto->status,
-        ];
-    }
-}
-```
-
-⚠ **NOTE**: Payload-shape `toPayload()` — placeholder, точные поля будут адаптированы после Task 1 discovery (Task 2 spec update §4.4). При расхождении — обновить этот метод в отдельном commit'е перед Task 6.
-
-- [ ] **Step 7: Run test to verify pass**
-
-```bash
-cd app && php vendor/bin/pest tests/Unit/Supplier/SupplierPortalClientTest.php --filter="attaches PHPSESSID" 2>&1
-```
-
-Expected: PASS.
-
-- [ ] **Step 8: Failing test — 401 triggers RefreshSupplierSessionJob and retries once**
-
-В тот же test-файл:
-
-```php
-test('401 triggers RefreshSupplierSessionJob sync and retries once', function () {
-    Illuminate\Support\Facades\Bus::fake([\App\Jobs\Supplier\RefreshSupplierSessionJob::class]);
-
-    Http::fakeSequence('crm.bp-gr.ru/*')
-        ->push('Unauthorized', 401)
-        ->push('[]', 200);
-
-    app(SupplierPortalClient::class)->listProjects();
-
-    Illuminate\Support\Facades\Bus::assertDispatchedSync(\App\Jobs\Supplier\RefreshSupplierSessionJob::class);
-    Http::assertSentCount(2);
-});
-
-test('sticky 401 throws SupplierAuthException after one retry', function () {
-    Illuminate\Support\Facades\Bus::fake([\App\Jobs\Supplier\RefreshSupplierSessionJob::class]);
-
-    Http::fakeSequence('crm.bp-gr.ru/*')
-        ->push('Unauthorized', 401)
-        ->push('Still unauthorized', 401);
-
-    expect(fn () => app(SupplierPortalClient::class)->listProjects())
-        ->toThrow(SupplierAuthException::class);
-});
-```
-
-- [ ] **Step 9: Run tests**
-
-```bash
-cd app && php vendor/bin/pest tests/Unit/Supplier/SupplierPortalClientTest.php 2>&1
-```
-
-Expected: PASS — все 3 теста зелёные. Реализация Step 6 уже покрывает retry-logic.
-
-- [ ] **Step 10: Failing tests — 5xx → SupplierTransientException, 4xx → SupplierClientException**
-
-```php
-test('5xx response throws SupplierTransientException', function () {
-    Http::fake(['crm.bp-gr.ru/*' => Http::response('upstream gateway error', 503)]);
-    expect(fn () => app(SupplierPortalClient::class)->listProjects())
-        ->toThrow(SupplierTransientException::class);
-});
-
-test('4xx not 401/403 throws SupplierClientException', function () {
-    Http::fake(['crm.bp-gr.ru/*' => Http::response('bad payload', 422)]);
-    expect(fn () => app(SupplierPortalClient::class)->listProjects())
-        ->toThrow(SupplierClientException::class);
-});
-
-test('network error throws SupplierTransientException', function () {
-    Http::fake(function () {
-        throw new \Illuminate\Http\Client\ConnectionException('Connection refused');
-    });
-    expect(fn () => app(SupplierPortalClient::class)->listProjects())
-        ->toThrow(SupplierTransientException::class);
-});
-```
-
-- [ ] **Step 11: Run tests**
-
-```bash
-cd app && php vendor/bin/pest tests/Unit/Supplier/SupplierPortalClientTest.php 2>&1
-```
-
-Expected: все 6 тестов PASS.
-
-- [ ] **Step 12: Failing tests — saveProject/updateProject/deleteProject отправляют корректный payload**
-
-```php
-test('saveProject POSTs to /admin/rt-project-save with full payload and returns external id', function () {
-    Http::fake(['crm.bp-gr.ru/admin/rt-project-save' => Http::response(['id' => 99001], 200)]);
-
-    $dto = new SupplierProjectDto(
-        platform: 'B1',
-        signalType: 'site',
-        uniqueKey: 'example.com',
-        limit: 5,
-        workdays: [1,2,3,4,5],
-        regions: [],
-        regionsReverse: false,
-        status: 'active',
-    );
-
-    $id = app(SupplierPortalClient::class)->saveProject($dto);
-
-    expect($id)->toBe(99001);
-    Http::assertSent(fn ($r) => $r->method() === 'POST'
-        && str_ends_with($r->url(), '/admin/rt-project-save')
-        && ($r['platform'] ?? null) === 'B1');
-});
-
-test('updateProject POSTs to /admin/rt-project-update with id + full payload', function () {
-    Http::fake(['crm.bp-gr.ru/admin/rt-project-update' => Http::response('', 200)]);
-
-    $dto = new SupplierProjectDto(
-        platform: 'B2', signalType: 'call', uniqueKey: '79991234567',
-        limit: 10, workdays: [1,2,3], regions: [77], regionsReverse: false, status: 'active',
-    );
-
-    app(SupplierPortalClient::class)->updateProject(externalId: 12345, dto: $dto);
-
-    Http::assertSent(fn ($r) => $r->method() === 'POST'
-        && str_ends_with($r->url(), '/admin/rt-project-update')
-        && ($r['id'] ?? null) === 12345);
-});
-
-test('deleteProject POSTs to /admin/rt-project-delete with id only', function () {
-    Http::fake(['crm.bp-gr.ru/admin/rt-project-delete' => Http::response('', 200)]);
-
-    app(SupplierPortalClient::class)->deleteProject(externalId: 12345);
-
-    Http::assertSent(fn ($r) => $r->method() === 'POST'
-        && str_ends_with($r->url(), '/admin/rt-project-delete')
-        && ($r['id'] ?? null) === 12345);
-});
-```
-
-- [ ] **Step 13: Run all tests**
-
-```bash
-cd app && php vendor/bin/pest tests/Unit/Supplier/SupplierPortalClientTest.php 2>&1
-```
-
-Expected: 9 PASS / 0 fail.
-
-- [ ] **Step 14: Larastan + Pint**
-
-```bash
-cd app && php vendor/bin/pint app/app/Services/Supplier/ app/app/Exceptions/Supplier/ app/tests/Unit/Supplier/ 2>&1
-cd app && php vendor/bin/phpstan analyse --no-progress --memory-limit=512M 2>&1 | tail -10
-```
-
-Expected: Pint clean, Larastan 0 errors above baseline.
-
-- [ ] **Step 15: Commit**
-
-```bash
-git add app/app/Services/Supplier/ app/app/Exceptions/Supplier/ app/tests/Unit/Supplier/SupplierPortalClientTest.php
-
-git commit -m "feat(supplier): Plan 3 Task 4 — SupplierPortalClient HTTP-обёртка над rt-*
-
-Компоненты:
-- SupplierProjectDto (read-only DTO, fromModel + equals)
-- SupplierException иерархия (Auth/Transient/Client + abstract base)
-- SupplierPortalClient: list/save/update/delete projects через Http facade
-  + Redis cache cookie/CSRF (key 'supplier:session', TTL 6h)
-  + auto-retry на 401/403 через dispatch_sync(RefreshSupplierSessionJob)
-  + classification HTTP errors → 3 exception types
-
-+9 тестов через Http::fake() в Unit/Supplier/SupplierPortalClientTest.php
-(retry-flow + cookie/CSRF attach + 5xx/4xx classification + payload shapes).
-
-NOTE: toPayload() shape — placeholder. Будет адаптирован после Task 1
-discovery + Task 2 spec §4.4 (отдельный fixup commit перед Task 6 при
-расхождении наблюдаемого формата с предполагаемым)."
-```
-
----
-
-## Task 5: RefreshSupplierSessionJob + PlaywrightBridge — Node.js subprocess + Redis 6h TTL
-
-**Files:**
-
-- Create: `app/playwright/package.json`
-- Create: `app/playwright/refresh-session.js`
-- Create: `app/app/Services/Supplier/PlaywrightBridge.php`
-- Create: `app/app/Jobs/Supplier/RefreshSupplierSessionJob.php`
-- Create: `app/app/Console/Commands/SupplierSessionRefreshCommand.php`
-- Create: `app/tests/Unit/Supplier/PlaywrightBridgeTest.php`
-- Create: `app/tests/Unit/Supplier/RefreshSupplierSessionJobTest.php`
-
-- [ ] **Step 1: Создать `app/playwright/package.json`**
-
-```json
-{
-  "name": "liderra-supplier-playwright",
-  "version": "1.0.0",
-  "private": true,
-  "description": "Headless Playwright bridge for Лидерра supplier session refresh (Plan 3 Task 5)",
-  "scripts": {
-    "install:chromium": "playwright install chromium --with-deps",
-    "refresh-session": "node refresh-session.js"
-  },
-  "dependencies": {
-    "playwright": "^1.50.0"
-  }
-}
-```
-
-Установить:
-
-```bash
-cd app/playwright && npm install
-```
-
-Verify: `app/playwright/node_modules/playwright/package.json` существует. **NOTE**: `app/playwright/node_modules/` нужно добавить в `.gitignore` если ещё не там.
-
-- [ ] **Step 2: Создать Node-скрипт `app/playwright/refresh-session.js`**
-
-```javascript
-#!/usr/bin/env node
-/**
- * Headless Playwright login на crm.bp-gr.ru.
- *
- * Input (JSON через stdin):
- *   {login, password, url}
- *
- * Output (JSON через stdout):
- *   {phpsessid, csrf, refreshed_at}
- *
- * Exit codes:
- *   0 — success
- *   1 — auth failed (login/password rejected)
- *   2 — DOM не найден (broken selectors)
- *   3 — timeout (60s)
- *   4 — invalid input или другая ошибка
- */
-const { chromium } = require('playwright');
-
-const TIMEOUT_MS = 60_000;
-
-async function refresh(args) {
-    const browser = await chromium.launch({ headless: true });
-    try {
-        const context = await browser.newContext();
-        const page = await context.newPage();
-
-        await page.goto(args.url, { waitUntil: 'load', timeout: TIMEOUT_MS });
-
-        // Try common login form selectors — uncomment one после Task 1 discovery:
-        const loginSelector = 'input[name=login]';
-        const passwordSelector = 'input[name=password]';
-        const submitSelector = 'button[type=submit]';
-
-        await page.fill(loginSelector, args.login);
-        await page.fill(passwordSelector, args.password);
-        await Promise.all([
-            page.waitForLoadState('networkidle', { timeout: TIMEOUT_MS }),
-            page.click(submitSelector),
-        ]);
-
-        // Try common CSRF selectors — uncomment один после Task 1 discovery:
-        const csrf = await page.locator('meta[name=csrf-token]').first().getAttribute('content', { timeout: 5000 });
-
-        const cookies = await context.cookies();
-        const sessionCookie = cookies.find(c => c.name === 'PHPSESSID' || c.name === 'JSESSIONID');
-
-        if (!sessionCookie) {
-            process.stderr.write(JSON.stringify({ error: 'session cookie not found in response' }));
-            process.exit(1);
-        }
-
-        if (!csrf) {
-            process.stderr.write(JSON.stringify({ error: 'CSRF token not found in DOM' }));
-            process.exit(2);
-        }
-
-        process.stdout.write(JSON.stringify({
-            phpsessid: sessionCookie.value,
-            csrf: csrf,
-            refreshed_at: new Date().toISOString(),
-        }));
-        process.exit(0);
-    } catch (err) {
-        process.stderr.write(JSON.stringify({ error: err.message }));
-        process.exit(err.message.includes('Timeout') ? 3 : 4);
-    } finally {
-        await browser.close();
-    }
-}
-
-// Read stdin
-let input = '';
-process.stdin.on('data', chunk => { input += chunk; });
-process.stdin.on('end', () => {
-    let args;
-    try {
-        args = JSON.parse(input);
-    } catch (e) {
-        process.stderr.write(JSON.stringify({ error: 'invalid JSON on stdin' }));
-        process.exit(4);
-    }
-    if (!args.login || !args.password || !args.url) {
-        process.stderr.write(JSON.stringify({ error: 'missing required keys: login, password, url' }));
-        process.exit(4);
-    }
-    refresh(args);
-});
-```
-
-⚠ **NOTE**: DOM-селекторы (`input[name=login]`, `meta[name=csrf-token]`) — placeholder'ы; финализировать после Task 1 discovery.
-
-- [ ] **Step 3: Failing test — PlaywrightBridge passes credentials via stdin**
-
-`app/tests/Unit/Supplier/PlaywrightBridgeTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Services\Supplier\PlaywrightBridge;
-use App\Exceptions\Supplier\SupplierAuthException;
-use Symfony\Component\Process\Process;
-
-test('PlaywrightBridge passes credentials via stdin not argv', function () {
-    $mock = Mockery::mock(Process::class);
-    $mock->shouldReceive('setInput')
-        ->once()
-        ->with(Mockery::on(function ($input) {
-            $data = json_decode($input, true);
-            return isset($data['login'], $data['password'], $data['url']);
-        }))
-        ->andReturnSelf();
-    $mock->shouldReceive('setTimeout')->andReturnSelf();
-    $mock->shouldReceive('run')->andReturn(0);
-    $mock->shouldReceive('isSuccessful')->andReturn(true);
-    $mock->shouldReceive('getOutput')->andReturn(json_encode([
-        'phpsessid' => 'abc',
-        'csrf' => 'xyz',
-        'refreshed_at' => '2026-05-11T10:00:00Z',
-    ]));
-
-    $factory = Mockery::mock();
-    $factory->shouldReceive('create')->andReturn($mock);
-
-    $bridge = new PlaywrightBridge($factory);
-    $result = $bridge->refreshSession(login: 'test_login', password: 'test_pass', url: 'https://crm.bp-gr.ru');
-
-    expect($result)->toHaveKeys(['phpsessid', 'csrf', 'refreshed_at']);
-});
-
-test('PlaywrightBridge throws SupplierAuthException on non-zero exit', function () {
-    $mock = Mockery::mock(Process::class);
-    $mock->shouldReceive('setInput')->andReturnSelf();
-    $mock->shouldReceive('setTimeout')->andReturnSelf();
-    $mock->shouldReceive('run')->andReturn(1);
-    $mock->shouldReceive('isSuccessful')->andReturn(false);
-    $mock->shouldReceive('getErrorOutput')->andReturn('{"error":"login rejected"}');
-    $mock->shouldReceive('getExitCode')->andReturn(1);
-
-    $factory = Mockery::mock();
-    $factory->shouldReceive('create')->andReturn($mock);
-
-    $bridge = new PlaywrightBridge($factory);
-
-    expect(fn () => $bridge->refreshSession('bad', 'bad', 'https://crm.bp-gr.ru'))
-        ->toThrow(SupplierAuthException::class);
-});
-```
-
-- [ ] **Step 4: Run failing test**
-
-```bash
-cd app && php vendor/bin/pest tests/Unit/Supplier/PlaywrightBridgeTest.php 2>&1
-```
-
-Expected: FAIL — `PlaywrightBridge` class not found.
-
-- [ ] **Step 5: Создать `app/app/Services/Supplier/PlaywrightBridge.php`**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Supplier;
-
-use App\Exceptions\Supplier\SupplierAuthException;
-use Symfony\Component\Process\Process;
-
-interface ProcessFactory
-{
-    public function create(array $command, ?string $cwd = null): Process;
-}
-
-final class SymfonyProcessFactory implements ProcessFactory
-{
-    public function create(array $command, ?string $cwd = null): Process
-    {
-        return new Process($command, $cwd);
-    }
-}
-
-final class PlaywrightBridge
-{
-    private const TIMEOUT_SECONDS = 75;  // 60s Node timeout + 15s buffer
-    private const SCRIPT_PATH = 'playwright/refresh-session.js';
-
-    public function __construct(
-        private readonly ProcessFactory $processFactory,
-    ) {}
-
-    /**
-     * Refresh session via headless Node-subprocess.
-     *
-     * @return array{phpsessid: string, csrf: string, refreshed_at: string}
-     * @throws SupplierAuthException
-     */
-    public function refreshSession(string $login, string $password, string $url): array
-    {
-        $process = $this->processFactory->create(
-            ['node', self::SCRIPT_PATH],
-            base_path('app'),
-        );
-        $process->setInput(json_encode([
-            'login' => $login,
-            'password' => $password,
-            'url' => $url,
-        ]));
-        $process->setTimeout(self::TIMEOUT_SECONDS);
-        $process->run();
-
-        if (!$process->isSuccessful()) {
-            throw new SupplierAuthException(
-                "PlaywrightBridge exit code {$process->getExitCode()}: {$process->getErrorOutput()}",
-            );
-        }
-
-        $output = json_decode($process->getOutput(), true);
-        if (!is_array($output) || !isset($output['phpsessid'], $output['csrf'])) {
-            throw new SupplierAuthException(
-                "PlaywrightBridge returned invalid output: {$process->getOutput()}",
-            );
-        }
-
-        return $output;
-    }
-}
-```
-
-Зарегистрировать в `app/app/Providers/AppServiceProvider.php` (`register()`):
-
-```php
-$this->app->bind(
-    \App\Services\Supplier\ProcessFactory::class,
-    \App\Services\Supplier\SymfonyProcessFactory::class,
-);
-```
-
-- [ ] **Step 6: Run tests**
-
-```bash
-cd app && php vendor/bin/pest tests/Unit/Supplier/PlaywrightBridgeTest.php 2>&1
-```
-
-Expected: 2 PASS.
-
-- [ ] **Step 7: Failing test — RefreshSupplierSessionJob writes session to Redis with 6h TTL**
-
-`app/tests/Unit/Supplier/RefreshSupplierSessionJobTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Jobs\Supplier\RefreshSupplierSessionJob;
-use App\Services\Supplier\PlaywrightBridge;
-use App\Exceptions\Supplier\SupplierAuthException;
-use Illuminate\Support\Facades\Cache;
-
-beforeEach(function () {
-    config([
-        'services.supplier.login' => 'test_login',
-        'services.supplier.password' => 'test_password',
-        'services.supplier.portal_url' => 'https://crm.bp-gr.ru',
-    ]);
-    Cache::store('redis')->forget('supplier:session');
-});
-
-test('writes session data to Redis cache key supplier:session with 6h TTL', function () {
-    $mock = Mockery::mock(PlaywrightBridge::class);
-    $mock->shouldReceive('refreshSession')
-        ->once()
-        ->with('test_login', 'test_password', 'https://crm.bp-gr.ru')
-        ->andReturn([
-            'phpsessid' => 'sess123',
-            'csrf' => 'csrf456',
-            'refreshed_at' => '2026-05-11T10:00:00Z',
-        ]);
-    $this->app->instance(PlaywrightBridge::class, $mock);
-
-    $job = new RefreshSupplierSessionJob;
-    $job->handle($mock);
-
-    $cached = Cache::store('redis')->get('supplier:session');
-    expect($cached)->toBeArray()
-        ->and($cached['phpsessid'])->toBe('sess123')
-        ->and($cached['csrf'])->toBe('csrf456');
-});
-
-test('rethrows SupplierAuthException from PlaywrightBridge', function () {
-    $mock = Mockery::mock(PlaywrightBridge::class);
-    $mock->shouldReceive('refreshSession')
-        ->andThrow(new SupplierAuthException('Login rejected'));
-    $this->app->instance(PlaywrightBridge::class, $mock);
-
-    $job = new RefreshSupplierSessionJob;
-    expect(fn () => $job->handle($mock))->toThrow(SupplierAuthException::class);
-});
-```
-
-- [ ] **Step 8: Run failing test**
-
-```bash
-cd app && php vendor/bin/pest tests/Unit/Supplier/RefreshSupplierSessionJobTest.php 2>&1
-```
-
-Expected: FAIL — `RefreshSupplierSessionJob` class not found.
-
-- [ ] **Step 9: Создать `app/app/Jobs/Supplier/RefreshSupplierSessionJob.php`**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Jobs\Supplier;
-
-use App\Services\Supplier\PlaywrightBridge;
-use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Foundation\Bus\Dispatchable;
-use Illuminate\Queue\InteractsWithQueue;
-use Illuminate\Queue\SerializesModels;
-use Illuminate\Support\Facades\Cache;
-use Illuminate\Support\Facades\Log;
-
-final class RefreshSupplierSessionJob implements ShouldQueue
-{
-    use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;
-
-    public $connection = 'pgsql_supplier';
-    public $tries = 3;
-
-    public function backoff(): array
-    {
-        return [120, 600, 1800];  // 2m / 10m / 30m
-    }
-
-    public function handle(PlaywrightBridge $bridge): void
-    {
-        Cache::store('redis')->lock('supplier:session:refresh', 30)->block(35, function () use ($bridge) {
-            $session = $bridge->refreshSession(
-                login: config('services.supplier.login'),
-                password: config('services.supplier.password'),
-                url: config('services.supplier.portal_url'),
-            );
-
-            Cache::store('redis')->put(
-                key: 'supplier:session',
-                value: $session,
-                ttl: now()->addHours(6),
-            );
-
-            Log::info('supplier.session.refreshed', ['ttl_hours' => 6]);
-        });
-    }
-}
-```
-
-Добавить в `app/config/services.php`:
-
-```php
-'supplier' => [
-    'login' => env('SUPPLIER_LOGIN'),
-    'password' => env('SUPPLIER_PASSWORD'),
-    'portal_url' => env('SUPPLIER_PORTAL_URL', 'https://crm.bp-gr.ru'),
-    'alert_email' => env('SUPPLIER_ALERT_EMAIL'),
-],
-```
-
-- [ ] **Step 10: Run tests**
-
-```bash
-cd app && php vendor/bin/pest tests/Unit/Supplier/RefreshSupplierSessionJobTest.php 2>&1
-```
-
-Expected: 2 PASS.
-
-- [ ] **Step 11: Создать Console command `app/app/Console/Commands/SupplierSessionRefreshCommand.php`**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Console\Commands;
-
-use App\Jobs\Supplier\RefreshSupplierSessionJob;
-use Illuminate\Console\Command;
-
-final class SupplierSessionRefreshCommand extends Command
-{
-    protected $signature = 'supplier:session:refresh';
-    protected $description = 'Принудительный refresh session cookie+CSRF из crm.bp-gr.ru';
-
-    public function handle(): int
-    {
-        dispatch_sync(new RefreshSupplierSessionJob);
-        $this->info('Supplier session refreshed.');
-        return self::SUCCESS;
-    }
-}
-```
-
-- [ ] **Step 12: Failing test — SupplierSessionRefreshCommand dispatches job synchronously**
-
-В `RefreshSupplierSessionJobTest.php` (или новый `SupplierSessionRefreshCommandTest.php`):
-
-```php
-test('command supplier:session:refresh dispatches job synchronously', function () {
-    Illuminate\Support\Facades\Bus::fake();
-    $this->artisan('supplier:session:refresh')->assertExitCode(0);
-    Illuminate\Support\Facades\Bus::assertDispatchedSync(\App\Jobs\Supplier\RefreshSupplierSessionJob::class);
-});
-```
-
-- [ ] **Step 13: Run all Task 5 tests + Larastan + Pint**
-
-```bash
-cd app && php vendor/bin/pest tests/Unit/Supplier/ 2>&1 | tail -10
-cd app && php vendor/bin/pint app/app/Services/Supplier/ app/app/Jobs/Supplier/ app/app/Console/Commands/ 2>&1
-cd app && php vendor/bin/phpstan analyse --no-progress --memory-limit=512M 2>&1 | tail -10
-```
-
-Expected: all PASS, Pint clean, Larastan 0 errors above baseline.
-
-- [ ] **Step 14: Добавить `.gitignore` запись для node_modules**
-
-```bash
-echo "app/playwright/node_modules/" >> .gitignore
-```
-
-- [ ] **Step 15: Commit**
-
-```bash
-git add app/playwright/package.json app/playwright/refresh-session.js .gitignore \
-        app/app/Services/Supplier/PlaywrightBridge.php \
-        app/app/Jobs/Supplier/ \
-        app/app/Console/Commands/SupplierSessionRefreshCommand.php \
-        app/app/Providers/AppServiceProvider.php \
-        app/config/services.php \
-        app/tests/Unit/Supplier/PlaywrightBridgeTest.php \
-        app/tests/Unit/Supplier/RefreshSupplierSessionJobTest.php
-
-git commit -m "feat(supplier): Plan 3 Task 5 — RefreshSupplierSessionJob + PlaywrightBridge
-
-Компоненты:
-- app/playwright/{package.json, refresh-session.js} — изолированный Node.js
-  + Playwright chromium subprocess для headless логина
-- PlaywrightBridge: PHP-обёртка через Symfony\Process (stdin/stdout JSON,
-  timeout 75s, exit-code → SupplierAuthException)
-- RefreshSupplierSessionJob: \$tries=3, backoff [2m/10m/30m], Cache::lock
-  prevent concurrent refresh, write supplier:session Redis-ключ TTL 6h
-- supplier:session:refresh Console command для ручного запуска
-- config/services.supplier: login/password/portal_url/alert_email
-
-+5 тестов (PlaywrightBridge×2 + RefreshSupplierSessionJob×2 + Command×1).
-
-NOTE: DOM-селекторы в refresh-session.js (input[name=login],
-meta[name=csrf-token]) — placeholder'ы; финализировать после Task 1
-discovery + Task 2 spec §4.4.
-
-NOTE: app/playwright/node_modules/ в .gitignore (~200MB chromium на
-prod Linux, не commit'им)."
-```
-
----
-
-## Task 6: SyncSupplierProjectsJob + SupplierQuotaAllocator — 20:30 МСК cron с distribution-логикой
-
-**Files:**
-
-- Create: `app/app/Services/Supplier/SupplierQuotaAllocator.php`
-- Create: `app/app/Jobs/Supplier/SyncSupplierProjectsJob.php`
-- Create: `app/app/Mail/SupplierCriticalAlertMail.php`
-- Create: `app/tests/Unit/Supplier/SupplierQuotaAllocatorTest.php`
-- Create: `app/tests/Feature/Supplier/SyncSupplierProjectsJobTest.php`
-
-- [ ] **Step 1: Failing test — Allocator distributes site signal across B1/B2/B3**
-
-`app/tests/Unit/Supplier/SupplierQuotaAllocatorTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Services\Supplier\SupplierQuotaAllocator;
-use App\Services\Supplier\Dto\SupplierProjectDto;
-use Carbon\Carbon;
-use Illuminate\Support\Collection;
-
-test('site signal distributes B1 ceil(total/3), B2 ceil(remainder/2), B3 remainder', function () {
-    $projects = new Collection([
-        (object) ['daily_limit' => 10, 'workdays' => [1,2,3,4,5], 'regions' => [], 'tomorrow_in_workdays' => true],
-    ]);
-
-    $b1 = SupplierQuotaAllocator::allocate('B1', 'site', 'example.com', $projects, Carbon::parse('2026-05-12'));
-    $b2 = SupplierQuotaAllocator::allocate('B2', 'site', 'example.com', $projects, Carbon::parse('2026-05-12'));
-    $b3 = SupplierQuotaAllocator::allocate('B3', 'site', 'example.com', $projects, Carbon::parse('2026-05-12'));
-
-    expect($b1->limit + $b2->limit + $b3->limit)->toBe(10)
-        ->and($b1->limit)->toBe(4)  // ceil(10/3) = 4
-        ->and($b2->limit)->toBe(3)  // ceil(6/2) = 3
-        ->and($b3->limit)->toBe(3); // 10-4-3
-});
-```
-
-- [ ] **Step 2: Run failing test**
-
-```bash
-cd app && php vendor/bin/pest tests/Unit/Supplier/SupplierQuotaAllocatorTest.php 2>&1
-```
-
-Expected: FAIL — class not found.
-
-- [ ] **Step 3: Создать `app/app/Services/Supplier/SupplierQuotaAllocator.php`**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Supplier;
-
-use App\Services\Supplier\Dto\SupplierProjectDto;
-use Carbon\Carbon;
-use Illuminate\Support\Collection;
-
-final class SupplierQuotaAllocator
-{
-    /**
-     * Distribute total quota across platform B1/B2/B3 для конкретной supplier_project.
-     *
-     * @param Collection<int, object> $activeLiderraProjects — projects с daily_limit, workdays, regions
-     */
-    public static function allocate(
-        string $platform,
-        string $signalType,
-        string $uniqueKey,
-        Collection $activeLiderraProjects,
-        Carbon $targetDate,
-    ): ?SupplierProjectDto {
-        // Filter: projects где targetDate (iso weekday 1-7) есть в workdays
-        $targetWeekday = $targetDate->copy()->timezone('Europe/Moscow')->isoWeekday();
-        $eligibleProjects = $activeLiderraProjects->filter(
-            fn (object $p) => in_array($targetWeekday, (array) $p->workdays, true)
-        );
-
-        if ($eligibleProjects->isEmpty()) {
-            return null;
-        }
-
-        $totalQuota = (int) $eligibleProjects->sum('daily_limit');
-        $workdaysUnion = self::unionInts($eligibleProjects->pluck('workdays'));
-        $regionsUnion = self::unionInts($eligibleProjects->pluck('regions'));
-
-        $platformLimit = self::distributeForPlatform($signalType, $platform, $totalQuota);
-
-        return new SupplierProjectDto(
-            platform: $platform,
-            signalType: $signalType,
-            uniqueKey: $uniqueKey,
-            limit: $platformLimit,
-            workdays: $workdaysUnion,
-            regions: $regionsUnion,
-            regionsReverse: false,
-            status: 'active',
-        );
-    }
-
-    private static function distributeForPlatform(string $signalType, string $platform, int $total): int
-    {
-        if ($signalType === 'sms') {
-            // SMS doesn't go on B1 (spec §2.2)
-            if ($platform === 'B1') {
-                return 0;
-            }
-            // SMS distributes B2 ceil(total/2), B3 floor(total/2)
-            return $platform === 'B2' ? (int) ceil($total / 2) : (int) floor($total / 2);
-        }
-
-        // site/call distributes across all 3 platforms
-        $b1 = (int) ceil($total / 3);
-        $b2 = (int) ceil(($total - $b1) / 2);
-        $b3 = $total - $b1 - $b2;
-
-        return match ($platform) {
-            'B1' => $b1,
-            'B2' => $b2,
-            'B3' => $b3,
-        };
-    }
-
-    private static function unionInts(Collection $arrays): array
-    {
-        return $arrays
-            ->flatMap(fn ($a) => (array) $a)
-            ->map(fn ($v) => (int) $v)
-            ->unique()
-            ->sort()
-            ->values()
-            ->all();
-    }
-}
-```
-
-- [ ] **Step 4: Run test to verify pass**
-
-```bash
-cd app && php vendor/bin/pest tests/Unit/Supplier/SupplierQuotaAllocatorTest.php 2>&1
-```
-
-Expected: 1 PASS.
-
-- [ ] **Step 5: Добавить 8 ещё тестов на distribution-математику**
-
-В тот же файл:
-
-```php
-test('call signal same distribution as site (B1/B2/B3 split)', function () {
-    $projects = new Collection([
-        (object) ['daily_limit' => 30, 'workdays' => [1,2,3,4,5], 'regions' => []],
-    ]);
-    $b1 = SupplierQuotaAllocator::allocate('B1', 'call', '79991234567', $projects, Carbon::parse('2026-05-12'));
-    expect($b1->limit)->toBe(10);  // ceil(30/3)
-});
-
-test('sms with keyword distributes B2+B3 only (B1 returns 0)', function () {
-    $projects = new Collection([
-        (object) ['daily_limit' => 4, 'workdays' => [1,2,3,4,5], 'regions' => []],
-    ]);
-    $b1 = SupplierQuotaAllocator::allocate('B1', 'sms', 'TINKOFF+ипотека', $projects, Carbon::parse('2026-05-12'));
-    $b2 = SupplierQuotaAllocator::allocate('B2', 'sms', 'TINKOFF+ипотека', $projects, Carbon::parse('2026-05-12'));
-    $b3 = SupplierQuotaAllocator::allocate('B3', 'sms', 'TINKOFF+ипотека', $projects, Carbon::parse('2026-05-12'));
-    expect($b1->limit)->toBe(0)
-        ->and($b2->limit)->toBe(2)
-        ->and($b3->limit)->toBe(2);
-});
-
-test('returns null when no active liderra projects on target weekday', function () {
-    $projects = new Collection([
-        (object) ['daily_limit' => 10, 'workdays' => [6,7], 'regions' => []],  // только выходные
-    ]);
-    $allocation = SupplierQuotaAllocator::allocate('B1', 'site', 'example.com', $projects, Carbon::parse('2026-05-12'));  // вторник
-    expect($allocation)->toBeNull();
-});
-
-test('workdays union deduplicates and sorts', function () {
-    $projects = new Collection([
-        (object) ['daily_limit' => 5, 'workdays' => [1,2,3], 'regions' => []],
-        (object) ['daily_limit' => 5, 'workdays' => [3,4,5], 'regions' => []],
-    ]);
-    $b1 = SupplierQuotaAllocator::allocate('B1', 'site', 'example.com', $projects, Carbon::parse('2026-05-12'));
-    expect($b1->workdays)->toBe([1,2,3,4,5]);
-});
-
-test('regions union deduplicates and sorts', function () {
-    $projects = new Collection([
-        (object) ['daily_limit' => 5, 'workdays' => [1,2,3,4,5], 'regions' => [77, 50]],
-        (object) ['daily_limit' => 5, 'workdays' => [1,2,3,4,5], 'regions' => [50, 78]],
-    ]);
-    $b1 = SupplierQuotaAllocator::allocate('B1', 'site', 'example.com', $projects, Carbon::parse('2026-05-12'));
-    expect($b1->regions)->toBe([50, 77, 78]);
-});
-
-test('empty regions stays empty (all regions semantics)', function () {
-    $projects = new Collection([
-        (object) ['daily_limit' => 5, 'workdays' => [1,2,3,4,5], 'regions' => []],
-    ]);
-    $b1 = SupplierQuotaAllocator::allocate('B1', 'site', 'example.com', $projects, Carbon::parse('2026-05-12'));
-    expect($b1->regions)->toBe([]);
-});
-
-test('single project with limit=1 sites to B1 only', function () {
-    $projects = new Collection([
-        (object) ['daily_limit' => 1, 'workdays' => [1,2,3,4,5], 'regions' => []],
-    ]);
-    $b1 = SupplierQuotaAllocator::allocate('B1', 'site', 'example.com', $projects, Carbon::parse('2026-05-12'));
-    $b2 = SupplierQuotaAllocator::allocate('B2', 'site', 'example.com', $projects, Carbon::parse('2026-05-12'));
-    $b3 = SupplierQuotaAllocator::allocate('B3', 'site', 'example.com', $projects, Carbon::parse('2026-05-12'));
-    expect($b1->limit)->toBe(1)
-        ->and($b2->limit)->toBe(0)
-        ->and($b3->limit)->toBe(0);
-});
-
-test('large scale: 1000 projects with limit 10 each = 10000 total', function () {
-    $projects = new Collection(array_fill(0, 1000, (object) [
-        'daily_limit' => 10, 'workdays' => [1,2,3,4,5], 'regions' => [],
-    ]));
-    $b1 = SupplierQuotaAllocator::allocate('B1', 'site', 'example.com', $projects, Carbon::parse('2026-05-12'));
-    $b2 = SupplierQuotaAllocator::allocate('B2', 'site', 'example.com', $projects, Carbon::parse('2026-05-12'));
-    $b3 = SupplierQuotaAllocator::allocate('B3', 'site', 'example.com', $projects, Carbon::parse('2026-05-12'));
-    expect($b1->limit + $b2->limit + $b3->limit)->toBe(10000)
-        ->and($b1->limit)->toBe(3334);  // ceil(10000/3)
-});
-
-test('odd total: 7 distributes B1=3, B2=2, B3=2', function () {
-    $projects = new Collection([
-        (object) ['daily_limit' => 7, 'workdays' => [1,2,3,4,5], 'regions' => []],
-    ]);
-    $b1 = SupplierQuotaAllocator::allocate('B1', 'site', 'example.com', $projects, Carbon::parse('2026-05-12'));
-    $b2 = SupplierQuotaAllocator::allocate('B2', 'site', 'example.com', $projects, Carbon::parse('2026-05-12'));
-    $b3 = SupplierQuotaAllocator::allocate('B3', 'site', 'example.com', $projects, Carbon::parse('2026-05-12'));
-    expect($b1->limit)->toBe(3)
-        ->and($b2->limit)->toBe(2)
-        ->and($b3->limit)->toBe(2);
-});
-```
-
-- [ ] **Step 6: Run all 9 allocator tests**
-
-```bash
-cd app && php vendor/bin/pest tests/Unit/Supplier/SupplierQuotaAllocatorTest.php 2>&1
-```
-
-Expected: 9 PASS.
-
-- [ ] **Step 7: Создать Mailable `app/app/Mail/SupplierCriticalAlertMail.php`**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Mail;
-
-use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Mail\Mailable;
-use Illuminate\Mail\Mailables\Content;
-use Illuminate\Mail\Mailables\Envelope;
-
-final class SupplierCriticalAlertMail extends Mailable implements ShouldQueue
-{
-    use Queueable;
-
-    public function __construct(
-        public readonly string $alertType,
-        public readonly string $details,
-    ) {}
-
-    public function envelope(): Envelope
-    {
-        return new Envelope(
-            subject: "[Лидерра CRITICAL] Supplier sync: {$this->alertType}",
-        );
-    }
-
-    public function content(): Content
-    {
-        return new Content(
-            text: 'emails.supplier_alert_text',
-            with: [
-                'alertType' => $this->alertType,
-                'details' => $this->details,
-                'now' => now()->timezone('Europe/Moscow')->toIso8601String(),
-            ],
-        );
-    }
-}
-```
-
-Создать template `app/resources/views/emails/supplier_alert_text.blade.php`:
-
-```
-Supplier sync critical alert
-=============================
-Тип: {{ $alertType }}
-Время: {{ $now }} (МСК)
-
-Детали:
-{{ $details }}
-
-Это автоматическое сообщение от системы Лидерра.
-Проверьте `supplier_sync_log` в БД и Sentry breadcrumbs для деталей.
-```
-
-- [ ] **Step 8: Failing test — SyncSupplierProjectsJob creates new supplier_project at supplier**
-
-`app/tests/Feature/Supplier/SyncSupplierProjectsJobTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Jobs\Supplier\SyncSupplierProjectsJob;
-use App\Models\SupplierProject;
-use App\Models\Project;
-use App\Models\Tenant;
-use App\Models\SupplierSyncLog;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\Http;
-use Illuminate\Support\Facades\Cache;
-
-uses(DatabaseTransactions::class);
-
-beforeEach(function () {
-    Cache::store('redis')->put('supplier:session', [
-        'phpsessid' => 'sess', 'csrf' => 'csrf', 'refreshed_at' => now()->toIso8601String(),
-    ], now()->addHours(6));
-    config(['services.supplier.portal_url' => 'https://crm.bp-gr.ru']);
-    config(['services.supplier.alert_email' => 'ops@liderra.test']);
-});
-
-test('creates supplier_project at supplier when supplier_external_id is null', function () {
-    $tenant = Tenant::factory()->create();
-    $sp = SupplierProject::factory()->create([
-        'platform' => 'B1',
-        'signal_type' => 'site',
-        'unique_key' => 'example.com',
-        'supplier_external_id' => null,
-    ]);
-    Project::factory()->create([
-        'tenant_id' => $tenant->id,
-        'status' => 'active',
-        'signal_type' => 'site',
-        'signal_identifier' => 'example.com',
-        'supplier_b1_project_id' => $sp->id,
-        'daily_limit' => 9,
-        'workdays' => [1,2,3,4,5,6,7],  // tomorrow в workdays для любого дня
-    ]);
-
-    Http::fake([
-        'crm.bp-gr.ru/admin/rt-project-save' => Http::response(['id' => 555], 200),
-    ]);
-
-    (new SyncSupplierProjectsJob)->handle();
-
-    $sp->refresh();
-    expect($sp->supplier_external_id)->toBe(555)
-        ->and($sp->sync_status)->toBe('ok');
-
-    Http::assertSent(fn ($r) => str_ends_with($r->url(), '/admin/rt-project-save'));
-});
-```
-
-- [ ] **Step 9: Run failing test**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Supplier/SyncSupplierProjectsJobTest.php --filter="creates supplier_project" 2>&1
-```
-
-Expected: FAIL — class not found.
-
-- [ ] **Step 10: Создать SyncSupplierProjectsJob**
-
-`app/app/Jobs/Supplier/SyncSupplierProjectsJob.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Jobs\Supplier;
-
-use App\Exceptions\Supplier\SupplierAuthException;
-use App\Exceptions\Supplier\SupplierClientException;
-use App\Exceptions\Supplier\SupplierTransientException;
-use App\Mail\SupplierCriticalAlertMail;
-use App\Models\SupplierProject;
-use App\Models\SupplierSyncLog;
-use App\Services\Supplier\Dto\SupplierProjectDto;
-use App\Services\Supplier\SupplierPortalClient;
-use App\Services\Supplier\SupplierQuotaAllocator;
-use Carbon\Carbon;
-use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Foundation\Bus\Dispatchable;
-use Illuminate\Queue\InteractsWithQueue;
-use Illuminate\Queue\SerializesModels;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Log;
-use Illuminate\Support\Facades\Mail;
-
-final class SyncSupplierProjectsJob implements ShouldQueue
-{
-    use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;
-
-    public $connection = 'pgsql_supplier';
-    private const TIME_BUDGET_CUTOFF = '20:55';  // МСК hard-stop с 5-мин запасом до 21:00
-    private const MASS_FAIL_THRESHOLD = 50;
-
-    public function handle(?SupplierPortalClient $client = null): void
-    {
-        $client ??= app(SupplierPortalClient::class);
-        $consecutiveTransient = 0;
-
-        foreach (SupplierProject::query()->whereNull('deleted_at')->cursor() as $sp) {
-            if (now()->timezone('Europe/Moscow')->format('H:i') >= self::TIME_BUDGET_CUTOFF) {
-                Log::warning('supplier.sync.time_budget_reached', ['processed_until' => $sp->id]);
-                break;
-            }
-
-            try {
-                $this->syncOne($sp, $client);
-                $consecutiveTransient = 0;
-            } catch (SupplierAuthException $e) {
-                Mail::to(config('services.supplier.alert_email'))
-                    ->queue(new SupplierCriticalAlertMail('auth_sticky', $e->getMessage()));
-                report($e);
-                throw $e;
-            } catch (SupplierTransientException $e) {
-                $consecutiveTransient++;
-                $this->logSyncFailure($sp, $e);
-                if ($consecutiveTransient >= self::MASS_FAIL_THRESHOLD) {
-                    Mail::to(config('services.supplier.alert_email'))
-                        ->queue(new SupplierCriticalAlertMail('mass_transient',
-                            "Aborted after {$consecutiveTransient} consecutive transient failures."));
-                    report(new \RuntimeException('Supplier outage suspected'));
-                    break;
-                }
-                continue;
-            } catch (SupplierClientException $e) {
-                $this->logSyncFailure($sp, $e);
-                report($e);
-                continue;
-            }
-        }
-    }
-
-    private function syncOne(SupplierProject $sp, SupplierPortalClient $client): void
-    {
-        $activeLiderraProjects = $sp->liderraProjects()
-            ->where('status', 'active')
-            ->get();
-
-        if ($activeLiderraProjects->isEmpty()) {
-            return;
-        }
-
-        $allocation = SupplierQuotaAllocator::allocate(
-            platform: $sp->platform,
-            signalType: $sp->signal_type,
-            uniqueKey: $sp->unique_key,
-            activeLiderraProjects: $activeLiderraProjects,
-            targetDate: Carbon::tomorrow('Europe/Moscow'),
-        );
-
-        if ($allocation === null) {
-            return;
-        }
-
-        $current = SupplierProjectDto::fromModel($sp);
-        if ($allocation->equals($current)) {
-            return;
-        }
-
-        DB::transaction(function () use ($sp, $allocation, $client) {
-            if ($sp->supplier_external_id === null) {
-                $externalId = $client->saveProject($allocation);
-                $sp->update([
-                    'supplier_external_id' => $externalId,
-                    'current_limit' => $allocation->limit,
-                    'current_workdays' => $allocation->workdays,
-                    'current_regions' => $allocation->regions,
-                    'sync_status' => 'ok',
-                    'last_synced_at' => now(),
-                ]);
-            } else {
-                $client->updateProject($sp->supplier_external_id, $allocation);
-                $sp->update([
-                    'current_limit' => $allocation->limit,
-                    'current_workdays' => $allocation->workdays,
-                    'current_regions' => $allocation->regions,
-                    'sync_status' => 'ok',
-                    'last_synced_at' => now(),
-                ]);
-            }
-            SupplierSyncLog::create([
-                'supplier_project_id' => $sp->id,
-                'action' => $sp->wasRecentlyCreated || $sp->supplier_external_id !== null ? 'update' : 'save',
-                'status' => 'ok',
-            ]);
-        });
-    }
-
-    private function logSyncFailure(SupplierProject $sp, \Throwable $e): void
-    {
-        SupplierSyncLog::create([
-            'supplier_project_id' => $sp->id,
-            'action' => 'update',
-            'status' => 'failed',
-            'error' => substr($e->getMessage(), 0, 500),
-        ]);
-    }
-}
-```
-
-- [ ] **Step 11: Run test to verify pass**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Supplier/SyncSupplierProjectsJobTest.php 2>&1
-```
-
-Expected: 1 PASS.
-
-- [ ] **Step 12: Добавить ещё 6 integration tests**
-
-```php
-test('skips when no diff between current and computed allocation', function () {
-    $tenant = Tenant::factory()->create();
-    $sp = SupplierProject::factory()->create([
-        'platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'example.com',
-        'supplier_external_id' => 999,
-        'current_limit' => 9, 'current_workdays' => [1,2,3,4,5,6,7], 'current_regions' => [],
-    ]);
-    Project::factory()->create([
-        'tenant_id' => $tenant->id, 'status' => 'active',
-        'signal_type' => 'site', 'signal_identifier' => 'example.com',
-        'supplier_b1_project_id' => $sp->id,
-        'daily_limit' => 27, 'workdays' => [1,2,3,4,5,6,7],  // 27/3 = 9 B1, no change
-    ]);
-
-    Http::fake();
-    (new SyncSupplierProjectsJob)->handle();
-    Http::assertNothingSent();
-});
-
-test('isolates failure: one bad supplier_project does not stop others', function () {
-    $tenant = Tenant::factory()->create();
-    $sp1 = SupplierProject::factory()->create(['platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'bad.com', 'supplier_external_id' => null]);
-    $sp2 = SupplierProject::factory()->create(['platform' => 'B2', 'signal_type' => 'site', 'unique_key' => 'good.com', 'supplier_external_id' => null]);
-    foreach ([$sp1, $sp2] as $sp) {
-        Project::factory()->create([
-            'tenant_id' => $tenant->id, 'status' => 'active',
-            'signal_type' => 'site', 'signal_identifier' => $sp->unique_key,
-            ($sp->platform === 'B1' ? 'supplier_b1_project_id' : 'supplier_b2_project_id') => $sp->id,
-            'daily_limit' => 9, 'workdays' => [1,2,3,4,5,6,7],
-        ]);
-    }
-
-    Http::fakeSequence('crm.bp-gr.ru/admin/rt-project-save')
-        ->push('bad request', 422)
-        ->push(['id' => 777], 200);
-
-    (new SyncSupplierProjectsJob)->handle();
-
-    expect(SupplierSyncLog::where('supplier_project_id', $sp1->id)->where('status', 'failed')->exists())->toBeTrue();
-    expect($sp2->fresh()->supplier_external_id)->toBe(777);
-});
-
-test('aborts after 50 consecutive transient failures and sends alert', function () {
-    \Illuminate\Support\Facades\Mail::fake();
-    $tenant = Tenant::factory()->create();
-    foreach (range(1, 60) as $i) {
-        $sp = SupplierProject::factory()->create(['platform' => 'B1', 'signal_type' => 'site', 'unique_key' => "host{$i}.com", 'supplier_external_id' => null]);
-        Project::factory()->create([
-            'tenant_id' => $tenant->id, 'status' => 'active',
-            'signal_type' => 'site', 'signal_identifier' => "host{$i}.com",
-            'supplier_b1_project_id' => $sp->id,
-            'daily_limit' => 9, 'workdays' => [1,2,3,4,5,6,7],
-        ]);
-    }
-    Http::fake(['crm.bp-gr.ru/*' => Http::response('upstream', 503)]);
-
-    (new SyncSupplierProjectsJob)->handle();
-
-    \Illuminate\Support\Facades\Mail::assertQueued(\App\Mail\SupplierCriticalAlertMail::class);
-});
-
-test('writes supplier_sync_log row for each action', function () {
-    $tenant = Tenant::factory()->create();
-    $sp = SupplierProject::factory()->create(['platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'example.com', 'supplier_external_id' => null]);
-    Project::factory()->create([
-        'tenant_id' => $tenant->id, 'status' => 'active',
-        'signal_type' => 'site', 'signal_identifier' => 'example.com',
-        'supplier_b1_project_id' => $sp->id,
-        'daily_limit' => 9, 'workdays' => [1,2,3,4,5,6,7],
-    ]);
-    Http::fake(['crm.bp-gr.ru/admin/rt-project-save' => Http::response(['id' => 555], 200)]);
-
-    (new SyncSupplierProjectsJob)->handle();
-
-    expect(SupplierSyncLog::where('supplier_project_id', $sp->id)->where('status', 'ok')->exists())->toBeTrue();
-});
-
-test('respects time budget by stopping at 20:55 МСК', function () {
-    Carbon::setTestNow(Carbon::parse('2026-05-12 20:56:00', 'Europe/Moscow'));
-
-    $tenant = Tenant::factory()->create();
-    $sp = SupplierProject::factory()->create(['platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'example.com', 'supplier_external_id' => null]);
-    Project::factory()->create([
-        'tenant_id' => $tenant->id, 'status' => 'active',
-        'signal_type' => 'site', 'signal_identifier' => 'example.com',
-        'supplier_b1_project_id' => $sp->id,
-        'daily_limit' => 9, 'workdays' => [1,2,3,4,5,6,7],
-    ]);
-    Http::fake();
-
-    (new SyncSupplierProjectsJob)->handle();
-
-    Http::assertNothingSent();
-    Carbon::setTestNow();
-});
-
-test('sticky auth error throws and sends critical alert email', function () {
-    \Illuminate\Support\Facades\Mail::fake();
-    $tenant = Tenant::factory()->create();
-    $sp = SupplierProject::factory()->create(['platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'example.com', 'supplier_external_id' => null]);
-    Project::factory()->create([
-        'tenant_id' => $tenant->id, 'status' => 'active',
-        'signal_type' => 'site', 'signal_identifier' => 'example.com',
-        'supplier_b1_project_id' => $sp->id,
-        'daily_limit' => 9, 'workdays' => [1,2,3,4,5,6,7],
-    ]);
-    Http::fake([
-        'crm.bp-gr.ru/*' => Http::response('Unauthorized', 401),
-    ]);
-    \Illuminate\Support\Facades\Bus::fake([\App\Jobs\Supplier\RefreshSupplierSessionJob::class]);
-
-    expect(fn () => (new SyncSupplierProjectsJob)->handle())
-        ->toThrow(\App\Exceptions\Supplier\SupplierAuthException::class);
-    \Illuminate\Support\Facades\Mail::assertQueued(\App\Mail\SupplierCriticalAlertMail::class);
-});
-```
-
-- [ ] **Step 13: Run all Task 6 tests + Larastan + Pint**
-
-```bash
-cd app && php vendor/bin/pest tests/Unit/Supplier/SupplierQuotaAllocatorTest.php tests/Feature/Supplier/SyncSupplierProjectsJobTest.php 2>&1 | tail -20
-cd app && php vendor/bin/pint app/app/Services/Supplier/ app/app/Jobs/Supplier/ app/app/Mail/ 2>&1
-cd app && php vendor/bin/phpstan analyse --no-progress --memory-limit=512M 2>&1 | tail -10
-```
-
-Expected: 9 (allocator) + 7 (sync job) = 16 PASS; Pint clean; Larastan 0 errors above baseline.
-
-- [ ] **Step 14: Commit**
-
-```bash
-git add app/app/Services/Supplier/SupplierQuotaAllocator.php \
-        app/app/Jobs/Supplier/SyncSupplierProjectsJob.php \
-        app/app/Mail/SupplierCriticalAlertMail.php \
-        app/resources/views/emails/supplier_alert_text.blade.php \
-        app/tests/Unit/Supplier/SupplierQuotaAllocatorTest.php \
-        app/tests/Feature/Supplier/SyncSupplierProjectsJobTest.php
-
-git commit -m "feat(supplier): Plan 3 Task 6 — SyncSupplierProjectsJob + SupplierQuotaAllocator
-
-Компоненты:
-- SupplierQuotaAllocator: pure function distribution-логики
-  - site/call: B1=ceil(t/3), B2=ceil(r/2), B3=remainder
-  - sms-with-keyword: B2+B3 only (B1=0, spec §2.2)
-  - sms-without-keyword: B3-only
-  - Workdays/regions union, weekday-фильтрация по Europe/Moscow
-- SyncSupplierProjectsJob: 20:30 МСК cron
-  - per-supplier_project failure-isolation (continue на one bad)
-  - mass-fail abort: 50 consecutive transient → alert + break
-  - sticky auth → email + throw + Sentry critical
-  - time budget cutoff 20:55 МСК (5-мин safety margin до 21:00)
-  - supplier_sync_log per action (ok/failed)
-- SupplierCriticalAlertMail + text template для email алертов
-
-+16 тестов (9 allocator + 7 sync job)."
-```
-
----
-
-## Task 7: CleanupInactiveSupplierProjectsJob — Phase A re-activate → B mark → C delete 180d
-
-**Files:**
-
-- Create: `app/app/Jobs/Supplier/CleanupInactiveSupplierProjectsJob.php`
-- Create: `app/tests/Feature/Supplier/CleanupInactiveSupplierProjectsJobTest.php`
-
-- [ ] **Step 1: Failing test — Phase A re-activates supplier_project when active liderra returns**
-
-`app/tests/Feature/Supplier/CleanupInactiveSupplierProjectsJobTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Jobs\Supplier\CleanupInactiveSupplierProjectsJob;
-use App\Models\SupplierProject;
-use App\Models\Project;
-use App\Models\Tenant;
-use App\Models\SupplierSyncLog;
-use Carbon\Carbon;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\Http;
-use Illuminate\Support\Facades\Cache;
-
-uses(DatabaseTransactions::class);
-
-beforeEach(function () {
-    Cache::store('redis')->put('supplier:session', [
-        'phpsessid' => 'sess', 'csrf' => 'csrf', 'refreshed_at' => now()->toIso8601String(),
-    ], now()->addHours(6));
-    config(['services.supplier.portal_url' => 'https://crm.bp-gr.ru']);
-});
-
-test('phase A re-activates supplier_project when active liderra returns', function () {
-    $tenant = Tenant::factory()->create();
-    $sp = SupplierProject::factory()->create([
-        'platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'example.com',
-        'inactive_since' => now()->subDays(30),
-    ]);
-    Project::factory()->create([
-        'tenant_id' => $tenant->id, 'status' => 'active',
-        'signal_type' => 'site', 'signal_identifier' => 'example.com',
-        'supplier_b1_project_id' => $sp->id,
-    ]);
-
-    (new CleanupInactiveSupplierProjectsJob)->handle();
-
-    expect($sp->fresh()->inactive_since)->toBeNull();
-});
-```
-
-- [ ] **Step 2: Run failing test**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Supplier/CleanupInactiveSupplierProjectsJobTest.php 2>&1
-```
-
-Expected: FAIL — class not found.
-
-- [ ] **Step 3: Создать CleanupInactiveSupplierProjectsJob с Phase A→B→C**
-
-`app/app/Jobs/Supplier/CleanupInactiveSupplierProjectsJob.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Jobs\Supplier;
-
-use App\Exceptions\Supplier\SupplierClientException;
-use App\Exceptions\Supplier\SupplierTransientException;
-use App\Models\SupplierProject;
-use App\Models\SupplierSyncLog;
-use App\Services\Supplier\SupplierPortalClient;
-use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Foundation\Bus\Dispatchable;
-use Illuminate\Queue\InteractsWithQueue;
-use Illuminate\Queue\SerializesModels;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Log;
-
-final class CleanupInactiveSupplierProjectsJob implements ShouldQueue
-{
-    use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;
-
-    public $connection = 'pgsql_supplier';
-    private const INACTIVE_TTL_DAYS = 180;
-
-    public function handle(?SupplierPortalClient $client = null): void
-    {
-        $client ??= app(SupplierPortalClient::class);
-
-        // SQL для определения id'шников active supplier_projects (есть active liderra_project)
-        $activeIdsSubquery = <<<'SQL'
-            SELECT DISTINCT id FROM (
-                SELECT supplier_b1_project_id AS id FROM projects WHERE status='active' AND supplier_b1_project_id IS NOT NULL
-                UNION
-                SELECT supplier_b2_project_id FROM projects WHERE status='active' AND supplier_b2_project_id IS NOT NULL
-                UNION
-                SELECT supplier_b3_project_id FROM projects WHERE status='active' AND supplier_b3_project_id IS NOT NULL
-            ) AS active_supplier_ids
-        SQL;
-
-        // Phase A: re-activate (СНАЧАЛА — иначе Phase C может удалить недавно вернувшихся)
-        $reactivated = DB::connection('pgsql_supplier')->update(<<<SQL
-            UPDATE supplier_projects
-            SET inactive_since = NULL
-            WHERE inactive_since IS NOT NULL
-              AND id IN ({$activeIdsSubquery})
-        SQL);
-
-        Log::info('supplier.cleanup.phase_a_reactivated', ['count' => $reactivated]);
-
-        // Phase B: mark new inactive
-        $marked = DB::connection('pgsql_supplier')->update(<<<SQL
-            UPDATE supplier_projects
-            SET inactive_since = NOW()
-            WHERE inactive_since IS NULL
-              AND id NOT IN ({$activeIdsSubquery})
-        SQL);
-
-        Log::info('supplier.cleanup.phase_b_marked', ['count' => $marked]);
-
-        // Phase C: delete 180d-old
-        $deleted = 0;
-        $cutoff = now()->subDays(self::INACTIVE_TTL_DAYS);
-        SupplierProject::on('pgsql_supplier')
-            ->where('inactive_since', '<', $cutoff)
-            ->cursor()
-            ->each(function (SupplierProject $sp) use ($client, &$deleted) {
-                try {
-                    if ($sp->supplier_external_id !== null) {
-                        $client->deleteProject($sp->supplier_external_id);
-                    }
-                    $sp->delete();
-                    SupplierSyncLog::create([
-                        'supplier_project_id' => $sp->id,
-                        'action' => 'delete',
-                        'status' => 'ok',
-                    ]);
-                    $deleted++;
-                } catch (SupplierClientException $e) {
-                    if ($e->httpStatus === 404) {
-                        // Уже удалён у поставщика — продолжаем с локальным soft-delete
-                        $sp->delete();
-                        SupplierSyncLog::create([
-                            'supplier_project_id' => $sp->id,
-                            'action' => 'delete',
-                            'status' => 'ok',
-                            'error' => 'supplier returned 404 (already deleted)',
-                        ]);
-                        $deleted++;
-                    } else {
-                        SupplierSyncLog::create([
-                            'supplier_project_id' => $sp->id,
-                            'action' => 'delete',
-                            'status' => 'failed',
-                            'error' => substr($e->getMessage(), 0, 500),
-                        ]);
-                        report($e);
-                    }
-                } catch (SupplierTransientException $e) {
-                    SupplierSyncLog::create([
-                        'supplier_project_id' => $sp->id,
-                        'action' => 'delete',
-                        'status' => 'failed',
-                        'error' => substr($e->getMessage(), 0, 500),
-                    ]);
-                }
-            });
-
-        Log::info('supplier.cleanup.phase_c_deleted', ['count' => $deleted]);
-    }
-}
-```
-
-- [ ] **Step 4: Run test to verify pass**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Supplier/CleanupInactiveSupplierProjectsJobTest.php --filter="phase A re-activates" 2>&1
-```
-
-Expected: PASS.
-
-- [ ] **Step 5: Добавить тесты Phase B, Phase C, ordering, 404 handling**
-
-```php
-test('phase B marks inactive_since=NOW for newly orphaned supplier_project', function () {
-    $sp = SupplierProject::factory()->create([
-        'platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'orphan.com',
-        'inactive_since' => null,
-    ]);
-    // НЕТ active liderra projects, ссылающихся на $sp
-
-    Carbon::setTestNow(Carbon::parse('2026-05-12 02:00:00'));
-    (new CleanupInactiveSupplierProjectsJob)->handle();
-    Carbon::setTestNow();
-
-    expect($sp->fresh()->inactive_since)->not->toBeNull();
-});
-
-test('phase C deletes supplier_project after 180 days inactive', function () {
-    $sp = SupplierProject::factory()->create([
-        'platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'old.com',
-        'supplier_external_id' => 999,
-        'inactive_since' => now()->subDays(181),
-    ]);
-
-    Http::fake(['crm.bp-gr.ru/admin/rt-project-delete' => Http::response('', 200)]);
-
-    (new CleanupInactiveSupplierProjectsJob)->handle();
-
-    expect(SupplierProject::where('id', $sp->id)->withTrashed()->first()->trashed())->toBeTrue();
-    expect(SupplierSyncLog::where('supplier_project_id', $sp->id)->where('action', 'delete')->exists())->toBeTrue();
-});
-
-test('phase A runs before phase B before phase C (safety ordering)', function () {
-    // Scenario: supplier_project inactive_since=185d ago (eligible Phase C),
-    // BUT liderra_project недавно стал active (eligible Phase A).
-    // Phase A должна сначала обнулить inactive_since, потом Phase C не должна удалить.
-    $tenant = Tenant::factory()->create();
-    $sp = SupplierProject::factory()->create([
-        'platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'edge.com',
-        'supplier_external_id' => 888,
-        'inactive_since' => now()->subDays(185),  // > 180, eligible Phase C
-    ]);
-    Project::factory()->create([
-        'tenant_id' => $tenant->id, 'status' => 'active',
-        'signal_type' => 'site', 'signal_identifier' => 'edge.com',
-        'supplier_b1_project_id' => $sp->id,  // active liderra → eligible Phase A
-    ]);
-
-    Http::fake();  // expect NO deleteProject call
-    (new CleanupInactiveSupplierProjectsJob)->handle();
-
-    expect($sp->fresh()->inactive_since)->toBeNull();
-    expect(SupplierProject::where('id', $sp->id)->withTrashed()->first()->trashed())->toBeFalse();
-    Http::assertNothingSent();  // Phase C не вызвалась — критическая защита
-});
-
-test('handles 404 from supplier on already-deleted supplier_project', function () {
-    $sp = SupplierProject::factory()->create([
-        'platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'ghost.com',
-        'supplier_external_id' => 777,
-        'inactive_since' => now()->subDays(181),
-    ]);
-    Http::fake(['crm.bp-gr.ru/admin/rt-project-delete' => Http::response('not found', 404)]);
-
-    (new CleanupInactiveSupplierProjectsJob)->handle();
-
-    expect(SupplierProject::where('id', $sp->id)->withTrashed()->first()->trashed())->toBeTrue();
-    expect(SupplierSyncLog::where('supplier_project_id', $sp->id)
-        ->where('action', 'delete')
-        ->where('status', 'ok')
-        ->exists())->toBeTrue();
-});
-
-test('does not delete supplier_project marked inactive less than 180 days ago', function () {
-    $sp = SupplierProject::factory()->create([
-        'platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'recent.com',
-        'supplier_external_id' => 555,
-        'inactive_since' => now()->subDays(100),
-    ]);
-    Http::fake();
-    (new CleanupInactiveSupplierProjectsJob)->handle();
-
-    expect(SupplierProject::where('id', $sp->id)->withTrashed()->first()->trashed())->toBeFalse();
-    Http::assertNothingSent();
-});
-```
-
-- [ ] **Step 6: Run all Task 7 tests + Larastan + Pint**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Supplier/CleanupInactiveSupplierProjectsJobTest.php 2>&1
-cd app && php vendor/bin/pint app/app/Jobs/Supplier/ 2>&1
-cd app && php vendor/bin/phpstan analyse --no-progress --memory-limit=512M 2>&1 | tail -10
-```
-
-Expected: 6 PASS / 0 fail.
-
-- [ ] **Step 7: Commit**
-
-```bash
-git add app/app/Jobs/Supplier/CleanupInactiveSupplierProjectsJob.php \
-        app/tests/Feature/Supplier/CleanupInactiveSupplierProjectsJobTest.php
-
-git commit -m "feat(supplier): Plan 3 Task 7 — CleanupInactiveSupplierProjectsJob (Phase A→B→C)
-
-Daily 02:00 МСК cron, 3 фазы со строгим порядком:
-- Phase A: re-activate supplier_projects где появился active liderra_project
-  (СНАЧАЛА чтобы Phase C не удалила недавно вернувшихся — safety property)
-- Phase B: mark inactive_since=NOW() для newly orphaned supplier_projects
-- Phase C: для inactive_since < NOW() - 180d → rt-project-delete + soft-delete
-  + 404 от поставщика → trust как 'уже удалён', продолжить локальный delete
-
-180-day TTL paritet со spec §3.3 (без grace period). Audit в supplier_sync_log
-на каждый delete event — defense для potential reverse.
-
-+6 тестов (Phase A/B/C + ordering safety + 404 handling + < 180d boundary)."
-```
-
----
-
-## Task 8: RetryFailedSupplierJobsCommand + 5 Schedule entries
-
-**Files:**
-
-- Create: `app/app/Console/Commands/RetryFailedSupplierJobsCommand.php`
-- Create: `app/tests/Feature/Supplier/RetryFailedSupplierJobsCommandTest.php`
-- Modify: `app/routes/console.php`
-
-- [ ] **Step 1: Проверить колонки в failed_webhook_jobs**
-
-```bash
-grep -n "failed_webhook_jobs\|retry_attempts\|last_retried_at" db/schema.sql | head -20
-```
-
-Expected: таблица существует. **Если** колонки `retry_attempts` / `last_retried_at` отсутствуют — добавить в schema.sql v8.18 (отдельный mini-Task) или использовать существующие колонки. Pre-check **перед** написанием Command'а.
-
-- [ ] **Step 2: Failing test — Command dispatches RouteSupplierLeadJob for each row**
-
-`app/tests/Feature/Supplier/RetryFailedSupplierJobsCommandTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Jobs\RouteSupplierLeadJob;
-use App\Models\FailedWebhookJob;
-use App\Models\SupplierLead;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\Bus;
-
-uses(DatabaseTransactions::class);
-
-test('dispatches RouteSupplierLeadJob for each row in failed_webhook_jobs eligible for retry', function () {
-    Bus::fake();
-
-    $lead1 = SupplierLead::factory()->create();
-    $lead2 = SupplierLead::factory()->create();
-
-    FailedWebhookJob::create([
-        'tenant_id' => null,
-        'supplier_lead_id' => $lead1->id,
-        'payload' => json_encode(['vid' => 1]),
-        'error_message' => 'sim',
-        'failed_at' => now()->subHours(2),
-        'retry_attempts' => 0,
-        'last_retried_at' => null,
-    ]);
-    FailedWebhookJob::create([
-        'tenant_id' => null,
-        'supplier_lead_id' => $lead2->id,
-        'payload' => json_encode(['vid' => 2]),
-        'error_message' => 'sim',
-        'failed_at' => now()->subHours(2),
-        'retry_attempts' => 0,
-        'last_retried_at' => null,
-    ]);
-
-    $this->artisan('supplier:retry-failed')->assertExitCode(0);
-
-    Bus::assertDispatched(RouteSupplierLeadJob::class, 2);
-});
-```
-
-- [ ] **Step 3: Run failing test**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Supplier/RetryFailedSupplierJobsCommandTest.php 2>&1
-```
-
-Expected: FAIL — command not found.
-
-- [ ] **Step 4: Создать `app/app/Console/Commands/RetryFailedSupplierJobsCommand.php`**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Console\Commands;
-
-use App\Jobs\RouteSupplierLeadJob;
-use App\Models\FailedWebhookJob;
-use Illuminate\Console\Command;
-use Illuminate\Support\Facades\Log;
-
-final class RetryFailedSupplierJobsCommand extends Command
-{
-    protected $signature = 'supplier:retry-failed';
-    protected $description = 'Re-dispatch RouteSupplierLeadJob for failed_webhook_jobs (hourly + 10 attempts/24h limit)';
-
-    private const MAX_ATTEMPTS = 10;
-
-    public function handle(): int
-    {
-        $dispatched = 0;
-
-        FailedWebhookJob::query()
-            ->where('retry_attempts', '<', self::MAX_ATTEMPTS)
-            ->where(function ($q) {
-                $q->whereNull('last_retried_at')
-                  ->orWhere('last_retried_at', '<', now()->subHour());
-            })
-            ->whereNotNull('supplier_lead_id')
-            ->cursor()
-            ->each(function (FailedWebhookJob $row) use (&$dispatched) {
-                RouteSupplierLeadJob::dispatch(supplierLeadId: $row->supplier_lead_id);
-                $row->update([
-                    'retry_attempts' => $row->retry_attempts + 1,
-                    'last_retried_at' => now(),
-                ]);
-                $dispatched++;
-            });
-
-        Log::info('supplier.retry_failed', ['dispatched' => $dispatched]);
-        $this->info("Re-dispatched {$dispatched} failed webhook jobs.");
-
-        return self::SUCCESS;
-    }
-}
-```
-
-- [ ] **Step 5: Run test to verify pass**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Supplier/RetryFailedSupplierJobsCommandTest.php 2>&1
-```
-
-Expected: 1 PASS.
-
-- [ ] **Step 6: Добавить 3 ещё тестов**
-
-```php
-test('skips rows with retry_attempts >= 10', function () {
-    Bus::fake();
-    $lead = SupplierLead::factory()->create();
-    FailedWebhookJob::create([
-        'tenant_id' => null, 'supplier_lead_id' => $lead->id,
-        'payload' => '{}', 'error_message' => 'sim', 'failed_at' => now(),
-        'retry_attempts' => 10, 'last_retried_at' => now()->subHours(5),
-    ]);
-    $this->artisan('supplier:retry-failed')->assertExitCode(0);
-    Bus::assertNotDispatched(RouteSupplierLeadJob::class);
-});
-
-test('skips rows with last_retried_at within last hour', function () {
-    Bus::fake();
-    $lead = SupplierLead::factory()->create();
-    FailedWebhookJob::create([
-        'tenant_id' => null, 'supplier_lead_id' => $lead->id,
-        'payload' => '{}', 'error_message' => 'sim', 'failed_at' => now(),
-        'retry_attempts' => 1, 'last_retried_at' => now()->subMinutes(30),
-    ]);
-    $this->artisan('supplier:retry-failed')->assertExitCode(0);
-    Bus::assertNotDispatched(RouteSupplierLeadJob::class);
-});
-
-test('increments retry_attempts and updates last_retried_at', function () {
-    Bus::fake();
-    $lead = SupplierLead::factory()->create();
-    $row = FailedWebhookJob::create([
-        'tenant_id' => null, 'supplier_lead_id' => $lead->id,
-        'payload' => '{}', 'error_message' => 'sim', 'failed_at' => now()->subHours(2),
-        'retry_attempts' => 2, 'last_retried_at' => now()->subHours(2),
-    ]);
-    $this->artisan('supplier:retry-failed')->assertExitCode(0);
-    $row->refresh();
-    expect($row->retry_attempts)->toBe(3)
-        ->and($row->last_retried_at->diffInMinutes(now()))->toBeLessThan(1);
-});
-```
-
-- [ ] **Step 7: Run all 4 tests**
-
-```bash
-cd app && php vendor/bin/pest tests/Feature/Supplier/RetryFailedSupplierJobsCommandTest.php 2>&1
-```
-
-Expected: 4 PASS.
-
-- [ ] **Step 8: Добавить 5 Schedule entries в `app/routes/console.php`**
-
-В конец файла:
-
-```php
-use Illuminate\Support\Facades\Schedule;
-use App\Jobs\Supplier\RefreshSupplierSessionJob;
-use App\Jobs\Supplier\SyncSupplierProjectsJob;
-use App\Jobs\Supplier\CleanupInactiveSupplierProjectsJob;
-
-// Plan 3 Task 8: 5 Schedule entries для supplier-flow
-Schedule::job(new RefreshSupplierSessionJob)->hourly()->onOneServer();
-Schedule::job(new RefreshSupplierSessionJob)
-    ->dailyAt('20:15')
-    ->timezone('Europe/Moscow')
-    ->onOneServer();
-Schedule::job(new SyncSupplierProjectsJob)
-    ->dailyAt('20:30')
-    ->timezone('Europe/Moscow')
-    ->onOneServer();
-Schedule::job(new CleanupInactiveSupplierProjectsJob)
-    ->dailyAt('02:00')
-    ->timezone('Europe/Moscow')
-    ->onOneServer();
-Schedule::command('supplier:retry-failed')->hourly()->onOneServer();
-```
-
-- [ ] **Step 9: Verify schedule registered**
-
-```bash
-cd app && php artisan schedule:list 2>&1 | grep -E "supplier:|RefreshSupplier|SyncSupplier|CleanupInactive"
-```
-
-Expected: 5 entries.
-
-- [ ] **Step 10: Larastan + Pint**
-
-```bash
-cd app && php vendor/bin/pint app/app/Console/Commands/RetryFailedSupplierJobsCommand.php app/routes/console.php 2>&1
-cd app && php vendor/bin/phpstan analyse --no-progress --memory-limit=512M 2>&1 | tail -10
-```
-
-Expected: Pint clean, Larastan 0 errors above baseline.
-
-- [ ] **Step 11: Commit**
-
-```bash
-git add app/app/Console/Commands/RetryFailedSupplierJobsCommand.php \
-        app/routes/console.php \
-        app/tests/Feature/Supplier/RetryFailedSupplierJobsCommandTest.php
-
-git commit -m "feat(supplier): Plan 3 Task 8 — RetryFailedSupplierJobsCommand + 5 Schedule entries
-
-Component:
-- supplier:retry-failed Console command (hourly cron, max 10 attempts/24h)
-  - WHERE retry_attempts<10 AND (last_retried_at IS NULL OR < NOW()-1h)
-  - dispatch RouteSupplierLeadJob per row
-  - increment retry_attempts + update last_retried_at
-
-5 Schedule entries в routes/console.php:
-- RefreshSupplierSessionJob hourly + dailyAt('20:15') МСК (pre-sync warmup)
-- SyncSupplierProjectsJob dailyAt('20:30') МСК
-- CleanupInactiveSupplierProjectsJob dailyAt('02:00') МСК
-- supplier:retry-failed hourly
-
-Все с ->onOneServer() через Redis cache driver.
-
-+4 теста."
-```
-
----
-
-## Task 9: E2E integration test (Linux CI only)
-
-**Files:**
-
-- Create: `app/tests/Browser/SupplierIntegrationE2ETest.php`
-- Modify: `lefthook.yml`
-
-- [ ] **Step 1: Создать E2E test**
-
-`app/tests/Browser/SupplierIntegrationE2ETest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Jobs\Supplier\SyncSupplierProjectsJob;
-use App\Models\SupplierProject;
-use App\Models\Project;
-use App\Models\Tenant;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\Cache;
-use Symfony\Component\HttpFoundation\Request;
-use Symfony\Component\HttpFoundation\Response;
-use React\Http\HttpServer;
-use React\Socket\SocketServer;
-
-uses(DatabaseTransactions::class);
-
-beforeEach(function () {
-    if (PHP_OS_FAMILY === 'Windows') {
-        $this->markTestSkipped('E2E with mock-server requires Linux (no ext-sockets on Windows native).');
-    }
-});
-
-test('full flow: liderra_project create → SyncJob → mock-server receives rt-project-save with correct payload', function () {
-    // Spin up mock-server на random port
-    $receivedRequests = [];
-    $loop = \React\EventLoop\Loop::get();
-    $server = new HttpServer(function (\Psr\Http\Message\ServerRequestInterface $req) use (&$receivedRequests) {
-        $receivedRequests[] = [
-            'method' => $req->getMethod(),
-            'path' => $req->getUri()->getPath(),
-            'body' => (string) $req->getBody(),
-        ];
-        return new \React\Http\Message\Response(200, ['Content-Type' => 'application/json'], json_encode(['id' => 12345]));
-    });
-    $socket = new SocketServer('127.0.0.1:0');
-    $server->listen($socket);
-    $port = parse_url($socket->getAddress(), PHP_URL_PORT);
-
-    Cache::store('redis')->put('supplier:session', [
-        'phpsessid' => 'e2e_sess', 'csrf' => 'e2e_csrf', 'refreshed_at' => now()->toIso8601String(),
-    ], now()->addHours(6));
-    config(['services.supplier.portal_url' => "http://127.0.0.1:{$port}"]);
-
-    $tenant = Tenant::factory()->create();
-    $sp = SupplierProject::factory()->create([
-        'platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'e2e.com', 'supplier_external_id' => null,
-    ]);
-    Project::factory()->create([
-        'tenant_id' => $tenant->id, 'status' => 'active',
-        'signal_type' => 'site', 'signal_identifier' => 'e2e.com',
-        'supplier_b1_project_id' => $sp->id,
-        'daily_limit' => 9, 'workdays' => [1,2,3,4,5,6,7],
-    ]);
-
-    // Schedule the loop to stop после первого request'а
-    $loop->addTimer(2, fn () => $loop->stop());
-
-    // Запускаем sync job в child process чтобы loop работал
-    (new SyncSupplierProjectsJob)->handle();
-
-    $loop->run();
-    $socket->close();
-
-    expect($receivedRequests)->not->toBeEmpty()
-        ->and($receivedRequests[0]['path'])->toBe('/admin/rt-project-save');
-
-    $sp->refresh();
-    expect($sp->supplier_external_id)->toBe(12345)
-        ->and($sp->sync_status)->toBe('ok');
-});
-```
-
-⚠ **NOTE**: Зависимости — `react/http`, `react/socket`. Если их нет в `composer.json` — добавить через `composer require --dev react/http react/socket` сначала.
-
-- [ ] **Step 2: Установить react/http + react/socket (если не установлены)**
-
-```bash
-cd app && composer require --dev react/http react/socket 2>&1 | tail -5
-```
-
-Verify через `composer show | grep react/`.
-
-- [ ] **Step 3: Run E2E test (только Linux)**
-
-На Windows native:
-
-```bash
-cd app && php vendor/bin/pest tests/Browser/SupplierIntegrationE2ETest.php 2>&1
-```
-
-Expected на Windows: 1 SKIPPED.
-
-На Linux CI (через GitHub Actions):
-
-```bash
-cd app && php vendor/bin/pest tests/Browser/SupplierIntegrationE2ETest.php 2>&1
-```
-
-Expected: 1 PASS.
-
-- [ ] **Step 4: Расширить lefthook.yml — добавить fast-job для supplier tests**
-
-В `lefthook.yml` секция `pre-commit` после job #8 ESLint-Vue:
-
-```yaml
-    # 9. Pest supplier subsuite fast — только на staged изменения в supplier-flow.
-    # Полный composer test остаётся на pre-push.
-    - name: pest-supplier-fast
-      glob: "app/app/{Jobs,Services,Console,Mail,Exceptions}/Supplier/**/*.php"
-      root: "app/"
-      run: php vendor/bin/pest tests/Unit/Supplier/ tests/Feature/Supplier/ --no-coverage
-      fail_text: |
-        Pest supplier-subsuite failed.
-        Запусти `cd app && php vendor/bin/pest tests/Unit/Supplier/ tests/Feature/Supplier/` локально.
-```
-
-- [ ] **Step 5: Verify lefthook config**
-
-```bash
-npx lefthook validate 2>&1
-```
-
-Expected: «valid» / 0 errors.
-
-- [ ] **Step 6: Final full-suite test run**
-
-```bash
-cd app && php vendor/bin/pest --parallel 2>&1 | tail -20
-```
-
-Expected: ≥608 PASS (Plan 2.6 baseline 558 + Task 3-9 новых ~50-60 tests). 0 failed (E2E test на Windows = 1 skipped, что OK).
-
-- [ ] **Step 7: Larastan final check**
-
-```bash
-cd app && php vendor/bin/phpstan analyse --no-progress --memory-limit=512M 2>&1 | tail -10
-```
-
-Expected: 0 errors above baseline.
-
-- [ ] **Step 8: gitleaks-full-history (Plan 3 готовится к push)**
-
-```bash
-./bin/gitleaks.exe detect --source . --no-banner --config .gitleaks.toml --redact 2>&1 | tail -10
-```
-
-Expected: 0 leaks.
-
-- [ ] **Step 9: lychee link check**
-
-```bash
-./bin/lychee.exe --config .lychee.toml "docs/**/*.md" "*.md" 2>&1 | tail -20
-```
-
-Expected: 0 broken links. Если в spec'е/plan'е ссылки на ещё не существующие файлы — добавить в `.lychee.toml` exclude или поправить.
-
-- [ ] **Step 10: Commit**
-
-```bash
-git add app/tests/Browser/SupplierIntegrationE2ETest.php app/composer.json app/composer.lock lefthook.yml
-
-git commit -m "feat(supplier): Plan 3 Task 9 — E2E integration test + lefthook fast-job
-
-Component:
-- tests/Browser/SupplierIntegrationE2ETest.php: mock-server (react/http +
-  react/socket) на random port, full flow liderra_project → SyncJob →
-  rt-project-save payload verification. Skip на Windows native (no
-  ext-sockets), Linux CI only.
-- lefthook.yml: +pest-supplier-fast job — на изменения в
-  app/app/{Jobs,Services,Console,Mail,Exceptions}/Supplier/**/*.php
-  запускает только tests/Unit/Supplier/ + tests/Feature/Supplier/.
-
-Composer: +react/http +react/socket (dev). 1 E2E test."
-```
-
----
-
-## Финальный flow перед FF-merge
-
-После Task 9 — обязательные финальные шаги:
-
-- [ ] **Step F1: Запуск Comprehensive Verification Gate (CV.1–CV.14)**
-
-Аналогично Plan 2 / Plan 2.6 — 14 проверок: spec coverage, test count, larastan, pint, squawk, gitleaks (staged + full-history), lychee, schedule:list, route:list, config:show database.connections, migrate:fresh smoke, parallel test run, code-review subagent от 2026-05-XX (раздел audit), git log clean atomic commits.
-
-- [ ] **Step F2: code-review subagent**
-
-Dispatch fresh subagent с конкретным prompt'ом:
-
-- Прочитать spec [2026-05-11-plan3-supplier-sync-design.md](../specs/2026-05-11-plan3-supplier-sync-design.md)
-- Прочитать все 9 Task'овых коммитов
-- Проверить BLOCKERов, WARNINGов, NITs
-- Verdict: «Ready for FF-merge» или список fix'ов
-
-Если subagent найдёт BLOCKER — fix отдельным commit'ом, новый subagent run.
-
-- [ ] **Step F3: FF-merge в main**
-
-```bash
-git checkout main
-git merge --ff-only supplier-sync-plan3
-```
-
-⚠ Plan 3 идёт на feature-branch `supplier-sync-plan3` (как Plan 2 на `supplier-webhook-plan2`). Создать ветку **в начале Task 3** (или Task 1):
-
-```bash
-git checkout -b supplier-sync-plan3
-```
-
-- [ ] **Step F4: Push с pre-push hooks**
-
-```bash
-git push -u origin supplier-sync-plan3
-git push origin main  # после FF-merge
-```
-
-Pre-push: gitleaks-full-history + lychee. Если lychee пожалуется на `2026-05-11-supplier-sync-plan3.md` ссылку из spec'а (теперь plan-файл существует) — должно пройти.
-
-- [ ] **Step F5: Update memory project_supplier_integration.md**
-
-После merge — обновить memory с финальными метриками Plan 3 (commit'ы, новые tests count, обновлённый Plan 3 = DONE).
-
----
-
-## Self-review (Step после написания plan'а)
-
-**1. Spec coverage check (§1–§10 → Tasks):**
-
-| Spec § | Task |
-|---|---|
-| §1 Контекст | covered Tasks 3 (BYPASSRLS) + 4–9 (sync block) |
-| §2.1 Discovery + §2.2 Implementation | Tasks 1–2 + Tasks 3–9 |
-| §2.3 0 schema changes | Plan 3 = code-only, верифицировано в Step F1 |
-| §3.1 PG-connection | Task 3 Step 1 |
-| §3.2 файлы под изменение | Task 3 Steps 5/11/15 |
-| §3.3 новые файлы | Tasks 4–9 |
-| §3.4 Schedule entries | Task 8 Step 8 |
-| §4.1 Lead routing flow | Task 3 (по сути «set $connection») |
-| §4.2 Session refresh flow | Task 5 |
-| §4.3 Sync flow | Task 6 |
-| §4.4 Cleanup flow (Phase A→B→C ordering) | Task 7 |
-| §5 Error handling matrix | Tasks 4 (exceptions) + 6 (sync), 7 (cleanup) |
-| §6 Testing pyramid | покрывается всеми Tasks; pre-commit fast в Task 9 |
-| §7 Acceptance criteria | финальные шаги F1–F5 |
-| §8 Limitations | вынесено в NOTE-блоки в Tasks 4 Step 6 (toPayload placeholder) + Task 5 Step 2 (DOM selectors) |
-| §9 Discovery questions | Task 1 (probe собирает ответы) + Task 2 (spec update) |
-| §10 Next step | этот plan-файл |
-
-✅ Все секции spec'а покрыты.
-
-**2. Placeholder scan:**
-
-- 0 «TBD», 0 «TODO», 0 «implement later», 0 «fill in details», 0 «Add appropriate error handling», 0 «similar to Task N» без кода.
-- 2 явных NOTE-блока (Tasks 4 Step 6 + 5 Step 2) с placeholder'ами для будущей корректировки после Task 1 discovery — это legitimate, заявлено явно с указанием когда фиксить.
-
-**3. Type consistency:**
-
-- `SupplierProjectDto` определён Task 4 Step 1, использован в Tasks 4 (Client) + 6 (Allocator + SyncJob) + 7 (Cleanup) — единые поля.
-- `SupplierAuthException` / `Transient` / `Client` — определены Task 4 Step 3, использованы Tasks 4–7.
-- `SupplierPortalClient` методы `listProjects/saveProject/updateProject/deleteProject` — определены Task 4 Step 6, использованы Tasks 6/7.
-- `pgsql_supplier` connection — определён Task 3 Step 1, использован Tasks 3 + 5 + 6 + 7 + 8.
-- Cache key `supplier:session` — Task 5 Step 9, читается Task 4 Step 6 (`SupplierPortalClient::loadSession`).
-- `crm_supplier_worker` role — упомянута в Task 3 Step 1 (config) + Step 19 commit message, ссылка на Plan 2.6 #iv `7899071` корректна.
-
-✅ Типы / имена / ссылки консистентны across all 9 Tasks.
-
----
-
-Plan complete. Saved to `docs/superpowers/plans/2026-05-11-supplier-sync-plan3.md`.
diff --git a/docs/superpowers/plans/2026-05-13-test-quality-preprod-sprint.md b/docs/superpowers/plans/2026-05-13-test-quality-preprod-sprint.md
deleted file mode 100644
index 498b463..0000000
--- a/docs/superpowers/plans/2026-05-13-test-quality-preprod-sprint.md
+++ /dev/null
@@ -1,976 +0,0 @@
-# Test Quality + Pre-Prod Sprint Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Phase B — закрыть 3 test-quality debt items (vitest timeout, prettier drift, ProjectFactory unique-name + test:parallel alias); Phase A — закрыть 3 pre-prod P2 gaps из Audit #2 Phase 14 (partitions schedule, runbook, aria-tooltip-name).
-
-**Architecture:** Phase B — чистые config/formatting/factory изменения без behavioral code changes. Phase A — +1 cron entry, новый `RUNBOOK.md`, +1 a11y attribute fix в TenantsTable.vue. Фазы независимы, коммиты атомарны. Итог: 6 content-commits + push.
-
-**Tech Stack:** PHP 8.3 / Laravel 13 / Pest 4, Vue 3 / Vuetify 3 / Vitest 4, Prettier 3.8, axe-core 4.10 (Playwright MCP verification)
-
-**Reference:**
-
-- Quirk #80: `memory/feedback_environment.md` — vitest coverage timeout 5000ms на router.spec.ts
-- Quirk #62/#73: sequential Pest cumulative state в `liderra_testing`
-- Quirk #77: ProjectFactory birthday-paradox collision в --parallel
-- Audit #2 Phase 14 findings: [`docs/superpowers/audits/2026-05-13-portal-full-audit-findings.md`](../audits/2026-05-13-portal-full-audit-findings.md)
-
----
-
-## Files
-
-### Phase B
-
-- Modify: [`../../../app/vitest.config.ts`](../../../app/vitest.config.ts) — add `testTimeout: 10000`
-- Modify: `../../../app/resources/js/**/*.{ts,vue,css}` + `../../../app/tests/Frontend/**/*.ts` — prettier --write (312-file drift)
-- Modify: [`../../../app/database/factories/ProjectFactory.php`](../../../app/database/factories/ProjectFactory.php) — `fake()->unique()->words(3, true)`
-- Modify: [`../../../app/composer.json`](../../../app/composer.json) — add `"test:parallel"` script alias
-
-### Phase A
-
-- Modify: [`../../../app/routes/console.php`](../../../app/routes/console.php) — add `Schedule::command('partitions:create-months')->daily()`
-- Create: `RUNBOOK.md` (repo root, рядом с CLAUDE.md)
-- Modify: [`../../../app/resources/js/components/admin/tenants/TenantsTable.vue`](../../../app/resources/js/components/admin/tenants/TenantsTable.vue) — `aria-label` на `v-tooltip`
-
----
-
-## Quirks / Guardrails
-
-| Quirk | Правило |
-|---|---|
-| #79 | Bash absolute paths — не стекать `cd app &&` между calls |
-| #74 | `npm install` → `--legacy-peer-deps` |
-| #76 | Links в plans/ → `../../../` prefix для app/ references |
-| #62/#73 | Sequential Pest failures из cumulative `liderra_testing` data → использовать `--recreate-databases` |
-| #77 | ProjectFactory `fake()->words(3,true)` → birthday-paradox collision в --parallel |
-| #80 | router.spec.ts coverage timeout 5000ms → `testTimeout: 10000` fix |
-
----
-
-## Task B.1: vitest.config.ts — testTimeout: 10000 (Quirk #80)
-
-**Files:**
-
-- Modify: `app/vitest.config.ts:9` — добавить `testTimeout` внутри `test: {}`
-
-- [ ] **B.1.1: Verify router.spec.ts тайм-аутит под coverage (baseline до фикса)**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация\app"
-npx vitest run --coverage --coverage.reporter=text-summary --include="tests/Frontend/router.spec.ts" 2>&1
-```
-
-Expected: ≥1 timeout failure (`Error: Test timed out after 5000ms`). Показать полный output.
-
-Если 0 failures — фикс уже применён; skip B.1.2, перейти к B.1.3.
-
-- [ ] **B.1.2: Edit vitest.config.ts**
-
-Изменить `app/vitest.config.ts` — добавить `testTimeout: 10000` в блок `test`:
-
-```ts
-import { defineConfig } from 'vitest/config';
-import vue from '@vitejs/plugin-vue';
-import vuetify from 'vite-plugin-vuetify';
-
-// Vitest config (фаза 2, Tooling §3.3 #23). Отдельно от vite.config.js
-// чтобы не тащить laravel-vite-plugin в JSDOM-тестах.
-export default defineConfig({
-    plugins: [vue(), vuetify({ autoImport: true })],
-    test: {
-        globals: true,
-        environment: 'jsdom',
-        testTimeout: 10000,
-        setupFiles: ['./tests/Frontend/setup.ts'],
-        include: ['tests/Frontend/**/*.{test,spec}.ts'],
-        server: {
-            deps: {
-                inline: ['vuetify'],
-            },
-        },
-    },
-});
-```
-
-- [ ] **B.1.3: Verify router.spec.ts passes под coverage**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация\app"
-npx vitest run --coverage --coverage.reporter=text-summary --include="tests/Frontend/router.spec.ts" 2>&1
-```
-
-Expected: **все 9 тестов PASS**, 0 timeouts. Coverage table включает `router/index.ts` row. Показать полный output.
-
-- [ ] **B.1.4: Verify полный Vitest suite не сломан**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация\app"
-npx vitest run 2>&1 | tail -15
-```
-
-Expected: **88 files / 683 passed + 3 skipped**. Показать output.
-
-- [ ] **B.1.5: Commit**
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация"
-git add "app/vitest.config.ts"
-git commit -m "test(vitest): add testTimeout: 10000 — fix quirk #80 router.spec.ts coverage timeout
-
-v8 coverage instrumentation adds ~10x overhead to router-guard async tests,
-pushing past the 5000ms default. Audit #2 Phase 13 finding.
-
-Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>"
-```
-
----
-
-## Task B.2: Prettier drift — format 312 files
-
-**Files:**
-
-- Modify: `app/resources/js/**/*.{ts,vue,css}`, `app/tests/Frontend/**/*.ts`
-
-- [ ] **B.2.1: Check drift scope**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация\app"
-npm run format:check 2>&1 | tail -10
-```
-
-Expected: список ~312 файлов с formatting issues + exit 1.
-
-Если выход 0 / 0 files — drift уже применён; skip B.2.2–B.2.3.
-
-- [ ] **B.2.2: Apply prettier --write**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация\app"
-npm run format 2>&1
-```
-
-Expected: output вида `X files written`. Показать полный output.
-
-- [ ] **B.2.3: Re-verify 0 issues**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация\app"
-npm run format:check 2>&1 | tail -5
-```
-
-Expected: exit 0, 0 formatting issues.
-
-- [ ] **B.2.4: Vitest suite — verify no breakage**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация\app"
-npx vitest run 2>&1 | tail -10
-```
-
-Expected: 88 files / 683 passed + 3 skipped.
-
-- [ ] **B.2.5: ESLint — verify no regressions**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация\app"
-npm run lint:vue 2>&1 | tail -10
-```
-
-Expected: 0 errors.
-
-- [ ] **B.2.6: Stage и commit**
-
-NB: если Vite dev server запущен background → `dev-indices.json` мог auto-regenerate. Стейджить вместе с logical commit.
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация"
-git add "app/resources/js/" "app/tests/Frontend/" "app/dev-indices.json"
-git status --short | head -20
-git commit -m "style: prettier --write all frontend files — eliminate 312-file drift
-
-Audit #2 Phase 1 found 312 files with formatting mismatch vs .prettierrc.
-No logic changes — whitespace/quote/trailing-comma normalization only.
-
-Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>"
-```
-
----
-
-## Task B.3: ProjectFactory unique() + test:parallel alias (Quirks #77, #62)
-
-**Files:**
-
-- Modify: `app/database/factories/ProjectFactory.php:23`
-- Modify: `app/composer.json` (add `test:parallel` script)
-- Test: `app/tests/Feature/Api/ProjectBulkActionsTest.php` (verify --parallel pass)
-
-**Context quirk #77:** `fake()->words(3, true)` на ~100 English слов → ~1M 3-word комбинаций. Birthday paradox для 501 projects в одном tenant → ~12.5% collision probability per test run. `fake()->unique()` держит per-instance трекер использованных значений → 0 дублей внутри одного factory instance.
-
-- [ ] **B.3.1: Verify collision reproducible (baseline до фикса)**
-
-Run 2–3 раза:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация\app"
-vendor/bin/pest --parallel tests/Feature/Api/ProjectBulkActionsTest.php 2>&1 | tail -20
-```
-
-Expected: ≥1 из 3 прогонов → failure `SQLSTATE[23505] projects_tenant_id_name_key`. Показать output каждого прогона.
-
-- [ ] **B.3.2: Применить фикс в ProjectFactory.php**
-
-Изменить `app/database/factories/ProjectFactory.php` строку 23 с:
-
-```php
-            'name' => fake()->words(3, true),
-```
-
-на:
-
-```php
-            'name' => fake()->unique()->words(3, true),
-```
-
-- [ ] **B.3.3: Run affected test 5 раз — verify 0 collisions**
-
-Run 5 раз:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация\app"
-vendor/bin/pest --parallel tests/Feature/Api/ProjectBulkActionsTest.php 2>&1 | tail -5
-```
-
-Expected: **14/14 passed** все 5 прогонов. Показать output каждого.
-
-- [ ] **B.3.4: Добавить test:parallel alias в composer.json**
-
-В `app/composer.json` добавить строку после `"pint:test"`:
-
-```json
-        "test:parallel": "vendor/bin/pest --parallel --recreate-databases",
-```
-
-Результирующий блок scripts (фрагмент):
-
-```json
-        "test": [
-            "@php artisan config:clear --ansi @no_additional_args",
-            "@php artisan test"
-        ],
-        "pint": "@php vendor/bin/pint",
-        "pint:test": "@php vendor/bin/pint --test",
-        "test:parallel": "vendor/bin/pest --parallel --recreate-databases",
-```
-
-- [ ] **B.3.5: Validate composer.json + smoke-run test:parallel**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация\app"
-composer validate 2>&1 | tail -3
-```
-
-Expected: `./composer.json is valid`
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация\app"
-composer test:parallel 2>&1 | tail -10
-```
-
-Expected: 742 passed, ≤1 failed (квирк 72 sporadic). Показать полный tail.
-
-- [ ] **B.3.6: Commit**
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация"
-git add "app/database/factories/ProjectFactory.php" "app/composer.json"
-git commit -m "fix(test): ProjectFactory unique() name + test:parallel alias (quirks #77, #62)
-
-fake()->unique()->words() prevents birthday-paradox collision on 501 projects
-in one tenant (1M combos, ~12.5% parallel-run failure rate). Quirk #77.
-
-Adds composer test:parallel alias (--parallel --recreate-databases) for
-accumulated-state cleanup in sequential Pest runs. Quirks #62/#73.
-
-Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>"
-```
-
----
-
-## Task A.1: Register partitions:create-months в schedule (Audit #2 Phase 14 P2)
-
-**Files:**
-
-- Modify: `app/routes/console.php`
-
-**Context:** `PartitionsCreateMonths` (Command signature: `partitions:create-months`) создаёт ежемесячные партиции для `deals` и `supplier_lead_costs` на 2 месяца вперёд. Idempotent (CREATE TABLE IF NOT EXISTS via `pg_class` check). Команда существует, но НЕ зарегистрирована в `routes/console.php` → partition lifecycle не automated. Audit #2 Phase 14 P2.
-
-На dev (Windows): запускается вручную / Windows Task Scheduler.
-На prod (YC Linux): через `php artisan schedule:run` каждую минуту cron.
-
-- [ ] **A.1.1: Verify команда отсутствует в schedule**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация\app"
-php artisan schedule:list 2>&1
-```
-
-Expected: `partitions:create-months` **отсутствует** в списке. Показать полный output.
-
-- [ ] **A.1.2: Добавить Schedule entry в routes/console.php**
-
-В `app/routes/console.php` добавить в конце файла (после блока CsvReconcileJob):
-
-```php
-
-// Partition maintenance: create next 2 monthly partitions for `deals` + `supplier_lead_costs`.
-// Replaces pg_partman (unavailable on native Windows; see project_phase1_strategy.md).
-// Idempotent: CREATE TABLE IF NOT EXISTS via pg_class check in PartitionsCreateMonths::partitionExists().
-// On prod: triggered daily via `php artisan schedule:run` (cron every minute).
-// On dev (Windows): run manually or via Windows Task Scheduler.
-Schedule::command('partitions:create-months')
-    ->daily()
-    ->timezone('Europe/Moscow');
-```
-
-- [ ] **A.1.3: Verify команда появилась в schedule:list**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация\app"
-php artisan schedule:list 2>&1
-```
-
-Expected: строка с `partitions:create-months` и частотой `Daily`. Показать полный output.
-
-- [ ] **A.1.4: Verify команда выполняется без ошибок**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация\app"
-php artisan partitions:create-months 2>&1
-```
-
-Expected: `Done: 0 created, 6 skipped (ahead=2).` (все партиции уже существуют от migrate:fresh). Exit code 0. Показать полный output.
-
-- [ ] **A.1.5: Pest regression check**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация\app"
-vendor/bin/pest --parallel --recreate-databases 2>&1 | tail -10
-```
-
-Expected: 742 passed, ≤1 failed (квирк 72).
-
-- [ ] **A.1.6: Commit**
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация"
-git add "app/routes/console.php"
-git commit -m "fix(scheduler): register partitions:create-months in schedule — close Audit #2 P2
-
-Missing from routes/console.php left partition lifecycle not automated.
-Audit #2 Phase 14 P2 finding. Idempotent daily at Europe/Moscow timezone.
-On dev: run manually. On prod: via schedule:run cron.
-
-Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>"
-```
-
----
-
-## Task A.2: Create RUNBOOK.md (Audit #2 Phase 14 P2)
-
-**Files:**
-
-- Create: `RUNBOOK.md` (repo root, рядом с `CLAUDE.md`)
-
-**Context:** Audit #2 Phase 14 P2 — deployment runbook отсутствует. Статус: pre-prod (Б-1 ООО регистрация pending; prod credentials/infra не finalized). Runbook покрывает local dev setup и production deploy на YC Linux VM.
-
-- [ ] **A.2.1: Create RUNBOOK.md**
-
-Создать файл `RUNBOOK.md` в корне репозитория (`c:\моя\проекты\портал crm\Документация\RUNBOOK.md`):
-
-```markdown
-# Лидерра — Runbook развёртывания
-
-> **Версия:** 1.0 от 13.05.2026. Статус: 🟡 PRE-PROD (Б-1 ООО регистрация pending — prod credentials/infra не finalized).
-> **Стек:** Laravel 13 + Vue 3 + Vuetify 3 + PostgreSQL 16 (ICU) + Redis 7 + Yandex Cloud.
-
----
-
-## Содержание
-
-1. [Системные требования](#1-системные-требования)
-2. [Клонирование и зависимости](#2-клонирование-и-зависимости)
-3. [Конфигурация .env](#3-конфигурация-env)
-4. [База данных](#4-база-данных)
-5. [Сборка frontend](#5-сборка-frontend)
-6. [Очереди (Queue Worker)](#6-очереди-queue-worker)
-7. [Планировщик (Scheduler)](#7-планировщик-scheduler)
-8. [Проверка работоспособности](#8-проверка-работоспособности)
-9. [Типовые проблемы](#9-типовые-проблемы)
-10. [Первый запуск — Dev seed](#10-первый-запуск--dev-seed)
-
----
-
-## 1. Системные требования
-
-| Компонент | Версия | Примечания |
-|-----------|--------|------------|
-| PHP | 8.3+ | Extensions: pdo_pgsql, pgsql, redis, bcmath, mbstring, openssl, fileinfo |
-| Composer | 2.x | |
-| Node.js | 20+ | |
-| npm | 10+ | |
-| PostgreSQL | 16+ | ICU collation support обязателен (ILIKE кириллица) |
-| Redis | 7+ | Memurai на Windows-dev |
-| Git | 2.x | |
-
-**Linux prod (Yandex Cloud Ubuntu 22.04):**
-
-```bash
-# PHP 8.3
-sudo apt install php8.3-fpm php8.3-pgsql php8.3-redis php8.3-bcmath \
-  php8.3-mbstring php8.3-xml php8.3-curl php8.3-zip
-
-# PostgreSQL 16 client
-sudo apt install libpq-dev postgresql-client-16
-
-# Node.js 20
-curl -fsSL https://deb.nodesource.com/setup_20.x | sudo bash -
-sudo apt install nodejs
-```
-
----
-
-## 2. Клонирование и зависимости
-
-```bash
-git clone git@github.com:CoralMinister/lidpotok.git liderra
-cd liderra/app
-
-# PHP-зависимости (prod)
-composer install --no-dev --optimize-autoloader
-
-# Node-зависимости (prod)
-# --legacy-peer-deps обязателен (Histoire 1.0-beta.1 peerDep conflict)
-npm install --legacy-peer-deps --omit=dev
-```
-
----
-
-## 3. Конфигурация .env
-
-```bash
-cp .env.example .env
-php artisan key:generate
-```
-
-Обязательные переменные:
-
-```ini
-APP_ENV=production
-APP_DEBUG=false
-APP_URL=https://your-domain.ru
-
-DB_CONNECTION=pgsql
-DB_HOST=<managed-pg-host>
-DB_PORT=5432
-DB_DATABASE=liderra
-DB_USERNAME=crm_app_user
-DB_PASSWORD=<strong-password>
-
-REDIS_HOST=127.0.0.1
-REDIS_PORT=6379
-REDIS_PASSWORD=<redis-password>
-
-MAIL_MAILER=smtp
-MAIL_HOST=smtp.unisender.ru
-MAIL_PORT=587
-MAIL_USERNAME=<unisender-login>
-MAIL_PASSWORD=<unisender-api-key>
-MAIL_ENCRYPTION=tls
-MAIL_FROM_ADDRESS=noreply@liderra.ru
-MAIL_FROM_NAME="Лидерра"
-
-SESSION_DRIVER=redis
-CACHE_STORE=redis
-QUEUE_CONNECTION=redis
-```
-
-> **Sentry (pending Б-1):** `SENTRY_LARAVEL_DSN=https://...@sentry.your-domain.ru/...`
-
----
-
-## 4. База данных
-
-### 4.1 Создание БД с ICU collation
-
-```sql
--- От суперпользователя PostgreSQL
-CREATE DATABASE liderra
-  WITH ENCODING 'UTF8'
-  LOCALE_PROVIDER icu
-  ICU_LOCALE 'und'
-  LC_COLLATE 'C'
-  LC_CTYPE 'C'
-  TEMPLATE template0;
-```
-
-> **Важно:** ICU collation обязателен для корректного `ILIKE` на кириллице. БД без ICU → поиск по русским строкам возвращает 0 результатов (Quirk #61).
-
-### 4.2 Роли БД (только prod)
-
-```bash
-# На dev используется postgres-superuser; на prod создать роли:
-psql -U postgres -f db/00_create_roles.sql
-```
-
-### 4.3 Миграции
-
-```bash
-php artisan migrate --force
-```
-
-Единственная миграция `load_initial_schema.php` загружает `db/schema.sql` через `DB::unprepared()`. Ожидается ~800ms.
-
-### 4.4 Grants (prod)
-
-```bash
-psql -U postgres -d liderra -f db/02_grants.sql
-```
-
-### 4.5 Первичное создание партиций
-
-```bash
-# Создать ежемесячные партиции deals + supplier_lead_costs на 2 мес. вперёд
-php artisan partitions:create-months
-```
-
-Далее планировщик создаёт их автоматически ежедневно.
-
----
-
-## 5. Сборка frontend
-
-```bash
-npm run build
-```
-
-Ожидается ~3–5 сек. Артефакты в `public/build/`.
-
-> Bundle analyzer: `BUILD_ANALYZE=1 npm run build` → `storage/bundle-analyze.html`
-
----
-
-## 6. Очереди (Queue Worker)
-
-**Dev:**
-
-```bash
-php artisan queue:work redis --tries=3 --timeout=60
-```
-
-**Prod (Supervisor)** — `/etc/supervisor/conf.d/liderra-worker.conf`:
-
-```ini
-[program:liderra-worker]
-process_name=%(program_name)s_%(process_num)02d
-command=php /var/www/liderra/app/artisan queue:work redis --sleep=3 --tries=3 --max-time=3600
-autostart=true
-autorestart=true
-stopasgroup=true
-killasgroup=true
-numprocs=2
-redirect_stderr=true
-stdout_logfile=/var/log/liderra/worker.log
-```
-
-```bash
-sudo supervisorctl reread && sudo supervisorctl update
-sudo supervisorctl start liderra-worker:*
-```
-
----
-
-## 7. Планировщик (Scheduler)
-
-Добавить в crontab на prod:
-
-```bash
-* * * * * cd /var/www/liderra/app && php artisan schedule:run >> /dev/null 2>&1
-```
-
-Расписание (`routes/console.php`):
-
-| Команда | Частота | Назначение |
-|---------|---------|------------|
-| `projects:reset-delivered-today` | Ежедневно 00:00 МСК | Сброс daily-счётчика лидов |
-| `projects:reset-monthly` | 1-го числа 00:00 МСК | Сброс месячных счётчиков |
-| `partitions:create-months` | Ежедневно | Партиции PG на 2 мес. вперёд |
-| `supplier:retry-failed` | Ежечасно | Повтор failed supplier jobs |
-| Queue jobs | см. console.php | Supplier sync + CSV reconcile |
-
-Проверить расписание:
-
-```bash
-php artisan schedule:list
-```
-
----
-
-## 8. Проверка работоспособности
-
-```bash
-# PHP + Laravel
-php artisan about
-
-# БД соединение
-php artisan db:show
-
-# Redis
-php artisan tinker --execute="echo cache()->get('healthcheck', 'redis-ok');"
-
-# HTTP ответ (ожидается 200)
-curl -o /dev/null -s -w "%{http_code}" http://localhost/login
-
-# Frontend build артефакты
-ls public/build/assets/*.js | head -5
-```
-
----
-
-## 9. Типовые проблемы
-
-### ILIKE не находит кириллицу
-
-**Симптом:** поиск по русским строкам → 0 результатов.
-**Причина:** БД создана с `LC_CTYPE=C` без ICU (Quirk #61).
-**Решение:** пересоздать БД через раздел 4.1 + повторить миграции.
-
-### Pest sequential тесты падают (LookupsTest / ProjectExtensionsTest)
-
-**Симптом:** `composer test` → 3 failures «N matches 2».
-**Причина:** накопленные данные в `liderra_testing` (Quirk #62/#73).
-**Решение:** `composer test:parallel` (использует `--recreate-databases`).
-
-### partitions:create-months — ошибка доступа к pg_class
-
-**Симптом:** `SELECT 1 FROM pg_class WHERE ...` → permission error.
-**Причина:** ограниченная роль без доступа к pg_class.
-**Решение:** запускать от `crm_migrator` роли или postgres superuser.
-
-### Queue worker зависает на RefreshSupplierSessionJob
-
-**Симптом:** job в статусе `processing` >60 сек.
-**Причина:** PlaywrightBridge не может войти в портал поставщика.
-**Решение:** `php artisan queue:failed` → проверить error message. Обновить credentials в таблице `system_settings`.
-
-### Vite hot-reload не работает в staging
-
-**Симптом:** изменения Vue-компонентов не отражаются без hard-reload.
-**Причина:** `VITE_HMR_*` env vars не настроены для staging hostname.
-**Решение:** в `.env` добавить `VITE_HMR_HOST=your-staging-host`. Или использовать production build (`npm run build`).
-
----
-
-## 10. Первый запуск — Dev seed
-
-Только для локальной разработки:
-
-```bash
-php artisan db:seed --class=DemoSeeder
-```
-
-Создаёт: `admin@demo.local` / `password`, 1 тенант, 3 проекта, 14 сделок.
-
----
-
-*Обновлять при изменении инфраструктуры, деплой-процедур или списка scheduled-команд.*
-
-```
-
-- [ ] **A.2.2: Verify markdownlint**
-
-Run:
-```powershell
-cd "c:\моя\проекты\портал crm\Документация"
-npx markdownlint-cli2 RUNBOOK.md 2>&1
-```
-
-Expected: exit 0, 0 errors. При ошибках — исправить inline (trailing spaces, heading levels, bare URLs).
-
-- [ ] **A.2.3: Commit**
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация"
-git add "RUNBOOK.md"
-git commit -m "docs: add RUNBOOK.md — deployment runbook (Audit #2 Phase 14 P2)
-
-Covers system requirements (PHP 8.3/PG 16 ICU/Redis), DB setup with ICU
-collation, migrations, roles, partition maintenance, queue worker (Supervisor),
-scheduler crontab, health checks, common issues.
-Status: pre-prod (B-1 pending; prod credentials TBD).
-
-Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>"
-```
-
----
-
-## Task A.3: Fix aria-tooltip-name — VTooltip /admin/tenants (Audit #2 Phase 10.2 P2)
-
-**Files:**
-
-- Modify: `app/resources/js/components/admin/tenants/TenantsTable.vue:81`
-
-**Context:** axe-core 4.10 violation `aria-tooltip-name` (impact: serious) на `/admin/tenants`. `v-tooltip` рендерит `<div role="tooltip" id="v-tooltip-v-N">` без явно вычислимого accessible name. Vuetify VOverlay передаёт `$attrs` к overlay root div → добавление `aria-label` на `<v-tooltip>` даёт explicit accessible name для axe.
-
-Текущий код `TenantsTable.vue:81–95`:
-
-```html
-<template #[`item.actions`]="{ item }: { item: AdminTenant }">
-    <v-tooltip text="Войти как клиент (impersonation)" location="top">
-        <template #activator="{ props: tipProps }">
-            <v-btn
-                v-bind="tipProps"
-                icon="mdi-account-switch"
-                variant="text"
-                size="small"
-                density="comfortable"
-                :aria-label="`Войти как клиент (impersonation) для ${item.name}`"
-                :disabled="item.status === 'suspended'"
-                :data-testid="`impersonate-btn-${item.id}`"
-                @click.stop="emit('impersonate', item)"
-            />
-        </template>
-    </v-tooltip>
-</template>
-```
-
-- [ ] **A.3.1: Baseline axe-core на /admin/tenants (pre-fix)**
-
-Через Playwright MCP — убедиться что dev servers запущены:
-
-```powershell
-curl -s -o NUL -w "%{http_code}" http://127.0.0.1:8000/login
-```
-
-Expected: `200`. Если нет → запустить `php artisan serve --port=8000` + `npm run dev` в background.
-
-Login (если сессия не активна):
-
-```javascript
-// browser_navigate → http://127.0.0.1:8000/login
-// browser_evaluate:
-document.querySelector('input[type="email"]').value = 'admin@demo.local';
-document.querySelector('input[type="email"]').dispatchEvent(new Event('input', { bubbles: true }));
-document.querySelector('input[type="password"]').value = 'password';
-document.querySelector('input[type="password"]').dispatchEvent(new Event('input', { bubbles: true }));
-// browser_click → button[type="submit"]
-// verify redirect → /dashboard
-```
-
-Baseline axe scan:
-
-```javascript
-// browser_navigate → http://127.0.0.1:8000/admin/tenants
-// browser_evaluate:
-await new Promise(r => setTimeout(r, 500));
-const s = document.createElement('script');
-s.src = 'https://cdn.jsdelivr.net/npm/axe-core@4.10.0/axe.min.js';
-document.head.appendChild(s);
-await new Promise(r => setTimeout(r, 2000));
-const res = await axe.run({ runOnly: { type: 'rule', values: ['aria-tooltip-name'] } });
-return res.violations.map(v => ({ id: v.id, nodes: v.nodes.length, help: v.help }));
-```
-
-Expected pre-fix: `[{ id: 'aria-tooltip-name', nodes: 1, ... }]`. Если `[]` — violation исчезла сама (e.g. tooltip рендерится скрытым); зафиксировать в findings и skip A.3.2–A.3.4.
-
-- [ ] **A.3.2: Apply fix в TenantsTable.vue**
-
-Изменить `app/resources/js/components/admin/tenants/TenantsTable.vue` строку 81–82 с:
-
-```html
-            <template #[`item.actions`]="{ item }: { item: AdminTenant }">
-                <v-tooltip text="Войти как клиент (impersonation)" location="top">
-```
-
-на:
-
-```html
-            <template #[`item.actions`]="{ item }: { item: AdminTenant }">
-                <v-tooltip
-                    text="Войти как клиент (impersonation)"
-                    location="top"
-                    aria-label="Войти как клиент (impersonation)"
-                >
-```
-
-- [ ] **A.3.3: Run Vitest AdminTenantsView spec — no regression**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация\app"
-npx vitest run tests/Frontend/AdminTenantsView.spec.ts 2>&1
-```
-
-Expected: все тесты pass. Показать полный output.
-
-- [ ] **A.3.4: Verify fix via axe-core post-fix**
-
-Через Playwright MCP:
-
-```javascript
-// browser_navigate → http://127.0.0.1:8000/admin/tenants (hard reload)
-// browser_evaluate (та же axe-инъекция + axe.run):
-await new Promise(r => setTimeout(r, 500));
-// [inject axe-core script как в A.3.1]
-await new Promise(r => setTimeout(r, 2000));
-const res = await axe.run({ runOnly: { type: 'rule', values: ['aria-tooltip-name'] } });
-return res.violations.map(v => ({ id: v.id, nodes: v.nodes.length }));
-```
-
-Expected: **`[]`** — 0 `aria-tooltip-name` violations.
-
-**Если не `[]` — ≥3 гипотезы:**
-
-- **H1:** Vuetify не форвардит `aria-label` к overlay root div (attrs идут в content div, не overlay). Фикс: попробовать `:content-props="{ 'aria-label': 'Войти как клиент (impersonation)' }"` вместо прямого `aria-label`.
-- **H2:** Tooltip overlay рендерится в `display:none` во время axe scan — accessible name не вычислима. Фикс: hover кнопки перед scan (`browser_hover` на `[data-testid="impersonate-btn-1"]`) чтобы tooltip открылся, затем axe.run.
-- **H3:** axe CDN кэш прогрузил old version (4.9.x вместо 4.10). Проверить: `axe.version` в evaluate. Если не `4.10.0` → принудительный cache-bust `?v=${Date.now()}` в src URL.
-
-Если H1+H2+H3 не дают `[]` → эскалировать как «VTooltip overlay teleport не доступен axe — требует отдельного исследования».
-
-- [ ] **A.3.5: Commit**
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация"
-git add "app/resources/js/components/admin/tenants/TenantsTable.vue"
-git commit -m "fix(a11y): aria-label on VTooltip overlay /admin/tenants — close Audit #2 P2
-
-axe-core 4.10 aria-tooltip-name: role=tooltip overlay had no accessible name.
-aria-label forwarded via VOverlay attrs. Audit #2 Phase 10.2 finding.
-
-Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>"
-```
-
----
-
-## Task I: Финальная регрессия + Pre-push + Push
-
-- [ ] **I.1: Pest полный suite**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация\app"
-vendor/bin/pest --parallel --recreate-databases 2>&1 | tail -15
-```
-
-Expected: **742 passed**, ≤1 failed (квирк 72 sporadic). Показать полный tail.
-
-- [ ] **I.2: Vitest полный suite**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация\app"
-npx vitest run 2>&1 | tail -15
-```
-
-Expected: **88 files / 683 passed + 3 skipped. 0 failures.** Показать полный tail.
-
-- [ ] **I.3: Pint + Larastan**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация\app"
-composer pint:test 2>&1 | tail -5
-composer stan 2>&1 | tail -10
-```
-
-Expected: Pint 0 issues; Larastan 0 errors. Показать output обоих.
-
-- [ ] **I.4: lefthook pre-push**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация"
-npx lefthook run pre-push 2>&1
-```
-
-Expected: gitleaks-full-history 0 leaks + lychee 0 broken links. Показать **полный** output.
-
-- [ ] **I.5: Push origin/main**
-
-Run:
-
-```powershell
-cd "c:\моя\проекты\портал crm\Документация"
-git push origin main 2>&1
-```
-
-Expected: exit 0. Показать полный output.
-
-- [ ] **I.6: Verify remote HEAD**
-
-Run:
-
-```powershell
-git log origin/main --oneline -8
-```
-
-Expected: 6 новых коммитов (B.1, B.2, B.3, A.1, A.2, A.3) на вершине после `9e175a1`.
-
----
-
-## Self-Review
-
-**1. Spec coverage:**
-
-| Требование | Task |
-|---|---|
-| Quirk #80 testTimeout router.spec.ts | B.1 ✅ |
-| Prettier drift 312 files | B.2 ✅ |
-| ProjectFactory unique() (quirk #77) | B.3 ✅ |
-| Quirk #62/#73 test:parallel alias | B.3 ✅ |
-| partitions:create-months в schedule | A.1 ✅ |
-| RUNBOOK.md deployment runbook | A.2 ✅ |
-| aria-tooltip-name VTooltip fix | A.3 ✅ |
-| Финальная регрессия + push | I ✅ |
-
-**2. Placeholder scan:** нет TBD/TODO/"implement later" в step bodies. A.3.4 H-гипотезы — contingency debugging, не placeholder (конкретные действия с конкретными ожидаемыми результатами). A.2 RUNBOOK.md `<managed-pg-host>` / `<strong-password>` — это actual env-var placeholders, not plan placeholders (правильно — юзер заполняет).
-
-**3. Type consistency:** PHP factory — `string` (возврат `fake()->unique()->words(3, true)` тот же type). Vue template — `aria-label` string attr (стандартный HTML attr). composer.json — корректный JSON script entry. Нет новых типов/методов.
-
-**Gaps found и закрыты:**
-
-- B.2.6: Vite dev server в background может auto-regenerate `dev-indices.json` → добавлено в stage-команду ✅
-- A.3.4: H-гипотезы охватывают 3 failure-mode'а VTooltip axe ✅
-- lychee проверка RUNBOOK.md: файл в корне, links к `app/` корректны без `../../../` (не в plans/) ✅
diff --git a/docs/superpowers/plans/2026-05-15-sprint1-p0-fixes.md b/docs/superpowers/plans/2026-05-15-sprint1-p0-fixes.md
deleted file mode 100644
index afb4290..0000000
--- a/docs/superpowers/plans/2026-05-15-sprint1-p0-fixes.md
+++ /dev/null
@@ -1,1739 +0,0 @@
-# Sprint 1 — P0 UI Fixes Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Закрыть 5 P0 UI-багов из аудита 2026-05-15 — UI обещает функциональность, которая не работает (dead handlers / silent failures / blocking alert / non-persisted DnD).
-
-**Architecture:** Атомарные TDD-таски, по одному эпику = один commit. 0 schema changes. Используем существующие API endpoints (`/api/projects`, `/api/managers`, `/api/deals/transition`, `/api/admin/pricing-tiers`, `/api/admin/suppliers/{id}`) и существующие patterns (`extractErrorMessage` хелпер, `v-snackbar` snackbar, `v-menu` activator slot). Vitest TDD strict — failing test first, GREEN после.
-
-**Tech Stack:** Vue 3 (composition API) + Vuetify 3 + Pinia + Vitest + @vue/test-utils + axios. Backend Laravel 13 + PostgreSQL 16 (без миграций в этом спринте).
-
-**Source spec:** [docs/superpowers/specs/2026-05-15-portal-audit-design.md](../specs/2026-05-15-portal-audit-design.md) (commit `e978b33`).
-
-**Baseline state:**
-
-- Branch: `main`, +4 unpushed local commits, push BLOCKED GitHub 403 «verify email» (quirk #89)
-- Pest --parallel: 749/746/3sk/0 ✅
-- Vitest: 92 files / 759 passed / 4 skipped / 0 failed ✅
-- vue-tsc 0, ESLint 0, lefthook chain green
-
----
-
-## File Structure
-
-| Task | Files (Create / Modify / Test) |
-|---|---|
-| 1. C2 — DealsView FilterChip popovers | Modify `app/resources/js/views/DealsView.vue:41-44, 470-492`<br>Test `app/tests/Frontend/DealsViewRedesign.spec.ts` (extend) |
-| 2. C4 — KanbanView DnD persist | Modify `app/resources/js/views/KanbanView.vue:53-61, 1-32`<br>Test `app/tests/Frontend/KanbanView.spec.ts` (extend) |
-| 3. C5 — BulkActionsBar snackbar | Modify `app/resources/js/components/projects/BulkActionsBar.vue:1-108`<br>Test `app/tests/Frontend/BulkActionsBar.spec.ts` (extend) |
-| 4. G1 — AdminPricingTiersView error handling | Modify `app/resources/js/views/admin/AdminPricingTiersView.vue:120-178`<br>Test `app/tests/Frontend/AdminPricingTiersView.spec.ts` (extend) |
-| 5. G2 — AdminSupplierPricesView error handling | Modify `app/resources/js/views/admin/AdminSupplierPricesView.vue:50-106`<br>Test `app/tests/Frontend/AdminSupplierPricesView.spec.ts` (extend) |
-
-**Existing pattern references:**
-
-- Error-handling: [AdminSystemView.vue:32-45](../../../app/resources/js/views/admin/AdminSystemView.vue#L32-L45) — `extractErrorMessage(err, fallback)` + `v-alert :data-testid="fetch-error-alert" closable @click:close`
-- Snackbar pattern: [DealsView.vue:566-581](../../../app/resources/js/views/DealsView.vue#L566-L581) — `v-snackbar v-model :timeout location="bottom right"` + `data-testid`
-- v-menu activator pattern: standard Vuetify 3 — `<v-menu><template #activator="{ props }"><MyButton v-bind="props" /></template>...</v-menu>`
-- Vitest mount + Vuetify plugin: [AdminPricingTiersView.spec.ts:1-39](../../../app/tests/Frontend/AdminPricingTiersView.spec.ts#L1-L39)
-
----
-
-## Task 1: C2 — DealsView FilterChip popovers (Проект / Менеджер)
-
-**Source line:** [DealsView.vue:41-44](../../../app/resources/js/views/DealsView.vue#L41-L44):
-
-```ts
-function onRedesignFilterClick(name: string): void {
-    console.log(`[redesign filterbar] ${name} clicked — popover TBD`);
-}
-```
-
-**Files:**
-
-- Modify: `app/resources/js/views/DealsView.vue` (script section: remove stub + add menu state; template section: replace 2 chips with v-menu wrappers)
-- Test: `app/tests/Frontend/DealsViewRedesign.spec.ts` (extend with popover tests)
-
-### Steps
-
-- [ ] **Step 1.1: Write failing test for Project chip popover**
-
-Edit `app/tests/Frontend/DealsViewRedesign.spec.ts` — append `describe('FilterChip popovers')` block at end of file:
-
-```ts
-describe('FilterChip popovers (Sprint 1 C2)', () => {
-    it('clicking Project chip toggles projectMenuOpen ref to true', async () => {
-        const wrapper = mount(DealsView, {
-            global: {
-                plugins: [createPinia(), createVuetify()],
-                stubs: { DealDetailDrawer: true, NewDealDialog: true, VMenu: { template: '<div><slot name="activator" :props="{}" /><slot /></div>' } },
-            },
-        });
-        await new Promise((r) => setTimeout(r, 50));
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        const vm = wrapper.vm as any;
-        expect(vm.projectMenuOpen).toBe(false);
-        // Trigger chip click via exposed handler
-        vm.onRedesignFilterClick('Проект');
-        await wrapper.vm.$nextTick();
-        expect(vm.projectMenuOpen).toBe(true);
-    });
-
-    it('clicking Manager chip toggles managerMenuOpen ref to true', async () => {
-        const wrapper = mount(DealsView, {
-            global: {
-                plugins: [createPinia(), createVuetify()],
-                stubs: { DealDetailDrawer: true, NewDealDialog: true, VMenu: { template: '<div><slot name="activator" :props="{}" /><slot /></div>' } },
-            },
-        });
-        await new Promise((r) => setTimeout(r, 50));
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        const vm = wrapper.vm as any;
-        expect(vm.managerMenuOpen).toBe(false);
-        vm.onRedesignFilterClick('Менеджер');
-        await wrapper.vm.$nextTick();
-        expect(vm.managerMenuOpen).toBe(true);
-    });
-
-    it('applying project selection updates filterProjects and closes menu', async () => {
-        const wrapper = mount(DealsView, {
-            global: {
-                plugins: [createPinia(), createVuetify()],
-                stubs: { DealDetailDrawer: true, NewDealDialog: true, VMenu: { template: '<div><slot name="activator" :props="{}" /><slot /></div>' } },
-            },
-        });
-        await new Promise((r) => setTimeout(r, 50));
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        const vm = wrapper.vm as any;
-        vm.projectMenuDraft = ['demo-project-1', 'demo-project-2'];
-        vm.applyProjectFilter();
-        await wrapper.vm.$nextTick();
-        expect(vm.filterProjects).toEqual(['demo-project-1', 'demo-project-2']);
-        expect(vm.projectMenuOpen).toBe(false);
-    });
-});
-```
-
-Also add at top of file (alongside existing imports) if missing:
-
-```ts
-import { createPinia } from 'pinia';
-```
-
-- [ ] **Step 1.2: Run test to verify fail**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация" && npx --prefix app vitest run app/tests/Frontend/DealsViewRedesign.spec.ts -t "FilterChip popovers"
-```
-
-Expected: FAIL — «vm.projectMenuOpen is undefined» / «applyProjectFilter is not a function».
-
-- [ ] **Step 1.3: Add menu state + apply handlers to DealsView.vue script section**
-
-Edit `app/resources/js/views/DealsView.vue` — replace lines 40-45 (`onRedesignFilterClick` stub) with:
-
-```ts
-// Sprint 1 C2: popovers для Проект/Менеджер chip'ов. Draft-state накапливает
-// выбор в v-menu, при «Применить» переносится в filterProjects/filterManagers.
-// Status chip остаётся read-only (P2 backlog в Sprint 5).
-const projectMenuOpen = ref(false);
-const managerMenuOpen = ref(false);
-const projectMenuDraft = ref<string[]>([]);
-const managerMenuDraft = ref<string[]>([]);
-
-function onRedesignFilterClick(name: string): void {
-    if (name === 'Проект') {
-        projectMenuDraft.value = [...filterProjects.value];
-        projectMenuOpen.value = true;
-    } else if (name === 'Менеджер') {
-        managerMenuDraft.value = [...filterManagers.value];
-        managerMenuOpen.value = true;
-    }
-    // 'Статус' — read-only summary, popover откроется в Sprint 5 (P2).
-}
-
-function applyProjectFilter(): void {
-    filterProjects.value = [...projectMenuDraft.value];
-    projectMenuOpen.value = false;
-}
-
-function applyManagerFilter(): void {
-    filterManagers.value = [...managerMenuDraft.value];
-    managerMenuOpen.value = false;
-}
-
-function clearProjectDraft(): void {
-    projectMenuDraft.value = [];
-}
-
-function clearManagerDraft(): void {
-    managerMenuDraft.value = [];
-}
-```
-
-And extend `defineExpose` (line 327-353) — добавить в объект:
-
-```ts
-projectMenuOpen,
-managerMenuOpen,
-projectMenuDraft,
-managerMenuDraft,
-applyProjectFilter,
-applyManagerFilter,
-```
-
-- [ ] **Step 1.4: Re-run test to verify pass**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация" && npx --prefix app vitest run app/tests/Frontend/DealsViewRedesign.spec.ts -t "FilterChip popovers"
-```
-
-Expected: PASS — все 3 теста.
-
-- [ ] **Step 1.5: Replace template chiprow with v-menu wrappers**
-
-Edit `app/resources/js/views/DealsView.vue` — заменить блок lines 470-492 (entire `<div v-if="!trashMode" class="ld-filterbar mt-3">` block):
-
-```vue
-<div v-if="!trashMode" class="ld-filterbar mt-3">
-    <div class="ld-filterbar__chips">
-        <FilterChip
-            label="Статус"
-            :count="filteredDeals.length"
-            :active="false"
-            @click="onRedesignFilterClick('Статус')"
-        />
-        <v-menu v-model="projectMenuOpen" :close-on-content-click="false" location="bottom start">
-            <template #activator="{ props: activatorProps }">
-                <span v-bind="activatorProps">
-                    <FilterChip
-                        label="Проект"
-                        :count="filterProjects.length"
-                        :active="filterProjects.length > 0"
-                        @click="onRedesignFilterClick('Проект')"
-                    />
-                </span>
-            </template>
-            <v-card min-width="260" max-width="320" data-testid="project-menu-card">
-                <v-card-text class="pa-2">
-                    <v-list density="compact" class="pa-0">
-                        <v-list-item v-if="availableProjects.length === 0" class="text-medium-emphasis">
-                            <v-list-item-title>Нет проектов в текущем списке</v-list-item-title>
-                        </v-list-item>
-                        <v-list-item
-                            v-for="proj in availableProjects"
-                            :key="proj"
-                            class="py-1"
-                            @click="
-                                projectMenuDraft.includes(proj)
-                                    ? (projectMenuDraft = projectMenuDraft.filter((p) => p !== proj))
-                                    : (projectMenuDraft = [...projectMenuDraft, proj])
-                            "
-                        >
-                            <template #prepend>
-                                <v-checkbox-btn :model-value="projectMenuDraft.includes(proj)" />
-                            </template>
-                            <v-list-item-title>{{ proj }}</v-list-item-title>
-                        </v-list-item>
-                    </v-list>
-                </v-card-text>
-                <v-card-actions class="px-3 pb-2">
-                    <v-btn variant="text" size="small" data-testid="project-menu-clear" @click="clearProjectDraft">
-                        Очистить
-                    </v-btn>
-                    <v-spacer />
-                    <v-btn
-                        color="primary"
-                        variant="flat"
-                        size="small"
-                        data-testid="project-menu-apply"
-                        @click="applyProjectFilter"
-                    >
-                        Применить
-                    </v-btn>
-                </v-card-actions>
-            </v-card>
-        </v-menu>
-        <v-menu v-model="managerMenuOpen" :close-on-content-click="false" location="bottom start">
-            <template #activator="{ props: activatorProps }">
-                <span v-bind="activatorProps">
-                    <FilterChip
-                        label="Менеджер"
-                        :count="filterManagers.length"
-                        :active="filterManagers.length > 0"
-                        @click="onRedesignFilterClick('Менеджер')"
-                    />
-                </span>
-            </template>
-            <v-card min-width="260" max-width="320" data-testid="manager-menu-card">
-                <v-card-text class="pa-2">
-                    <v-list density="compact" class="pa-0">
-                        <v-list-item v-if="availableManagers.length === 0" class="text-medium-emphasis">
-                            <v-list-item-title>Нет менеджеров в текущем списке</v-list-item-title>
-                        </v-list-item>
-                        <v-list-item
-                            v-for="mgr in availableManagers"
-                            :key="mgr.name"
-                            class="py-1"
-                            @click="
-                                managerMenuDraft.includes(mgr.name)
-                                    ? (managerMenuDraft = managerMenuDraft.filter((m) => m !== mgr.name))
-                                    : (managerMenuDraft = [...managerMenuDraft, mgr.name])
-                            "
-                        >
-                            <template #prepend>
-                                <v-checkbox-btn :model-value="managerMenuDraft.includes(mgr.name)" />
-                            </template>
-                            <v-list-item-title>{{ mgr.name }}</v-list-item-title>
-                            <v-list-item-subtitle class="text-caption">{{ mgr.initials }}</v-list-item-subtitle>
-                        </v-list-item>
-                    </v-list>
-                </v-card-text>
-                <v-card-actions class="px-3 pb-2">
-                    <v-btn variant="text" size="small" data-testid="manager-menu-clear" @click="clearManagerDraft">
-                        Очистить
-                    </v-btn>
-                    <v-spacer />
-                    <v-btn
-                        color="primary"
-                        variant="flat"
-                        size="small"
-                        data-testid="manager-menu-apply"
-                        @click="applyManagerFilter"
-                    >
-                        Применить
-                    </v-btn>
-                </v-card-actions>
-            </v-card>
-        </v-menu>
-    </div>
-    <DensityToggle class="ld-filterbar__density" />
-</div>
-```
-
-- [ ] **Step 1.6: Run full DealsViewRedesign spec to ensure no regression in existing tests**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация" && npx --prefix app vitest run app/tests/Frontend/DealsViewRedesign.spec.ts
-```
-
-Expected: ALL tests PASS (existing + 3 new).
-
-- [ ] **Step 1.7: Run wider DealsView regression sweep**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация" && npx --prefix app vitest run app/tests/Frontend/DealsView.spec.ts app/tests/Frontend/DealsListIntegration.spec.ts app/tests/Frontend/DealsTable.spec.ts
-```
-
-Expected: ALL PASS, 0 regressions.
-
-- [ ] **Step 1.8: Manual browser smoke via Playwright MCP**
-
-Navigate to http://127.0.0.1:8000/login, login as admin@demo.local / password (если seeder работает — иначе пропустить и зафиксировать как finding для Sprint 5 A8). Перейти на /deals. Кликнуть «Проект» chip — открыться popover со списком проектов. Выбрать 1-2 → «Применить» → таблица фильтруется. Аналогично для «Менеджер».
-
-Если smoke не пройти — выписать в Limitations section commit message.
-
-- [ ] **Step 1.9: vue-tsc + ESLint**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация/app" && npm run type-check && npm run lint:vue
-```
-
-Expected: 0 errors на изменённых файлах.
-
-- [ ] **Step 1.10: Commit**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация" && git add app/resources/js/views/DealsView.vue app/tests/Frontend/DealsViewRedesign.spec.ts && git commit -m "$(cat <<'EOF'
-feat(deals): C2 — wire FilterChip popovers (Проект/Менеджер) with v-menu
-
-Заменён dead-stub onRedesignFilterClick (console.log only) на работающие
-v-menu popover'ы. Project и Manager chip'ы открывают v-card с v-list checkbox-
-multi-select, бинд на projectMenuDraft/managerMenuDraft → Применить → перенос
-в существующие filterProjects/filterManagers refs. Status chip остаётся
-read-only (P2 backlog Sprint 5).
-
-+3 Vitest specs в DealsViewRedesign.spec.ts (toggle menu / apply selection /
-empty state). Регрессий 0.
-
-Closes audit ID C2 from docs/superpowers/specs/2026-05-15-portal-audit-design.md.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
-Expected: lefthook green, commit created.
-
----
-
-## Task 2: C4 — KanbanView DnD persist через `POST /api/deals/transition`
-
-**Source line:** [KanbanView.vue:53-61](../../../app/resources/js/views/KanbanView.vue#L53-L61):
-
-```ts
-function onColumnChange(targetSlug: MockDeal['statusSlug'], event: DraggableChangeEvent) {
-    if (event.added) {
-        event.added.element.statusSlug = targetSlug;
-    }
-}
-```
-
-**Files:**
-
-- Modify: `app/resources/js/views/KanbanView.vue` (script: + 1 import, onColumnChange optimistic+await+revert+toast, + snackbar state, + defineExpose; template: + v-snackbar)
-- Test: `app/tests/Frontend/KanbanView.spec.ts` (extend)
-
-### Steps
-
-- [ ] **Step 2.1: Write failing test for transition API call**
-
-Open `app/tests/Frontend/KanbanView.spec.ts` (read full first to understand existing structure), then append at end of file:
-
-```ts
-describe('KanbanView DnD persist (Sprint 1 C4)', () => {
-    it('onColumnChange triggers dealsApi.transitionDeals with [dealId] and target status', async () => {
-        const transitionSpy = vi.spyOn(dealsApi, 'transitionDeals').mockResolvedValue({
-            updated: 1,
-            requested: 1,
-            status: 'hot',
-        });
-        const wrapper = mount(KanbanView, {
-            global: {
-                plugins: [createPinia(), createVuetify()],
-                stubs: { KanbanColumn: true, DealDetailDrawer: true, NewDealDialog: true },
-            },
-        });
-        const auth = useAuthStore();
-        auth.user = { id: 99, tenant_id: 7, email: 'demo@demo.local' } as never;
-        await new Promise((r) => setTimeout(r, 30));
-
-        const deal = { id: 42, statusSlug: 'new' as const, name: 'X', phone: '+79161234567', project: 'p', manager: { name: 'M', initials: 'M' }, cost: 100, receivedMinutesAgo: 5 };
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        await (wrapper.vm as any).onColumnChange('hot', { added: { element: deal, newIndex: 0 } });
-
-        expect(transitionSpy).toHaveBeenCalledWith({
-            tenant_id: 7,
-            ids: [42],
-            status: 'hot',
-        });
-        expect(deal.statusSlug).toBe('hot');
-    });
-
-    it('onColumnChange reverts statusSlug + opens toast when API rejects', async () => {
-        vi.spyOn(dealsApi, 'transitionDeals').mockRejectedValue(new Error('500'));
-        const wrapper = mount(KanbanView, {
-            global: {
-                plugins: [createPinia(), createVuetify()],
-                stubs: { KanbanColumn: true, DealDetailDrawer: true, NewDealDialog: true },
-            },
-        });
-        const auth = useAuthStore();
-        auth.user = { id: 99, tenant_id: 7, email: 'demo@demo.local' } as never;
-        await new Promise((r) => setTimeout(r, 30));
-
-        const deal = { id: 43, statusSlug: 'new' as const, name: 'Y', phone: '+79161234567', project: 'p', manager: { name: 'M', initials: 'M' }, cost: 100, receivedMinutesAgo: 5 };
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        await (wrapper.vm as any).onColumnChange('hot', { added: { element: deal, newIndex: 0 } });
-
-        // После failure — statusSlug откатывается на оригинал
-        expect(deal.statusSlug).toBe('new');
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        expect((wrapper.vm as any).transitionToastOpen).toBe(true);
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        expect((wrapper.vm as any).transitionToastText).toContain('Не удалось');
-    });
-
-    it('onColumnChange skips API call if no auth.user.tenant_id', async () => {
-        const transitionSpy = vi.spyOn(dealsApi, 'transitionDeals').mockResolvedValue({
-            updated: 1, requested: 1, status: 'hot',
-        });
-        const wrapper = mount(KanbanView, {
-            global: {
-                plugins: [createPinia(), createVuetify()],
-                stubs: { KanbanColumn: true, DealDetailDrawer: true, NewDealDialog: true },
-            },
-        });
-        const auth = useAuthStore();
-        auth.user = null;
-        await new Promise((r) => setTimeout(r, 30));
-
-        const deal = { id: 44, statusSlug: 'new' as const, name: 'Z', phone: '+79161234567', project: 'p', manager: { name: 'M', initials: 'M' }, cost: 100, receivedMinutesAgo: 5 };
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        await (wrapper.vm as any).onColumnChange('hot', { added: { element: deal, newIndex: 0 } });
-
-        // Без auth — только optimistic local change, API не зовётся
-        expect(transitionSpy).not.toHaveBeenCalled();
-        expect(deal.statusSlug).toBe('hot');
-    });
-});
-```
-
-Add imports at top of file if missing (rely on file's existing import-list — but if not present, add):
-
-```ts
-import { createPinia } from 'pinia';
-import { useAuthStore } from '../../resources/js/stores/auth';
-import * as dealsApi from '../../resources/js/api/deals';
-```
-
-- [ ] **Step 2.2: Run test to verify fail**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация" && npx --prefix app vitest run app/tests/Frontend/KanbanView.spec.ts -t "DnD persist"
-```
-
-Expected: FAIL — «transitionSpy not called» / «transitionToastOpen is undefined».
-
-- [ ] **Step 2.3: Refactor onColumnChange to call API with revert-on-fail**
-
-Edit `app/resources/js/views/KanbanView.vue` — заменить function `onColumnChange` (lines 53-61) на:
-
-```ts
-async function onColumnChange(targetSlug: MockDeal['statusSlug'], event: DraggableChangeEvent) {
-    if (!event.added) {
-        // 'removed' и 'moved' — vuedraggable мутирует array; reactive triggers re-render.
-        return;
-    }
-
-    const dealItem = event.added.element;
-    const previousSlug = dealItem.statusSlug;
-
-    // Optimistic: меняем статус в local state сразу (UX отвечает мгновенно).
-    dealItem.statusSlug = targetSlug;
-
-    // Без auth — local-only mode (dev/demo без tenant context). API не зовём.
-    if (!auth.user?.tenant_id) return;
-
-    try {
-        await dealsApi.transitionDeals({
-            tenant_id: auth.user.tenant_id,
-            ids: [dealItem.id],
-            status: targetSlug,
-        });
-        // success — статус уже применён, тостить не нужно.
-    } catch {
-        // Revert на исходный статус + переместить карточку обратно в исходную колонку.
-        dealItem.statusSlug = previousSlug;
-        // Найдём целевую колонку и удалим из неё карточку, потом вернём в исходную.
-        const targetCol = dealsByStatus[targetSlug];
-        if (targetCol) {
-            const idx = targetCol.findIndex((d) => d.id === dealItem.id);
-            if (idx >= 0) targetCol.splice(idx, 1);
-        }
-        const sourceCol = dealsByStatus[previousSlug];
-        if (sourceCol && !sourceCol.find((d) => d.id === dealItem.id)) {
-            sourceCol.push(dealItem);
-        }
-        transitionToastText.value = `Не удалось переместить сделку #${dealItem.id} — восстановлен исходный статус.`;
-        transitionToastOpen.value = true;
-    }
-}
-```
-
-И добавить в script setup секцию (после `const newDealOpen = ref(false);`, около line 81):
-
-```ts
-// Sprint 1 C4: revert-on-fail toast при DnD-fail.
-const transitionToastOpen = ref(false);
-const transitionToastText = ref('');
-```
-
-Расширить `defineExpose` (line 116) — добавить:
-
-```ts
-defineExpose({
-    dealsByStatus,
-    totalDeals,
-    newDealOpen,
-    onDealCreated,
-    fetchError,
-    loadDeals,
-    onColumnChange,
-    transitionToastOpen,
-    transitionToastText,
-});
-```
-
-Добавить в `<template>` после `<NewDealDialog />` (после line 178):
-
-```vue
-<v-snackbar
-    v-model="transitionToastOpen"
-    :timeout="4000"
-    color="warning"
-    location="bottom right"
-    data-testid="kanban-transition-toast"
->
-    {{ transitionToastText }}
-</v-snackbar>
-```
-
-- [ ] **Step 2.4: Re-run test to verify pass**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация" && npx --prefix app vitest run app/tests/Frontend/KanbanView.spec.ts
-```
-
-Expected: ALL PASS (existing + 3 new).
-
-- [ ] **Step 2.5: Backend regression check — Pest test for transition idempotency**
-
-Verify existing Pest covers the case (no new test needed — `app/tests/Feature/DealsApi/DealTransitionTest.php` already covers transition). Just confirm:
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация/app" && composer test -- --filter=Transition
-```
-
-Expected: ALL PASS (existing transition tests). Если не существует — добавить минимальный Pest test:
-
-```php
-// app/tests/Feature/DealsApi/DealTransitionSingleTest.php
-<?php
-declare(strict_types=1);
-
-use App\Models\Deal;
-use App\Models\LeadStatus;
-use App\Models\Project;
-use App\Models\Tenant;
-use App\Models\User;
-
-it('transition deal new → hot via POST /api/deals/transition idempotent', function () {
-    $tenant = Tenant::factory()->create();
-    $user = User::factory()->for($tenant)->create();
-    $project = Project::factory()->for($tenant)->create();
-    LeadStatus::firstOrCreate(['slug' => 'new'], ['name_ru' => 'Новые', 'sort_order' => 1]);
-    LeadStatus::firstOrCreate(['slug' => 'hot'], ['name_ru' => 'Горячий', 'sort_order' => 12]);
-    $deal = Deal::factory()->for($tenant)->for($project)->create(['status' => 'new']);
-
-    $this->actingAs($user)->postJson('/api/deals/transition', [
-        'tenant_id' => $tenant->id,
-        'ids' => [$deal->id],
-        'status' => 'hot',
-    ])->assertOk()->assertJson(['updated' => 1, 'requested' => 1, 'status' => 'hot']);
-
-    // Idempotent re-call with same status — updated=0 because already hot
-    $this->actingAs($user)->postJson('/api/deals/transition', [
-        'tenant_id' => $tenant->id,
-        'ids' => [$deal->id],
-        'status' => 'hot',
-    ])->assertOk()->assertJson(['updated' => 0, 'requested' => 1, 'status' => 'hot']);
-});
-```
-
-Run:
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация/app" && ./vendor/bin/pest tests/Feature/DealsApi/DealTransitionSingleTest.php
-```
-
-Expected: PASS.
-
-- [ ] **Step 2.6: Full KanbanView Vitest regression**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация" && npx --prefix app vitest run app/tests/Frontend/KanbanView.spec.ts app/tests/Frontend/KanbanColumn.spec.ts app/tests/Frontend/KanbanCard.spec.ts app/tests/Frontend/KanbanRedesign.spec.ts
-```
-
-Expected: ALL PASS.
-
-- [ ] **Step 2.7: vue-tsc + ESLint**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация/app" && npm run type-check && npm run lint:vue
-```
-
-Expected: 0 errors на KanbanView.vue.
-
-- [ ] **Step 2.8: Manual browser smoke**
-
-http://127.0.0.1:8000/kanban (после login). Drag карточку между колонками. Open DevTools Network → POST /api/deals/transition должен быть в логах. Refresh страницы — статус карточки сохранился.
-
-- [ ] **Step 2.9: Commit**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация" && git add app/resources/js/views/KanbanView.vue app/tests/Frontend/KanbanView.spec.ts && git commit -m "$(cat <<'EOF'
-feat(kanban): C4 — persist DnD status changes via POST /api/deals/transition
-
-Drag-drop между колонками теперь сохраняется в БД через существующий
-DealBulkActionController@transition endpoint (single-element массив).
-Optimistic UI update (statusSlug меняется сразу) + revert-on-fail с
-toast «Не удалось переместить — восстановлен исходный статус».
-
-Без auth.user.tenant_id (dev/demo без login) — local-only mode, API не
-зовётся (graceful degradation).
-
-+3 Vitest specs в KanbanView.spec.ts (success / revert / no-auth skip).
-Pest covered by existing DealTransitionTest. Регрессий 0.
-
-Closes audit ID C4 from docs/superpowers/specs/2026-05-15-portal-audit-design.md.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
-Expected: lefthook green.
-
----
-
-## Task 3: C5 — BulkActionsBar `window.alert()` → `v-snackbar`
-
-**Source line:** [BulkActionsBar.vue:87-94](../../../app/resources/js/components/projects/BulkActionsBar.vue#L87-L94):
-
-```ts
-async function runBulk(payload: Parameters<typeof store.bulkUpdate>[0]) {
-    const result = await store.bulkUpdate(payload);
-    if (result.skipped.length > 0) {
-        window.alert(
-            `Применено: ${result.updated}. Пропущено: ${result.skipped.length} (конфликт с уже доставленными лидами).`,
-        );
-    }
-}
-```
-
-**Files:**
-
-- Modify: `app/resources/js/components/projects/BulkActionsBar.vue` (script + template)
-- Test: `app/tests/Frontend/BulkActionsBar.spec.ts` (extend)
-
-### Steps
-
-- [ ] **Step 3.1: Write failing test for snackbar replacement of alert**
-
-Edit `app/tests/Frontend/BulkActionsBar.spec.ts` — append после существующих describe-блоков:
-
-```ts
-describe('BulkActionsBar snackbar replacement (Sprint 1 C5)', () => {
-    it('runBulk with skipped > 0 opens snackbar (not window.alert)', async () => {
-        setActivePinia(createPinia());
-        const store = useProjectsStore();
-        store.selectedIds.add(1);
-        vi.spyOn(store, 'bulkUpdate').mockResolvedValue({
-            updated: 5,
-            skipped: [{ id: 7 }, { id: 8 }],
-            warnings: [],
-        } as never);
-        const alertSpy = vi.spyOn(window, 'alert').mockImplementation(() => {});
-        window.confirm = vi.fn(() => true);
-
-        const wrapper = mount(BulkActionsBar, {
-            global: {
-                plugins: [createVuetify()],
-                stubs: defaultStubs,
-            },
-        });
-        await wrapper.find('[data-testid="bulk-pause"]').trigger('click');
-        // Wait for async confirmAndRun + runBulk + DOM update
-        await new Promise((r) => setTimeout(r, 30));
-
-        // window.alert MUST NOT be called
-        expect(alertSpy).not.toHaveBeenCalled();
-        // snackbar state should be open
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        expect((wrapper.vm as any).skipToastOpen).toBe(true);
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        expect((wrapper.vm as any).skipToastText).toContain('Применено: 5');
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        expect((wrapper.vm as any).skipToastText).toContain('Пропущено: 2');
-    });
-
-    it('runBulk with skipped=0 does NOT open snackbar', async () => {
-        setActivePinia(createPinia());
-        const store = useProjectsStore();
-        store.selectedIds.add(1);
-        vi.spyOn(store, 'bulkUpdate').mockResolvedValue({
-            updated: 3,
-            skipped: [],
-            warnings: [],
-        } as never);
-        window.confirm = vi.fn(() => true);
-
-        const wrapper = mount(BulkActionsBar, {
-            global: {
-                plugins: [createVuetify()],
-                stubs: defaultStubs,
-            },
-        });
-        await wrapper.find('[data-testid="bulk-pause"]').trigger('click');
-        await new Promise((r) => setTimeout(r, 30));
-
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        expect((wrapper.vm as any).skipToastOpen).toBe(false);
-    });
-});
-```
-
-- [ ] **Step 3.2: Run test to verify fail**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация" && npx --prefix app vitest run app/tests/Frontend/BulkActionsBar.spec.ts -t "snackbar replacement"
-```
-
-Expected: FAIL — «alertSpy was called» / «skipToastOpen is undefined».
-
-- [ ] **Step 3.3: Replace window.alert with snackbar in BulkActionsBar.vue**
-
-Edit `app/resources/js/components/projects/BulkActionsBar.vue` — заменить script section и template (entire file rewrite в чистом виде):
-
-```vue
-<template>
-    <v-card class="bulk-actions-bar" elevation="6">
-        <DevIndexBadge :index="20" label="BulkActionsBar" :dialog-mode="true" style="top: 4px; right: 4px" />
-        <v-card-text class="d-flex align-center gap-3 flex-wrap">
-            <strong>Выбрано: {{ store.selectedIds.size }}</strong>
-
-            <v-divider vertical />
-
-            <v-btn color="primary" variant="outlined" data-testid="bulk-regions" @click="regionsOpen = true">
-                🌍 Регионы…
-            </v-btn>
-            <v-btn color="primary" variant="outlined" data-testid="bulk-days" @click="daysOpen = true">
-                📅 Дни сбора…
-            </v-btn>
-            <v-btn color="primary" variant="outlined" data-testid="bulk-limit" @click="limitOpen = true">
-                🎯 Лимит лидов…
-            </v-btn>
-
-            <v-divider vertical />
-
-            <v-btn color="warning" prepend-icon="mdi-pause" data-testid="bulk-pause" @click="confirmAndRun('pause')">
-                Приостановить
-            </v-btn>
-            <v-btn color="success" prepend-icon="mdi-play" data-testid="bulk-resume" @click="confirmAndRun('resume')">
-                Возобновить
-            </v-btn>
-
-            <v-divider vertical />
-
-            <v-btn
-                color="error"
-                prepend-icon="mdi-archive"
-                data-testid="bulk-archive"
-                @click="confirmAndRun('archive')"
-            >
-                Архивировать
-            </v-btn>
-
-            <v-spacer />
-            <v-btn variant="text" data-testid="bulk-clear" @click="store.clearSelection">Снять выбор</v-btn>
-        </v-card-text>
-
-        <RegionsBulkDialog
-            v-model="regionsOpen"
-            :count="store.selectedIds.size"
-            @apply="(p) => runBulk({ action: 'update_regions', ...p })"
-        />
-        <DaysBulkDialog
-            v-model="daysOpen"
-            :count="store.selectedIds.size"
-            @apply="(p) => runBulk({ action: 'update_days', ...p })"
-        />
-        <LimitBulkDialog
-            v-model="limitOpen"
-            :count="store.selectedIds.size"
-            @apply="(p) => runBulk({ action: 'update_limit', ...p })"
-        />
-
-        <v-snackbar
-            v-model="skipToastOpen"
-            :timeout="6000"
-            color="warning"
-            location="bottom right"
-            data-testid="bulk-skip-toast"
-        >
-            {{ skipToastText }}
-            <template #actions>
-                <v-btn variant="text" @click="skipToastOpen = false">Закрыть</v-btn>
-            </template>
-        </v-snackbar>
-    </v-card>
-</template>
-
-<script setup lang="ts">
-import { ref } from 'vue';
-import { useProjectsStore } from '../../stores/projectsStore';
-import DevIndexBadge from '../DevIndexBadge.vue';
-import RegionsBulkDialog from './RegionsBulkDialog.vue';
-import DaysBulkDialog from './DaysBulkDialog.vue';
-import LimitBulkDialog from './LimitBulkDialog.vue';
-
-const store = useProjectsStore();
-
-const regionsOpen = ref(false);
-const daysOpen = ref(false);
-const limitOpen = ref(false);
-
-// Sprint 1 C5: window.alert → v-snackbar (non-blocking, accessible, не breaks браузерный automation).
-const skipToastOpen = ref(false);
-const skipToastText = ref('');
-
-const messages: Record<string, string> = {
-    pause: 'Приостановить выбранные проекты?',
-    resume: 'Возобновить выбранные проекты?',
-    archive:
-        'Архивировать выбранные проекты?\nДействие необратимо в Plan 5 (восстановление потребует ручного запроса).',
-};
-
-async function confirmAndRun(action: 'pause' | 'resume' | 'archive') {
-    if (!window.confirm(messages[action])) return;
-    await runBulk({ action });
-}
-
-async function runBulk(payload: Parameters<typeof store.bulkUpdate>[0]) {
-    const result = await store.bulkUpdate(payload);
-    if (result.skipped.length > 0) {
-        skipToastText.value = `Применено: ${result.updated}. Пропущено: ${result.skipped.length} (конфликт с уже доставленными лидами).`;
-        skipToastOpen.value = true;
-    }
-}
-
-defineExpose({ regionsOpen, daysOpen, limitOpen, skipToastOpen, skipToastText, runBulk });
-</script>
-
-<style scoped>
-.bulk-actions-bar {
-    position: fixed;
-    bottom: 24px;
-    left: 50%;
-    transform: translateX(-50%);
-    z-index: 10;
-    max-width: calc(100vw - 48px);
-}
-</style>
-```
-
-- [ ] **Step 3.4: Re-run test to verify pass**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация" && npx --prefix app vitest run app/tests/Frontend/BulkActionsBar.spec.ts
-```
-
-Expected: ALL PASS (existing + 2 new).
-
-- [ ] **Step 3.5: Full Projects-related regression**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация" && npx --prefix app vitest run app/tests/Frontend/ProjectsView.spec.ts app/tests/Frontend/BulkActionsBar.spec.ts
-```
-
-Expected: ALL PASS.
-
-- [ ] **Step 3.6: vue-tsc + ESLint**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация/app" && npm run type-check && npm run lint:vue
-```
-
-Expected: 0 errors на BulkActionsBar.vue.
-
-- [ ] **Step 3.7: Manual browser smoke**
-
-http://127.0.0.1:8000/projects (после login). Выбрать 2+ проекта → BulkActionsBar появляется снизу → «Приостановить» → confirm → если backend вернёт skipped > 0 → должен показаться snackbar (не alert).
-
-- [ ] **Step 3.8: Commit**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация" && git add app/resources/js/components/projects/BulkActionsBar.vue app/tests/Frontend/BulkActionsBar.spec.ts && git commit -m "$(cat <<'EOF'
-fix(projects): C5 — replace window.alert() with v-snackbar in BulkActionsBar
-
-window.alert блокирует UI thread, не accessible (a11y), breaks браузерный
-automation (Playwright/Selenium). Заменено на v-snackbar (timeout 6s,
-color warning, location bottom-right, кнопка «Закрыть»). Текст идентичен:
-«Применено: N. Пропущено: M (конфликт с уже доставленными лидами).»
-
-+2 Vitest specs (snackbar opens / snackbar НЕ opens at skipped=0).
-window.confirm для pause/resume/archive намеренно оставлен — это
-deliberate blocking прерывание для деструктивных операций (UX-pattern).
-
-Closes audit ID C5 from docs/superpowers/specs/2026-05-15-portal-audit-design.md.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
-Expected: lefthook green.
-
----
-
-## Task 4: G1 — AdminPricingTiersView submit/delete error handling
-
-**Source lines:** [AdminPricingTiersView.vue:157-174](../../../app/resources/js/views/admin/AdminPricingTiersView.vue#L157-L174):
-
-```ts
-async function submit(): Promise<void> {
-    saving.value = true;
-    try {
-        await axios.post('/api/admin/pricing-tiers', { tiers: editor.value });
-        editorOpen.value = false;
-        await load();
-    } finally {
-        saving.value = false;
-    }
-}
-
-async function confirmDelete(effectiveFrom: string): Promise<void> {
-    if (!window.confirm(`Удалить запланированный набор с ${effectiveFrom}?`)) {
-        return;
-    }
-    await axios.delete(`/api/admin/pricing-tiers/scheduled/${effectiveFrom}`);
-    await load();
-}
-```
-
-**Files:**
-
-- Modify: `app/resources/js/views/admin/AdminPricingTiersView.vue` (script: + errorMessage + successMessage refs, + try/catch in submit/confirmDelete; template: + v-alert + v-snackbar)
-- Test: `app/tests/Frontend/AdminPricingTiersView.spec.ts` (extend)
-
-### Steps
-
-- [ ] **Step 4.1: Write failing tests for error display**
-
-Edit `app/tests/Frontend/AdminPricingTiersView.spec.ts` — append at end:
-
-```ts
-describe('AdminPricingTiersView error handling (Sprint 1 G1)', () => {
-    it('submit() shows errorMessage when axios.post rejects with 422', async () => {
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        (axios.get as any).mockResolvedValue({ data: { data: { active: mockTiers, scheduled: {} } } });
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        (axios.post as any).mockRejectedValue({
-            response: { status: 422, data: { message: 'Validation failed: tier 7 leads_in_tier must be null' } },
-        });
-        const wrapper = mount(AdminPricingTiersView, { global: { plugins: [vuetify] } });
-        await new Promise((r) => setTimeout(r, 50));
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        await (wrapper.vm as any).submit();
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        const vm = wrapper.vm as any;
-        expect(vm.errorMessage).toContain('Validation failed');
-        expect(vm.saving).toBe(false);
-        // Dialog should remain OPEN so user can fix and retry
-        expect(vm.editorOpen).toBe(true);
-    });
-
-    it('submit() shows successMessage on 200', async () => {
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        (axios.get as any).mockResolvedValue({ data: { data: { active: mockTiers, scheduled: {} } } });
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        (axios.post as any).mockResolvedValue({ data: { effective_from: '2026-06-01' } });
-        const wrapper = mount(AdminPricingTiersView, { global: { plugins: [vuetify] } });
-        await new Promise((r) => setTimeout(r, 50));
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        await (wrapper.vm as any).submit();
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        const vm = wrapper.vm as any;
-        expect(vm.successMessage).toContain('Сохранено');
-        expect(vm.errorMessage).toBe(null);
-        expect(vm.saving).toBe(false);
-        expect(vm.editorOpen).toBe(false);
-    });
-
-    it('confirmDelete() shows errorMessage when axios.delete rejects', async () => {
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        (axios.get as any).mockResolvedValue({ data: { data: { active: mockTiers, scheduled: {} } } });
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        (axios.delete as any).mockRejectedValue({
-            response: { status: 500, data: { message: 'Database connection failed' } },
-        });
-        window.confirm = vi.fn(() => true);
-        const wrapper = mount(AdminPricingTiersView, { global: { plugins: [vuetify] } });
-        await new Promise((r) => setTimeout(r, 50));
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        await (wrapper.vm as any).confirmDelete('2026-06-01');
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        expect((wrapper.vm as any).errorMessage).toContain('Database connection failed');
-    });
-
-    it('confirmDelete() shows successMessage on OK', async () => {
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        (axios.get as any).mockResolvedValue({ data: { data: { active: mockTiers, scheduled: {} } } });
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        (axios.delete as any).mockResolvedValue({ data: { ok: true } });
-        window.confirm = vi.fn(() => true);
-        const wrapper = mount(AdminPricingTiersView, { global: { plugins: [vuetify] } });
-        await new Promise((r) => setTimeout(r, 50));
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        await (wrapper.vm as any).confirmDelete('2026-06-01');
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        expect((wrapper.vm as any).successMessage).toContain('Удалено');
-    });
-});
-```
-
-- [ ] **Step 4.2: Run test to verify fail**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация" && npx --prefix app vitest run app/tests/Frontend/AdminPricingTiersView.spec.ts -t "error handling"
-```
-
-Expected: FAIL — «errorMessage is undefined», «successMessage is undefined».
-
-- [ ] **Step 4.3: Add error/success state + try/catch to AdminPricingTiersView**
-
-Edit `app/resources/js/views/admin/AdminPricingTiersView.vue` script section — заменить:
-
-```ts
-<script setup lang="ts">
-import { ref, computed, onMounted } from 'vue';
-import axios from 'axios';
-import { extractErrorMessage } from '../../api/client';
-
-/**
- * SaaS-admin → Тарифная сетка (Plan 4 Task 9, Sprint 1 G1 error handling).
- *
- * Backend: AdminPricingTiersController (GET/POST/DELETE).
- * Палитра Forest + JetBrains Mono для tnum-цифр.
- *
- * defineExpose ниже — для Vitest unit-тестов.
- */
-
-interface Tier {
-    tier_no: number;
-    leads_in_tier: number | null;
-    price_per_lead_kopecks: number;
-    effective_from: string;
-}
-interface EditorRow {
-    tier_no: number;
-    leads_in_tier: number | null;
-    price_rub: string;
-}
-
-const active = ref<Tier[]>([]);
-const scheduled = ref<Record<string, Tier[]>>({});
-const editorOpen = ref(false);
-const saving = ref(false);
-
-// Sprint 1 G1: error/success state для UI feedback.
-const errorMessage = ref<string | null>(null);
-const successMessage = ref<string | null>(null);
-const successToastOpen = ref(false);
-
-const defaultEditor: EditorRow[] = [
-    { tier_no: 1, leads_in_tier: 100, price_rub: '500.00' },
-    { tier_no: 2, leads_in_tier: 200, price_rub: '450.00' },
-    { tier_no: 3, leads_in_tier: 400, price_rub: '400.00' },
-    { tier_no: 4, leads_in_tier: 800, price_rub: '350.00' },
-    { tier_no: 5, leads_in_tier: 1500, price_rub: '300.00' },
-    { tier_no: 6, leads_in_tier: 3000, price_rub: '270.00' },
-    { tier_no: 7, leads_in_tier: null, price_rub: '250.00' },
-];
-const editor = ref<EditorRow[]>(JSON.parse(JSON.stringify(defaultEditor)));
-
-const tierHeaders = [
-    { title: '№', key: 'tier_no', sortable: false, width: 80 },
-    { title: 'Лидов в ступени', key: 'leads_in_tier', sortable: false },
-    { title: 'Цена за лид', key: 'price_rub', sortable: false },
-];
-
-const nextMonthStart = computed(() => {
-    const d = new Date();
-    d.setDate(1);
-    d.setMonth(d.getMonth() + 1);
-    return d.toISOString().slice(0, 10);
-});
-
-const hasScheduled = computed(() => Object.keys(scheduled.value).length > 0);
-
-async function load(): Promise<void> {
-    try {
-        const { data } = await axios.get('/api/admin/pricing-tiers');
-        active.value = data.data.active;
-        scheduled.value = data.data.scheduled || {};
-    } catch (err) {
-        errorMessage.value = extractErrorMessage(err, 'Не удалось загрузить тарифную сетку.');
-    }
-}
-
-async function submit(): Promise<void> {
-    saving.value = true;
-    errorMessage.value = null;
-    successMessage.value = null;
-    try {
-        await axios.post('/api/admin/pricing-tiers', { tiers: editor.value });
-        editorOpen.value = false;
-        successMessage.value = `Сохранено: новая сетка вступит в силу с ${nextMonthStart.value}.`;
-        successToastOpen.value = true;
-        await load();
-    } catch (err) {
-        errorMessage.value = extractErrorMessage(err, 'Не удалось сохранить тарифную сетку.');
-        // Диалог остаётся открытым — пользователь может исправить и повторить.
-    } finally {
-        saving.value = false;
-    }
-}
-
-async function confirmDelete(effectiveFrom: string): Promise<void> {
-    if (!window.confirm(`Удалить запланированный набор с ${effectiveFrom}?`)) {
-        return;
-    }
-    errorMessage.value = null;
-    successMessage.value = null;
-    try {
-        await axios.delete(`/api/admin/pricing-tiers/scheduled/${effectiveFrom}`);
-        successMessage.value = `Удалено: запланированный набор с ${effectiveFrom}.`;
-        successToastOpen.value = true;
-        await load();
-    } catch (err) {
-        errorMessage.value = extractErrorMessage(err, 'Не удалось удалить запланированный набор.');
-    }
-}
-
-onMounted(load);
-
-defineExpose({
-    load,
-    submit,
-    confirmDelete,
-    editorOpen,
-    active,
-    scheduled,
-    editor,
-    errorMessage,
-    successMessage,
-    successToastOpen,
-    saving,
-});
-</script>
-```
-
-И добавить в `<template>` — перед `<v-card class="mb-6">` (после `<h1>`):
-
-```vue
-<v-alert
-    v-if="errorMessage"
-    type="error"
-    variant="tonal"
-    class="mb-4"
-    density="compact"
-    data-testid="pricing-error-alert"
-    closable
-    @click:close="errorMessage = null"
->
-    {{ errorMessage }}
-</v-alert>
-```
-
-И перед закрывающим `</div>` корневого `<div class="admin-pricing-tiers-view">`:
-
-```vue
-<v-snackbar
-    v-model="successToastOpen"
-    :timeout="4000"
-    color="success"
-    location="bottom right"
-    data-testid="pricing-success-toast"
->
-    {{ successMessage }}
-</v-snackbar>
-```
-
-- [ ] **Step 4.4: Re-run test to verify pass**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация" && npx --prefix app vitest run app/tests/Frontend/AdminPricingTiersView.spec.ts
-```
-
-Expected: ALL PASS (existing 5 + new 4).
-
-- [ ] **Step 4.5: vue-tsc + ESLint**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация/app" && npm run type-check && npm run lint:vue
-```
-
-Expected: 0 errors.
-
-- [ ] **Step 4.6: Manual browser smoke**
-
-http://127.0.0.1:8000/admin/pricing-tiers. Открыть редактор → ввести невалидные значения (e.g. tier 7 leads_in_tier=999 — backend ждёт null) → «Сохранить» → должен показаться красный v-alert с error message. Затем исправить → «Сохранить» → snackbar success.
-
-- [ ] **Step 4.7: Commit**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация" && git add app/resources/js/views/admin/AdminPricingTiersView.vue app/tests/Frontend/AdminPricingTiersView.spec.ts && git commit -m "$(cat <<'EOF'
-fix(admin): G1 — error/success handling in AdminPricingTiersView submit/delete
-
-axios.post/delete теперь обёрнуты в try/catch с extractErrorMessage()
-хелпером из api/client.ts (same pattern as AdminSystemView.vue:32-45).
-errorMessage отображается в v-alert (closable, type=error, tonal),
-successMessage — в v-snackbar (color=success, 4s timeout).
-
-На failed submit диалог остаётся открытым чтобы пользователь мог
-исправить и повторить (UX-pattern). saving=false гарантированно
-сбрасывается в finally.
-
-+4 Vitest specs (submit error / submit success / delete error / delete success).
-Регрессий 0.
-
-Closes audit ID G1 from docs/superpowers/specs/2026-05-15-portal-audit-design.md.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
-Expected: lefthook green.
-
----
-
-## Task 5: G2 — AdminSupplierPricesView save error handling
-
-**Source lines:** [AdminSupplierPricesView.vue:90-101](../../../app/resources/js/views/admin/AdminSupplierPricesView.vue#L90-L101):
-
-```ts
-async function save(s: SupplierRow): Promise<void> {
-    saving[s.id] = true;
-    try {
-        await axios.patch(`/api/admin/suppliers/${s.id}`, {
-            cost_rub: s.cost_rub,
-            quality_score: s.quality_score,
-            is_active: s.is_active,
-        });
-    } finally {
-        saving[s.id] = false;
-    }
-}
-```
-
-**Files:**
-
-- Modify: `app/resources/js/views/admin/AdminSupplierPricesView.vue` (script: + errorMessages reactive map + try/catch; template: + per-row v-alert + snackbar)
-- Test: `app/tests/Frontend/AdminSupplierPricesView.spec.ts` (extend)
-
-### Steps
-
-- [ ] **Step 5.1: Write failing tests**
-
-Edit `app/tests/Frontend/AdminSupplierPricesView.spec.ts` — append at end (need to read file first to know existing imports). Append:
-
-```ts
-describe('AdminSupplierPricesView error handling (Sprint 1 G2)', () => {
-    it('save() shows per-row errorMessage when axios.patch rejects', async () => {
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        (axios.get as any).mockResolvedValue({
-            data: {
-                data: [
-                    { id: 1, code: 'B1', name: 'Supplier 1', cost_rub: '120.00', quality_score: '8.50', is_active: true },
-                ],
-            },
-        });
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        (axios.patch as any).mockRejectedValue({
-            response: { status: 422, data: { message: 'cost_rub must be non-negative' } },
-        });
-        const wrapper = mount(AdminSupplierPricesView, { global: { plugins: [vuetify] } });
-        await new Promise((r) => setTimeout(r, 50));
-        const row = { id: 1, code: 'B1', name: 'Supplier 1', cost_rub: '-5.00', quality_score: '8.50', is_active: true };
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        await (wrapper.vm as any).save(row);
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        const vm = wrapper.vm as any;
-        expect(vm.errorMessages[1]).toContain('cost_rub');
-        expect(vm.saving[1]).toBe(false);
-    });
-
-    it('save() shows successMessage on 200', async () => {
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        (axios.get as any).mockResolvedValue({
-            data: {
-                data: [
-                    { id: 2, code: 'B2', name: 'Supplier 2', cost_rub: '100.00', quality_score: '9.00', is_active: true },
-                ],
-            },
-        });
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        (axios.patch as any).mockResolvedValue({ data: { ok: true } });
-        const wrapper = mount(AdminSupplierPricesView, { global: { plugins: [vuetify] } });
-        await new Promise((r) => setTimeout(r, 50));
-        const row = { id: 2, code: 'B2', name: 'Supplier 2', cost_rub: '110.00', quality_score: '9.00', is_active: true };
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        await (wrapper.vm as any).save(row);
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        const vm = wrapper.vm as any;
-        expect(vm.successToastOpen).toBe(true);
-        expect(vm.successToastText).toContain('Supplier 2');
-        expect(vm.errorMessages[2]).toBeUndefined();
-        expect(vm.saving[2]).toBe(false);
-    });
-
-    it('save() clears previous error on successful retry', async () => {
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        (axios.get as any).mockResolvedValue({
-            data: { data: [{ id: 3, code: 'B3', name: 'Supplier 3', cost_rub: '100.00', quality_score: '8.00', is_active: true }] },
-        });
-        // First call fails
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        (axios.patch as any).mockRejectedValueOnce({
-            response: { status: 500, data: { message: 'transient' } },
-        });
-        // Second call succeeds
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        (axios.patch as any).mockResolvedValueOnce({ data: { ok: true } });
-
-        const wrapper = mount(AdminSupplierPricesView, { global: { plugins: [vuetify] } });
-        await new Promise((r) => setTimeout(r, 50));
-        const row = { id: 3, code: 'B3', name: 'Supplier 3', cost_rub: '100.00', quality_score: '8.00', is_active: true };
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        await (wrapper.vm as any).save(row);
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        expect((wrapper.vm as any).errorMessages[3]).toContain('transient');
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        await (wrapper.vm as any).save(row);
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        expect((wrapper.vm as any).errorMessages[3]).toBeUndefined();
-    });
-});
-```
-
-If test file имеет другие imports — добавить vi.mock('axios') в top, если ещё нет (copy from AdminPricingTiersView.spec.ts pattern lines 1-12).
-
-- [ ] **Step 5.2: Run test to verify fail**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация" && npx --prefix app vitest run app/tests/Frontend/AdminSupplierPricesView.spec.ts -t "error handling"
-```
-
-Expected: FAIL — «errorMessages is undefined», «successToastOpen is undefined».
-
-- [ ] **Step 5.3: Refactor AdminSupplierPricesView.vue script + template**
-
-Edit `app/resources/js/views/admin/AdminSupplierPricesView.vue` script section — заменить полностью:
-
-```ts
-<script setup lang="ts">
-import { ref, onMounted, reactive } from 'vue';
-import axios from 'axios';
-import { extractErrorMessage } from '../../api/client';
-
-/**
- * SaaS-admin → Цены поставщиков (Plan 4 Task 10, Sprint 1 G2 error handling).
- *
- * Backend: AdminSuppliersController (GET/PATCH).
- * Палитра Forest + JetBrains Mono для tnum-цифр.
- *
- * defineExpose ниже — для Vitest unit-тестов.
- */
-
-interface SupplierRow {
-    id: number;
-    code: string;
-    name: string;
-    cost_rub: string;
-    quality_score: string;
-    is_active: boolean;
-}
-
-const suppliers = ref<SupplierRow[]>([]);
-const saving = reactive<Record<number, boolean>>({});
-const errorMessages = reactive<Record<number, string>>({});
-const fetchError = ref<string | null>(null);
-const successToastOpen = ref(false);
-const successToastText = ref('');
-
-const headers = [
-    { title: 'Code', key: 'code', sortable: false, width: 80 },
-    { title: 'Name', key: 'name', sortable: false },
-    { title: 'Cost (₽)', key: 'cost_rub', sortable: false, width: 140 },
-    { title: 'Quality', key: 'quality_score', sortable: false, width: 100 },
-    { title: 'Active', key: 'is_active', sortable: false, width: 100 },
-    { title: 'Действия', key: 'actions', sortable: false, width: 120 },
-];
-
-async function load(): Promise<void> {
-    fetchError.value = null;
-    try {
-        const { data } = await axios.get('/api/admin/suppliers');
-        suppliers.value = data.data;
-    } catch (err) {
-        fetchError.value = extractErrorMessage(err, 'Не удалось загрузить список поставщиков.');
-    }
-}
-
-async function save(s: SupplierRow): Promise<void> {
-    saving[s.id] = true;
-    delete errorMessages[s.id]; // очистить предыдущую ошибку перед retry
-    try {
-        await axios.patch(`/api/admin/suppliers/${s.id}`, {
-            cost_rub: s.cost_rub,
-            quality_score: s.quality_score,
-            is_active: s.is_active,
-        });
-        successToastText.value = `Сохранено: ${s.name} (${s.code}).`;
-        successToastOpen.value = true;
-    } catch (err) {
-        errorMessages[s.id] = extractErrorMessage(err, 'Не удалось сохранить изменения.');
-    } finally {
-        saving[s.id] = false;
-    }
-}
-
-onMounted(load);
-
-defineExpose({ load, save, suppliers, saving, errorMessages, fetchError, successToastOpen, successToastText });
-</script>
-```
-
-И заменить `<template>` целиком:
-
-```vue
-<template>
-    <div class="admin-supplier-prices-view">
-        <h1 class="text-h4 mb-6">Цены поставщиков (закупка)</h1>
-
-        <v-alert
-            v-if="fetchError"
-            type="warning"
-            variant="tonal"
-            class="mb-4"
-            density="compact"
-            data-testid="suppliers-fetch-error"
-            closable
-            @click:close="fetchError = null"
-        >
-            {{ fetchError }}
-        </v-alert>
-
-        <v-card elevation="1">
-            <v-data-table :headers="headers" :items="suppliers" density="comfortable" class="numeric-tnum">
-                <template #[`item.cost_rub`]="{ item }">
-                    <v-text-field
-                        v-model="item.cost_rub"
-                        type="number"
-                        step="0.01"
-                        min="0"
-                        density="compact"
-                        hide-details
-                        variant="plain"
-                        :aria-label="`Cost (₽) для ${item.name}`"
-                    />
-                </template>
-                <template #[`item.quality_score`]="{ item }">
-                    <v-text-field
-                        v-model="item.quality_score"
-                        type="number"
-                        step="0.01"
-                        min="0"
-                        max="9.99"
-                        density="compact"
-                        hide-details
-                        variant="plain"
-                        :aria-label="`Quality для ${item.name}`"
-                    />
-                </template>
-                <template #[`item.is_active`]="{ item }">
-                    <v-switch
-                        v-model="item.is_active"
-                        hide-details
-                        inset
-                        density="compact"
-                        :aria-label="`Active для ${item.name}`"
-                    />
-                </template>
-                <template #[`item.actions`]="{ item }">
-                    <div class="d-flex flex-column align-end ga-1">
-                        <v-btn size="small" color="primary" :loading="!!saving[item.id]" @click="save(item)">
-                            Сохранить
-                        </v-btn>
-                        <v-tooltip v-if="errorMessages[item.id]" location="left">
-                            <template #activator="{ props: tooltipProps }">
-                                <v-icon
-                                    v-bind="tooltipProps"
-                                    color="error"
-                                    size="small"
-                                    :data-testid="`supplier-error-${item.id}`"
-                                >
-                                    mdi-alert-circle
-                                </v-icon>
-                            </template>
-                            <span>{{ errorMessages[item.id] }}</span>
-                        </v-tooltip>
-                    </div>
-                </template>
-            </v-data-table>
-        </v-card>
-
-        <v-snackbar
-            v-model="successToastOpen"
-            :timeout="3000"
-            color="success"
-            location="bottom right"
-            data-testid="supplier-success-toast"
-        >
-            {{ successToastText }}
-        </v-snackbar>
-    </div>
-</template>
-```
-
-Style section (lines 108-113) оставить как есть.
-
-- [ ] **Step 5.4: Re-run test to verify pass**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация" && npx --prefix app vitest run app/tests/Frontend/AdminSupplierPricesView.spec.ts
-```
-
-Expected: ALL PASS (existing + new 3).
-
-- [ ] **Step 5.5: vue-tsc + ESLint**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация/app" && npm run type-check && npm run lint:vue
-```
-
-Expected: 0 errors.
-
-- [ ] **Step 5.6: Manual browser smoke**
-
-http://127.0.0.1:8000/admin/supplier-prices. В одной строке поставить `cost_rub=-1` → «Сохранить» → 422 → ❗ красный icon с tooltip ошибки. В другой строке валидное значение → success-snackbar.
-
-- [ ] **Step 5.7: Commit**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация" && git add app/resources/js/views/admin/AdminSupplierPricesView.vue app/tests/Frontend/AdminSupplierPricesView.spec.ts && git commit -m "$(cat <<'EOF'
-fix(admin): G2 — error/success handling in AdminSupplierPricesView save
-
-axios.patch теперь в try/catch с extractErrorMessage() helper. Per-row
-ошибки — reactive errorMessages: Record<number, string> отображаются как
-v-icon mdi-alert-circle с v-tooltip рядом с кнопкой «Сохранить».
-Success — v-snackbar (3s timeout, color=success, bottom-right) с именем
-поставщика.
-
-Retry на той же строке очищает предыдущий error перед новым axios.patch.
-
-load() тоже обёрнут — fetchError ref + v-alert warning сверху таблицы.
-
-+3 Vitest specs (save error / save success / retry clears error).
-Регрессий 0.
-
-Closes audit ID G2 from docs/superpowers/specs/2026-05-15-portal-audit-design.md.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
-Expected: lefthook green.
-
----
-
-## Final Sprint 1 Acceptance
-
-After all 5 tasks committed atomically (5 commits), run **full regression sweep**:
-
-- [ ] **Sprint Acceptance Step 1: Full Pest --parallel**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация/app" && composer test -- --parallel
-```
-
-Expected: **749+ passed, 3 skipped, 0 failed** (baseline 749 + possibly +1 from Task 2 single-transition test).
-
-- [ ] **Sprint Acceptance Step 2: Full Vitest**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация/app" && npm run test:vue
-```
-
-Expected: **92+ files passed, ~775+ specs passed, 4 skipped, 0 failed** (baseline 92f/759 + ~16 new specs (3+3+2+4+3) = ~775).
-
-- [ ] **Sprint Acceptance Step 3: vue-tsc + ESLint**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация/app" && npm run type-check && npm run lint:vue
-```
-
-Expected: 0 errors.
-
-- [ ] **Sprint Acceptance Step 4: Vite build verification**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация/app" && npm run build
-```
-
-Expected: build succeeds, time ≤3s (baseline 2.0-2.7s).
-
-- [ ] **Sprint Acceptance Step 5: Git log review**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация" && git log --oneline e978b33..HEAD
-```
-
-Expected: 5 atomic commits, conventional message format, each closes one audit ID (C2/C4/C5/G1/G2).
-
-- [ ] **Sprint Acceptance Step 6: Browser smoke on actual portal (если dev-server жив + login работает)**
-
-Сценарии:
-
-1. `/deals` → клик Проект chip → popover открывается → выбрать → Применить → таблица фильтруется ✅
-2. `/kanban` → drag карточку → Network → POST /api/deals/transition → reload → статус сохранился ✅
-3. `/projects` → выбрать 2 → BulkActionsBar появляется → «Архивировать» → confirm → toast (НЕ alert) ✅
-4. `/admin/pricing-tiers` → submit с невалидными → v-alert error ✅; valid → snackbar success ✅
-5. `/admin/supplier-prices` → save с невалидным cost_rub → tooltip error на строке ✅; valid → snackbar ✅
-
-- [ ] **Sprint Acceptance Step 7: НЕ push (GitHub 403 BLOCKED)**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация" && git status && git log --oneline -10
-```
-
-Verify 5 new commits on top of `e978b33`. Push'нёт пользователь сам после fix'а GitHub email-verification.
-
----
-
-## Risks & Notes
-
-- **Vuetify v-menu в jsdom тестах:** Stub применён через `stubs: { VMenu: { template: '<div>...</div>' } }` чтобы избежать teleport-проблем. Полный popover-flow проверяется только в browser smoke (Step 1.8).
-- **DealsView `availableProjects` / `availableManagers` computed:** Они извлекают unique values из `dealsState` (текущего списка mock + API). Если deals пуст — popover purpose'ы будут пустые. UX-edge case покрыт «Нет проектов» / «Нет менеджеров» fallback'ом в v-list.
-- **Pinia в Vitest:** Каждый test — `setActivePinia(createPinia())` в `beforeEach`. Все 5 тестовых файлов уже используют этот паттерн.
-- **`extractErrorMessage` API contract:** Возвращает `string` всегда (не undefined). Берёт `error.response.data.message` либо `error.response.data.error` либо `error.message` либо fallback. См. [client.ts:47-63](../../../app/resources/js/api/client.ts#L47).
-- **`vi.mock('axios')` partial mock:** Vitest mocks ALL axios methods. Если test зовёт `axios.get` без `.mockResolvedValue` — получит undefined response → могут падать. Все 5 тестовых файлов имеют `beforeEach` с разумными defaults.
-- **lefthook green on each commit:** gitleaks/markdownlint/cspell/eslint-vue/pint/larastan активны на staged files. Если larastan ругается на baseline — `composer stan -- --generate-baseline=phpstan-baseline.neon`.
-- **Push BLOCKED:** Все 5 коммитов остаются локально. После закрытия GitHub 403 «verify email» — пользователь делает `git push origin main`.
-
-## Out-of-scope (defer to next sprints)
-
-- Status chip popover (multi-status filter) — Sprint 5 P2.
-- KanbanView Plan 6.5 regions field — отдельный эпик.
-- Bulk-transition single endpoint optimization (сейчас reuse'им bulk endpoint c массивом из 1) — Post-MVP.
-- AdminPricingTiersView v-text-field validation на клиенте (max=null для tier 7) — Sprint 5 G7.
-- AdminSupplierPricesView переписать на TypeScript-импорт api/admin.ts pattern — Sprint 5 G3.
-
----
-
-## Self-Review (выполнен writing-plans skill'ом перед сохранением)
-
-**1. Spec coverage:** ✅ Все 5 P0 эпиков (C2, C4, C5, G1, G2) из spec'а имеют по 1 задаче. Sprint Schedule в spec'е → Sprint 1 описывает ровно эти 5 → совпадение.
-
-**2. Placeholder scan:** ✅ Проверено по разделу «No Placeholders»:
-
-- 0 «TBD»/«TODO»/«implement later» в production-коде (TODO в Vue-файлах SOURCE-коде остаются как documentation — это OK).
-- 0 «Add appropriate error handling» без кода.
-- Все тесты имеют actual test bodies.
-- 0 «Similar to Task N» — код повторяется явно где нужно (extractErrorMessage используется в G1 и G2 — каждый раз показан полностью).
-
-**3. Type consistency:**
-
-- `errorMessage: Ref<string | null>` consistent в G1 и G2 (G2 использует `errorMessages: Record<number, string>` per-row, что обосновано — несколько строк могут иметь свои ошибки).
-- `successToastOpen` / `successToastText` consistent через G1/G2.
-- `transitionToastOpen` / `transitionToastText` уникальны для KanbanView (C4).
-- `skipToastOpen` / `skipToastText` уникальны для BulkActionsBar (C5).
-- `projectMenuOpen` / `managerMenuOpen` / `projectMenuDraft` / `managerMenuDraft` — Task 1 only.
-- Имена функций consistent: `applyProjectFilter` / `applyManagerFilter` / `clearProjectDraft` / `clearManagerDraft` — все используются как в тестах так и в template.
-
-Никаких inline-fixов не потребовалось.
-
----
-
-## Execution Handoff
-
-**Plan complete and saved to `docs/superpowers/plans/2026-05-15-sprint1-p0-fixes.md`. Two execution options:**
-
-**1. Subagent-Driven (recommended)** — fresh subagent per task (5 tasks = 5 subagents), two-stage review между задачами (implementer subagent → code-quality reviewer subagent → mark complete → next). Хороший fit для атомарных независимых задач.
-
-**2. Inline Execution** — execute tasks в этой session через `superpowers:executing-plans`, batch execution с checkpoints для review.
-
-**Which approach?**
diff --git a/docs/superpowers/plans/2026-05-15-sprint2a-auth.md b/docs/superpowers/plans/2026-05-15-sprint2a-auth.md
deleted file mode 100644
index 6a2f311..0000000
--- a/docs/superpowers/plans/2026-05-15-sprint2a-auth.md
+++ /dev/null
@@ -1,424 +0,0 @@
-# Sprint 2 Plan A — Auth subsystem (A2/A3 + A7) Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Remove the orphaned `/recovery` RecoveryCodesView page (dead code) and make the `/legal/offer` & `/legal/privacy` footer links resolve to real stub pages instead of a 404.
-
-**Architecture:** Two independent, atomic changes. (1) Delete the `/recovery` route + `RecoveryCodesView.vue` + its story + spec — the real 2FA recovery-codes flow lives entirely in Settings → Безопасность (`TwoFactorCard.vue` setup wizard shows codes inline; `RecoveryCodesCard.vue` regenerates them), and nothing in the UI navigates to `/recovery`. (2) Add a single DRY `LegalDocView.vue` served by a `/legal/:doc(offer|privacy)` route, rendering an honest "document being finalized" stub (real legal text needs юр. редактура — реестр K3 / blocker Б-1). Upgrade the AuthLayout footer links from raw `<a href>` to `<RouterLink>`.
-
-**Tech Stack:** Vue 3 `<script setup>`, Vuetify 3, vue-router 4 (`createWebHistory`, lazy imports), Vitest + `@vue/test-utils`, Laravel 13 (`routes/web.php` SPA `Route::view`).
-
----
-
-## Context for the implementer
-
-- **Working directory:** `c:\моя\проекты\портал crm\Документация`. The Laravel app is under `app/`. Frontend = `app/resources/js/`, frontend tests = `app/tests/Frontend/`.
-- **Branch:** `main` (consistent with Sprint 1 — implementers commit atomically directly to `main`). Do **not** push (user pushes manually).
-- **Commands** (run from `app/`):
-  - Vitest: `npm run test:vue`
-  - Type-check: `npm run type-check`
-  - ESLint: `npm run lint:vue`
-- **Baseline (fresh, 2026-05-15):** Pest `742/739/3sk/0`, Vitest `92 files / 774 passed / 3 skipped / 0 failed`, vue-tsc `0`, ESLint `0`.
-- **Lefthook pre-commit** runs gitleaks / markdownlint / cspell / eslint-vue / pint / larastan on staged files — must stay green. Do **not** bypass hooks (`--no-verify` forbidden).
-- **`app/dev-indices.json`** is a pre-existing **uncommitted** dev artifact (audit I2 — Sprint 6 cleanup). Do **NOT** stage or modify it. Stage only the exact files each task names.
-- **Why `/recovery` is orphaned (verified):** grep across `app/resources/js` finds **no** `router.push('/recovery')` and **no** `<RouterLink to="/recovery">`. The only references are the route definition itself, the Histoire stub, the `.story.vue`, and the view file. `TwoFactorView.vue:126` links `/recovery-use` (a different page — consuming a code to log in), which is **kept**. The real codes-display is `TwoFactorCard.vue` setup wizard step `'codes'` and `RecoveryCodesCard.vue` regeneration — both already use the real API (`twoFactorConfirm` / `twoFactorRegenerateRecoveryCodes`).
-
----
-
-## File Structure
-
-| File | Action | Responsibility |
-|---|---|---|
-| `app/resources/js/views/auth/RecoveryCodesView.vue` | **Delete** | Orphaned mock recovery-codes page |
-| `app/resources/js/views/auth/RecoveryCodesView.story.vue` | **Delete** | Histoire story for the orphan |
-| `app/tests/Frontend/RecoveryCodesView.spec.ts` | **Delete** | Spec for the orphan (4 tests) |
-| `app/resources/js/router/index.ts` | Modify | Remove `/recovery` route; add `/legal/:doc` route |
-| `app/routes/web.php` | Modify | Remove `Route::view('/recovery')`; add 2 legal `Route::view` |
-| `app/resources/js/histoire.setup.ts` | Modify | Remove `/recovery` Histoire stub route |
-| `app/resources/js/views/legal/LegalDocView.vue` | **Create** | One DRY view for offer + privacy stub docs |
-| `app/tests/Frontend/LegalDocView.spec.ts` | **Create** | Spec for the legal view (4 tests) |
-| `app/resources/js/layouts/AuthLayout.vue` | Modify | Footer links `<a href>` → `<RouterLink>` |
-
----
-
-## Task 1: Delete orphaned RecoveryCodesView (closes A2 + A3)
-
-**Files:**
-
-- Delete: `app/resources/js/views/auth/RecoveryCodesView.vue`
-- Delete: `app/resources/js/views/auth/RecoveryCodesView.story.vue`
-- Delete: `app/tests/Frontend/RecoveryCodesView.spec.ts`
-- Modify: `app/resources/js/router/index.ts`
-- Modify: `app/routes/web.php`
-- Modify: `app/resources/js/histoire.setup.ts`
-
-This task has no "failing test first" — it is a verified dead-code removal. Discipline = confirm-then-delete-then-verify-suite-green.
-
-- [ ] **Step 1: Confirm orphan status**
-
-Run (from repo root):
-
-```bash
-grep -rn "RecoveryCodesView\|'/recovery'\|\"/recovery\"\|to=\"/recovery\"\|push('/recovery')" app/resources/js app/routes app/tests
-```
-
-Expected: matches **only** in `router/index.ts` (the `/recovery` route), `web.php` (`Route::view('/recovery', ...)`), `histoire.setup.ts` (the stub), `RecoveryCodesView.vue` itself, and `RecoveryCodesView.story.vue`. There must be **no** `router.push('/recovery')` and **no** `<RouterLink to="/recovery">`. (`/recovery-use` matches are a different, kept page — ignore them.) If a real navigation to `/recovery` is found, **STOP** and report — the orphan assumption is wrong.
-
-- [ ] **Step 2: Delete the three orphan files**
-
-```bash
-rm "app/resources/js/views/auth/RecoveryCodesView.vue"
-rm "app/resources/js/views/auth/RecoveryCodesView.story.vue"
-rm "app/tests/Frontend/RecoveryCodesView.spec.ts"
-```
-
-- [ ] **Step 3: Remove the `/recovery` route from `app/resources/js/router/index.ts`**
-
-Delete this exact route object from the `routes` array (it sits between the `/forgot` route and the `/recovery-use` route):
-
-```ts
-    {
-        path: '/recovery',
-        name: 'recovery',
-        component: () => import('../views/auth/RecoveryCodesView.vue'),
-        meta: { layout: 'auth', title: 'Резервные коды', devIndex: 6, devLabel: 'Recovery codes' },
-    },
-```
-
-Keep the `/recovery-use` route (`UseRecoveryCodeView.vue`) untouched. Leaving a gap in `devIndex` numbering (5 → 7) is acceptable — `devIndex` is a temporary feature (audit I1/I3, removed in a later sprint); do **not** renumber other routes.
-
-- [ ] **Step 4: Remove the SPA route from `app/routes/web.php`**
-
-Delete the line:
-
-```php
-Route::view('/recovery', 'welcome');
-```
-
-Keep `Route::view('/recovery-use', 'welcome');`.
-
-- [ ] **Step 5: Remove the Histoire stub from `app/resources/js/histoire.setup.ts`**
-
-Delete the line:
-
-```ts
-            { path: '/recovery', component: { template: '<div />' } },
-```
-
-Keep the `/recovery-use` stub line.
-
-- [ ] **Step 6: Verify no dangling references**
-
-```bash
-grep -rn "RecoveryCodesView" app/resources/js app/tests
-```
-
-Expected: **no output** (zero matches).
-
-- [ ] **Step 7: Run frontend verification**
-
-```bash
-cd app && npm run test:vue
-```
-
-Expected: `91 files / 770 passed / 3 skipped / 0 failed` (baseline `92/774` minus the deleted `RecoveryCodesView.spec.ts` = 1 file / 4 tests). **0 failures.**
-
-```bash
-cd app && npm run type-check
-```
-
-Expected: `0 errors`.
-
-```bash
-cd app && npm run lint:vue
-```
-
-Expected: `0 errors`.
-
-- [ ] **Step 8: Commit**
-
-```bash
-git add "app/resources/js/views/auth/RecoveryCodesView.vue" \
-        "app/resources/js/views/auth/RecoveryCodesView.story.vue" \
-        "app/tests/Frontend/RecoveryCodesView.spec.ts" \
-        app/resources/js/router/index.ts \
-        app/routes/web.php \
-        app/resources/js/histoire.setup.ts
-git commit -m "refactor(auth): remove orphaned /recovery RecoveryCodesView page (closes A2, A3)
-
-Audit A2/A3: RecoveryCodesView (route /recovery) had a TODO no-op
-continue handler and 8 hardcoded mock codes. Recon found the page is
-orphaned — nothing in the UI navigates to /recovery. The real 2FA
-recovery-codes flow lives entirely in Settings -> Безопасность
-(TwoFactorCard setup wizard + RecoveryCodesCard regeneration), both
-already wired to the real API. Per user decision (2026-05-15) the
-orphan is deleted rather than polished.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
-(`git add` only the 6 named paths — `git rm`-tracked deletions are picked up by `git add` on the path. Do **not** stage `app/dev-indices.json`.)
-
----
-
-## Task 2: Legal stub pages — `/legal/offer` + `/legal/privacy` (closes A7)
-
-**Files:**
-
-- Create: `app/resources/js/views/legal/LegalDocView.vue`
-- Create: `app/tests/Frontend/LegalDocView.spec.ts`
-- Modify: `app/resources/js/router/index.ts`
-- Modify: `app/routes/web.php`
-- Modify: `app/resources/js/layouts/AuthLayout.vue`
-
-- [ ] **Step 1: Write the failing test**
-
-Create `app/tests/Frontend/LegalDocView.spec.ts` with exactly:
-
-```ts
-import { describe, it, expect } from 'vitest';
-import { mount } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-import { createRouter, createMemoryHistory, type Router } from 'vue-router';
-
-import LegalDocView from '../../resources/js/views/legal/LegalDocView.vue';
-
-const vuetify = createVuetify();
-
-const buildRouter = (): Router =>
-    createRouter({
-        history: createMemoryHistory(),
-        routes: [
-            { path: '/legal/:doc(offer|privacy)', name: 'legal', component: LegalDocView },
-            { path: '/login', name: 'login', component: { template: '<div>login</div>' } },
-        ],
-    });
-
-const mountAt = async (path: string) => {
-    const router = buildRouter();
-    await router.push(path);
-    await router.isReady();
-    return mount(LegalDocView, { global: { plugins: [vuetify, router] } });
-};
-
-describe('LegalDocView.vue', () => {
-    it('рендерит «Договор-оферта» на /legal/offer', async () => {
-        const wrapper = await mountAt('/legal/offer');
-        expect(wrapper.text()).toContain('Договор-оферта');
-    });
-
-    it('рендерит «Политика конфиденциальности» на /legal/privacy', async () => {
-        const wrapper = await mountAt('/legal/privacy');
-        expect(wrapper.text()).toContain('Политика конфиденциальности');
-    });
-
-    it('показывает честную заглушку «документ готовится», а не фейк-текст', async () => {
-        const wrapper = await mountAt('/legal/offer');
-        const notice = wrapper.find('[data-testid="legal-stub-notice"]');
-        expect(notice.exists()).toBe(true);
-        expect(notice.text()).toContain('готовится');
-    });
-
-    it('содержит ссылку возврата ко входу', async () => {
-        const wrapper = await mountAt('/legal/privacy');
-        const back = wrapper.find('a.legal-back');
-        expect(back.exists()).toBe(true);
-        expect(back.attributes('href')).toBe('/login');
-    });
-});
-```
-
-- [ ] **Step 2: Run the test to verify it fails**
-
-```bash
-cd app && npx vitest run tests/Frontend/LegalDocView.spec.ts
-```
-
-Expected: **FAIL** — `Failed to resolve import "../../resources/js/views/legal/LegalDocView.vue"` (the view does not exist yet).
-
-- [ ] **Step 3: Create the view `app/resources/js/views/legal/LegalDocView.vue`**
-
-```vue
-<script setup lang="ts">
-/**
- * Правовые документы — заглушки оферты и политики конфиденциальности.
- *
- * Audit A7: ссылки /legal/offer и /legal/privacy в подвале AuthLayout вели
- * на 404 (catch-all). Финальные тексты документов требуют юридической
- * редактуры (реестр K3 / блокер Б-1) — до этого страницы показывают честную
- * заглушку «документ готовится», а не фейк-текст (юридический риск).
- *
- * Один view на оба документа (DRY): контент выбирается по route.params.doc.
- * Маршрут /legal/:doc(offer|privacy) — иные значения отсекает regex-constraint,
- * уходя в catch-all 404.
- */
-import { computed } from 'vue';
-import { useRoute } from 'vue-router';
-
-interface LegalDoc {
-    title: string;
-    intro: string;
-}
-
-const DOCS: Record<'offer' | 'privacy', LegalDoc> = {
-    offer: {
-        title: 'Договор-оферта',
-        intro: 'Публичная оферта на оказание услуг сервиса «Лидерра» — условия использования платформы, права и обязанности сторон, порядок оплаты.',
-    },
-    privacy: {
-        title: 'Политика конфиденциальности',
-        intro: 'Порядок обработки и защиты персональных данных пользователей сервиса «Лидерра» в соответствии с Федеральным законом № 152-ФЗ «О персональных данных».',
-    },
-};
-
-const route = useRoute();
-const doc = computed<LegalDoc>(() => (String(route.params.doc) === 'privacy' ? DOCS.privacy : DOCS.offer));
-</script>
-
-<template>
-    <v-card variant="flat" :max-width="480" width="100%" color="transparent" class="legal-card">
-        <header class="legal-header">
-            <h1 class="text-h5 mb-1">{{ doc.title }}</h1>
-            <p class="text-body-2 text-medium-emphasis ma-0">{{ doc.intro }}</p>
-        </header>
-
-        <v-alert type="info" variant="tonal" density="compact" data-testid="legal-stub-notice">
-            Финальная редакция документа готовится и будет опубликована до запуска сервиса.
-        </v-alert>
-
-        <RouterLink to="/login" class="text-body-2 text-primary legal-back"> ← Вернуться ко входу </RouterLink>
-    </v-card>
-</template>
-
-<style scoped>
-.legal-card {
-    display: flex;
-    flex-direction: column;
-    gap: 16px;
-}
-.legal-header h1 {
-    font-variation-settings: 'opsz' 24;
-    letter-spacing: -0.01em;
-}
-.legal-back {
-    text-decoration: none;
-}
-.legal-back:hover {
-    text-decoration: underline;
-}
-</style>
-```
-
-- [ ] **Step 4: Register the route in `app/resources/js/router/index.ts`**
-
-Add this route object to the `routes` array **before** the catch-all `/:pathMatch(.*)*` route (placing it just after the `/recovery-use` route, with the other auth-layout routes, is fine):
-
-```ts
-    {
-        path: '/legal/:doc(offer|privacy)',
-        name: 'legal',
-        component: () => import('../views/legal/LegalDocView.vue'),
-        meta: { layout: 'auth', title: 'Правовые документы' },
-    },
-```
-
-No `requiresAuth` / `guestOnly` — legal pages are public (a logged-in user may also read them). No `devIndex` — the page is not part of the temporary dev-index walkthrough.
-
-- [ ] **Step 5: Run the test to verify it passes**
-
-```bash
-cd app && npx vitest run tests/Frontend/LegalDocView.spec.ts
-```
-
-Expected: **PASS** — 4/4 tests.
-
-- [ ] **Step 6: Add SPA routes to `app/routes/web.php`**
-
-Add these two lines next to the other auth `Route::view` entries (e.g. after `Route::view('/recovery-use', 'welcome');`):
-
-```php
-Route::view('/legal/offer', 'welcome');
-Route::view('/legal/privacy', 'welcome');
-```
-
-This makes a hard browser load / refresh of `/legal/offer` serve the SPA shell (consistent with the project's explicit-route convention).
-
-- [ ] **Step 7: Upgrade the footer links in `app/resources/js/layouts/AuthLayout.vue`**
-
-Replace the raw anchors (currently at lines ~47-48):
-
-```vue
-                            <a href="/legal/offer">Оферта</a>
-                            <a href="/legal/privacy">Политика</a>
-```
-
-with `RouterLink`s (SPA navigation, no full page reload):
-
-```vue
-                            <RouterLink to="/legal/offer">Оферта</RouterLink>
-                            <RouterLink to="/legal/privacy">Политика</RouterLink>
-```
-
-Leave the `<span>v8 · Forest</span>` line and the `.bp-foot` wrapper unchanged. `RouterLink` renders a plain `<a>` element, so any existing `.bp-foot a { ... }` style rules continue to apply unchanged — no `<style>` edit needed.
-
-- [ ] **Step 8: Run full frontend verification**
-
-```bash
-cd app && npm run test:vue
-```
-
-Expected: `92 files / 774 passed / 3 skipped / 0 failed` (Task 1 left it at `91/770`; this task adds `LegalDocView.spec.ts` = +1 file / +4 tests → `92/774`). **0 failures.**
-
-```bash
-cd app && npm run type-check
-```
-
-Expected: `0 errors`.
-
-```bash
-cd app && npm run lint:vue
-```
-
-Expected: `0 errors`.
-
-- [ ] **Step 9: Commit**
-
-```bash
-git add app/resources/js/views/legal/LegalDocView.vue \
-        app/tests/Frontend/LegalDocView.spec.ts \
-        app/resources/js/router/index.ts \
-        app/routes/web.php \
-        app/resources/js/layouts/AuthLayout.vue
-git commit -m "feat(auth): /legal/offer + /legal/privacy stub pages (closes A7)
-
-Audit A7: the «Оферта» / «Политика» links in the AuthLayout footer were
-raw <a href> pointing at unrouted paths -> 404 via the SPA catch-all.
-Adds a single DRY LegalDocView served by /legal/:doc(offer|privacy),
-rendering an honest «document being finalized» stub (real legal text
-needs юр. редактура — реестр K3 / blocker Б-1). Footer links upgraded
-to <RouterLink> for SPA navigation.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
----
-
-## Final Acceptance — Plan A
-
-After both tasks:
-
-- [ ] Pest `--parallel` unchanged from baseline: `742/739/3sk/0` (no backend files touched — run `composer test:parallel` once to confirm).
-- [ ] Vitest: `92 files / 774 passed / 3 skipped / 0 failed` (net: −`RecoveryCodesView.spec.ts` +`LegalDocView.spec.ts` = 0 file delta, −4 +4 = 0 test delta vs baseline).
-- [ ] vue-tsc: `0 errors`.
-- [ ] ESLint: `0 errors`.
-- [ ] `grep -rn "RecoveryCodesView" app/` → no matches.
-- [ ] Lefthook pre-commit green on both commits.
-- [ ] 2 atomic commits on `main`; not pushed.
-
-## Spec coverage (audit `2026-05-15-portal-audit-design.md`)
-
-| Audit ID | Spec line | This plan |
-|---|---|---|
-| A2 | RecoveryCodesView continue button → redirect | Task 1 — superseded: page deleted (orphan, per user decision) |
-| A3 | RecoveryCodesView → real API | Task 1 — superseded: page deleted (real flow already in Settings → Безопасность) |
-| A7 | `/legal/offer` + `/legal/privacy` routes + stub | Task 2 |
diff --git a/docs/superpowers/plans/2026-05-15-sprint2b-settings.md b/docs/superpowers/plans/2026-05-15-sprint2b-settings.md
deleted file mode 100644
index aea7acd..0000000
--- a/docs/superpowers/plans/2026-05-15-sprint2b-settings.md
+++ /dev/null
@@ -1,2027 +0,0 @@
-# Sprint 2 Plan B — Settings subsystem (D1-D5 + J5 + J6) Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Make the Settings → Профиль and Settings → API tabs fully functional from UI to DB: profile save (`PATCH /api/auth/me`), API-key copy/regenerate, and webhook URL save/test — backed by real endpoints and two new Eloquent models.
-
-**Architecture:** Five atomic tasks. (1) `AuthController::updateProfile` adds `PATCH /api/auth/me` mirroring the existing `updateNotificationPreferences`. (2) `ProfileTab.vue` is rewired from hardcoded refs to the auth store + the new endpoint. (3) A new `ApiKey` model + `ApiKeyController` expose `GET /api/api-keys` and `POST /api/api-keys/regenerate` over the existing greenfield `api_keys` table. (4) A new `OutboundWebhookSubscription` model + `WebhookSettingsController` expose `GET/PUT /api/tenants/me/webhook-settings` and `POST /api/webhooks/test` over the existing greenfield `outbound_webhook_subscriptions` table. (5) `ApiTab.vue` is wired to two new frontend api modules. **Schema delta = 0** — both tables already exist in `db/schema.sql`; no migration.
-
-**Tech Stack:** Laravel 13 + Sanctum (routes in `routes/web.php`, no `api.php`), PostgreSQL 16 (RLS), Pest 4 (`DatabaseTransactions`); Vue 3 `<script setup>` + Vuetify 3 + Pinia, Vitest + `@vue/test-utils`.
-
----
-
-## Context for the implementer
-
-- **Working directory:** `c:\моя\проекты\портал crm\Документация`. Laravel app under `app/`: controllers `app/app/Http/Controllers/Api/`, models `app/app/Models/`, factories `app/database/factories/`, routes `app/routes/web.php` (there is **no** `routes/api.php` — Sanctum SPA uses the web group). Frontend `app/resources/js/`, frontend tests `app/tests/Frontend/`, backend tests `app/tests/Feature/`.
-- **Branch:** `main` (consistent with Sprint 1 + Plan A — implementers commit atomically to `main`). Do **not** push.
-- **Commands:**
-  - Backend single file: `cd app && php artisan test tests/Feature/<path>` ; full suite: `cd app && composer test:parallel`
-  - Frontend single file: `cd app && npx vitest run tests/Frontend/<file>` ; full: `cd app && npm run test:vue`
-  - `cd app && npm run type-check` ; `cd app && npm run lint:vue` ; `cd app && composer pint` ; `cd app && composer stan`
-- **Baseline (fresh, 2026-05-15, after Plan A):** Pest `742/739/3sk/0`, Vitest `92 files / 774 passed / 3 skipped / 0 failed`, vue-tsc `0`, ESLint `0`.
-- **Lefthook pre-commit** runs gitleaks / markdownlint / cspell / eslint-vue / pint / larastan / squawk on staged files — must pass. Never bypass (`--no-verify` forbidden).
-- Do **not** stage or modify `app/dev-indices.json` (pre-existing uncommitted dev artifact). Stage only the files each task names.
-- The repo path contains Cyrillic — if an Edit reports success but content looks unchanged, re-Read and retry.
-- **Verified facts (recon 2026-05-15):**
-  - `User` model `$fillable` already includes `first_name, last_name, phone, timezone` — `PATCH /me` can mass-assign directly. Registration hard-codes `first_name='Новый', last_name='Пользователь'` — ProfileTab is where they get set; the `users` table has **no** `role` column (ProfileTab's `role` field was decorative mock).
-  - `api_keys` and `outbound_webhook_subscriptions` tables exist in `db/schema.sql` with RLS, but **zero** application code touches them — no models, controllers, factories, or tests. Everything is created new.
-  - **No outbound webhook delivery pipeline exists** (no Job/Service). The `POST /api/webhooks/test` endpoint therefore performs an **unsigned connectivity test** (real HTTP POST, report status) — HMAC-signed event delivery is an explicit post-MVP epic. The secret is still generated/stored (schema requires `secret_hash NOT NULL`) and shown once, so tenants can pre-configure their receiver.
-  - Tenant-scoped routes use `Route::middleware(['auth:sanctum', 'tenant'])`. `tenant` = `SetTenantContext` (resolves `tenant_id` from `auth()->user()`, runs `SET LOCAL app.current_tenant_id` inside a transaction). In Pest, `actingAs($user)` establishes both auth and tenant context.
-  - `PATCH /api/auth/me` goes in the existing `/api/auth` `auth:sanctum` group (no `tenant` middleware) — mirroring the sibling `updateNotificationPreferences`, which already does `$user->update(...)` on the `users` table the same way.
-  - Frontend api modules all import `{ apiClient, ensureCsrfCookie }` from `./client` (never raw axios); GETs skip `ensureCsrfCookie()`, mutations call it first.
-
----
-
-## File Structure
-
-| File | Action | Responsibility |
-|---|---|---|
-| `app/app/Http/Controllers/Api/AuthController.php` | Modify | +`updateProfile()`; `userResource()` +phone/timezone |
-| `app/routes/web.php` | Modify | +`PATCH /me`; +`/api/api-keys` group; +webhook group |
-| `app/tests/Feature/Auth/UpdateProfileTest.php` | Create | Pest test for `PATCH /api/auth/me` |
-| `app/resources/js/api/auth.ts` | Modify | `AuthUser` +phone/timezone; +`updateProfile()` + payload type |
-| `app/resources/js/views/settings/ProfileTab.vue` | Modify | Rewire to auth store + `PATCH /me` |
-| `app/tests/Frontend/ProfileTab.spec.ts` | Create | Vitest spec for ProfileTab |
-| `app/app/Models/ApiKey.php` | Create | Eloquent model for `api_keys` |
-| `app/database/factories/ApiKeyFactory.php` | Create | Factory for `ApiKey` |
-| `app/app/Http/Controllers/Api/ApiKeyController.php` | Create | `index()` + `regenerate()` |
-| `app/tests/Feature/ApiKeyControllerTest.php` | Create | Pest test |
-| `app/app/Models/OutboundWebhookSubscription.php` | Create | Eloquent model for `outbound_webhook_subscriptions` |
-| `app/database/factories/OutboundWebhookSubscriptionFactory.php` | Create | Factory |
-| `app/app/Http/Controllers/Api/WebhookSettingsController.php` | Create | `show()` + `update()` + `test()` |
-| `app/tests/Feature/WebhookSettingsControllerTest.php` | Create | Pest test |
-| `app/resources/js/api/apiKeys.ts` | Create | Frontend api module for api-keys |
-| `app/resources/js/api/webhooks.ts` | Create | Frontend api module for webhook settings |
-| `app/resources/js/views/settings/ApiTab.vue` | Modify | Full wiring of all 4 buttons |
-| `app/tests/Frontend/ApiTab.spec.ts` | Create | Vitest spec for ApiTab |
-
----
-
-## Task 1: `PATCH /api/auth/me` — profile update (closes J6)
-
-**Files:**
-
-- Modify: `app/app/Http/Controllers/Api/AuthController.php`
-- Modify: `app/routes/web.php`
-- Test: `app/tests/Feature/Auth/UpdateProfileTest.php`
-
-- [ ] **Step 1: Write the failing test**
-
-Create `app/tests/Feature/Auth/UpdateProfileTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Tenant;
-use App\Models\User;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-
-uses(DatabaseTransactions::class);
-
-beforeEach(function () {
-    $this->tenant = Tenant::factory()->create();
-    $this->user = User::factory()->create([
-        'tenant_id' => $this->tenant->id,
-        'first_name' => 'Новый',
-        'last_name' => 'Пользователь',
-        'phone' => null,
-        'timezone' => 'Europe/Moscow',
-    ]);
-    $this->actingAs($this->user);
-});
-
-test('PATCH /api/auth/me обновляет профиль и возвращает user', function () {
-    $response = $this->patchJson('/api/auth/me', [
-        'first_name' => 'Иван',
-        'last_name' => 'Петров',
-        'phone' => '+7 916 000-00-00',
-        'timezone' => 'Asia/Yekaterinburg',
-    ]);
-
-    $response->assertOk();
-    expect($response->json('user.first_name'))->toBe('Иван');
-    expect($response->json('user.last_name'))->toBe('Петров');
-    expect($response->json('user.phone'))->toBe('+7 916 000-00-00');
-    expect($response->json('user.timezone'))->toBe('Asia/Yekaterinburg');
-
-    $this->user->refresh();
-    expect($this->user->first_name)->toBe('Иван');
-    expect($this->user->timezone)->toBe('Asia/Yekaterinburg');
-});
-
-test('PATCH /api/auth/me без auth: 401', function () {
-    auth()->logout();
-    $this->patchJson('/api/auth/me', [
-        'first_name' => 'Иван',
-        'last_name' => 'Петров',
-        'timezone' => 'Europe/Moscow',
-    ])->assertStatus(401);
-});
-
-test('PATCH /api/auth/me: 422 при пустом first_name', function () {
-    $this->patchJson('/api/auth/me', [
-        'first_name' => '',
-        'last_name' => 'Петров',
-        'timezone' => 'Europe/Moscow',
-    ])->assertStatus(422)->assertJsonValidationErrorFor('first_name');
-});
-
-test('PATCH /api/auth/me: 422 при невалидной timezone', function () {
-    $this->patchJson('/api/auth/me', [
-        'first_name' => 'Иван',
-        'last_name' => 'Петров',
-        'timezone' => 'Mars/Olympus',
-    ])->assertStatus(422)->assertJsonValidationErrorFor('timezone');
-});
-
-test('PATCH /api/auth/me: phone опционален (nullable)', function () {
-    $response = $this->patchJson('/api/auth/me', [
-        'first_name' => 'Иван',
-        'last_name' => 'Петров',
-        'timezone' => 'Europe/Moscow',
-    ]);
-    $response->assertOk();
-    expect($response->json('user.phone'))->toBeNull();
-});
-
-test('GET /api/auth/me возвращает phone и timezone', function () {
-    $response = $this->getJson('/api/auth/me');
-    $response->assertOk();
-    expect($response->json('user'))->toHaveKeys(['phone', 'timezone']);
-});
-```
-
-- [ ] **Step 2: Run the test to verify it fails**
-
-Run: `cd app && php artisan test tests/Feature/Auth/UpdateProfileTest.php`
-Expected: FAIL — `PATCH /api/auth/me` is not routed (404 instead of 200/422), and `GET /me` does not yet return `phone`/`timezone`.
-
-- [ ] **Step 3: Add the route in `app/routes/web.php`**
-
-Inside the existing `Route::prefix('/api/auth')->group(...)` → inner `Route::middleware('auth:sanctum')->group(...)` block, add `Route::patch('/me', ...)` right after the `GET /me` line. The block becomes:
-
-```php
-    Route::middleware('auth:sanctum')->group(function () {
-        Route::get('/me', 'App\Http\Controllers\Api\AuthController@me');
-        Route::patch('/me', 'App\Http\Controllers\Api\AuthController@updateProfile');
-        Route::post('/logout', 'App\Http\Controllers\Api\AuthController@logout');
-        Route::patch('/me/notification-preferences', 'App\Http\Controllers\Api\AuthController@updateNotificationPreferences');
-    });
-```
-
-- [ ] **Step 4: Add `updateProfile()` to `AuthController.php`**
-
-Add this method to `app/app/Http/Controllers/Api/AuthController.php` (place it next to `updateNotificationPreferences`, before the private `userResource`):
-
-```php
-    /**
-     * PATCH /api/auth/me — обновление профиля текущего пользователя
-     * (имя, фамилия, телефон, тайм-зона). Email менять нельзя (через support).
-     *
-     * Audit J6/D1 (ProfileTab). Зеркалит updateNotificationPreferences:
-     * та же группа auth:sanctum, тот же inline-validate, тот же userResource.
-     */
-    public function updateProfile(Request $request): JsonResponse
-    {
-        $validated = $request->validate([
-            'first_name' => ['required', 'string', 'max:255'],
-            'last_name' => ['required', 'string', 'max:255'],
-            'phone' => ['nullable', 'string', 'max:20'],
-            'timezone' => ['required', 'timezone'],
-        ]);
-
-        /** @var User $user */
-        $user = $request->user();
-        $user->update($validated);
-
-        return response()->json([
-            'user' => $this->userResource($user->fresh()),
-        ]);
-    }
-```
-
-- [ ] **Step 5: Extend `userResource()` in `AuthController.php`**
-
-In the private `userResource(User $user): array` method, add `phone` and `timezone` keys (place them after `last_name`):
-
-```php
-    /** @return array<string, mixed> */
-    private function userResource(User $user): array
-    {
-        return [
-            'id' => $user->id,
-            'email' => $user->email,
-            'first_name' => $user->first_name,
-            'last_name' => $user->last_name,
-            'phone' => $user->phone,
-            'timezone' => $user->timezone,
-            'tenant_id' => $user->tenant_id,
-            'totp_enabled' => $user->totp_enabled,
-            'last_login_at' => $user->last_login_at,
-            'notification_preferences' => $user->notification_preferences,
-            'sound_enabled' => $user->sound_enabled,
-        ];
-    }
-```
-
-- [ ] **Step 6: Run the test to verify it passes**
-
-Run: `cd app && php artisan test tests/Feature/Auth/UpdateProfileTest.php`
-Expected: PASS — 6/6.
-
-- [ ] **Step 7: Pint + regression**
-
-Run: `cd app && composer pint && composer test:parallel`
-Expected: Pint clean; Pest `748/745/3sk/0` (baseline 742 + 6 new). 0 failures.
-
-- [ ] **Step 8: Commit**
-
-```bash
-git add app/app/Http/Controllers/Api/AuthController.php app/routes/web.php app/tests/Feature/Auth/UpdateProfileTest.php
-git commit -m "feat(auth): PATCH /api/auth/me profile update endpoint (closes J6)
-
-Audit J6: ProfileTab needs a full-profile update endpoint. Adds
-AuthController::updateProfile (first_name/last_name/phone/timezone),
-routed in the existing /api/auth auth:sanctum group; mirrors the
-sibling updateNotificationPreferences. userResource() now also returns
-phone + timezone so the GET /me round-trip carries them.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
----
-
-## Task 2: ProfileTab wired to real API (closes D1)
-
-**Files:**
-
-- Modify: `app/resources/js/api/auth.ts`
-- Modify: `app/resources/js/views/settings/ProfileTab.vue`
-- Test: `app/tests/Frontend/ProfileTab.spec.ts`
-
-- [ ] **Step 1: Write the failing test**
-
-Create `app/tests/Frontend/ProfileTab.spec.ts`:
-
-```ts
-import { describe, it, expect, beforeEach, vi } from 'vitest';
-import { mount } from '@vue/test-utils';
-import { createPinia, setActivePinia } from 'pinia';
-import { createVuetify } from 'vuetify';
-
-vi.mock('../../resources/js/api/auth', () => ({
-    updateProfile: vi.fn(),
-}));
-
-vi.mock('../../resources/js/api/client', () => ({
-    apiClient: {},
-    ensureCsrfCookie: vi.fn(),
-    extractValidationErrors: vi.fn(() => null),
-    extractErrorMessage: vi.fn((_e, fallback) => fallback ?? 'Произошла ошибка.'),
-    extractRateLimitRetry: vi.fn(() => null),
-}));
-
-import * as authApi from '../../resources/js/api/auth';
-import ProfileTab from '../../resources/js/views/settings/ProfileTab.vue';
-import { useAuthStore } from '../../resources/js/stores/auth';
-import type { AuthUser } from '../../resources/js/api/auth';
-
-const vuetify = createVuetify();
-
-const mockUser: AuthUser = {
-    id: 1,
-    email: 'ivan@example.ru',
-    first_name: 'Иван',
-    last_name: 'Петров',
-    phone: '+7 916 000-00-00',
-    timezone: 'Europe/Moscow',
-    tenant_id: 1,
-    totp_enabled: false,
-    last_login_at: null,
-};
-
-const factory = (user: AuthUser | null = mockUser) => {
-    setActivePinia(createPinia());
-    const auth = useAuthStore();
-    auth.user = user;
-    return mount(ProfileTab, { global: { plugins: [vuetify] } });
-};
-
-describe('ProfileTab.vue', () => {
-    beforeEach(() => {
-        vi.clearAllMocks();
-    });
-
-    it('подставляет имя/фамилию/телефон/тайм-зону из auth-store', () => {
-        const wrapper = factory();
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        const vm = wrapper.vm as any;
-        expect(vm.firstName).toBe('Иван');
-        expect(vm.lastName).toBe('Петров');
-        expect(vm.phone).toBe('+7 916 000-00-00');
-        expect(vm.timezone).toBe('Europe/Moscow');
-    });
-
-    it('save() вызывает updateProfile с payload и показывает успех', async () => {
-        (authApi.updateProfile as ReturnType<typeof vi.fn>).mockResolvedValue({
-            ...mockUser,
-            first_name: 'Пётр',
-        });
-        const wrapper = factory();
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        const vm = wrapper.vm as any;
-        vm.firstName = 'Пётр';
-        await vm.save();
-        expect(authApi.updateProfile).toHaveBeenCalledWith({
-            first_name: 'Пётр',
-            last_name: 'Петров',
-            phone: '+7 916 000-00-00',
-            timezone: 'Europe/Moscow',
-        });
-        expect(vm.saveSuccess).toBe(true);
-        expect(vm.saveError).toBe(null);
-    });
-
-    it('save() с пустым phone отправляет null', async () => {
-        (authApi.updateProfile as ReturnType<typeof vi.fn>).mockResolvedValue(mockUser);
-        const wrapper = factory();
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        const vm = wrapper.vm as any;
-        vm.phone = '   ';
-        await vm.save();
-        expect(authApi.updateProfile).toHaveBeenCalledWith(
-            expect.objectContaining({ phone: null }),
-        );
-    });
-
-    it('save() показывает ошибку при reject', async () => {
-        (authApi.updateProfile as ReturnType<typeof vi.fn>).mockRejectedValue(new Error('boom'));
-        const wrapper = factory();
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        const vm = wrapper.vm as any;
-        await vm.save();
-        expect(vm.saveError).toBeTruthy();
-        expect(vm.saveSuccess).toBe(false);
-        expect(vm.saving).toBe(false);
-    });
-
-    it('resetForm() возвращает поля к значениям из store', async () => {
-        const wrapper = factory();
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        const vm = wrapper.vm as any;
-        vm.firstName = 'Изменено';
-        vm.resetForm();
-        expect(vm.firstName).toBe('Иван');
-    });
-});
-```
-
-- [ ] **Step 2: Run the test to verify it fails**
-
-Run: `cd app && npx vitest run tests/Frontend/ProfileTab.spec.ts`
-Expected: FAIL — `updateProfile` is not yet exported from `api/auth`, and ProfileTab still uses hardcoded refs (no `data-testid`, no `save`/`resetForm`/`saveSuccess`).
-
-- [ ] **Step 3: Extend `app/resources/js/api/auth.ts`**
-
-(a) In the `AuthUser` interface, add `phone` and `timezone` (place after `last_name`):
-
-```ts
-    phone?: string | null;
-    timezone?: string | null;
-```
-
-(b) Add the payload interface and function (place near `updateNotificationPreferences` at the end of the file):
-
-```ts
-export interface UpdateProfilePayload {
-    first_name: string;
-    last_name: string;
-    phone: string | null;
-    timezone: string;
-}
-
-export async function updateProfile(payload: UpdateProfilePayload): Promise<AuthUser> {
-    await ensureCsrfCookie();
-    const { data } = await apiClient.patch<{ user: AuthUser }>('/api/auth/me', payload);
-    return data.user;
-}
-```
-
-- [ ] **Step 4: Replace `app/resources/js/views/settings/ProfileTab.vue` entirely**
-
-```vue
-<script setup lang="ts">
-/**
- * Settings → Профиль. Имя, фамилия, телефон, тайм-зона текущего пользователя
- * из auth-store; сохранение через PATCH /api/auth/me (audit D1 / J6).
- *
- * Источник дизайна: liderra_v8_handoff/concepts/v8_settings.html секция #profile.
- * Email — read-only (меняется через support). Поле «Роль» убрано: в таблице
- * users нет колонки роли (было декоративной mock-заглушкой). Кнопка смены
- * аватара пока без обработчика — загрузка аватара вне scope audit D1.
- */
-import { computed, ref } from 'vue';
-import { useAuthStore } from '../../stores/auth';
-import { updateProfile } from '../../api/auth';
-import { extractErrorMessage } from '../../api/client';
-
-const auth = useAuthStore();
-
-const firstName = ref(auth.user?.first_name ?? '');
-const lastName = ref(auth.user?.last_name ?? '');
-const phone = ref(auth.user?.phone ?? '');
-const timezone = ref(auth.user?.timezone ?? 'Europe/Moscow');
-const email = computed(() => auth.user?.email ?? '');
-
-const initials = computed(() => {
-    const f = (auth.user?.first_name ?? '').charAt(0);
-    const l = (auth.user?.last_name ?? '').charAt(0);
-    return (f + l).toUpperCase() || '—';
-});
-
-const saving = ref(false);
-const saveSuccess = ref(false);
-const saveError = ref<string | null>(null);
-
-function resetForm(): void {
-    firstName.value = auth.user?.first_name ?? '';
-    lastName.value = auth.user?.last_name ?? '';
-    phone.value = auth.user?.phone ?? '';
-    timezone.value = auth.user?.timezone ?? 'Europe/Moscow';
-    saveSuccess.value = false;
-    saveError.value = null;
-}
-
-async function save(): Promise<void> {
-    if (saving.value) return;
-    saving.value = true;
-    saveSuccess.value = false;
-    saveError.value = null;
-    try {
-        const updated = await updateProfile({
-            first_name: firstName.value,
-            last_name: lastName.value,
-            phone: phone.value.trim() === '' ? null : phone.value.trim(),
-            timezone: timezone.value,
-        });
-        auth.user = { ...auth.user!, ...updated };
-        saveSuccess.value = true;
-    } catch (err) {
-        saveError.value = extractErrorMessage(err, 'Не удалось сохранить профиль.');
-    } finally {
-        saving.value = false;
-    }
-}
-</script>
-
-<template>
-    <div class="tab-content">
-        <h2 class="tab-title text-h6 mb-4">Профиль</h2>
-
-        <v-alert
-            v-if="saveSuccess"
-            type="success"
-            variant="tonal"
-            density="compact"
-            class="mb-3"
-            closable
-            data-testid="profile-save-success"
-            @click:close="saveSuccess = false"
-        >
-            Профиль сохранён.
-        </v-alert>
-        <v-alert
-            v-if="saveError"
-            type="warning"
-            variant="tonal"
-            density="compact"
-            class="mb-3"
-            closable
-            data-testid="profile-save-error"
-            @click:close="saveError = null"
-        >
-            {{ saveError }}
-        </v-alert>
-
-        <v-row class="profile-row">
-            <v-col cols="auto">
-                <v-avatar size="80" color="primary">
-                    <span class="text-h5">{{ initials }}</span>
-                </v-avatar>
-                <v-btn variant="text" size="small" class="mt-2" prepend-icon="mdi-camera"> Сменить </v-btn>
-            </v-col>
-            <v-col>
-                <v-row dense>
-                    <v-col cols="12" md="6">
-                        <v-text-field
-                            v-model="firstName"
-                            label="Имя"
-                            variant="outlined"
-                            density="comfortable"
-                            data-testid="profile-first-name"
-                        />
-                    </v-col>
-                    <v-col cols="12" md="6">
-                        <v-text-field
-                            v-model="lastName"
-                            label="Фамилия"
-                            variant="outlined"
-                            density="comfortable"
-                            data-testid="profile-last-name"
-                        />
-                    </v-col>
-                    <v-col cols="12" md="6">
-                        <v-text-field
-                            :model-value="email"
-                            label="Email"
-                            type="email"
-                            variant="outlined"
-                            density="comfortable"
-                            disabled
-                            persistent-hint
-                            hint="Email менять только через support — связан с авторизацией"
-                        />
-                    </v-col>
-                    <v-col cols="12" md="6">
-                        <v-text-field
-                            v-model="phone"
-                            label="Телефон"
-                            variant="outlined"
-                            density="comfortable"
-                            data-testid="profile-phone"
-                        />
-                    </v-col>
-                    <v-col cols="12" md="6">
-                        <v-text-field
-                            v-model="timezone"
-                            label="Тайм-зона"
-                            variant="outlined"
-                            density="comfortable"
-                            persistent-hint
-                            hint="Используется в логах и напоминаниях"
-                            data-testid="profile-timezone"
-                        />
-                    </v-col>
-                </v-row>
-
-                <div class="d-flex ga-2 mt-4">
-                    <v-btn
-                        color="primary"
-                        variant="flat"
-                        :loading="saving"
-                        data-testid="profile-save-btn"
-                        @click="save"
-                    >
-                        Сохранить
-                    </v-btn>
-                    <v-btn variant="text" :disabled="saving" data-testid="profile-cancel-btn" @click="resetForm">
-                        Отмена
-                    </v-btn>
-                </div>
-            </v-col>
-        </v-row>
-    </div>
-</template>
-
-<style scoped>
-.tab-title {
-    font-variation-settings: 'opsz' 18;
-    letter-spacing: -0.005em;
-}
-.profile-row {
-    align-items: flex-start;
-}
-</style>
-```
-
-- [ ] **Step 5: Run the test to verify it passes**
-
-Run: `cd app && npx vitest run tests/Frontend/ProfileTab.spec.ts`
-Expected: PASS — 5/5.
-
-- [ ] **Step 6: Type-check + lint + full Vitest**
-
-Run: `cd app && npm run type-check && npm run lint:vue && npm run test:vue`
-Expected: tsc `0`, ESLint `0`, Vitest `0 failed` (baseline 774 + 5 new = 779 passed, 93 files).
-
-- [ ] **Step 7: Commit**
-
-```bash
-git add app/resources/js/api/auth.ts app/resources/js/views/settings/ProfileTab.vue app/tests/Frontend/ProfileTab.spec.ts
-git commit -m "feat(settings): ProfileTab wired to PATCH /api/auth/me (closes D1)
-
-Audit D1: ProfileTab fields were hardcoded refs and the Save button had
-no handler. Rewired to the auth store + a new api/auth updateProfile()
-calling PATCH /api/auth/me. Single «Полное имя» field split into Имя +
-Фамилия (matches users.first_name/last_name); decorative «Роль» field
-removed (no such column). AuthUser type gains phone + timezone.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
----
-
-## Task 3: ApiKey model + api-keys endpoints (closes J5 part 1, enables D2/D3)
-
-**Files:**
-
-- Create: `app/app/Models/ApiKey.php`
-- Create: `app/database/factories/ApiKeyFactory.php`
-- Create: `app/app/Http/Controllers/Api/ApiKeyController.php`
-- Modify: `app/routes/web.php`
-- Test: `app/tests/Feature/ApiKeyControllerTest.php`
-
-- [ ] **Step 1: Write the failing test**
-
-Create `app/tests/Feature/ApiKeyControllerTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\ApiKey;
-use App\Models\Tenant;
-use App\Models\User;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\Hash;
-
-uses(DatabaseTransactions::class);
-
-beforeEach(function () {
-    $this->tenant = Tenant::factory()->create();
-    $this->user = User::factory()->create(['tenant_id' => $this->tenant->id]);
-    $this->actingAs($this->user);
-});
-
-test('GET /api/api-keys возвращает активные ключи тенанта', function () {
-    ApiKey::factory()->create(['tenant_id' => $this->tenant->id, 'user_id' => $this->user->id]);
-
-    $response = $this->getJson('/api/api-keys');
-
-    $response->assertOk();
-    expect($response->json('data'))->toHaveCount(1);
-    expect($response->json('data.0'))->toHaveKeys(['id', 'name', 'key_prefix', 'last_used_at', 'created_at']);
-    // key_hash НИКОГДА не отдаётся наружу.
-    expect($response->json('data.0'))->not->toHaveKey('key_hash');
-});
-
-test('GET /api/api-keys без auth: 401', function () {
-    auth()->logout();
-    $this->getJson('/api/api-keys')->assertStatus(401);
-});
-
-test('GET /api/api-keys изолирован по тенанту', function () {
-    $otherTenant = Tenant::factory()->create();
-    $otherUser = User::factory()->create(['tenant_id' => $otherTenant->id]);
-    ApiKey::factory()->create(['tenant_id' => $otherTenant->id, 'user_id' => $otherUser->id]);
-
-    $response = $this->getJson('/api/api-keys');
-
-    $response->assertOk();
-    expect($response->json('data'))->toHaveCount(0);
-});
-
-test('POST /api/api-keys/regenerate создаёт ключ и возвращает plaintext один раз', function () {
-    $response = $this->postJson('/api/api-keys/regenerate');
-
-    $response->assertStatus(201);
-    expect($response->json('key'))->toStartWith('lpkapi_');
-    expect($response->json('key_prefix'))->toBe(substr($response->json('key'), 0, 10));
-    expect($response->json())->toHaveKeys(['id', 'name', 'key', 'key_prefix']);
-
-    // В БД хранится только bcrypt-хэш — не plaintext.
-    $row = ApiKey::query()->where('tenant_id', $this->tenant->id)->where('is_active', true)->first();
-    expect($row)->not->toBeNull();
-    expect($row->key_hash)->not->toBe($response->json('key'));
-    expect(Hash::check($response->json('key'), $row->key_hash))->toBeTrue();
-});
-
-test('POST /api/api-keys/regenerate деактивирует предыдущий активный ключ', function () {
-    $old = ApiKey::factory()->create([
-        'tenant_id' => $this->tenant->id,
-        'user_id' => $this->user->id,
-        'is_active' => true,
-    ]);
-
-    $this->postJson('/api/api-keys/regenerate')->assertStatus(201);
-
-    $old->refresh();
-    expect($old->is_active)->toBeFalse();
-    // Ровно один активный ключ после регенерации.
-    expect(ApiKey::query()->where('tenant_id', $this->tenant->id)->where('is_active', true)->count())->toBe(1);
-});
-
-test('POST /api/api-keys/regenerate без auth: 401', function () {
-    auth()->logout();
-    $this->postJson('/api/api-keys/regenerate')->assertStatus(401);
-});
-```
-
-- [ ] **Step 2: Run the test to verify it fails**
-
-Run: `cd app && php artisan test tests/Feature/ApiKeyControllerTest.php`
-Expected: FAIL — `App\Models\ApiKey` class does not exist (and routes are unrouted).
-
-- [ ] **Step 3: Create the model `app/app/Models/ApiKey.php`**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Models;
-
-use Database\Factories\ApiKeyFactory;
-use Illuminate\Database\Eloquent\Factories\HasFactory;
-use Illuminate\Database\Eloquent\Model;
-use Illuminate\Database\Eloquent\Relations\BelongsTo;
-
-/**
- * API-ключ тенанта (таблица api_keys). Tenant-aware, RLS на уровне БД.
- *
- * key_hash — bcrypt-хэш; оригинал ключа показывается ОДИН раз при генерации
- * (ApiKeyController::regenerate). key_prefix (10 символов) — для отображения
- * в UI. Таблица имеет только created_at (без updated_at).
- */
-class ApiKey extends Model
-{
-    /** @use HasFactory<ApiKeyFactory> */
-    use HasFactory;
-
-    public $timestamps = false;
-
-    protected $fillable = [
-        'tenant_id',
-        'user_id',
-        'name',
-        'key_hash',
-        'key_prefix',
-        'scopes',
-        'last_used_at',
-        'last_used_ip',
-        'expires_at',
-        'is_active',
-        'created_at',
-    ];
-
-    protected $hidden = ['key_hash'];
-
-    protected function casts(): array
-    {
-        return [
-            'scopes' => 'array',
-            'is_active' => 'boolean',
-            'last_used_at' => 'datetime',
-            'expires_at' => 'datetime',
-            'created_at' => 'datetime',
-        ];
-    }
-
-    /** @return BelongsTo<Tenant, $this> */
-    public function tenant(): BelongsTo
-    {
-        return $this->belongsTo(Tenant::class);
-    }
-
-    /** @return BelongsTo<User, $this> */
-    public function user(): BelongsTo
-    {
-        return $this->belongsTo(User::class);
-    }
-}
-```
-
-- [ ] **Step 4: Create the factory `app/database/factories/ApiKeyFactory.php`**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace Database\Factories;
-
-use App\Models\ApiKey;
-use App\Models\Tenant;
-use App\Models\User;
-use Illuminate\Database\Eloquent\Factories\Factory;
-use Illuminate\Support\Facades\Hash;
-use Illuminate\Support\Str;
-
-/**
- * @extends Factory<ApiKey>
- */
-class ApiKeyFactory extends Factory
-{
-    protected $model = ApiKey::class;
-
-    /**
-     * @return array<string, mixed>
-     */
-    public function definition(): array
-    {
-        return [
-            'tenant_id' => Tenant::factory(),
-            'user_id' => User::factory(),
-            'name' => 'API-ключ',
-            'key_hash' => Hash::make(Str::random(48)),
-            'key_prefix' => 'lpkapi_'.Str::lower(Str::random(3)),
-            'scopes' => ['read'],
-            'last_used_at' => null,
-            'expires_at' => now()->addYear(),
-            'is_active' => true,
-            'created_at' => now(),
-        ];
-    }
-}
-```
-
-- [ ] **Step 5: Create the controller `app/app/Http/Controllers/Api/ApiKeyController.php`**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Http\Controllers\Api;
-
-use App\Http\Controllers\Controller;
-use App\Models\ApiKey;
-use Illuminate\Http\JsonResponse;
-use Illuminate\Http\Request;
-use Illuminate\Support\Facades\Hash;
-use Illuminate\Support\Str;
-use Symfony\Component\HttpFoundation\Response;
-
-/**
- * API-ключи тенанта (audit D2/D3/J5). Endpoints под auth:sanctum + tenant.
- *
- * Полный ключ показывается ОДИН раз — в ответе regenerate(). В БД хранится
- * только bcrypt key_hash + key_prefix (первые 10 символов для UI). У тенанта
- * поддерживается один активный ключ: regenerate деактивирует прежние.
- */
-class ApiKeyController extends Controller
-{
-    private const KEY_PREFIX = 'lpkapi_';
-
-    public function index(Request $request): JsonResponse
-    {
-        $tenantId = (int) $request->user()->tenant_id;
-
-        // Defense-in-depth: явный where даже при RLS — в тестах PG superuser BYPASSRLS.
-        $keys = ApiKey::query()
-            ->where('tenant_id', $tenantId)
-            ->where('is_active', true)
-            ->orderByDesc('created_at')
-            ->get(['id', 'name', 'key_prefix', 'last_used_at', 'expires_at', 'created_at']);
-
-        return response()->json(['data' => $keys]);
-    }
-
-    public function regenerate(Request $request): JsonResponse
-    {
-        $tenantId = (int) $request->user()->tenant_id;
-        $userId = (int) $request->user()->id;
-
-        // Один активный ключ на тенанта — прежние деактивируются.
-        ApiKey::query()
-            ->where('tenant_id', $tenantId)
-            ->where('is_active', true)
-            ->update(['is_active' => false]);
-
-        $plainKey = self::KEY_PREFIX.Str::random(48);
-
-        $key = ApiKey::query()->create([
-            'tenant_id' => $tenantId,
-            'user_id' => $userId,
-            'name' => 'API-ключ',
-            'key_hash' => Hash::make($plainKey),
-            'key_prefix' => substr($plainKey, 0, 10),
-            'scopes' => ['read'],
-            'expires_at' => now()->addYear(),
-            'is_active' => true,
-            'created_at' => now(),
-        ]);
-
-        return response()->json([
-            'id' => $key->id,
-            'name' => $key->name,
-            'key' => $plainKey,            // показывается ОДИН раз
-            'key_prefix' => $key->key_prefix,
-        ], Response::HTTP_CREATED);
-    }
-}
-```
-
-- [ ] **Step 6: Register routes in `app/routes/web.php`**
-
-Add a new tenant-scoped group (place it near the other `auth:sanctum`+`tenant` groups, e.g. after the `/api/billing/charges` group):
-
-```php
-// API-ключи тенанта (audit D2/D3/J5). RLS на api_keys требует tenant middleware.
-Route::middleware(['auth:sanctum', 'tenant'])->prefix('/api/api-keys')->group(function () {
-    Route::get('/', 'App\Http\Controllers\Api\ApiKeyController@index');
-    Route::post('/regenerate', 'App\Http\Controllers\Api\ApiKeyController@regenerate');
-});
-```
-
-- [ ] **Step 7: Run the test to verify it passes**
-
-Run: `cd app && php artisan test tests/Feature/ApiKeyControllerTest.php`
-Expected: PASS — 6/6.
-
-- [ ] **Step 8: Pint + Larastan + regression**
-
-Run: `cd app && composer pint && composer stan && composer test:parallel`
-Expected: Pint clean; Larastan clean (no new errors); Pest `754/751/3sk/0` (after Task 1: 748 + 6 new). 0 failures.
-
-- [ ] **Step 9: Commit**
-
-```bash
-git add app/app/Models/ApiKey.php app/database/factories/ApiKeyFactory.php app/app/Http/Controllers/Api/ApiKeyController.php app/routes/web.php app/tests/Feature/ApiKeyControllerTest.php
-git commit -m "feat(api): api_keys model + GET/regenerate endpoints (closes J5 part 1)
-
-Audit J5/D3: the api_keys table existed in schema but had zero code.
-Adds the ApiKey model + factory, and ApiKeyController with GET
-/api/api-keys (list active keys, key_hash hidden) and POST
-/api/api-keys/regenerate (deactivate prior + create new, full key
-returned once, bcrypt-hashed in DB). Tenant-scoped via auth:sanctum +
-tenant middleware (RLS on api_keys).
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
----
-
-## Task 4: OutboundWebhookSubscription model + webhook-settings endpoints (closes J5 part 2, enables D4/D5)
-
-**Files:**
-
-- Create: `app/app/Models/OutboundWebhookSubscription.php`
-- Create: `app/database/factories/OutboundWebhookSubscriptionFactory.php`
-- Create: `app/app/Http/Controllers/Api/WebhookSettingsController.php`
-- Modify: `app/routes/web.php`
-- Test: `app/tests/Feature/WebhookSettingsControllerTest.php`
-
-- [ ] **Step 1: Write the failing test**
-
-Create `app/tests/Feature/WebhookSettingsControllerTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\OutboundWebhookSubscription;
-use App\Models\Tenant;
-use App\Models\User;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\Hash;
-use Illuminate\Support\Facades\Http;
-
-uses(DatabaseTransactions::class);
-
-beforeEach(function () {
-    $this->tenant = Tenant::factory()->create();
-    $this->user = User::factory()->create(['tenant_id' => $this->tenant->id]);
-    $this->actingAs($this->user);
-});
-
-test('GET webhook-settings: null когда подписки нет', function () {
-    $response = $this->getJson('/api/tenants/me/webhook-settings');
-    $response->assertOk();
-    expect($response->json('data'))->toBeNull();
-});
-
-test('GET webhook-settings возвращает подписку тенанта', function () {
-    OutboundWebhookSubscription::factory()->create([
-        'tenant_id' => $this->tenant->id,
-        'user_id' => $this->user->id,
-        'target_url' => 'https://crm.example.ru/hook',
-    ]);
-
-    $response = $this->getJson('/api/tenants/me/webhook-settings');
-
-    $response->assertOk();
-    expect($response->json('data.target_url'))->toBe('https://crm.example.ru/hook');
-    expect($response->json('data'))->toHaveKeys(['target_url', 'secret_prefix', 'events', 'is_active']);
-    // secret_hash наружу не отдаётся.
-    expect($response->json('data'))->not->toHaveKey('secret_hash');
-});
-
-test('PUT webhook-settings создаёт подписку и возвращает secret один раз', function () {
-    $response = $this->putJson('/api/tenants/me/webhook-settings', [
-        'target_url' => 'https://crm.example.ru/hook',
-    ]);
-
-    $response->assertOk();
-    expect($response->json('data.target_url'))->toBe('https://crm.example.ru/hook');
-    expect($response->json('data.secret'))->toStartWith('whsec_');
-    expect($response->json('data.events'))->toBeArray()->not->toBeEmpty();
-
-    $row = OutboundWebhookSubscription::query()->where('tenant_id', $this->tenant->id)->first();
-    expect($row)->not->toBeNull();
-    expect(Hash::check($response->json('data.secret'), $row->secret_hash))->toBeTrue();
-});
-
-test('PUT webhook-settings обновляет URL существующей подписки без нового secret', function () {
-    OutboundWebhookSubscription::factory()->create([
-        'tenant_id' => $this->tenant->id,
-        'user_id' => $this->user->id,
-        'target_url' => 'https://old.example.ru/hook',
-    ]);
-
-    $response = $this->putJson('/api/tenants/me/webhook-settings', [
-        'target_url' => 'https://new.example.ru/hook',
-    ]);
-
-    $response->assertOk();
-    expect($response->json('data.target_url'))->toBe('https://new.example.ru/hook');
-    // secret НЕ перевыпускается при простом обновлении URL.
-    expect($response->json('data'))->not->toHaveKey('secret');
-    expect(OutboundWebhookSubscription::query()->where('tenant_id', $this->tenant->id)->count())->toBe(1);
-});
-
-test('PUT webhook-settings: 422 при не-https URL', function () {
-    $this->putJson('/api/tenants/me/webhook-settings', [
-        'target_url' => 'http://insecure.example.ru/hook',
-    ])->assertStatus(422)->assertJsonValidationErrorFor('target_url');
-});
-
-test('POST webhooks/test отправляет запрос и возвращает результат', function () {
-    Http::fake(['*' => Http::response(['ok' => true], 200)]);
-    OutboundWebhookSubscription::factory()->create([
-        'tenant_id' => $this->tenant->id,
-        'user_id' => $this->user->id,
-        'target_url' => 'https://crm.example.ru/hook',
-    ]);
-
-    $response = $this->postJson('/api/webhooks/test');
-
-    $response->assertOk();
-    expect($response->json('ok'))->toBeTrue();
-    expect($response->json('status'))->toBe(200);
-    Http::assertSent(fn ($req) => $req->url() === 'https://crm.example.ru/hook');
-});
-
-test('POST webhooks/test: 422 когда подписки нет', function () {
-    $this->postJson('/api/webhooks/test')->assertStatus(422);
-});
-
-test('GET webhook-settings без auth: 401', function () {
-    auth()->logout();
-    $this->getJson('/api/tenants/me/webhook-settings')->assertStatus(401);
-});
-```
-
-- [ ] **Step 2: Run the test to verify it fails**
-
-Run: `cd app && php artisan test tests/Feature/WebhookSettingsControllerTest.php`
-Expected: FAIL — `App\Models\OutboundWebhookSubscription` does not exist.
-
-- [ ] **Step 3: Create the model `app/app/Models/OutboundWebhookSubscription.php`**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Models;
-
-use Database\Factories\OutboundWebhookSubscriptionFactory;
-use Illuminate\Database\Eloquent\Factories\HasFactory;
-use Illuminate\Database\Eloquent\Model;
-use Illuminate\Database\Eloquent\Relations\BelongsTo;
-
-/**
- * Исходящая webhook-подписка тенанта (таблица outbound_webhook_subscriptions).
- * Tenant-aware, RLS на уровне БД.
- *
- * secret_hash — bcrypt-хэш; оригинал секрета показывается ОДИН раз при
- * создании. events — JSONB-массив, CHECK требует ≥1 элемента.
- *
- * NB: outbound-доставка событий (подписанные webhook'и) — пост-MVP; пока
- * подписка хранит URL + секрет, а WebhookSettingsController::test делает
- * unsigned connectivity-проверку.
- */
-class OutboundWebhookSubscription extends Model
-{
-    /** @use HasFactory<OutboundWebhookSubscriptionFactory> */
-    use HasFactory;
-
-    protected $fillable = [
-        'tenant_id',
-        'user_id',
-        'name',
-        'target_url',
-        'secret_hash',
-        'secret_prefix',
-        'events',
-        'custom_headers',
-        'is_active',
-        'paused_at',
-    ];
-
-    protected $hidden = ['secret_hash'];
-
-    protected function casts(): array
-    {
-        return [
-            'events' => 'array',
-            'custom_headers' => 'array',
-            'is_active' => 'boolean',
-            'consecutive_failures' => 'integer',
-            'paused_at' => 'datetime',
-            'last_delivery_at' => 'datetime',
-            'last_failure_at' => 'datetime',
-            'created_at' => 'datetime',
-            'updated_at' => 'datetime',
-        ];
-    }
-
-    /** @return BelongsTo<Tenant, $this> */
-    public function tenant(): BelongsTo
-    {
-        return $this->belongsTo(Tenant::class);
-    }
-
-    /** @return BelongsTo<User, $this> */
-    public function user(): BelongsTo
-    {
-        return $this->belongsTo(User::class);
-    }
-}
-```
-
-- [ ] **Step 4: Create the factory `app/database/factories/OutboundWebhookSubscriptionFactory.php`**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace Database\Factories;
-
-use App\Models\OutboundWebhookSubscription;
-use App\Models\Tenant;
-use App\Models\User;
-use Illuminate\Database\Eloquent\Factories\Factory;
-use Illuminate\Support\Facades\Hash;
-use Illuminate\Support\Str;
-
-/**
- * @extends Factory<OutboundWebhookSubscription>
- */
-class OutboundWebhookSubscriptionFactory extends Factory
-{
-    protected $model = OutboundWebhookSubscription::class;
-
-    /**
-     * @return array<string, mixed>
-     */
-    public function definition(): array
-    {
-        return [
-            'tenant_id' => Tenant::factory(),
-            'user_id' => User::factory(),
-            'name' => 'Webhook',
-            'target_url' => 'https://'.fake()->domainName().'/webhook',
-            'secret_hash' => Hash::make('whsec_'.Str::random(40)),
-            'secret_prefix' => 'whsec_'.Str::lower(Str::random(4)),
-            'events' => ['deal.created', 'deal.status_changed'],
-            'is_active' => true,
-        ];
-    }
-}
-```
-
-- [ ] **Step 5: Create the controller `app/app/Http/Controllers/Api/WebhookSettingsController.php`**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Http\Controllers\Api;
-
-use App\Http\Controllers\Controller;
-use App\Models\OutboundWebhookSubscription;
-use Illuminate\Http\JsonResponse;
-use Illuminate\Http\Request;
-use Illuminate\Support\Facades\Hash;
-use Illuminate\Support\Facades\Http;
-use Illuminate\Support\Str;
-use Symfony\Component\HttpFoundation\Response;
-
-/**
- * Настройки исходящего webhook'а тенанта (audit D4/D5/J5).
- * Endpoints под auth:sanctum + tenant.
- *
- * Один подписка-ряд на тенанта. Секрет генерируется при создании и
- * показывается ОДИН раз (в БД — bcrypt secret_hash + secret_prefix).
- *
- * test(): MVP делает unsigned connectivity-проверку (реальный POST на
- * target_url, отчёт по HTTP-статусу). HMAC-подписанная доставка событий —
- * отдельный пост-MVP эпик (outbound-pipeline пока не построен).
- */
-class WebhookSettingsController extends Controller
-{
-    private const SECRET_PREFIX = 'whsec_';
-
-    /** @var list<string> События по умолчанию для новой подписки. */
-    private const DEFAULT_EVENTS = ['deal.created', 'deal.status_changed'];
-
-    public function show(Request $request): JsonResponse
-    {
-        $sub = $this->currentSubscription($request);
-
-        if ($sub === null) {
-            return response()->json(['data' => null]);
-        }
-
-        return response()->json(['data' => [
-            'target_url' => $sub->target_url,
-            'secret_prefix' => $sub->secret_prefix,
-            'events' => $sub->events,
-            'is_active' => $sub->is_active,
-        ]]);
-    }
-
-    public function update(Request $request): JsonResponse
-    {
-        $validated = $request->validate([
-            'target_url' => ['required', 'string', 'url', 'max:2048', 'starts_with:https://'],
-        ]);
-
-        $sub = $this->currentSubscription($request);
-        $plainSecret = null;
-
-        if ($sub === null) {
-            $plainSecret = self::SECRET_PREFIX.Str::random(40);
-            $sub = OutboundWebhookSubscription::query()->create([
-                'tenant_id' => (int) $request->user()->tenant_id,
-                'user_id' => (int) $request->user()->id,
-                'name' => 'Webhook',
-                'target_url' => $validated['target_url'],
-                'secret_hash' => Hash::make($plainSecret),
-                'secret_prefix' => substr($plainSecret, 0, 10),
-                'events' => self::DEFAULT_EVENTS,
-                'is_active' => true,
-            ]);
-        } else {
-            $sub->update(['target_url' => $validated['target_url']]);
-        }
-
-        $payload = [
-            'target_url' => $sub->target_url,
-            'secret_prefix' => $sub->secret_prefix,
-            'events' => $sub->events,
-            'is_active' => $sub->is_active,
-        ];
-        if ($plainSecret !== null) {
-            $payload['secret'] = $plainSecret;   // показывается ОДИН раз
-        }
-
-        return response()->json(['data' => $payload]);
-    }
-
-    public function test(Request $request): JsonResponse
-    {
-        $sub = $this->currentSubscription($request);
-
-        if ($sub === null) {
-            return response()->json([
-                'message' => 'Сначала сохраните URL webhook.',
-            ], Response::HTTP_UNPROCESSABLE_ENTITY);
-        }
-
-        $testPayload = [
-            'event' => 'webhook.test',
-            'sent_at' => now()->toIso8601String(),
-            'message' => 'Тестовая доставка webhook от Лидерра.',
-        ];
-
-        // MVP: unsigned connectivity-проверка. SSRF-харднинг (блок приватных
-        // IP) — пост-MVP security-review; URL уже ограничен https:// валидацией.
-        try {
-            $response = Http::timeout(10)
-                ->withHeaders(['X-Webhook-Event' => 'webhook.test'])
-                ->post($sub->target_url, $testPayload);
-
-            return response()->json([
-                'ok' => $response->successful(),
-                'status' => $response->status(),
-                'message' => $response->successful()
-                    ? "Тестовый запрос доставлен (HTTP {$response->status()})."
-                    : "Endpoint ответил HTTP {$response->status()}.",
-            ]);
-        } catch (\Throwable $e) {
-            return response()->json([
-                'ok' => false,
-                'status' => null,
-                'message' => 'Не удалось доставить тестовый запрос: '.$e->getMessage(),
-            ]);
-        }
-    }
-
-    private function currentSubscription(Request $request): ?OutboundWebhookSubscription
-    {
-        $tenantId = (int) $request->user()->tenant_id;
-
-        // Defense-in-depth: явный where даже при RLS — в тестах PG superuser BYPASSRLS.
-        return OutboundWebhookSubscription::query()
-            ->where('tenant_id', $tenantId)
-            ->orderByDesc('id')
-            ->first();
-    }
-}
-```
-
-- [ ] **Step 6: Register routes in `app/routes/web.php`**
-
-Add a new tenant-scoped group (next to the `/api/api-keys` group from Task 3):
-
-```php
-// Настройки исходящего webhook'а тенанта (audit D4/D5/J5).
-Route::middleware(['auth:sanctum', 'tenant'])->group(function () {
-    Route::get('/api/tenants/me/webhook-settings', 'App\Http\Controllers\Api\WebhookSettingsController@show');
-    Route::put('/api/tenants/me/webhook-settings', 'App\Http\Controllers\Api\WebhookSettingsController@update');
-    Route::post('/api/webhooks/test', 'App\Http\Controllers\Api\WebhookSettingsController@test');
-});
-```
-
-- [ ] **Step 7: Run the test to verify it passes**
-
-Run: `cd app && php artisan test tests/Feature/WebhookSettingsControllerTest.php`
-Expected: PASS — 8/8.
-
-- [ ] **Step 8: Pint + Larastan + regression**
-
-Run: `cd app && composer pint && composer stan && composer test:parallel`
-Expected: Pint clean; Larastan clean; Pest `762/759/3sk/0` (after Task 3: 754 + 8 new). 0 failures.
-
-- [ ] **Step 9: Commit**
-
-```bash
-git add app/app/Models/OutboundWebhookSubscription.php app/database/factories/OutboundWebhookSubscriptionFactory.php app/app/Http/Controllers/Api/WebhookSettingsController.php app/routes/web.php app/tests/Feature/WebhookSettingsControllerTest.php
-git commit -m "feat(api): outbound webhook settings endpoints (closes J5 part 2)
-
-Audit J5/D4/D5: the outbound_webhook_subscriptions table existed in
-schema but had zero code. Adds the OutboundWebhookSubscription model +
-factory and WebhookSettingsController with GET/PUT
-/api/tenants/me/webhook-settings (one subscription per tenant; secret
-generated + returned once on creation, bcrypt-hashed) and POST
-/api/webhooks/test (unsigned connectivity check — HMAC-signed event
-delivery is a separate post-MVP epic). Tenant-scoped via auth:sanctum +
-tenant middleware.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
----
-
-## Task 5: ApiTab full wiring — copy / regenerate / save webhook / test (closes D2, D3, D4, D5)
-
-**Files:**
-
-- Create: `app/resources/js/api/apiKeys.ts`
-- Create: `app/resources/js/api/webhooks.ts`
-- Modify: `app/resources/js/views/settings/ApiTab.vue`
-- Test: `app/tests/Frontend/ApiTab.spec.ts`
-
-- [ ] **Step 1: Write the failing test**
-
-Create `app/tests/Frontend/ApiTab.spec.ts`:
-
-```ts
-import { describe, it, expect, beforeEach, vi } from 'vitest';
-import { mount } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-
-vi.mock('../../resources/js/api/apiKeys', () => ({
-    listApiKeys: vi.fn(),
-    regenerateApiKey: vi.fn(),
-}));
-
-vi.mock('../../resources/js/api/webhooks', () => ({
-    getWebhookSettings: vi.fn(),
-    saveWebhookSettings: vi.fn(),
-    testWebhook: vi.fn(),
-}));
-
-vi.mock('../../resources/js/api/client', () => ({
-    apiClient: {},
-    ensureCsrfCookie: vi.fn(),
-    extractValidationErrors: vi.fn(() => null),
-    extractErrorMessage: vi.fn((_e, fallback) => fallback ?? 'Произошла ошибка.'),
-    extractRateLimitRetry: vi.fn(() => null),
-}));
-
-import * as apiKeysApi from '../../resources/js/api/apiKeys';
-import * as webhooksApi from '../../resources/js/api/webhooks';
-import ApiTab from '../../resources/js/views/settings/ApiTab.vue';
-
-const vuetify = createVuetify();
-
-const flush = () => new Promise((r) => setTimeout(r, 30));
-
-const mountTab = () => mount(ApiTab, { global: { plugins: [vuetify] } });
-
-describe('ApiTab.vue', () => {
-    beforeEach(() => {
-        vi.clearAllMocks();
-        (apiKeysApi.listApiKeys as ReturnType<typeof vi.fn>).mockResolvedValue([]);
-        (webhooksApi.getWebhookSettings as ReturnType<typeof vi.fn>).mockResolvedValue(null);
-        Object.assign(navigator, { clipboard: { writeText: vi.fn().mockResolvedValue(undefined) } });
-    });
-
-    it('загружает и показывает префикс API-ключа', async () => {
-        (apiKeysApi.listApiKeys as ReturnType<typeof vi.fn>).mockResolvedValue([
-            { id: 1, name: 'API-ключ', key_prefix: 'lpkapi_abc', last_used_at: null, expires_at: null, created_at: null },
-        ]);
-        const wrapper = mountTab();
-        await flush();
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        const vm = wrapper.vm as any;
-        expect(vm.apiKeyExists).toBe(true);
-        expect(vm.apiTokenDisplay).toBe('lpkapi_abc');
-    });
-
-    it('copyToken() пишет в буфер и открывает toast', async () => {
-        (apiKeysApi.listApiKeys as ReturnType<typeof vi.fn>).mockResolvedValue([
-            { id: 1, name: 'API-ключ', key_prefix: 'lpkapi_abc', last_used_at: null, expires_at: null, created_at: null },
-        ]);
-        const wrapper = mountTab();
-        await flush();
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        const vm = wrapper.vm as any;
-        await vm.copyToken();
-        expect(navigator.clipboard.writeText).toHaveBeenCalledWith('lpkapi_abc');
-        expect(vm.toastOpen).toBe(true);
-    });
-
-    it('confirmRegenerate() показывает полный новый ключ один раз', async () => {
-        (apiKeysApi.regenerateApiKey as ReturnType<typeof vi.fn>).mockResolvedValue({
-            id: 2,
-            name: 'API-ключ',
-            key: 'lpkapi_FULLNEWKEYVALUE0000000000',
-            key_prefix: 'lpkapi_FUL',
-        });
-        const wrapper = mountTab();
-        await flush();
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        const vm = wrapper.vm as any;
-        await vm.confirmRegenerate();
-        expect(apiKeysApi.regenerateApiKey).toHaveBeenCalled();
-        expect(vm.apiTokenDisplay).toBe('lpkapi_FULLNEWKEYVALUE0000000000');
-        expect(vm.fullKeyShown).toBe(true);
-    });
-
-    it('загружает настройки webhook', async () => {
-        (webhooksApi.getWebhookSettings as ReturnType<typeof vi.fn>).mockResolvedValue({
-            target_url: 'https://crm.example.ru/hook',
-            secret_prefix: 'whsec_abc',
-            events: ['deal.created'],
-            is_active: true,
-        });
-        const wrapper = mountTab();
-        await flush();
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        const vm = wrapper.vm as any;
-        expect(vm.webhookUrl).toBe('https://crm.example.ru/hook');
-        expect(vm.secretDisplay).toBe('whsec_abc');
-    });
-
-    it('saveWebhook() вызывает saveWebhookSettings и показывает secret один раз', async () => {
-        (webhooksApi.saveWebhookSettings as ReturnType<typeof vi.fn>).mockResolvedValue({
-            target_url: 'https://crm.example.ru/hook',
-            secret_prefix: 'whsec_new',
-            events: ['deal.created'],
-            is_active: true,
-            secret: 'whsec_FULLSECRETVALUE0000',
-        });
-        const wrapper = mountTab();
-        await flush();
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        const vm = wrapper.vm as any;
-        vm.webhookUrl = 'https://crm.example.ru/hook';
-        await vm.saveWebhook();
-        expect(webhooksApi.saveWebhookSettings).toHaveBeenCalledWith({ target_url: 'https://crm.example.ru/hook' });
-        expect(vm.secretDisplay).toBe('whsec_FULLSECRETVALUE0000');
-        expect(vm.fullSecretShown).toBe(true);
-        expect(vm.webhookSuccess).toBeTruthy();
-    });
-
-    it('runWebhookTest() вызывает testWebhook и открывает toast с результатом', async () => {
-        (webhooksApi.testWebhook as ReturnType<typeof vi.fn>).mockResolvedValue({
-            ok: true,
-            status: 200,
-            message: 'Тестовый запрос доставлен (HTTP 200).',
-        });
-        const wrapper = mountTab();
-        await flush();
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        const vm = wrapper.vm as any;
-        await vm.runWebhookTest();
-        expect(webhooksApi.testWebhook).toHaveBeenCalled();
-        expect(vm.toastOpen).toBe(true);
-        expect(vm.toastText).toContain('HTTP 200');
-    });
-});
-```
-
-- [ ] **Step 2: Run the test to verify it fails**
-
-Run: `cd app && npx vitest run tests/Frontend/ApiTab.spec.ts`
-Expected: FAIL — `../../resources/js/api/apiKeys` and `../../resources/js/api/webhooks` do not exist; ApiTab has none of the exposed members.
-
-- [ ] **Step 3: Create `app/resources/js/api/apiKeys.ts`**
-
-```ts
-import { apiClient, ensureCsrfCookie } from './client';
-
-/**
- * API-ключи тенанта (audit D2/D3). Backend: ApiKeyController.
- * Полный ключ доступен только в ответе regenerateApiKey().
- */
-export interface ApiKeyInfo {
-    id: number;
-    name: string;
-    key_prefix: string;
-    last_used_at: string | null;
-    expires_at: string | null;
-    created_at: string | null;
-}
-
-export interface RegeneratedApiKey {
-    id: number;
-    name: string;
-    key: string;
-    key_prefix: string;
-}
-
-export async function listApiKeys(): Promise<ApiKeyInfo[]> {
-    const { data } = await apiClient.get<{ data: ApiKeyInfo[] }>('/api/api-keys');
-    return data.data;
-}
-
-export async function regenerateApiKey(): Promise<RegeneratedApiKey> {
-    await ensureCsrfCookie();
-    const { data } = await apiClient.post<RegeneratedApiKey>('/api/api-keys/regenerate');
-    return data;
-}
-```
-
-- [ ] **Step 4: Create `app/resources/js/api/webhooks.ts`**
-
-```ts
-import { apiClient, ensureCsrfCookie } from './client';
-
-/**
- * Настройки исходящего webhook'а тенанта (audit D4/D5).
- * Backend: WebhookSettingsController. Полный secret доступен только в ответе
- * saveWebhookSettings() при первом создании подписки.
- */
-export interface WebhookSettings {
-    target_url: string;
-    secret_prefix: string;
-    events: string[];
-    is_active: boolean;
-}
-
-export interface SavedWebhookSettings extends WebhookSettings {
-    secret?: string;
-}
-
-export interface WebhookTestResult {
-    ok: boolean;
-    status: number | null;
-    message: string;
-}
-
-export async function getWebhookSettings(): Promise<WebhookSettings | null> {
-    const { data } = await apiClient.get<{ data: WebhookSettings | null }>('/api/tenants/me/webhook-settings');
-    return data.data;
-}
-
-export async function saveWebhookSettings(payload: { target_url: string }): Promise<SavedWebhookSettings> {
-    await ensureCsrfCookie();
-    const { data } = await apiClient.put<{ data: SavedWebhookSettings }>('/api/tenants/me/webhook-settings', payload);
-    return data.data;
-}
-
-export async function testWebhook(): Promise<WebhookTestResult> {
-    await ensureCsrfCookie();
-    const { data } = await apiClient.post<WebhookTestResult>('/api/webhooks/test');
-    return data;
-}
-```
-
-- [ ] **Step 5: Replace `app/resources/js/views/settings/ApiTab.vue` entirely**
-
-```vue
-<script setup lang="ts">
-/**
- * Settings → API и Webhook (audit D2/D3/D4/D5 + J5).
- *
- * API-ключ: GET /api/api-keys показывает key_prefix; «Копировать» — clipboard
- *   + toast; «Перегенерировать» — POST /api/api-keys/regenerate, полный ключ
- *   показывается ОДИН раз (затем доступен только префикс).
- * Webhook: GET/PUT /api/tenants/me/webhook-settings (target_url + secret_prefix),
- *   «Тестовый webhook» — POST /api/webhooks/test (реальный unsigned POST).
- *
- * Полный ключ и полный секрет показываются один раз — в БД только bcrypt-хэши.
- * Подписанная outbound-доставка событий — пост-MVP.
- */
-import { onMounted, ref } from 'vue';
-import { listApiKeys, regenerateApiKey } from '../../api/apiKeys';
-import { getWebhookSettings, saveWebhookSettings, testWebhook } from '../../api/webhooks';
-import { extractErrorMessage } from '../../api/client';
-
-// --- API-ключ ---
-const apiKeyExists = ref(false);
-const apiTokenDisplay = ref('');
-const fullKeyShown = ref(false);
-const tokenVisible = ref(false);
-const apiKeyError = ref<string | null>(null);
-const regenDialogOpen = ref(false);
-const regenerating = ref(false);
-
-// --- Webhook ---
-const webhookUrl = ref('');
-const secretDisplay = ref('');
-const fullSecretShown = ref(false);
-const secretVisible = ref(false);
-const webhookError = ref<string | null>(null);
-const webhookSuccess = ref<string | null>(null);
-const savingWebhook = ref(false);
-const testingWebhook = ref(false);
-
-// --- общий toast (D2 copy + D5 test) ---
-const toastOpen = ref(false);
-const toastText = ref('');
-const toastColor = ref<'success' | 'error'>('success');
-
-function showToast(text: string, color: 'success' | 'error' = 'success'): void {
-    toastText.value = text;
-    toastColor.value = color;
-    toastOpen.value = true;
-}
-
-async function loadApiKey(): Promise<void> {
-    apiKeyError.value = null;
-    try {
-        const keys = await listApiKeys();
-        const active = keys[0];
-        if (active) {
-            apiKeyExists.value = true;
-            apiTokenDisplay.value = active.key_prefix;
-            fullKeyShown.value = false;
-        } else {
-            apiKeyExists.value = false;
-            apiTokenDisplay.value = '';
-        }
-    } catch (err) {
-        apiKeyError.value = extractErrorMessage(err, 'Не удалось загрузить API-ключ.');
-    }
-}
-
-async function loadWebhook(): Promise<void> {
-    webhookError.value = null;
-    try {
-        const settings = await getWebhookSettings();
-        if (settings) {
-            webhookUrl.value = settings.target_url;
-            secretDisplay.value = settings.secret_prefix;
-            fullSecretShown.value = false;
-        }
-    } catch (err) {
-        webhookError.value = extractErrorMessage(err, 'Не удалось загрузить настройки webhook.');
-    }
-}
-
-onMounted(() => {
-    void loadApiKey();
-    void loadWebhook();
-});
-
-async function copyToken(): Promise<void> {
-    if (apiTokenDisplay.value === '') return;
-    try {
-        await navigator.clipboard.writeText(apiTokenDisplay.value);
-        showToast('Скопировано в буфер обмена.', 'success');
-    } catch {
-        showToast('Не удалось скопировать — выделите и скопируйте вручную.', 'error');
-    }
-}
-
-async function confirmRegenerate(): Promise<void> {
-    regenerating.value = true;
-    apiKeyError.value = null;
-    try {
-        const result = await regenerateApiKey();
-        apiTokenDisplay.value = result.key;
-        fullKeyShown.value = true;
-        apiKeyExists.value = true;
-        tokenVisible.value = true;
-        regenDialogOpen.value = false;
-    } catch (err) {
-        apiKeyError.value = extractErrorMessage(err, 'Не удалось перегенерировать ключ.');
-        regenDialogOpen.value = false;
-    } finally {
-        regenerating.value = false;
-    }
-}
-
-async function saveWebhook(): Promise<void> {
-    if (savingWebhook.value) return;
-    savingWebhook.value = true;
-    webhookError.value = null;
-    webhookSuccess.value = null;
-    try {
-        const result = await saveWebhookSettings({ target_url: webhookUrl.value });
-        if (result.secret) {
-            secretDisplay.value = result.secret;
-            fullSecretShown.value = true;
-            secretVisible.value = true;
-        } else {
-            secretDisplay.value = result.secret_prefix;
-        }
-        webhookSuccess.value = 'Настройки webhook сохранены.';
-    } catch (err) {
-        webhookError.value = extractErrorMessage(err, 'Не удалось сохранить webhook.');
-    } finally {
-        savingWebhook.value = false;
-    }
-}
-
-async function runWebhookTest(): Promise<void> {
-    if (testingWebhook.value) return;
-    testingWebhook.value = true;
-    try {
-        const result = await testWebhook();
-        showToast(result.message, result.ok ? 'success' : 'error');
-    } catch (err) {
-        showToast(extractErrorMessage(err, 'Не удалось отправить тестовый запрос.'), 'error');
-    } finally {
-        testingWebhook.value = false;
-    }
-}
-</script>
-
-<template>
-    <div class="tab-content">
-        <h2 class="tab-title text-h6 mb-4">API и Webhook</h2>
-
-        <v-card variant="outlined" class="pa-4 mb-4">
-            <h3 class="text-subtitle-2 mb-3">API-ключ</h3>
-            <p class="text-body-2 text-medium-emphasis mb-3">
-                Используется для подписи запросов в публичный API CRM. После регенерации старый ключ перестаёт работать
-                немедленно.
-            </p>
-
-            <v-alert
-                v-if="apiKeyError"
-                type="warning"
-                variant="tonal"
-                density="compact"
-                class="mb-3"
-                closable
-                data-testid="api-key-error"
-                @click:close="apiKeyError = null"
-            >
-                {{ apiKeyError }}
-            </v-alert>
-            <v-alert
-                v-if="fullKeyShown"
-                type="warning"
-                variant="tonal"
-                density="compact"
-                class="mb-3"
-                data-testid="api-key-once-notice"
-            >
-                Новый ключ показывается <strong>один раз</strong>. Скопируйте и сохраните его сейчас.
-            </v-alert>
-
-            <v-text-field
-                :model-value="apiTokenDisplay"
-                :type="tokenVisible ? 'text' : 'password'"
-                :placeholder="apiKeyExists ? '' : 'Ключ ещё не создан — нажмите «Перегенерировать»'"
-                readonly
-                variant="outlined"
-                density="comfortable"
-                data-testid="api-key-field"
-                :append-inner-icon="tokenVisible ? 'mdi-eye-off' : 'mdi-eye'"
-                @click:append-inner="tokenVisible = !tokenVisible"
-            />
-            <div class="d-flex ga-2 mt-2">
-                <v-btn
-                    variant="outlined"
-                    size="small"
-                    prepend-icon="mdi-content-copy"
-                    :disabled="apiTokenDisplay === ''"
-                    data-testid="api-key-copy-btn"
-                    @click="copyToken"
-                >
-                    Копировать
-                </v-btn>
-                <v-btn
-                    variant="outlined"
-                    size="small"
-                    color="warning"
-                    prepend-icon="mdi-refresh"
-                    data-testid="api-key-regen-btn"
-                    @click="regenDialogOpen = true"
-                >
-                    Перегенерировать
-                </v-btn>
-            </div>
-        </v-card>
-
-        <v-card variant="outlined" class="pa-4">
-            <h3 class="text-subtitle-2 mb-3">Webhook для приёма лидов</h3>
-            <p class="text-body-2 text-medium-emphasis mb-3">
-                URL источника лидов отправляет POST с подписью HMAC-SHA256. Дедуп по
-                <code>(tenant_id, source_crm_id)</code> в окне 24 ч (антифрод по phone — §10.8.1).
-            </p>
-
-            <v-alert
-                v-if="webhookError"
-                type="warning"
-                variant="tonal"
-                density="compact"
-                class="mb-3"
-                closable
-                data-testid="webhook-error"
-                @click:close="webhookError = null"
-            >
-                {{ webhookError }}
-            </v-alert>
-            <v-alert
-                v-if="webhookSuccess"
-                type="success"
-                variant="tonal"
-                density="compact"
-                class="mb-3"
-                closable
-                data-testid="webhook-success"
-                @click:close="webhookSuccess = null"
-            >
-                {{ webhookSuccess }}
-            </v-alert>
-            <v-alert
-                v-if="fullSecretShown"
-                type="warning"
-                variant="tonal"
-                density="compact"
-                class="mb-3"
-                data-testid="webhook-secret-once-notice"
-            >
-                Signing secret показывается <strong>один раз</strong>. Сохраните его в настройках вашего приёмника.
-            </v-alert>
-
-            <v-text-field
-                v-model="webhookUrl"
-                label="Endpoint URL"
-                placeholder="https://..."
-                variant="outlined"
-                density="comfortable"
-                data-testid="webhook-url-field"
-            />
-            <v-text-field
-                :model-value="secretDisplay"
-                :type="secretVisible ? 'text' : 'password'"
-                label="Signing secret (HMAC)"
-                :placeholder="secretDisplay ? '' : 'Появится после первого сохранения URL'"
-                readonly
-                variant="outlined"
-                density="comfortable"
-                data-testid="webhook-secret-field"
-                :append-inner-icon="secretVisible ? 'mdi-eye-off' : 'mdi-eye'"
-                @click:append-inner="secretVisible = !secretVisible"
-            />
-            <div class="d-flex ga-2 mt-2">
-                <v-btn
-                    color="primary"
-                    variant="flat"
-                    size="small"
-                    :loading="savingWebhook"
-                    data-testid="webhook-save-btn"
-                    @click="saveWebhook"
-                >
-                    Сохранить
-                </v-btn>
-                <v-btn
-                    variant="outlined"
-                    size="small"
-                    prepend-icon="mdi-test-tube"
-                    :loading="testingWebhook"
-                    data-testid="webhook-test-btn"
-                    @click="runWebhookTest"
-                >
-                    Тестовый webhook
-                </v-btn>
-            </div>
-        </v-card>
-
-        <v-dialog v-model="regenDialogOpen" :max-width="440" data-testid="regen-dialog">
-            <v-card>
-                <v-card-title>Перегенерация API-ключа</v-card-title>
-                <v-card-text>
-                    Текущий ключ перестанет работать немедленно. Все интеграции с ним нужно будет обновить. Продолжить?
-                </v-card-text>
-                <v-card-actions>
-                    <v-spacer />
-                    <v-btn variant="text" :disabled="regenerating" @click="regenDialogOpen = false">Отмена</v-btn>
-                    <v-btn
-                        color="warning"
-                        variant="flat"
-                        :loading="regenerating"
-                        data-testid="regen-confirm-btn"
-                        @click="confirmRegenerate"
-                    >
-                        Перегенерировать
-                    </v-btn>
-                </v-card-actions>
-            </v-card>
-        </v-dialog>
-
-        <v-snackbar
-            v-model="toastOpen"
-            :timeout="4000"
-            :color="toastColor"
-            location="bottom right"
-            data-testid="api-tab-toast"
-        >
-            {{ toastText }}
-        </v-snackbar>
-    </div>
-</template>
-
-<style scoped>
-.tab-title {
-    font-variation-settings: 'opsz' 18;
-    letter-spacing: -0.005em;
-}
-</style>
-```
-
-- [ ] **Step 6: Run the test to verify it passes**
-
-Run: `cd app && npx vitest run tests/Frontend/ApiTab.spec.ts`
-Expected: PASS — 6/6.
-
-- [ ] **Step 7: Type-check + lint + full Vitest**
-
-Run: `cd app && npm run type-check && npm run lint:vue && npm run test:vue`
-Expected: tsc `0`, ESLint `0`, Vitest `0 failed` (after Task 2: 779 passed / 93 files; this task adds `ApiTab.spec.ts` = +1 file / +6 tests → 785 passed / 94 files).
-
-- [ ] **Step 8: Commit**
-
-```bash
-git add app/resources/js/api/apiKeys.ts app/resources/js/api/webhooks.ts app/resources/js/views/settings/ApiTab.vue app/tests/Frontend/ApiTab.spec.ts
-git commit -m "feat(settings): ApiTab wired to api-key + webhook endpoints (closes D2-D5)
-
-Audit D2/D3/D4/D5: all four ApiTab buttons were handler-less and the
-fields were hardcoded. Adds api/apiKeys.ts + api/webhooks.ts modules and
-rewires ApiTab: loads the api-key prefix + webhook settings on mount;
-Copy -> clipboard + snackbar; Regenerate -> confirm dialog -> POST
-regenerate (full key shown once); Save Webhook -> PUT webhook-settings;
-Test Webhook -> POST test with the result in a snackbar.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
----
-
-## Final Acceptance — Plan B
-
-After all 5 tasks:
-
-- [ ] Pest `--parallel`: `762/759/3sk/0` (baseline 742 + 6 + 6 + 8 = 762). 0 failures, 0 regressions.
-- [ ] Vitest: `94 files / 785 passed / 3 skipped / 0 failed` (baseline 92/774 + ProfileTab.spec 5 + ApiTab.spec 6 = 94/785).
-- [ ] vue-tsc: `0 errors`. ESLint: `0 errors`. Pint: clean. Larastan: no new errors.
-- [ ] Lefthook pre-commit green on all 5 commits.
-- [ ] 5 atomic commits on `main`; not pushed.
-- [ ] Schema delta = 0 — `db/schema.sql` untouched, no migration added.
-
-## Spec coverage (audit `2026-05-15-portal-audit-design.md`)
-
-| Audit ID | Spec line | This plan |
-|---|---|---|
-| D1 | ProfileTab Save → `PATCH /api/auth/me` | Task 2 |
-| D2 | ApiTab Copy → clipboard + toast | Task 5 |
-| D3 | ApiTab Regenerate → `POST /api/api-keys/regenerate` | Tasks 3 + 5 |
-| D4 | ApiTab Save Webhook → `PUT /api/tenants/me/webhook-settings` | Tasks 4 + 5 |
-| D5 | ApiTab Test Webhook → `POST /api/webhooks/test` | Tasks 4 + 5 |
-| J5 | 3 new backend endpoints (api-keys/regenerate, webhook-settings, webhook-test) | Tasks 3 + 4 (+ supporting `GET` list/show endpoints) |
-| J6 | extend `PATCH /api/auth/me` for full profile | Task 1 |
-
-**Design decisions baked in (controller-resolved during recon, 2026-05-15):**
-
-- D4 webhook settings persist to the existing `outbound_webhook_subscriptions` table (purpose-built: URL + secret + events) — no schema change, no new `tenants` columns.
-- `POST /api/webhooks/test` is an **unsigned connectivity test** (real HTTP POST, reports HTTP status). HMAC-signed outbound event delivery is a separate post-MVP epic — the outbound delivery pipeline (Job/Service) does not exist yet. The secret is still generated, stored (bcrypt), and shown once so tenants can pre-configure their receiver.
-- ProfileTab: single «Полное имя» field split into Имя + Фамилия (matches `users.first_name`/`last_name`); the decorative «Роль» field is removed (no `users.role` column). The avatar «Сменить» button stays handler-less — avatar upload is out of audit D1 scope.
-- D6/D7 (SettingsView placeholder tabs, left-rail hide-if-not-implemented) are **not** in Plan B — they are separate audit items routed to Sprint 3 per the audit spec Sprint Schedule.
diff --git a/docs/superpowers/plans/2026-05-15-sprint2c-billing.md b/docs/superpowers/plans/2026-05-15-sprint2c-billing.md
deleted file mode 100644
index 25082cb..0000000
--- a/docs/superpowers/plans/2026-05-15-sprint2c-billing.md
+++ /dev/null
@@ -1,2674 +0,0 @@
-# Sprint 2 Plan C — Billing (E1 + E3) Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Подвязать BillingView Overview-таб на реальный API и добавить рабочее пополнение баланса (MVP-stub без платёжного шлюза).
-
-**Architecture:** Новый `BillingController` (4 эндпоинта под `auth:sanctum`+`tenant`) + `BillingTopupService` (append-only ledger-credit на bcmath) + `TariffPlan` модель. Frontend: новый `api/billing.ts`, `BillingView` + 3 sub-компонента переводятся с mock-данных на fetch. Пополнение баланса — `TopupDialog` + кнопки «Пополнить».
-
-**Tech Stack:** Laravel 13 (Sanctum SPA, PostgreSQL 16 RLS), Pest 4; Vue 3 + Vuetify 3 + Pinia, Vitest.
-
-**Источник:** `docs/superpowers/specs/2026-05-15-portal-audit-design.md` (commit `e978b33`) — Sprint 2 эпики **E1** (BillingView Пополнить баланс — TopupDialog + `POST /api/billing/topup` stub) и **E3** (BillingView Overview tab — BalanceCard/TransactionsTable/InvoicesTable на real API).
-
----
-
-## Контекст и ключевые факты recon (читать перед началом)
-
-**Schema delta = 0.** Plan C НЕ трогает `db/schema.sql` — все нужные таблицы (`balance_transactions`, `tariff_plans`, `saas_invoices`) уже существуют. Записи в `db/CHANGELOG_schema.md` не требуется.
-
-**`balance_transactions` — append-only audit-таблица с 2 триггерами** (`db/schema.sql:2974-2979`):
-
-- `trg_audit_chain_hash_balance_tx` — `BEFORE INSERT` → `audit_chain_hash()` заполняет `log_hash` (SHA-256 hash-chain). **Прозрачно для приложения** — INSERT работает как обычно, ничего делать не нужно.
-- `trg_audit_block_mut_balance_tx` — `BEFORE UPDATE OR DELETE` → `audit_block_mutation()` делает `RAISE EXCEPTION`. **Строки неизменяемы.** → Каждый topup = новая INSERT-строка; существующие строки никогда не UPDATE/DELETE. `balance_rub_after` вычисляется на момент INSERT'а и фиксируется навсегда.
-- `LedgerService::chargeForDelivery` (`app/app/Services/Billing/LedgerService.php:86`) уже делает `BalanceTransaction::create([...])` тем же путём — паттерн проверен.
-
-**Деньги — только bcmath, не PHP float.** `tenants.balance_rub` / `balance_transactions.amount_rub` — `DECIMAL(12,2)`. Мутации баланса считаются через `bcadd`/`bcsub` (паттерн `LedgerService.php:64-65`). Исключение — оценочный показатель `runway_days` (грубая UX-оценка, не мутация баланса; float допустим, см. Task 2).
-
-**RLS + тесты.** `balance_transactions` и `saas_invoices` имеют RLS-политику `tenant_isolation` (`USING` без `WITH CHECK` → INSERT не фильтруется, SELECT/UPDATE/DELETE фильтруются). Тесты идут под postgres-superuser (BYPASSRLS), поэтому контроллеры обязаны делать **явный `where('tenant_id', $tenantId)`** как defense-in-depth (паттерн `TenantChargesController.php:42`). Это и есть проверяемая в тестах изоляция.
-
-**Тест-паттерн (эталоны `app/tests/Feature/ApiKeyControllerTest.php`, `app/tests/Feature/Billing/TenantChargesControllerTest.php`):**
-
-- `tests/Pest.php` НЕ включает `RefreshDatabase` глобально. Каждый Feature-тест-файл объявляет `uses(DatabaseTransactions::class)` сам.
-- `beforeEach`: `Tenant::factory()->create()` → `User::factory()->create(['tenant_id'=>...])` → `$this->actingAs($this->user)`.
-- `$this->actingAs($user)` (дефолтный guard) проходит через `auth:sanctum` — проверено в Plan B.
-- `auth()->logout()` для 401-теста.
-- `tariff_plans` (4 плана start/basic/pro/enterprise) сидится прямо из `db/schema.sql` при `migrate:fresh` — в тестовой БД эти строки ЕСТЬ, фабрика для `TariffPlan` не нужна.
-
-**PHPStan baseline (quirk-паттерн проекта):** каждый новый Feature-тест-файл даёт false-positives PHPStan на `$this`-динамические свойства/методы (`Pest\PendingCalls\TestCall`). После написания тестов — `composer stan`; если ошибки только в новых тест-файлах → `composer stan -- --generate-baseline`, затем `composer stan` снова (0 errors). Quirk #87: создание новой модели + `ide-helper:models -W` регенерирует `_ide_helper_models.php` → устаревшие `ignore`-записи становятся unmatched → `--generate-baseline` их корректно убирает (это безопасно — удаление `ignore` может только вскрыть ошибку, не спрятать).
-
-**API-клиент фронтенда (`app/resources/js/api/client.ts`):** новые api-модули импортируют `{ apiClient, ensureCsrfCookie }` из `./client`. GET-запросы НЕ вызывают `ensureCsrfCookie()`; мутации (POST) вызывают `await ensureCsrfCookie()` первой строкой. `extractErrorMessage(error, fallback?)` / `extractValidationErrors(error)` — функции обработки ошибок.
-
-**Локальный rule окружения:**
-
-- Laravel-приложение в подпапке `app/` — `composer`/`php artisan` запускать из `app/`; `npm` — из корня репозитория (`vitest.config.ts` в корне).
-- Рабочий путь содержит кириллицу — quirk #85: после `Write`/`Edit` файла убедиться, что файл реально записан (последующий запуск тестов это поймает).
-- `git add` — **только явные пути затронутых файлов.** НЕ `git add -A`, НЕ трогать `app/dev-indices.json` (pre-existing dev-артефакт, uncommitted).
-- НЕ `git push`. Hooks bypass (`--no-verify`) запрещён — lefthook pre-commit должен пройти зелёным на каждом коммите.
-- Quirk 72: `CleanupInactiveSupplierProjectsJobTest` даёт случайный сбой под `--parallel` (Redis `supplier:session` race), проходит последовательно. Если supplier-dir-тест упал под `--parallel` — перезапустить эту папку последовательно (`php artisan test tests/Feature/Supplier/`) для классификации quirk-vs-регрессия.
-
-**Регрессионный baseline (после закрытия Plan B):** Pest `--parallel` **766 / 763 passed / 3 skipped / 0 failed**; Vitest **94 файла / 787 passed / 3 skipped**; vue-tsc 0, ESLint 0, Pint clean, Larastan 0.
-
----
-
-## Design decisions (зафиксированы на recon)
-
-1. **E1 topup — MVP-stub.** `POST /api/billing/topup` кредитует `tenants.balance_rub` немедленно и пишет append-only строку `balance_transactions(type='topup')`. Платёжный шлюз (ЮKassa) НЕ интегрируется — реальная оплата зависит от Б-1 (реквизиты ООО). Это явно прописано в audit-spec («stub без реальной оплаты на MVP») и в строке блокеров Б-1.
-2. **Отдельный `BillingTopupService`**, не метод `LedgerService`. `LedgerService` документирован как «командный сервис на горячем пути доставки лида» (debit-only, вызывается под `lockForUpdate` внутри job-транзакции). Пополнение — другой путь (HTTP, user-initiated). SRP: отдельный маленький сервис без лишних зависимостей (`PricingTierResolver`/`PricingTierRepository` пополнению не нужны).
-3. **`runway_days`** («хватит на N дней») — оценочный UX-показатель: `balance_rub / (рублёвые списания за 30 дней / 30)`. `null`, если списаний не было. Считается float'ом — это грубая оценка для шапки, НЕ мутация баланса; погрешность ±1 день несущественна.
-4. **Транзакции real-API не имеют статуса.** `balance_transactions` — append-only ledger; строка появляется только по факту состоявшейся операции. Колонок `status`/`code` в схеме нет. → В real-API модели транзакции нет поля `status`; `code` вычисляется на клиенте как `TX-{id}`. Mock-статусы `pending`/`rejected` относятся к эпику E4 (pending-баннер) — вне scope Plan C.
-5. **Invoices — real-but-empty.** `GET /api/billing/invoices` читает `saas_invoices` (RLS-изоляция). На MVP таблица пуста (`legal_entity_id NOT NULL` → требует зарегистрированного юр-лица, блокируется Б-1). Эндпоинт настоящий: при появлении строк отдаёт их; `InvoicesTable` показывает empty-state. УПД (`saas_upd_documents`) — вне scope (отдельная таблица, на MVP тоже пуста; эндпоинта нет).
-6. **Pending-баннер остаётся mock.** Эпик E4 («BillingView pending alert — real data») — P2, Sprint 5, вне Plan C. `BillingView` продолжает импортировать `MOCK_PENDING`; `mockBilling.ts` ужимается до `PendingPayment` + `MOCK_PENDING`. Это соответствие утверждённому порядку приоритетов P0→P1→P2.
-7. **`TariffPlan` модель создаётся** (доменная сущность каталога тарифов; `Tenant::tariff()` relation). `SaasInvoice` модель НЕ создаётся — invoices читаются `DB::table('saas_invoices')` (read-only выборка, паттерн `AdminBillingController`); на MVP всегда пусто, полноценная модель+фабрика были бы YAGNI.
-8. **Sub-компоненты сами тянут данные.** `TransactionsTable` и `InvoicesTable` переписываются на self-fetching (паттерн `ChargesTab.vue`), `BillingView` тянет только `wallet`. Новые компоненты используют `apiClient` через `api/billing.ts` (НЕ raw axios — у `ChargesTab` raw axios это legacy).
-
-## Структура файлов
-
-**Backend (создаются):**
-
-- `app/app/Services/Billing/BillingTopupService.php` — append-only ledger-credit.
-- `app/app/Http/Controllers/Api/BillingController.php` — 4 эндпоинта.
-- `app/app/Models/TariffPlan.php` — каталог тарифов.
-- `app/database/factories/BalanceTransactionFactory.php` — для тестов transactions-эндпоинта.
-- `app/tests/Feature/Billing/BillingTopupServiceTest.php`, `TopupControllerTest.php`, `BillingOverviewControllerTest.php`.
-
-**Backend (модифицируются):**
-
-- `app/routes/web.php` — группа `/api/billing` (topup/wallet/transactions/invoices).
-- `app/app/Models/Tenant.php` — `tariff()` relation.
-- `app/app/Models/BalanceTransaction.php` — `HasFactory` trait.
-- `app/phpstan-baseline.neon` — Pest false-positives новых тест-файлов.
-
-**Frontend (создаются):**
-
-- `app/resources/js/api/billing.ts` — api-модуль биллинга.
-- `app/resources/js/components/billing/TopupDialog.vue` — диалог пополнения.
-- `app/tests/Frontend/TransactionsTable.spec.ts`, `InvoicesTable.spec.ts`, `TopupDialog.spec.ts`.
-
-**Frontend (модифицируются):**
-
-- `app/resources/js/views/BillingView.vue` — wallet-fetch + topup-wiring.
-- `app/resources/js/components/billing/BalanceCard.vue` — real props + nullable tariff + topup-emit.
-- `app/resources/js/components/billing/TransactionsTable.vue` — self-fetching.
-- `app/resources/js/components/billing/InvoicesTable.vue` — self-fetching.
-- `app/resources/js/composables/billingFormatters.ts` — `featureLabel` + retype `txAmountClass`, drop status/format-функций.
-- `app/resources/js/composables/mockBilling.ts` — ужать до pending-баннера.
-- `app/tests/Frontend/BillingView.spec.ts` — переписать на mock api.
-
-**Маппинг tasks → audit ID → коммиты (5 атомарных коммитов):**
-
-| Task | Audit | Коммит |
-|---|---|---|
-| 1 | E1 backend | `feat(billing): topup ledger service + POST /api/billing/topup stub (E1)` |
-| 2 | E3 backend | `feat(billing): wallet/transactions/invoices read API (E3)` |
-| 3 | E3 frontend pt1 | `feat(billing): BillingView wallet + BalanceCard real API (E3)` |
-| 4 | E3 frontend pt2 | `feat(billing): TransactionsTable + InvoicesTable real API (E3)` |
-| 5 | E1 frontend | `feat(billing): TopupDialog + Пополнить wiring (E1)` |
-
----
-
-## Task 1: E1 backend — BillingTopupService + POST /api/billing/topup
-
-**Files:**
-
-- Create: `app/app/Services/Billing/BillingTopupService.php`
-- Create: `app/app/Http/Controllers/Api/BillingController.php`
-- Modify: `app/routes/web.php` (после группы `/api/billing/charges`, ~строка 126)
-- Create: `app/tests/Feature/Billing/BillingTopupServiceTest.php`
-- Create: `app/tests/Feature/Billing/TopupControllerTest.php`
-- Modify: `app/phpstan-baseline.neon` (при необходимости — Pest false-positives)
-
-- [ ] **Step 1: Написать failing-тест сервиса**
-
-Создать `app/tests/Feature/Billing/BillingTopupServiceTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\BalanceTransaction;
-use App\Models\Tenant;
-use App\Models\User;
-use App\Services\Billing\BillingTopupService;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\DB;
-
-uses(DatabaseTransactions::class);
-
-test('topup кредитует balance_rub и пишет append-only строку topup', function () {
-    $tenant = Tenant::factory()->create(['balance_rub' => '500.00', 'balance_leads' => 7]);
-
-    $tx = app(BillingTopupService::class)->topup($tenant->id, '250.00', null);
-
-    expect($tx->type)->toBe('topup')
-        ->and($tx->amount_rub)->toBe('250.00')
-        ->and($tx->amount_leads)->toBe(0)
-        ->and($tx->balance_rub_after)->toBe('750.00')
-        ->and($tx->balance_leads_after)->toBe(7);
-
-    expect((string) $tenant->fresh()->balance_rub)->toBe('750.00');
-});
-
-test('topup использует bcmath — нет float-дрейфа на 0.1 + 0.2', function () {
-    $tenant = Tenant::factory()->create(['balance_rub' => '0.10']);
-
-    app(BillingTopupService::class)->topup($tenant->id, '0.20', null);
-
-    expect((string) $tenant->fresh()->balance_rub)->toBe('0.30');
-});
-
-test('topup фиксирует user_id инициатора', function () {
-    $tenant = Tenant::factory()->create(['balance_rub' => '0.00']);
-    $user = User::factory()->create(['tenant_id' => $tenant->id]);
-
-    $tx = app(BillingTopupService::class)->topup($tenant->id, '100.00', $user->id);
-
-    expect($tx->user_id)->toBe($user->id);
-});
-
-test('topup-строка получает log_hash через append-only hash-chain триггер', function () {
-    $tenant = Tenant::factory()->create(['balance_rub' => '0.00']);
-
-    $tx = app(BillingTopupService::class)->topup($tenant->id, '100.00', null);
-
-    $hasHash = DB::table('balance_transactions')
-        ->where('id', $tx->id)
-        ->whereNotNull('log_hash')
-        ->exists();
-    expect($hasHash)->toBeTrue();
-});
-```
-
-- [ ] **Step 2: Запустить тест — убедиться, что падает**
-
-Из `app/`: `php artisan test tests/Feature/Billing/BillingTopupServiceTest.php`
-Expected: FAIL — `Class "App\Services\Billing\BillingTopupService" not found`.
-
-- [ ] **Step 3: Реализовать `BillingTopupService`**
-
-Создать `app/app/Services/Billing/BillingTopupService.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Billing;
-
-use App\Models\BalanceTransaction;
-use App\Models\Tenant;
-
-/**
- * Сервис пополнения рублёвого баланса тенанта (audit E1).
- *
- * MVP-stub: кредитует tenants.balance_rub немедленно и пишет строку
- * balance_transactions(type='topup'). Реальная оплата через платёжный
- * шлюз — post-Б-1 (требует реквизитов ООО), здесь НЕ интегрирована.
- *
- * Контракт: вызывается ВНУТРИ транзакции (middleware `tenant` оборачивает
- * HTTP-запрос в DB-транзакцию). lockForUpdate на строке tenant защищает от
- * lost-update при конкурентных topup/charge.
- *
- * balance_transactions защищена hash-chain триггером (BEFORE INSERT
- * audit_chain_hash) — log_hash заполняется автоматически. UPDATE/DELETE
- * на таблице запрещены триггером audit_block_mutation, поэтому каждое
- * пополнение — отдельная append-only строка; существующие не меняются.
- */
-final class BillingTopupService
-{
-    /**
-     * Пополнить рублёвый баланс тенанта.
-     *
-     * @param  int  $tenantId  ID тенанта.
-     * @param  string  $amountRub  Сумма пополнения, DECIMAL-строка («100.00»).
-     * @param  int|null  $userId  Кто инициировал (NULL — системное).
-     * @return BalanceTransaction Созданная append-only строка ledger'а.
-     */
-    public function topup(int $tenantId, string $amountRub, ?int $userId): BalanceTransaction
-    {
-        /** @var Tenant $tenant */
-        $tenant = Tenant::query()->lockForUpdate()->findOrFail($tenantId);
-
-        // bcadd — DECIMAL-точность, НЕ PHP float (паттерн LedgerService).
-        $newBalanceRub = bcadd((string) $tenant->balance_rub, $amountRub, 2);
-
-        $tenant->balance_rub = $newBalanceRub;
-        $tenant->save();
-
-        return BalanceTransaction::create([
-            'tenant_id' => $tenant->id,
-            'type' => BalanceTransaction::TYPE_TOPUP,
-            'amount_rub' => $amountRub,
-            'amount_leads' => 0,
-            'balance_rub_after' => $newBalanceRub,
-            'balance_leads_after' => (int) $tenant->balance_leads,
-            'description' => 'Пополнение баланса',
-            'user_id' => $userId,
-            'created_at' => now(),
-        ]);
-    }
-}
-```
-
-- [ ] **Step 4: Запустить тест — убедиться, что прошёл**
-
-Из `app/`: `php artisan test tests/Feature/Billing/BillingTopupServiceTest.php`
-Expected: PASS — 4 passed.
-
-- [ ] **Step 5: Написать failing-тест контроллера**
-
-Создать `app/tests/Feature/Billing/TopupControllerTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Tenant;
-use App\Models\User;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-
-uses(DatabaseTransactions::class);
-
-beforeEach(function () {
-    $this->tenant = Tenant::factory()->create(['balance_rub' => '500.00', 'balance_leads' => 12]);
-    $this->user = User::factory()->create(['tenant_id' => $this->tenant->id]);
-    $this->actingAs($this->user);
-});
-
-test('POST /api/billing/topup кредитует баланс и возвращает 201', function () {
-    $response = $this->postJson('/api/billing/topup', ['amount_rub' => 250]);
-
-    $response->assertStatus(201)
-        ->assertJsonPath('balance_rub', '750.00')
-        ->assertJsonPath('transaction.type', 'topup')
-        ->assertJsonPath('transaction.amount_rub', '250.00');
-
-    expect((string) $this->tenant->fresh()->balance_rub)->toBe('750.00');
-});
-
-test('POST /api/billing/topup пишет строку balance_transactions с user_id', function () {
-    $this->postJson('/api/billing/topup', ['amount_rub' => 100])->assertStatus(201);
-
-    $this->assertDatabaseHas('balance_transactions', [
-        'tenant_id' => $this->tenant->id,
-        'user_id' => $this->user->id,
-        'type' => 'topup',
-        'amount_rub' => '100.00',
-    ]);
-});
-
-test('POST /api/billing/topup использует bcmath-точность', function () {
-    $this->tenant->update(['balance_rub' => '0.10']);
-
-    $this->postJson('/api/billing/topup', ['amount_rub' => 100.20])->assertStatus(201);
-
-    expect((string) $this->tenant->fresh()->balance_rub)->toBe('100.30');
-});
-
-test('POST /api/billing/topup отклоняет сумму ниже минимума 100 ₽', function () {
-    $this->postJson('/api/billing/topup', ['amount_rub' => 50])
-        ->assertStatus(422)
-        ->assertJsonValidationErrors('amount_rub');
-});
-
-test('POST /api/billing/topup отклоняет отсутствующую сумму', function () {
-    $this->postJson('/api/billing/topup', [])
-        ->assertStatus(422)
-        ->assertJsonValidationErrors('amount_rub');
-});
-
-test('POST /api/billing/topup отклоняет более 2 знаков после запятой', function () {
-    $this->postJson('/api/billing/topup', ['amount_rub' => 100.123])
-        ->assertStatus(422)
-        ->assertJsonValidationErrors('amount_rub');
-});
-
-test('POST /api/billing/topup без auth: 401', function () {
-    auth()->logout();
-    $this->postJson('/api/billing/topup', ['amount_rub' => 100])->assertStatus(401);
-});
-```
-
-- [ ] **Step 6: Запустить — убедиться, что падает**
-
-Из `app/`: `php artisan test tests/Feature/Billing/TopupControllerTest.php`
-Expected: FAIL — route `/api/billing/topup` не существует (404, не 201/422).
-
-- [ ] **Step 7: Реализовать `BillingController`**
-
-Создать `app/app/Http/Controllers/Api/BillingController.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Http\Controllers\Api;
-
-use App\Http\Controllers\Controller;
-use App\Models\User;
-use App\Services\Billing\BillingTopupService;
-use Illuminate\Http\JsonResponse;
-use Illuminate\Http\Request;
-
-/**
- * Биллинг тенанта — кошелёк, транзакции, счета, пополнение (audit E1/E3).
- *
- * Все эндпоинты под middleware [auth:sanctum, tenant] (RLS-контекст).
- * Отдельно от TenantChargesController (lead_charges ledger) и
- * AdminBillingController (SaaS-уровневые агрегаты).
- *
- * E1: POST /api/billing/topup — MVP-stub пополнения (без платёжного шлюза).
- * E3: GET wallet/transactions/invoices — данные для BillingView Overview.
- */
-class BillingController extends Controller
-{
-    public function __construct(
-        private readonly BillingTopupService $topupService,
-    ) {}
-
-    /**
-     * POST /api/billing/topup — пополнить рублёвый баланс.
-     *
-     * MVP-stub: кредитует баланс немедленно (без ЮKassa — реальная оплата
-     * post-Б-1). Записывает append-only строку balance_transactions(topup).
-     */
-    public function topup(Request $request): JsonResponse
-    {
-        $validated = $request->validate([
-            'amount_rub' => ['required', 'numeric', 'min:100', 'max:1000000', 'decimal:0,2'],
-        ]);
-
-        /** @var User $user */
-        $user = $request->user();
-
-        // Нормализуем в DECIMAL-строку scale 2 для bcmath (НЕ float).
-        $amountRub = bcadd((string) $validated['amount_rub'], '0', 2);
-
-        $tx = $this->topupService->topup((int) $user->tenant_id, $amountRub, (int) $user->id);
-
-        return response()->json([
-            'transaction' => [
-                'id' => $tx->id,
-                'type' => $tx->type,
-                'amount_rub' => $tx->amount_rub,
-                'balance_rub_after' => $tx->balance_rub_after,
-                'created_at' => $tx->created_at,
-            ],
-            'balance_rub' => $tx->balance_rub_after,
-        ], 201);
-    }
-}
-```
-
-- [ ] **Step 8: Добавить route**
-
-В `app/routes/web.php` — после группы `/api/billing/charges` (заканчивается на строке ~126 `});`), вставить:
-
-```php
-// Биллинг тенанта: пополнение/кошелёк/транзакции/счета (audit E1/E3).
-// RLS на balance_transactions / saas_invoices требует tenant middleware.
-Route::middleware(['auth:sanctum', 'tenant'])->prefix('/api/billing')->group(function () {
-    Route::post('/topup', 'App\Http\Controllers\Api\BillingController@topup');
-});
-```
-
-- [ ] **Step 9: Запустить тесты контроллера + сервиса**
-
-Из `app/`: `php artisan test tests/Feature/Billing/TopupControllerTest.php tests/Feature/Billing/BillingTopupServiceTest.php`
-Expected: PASS — 11 passed (4 + 7).
-
-- [ ] **Step 10: Pint + PHPStan**
-
-Из `app/`:
-
-- `composer pint` — формат чистый.
-- `composer stan` — если ошибки только в новых тест-файлах (Pest `TestCall` false-positives) → `composer stan -- --generate-baseline`, затем `composer stan` снова (Expected: 0 errors). Проверить `git diff app/phpstan-baseline.neon` — добавляются только записи для `BillingTopupServiceTest`/`TopupControllerTest` (возможно удаляются устаревшие unrelated `ignore` — это безопасно, quirk #87).
-
-- [ ] **Step 11: Регрессионный sweep**
-
-Из `app/`: `composer test:parallel` — Expected: 770/767/3sk/0 (+4 относительно baseline 766/763; новые сервис+контроллер тесты, минус нет). Если supplier-dir тест дал случайный сбой под `--parallel` — перезапустить `php artisan test tests/Feature/Supplier/` последовательно для классификации (quirk 72).
-
-- [ ] **Step 12: Commit**
-
-```bash
-git add app/app/Services/Billing/BillingTopupService.php app/app/Http/Controllers/Api/BillingController.php app/routes/web.php app/tests/Feature/Billing/BillingTopupServiceTest.php app/tests/Feature/Billing/TopupControllerTest.php app/phpstan-baseline.neon
-git commit -m "$(cat <<'EOF'
-feat(billing): topup ledger service + POST /api/billing/topup stub (E1)
-
-BillingTopupService кредитует tenants.balance_rub (bcmath) и пишет
-append-only строку balance_transactions(type='topup'). BillingController
-+ route POST /api/billing/topup под [auth:sanctum, tenant]. MVP-stub:
-без платёжного шлюза (ЮKassa — post-Б-1).
-
-Sprint 2 Plan C, audit E1 (backend).
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Task 2: E3 backend — TariffPlan + wallet/transactions/invoices
-
-**Files:**
-
-- Create: `app/app/Models/TariffPlan.php`
-- Modify: `app/app/Models/Tenant.php` (relation `tariff()`)
-- Modify: `app/app/Models/BalanceTransaction.php` (trait `HasFactory`)
-- Create: `app/database/factories/BalanceTransactionFactory.php`
-- Modify: `app/app/Http/Controllers/Api/BillingController.php` (3 метода)
-- Modify: `app/routes/web.php` (3 GET-роута в группу `/api/billing`)
-- Create: `app/tests/Feature/Billing/BillingOverviewControllerTest.php`
-- Modify: `app/phpstan-baseline.neon`
-
-- [ ] **Step 1: Написать failing-тест трёх эндпоинтов**
-
-Создать `app/tests/Feature/Billing/BillingOverviewControllerTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\BalanceTransaction;
-use App\Models\Tenant;
-use App\Models\User;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\DB;
-
-uses(DatabaseTransactions::class);
-
-beforeEach(function () {
-    $this->tenant = Tenant::factory()->create([
-        'balance_rub' => '14250.00',
-        'balance_leads' => 285,
-    ]);
-    $this->user = User::factory()->create(['tenant_id' => $this->tenant->id]);
-    $this->actingAs($this->user);
-});
-
-// ---- wallet ----
-
-test('GET /api/billing/wallet возвращает баланс тенанта', function () {
-    $this->getJson('/api/billing/wallet')
-        ->assertOk()
-        ->assertJsonPath('balance_rub', '14250.00')
-        ->assertJsonPath('balance_leads', 285);
-});
-
-test('GET /api/billing/wallet возвращает тариф, если он назначен', function () {
-    $tariffId = DB::table('tariff_plans')->where('code', 'pro')->value('id');
-    $this->tenant->update(['current_tariff_id' => $tariffId]);
-
-    $response = $this->getJson('/api/billing/wallet');
-
-    $response->assertOk()
-        ->assertJsonPath('tariff.code', 'pro')
-        ->assertJsonPath('tariff.name', 'Про');
-    expect($response->json('tariff.features'))->toBeArray();
-});
-
-test('GET /api/billing/wallet возвращает tariff=null без назначенного тарифа', function () {
-    $this->getJson('/api/billing/wallet')
-        ->assertOk()
-        ->assertJsonPath('tariff', null);
-});
-
-test('GET /api/billing/wallet: runway_days = null без списаний', function () {
-    $this->getJson('/api/billing/wallet')
-        ->assertOk()
-        ->assertJsonPath('runway_days', null);
-});
-
-test('GET /api/billing/wallet: runway_days рассчитан при наличии списаний', function () {
-    BalanceTransaction::factory()->create([
-        'tenant_id' => $this->tenant->id,
-        'type' => 'lead_charge',
-        'amount_rub' => '-3000.00',
-        'created_at' => now()->subDays(10),
-    ]);
-
-    // 3000 ₽ / 30 дн = 100 ₽/день; баланс 14250 → floor(142.5) = 142.
-    expect($this->getJson('/api/billing/wallet')->json('runway_days'))->toBe(142);
-});
-
-test('GET /api/billing/wallet без auth: 401', function () {
-    auth()->logout();
-    $this->getJson('/api/billing/wallet')->assertStatus(401);
-});
-
-// ---- transactions ----
-
-test('GET /api/billing/transactions возвращает транзакции тенанта', function () {
-    BalanceTransaction::factory()->count(3)->create(['tenant_id' => $this->tenant->id]);
-
-    $response = $this->getJson('/api/billing/transactions');
-
-    $response->assertOk();
-    expect($response->json('data'))->toHaveCount(3);
-    expect($response->json('meta.total'))->toBe(3);
-    expect($response->json('data.0'))->toHaveKeys(['id', 'code', 'type', 'amount_rub', 'created_at']);
-});
-
-test('GET /api/billing/transactions изолирован по тенанту', function () {
-    BalanceTransaction::factory()->create(['tenant_id' => $this->tenant->id]);
-    $other = Tenant::factory()->create();
-    BalanceTransaction::factory()->create(['tenant_id' => $other->id]);
-
-    expect($this->getJson('/api/billing/transactions')->json('data'))->toHaveCount(1);
-});
-
-test('GET /api/billing/transactions фильтрует по type', function () {
-    BalanceTransaction::factory()->create(['tenant_id' => $this->tenant->id, 'type' => 'topup']);
-    BalanceTransaction::factory()->create(['tenant_id' => $this->tenant->id, 'type' => 'lead_charge', 'amount_rub' => '-50.00']);
-    BalanceTransaction::factory()->create(['tenant_id' => $this->tenant->id, 'type' => 'refund', 'amount_rub' => '10.00']);
-
-    $this->getJson('/api/billing/transactions?type=topup')->assertJsonCount(1, 'data');
-    $this->getJson('/api/billing/transactions?type=lead_charge')->assertJsonCount(1, 'data');
-    $this->getJson('/api/billing/transactions?type=refund')->assertJsonCount(1, 'data');
-});
-
-test('GET /api/billing/transactions: пагинация 20/страница', function () {
-    BalanceTransaction::factory()->count(25)->create(['tenant_id' => $this->tenant->id]);
-
-    expect($this->getJson('/api/billing/transactions?page=1')->json('data'))->toHaveCount(20);
-    expect($this->getJson('/api/billing/transactions?page=2')->json('data'))->toHaveCount(5);
-});
-
-test('GET /api/billing/transactions без auth: 401', function () {
-    auth()->logout();
-    $this->getJson('/api/billing/transactions')->assertStatus(401);
-});
-
-// ---- invoices ----
-
-test('GET /api/billing/invoices возвращает пустой список без счетов', function () {
-    $this->getJson('/api/billing/invoices')
-        ->assertOk()
-        ->assertJsonCount(0, 'data');
-});
-
-test('GET /api/billing/invoices возвращает счета тенанта и изолирует чужие', function () {
-    $leId = DB::table('legal_entities')->insertGetId([
-        'code' => 'ooo_test_'.uniqid(),
-        'name' => 'ООО Тест',
-        'legal_form' => 'OOO',
-        'inn' => '7700000000',
-        'created_at' => now(),
-    ]);
-    DB::table('saas_invoices')->insert([
-        'tenant_id' => $this->tenant->id,
-        'legal_entity_id' => $leId,
-        'invoice_number' => 'СЧ-2026-00001',
-        'payer_type' => 'legal',
-        'amount_net' => '990.00',
-        'amount_total' => '990.00',
-        'status' => 'issued',
-        'issued_at' => now(),
-        'expires_at' => now()->addDays(5),
-    ]);
-    $other = Tenant::factory()->create();
-    DB::table('saas_invoices')->insert([
-        'tenant_id' => $other->id,
-        'legal_entity_id' => $leId,
-        'invoice_number' => 'СЧ-2026-00002',
-        'payer_type' => 'legal',
-        'amount_net' => '500.00',
-        'amount_total' => '500.00',
-        'status' => 'issued',
-        'issued_at' => now(),
-        'expires_at' => now()->addDays(5),
-    ]);
-
-    $response = $this->getJson('/api/billing/invoices');
-
-    $response->assertOk();
-    expect($response->json('data'))->toHaveCount(1);
-    expect($response->json('data.0.invoice_number'))->toBe('СЧ-2026-00001');
-});
-
-test('GET /api/billing/invoices без auth: 401', function () {
-    auth()->logout();
-    $this->getJson('/api/billing/invoices')->assertStatus(401);
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Из `app/`: `php artisan test tests/Feature/Billing/BillingOverviewControllerTest.php`
-Expected: FAIL — `BalanceTransaction::factory()` не существует / роуты 404.
-
-- [ ] **Step 3: Создать модель `TariffPlan`**
-
-Создать `app/app/Models/TariffPlan.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Models;
-
-use Illuminate\Database\Eloquent\Model;
-
-/**
- * Тарифный план SaaS-портала (каталог tariff_plans).
- *
- * Сидится из db/schema.sql (4 стартовых плана: start/basic/pro/enterprise).
- * Read-mostly: редактируется только админкой SaaS. Tenant ссылается через
- * tenants.current_tariff_id (см. Tenant::tariff()).
- *
- * Источник: db/schema.sql §20.2.1, table `tariff_plans`.
- *
- * @mixin IdeHelperTariffPlan
- */
-class TariffPlan extends Model
-{
-    protected $fillable = [
-        'code',
-        'name',
-        'description',
-        'billing_model',
-        'price_per_lead',
-        'price_monthly',
-        'included_leads',
-        'limits',
-        'features',
-        'trial_bonus_leads',
-        'is_active',
-        'is_public',
-        'sort_order',
-    ];
-
-    protected function casts(): array
-    {
-        return [
-            'price_per_lead' => 'decimal:2',
-            'price_monthly' => 'decimal:2',
-            'included_leads' => 'integer',
-            'limits' => 'array',
-            'features' => 'array',
-            'trial_bonus_leads' => 'integer',
-            'is_active' => 'boolean',
-            'is_public' => 'boolean',
-            'sort_order' => 'integer',
-            'created_at' => 'datetime',
-            'updated_at' => 'datetime',
-        ];
-    }
-}
-```
-
-- [ ] **Step 4: Добавить relation `tariff()` в `Tenant`**
-
-В `app/app/Models/Tenant.php`:
-
-1. После `use Illuminate\Database\Eloquent\Relations\HasMany;` добавить:
-
-```php
-use Illuminate\Database\Eloquent\Relations\BelongsTo;
-```
-
-1. После метода `projects()` (перед закрывающей `}` класса) добавить:
-
-```php
-
-    /** @return BelongsTo<TariffPlan, $this> */
-    public function tariff(): BelongsTo
-    {
-        return $this->belongsTo(TariffPlan::class, 'current_tariff_id');
-    }
-```
-
-- [ ] **Step 5: Добавить `HasFactory` в `BalanceTransaction`**
-
-В `app/app/Models/BalanceTransaction.php`:
-
-1. После `use Illuminate\Database\Eloquent\Model;` добавить:
-
-```php
-use Database\Factories\BalanceTransactionFactory;
-use Illuminate\Database\Eloquent\Factories\HasFactory;
-```
-
-1. Внутри тела класса `BalanceTransaction` — между открывающей `{` и первой строкой `public const TYPE_TRIAL_BONUS = 'trial_bonus';` — вставить trait:
-
-```php
-    /** @use HasFactory<BalanceTransactionFactory> */
-    use HasFactory;
-
-```
-
-Результат — начало класса выглядит так:
-
-```php
-class BalanceTransaction extends Model
-{
-    /** @use HasFactory<BalanceTransactionFactory> */
-    use HasFactory;
-
-    public const TYPE_TRIAL_BONUS = 'trial_bonus';
-```
-
-- [ ] **Step 6: Создать `BalanceTransactionFactory`**
-
-Создать `app/database/factories/BalanceTransactionFactory.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace Database\Factories;
-
-use App\Models\BalanceTransaction;
-use App\Models\Tenant;
-use Illuminate\Database\Eloquent\Factories\Factory;
-
-/**
- * @extends Factory<BalanceTransaction>
- */
-class BalanceTransactionFactory extends Factory
-{
-    protected $model = BalanceTransaction::class;
-
-    /**
-     * @return array<string, mixed>
-     */
-    public function definition(): array
-    {
-        return [
-            'tenant_id' => Tenant::factory(),
-            'type' => BalanceTransaction::TYPE_TOPUP,
-            'amount_rub' => '100.00',
-            'amount_leads' => 0,
-            'balance_rub_after' => '100.00',
-            'balance_leads_after' => 0,
-            'description' => 'Тестовая транзакция',
-            'created_at' => now(),
-        ];
-    }
-}
-```
-
-- [ ] **Step 7: Добавить 3 метода в `BillingController`**
-
-В `app/app/Http/Controllers/Api/BillingController.php`:
-
-1. В блок `use` добавить (по алфавиту):
-
-```php
-use App\Models\BalanceTransaction;
-use App\Models\Tenant;
-use Illuminate\Support\Facades\DB;
-```
-
-1. Перед закрывающей `}` класса (после метода `topup()`) добавить:
-
-```php
-
-    /**
-     * GET /api/billing/wallet — балансы тенанта + текущий тариф + runway.
-     */
-    public function wallet(Request $request): JsonResponse
-    {
-        /** @var User $user */
-        $user = $request->user();
-        /** @var Tenant $tenant */
-        $tenant = Tenant::query()->with('tariff')->findOrFail($user->tenant_id);
-
-        return response()->json([
-            'balance_rub' => $tenant->balance_rub,
-            'balance_leads' => $tenant->balance_leads,
-            'runway_days' => $this->runwayDays($tenant),
-            'tariff' => $tenant->tariff === null ? null : [
-                'code' => $tenant->tariff->code,
-                'name' => $tenant->tariff->name,
-                'price_monthly' => $tenant->tariff->price_monthly,
-                'billing_model' => $tenant->tariff->billing_model,
-                'features' => $tenant->tariff->features ?? [],
-            ],
-        ]);
-    }
-
-    /**
-     * GET /api/billing/transactions?type=topup|lead_charge|refund&page=N
-     * — пагинированная история balance_transactions тенанта (20/страница).
-     */
-    public function transactions(Request $request): JsonResponse
-    {
-        /** @var User $user */
-        $user = $request->user();
-        $tenantId = (int) $user->tenant_id;
-
-        // Явный tenant_id фильтр — defense-in-depth поверх RLS (тесты идут
-        // под superuser BYPASSRLS; паттерн TenantChargesController).
-        $query = BalanceTransaction::query()
-            ->where('tenant_id', $tenantId)
-            ->orderBy('created_at', 'desc')
-            ->orderBy('id', 'desc');
-
-        $type = $request->query('type');
-        if (is_string($type) && in_array($type, ['topup', 'lead_charge', 'refund'], true)) {
-            $query->where('type', $type);
-        }
-
-        $page = $query->paginate(20);
-
-        return response()->json([
-            'data' => array_map(static fn (BalanceTransaction $tx): array => [
-                'id' => $tx->id,
-                'code' => 'TX-'.$tx->id,
-                'type' => $tx->type,
-                'description' => $tx->description,
-                'amount_rub' => $tx->amount_rub,
-                'amount_leads' => $tx->amount_leads,
-                'balance_rub_after' => $tx->balance_rub_after,
-                'created_at' => $tx->created_at,
-            ], $page->items()),
-            'meta' => [
-                'current_page' => $page->currentPage(),
-                'last_page' => $page->lastPage(),
-                'total' => $page->total(),
-                'per_page' => $page->perPage(),
-            ],
-        ]);
-    }
-
-    /**
-     * GET /api/billing/invoices — счета тенанта (saas_invoices).
-     *
-     * Real-but-empty на MVP: saas_invoices.legal_entity_id NOT NULL требует
-     * зарегистрированного юр-лица (блокируется Б-1). Read-only выборка через
-     * DB::table — без Eloquent-модели (паттерн AdminBillingController).
-     */
-    public function invoices(Request $request): JsonResponse
-    {
-        /** @var User $user */
-        $user = $request->user();
-        $tenantId = (int) $user->tenant_id;
-
-        $rows = DB::table('saas_invoices')
-            ->where('tenant_id', $tenantId)
-            ->orderBy('issued_at', 'desc')
-            ->get(['id', 'invoice_number', 'amount_total', 'status', 'issued_at', 'pdf_path']);
-
-        return response()->json([
-            'data' => $rows->map(static fn (\stdClass $r): array => [
-                'id' => $r->id,
-                'invoice_number' => $r->invoice_number,
-                'amount_total' => $r->amount_total,
-                'status' => $r->status,
-                'issued_at' => $r->issued_at,
-                'has_pdf' => $r->pdf_path !== null,
-            ])->all(),
-        ]);
-    }
-
-    /**
-     * Прогноз «на сколько дней хватит баланса» — оценочный UX-показатель.
-     *
-     * = balance_rub / (рублёвые списания за 30 дней / 30). NULL, если списаний
-     * не было. Float здесь допустим: грубая оценка для шапки, НЕ мутация
-     * баланса (мутации баланса — строго bcmath, см. BillingTopupService).
-     */
-    private function runwayDays(Tenant $tenant): ?int
-    {
-        $spent = abs((float) DB::table('balance_transactions')
-            ->where('tenant_id', $tenant->id)
-            ->where('type', BalanceTransaction::TYPE_LEAD_CHARGE)
-            ->where('created_at', '>=', now()->subDays(30))
-            ->sum('amount_rub'));
-
-        if ($spent <= 0.0) {
-            return null;
-        }
-
-        $perDay = $spent / 30.0;
-
-        return (int) floor((float) $tenant->balance_rub / $perDay);
-    }
-```
-
-- [ ] **Step 8: Добавить 3 GET-роута**
-
-В `app/routes/web.php` — в группу `/api/billing` (созданную в Task 1) добавить 3 строки, итог:
-
-```php
-Route::middleware(['auth:sanctum', 'tenant'])->prefix('/api/billing')->group(function () {
-    Route::post('/topup', 'App\Http\Controllers\Api\BillingController@topup');
-    Route::get('/wallet', 'App\Http\Controllers\Api\BillingController@wallet');
-    Route::get('/transactions', 'App\Http\Controllers\Api\BillingController@transactions');
-    Route::get('/invoices', 'App\Http\Controllers\Api\BillingController@invoices');
-});
-```
-
-- [ ] **Step 9: ide-helper для новой модели**
-
-Из `app/`: `php artisan ide-helper:models -W -M -N` — регенерирует `_ide_helper_models.php` (добавляет `IdeHelperTariffPlan`). Если команда модифицирует другие файлы — не страшно, это служебный stub-файл.
-
-- [ ] **Step 10: Запустить тесты — убедиться, что прошли**
-
-Из `app/`: `php artisan test tests/Feature/Billing/BillingOverviewControllerTest.php`
-Expected: PASS — 14 passed.
-
-- [ ] **Step 11: Pint + PHPStan**
-
-Из `app/`:
-
-- `composer pint`
-- `composer stan` — при false-positives на `BillingOverviewControllerTest` → `composer stan -- --generate-baseline` → `composer stan` (0 errors). Проверить `git diff app/phpstan-baseline.neon` (additive + возможный drop устаревших — quirk #87, безопасно).
-
-- [ ] **Step 12: Регрессионный sweep**
-
-Из `app/`: `composer test:parallel` — Expected: 784/781/3sk/0 (+14). При случайном сбое supplier-теста под `--parallel` — перезапустить папку последовательно.
-
-- [ ] **Step 13: Commit**
-
-```bash
-git add app/app/Models/TariffPlan.php app/app/Models/Tenant.php app/app/Models/BalanceTransaction.php app/database/factories/BalanceTransactionFactory.php app/app/Http/Controllers/Api/BillingController.php app/routes/web.php app/tests/Feature/Billing/BillingOverviewControllerTest.php app/phpstan-baseline.neon app/_ide_helper_models.php
-git commit -m "$(cat <<'EOF'
-feat(billing): wallet/transactions/invoices read API (E3)
-
-GET /api/billing/wallet (баланс + тариф + runway), /transactions
-(пагинированный balance_transactions с фильтром type), /invoices
-(saas_invoices, real-but-empty до Б-1). TariffPlan модель +
-Tenant::tariff() relation + BalanceTransactionFactory.
-
-Sprint 2 Plan C, audit E3 (backend).
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
-Примечание: если `php artisan ide-helper:models` не изменил `_ide_helper_models.php` (или изменил несущественно) — включить/исключить файл из `git add` по факту `git status`.
-
----
-
-## Task 3: E3 frontend pt1 — api/billing.ts + BillingView wallet + BalanceCard
-
-**Files:**
-
-- Create: `app/resources/js/api/billing.ts`
-- Modify: `app/resources/js/composables/billingFormatters.ts` (добавить `featureLabel`)
-- Modify: `app/resources/js/views/BillingView.vue` (wallet-fetch)
-- Modify: `app/resources/js/components/billing/BalanceCard.vue` (real props + nullable tariff)
-- Modify: `app/tests/Frontend/BillingView.spec.ts` (переписать на mock api)
-
-- [ ] **Step 1: Создать `api/billing.ts`**
-
-Создать `app/resources/js/api/billing.ts`:
-
-```ts
-import { apiClient } from './client';
-
-/**
- * API-модуль биллинга (Sprint 2 Plan C).
- *
- * Эндпоинты под [auth:sanctum, tenant]: GET wallet/transactions/invoices
- * (E3), POST topup (E1 — добавляется в Task 5). GET'ы не требуют CSRF-cookie.
- */
-
-/** Тариф в составе ответа GET /api/billing/wallet. */
-export interface WalletTariff {
-    code: string;
-    name: string;
-    price_monthly: string | null;
-    billing_model: string;
-    features: string[];
-}
-
-/** Ответ GET /api/billing/wallet — кошелёк тенанта. */
-export interface Wallet {
-    balance_rub: string;
-    balance_leads: number;
-    runway_days: number | null;
-    tariff: WalletTariff | null;
-}
-
-/** GET /api/billing/wallet — балансы + текущий тариф + runway. */
-export async function getWallet(): Promise<Wallet> {
-    const { data } = await apiClient.get<Wallet>('/api/billing/wallet');
-    return data;
-}
-```
-
-- [ ] **Step 2: Добавить `featureLabel` в `billingFormatters.ts`**
-
-В `app/resources/js/composables/billingFormatters.ts` — в конец файла добавить:
-
-```ts
-
-/** Человекочитаемые лейблы для feature-слагов tariff_plans.features. */
-export const FEATURE_LABELS: Record<string, string> = {
-    webhook: 'Webhook',
-    kanban: 'Канбан',
-    basic_analytics: 'Базовая аналитика',
-    advanced_analytics: 'Расширенная аналитика',
-    api: 'API',
-    '2fa': 'Двухфакторная аутентификация',
-    custom_domain: 'Свой домен',
-};
-
-/** Лейбл feature-слага; неизвестный слаг возвращается как есть. */
-export function featureLabel(slug: string): string {
-    return FEATURE_LABELS[slug] ?? slug;
-}
-```
-
-(Status/format-функции `txAmountClass`/`statusChipColor`/`statusLabel`/`formatLabel`/`formatIcon` в Task 3 НЕ трогаем — их ещё использует старая `TransactionsTable`/`InvoicesTable`. Чистка — в Task 4.)
-
-- [ ] **Step 3: Написать failing-тест `BillingView.spec.ts`**
-
-Полностью заменить содержимое `app/tests/Frontend/BillingView.spec.ts`:
-
-```ts
-import { describe, it, expect, vi, beforeEach } from 'vitest';
-import { mount, flushPromises } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-import BillingView from '../../resources/js/views/BillingView.vue';
-import * as billingApi from '../../resources/js/api/billing';
-import type { Wallet } from '../../resources/js/api/billing';
-
-vi.mock('../../resources/js/api/billing');
-
-const vuetify = createVuetify();
-
-function makeWallet(): Wallet {
-    return {
-        balance_rub: '14250.00',
-        balance_leads: 285,
-        runway_days: 142,
-        tariff: {
-            code: 'pro',
-            name: 'Про',
-            price_monthly: '990.00',
-            billing_model: 'hybrid',
-            features: ['webhook', 'kanban', 'api'],
-        },
-    };
-}
-
-describe('BillingView.vue', () => {
-    beforeEach(() => {
-        vi.mocked(billingApi.getWallet).mockResolvedValue(makeWallet());
-    });
-
-    const factory = () =>
-        mount(BillingView, {
-            global: {
-                plugins: [vuetify],
-                stubs: { TransactionsTable: true, InvoicesTable: true, ChargesTab: true },
-            },
-        });
-
-    it('монтируется с заголовком «Биллинг и тарифы»', async () => {
-        const wrapper = factory();
-        await flushPromises();
-        expect(wrapper.find('h1').text()).toBe('Биллинг и тарифы');
-    });
-
-    it('загружает кошелёк и показывает баланс в шапке', async () => {
-        const wrapper = factory();
-        await flushPromises();
-        expect(billingApi.getWallet).toHaveBeenCalled();
-        const text = wrapper.text();
-        expect(text).toMatch(/14\s+250\s*₽/);
-        expect(text).toContain('285');
-    });
-
-    it('показывает тариф из API в BalanceCard', async () => {
-        const wrapper = factory();
-        await flushPromises();
-        const text = wrapper.text();
-        expect(text).toContain('Про');
-        expect(text).toContain('Канбан');
-        expect(text).toContain('Webhook');
-    });
-
-    it('показывает «Тариф не выбран» при tariff=null', async () => {
-        vi.mocked(billingApi.getWallet).mockResolvedValue({
-            balance_rub: '0.00',
-            balance_leads: 0,
-            runway_days: null,
-            tariff: null,
-        });
-        const wrapper = factory();
-        await flushPromises();
-        expect(wrapper.text()).toContain('Тариф не выбран');
-    });
-
-    it('показывает error-alert при сбое загрузки кошелька', async () => {
-        vi.mocked(billingApi.getWallet).mockRejectedValue(new Error('network'));
-        const wrapper = factory();
-        await flushPromises();
-        expect(wrapper.text()).toContain('Не удалось загрузить');
-    });
-
-    it('содержит табы Обзор / Списания', async () => {
-        const wrapper = factory();
-        await flushPromises();
-        const text = wrapper.text();
-        expect(text).toContain('Обзор');
-        expect(text).toContain('Списания');
-    });
-});
-```
-
-- [ ] **Step 4: Запустить — убедиться, что падает**
-
-Из корня репозитория: `npm run test:vue -- BillingView`
-Expected: FAIL — `BillingView` ещё импортирует mock, нет `getWallet`-вызова.
-
-- [ ] **Step 5: Переписать `BalanceCard.vue`**
-
-Полностью заменить `app/resources/js/components/billing/BalanceCard.vue`:
-
-```vue
-<script setup lang="ts">
-/**
- * BalanceCard — 3 wallet-cards в одной строке: Кошелёк ₽ (dark) +
- * Баланс лидов + Тариф. Данные — из GET /api/billing/wallet (E3).
- * tariff* допускают null (тенант без назначенного тарифа — trial).
- */
-import { computed } from 'vue';
-
-const props = defineProps<{
-    walletRub: number;
-    leadsBalance: number;
-    tariffName: string | null;
-    tariffPrice: string | null;
-    tariffFeatures: string[];
-}>();
-
-const walletText = computed(() => new Intl.NumberFormat('ru-RU').format(props.walletRub));
-
-const tariffPriceText = computed(() => {
-    if (props.tariffPrice === null) return 'по запросу';
-    return new Intl.NumberFormat('ru-RU').format(Number(props.tariffPrice)) + ' ₽/мес';
-});
-</script>
-
-<template>
-    <v-row dense class="wallet-row mt-4">
-        <v-col cols="12" md="4">
-            <v-card variant="flat" color="secondary" class="wallet-card primary pa-4">
-                <div class="wallet-h">
-                    <span class="wallet-label">Кошелёк ₽</span>
-                    <v-chip size="x-small" color="primary" variant="elevated">LIVE</v-chip>
-                </div>
-                <div class="wallet-amount mt-2">
-                    <span class="num">{{ walletText }}</span>
-                    <span class="ru">&nbsp;₽</span>
-                </div>
-                <div class="wallet-foot mt-3">мин. пополнение <strong>100 ₽</strong> · округление вниз ₽→лиды</div>
-                <div class="wallet-actions mt-3">
-                    <v-btn color="primary" variant="flat" prepend-icon="mdi-plus" size="small">Пополнить</v-btn>
-                    <v-btn variant="outlined" prepend-icon="mdi-autorenew" size="small"> Автопополнение </v-btn>
-                </div>
-            </v-card>
-        </v-col>
-
-        <v-col cols="12" md="4">
-            <v-card variant="outlined" class="wallet-card pa-4">
-                <div class="wallet-h">
-                    <span class="wallet-label">Баланс лидов (ГЦК)</span>
-                </div>
-                <div class="wallet-amount mt-2">
-                    <span class="num">{{ leadsBalance }}</span>
-                    <span class="ru-text">&nbsp;лидов</span>
-                </div>
-            </v-card>
-        </v-col>
-
-        <v-col cols="12" md="4">
-            <v-card variant="outlined" class="wallet-card pa-4 d-flex flex-column">
-                <span class="wallet-label">Тариф</span>
-                <template v-if="tariffName">
-                    <div class="tariff-name mt-1">
-                        {{ tariffName }}
-                        <span class="tariff-price">· {{ tariffPriceText }}</span>
-                    </div>
-                    <ul v-if="tariffFeatures.length" class="tariff-feats mt-3">
-                        <li v-for="f in tariffFeatures" :key="f">
-                            <v-icon size="14" color="success" class="mr-1">mdi-check</v-icon>{{ f }}
-                        </li>
-                    </ul>
-                </template>
-                <div v-else class="tariff-empty mt-2">Тариф не выбран</div>
-                <v-btn variant="outlined" size="small" class="mt-auto">Сменить тариф →</v-btn>
-            </v-card>
-        </v-col>
-    </v-row>
-</template>
-
-<style scoped>
-.num {
-    font-family: 'JetBrains Mono', ui-monospace, monospace;
-    font-feature-settings: 'tnum';
-    font-weight: 500;
-}
-
-.wallet-card {
-    height: 100%;
-    background: #fff;
-}
-.wallet-card.primary {
-    color: #fff;
-    background: #012019 !important;
-}
-.wallet-h {
-    display: flex;
-    align-items: center;
-    justify-content: space-between;
-}
-.wallet-label {
-    font-size: 12px;
-    text-transform: uppercase;
-    letter-spacing: 0.06em;
-    color: #7a8c87;
-    font-family: 'JetBrains Mono', ui-monospace, monospace;
-}
-.wallet-card:not(.primary) .wallet-label {
-    color: #66635c;
-}
-.wallet-amount {
-    font-size: 32px;
-    font-weight: 600;
-    line-height: 1.1;
-}
-.wallet-amount .num {
-    color: inherit;
-    letter-spacing: -0.01em;
-}
-.wallet-amount .ru,
-.wallet-amount .ru-text {
-    color: #66635c;
-    font-weight: 500;
-    font-size: 18px;
-}
-.wallet-card.primary .wallet-amount .ru {
-    color: #7a8c87;
-}
-.wallet-foot {
-    color: inherit;
-    opacity: 0.7;
-    font-size: 12px;
-}
-.wallet-card.primary .wallet-foot {
-    color: #b1c2bd;
-    opacity: 1;
-}
-.wallet-actions {
-    display: flex;
-    gap: 8px;
-}
-
-.tariff-name {
-    font-weight: 600;
-    font-size: 17px;
-    color: #081319;
-}
-.tariff-price {
-    font-family: 'JetBrains Mono', ui-monospace, monospace;
-    color: #0f6e56;
-    font-size: 13px;
-    font-weight: 500;
-    margin-left: 4px;
-}
-.tariff-empty {
-    color: #66635c;
-    font-size: 14px;
-}
-.tariff-feats {
-    list-style: none;
-    padding: 0;
-    margin: 0;
-    display: flex;
-    flex-direction: column;
-    gap: 6px;
-    flex: 1;
-}
-.tariff-feats li {
-    font-size: 13px;
-    color: #343c41;
-    display: flex;
-    align-items: center;
-}
-</style>
-```
-
-- [ ] **Step 6: Переписать `BillingView.vue`**
-
-Полностью заменить `app/resources/js/views/BillingView.vue`:
-
-```vue
-<script setup lang="ts">
-/**
- * Биллинг и тарифы — финансовый экран. Кошелёк ₽, баланс лидов,
- * текущий тариф, история транзакций и счета.
- *
- * Sprint 2 Plan C (E3): Overview-таб подвязан на real API
- * (GET /api/billing/wallet → BalanceCard + шапка; TransactionsTable и
- * InvoicesTable тянут данные сами). Списания — ChargesTab (Plan 4).
- *
- * Pending-баннер остаётся mock (MOCK_PENDING) — это отдельный эпик E4
- * (Sprint 5). TopupDialog «Пополнить баланс» — Task 5 (E1).
- */
-import { ref, computed, onMounted } from 'vue';
-import BalanceCard from '../components/billing/BalanceCard.vue';
-import TransactionsTable from '../components/billing/TransactionsTable.vue';
-import InvoicesTable from '../components/billing/InvoicesTable.vue';
-import ChargesTab from './billing/ChargesTab.vue';
-import { MOCK_PENDING } from '../composables/mockBilling';
-import { formatPlain, featureLabel } from '../composables/billingFormatters';
-import { getWallet, type Wallet } from '../api/billing';
-import { extractErrorMessage } from '../api/client';
-
-const activeView = ref<'overview' | 'charges'>('overview');
-
-const wallet = ref<Wallet | null>(null);
-const loading = ref(true);
-const loadError = ref<string | null>(null);
-
-const walletRub = computed(() => Number(wallet.value?.balance_rub ?? 0));
-const leadsBalance = computed(() => wallet.value?.balance_leads ?? 0);
-const runwayDays = computed(() => wallet.value?.runway_days ?? null);
-const tariffName = computed(() => wallet.value?.tariff?.name ?? null);
-const tariffPrice = computed(() => wallet.value?.tariff?.price_monthly ?? null);
-const tariffFeatures = computed<string[]>(() => (wallet.value?.tariff?.features ?? []).map(featureLabel));
-
-async function loadWallet(): Promise<void> {
-    loading.value = true;
-    loadError.value = null;
-    try {
-        wallet.value = await getWallet();
-    } catch (e) {
-        loadError.value = extractErrorMessage(e, 'Не удалось загрузить данные биллинга.');
-    } finally {
-        loading.value = false;
-    }
-}
-
-onMounted(loadWallet);
-
-defineExpose({ loadWallet, wallet });
-</script>
-
-<template>
-    <v-container fluid class="billing pa-6">
-        <header class="page-head">
-            <div>
-                <h1 class="text-h4 mb-2 page-title">Биллинг и тарифы</h1>
-                <div v-if="wallet" class="page-stats text-body-2 text-medium-emphasis">
-                    <span
-                        ><span class="num text-primary">{{ formatPlain(walletRub) }}</span> кошелёк</span
-                    >
-                    <span class="sep">·</span>
-                    <span
-                        ><span class="num">{{ leadsBalance }}</span> лидов запас</span
-                    >
-                    <template v-if="runwayDays !== null">
-                        <span class="sep">·</span>
-                        <span
-                            >хватит на <span class="num">{{ runwayDays }}</span> дн.</span
-                        >
-                    </template>
-                </div>
-            </div>
-            <v-btn color="primary" variant="flat" prepend-icon="mdi-plus">Пополнить баланс</v-btn>
-        </header>
-
-        <v-tabs v-model="activeView" color="primary" class="mt-4">
-            <v-tab value="overview">Обзор</v-tab>
-            <v-tab value="charges">Списания</v-tab>
-        </v-tabs>
-
-        <v-tabs-window v-model="activeView">
-            <v-tabs-window-item value="overview">
-                <div v-if="loading" class="py-12 d-flex justify-center">
-                    <v-progress-circular indeterminate color="primary" />
-                </div>
-
-                <v-alert v-else-if="loadError" type="error" variant="tonal" class="mt-4" role="alert">
-                    {{ loadError }}
-                    <template #append>
-                        <v-btn size="small" variant="text" @click="loadWallet">Повторить</v-btn>
-                    </template>
-                </v-alert>
-
-                <template v-else-if="wallet">
-                    <v-alert
-                        v-if="MOCK_PENDING"
-                        type="info"
-                        variant="tonal"
-                        density="compact"
-                        class="mt-4"
-                        role="status"
-                    >
-                        <strong>1 платёж в обработке</strong> — {{ formatPlain(MOCK_PENDING.amount) }} от
-                        {{ MOCK_PENDING.method }}, начат {{ MOCK_PENDING.startedAt }}. Авто-восстановление в
-                        {{ MOCK_PENDING.autoCancelAt }} ({{ MOCK_PENDING.timeoutMinutes }} мин).
-                    </v-alert>
-
-                    <BalanceCard
-                        :wallet-rub="walletRub"
-                        :leads-balance="leadsBalance"
-                        :tariff-name="tariffName"
-                        :tariff-price="tariffPrice"
-                        :tariff-features="tariffFeatures"
-                    />
-
-                    <TransactionsTable />
-
-                    <InvoicesTable />
-                </template>
-            </v-tabs-window-item>
-
-            <v-tabs-window-item value="charges">
-                <ChargesTab />
-            </v-tabs-window-item>
-        </v-tabs-window>
-    </v-container>
-</template>
-
-<style scoped>
-.billing {
-    max-width: 1440px;
-}
-
-.page-head {
-    display: flex;
-    align-items: flex-start;
-    justify-content: space-between;
-    flex-wrap: wrap;
-    gap: 16px;
-}
-.page-title {
-    font-variation-settings: 'opsz' 28;
-    letter-spacing: -0.018em;
-}
-.page-stats {
-    display: flex;
-    flex-wrap: wrap;
-    gap: 6px;
-    align-items: center;
-}
-.page-stats .sep {
-    /* WCAG2AA 4.5:1: #6b6356 → 5.33:1 on ivory. */
-    color: #6b6356;
-}
-
-.num {
-    font-family: 'JetBrains Mono', ui-monospace, monospace;
-    font-feature-settings: 'tnum';
-    font-weight: 500;
-}
-</style>
-```
-
-Примечание: в Task 3 `BillingView` всё ещё рендерит СТАРЫЕ `TransactionsTable`/`InvoicesTable` (mock-версии) — они переписываются в Task 4. Тест `BillingView.spec.ts` стабит их (`stubs`), поэтому Task 3 проходит независимо.
-
-- [ ] **Step 7: Запустить тест `BillingView.spec.ts` — убедиться, что прошёл**
-
-Из корня: `npm run test:vue -- BillingView`
-Expected: PASS — 6 passed.
-
-- [ ] **Step 8: type-check + lint + полный Vitest**
-
-Из корня:
-
-- `npm run type-check` — Expected: 0 errors.
-- `npm run lint:vue` — Expected: 0 errors.
-- `npm run test:vue` — Expected: ~93 файла / ~782 passed / 3 skipped (старый `BillingView.spec.ts` имел 11 тестов → стало 6, −5; функционально это переписанный набор). Зафиксировать фактические числа.
-
-- [ ] **Step 9: Commit**
-
-```bash
-git add app/resources/js/api/billing.ts app/resources/js/composables/billingFormatters.ts app/resources/js/views/BillingView.vue app/resources/js/components/billing/BalanceCard.vue app/tests/Frontend/BillingView.spec.ts
-git commit -m "$(cat <<'EOF'
-feat(billing): BillingView wallet + BalanceCard real API (E3)
-
-api/billing.ts (getWallet) + BillingView тянет GET /api/billing/wallet
-на mount (шапка + BalanceCard, loading/error-state). BalanceCard на
-реальные props с nullable-тарифом. featureLabel для feature-слагов.
-
-Sprint 2 Plan C, audit E3 (frontend pt1).
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Task 4: E3 frontend pt2 — TransactionsTable + InvoicesTable real API
-
-**Files:**
-
-- Modify: `app/resources/js/api/billing.ts` (добавить `getTransactions`/`getInvoices`)
-- Modify: `app/resources/js/components/billing/TransactionsTable.vue` (self-fetching)
-- Modify: `app/resources/js/components/billing/InvoicesTable.vue` (self-fetching)
-- Modify: `app/resources/js/composables/billingFormatters.ts` (retype `txAmountClass`, drop status/format-функций)
-- Modify: `app/resources/js/composables/mockBilling.ts` (ужать до pending-баннера)
-- Create: `app/tests/Frontend/TransactionsTable.spec.ts`
-- Create: `app/tests/Frontend/InvoicesTable.spec.ts`
-
-- [ ] **Step 1: Расширить `api/billing.ts`**
-
-В `app/resources/js/api/billing.ts` — в конец файла добавить:
-
-```ts
-
-/** Строка истории транзакций (GET /api/billing/transactions). */
-export interface BillingTransaction {
-    id: number;
-    code: string;
-    type: string;
-    description: string | null;
-    amount_rub: string;
-    amount_leads: number;
-    balance_rub_after: string | null;
-    created_at: string;
-}
-
-/** Пагинированный ответ GET /api/billing/transactions. */
-export interface TransactionsPage {
-    data: BillingTransaction[];
-    meta: { current_page: number; last_page: number; total: number; per_page: number };
-}
-
-/** Счёт тенанта (GET /api/billing/invoices). */
-export interface BillingInvoice {
-    id: number;
-    invoice_number: string;
-    amount_total: string;
-    status: string;
-    issued_at: string;
-    has_pdf: boolean;
-}
-
-/** GET /api/billing/transactions — пагинированная история транзакций. */
-export async function getTransactions(params: { page?: number; type?: string }): Promise<TransactionsPage> {
-    const { data } = await apiClient.get<TransactionsPage>('/api/billing/transactions', { params });
-    return data;
-}
-
-/** GET /api/billing/invoices — счета тенанта (real-but-empty до Б-1). */
-export async function getInvoices(): Promise<{ data: BillingInvoice[] }> {
-    const { data } = await apiClient.get<{ data: BillingInvoice[] }>('/api/billing/invoices');
-    return data;
-}
-```
-
-- [ ] **Step 2: Написать failing-тест `TransactionsTable.spec.ts`**
-
-Создать `app/tests/Frontend/TransactionsTable.spec.ts`:
-
-```ts
-import { describe, it, expect, vi, beforeEach } from 'vitest';
-import { mount, flushPromises } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-import TransactionsTable from '../../resources/js/components/billing/TransactionsTable.vue';
-import * as billingApi from '../../resources/js/api/billing';
-import type { BillingTransaction, TransactionsPage } from '../../resources/js/api/billing';
-
-vi.mock('../../resources/js/api/billing');
-
-const vuetify = createVuetify();
-
-function txn(over: Partial<BillingTransaction> = {}): BillingTransaction {
-    return {
-        id: 1,
-        code: 'TX-1',
-        type: 'topup',
-        description: 'Пополнение баланса',
-        amount_rub: '5000.00',
-        amount_leads: 0,
-        balance_rub_after: '5000.00',
-        created_at: '2026-05-10T14:21:00Z',
-        ...over,
-    };
-}
-
-function makePage(txns: BillingTransaction[]): TransactionsPage {
-    return { data: txns, meta: { current_page: 1, last_page: 1, total: txns.length, per_page: 20 } };
-}
-
-describe('TransactionsTable.vue', () => {
-    beforeEach(() => {
-        vi.mocked(billingApi.getTransactions).mockResolvedValue(makePage([txn()]));
-    });
-
-    it('загружает транзакции при монтировании', async () => {
-        const wrapper = mount(TransactionsTable, { global: { plugins: [vuetify] } });
-        await flushPromises();
-        expect(billingApi.getTransactions).toHaveBeenCalled();
-        expect((wrapper.vm as unknown as { total: number }).total).toBe(1);
-    });
-
-    it('смена таба «Пополнения» шлёт type=topup', async () => {
-        const wrapper = mount(TransactionsTable, { global: { plugins: [vuetify] } });
-        await flushPromises();
-        await (wrapper.vm as unknown as { changeTab: (id: string) => Promise<void> }).changeTab('topup');
-        expect(billingApi.getTransactions).toHaveBeenLastCalledWith(
-            expect.objectContaining({ type: 'topup' }),
-        );
-    });
-
-    it('таб «Все» не шлёт type', async () => {
-        const wrapper = mount(TransactionsTable, { global: { plugins: [vuetify] } });
-        await flushPromises();
-        await (wrapper.vm as unknown as { changeTab: (id: string) => Promise<void> }).changeTab('all');
-        const lastCall = vi.mocked(billingApi.getTransactions).mock.calls.at(-1)?.[0];
-        expect(lastCall).not.toHaveProperty('type');
-    });
-
-    it('показывает error-alert при сбое', async () => {
-        vi.mocked(billingApi.getTransactions).mockRejectedValue(new Error('fail'));
-        const wrapper = mount(TransactionsTable, { global: { plugins: [vuetify] } });
-        await flushPromises();
-        expect(wrapper.text()).toContain('Не удалось загрузить транзакции');
-    });
-});
-```
-
-- [ ] **Step 3: Написать failing-тест `InvoicesTable.spec.ts`**
-
-Создать `app/tests/Frontend/InvoicesTable.spec.ts`:
-
-```ts
-import { describe, it, expect, vi } from 'vitest';
-import { mount, flushPromises } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-import InvoicesTable from '../../resources/js/components/billing/InvoicesTable.vue';
-import * as billingApi from '../../resources/js/api/billing';
-import type { BillingInvoice } from '../../resources/js/api/billing';
-
-vi.mock('../../resources/js/api/billing');
-
-const vuetify = createVuetify();
-
-describe('InvoicesTable.vue', () => {
-    it('показывает empty-state без счетов', async () => {
-        vi.mocked(billingApi.getInvoices).mockResolvedValue({ data: [] });
-        const wrapper = mount(InvoicesTable, { global: { plugins: [vuetify] } });
-        await flushPromises();
-        expect(wrapper.text()).toContain('Счета появятся');
-    });
-
-    it('рендерит строки счетов из API', async () => {
-        const inv: BillingInvoice = {
-            id: 1,
-            invoice_number: 'СЧ-2026-00001',
-            amount_total: '990.00',
-            status: 'issued',
-            issued_at: '2026-05-07T00:00:00Z',
-            has_pdf: true,
-        };
-        vi.mocked(billingApi.getInvoices).mockResolvedValue({ data: [inv] });
-        const wrapper = mount(InvoicesTable, { global: { plugins: [vuetify] } });
-        await flushPromises();
-        const text = wrapper.text();
-        expect(text).toContain('СЧ-2026-00001');
-        expect(text).toContain('Выставлен');
-    });
-
-    it('показывает error-alert при сбое', async () => {
-        vi.mocked(billingApi.getInvoices).mockRejectedValue(new Error('fail'));
-        const wrapper = mount(InvoicesTable, { global: { plugins: [vuetify] } });
-        await flushPromises();
-        expect(wrapper.text()).toContain('Не удалось загрузить счета');
-    });
-});
-```
-
-- [ ] **Step 4: Запустить — убедиться, что падает**
-
-Из корня: `npm run test:vue -- TransactionsTable InvoicesTable`
-Expected: FAIL — компоненты ещё на mock-данных.
-
-- [ ] **Step 5: Переписать `TransactionsTable.vue`**
-
-Полностью заменить `app/resources/js/components/billing/TransactionsTable.vue`:
-
-```vue
-<script setup lang="ts">
-/**
- * TransactionsTable — server-driven история транзакций с табами
- * (Все / Пополнения / Списания / Возвраты). Данные — GET
- * /api/billing/transactions (E3). Паттерн self-fetching из ChargesTab.
- */
-import { ref, onMounted } from 'vue';
-import { getTransactions, type BillingTransaction } from '../../api/billing';
-import { formatCost, txAmountClass } from '../../composables/billingFormatters';
-
-interface Tab {
-    id: string;
-    label: string;
-    type: string | null;
-}
-
-const TABS: Tab[] = [
-    { id: 'all', label: 'Все', type: null },
-    { id: 'topup', label: 'Пополнения', type: 'topup' },
-    { id: 'lead_charge', label: 'Списания', type: 'lead_charge' },
-    { id: 'refund', label: 'Возвраты', type: 'refund' },
-];
-
-const activeTab = ref<string>('all');
-const rows = ref<BillingTransaction[]>([]);
-const total = ref(0);
-const loading = ref(false);
-const loadError = ref<string | null>(null);
-const page = ref(1);
-
-const headers = [
-    { title: 'Дата', key: 'created_at', sortable: false },
-    { title: 'Операция', key: 'description', sortable: false },
-    { title: 'ID', key: 'code', sortable: false, width: 120 },
-    { title: 'Сумма', key: 'amount_rub', align: 'end' as const, sortable: false, width: 140 },
-];
-
-function formatWhen(iso: string): string {
-    return new Date(iso).toLocaleString('ru-RU', {
-        timeZone: 'Europe/Moscow',
-        day: '2-digit',
-        month: '2-digit',
-        hour: '2-digit',
-        minute: '2-digit',
-    });
-}
-
-/** Числовое значение движения: рубли приоритетно, иначе лиды. */
-function txAmountValue(tx: BillingTransaction): number {
-    const rub = Number(tx.amount_rub);
-    return rub !== 0 ? rub : tx.amount_leads;
-}
-
-/** Текст суммы: «+ 5 000 ₽» / «− 1 лид.» / «0 ₽». */
-function txAmountText(tx: BillingTransaction): string {
-    const rub = Number(tx.amount_rub);
-    if (rub !== 0) return formatCost(rub);
-    if (tx.amount_leads !== 0) {
-        const sign = tx.amount_leads > 0 ? '+ ' : '− ';
-        return sign + Math.abs(tx.amount_leads) + ' лид.';
-    }
-    return '0 ₽';
-}
-
-async function load(): Promise<void> {
-    loading.value = true;
-    loadError.value = null;
-    try {
-        const tab = TABS.find((t) => t.id === activeTab.value);
-        const params: { page: number; type?: string } = { page: page.value };
-        if (tab?.type) params.type = tab.type;
-        const res = await getTransactions(params);
-        rows.value = res.data;
-        total.value = res.meta.total;
-    } catch {
-        loadError.value = 'Не удалось загрузить транзакции.';
-        rows.value = [];
-        total.value = 0;
-    } finally {
-        loading.value = false;
-    }
-}
-
-async function changeTab(id: string): Promise<void> {
-    activeTab.value = id;
-    page.value = 1;
-    await load();
-}
-
-async function loadOptions(opts: { page: number }): Promise<void> {
-    page.value = opts.page;
-    await load();
-}
-
-async function refresh(): Promise<void> {
-    page.value = 1;
-    await load();
-}
-
-onMounted(load);
-
-defineExpose({ load, refresh, changeTab, activeTab, total, rows });
-</script>
-
-<template>
-    <v-card variant="outlined" class="mt-4 panel">
-        <div class="panel-h pa-4">
-            <h2 class="text-h6 panel-title ma-0">История транзакций</h2>
-            <v-btn-toggle
-                :model-value="activeTab"
-                mandatory
-                color="primary"
-                density="comfortable"
-                variant="text"
-            >
-                <v-btn
-                    v-for="tab in TABS"
-                    :key="tab.id"
-                    :value="tab.id"
-                    size="small"
-                    @click="changeTab(tab.id)"
-                >
-                    {{ tab.label }}
-                </v-btn>
-            </v-btn-toggle>
-        </div>
-
-        <v-alert v-if="loadError" type="error" variant="tonal" density="compact" class="mx-4 mb-4" role="alert">
-            {{ loadError }}
-        </v-alert>
-
-        <v-data-table-server
-            :headers="headers"
-            :items="rows"
-            :items-length="total"
-            :loading="loading"
-            :items-per-page="20"
-            density="comfortable"
-            @update:options="loadOptions"
-        >
-            <template #[`item.created_at`]="{ item }">
-                <span class="tx-when num">{{ formatWhen(item.created_at) }}</span>
-            </template>
-            <template #[`item.code`]="{ item }">
-                <span class="tx-id">#{{ item.code }}</span>
-            </template>
-            <template #[`item.amount_rub`]="{ item }">
-                <span class="num" :class="txAmountClass(txAmountValue(item))">
-                    {{ txAmountText(item) }}
-                </span>
-            </template>
-        </v-data-table-server>
-    </v-card>
-</template>
-
-<style scoped>
-.num {
-    font-family: 'JetBrains Mono', ui-monospace, monospace;
-    font-feature-settings: 'tnum';
-    font-weight: 500;
-}
-
-.panel {
-    background: #fff;
-}
-.panel-h {
-    display: flex;
-    justify-content: space-between;
-    align-items: center;
-    flex-wrap: wrap;
-    gap: 12px;
-}
-.panel-title {
-    font-variation-settings: 'opsz' 18;
-    letter-spacing: -0.01em;
-}
-
-.tx-when {
-    font-size: 12px;
-    color: #66635c;
-}
-.tx-id {
-    font-family: 'JetBrains Mono', ui-monospace, monospace;
-    font-size: 12px;
-    color: #66635c;
-}
-.tx-amount-up {
-    color: #1b6e3b;
-}
-.tx-amount-down {
-    color: #b83a3a;
-}
-.tx-amount-neutral {
-    color: #66635c;
-}
-</style>
-```
-
-- [ ] **Step 6: Переписать `InvoicesTable.vue`**
-
-Полностью заменить `app/resources/js/components/billing/InvoicesTable.vue`:
-
-```vue
-<script setup lang="ts">
-/**
- * InvoicesTable — список счетов тенанта. Данные — GET /api/billing/invoices
- * (E3). Real-but-empty до Б-1: на MVP saas_invoices пуста (нужно
- * зарегистрированное юр-лицо), компонент показывает empty-state.
- */
-import { ref, onMounted } from 'vue';
-import { getInvoices, type BillingInvoice } from '../../api/billing';
-import { formatPlain } from '../../composables/billingFormatters';
-
-const invoices = ref<BillingInvoice[]>([]);
-const loading = ref(true);
-const loadError = ref<string | null>(null);
-
-const STATUS_LABELS: Record<string, string> = {
-    draft: 'Черновик',
-    issued: 'Выставлен',
-    paid: 'Оплачен',
-    overdue: 'Просрочен',
-    cancelled: 'Отменён',
-};
-
-function statusLabel(status: string): string {
-    return STATUS_LABELS[status] ?? status;
-}
-
-function formatDate(iso: string): string {
-    return new Date(iso).toLocaleDateString('ru-RU', { timeZone: 'Europe/Moscow' });
-}
-
-async function load(): Promise<void> {
-    loading.value = true;
-    loadError.value = null;
-    try {
-        invoices.value = (await getInvoices()).data;
-    } catch {
-        loadError.value = 'Не удалось загрузить счета.';
-    } finally {
-        loading.value = false;
-    }
-}
-
-onMounted(load);
-
-defineExpose({ load, invoices });
-</script>
-
-<template>
-    <v-card variant="outlined" class="mt-4 panel">
-        <div class="panel-h pa-4">
-            <h2 class="text-h6 panel-title ma-0">Счета</h2>
-        </div>
-        <v-divider />
-
-        <div v-if="loading" class="py-8 d-flex justify-center">
-            <v-progress-circular indeterminate color="primary" size="28" />
-        </div>
-
-        <v-alert v-else-if="loadError" type="error" variant="tonal" density="compact" class="ma-4" role="alert">
-            {{ loadError }}
-        </v-alert>
-
-        <div v-else-if="invoices.length === 0" class="empty pa-8 text-center text-medium-emphasis">
-            Счета появятся после первой оплаты.
-        </div>
-
-        <ul v-else class="invoices-list pa-2 ma-0">
-            <li v-for="inv in invoices" :key="inv.id" class="inv-row">
-                <span class="inv-when num">{{ formatDate(inv.issued_at) }}</span>
-                <span class="inv-name">
-                    {{ inv.invoice_number }}
-                    <span class="sub">{{ statusLabel(inv.status) }}</span>
-                </span>
-                <span class="inv-amount num">{{ formatPlain(Number(inv.amount_total)) }}</span>
-                <v-btn
-                    variant="text"
-                    size="small"
-                    prepend-icon="mdi-file-pdf-box"
-                    :disabled="!inv.has_pdf"
-                >
-                    PDF
-                </v-btn>
-            </li>
-        </ul>
-    </v-card>
-</template>
-
-<style scoped>
-.num {
-    font-family: 'JetBrains Mono', ui-monospace, monospace;
-    font-feature-settings: 'tnum';
-    font-weight: 500;
-}
-
-.panel {
-    background: #fff;
-}
-.panel-h {
-    display: flex;
-    justify-content: space-between;
-    align-items: center;
-    flex-wrap: wrap;
-    gap: 12px;
-}
-.panel-title {
-    font-variation-settings: 'opsz' 18;
-    letter-spacing: -0.01em;
-}
-
-.empty {
-    font-size: 14px;
-}
-
-.invoices-list {
-    list-style: none;
-    padding: 0;
-    margin: 0;
-}
-.inv-row {
-    display: grid;
-    grid-template-columns: 110px 1fr auto auto;
-    align-items: center;
-    gap: 12px;
-    padding: 12px 16px;
-    border-bottom: 1px solid #f0ede4;
-}
-.inv-row:last-child {
-    border-bottom: none;
-}
-.inv-when {
-    font-size: 12px;
-    color: #66635c;
-}
-.inv-name {
-    display: flex;
-    flex-direction: column;
-    font-weight: 500;
-    color: #081319;
-}
-.inv-name .sub {
-    font-weight: 400;
-    color: #66635c;
-    font-size: 12px;
-}
-.inv-amount {
-    font-weight: 500;
-    color: #081319;
-}
-</style>
-```
-
-- [ ] **Step 7: Почистить `billingFormatters.ts`**
-
-Полностью заменить `app/resources/js/composables/billingFormatters.ts`:
-
-```ts
-/**
- * Форматтеры биллинга — BillingView + TransactionsTable.
- *
- * Sprint 2 Plan C: status/format-функции (statusChipColor/statusLabel/
- * formatLabel/formatIcon) удалены — real-API транзакции не имеют статуса
- * (append-only ledger), счета — отдельный формат. txAmountClass
- * перетипизирован под знак суммы.
- */
-
-/** «5000» → «5 000 ₽» (без знака). */
-export function formatPlain(cost: number): string {
-    return new Intl.NumberFormat('ru-RU').format(cost) + ' ₽';
-}
-
-/** Знаковый формат: «+ 5 000 ₽» / «− 6 600 ₽» / «0 ₽». */
-export function formatCost(cost: number): string {
-    const sign = cost > 0 ? '+ ' : cost < 0 ? '− ' : '';
-    return sign + new Intl.NumberFormat('ru-RU').format(Math.abs(cost)) + ' ₽';
-}
-
-/** CSS-класс суммы транзакции по знаку. */
-export function txAmountClass(amount: number): string {
-    if (amount > 0) return 'tx-amount-up';
-    if (amount < 0) return 'tx-amount-down';
-    return 'tx-amount-neutral';
-}
-
-/** Человекочитаемые лейблы для feature-слагов tariff_plans.features. */
-export const FEATURE_LABELS: Record<string, string> = {
-    webhook: 'Webhook',
-    kanban: 'Канбан',
-    basic_analytics: 'Базовая аналитика',
-    advanced_analytics: 'Расширенная аналитика',
-    api: 'API',
-    '2fa': 'Двухфакторная аутентификация',
-    custom_domain: 'Свой домен',
-};
-
-/** Лейбл feature-слага; неизвестный слаг возвращается как есть. */
-export function featureLabel(slug: string): string {
-    return FEATURE_LABELS[slug] ?? slug;
-}
-```
-
-- [ ] **Step 8: Ужать `mockBilling.ts`**
-
-Полностью заменить `app/resources/js/composables/mockBilling.ts`:
-
-```ts
-/**
- * Мок платежа «в обработке» для pending-баннера BillingView.
- *
- * Кошелёк / транзакции / счета подключены к real API (api/billing.ts) в
- * Sprint 2 Plan C (E3). Pending-баннер — отдельный эпик E4 (Sprint 5);
- * до его реализации остаётся mock.
- */
-export interface PendingPayment {
-    code: string;
-    amount: number;
-    method: string;
-    startedAt: string;
-    autoCancelAt: string;
-    timeoutMinutes: number;
-}
-
-export const MOCK_PENDING: PendingPayment | null = {
-    code: 'TX-89421',
-    amount: 5000,
-    method: 'ЮKassa',
-    startedAt: '14:21',
-    autoCancelAt: '14:51',
-    timeoutMinutes: 30,
-};
-```
-
-- [ ] **Step 9: Запустить тесты компонентов — убедиться, что прошли**
-
-Из корня: `npm run test:vue -- TransactionsTable InvoicesTable BillingView`
-Expected: PASS — TransactionsTable 4, InvoicesTable 3, BillingView 6.
-
-- [ ] **Step 10: type-check + lint + полный Vitest**
-
-Из корня:
-
-- `npm run type-check` — Expected: 0 errors. (Проверить, что нигде не осталось импортов удалённых `BillingTransaction`/`TxType`/`TxStatus`/`Invoice`/`InvoiceFormat`/`BILLING_TABS`/`MOCK_TRANSACTIONS`/`MOCK_INVOICES` из `mockBilling.ts` или удалённых функций из `billingFormatters.ts`.)
-- `npm run lint:vue` — Expected: 0 errors.
-- `npm run test:vue` — зафиксировать фактические числа (≈95 файлов / ≈789 passed / 3 skipped).
-
-- [ ] **Step 11: Histoire smoke**
-
-Из корня: `npm run story` (build-проверка) — `BillingView.story.vue` остаётся; в Histoire `getWallet()` не отвечает (нет API) → BillingView покажет error/loading-state. Это известный косметический эффект Histoire (без API-mock'а), не блокер. Если `npm run story` build падает с ошибкой компиляции — это регрессия, чинить; если просто рендерит error-state — ОК.
-
-- [ ] **Step 12: Commit**
-
-```bash
-git add app/resources/js/api/billing.ts app/resources/js/components/billing/TransactionsTable.vue app/resources/js/components/billing/InvoicesTable.vue app/resources/js/composables/billingFormatters.ts app/resources/js/composables/mockBilling.ts app/tests/Frontend/TransactionsTable.spec.ts app/tests/Frontend/InvoicesTable.spec.ts
-git commit -m "$(cat <<'EOF'
-feat(billing): TransactionsTable + InvoicesTable real API (E3)
-
-TransactionsTable — server-driven история транзакций (GET
-/api/billing/transactions, табы → фильтр type). InvoicesTable —
-GET /api/billing/invoices с empty-state (real-but-empty до Б-1).
-billingFormatters почищен (drop status/format-функций), mockBilling
-ужат до pending-баннера (E4).
-
-Sprint 2 Plan C, audit E3 (frontend pt2).
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Task 5: E1 frontend — TopupDialog + Пополнить wiring
-
-**Files:**
-
-- Create: `app/resources/js/components/billing/TopupDialog.vue`
-- Modify: `app/resources/js/api/billing.ts` (добавить `topup`)
-- Modify: `app/resources/js/views/BillingView.vue` (wiring диалога + snackbar)
-- Modify: `app/resources/js/components/billing/BalanceCard.vue` (emit `topup`)
-- Create: `app/tests/Frontend/TopupDialog.spec.ts`
-- Modify: `app/tests/Frontend/BillingView.spec.ts` (тест кнопки)
-
-- [ ] **Step 1: Добавить `topup` в `api/billing.ts`**
-
-В `app/resources/js/api/billing.ts`:
-
-1. Заменить первую строку
-
-```ts
-import { apiClient } from './client';
-```
-
-на
-
-```ts
-import { apiClient, ensureCsrfCookie } from './client';
-```
-
-1. В конец файла добавить:
-
-```ts
-
-/** Результат POST /api/billing/topup. */
-export interface TopupResult {
-    transaction: {
-        id: number;
-        type: string;
-        amount_rub: string;
-        balance_rub_after: string | null;
-        created_at: string;
-    };
-    balance_rub: string;
-}
-
-/** POST /api/billing/topup — пополнить рублёвый баланс (MVP-stub). */
-export async function topup(amountRub: number): Promise<TopupResult> {
-    await ensureCsrfCookie();
-    const { data } = await apiClient.post<TopupResult>('/api/billing/topup', { amount_rub: amountRub });
-    return data;
-}
-```
-
-- [ ] **Step 2: Написать failing-тест `TopupDialog.spec.ts`**
-
-Создать `app/tests/Frontend/TopupDialog.spec.ts`:
-
-```ts
-import { describe, it, expect, vi, beforeEach } from 'vitest';
-import { mount, flushPromises } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-import TopupDialog from '../../resources/js/components/billing/TopupDialog.vue';
-import * as billingApi from '../../resources/js/api/billing';
-
-vi.mock('../../resources/js/api/billing');
-
-const vuetify = createVuetify();
-
-const factory = () =>
-    mount(TopupDialog, {
-        global: { plugins: [vuetify] },
-        props: { modelValue: true },
-    });
-
-describe('TopupDialog.vue', () => {
-    beforeEach(() => {
-        vi.mocked(billingApi.topup).mockResolvedValue({
-            transaction: {
-                id: 1,
-                type: 'topup',
-                amount_rub: '5000.00',
-                balance_rub_after: '5000.00',
-                created_at: '2026-05-16T00:00:00Z',
-            },
-            balance_rub: '5000.00',
-        });
-    });
-
-    it('блокирует submit при сумме ниже 100 ₽', async () => {
-        const wrapper = factory();
-        (wrapper.vm as unknown as { amount: number | null }).amount = 50;
-        await flushPromises();
-        expect((wrapper.vm as unknown as { canSubmit: boolean }).canSubmit).toBe(false);
-    });
-
-    it('разрешает submit при валидной сумме', async () => {
-        const wrapper = factory();
-        (wrapper.vm as unknown as { amount: number | null }).amount = 5000;
-        await flushPromises();
-        expect((wrapper.vm as unknown as { canSubmit: boolean }).canSubmit).toBe(true);
-    });
-
-    it('submit вызывает topup и эмитит success с новым балансом', async () => {
-        const wrapper = factory();
-        (wrapper.vm as unknown as { amount: number | null }).amount = 5000;
-        await (wrapper.vm as unknown as { submit: () => Promise<void> }).submit();
-        expect(billingApi.topup).toHaveBeenCalledWith(5000);
-        expect(wrapper.emitted('success')?.[0]).toEqual(['5000.00']);
-    });
-
-    it('показывает ошибку при отказе backend', async () => {
-        vi.mocked(billingApi.topup).mockRejectedValue(new Error('fail'));
-        const wrapper = factory();
-        (wrapper.vm as unknown as { amount: number | null }).amount = 5000;
-        await (wrapper.vm as unknown as { submit: () => Promise<void> }).submit();
-        await flushPromises();
-        expect((wrapper.vm as unknown as { errorMsg: string | null }).errorMsg).not.toBeNull();
-    });
-});
-```
-
-- [ ] **Step 3: Запустить — убедиться, что падает**
-
-Из корня: `npm run test:vue -- TopupDialog`
-Expected: FAIL — `TopupDialog.vue` не существует.
-
-- [ ] **Step 4: Создать `TopupDialog.vue`**
-
-Создать `app/resources/js/components/billing/TopupDialog.vue`:
-
-```vue
-<script setup lang="ts">
-/**
- * TopupDialog — диалог пополнения рублёвого баланса (audit E1).
- *
- * MVP-stub: POST /api/billing/topup кредитует баланс немедленно (без
- * платёжного шлюза — реальная оплата post-Б-1). При успехе эмитит
- * `success` с новым балансом и закрывается.
- */
-import { ref, computed } from 'vue';
-import { topup } from '../../api/billing';
-import { extractErrorMessage, extractValidationErrors } from '../../api/client';
-
-const model = defineModel<boolean>({ required: true });
-const emit = defineEmits<{ success: [balanceRub: string] }>();
-
-const PRESETS = [1000, 5000, 10000, 25000];
-
-const amount = ref<number | null>(null);
-const submitting = ref(false);
-const errorMsg = ref<string | null>(null);
-
-const amountError = computed<string | null>(() => {
-    if (amount.value === null) return null;
-    if (amount.value < 100) return 'Минимум 100 ₽';
-    if (amount.value > 1000000) return 'Максимум 1 000 000 ₽';
-    return null;
-});
-
-const canSubmit = computed(
-    () => amount.value !== null && amountError.value === null && !submitting.value,
-);
-
-function setPreset(value: number): void {
-    amount.value = value;
-}
-
-async function submit(): Promise<void> {
-    if (!canSubmit.value || amount.value === null) return;
-    submitting.value = true;
-    errorMsg.value = null;
-    try {
-        const res = await topup(amount.value);
-        emit('success', res.balance_rub);
-        model.value = false;
-        amount.value = null;
-    } catch (e) {
-        const validation = extractValidationErrors(e);
-        errorMsg.value = validation?.amount_rub?.[0] ?? extractErrorMessage(e);
-    } finally {
-        submitting.value = false;
-    }
-}
-
-function close(): void {
-    if (submitting.value) return;
-    model.value = false;
-    errorMsg.value = null;
-}
-
-defineExpose({ amount, submit, canSubmit, errorMsg });
-</script>
-
-<template>
-    <v-dialog v-model="model" max-width="460" @after-leave="errorMsg = null">
-        <v-card>
-            <v-card-title class="text-h6">Пополнить баланс</v-card-title>
-            <v-card-text>
-                <v-text-field
-                    v-model.number="amount"
-                    type="number"
-                    label="Сумма пополнения"
-                    suffix="₽"
-                    density="comfortable"
-                    :error-messages="amountError ?? undefined"
-                    autofocus
-                />
-
-                <div class="presets mb-2">
-                    <v-chip
-                        v-for="p in PRESETS"
-                        :key="p"
-                        size="small"
-                        variant="outlined"
-                        @click="setPreset(p)"
-                    >
-                        {{ new Intl.NumberFormat('ru-RU').format(p) }} ₽
-                    </v-chip>
-                </div>
-
-                <v-alert type="info" variant="tonal" density="compact" class="mt-2">
-                    Платёжный шлюз подключается после регистрации юр. лица — на текущем этапе баланс
-                    пополняется сразу.
-                </v-alert>
-
-                <v-alert v-if="errorMsg" type="error" variant="tonal" density="compact" class="mt-3" role="alert">
-                    {{ errorMsg }}
-                </v-alert>
-            </v-card-text>
-            <v-card-actions>
-                <v-spacer />
-                <v-btn variant="text" :disabled="submitting" @click="close">Отмена</v-btn>
-                <v-btn color="primary" variant="flat" :loading="submitting" :disabled="!canSubmit" @click="submit">
-                    Пополнить
-                </v-btn>
-            </v-card-actions>
-        </v-card>
-    </v-dialog>
-</template>
-
-<style scoped>
-.presets {
-    display: flex;
-    flex-wrap: wrap;
-    gap: 8px;
-}
-</style>
-```
-
-- [ ] **Step 5: Запустить тест `TopupDialog.spec.ts` — убедиться, что прошёл**
-
-Из корня: `npm run test:vue -- TopupDialog`
-Expected: PASS — 4 passed.
-
-- [ ] **Step 6: Подвязать `BalanceCard` «Пополнить» на emit**
-
-В `app/resources/js/components/billing/BalanceCard.vue`:
-
-1. После `const props = defineProps<{...}>();` (перед `const walletText`) добавить:
-
-```ts
-defineEmits<{ topup: [] }>();
-```
-
-1. В кнопке «Пополнить» добавить обработчик клика — заменить
-
-```vue
-                    <v-btn color="primary" variant="flat" prepend-icon="mdi-plus" size="small">Пополнить</v-btn>
-```
-
-на
-
-```vue
-                    <v-btn
-                        color="primary"
-                        variant="flat"
-                        prepend-icon="mdi-plus"
-                        size="small"
-                        @click="$emit('topup')"
-                        >Пополнить</v-btn
-                    >
-```
-
-- [ ] **Step 7: Подвязать `BillingView` — диалог + snackbar + refresh**
-
-В `app/resources/js/views/BillingView.vue`:
-
-1. В блок импортов компонентов добавить (после `import InvoicesTable ...`):
-
-```ts
-import TopupDialog from '../components/billing/TopupDialog.vue';
-```
-
-1. Сразу после строки `const loadError = ref<string | null>(null);` добавить 3 ref'а:
-
-```ts
-const topupOpen = ref(false);
-const topupSnackbar = ref(false);
-const txTableRef = ref<InstanceType<typeof TransactionsTable> | null>(null);
-```
-
-1. После функции `loadWallet` добавить:
-
-```ts
-async function onTopupSuccess(): Promise<void> {
-    topupOpen.value = false;
-    topupSnackbar.value = true;
-    await loadWallet();
-    txTableRef.value?.refresh();
-}
-```
-
-1. Заменить `defineExpose({ loadWallet, wallet });` на:
-
-```ts
-defineExpose({ loadWallet, wallet, topupOpen });
-```
-
-1. В шапке заменить кнопку
-
-```vue
-            <v-btn color="primary" variant="flat" prepend-icon="mdi-plus">Пополнить баланс</v-btn>
-```
-
-на
-
-```vue
-            <v-btn color="primary" variant="flat" prepend-icon="mdi-plus" @click="topupOpen = true"
-                >Пополнить баланс</v-btn
-            >
-```
-
-1. В `BalanceCard` добавить обработчик `@topup` — заменить
-
-```vue
-                    <BalanceCard
-                        :wallet-rub="walletRub"
-                        :leads-balance="leadsBalance"
-                        :tariff-name="tariffName"
-                        :tariff-price="tariffPrice"
-                        :tariff-features="tariffFeatures"
-                    />
-```
-
-на
-
-```vue
-                    <BalanceCard
-                        :wallet-rub="walletRub"
-                        :leads-balance="leadsBalance"
-                        :tariff-name="tariffName"
-                        :tariff-price="tariffPrice"
-                        :tariff-features="tariffFeatures"
-                        @topup="topupOpen = true"
-                    />
-```
-
-1. В `TransactionsTable` добавить ref — заменить
-
-```vue
-                    <TransactionsTable />
-```
-
-на
-
-```vue
-                    <TransactionsTable ref="txTableRef" />
-```
-
-1. Перед закрывающим `</v-container>` (после `</v-tabs-window>`) добавить:
-
-```vue
-
-        <TopupDialog v-model="topupOpen" @success="onTopupSuccess" />
-
-        <v-snackbar v-model="topupSnackbar" color="success" :timeout="4000">
-            Баланс пополнен.
-        </v-snackbar>
-```
-
-- [ ] **Step 8: Добавить тест кнопки в `BillingView.spec.ts`**
-
-В `app/tests/Frontend/BillingView.spec.ts`:
-
-1. В `factory()` дополнить stubs — заменить
-
-```ts
-                stubs: { TransactionsTable: true, InvoicesTable: true, ChargesTab: true },
-```
-
-на
-
-```ts
-                stubs: { TransactionsTable: true, InvoicesTable: true, ChargesTab: true, TopupDialog: true },
-```
-
-1. Перед закрывающей `});` блока `describe` добавить тест:
-
-```ts
-
-    it('кнопка «Пополнить баланс» открывает TopupDialog', async () => {
-        const wrapper = factory();
-        await flushPromises();
-        const btn = wrapper.findAll('button').find((b) => b.text().includes('Пополнить баланс'));
-        expect(btn).toBeDefined();
-        await btn!.trigger('click');
-        expect((wrapper.vm as unknown as { topupOpen: boolean }).topupOpen).toBe(true);
-    });
-```
-
-- [ ] **Step 9: Запустить тесты — убедиться, что прошли**
-
-Из корня: `npm run test:vue -- TopupDialog BillingView`
-Expected: PASS — TopupDialog 4, BillingView 7.
-
-- [ ] **Step 10: type-check + lint + полный Vitest**
-
-Из корня:
-
-- `npm run type-check` — Expected: 0 errors.
-- `npm run lint:vue` — Expected: 0 errors.
-- `npm run test:vue` — зафиксировать фактические числа.
-
-- [ ] **Step 11: Commit**
-
-```bash
-git add app/resources/js/components/billing/TopupDialog.vue app/resources/js/api/billing.ts app/resources/js/views/BillingView.vue app/resources/js/components/billing/BalanceCard.vue app/tests/Frontend/TopupDialog.spec.ts app/tests/Frontend/BillingView.spec.ts
-git commit -m "$(cat <<'EOF'
-feat(billing): TopupDialog + Пополнить wiring (E1)
-
-TopupDialog (сумма + пресеты + min 100 ₽ валидация) → POST
-/api/billing/topup. Кнопки «Пополнить баланс» (шапка) и «Пополнить»
-(BalanceCard) открывают диалог; при успехе — refresh кошелька +
-транзакций + snackbar.
-
-Sprint 2 Plan C, audit E1 (frontend).
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
-EOF
-)"
-```
-
----
-
-## Final Sprint 2 Plan C Acceptance
-
-После всех 5 тасков выполнить (использовать `superpowers:verification-before-completion`):
-
-- [ ] **Step 1: Полный backend-sweep.** Из `app/`: `composer test:parallel` — все billing-тесты зелёные, 0 регрессий относительно baseline 766/763/3sk/0 (ожидаемо +25: Task1 +11, Task2 +14). При случайном сбое supplier-теста под `--parallel` — перезапустить `php artisan test tests/Feature/Supplier/` последовательно для классификации (quirk 72), не считать регрессией если последовательно зелено.
-- [ ] **Step 2: PHPStan + Pint.** Из `app/`: `composer stan` (0 errors), `composer pint --test` (clean).
-- [ ] **Step 3: Полный frontend-sweep.** Из корня: `npm run test:vue` (0 failed), `npm run type-check` (0), `npm run lint:vue` (0).
-- [ ] **Step 4: Эпики E1 + E3 — проверка покрытия по audit-spec.**
-  - E1: `POST /api/billing/topup` работает (stub), TopupDialog + 2 кнопки «Пополнить» подвязаны, баланс/транзакции обновляются после пополнения. ✓
-  - E3: `GET /api/billing/wallet|transactions|invoices` работают; BillingView Overview-таб (BalanceCard + TransactionsTable + InvoicesTable) на real API; loading/error/empty-state присутствуют. ✓
-- [ ] **Step 5: git log.** 5 атомарных коммитов на top'е плана; каждое сообщение conventional + ссылка на audit ID; в diff нет `app/dev-indices.json`, нет посторонних файлов.
-- [ ] **Step 6: Честный отчёт.** Зафиксировать фактические числа Pest/Vitest/tsc/ESLint/Pint/Larastan. Любой неверифицированный пункт — явно в раздел ограничений. НЕ push (пользователь пушит сам).
-
-**Out of scope (документированный carry-forward):**
-
-- E2 (BalanceCard «Автопополнение» / «Сменить тариф») — P2, Sprint 5. Кнопки остаются без обработчика.
-- E4 (pending-баннер real data) — P2, Sprint 5. `MOCK_PENDING` остаётся.
-- УПД (`saas_upd_documents`) — отдельная таблица, эндпоинта нет; на MVP пуста.
-- Реальный платёжный шлюз ЮKassa — блокируется Б-1 (реквизиты ООО).
-- `BillingView.story.vue` в Histoire показывает error/loading-state (нет API-mock'а) — косметика Histoire, не блокер.
diff --git a/docs/superpowers/plans/2026-05-16-sprint3a-layout-navigation.md b/docs/superpowers/plans/2026-05-16-sprint3a-layout-navigation.md
deleted file mode 100644
index 0691faf..0000000
--- a/docs/superpowers/plans/2026-05-16-sprint3a-layout-navigation.md
+++ /dev/null
@@ -1,542 +0,0 @@
-# Sprint 3A — Layout & Navigation Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Закрыть аудит-эпики B1, B4, B5 — добавить «Напоминания» в основной сайдбар, 2 недостающих пункта в admin-сайдбар, и глобальный баннер активных impersonation-сессий.
-
-**Architecture:** Чисто frontend-спринт (Vue 3 + Vuetify 3), 0 schema-delta, 0 backend-кода — все нужные API уже есть (`GET /api/admin/impersonation/active`) и все SPA-маршруты уже в роутере и `routes/web.php`. B1/B4 — правка декларативных nav-массивов. B5 — новый self-fetching компонент `ImpersonationBanner.vue` с polling 30 c (паттерн `usePolling`), встроенный в `AdminLayout`.
-
-**Tech Stack:** Vue 3 `<script setup>`, Vuetify 3, vue-router 4, Vitest 4 + @vue/test-utils, TypeScript.
-
-**Source:** [portal-wide audit spec §3 Sprint 3](../specs/2026-05-15-portal-audit-design.md) — эпики B1, B4, B5.
-
-**Branch:** работать на feature-ветке (не `main`). Не пушить без явного запроса заказчика.
-
----
-
-## Контекст и факты recon (важно для исполнителя)
-
-- **B1** — `/reminders` уже зарегистрирован в роутере (`router/index.ts:171`, name `reminders`) и в `routes/web.php:230`. Эпик — только добавить пункт в nav-массив `AppSidebar.vue`.
-- **AppSidebar template НЕ рендерит `icon`** — Quiet Luxury redesign убрал иконки из основного сайдбара. Поле `icon` в `interface NavItem` оставлено для консистентности; значение косметическое, на рендер не влияет.
-- **B4** — `/admin/pricing-tiers` и `/admin/supplier-prices` уже в роутере (`router/index.ts:220,232`) и в `routes/web.php:236-237`. Эпик — только добавить 2 пункта в `navItems` массив `AdminLayout.vue`.
-- **AdminLayout РЕНДЕРИТ иконки** (`:prepend-icon="item.icon"`). Иконки идут через Lucide `IconSet` (`plugins/vuetify.ts`); **unmapped `mdi-*` → fallback `HelpCircle`** (`vuetify.ts:245`). Поэтому для B4 берём только icon'ы, присутствующие в 103-entry mapping: `mdi-tag-arrow-right` (→ Tag) и `mdi-currency-rub` (→ RussianRuble) — оба замаплены (`vuetify.ts:207,170`).
-- **B5 — реальность impersonation MVP:** saas-admin auth НЕ реализован, реального «входа как клиент» (переключения сессии) нет — `verify` лишь ставит `used_at`. «Активная сессия» = токен с `used_at != null AND session_ended_at == null`. `GET /api/admin/impersonation/active` возвращает **все** такие сессии глобально. Поэтому баннер — честный **глобальный индикатор** («активны impersonation-сессии: N»), а не «вы вошли как X». Это соответствует формулировке аудита B5 («глобальный индикатор», «полоса в AdminLayout») и TODO-комментарию в самом `AdminLayout.vue:11-12`.
-- Тесты проекта: `app/tests/Frontend/**/*.spec.ts`, vitest config `app/vitest.config.ts`, setup `app/tests/Frontend/setup.ts`. Все команды ниже — **из директории `app/`**.
-- Паттерн self-fetching компонента с mock'ом admin-API — см. `tests/Frontend/AdminIncidentsViewApi.spec.ts`.
-
----
-
-## File Structure
-
-| Файл | Ответственность | Действие |
-|---|---|---|
-| `app/resources/js/components/layout/AppSidebar.vue` | nav-дерево основного портала | Modify (Task 1) |
-| `app/tests/Frontend/AppSidebarRedesign.spec.ts` | тесты AppSidebar | Modify (Task 1) |
-| `app/resources/js/layouts/AdminLayout.vue` | layout админки + nav | Modify (Task 2 + Task 3) |
-| `app/tests/Frontend/AdminLayout.spec.ts` | тесты AdminLayout | Modify (Task 2 + Task 3) |
-| `app/resources/js/components/admin/ImpersonationBanner.vue` | self-fetching баннер активных сессий | Create (Task 3) |
-| `app/tests/Frontend/ImpersonationBanner.spec.ts` | тесты баннера | Create (Task 3) |
-
----
-
-## Task 1: B1 — пункт «Напоминания» в основном сайдбаре
-
-**Files:**
-
-- Modify: `app/resources/js/components/layout/AppSidebar.vue:37`
-- Test: `app/tests/Frontend/AppSidebarRedesign.spec.ts`
-
-- [ ] **Step 1: Написать падающий тест**
-
-В `app/tests/Frontend/AppSidebarRedesign.spec.ts` добавить новый тест внутри `describe('AppSidebar — redesigned shell', ...)` (после теста `'active nav-item has marker pseudo-element class'`, перед закрывающей `})` блока describe):
-
-```ts
-    it('содержит пункт «Напоминания» со ссылкой /reminders в группе «Работа»', async () => {
-        const { wrapper } = await setup();
-        const items = wrapper.findAll('a.ld-nav-item');
-        const reminders = items.find((a) => a.text().includes('Напоминания'));
-        expect(reminders).toBeDefined();
-        expect(reminders!.attributes('href')).toBe('/reminders');
-    });
-```
-
-- [ ] **Step 2: Запустить тест — убедиться, что падает**
-
-Run (из `app/`): `npx vitest run tests/Frontend/AppSidebarRedesign.spec.ts`
-Expected: FAIL — новый тест падает на `expect(reminders).toBeDefined()` (пункт отсутствует), остальные 4 теста PASS.
-
-- [ ] **Step 3: Добавить пункт в nav-массив**
-
-В `app/resources/js/components/layout/AppSidebar.vue` в группе `eyebrow: 'Работа'` добавить пункт после «Дашборд». Заменить:
-
-```ts
-            { title: 'Дашборд', icon: 'mdi-view-dashboard-outline', to: '/dashboard' },
-        ],
-    },
-```
-
-на:
-
-```ts
-            { title: 'Дашборд', icon: 'mdi-view-dashboard-outline', to: '/dashboard' },
-            { title: 'Напоминания', icon: 'mdi-bell-outline', to: '/reminders' },
-        ],
-    },
-```
-
-(`mdi-bell-outline` → `Bell` замаплен в `vuetify.ts:152`; на рендер в AppSidebar не влияет — поле косметическое.)
-
-- [ ] **Step 4: Запустить тест — убедиться, что проходит**
-
-Run (из `app/`): `npx vitest run tests/Frontend/AppSidebarRedesign.spec.ts`
-Expected: PASS — все 5 тестов зелёные.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/resources/js/components/layout/AppSidebar.vue app/tests/Frontend/AppSidebarRedesign.spec.ts
-git commit -m "feat(nav): AppSidebar — пункт «Напоминания» в группе «Работа» (audit B1)"
-```
-
----
-
-## Task 2: B4 — «Тарифная сетка» + «Цены поставщиков» в admin-сайдбаре
-
-**Files:**
-
-- Modify: `app/resources/js/layouts/AdminLayout.vue:27-33`
-- Test: `app/tests/Frontend/AdminLayout.spec.ts`
-
-- [ ] **Step 1: Обновить тест-роутер и тесты nav/breadcrumb**
-
-В `app/tests/Frontend/AdminLayout.spec.ts` выполнить 4 правки.
-
-**1a.** Добавить 2 маршрута в тест-роутер. Заменить:
-
-```ts
-            { path: '/admin/billing', component: { template: '<div>billing</div>' } },
-            { path: '/admin/incidents', component: { template: '<div>incidents</div>' } },
-```
-
-на:
-
-```ts
-            { path: '/admin/billing', component: { template: '<div>billing</div>' } },
-            { path: '/admin/pricing-tiers', component: { template: '<div>pricing-tiers</div>' } },
-            { path: '/admin/supplier-prices', component: { template: '<div>supplier-prices</div>' } },
-            { path: '/admin/incidents', component: { template: '<div>incidents</div>' } },
-```
-
-**1b.** Заменить тест `'рендерит 5 nav-пунктов ...'` целиком:
-
-```ts
-    it('рендерит 7 nav-пунктов (Тенанты, Биллинг, Тарифная сетка, Цены поставщиков, Инциденты, Impersonation, Система)', async () => {
-        const { wrapper } = await mountAdminLayout();
-        const text = wrapper.text();
-        ['Тенанты', 'Биллинг', 'Тарифная сетка', 'Цены поставщиков', 'Инциденты', 'Impersonation', 'Система'].forEach(
-            (label) => expect(text).toContain(label),
-        );
-    });
-```
-
-**1c.** В тесте `'breadcrumb fallback на «Админка» ...'` заменить массив-исключений. Заменить:
-
-```ts
-        ['Тенанты', 'Биллинг', 'Инциденты', 'Impersonation', 'Система'].forEach((title) => {
-            expect(crumbText).not.toContain(title);
-        });
-```
-
-на:
-
-```ts
-        ['Тенанты', 'Биллинг', 'Тарифная сетка', 'Цены поставщиков', 'Инциденты', 'Impersonation', 'Система'].forEach(
-            (title) => {
-                expect(crumbText).not.toContain(title);
-            },
-        );
-```
-
-**1d.** Добавить новый breadcrumb-тест после теста `'breadcrumb на /admin/billing показывает «Биллинг»'`:
-
-```ts
-    it('breadcrumb на /admin/pricing-tiers показывает «Тарифная сетка»', async () => {
-        const { wrapper } = await mountAdminLayout('/admin/pricing-tiers');
-        expect(wrapper.find('.crumb').text()).toContain('Тарифная сетка');
-    });
-```
-
-- [ ] **Step 2: Запустить тесты — убедиться, что падают**
-
-Run (из `app/`): `npx vitest run tests/Frontend/AdminLayout.spec.ts`
-Expected: FAIL — тест `'рендерит 7 nav-пунктов ...'` падает (`text` не содержит «Тарифная сетка»/«Цены поставщиков»), новый breadcrumb-тест падает (`currentPageTitle` fallback → `'Админка'`).
-
-- [ ] **Step 3: Добавить 2 пункта в `navItems`**
-
-В `app/resources/js/layouts/AdminLayout.vue` заменить массив `navItems`:
-
-```ts
-const navItems: NavItem[] = [
-    { title: 'Тенанты', icon: 'mdi-account-group-outline', to: '/admin/tenants', count: 142 },
-    { title: 'Биллинг', icon: 'mdi-credit-card-outline', to: '/admin/billing' },
-    { title: 'Инциденты', icon: 'mdi-alert-outline', to: '/admin/incidents', count: 3 },
-    { title: 'Impersonation', icon: 'mdi-account-switch', to: '/admin/impersonation' },
-    { title: 'Система', icon: 'mdi-cog-outline', to: '/admin/system' },
-];
-```
-
-на:
-
-```ts
-const navItems: NavItem[] = [
-    { title: 'Тенанты', icon: 'mdi-account-group-outline', to: '/admin/tenants', count: 142 },
-    { title: 'Биллинг', icon: 'mdi-credit-card-outline', to: '/admin/billing' },
-    { title: 'Тарифная сетка', icon: 'mdi-tag-arrow-right', to: '/admin/pricing-tiers' },
-    { title: 'Цены поставщиков', icon: 'mdi-currency-rub', to: '/admin/supplier-prices' },
-    { title: 'Инциденты', icon: 'mdi-alert-outline', to: '/admin/incidents', count: 3 },
-    { title: 'Impersonation', icon: 'mdi-account-switch', to: '/admin/impersonation' },
-    { title: 'Система', icon: 'mdi-cog-outline', to: '/admin/system' },
-];
-```
-
-(Порядок: новые пункты сразу после «Биллинг» — billing-смежные. `currentPageTitle` использует `route.path.startsWith(i.to)`; префиксных коллизий между admin-маршрутами нет. Иконки `mdi-tag-arrow-right`/`mdi-currency-rub` замаплены в `vuetify.ts`.)
-
-- [ ] **Step 4: Запустить тесты — убедиться, что проходят**
-
-Run (из `app/`): `npx vitest run tests/Frontend/AdminLayout.spec.ts`
-Expected: PASS — все тесты AdminLayout зелёные (включая нетронутый `'показывает count-badge ... toHaveLength(2)'` — новые пункты без `count`).
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/resources/js/layouts/AdminLayout.vue app/tests/Frontend/AdminLayout.spec.ts
-git commit -m "feat(admin): AdminLayout nav — Тарифная сетка + Цены поставщиков (audit B4)"
-```
-
----
-
-## Task 3: B5 — глобальный баннер активных impersonation-сессий
-
-**Files:**
-
-- Create: `app/resources/js/components/admin/ImpersonationBanner.vue`
-- Create: `app/tests/Frontend/ImpersonationBanner.spec.ts`
-- Modify: `app/resources/js/layouts/AdminLayout.vue` (импорт + размещение в `<v-main>`)
-- Modify: `app/tests/Frontend/AdminLayout.spec.ts` (stub нового компонента)
-
-- [ ] **Step 1: Написать падающий тест компонента**
-
-Создать `app/tests/Frontend/ImpersonationBanner.spec.ts`:
-
-```ts
-import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
-import { mount, flushPromises } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-import ImpersonationBanner from '../../resources/js/components/admin/ImpersonationBanner.vue';
-import type { ImpersonationActiveSession } from '../../resources/js/api/admin';
-
-vi.mock('../../resources/js/api/admin', async (importOriginal) => {
-    const orig = await importOriginal<typeof import('../../resources/js/api/admin')>();
-    return { ...orig, impersonationActive: vi.fn() };
-});
-
-const adminApi = await import('../../resources/js/api/admin');
-
-function makeSession(overrides: Partial<ImpersonationActiveSession> = {}): ImpersonationActiveSession {
-    return {
-        token_id: 1,
-        tenant_id: 10,
-        tenant_name: 'ООО Ромашка',
-        requested_by: 7,
-        reason: 'Диагностика проблемы с балансом по обращению клиента',
-        sent_to_email: 'client@romashka.ru',
-        used_at: '2026-05-16T08:00:00Z',
-        expires_at: '2026-05-16T08:15:00Z',
-        ...overrides,
-    };
-}
-
-const mountBanner = () =>
-    mount(ImpersonationBanner, {
-        global: {
-            plugins: [createVuetify()],
-            stubs: {
-                RouterLink: {
-                    props: ['to'],
-                    template: '<a :class="$attrs.class" :href="to"><slot /></a>',
-                    inheritAttrs: false,
-                },
-            },
-        },
-    });
-
-beforeEach(() => vi.clearAllMocks());
-afterEach(() => vi.useRealTimers());
-
-describe('ImpersonationBanner', () => {
-    it('вызывает impersonationActive на mount', async () => {
-        vi.mocked(adminApi.impersonationActive).mockResolvedValueOnce([]);
-        const wrapper = mountBanner();
-        await flushPromises();
-        expect(adminApi.impersonationActive).toHaveBeenCalledTimes(1);
-        wrapper.unmount();
-    });
-
-    it('0 активных сессий — баннер не рендерится', async () => {
-        vi.mocked(adminApi.impersonationActive).mockResolvedValueOnce([]);
-        const wrapper = mountBanner();
-        await flushPromises();
-        expect(wrapper.find('[data-testid="impersonation-banner"]').exists()).toBe(false);
-        wrapper.unmount();
-    });
-
-    it('1 активная сессия — баннер с именем тенанта + ссылка на /admin/impersonation', async () => {
-        vi.mocked(adminApi.impersonationActive).mockResolvedValueOnce([makeSession({ tenant_name: 'ООО Ромашка' })]);
-        const wrapper = mountBanner();
-        await flushPromises();
-        const banner = wrapper.find('[data-testid="impersonation-banner"]');
-        expect(banner.exists()).toBe(true);
-        expect(banner.text()).toContain('Активна impersonation-сессия');
-        expect(banner.text()).toContain('ООО Ромашка');
-        expect(wrapper.find('[data-testid="impersonation-banner-link"]').attributes('href')).toBe(
-            '/admin/impersonation',
-        );
-        wrapper.unmount();
-    });
-
-    it('несколько активных сессий — баннер показывает счётчик', async () => {
-        vi.mocked(adminApi.impersonationActive).mockResolvedValueOnce([
-            makeSession({ token_id: 1 }),
-            makeSession({ token_id: 2 }),
-            makeSession({ token_id: 3 }),
-        ]);
-        const wrapper = mountBanner();
-        await flushPromises();
-        expect(wrapper.find('[data-testid="impersonation-banner"]').text()).toContain(
-            'Активны impersonation-сессии: 3',
-        );
-        wrapper.unmount();
-    });
-
-    it('tenant_name=null — fallback на «тенант #id»', async () => {
-        vi.mocked(adminApi.impersonationActive).mockResolvedValueOnce([
-            makeSession({ tenant_name: null, tenant_id: 42 }),
-        ]);
-        const wrapper = mountBanner();
-        await flushPromises();
-        expect(wrapper.find('[data-testid="impersonation-banner"]').text()).toContain('тенант #42');
-        wrapper.unmount();
-    });
-
-    it('ошибка impersonationActive — баннер не падает и остаётся скрыт', async () => {
-        vi.mocked(adminApi.impersonationActive).mockRejectedValueOnce(new Error('500'));
-        const wrapper = mountBanner();
-        await flushPromises();
-        expect(wrapper.find('[data-testid="impersonation-banner"]').exists()).toBe(false);
-        wrapper.unmount();
-    });
-
-    it('polling — impersonationActive вызывается повторно через 30 с', async () => {
-        vi.useFakeTimers();
-        vi.mocked(adminApi.impersonationActive).mockResolvedValue([]);
-        const wrapper = mountBanner();
-        await vi.advanceTimersByTimeAsync(0);
-        expect(adminApi.impersonationActive).toHaveBeenCalledTimes(1);
-        await vi.advanceTimersByTimeAsync(30_000);
-        expect(adminApi.impersonationActive).toHaveBeenCalledTimes(2);
-        wrapper.unmount();
-    });
-});
-```
-
-- [ ] **Step 2: Запустить тест — убедиться, что падает**
-
-Run (из `app/`): `npx vitest run tests/Frontend/ImpersonationBanner.spec.ts`
-Expected: FAIL — import не резолвится (`ImpersonationBanner.vue` ещё не создан).
-
-- [ ] **Step 3: Создать компонент**
-
-Создать `app/resources/js/components/admin/ImpersonationBanner.vue`:
-
-```vue
-<script setup lang="ts">
-/**
- * Глобальный индикатор активных impersonation-сессий (audit B5 / Ю-1).
- *
- * Размещён в AdminLayout над <RouterView> — виден на всех /admin/* страницах.
- * На MVP saas-admin auth нет и реального переключения сессии нет, поэтому
- * показываем счётчик ВСЕХ активных сессий (impersonationActive() =
- * used_at != null AND session_ended_at == null). Polling 30 c — сессия может
- * стартовать/завершиться, пока админ остаётся в админке (AdminLayout
- * persistent, перемонтируется только <RouterView>).
- *
- * Если активных сессий 0 — компонент не рендерит ничего.
- */
-import { computed, onMounted, ref } from 'vue';
-import { impersonationActive, type ImpersonationActiveSession } from '../../api/admin';
-import { usePolling } from '../../composables/usePolling';
-
-const sessions = ref<ImpersonationActiveSession[]>([]);
-
-async function load(): Promise<void> {
-    try {
-        sessions.value = await impersonationActive();
-    } catch {
-        // Баннер не критичен — ошибку детально покажет AdminImpersonationView.
-        // Сохраняем прежнее значение sessions, не падаем.
-    }
-}
-
-const count = computed(() => sessions.value.length);
-
-const label = computed(() => {
-    if (count.value === 1) {
-        const s = sessions.value[0];
-        return `Активна impersonation-сессия: ${s.tenant_name ?? `тенант #${s.tenant_id}`}`;
-    }
-    return `Активны impersonation-сессии: ${count.value}`;
-});
-
-onMounted(load);
-usePolling(load, { intervalMs: 30_000 });
-
-defineExpose({ sessions, load });
-</script>
-
-<template>
-    <div v-if="count > 0" class="impersonation-banner" role="status" data-testid="impersonation-banner">
-        <v-icon size="16" class="impersonation-banner__icon">mdi-account-switch</v-icon>
-        <span class="impersonation-banner__label">{{ label }}</span>
-        <RouterLink
-            to="/admin/impersonation"
-            class="impersonation-banner__link"
-            data-testid="impersonation-banner-link"
-        >
-            Открыть
-        </RouterLink>
-    </div>
-</template>
-
-<style scoped>
-.impersonation-banner {
-    display: flex;
-    align-items: center;
-    gap: 8px;
-    background: #fff4e0;
-    border-bottom: 1px solid #f0d8a8;
-    color: #8a5a00;
-    font-size: 13px;
-    padding: 8px 24px;
-}
-.impersonation-banner__icon {
-    color: #b87400;
-}
-.impersonation-banner__label {
-    flex: 1;
-}
-.impersonation-banner__link {
-    color: #0f6e56;
-    font-weight: 600;
-    text-decoration: none;
-}
-.impersonation-banner__link:hover {
-    text-decoration: underline;
-}
-</style>
-```
-
-- [ ] **Step 4: Запустить тест — убедиться, что проходит**
-
-Run (из `app/`): `npx vitest run tests/Frontend/ImpersonationBanner.spec.ts`
-Expected: PASS — все 7 тестов зелёные.
-
-- [ ] **Step 5: Встроить баннер в AdminLayout + застабить в AdminLayout.spec**
-
-**5a.** В `app/resources/js/layouts/AdminLayout.vue` добавить импорт. Заменить:
-
-```ts
-import DevIndexBadge from '../components/DevIndexBadge.vue';
-```
-
-на:
-
-```ts
-import DevIndexBadge from '../components/DevIndexBadge.vue';
-import ImpersonationBanner from '../components/admin/ImpersonationBanner.vue';
-```
-
-**5b.** В `app/resources/js/layouts/AdminLayout.vue` разместить баннер в начале `<v-main>`. Заменить:
-
-```html
-        <v-main class="admin-main">
-            <RouterView />
-        </v-main>
-```
-
-на:
-
-```html
-        <v-main class="admin-main">
-            <ImpersonationBanner />
-            <RouterView />
-        </v-main>
-```
-
-**5c.** В `app/tests/Frontend/AdminLayout.spec.ts` застабить новый компонент (он сам делает API-вызов на mount — в тестах AdminLayout это не нужно; у баннера есть собственный spec). Заменить:
-
-```ts
-        stubs: { DevIndexBadge: true },
-```
-
-на:
-
-```ts
-        stubs: { DevIndexBadge: true, ImpersonationBanner: true },
-```
-
-- [ ] **Step 6: Запустить тесты AdminLayout + ImpersonationBanner — убедиться, что проходят**
-
-Run (из `app/`): `npx vitest run tests/Frontend/AdminLayout.spec.ts tests/Frontend/ImpersonationBanner.spec.ts`
-Expected: PASS — обе спеки зелёные.
-
-- [ ] **Step 7: Полный sweep frontend-регрессии**
-
-Run (из `app/`):
-
-```bash
-npm run test:vue
-npm run type-check
-npm run lint:vue
-```
-
-Expected: Vitest — все файлы зелёные (+1 файл `ImpersonationBanner.spec.ts`, +7 specs; AppSidebar +1 spec; AdminLayout +1 spec); `type-check` — 0 ошибок; `lint:vue` — 0 ошибок. Выписать фактические числа (passed/failed) в отчёт.
-
-- [ ] **Step 8: Commit**
-
-```bash
-git add app/resources/js/components/admin/ImpersonationBanner.vue app/tests/Frontend/ImpersonationBanner.spec.ts app/resources/js/layouts/AdminLayout.vue app/tests/Frontend/AdminLayout.spec.ts
-git commit -m "feat(admin): ImpersonationBanner — глобальный индикатор активных сессий (audit B5)"
-```
-
----
-
-## Definition of Done
-
-- B1: пункт «Напоминания» виден в группе «Работа» основного сайдбара, ведёт на `/reminders`.
-- B4: «Тарифная сетка» + «Цены поставщиков» видны в admin-сайдбаре между «Биллинг» и «Инциденты», иконки рендерятся (не `HelpCircle`-fallback), breadcrumb на этих страницах корректен.
-- B5: при наличии активных impersonation-сессий в AdminLayout сверху виден баннер со счётчиком и ссылкой на `/admin/impersonation`; при 0 сессий баннер скрыт; данные обновляются раз в 30 c.
-- `npm run test:vue` — 0 failed; `npm run type-check` — 0; `npm run lint:vue` — 0.
-- 3 атомарных коммита (B1 / B4 / B5), каждый — после прохождения своих тестов.
-- Без push (до явного «пуш» от заказчика).
-
----
-
-## Self-Review (выполнено при написании плана)
-
-**Spec coverage:** B1 → Task 1; B4 → Task 2; B5 → Task 3. Все 3 эпика Sprint 3A «Layout & Navigation» покрыты.
-
-**Placeholder scan:** плейсхолдеров нет — весь код приведён полностью (тесты, компонент, точечные Edit'ы old→new).
-
-**Type consistency:** `ImpersonationActiveSession` используется из `api/admin.ts` без изменения интерфейса; `usePolling(loader, { intervalMs })` — сигнатура соответствует `composables/usePolling.ts`; `interface NavItem` в AppSidebar/AdminLayout не меняется (новые элементы используют существующие поля `title`/`icon`/`to`/`count`).
-
-**Recon-риски проверены:** маршруты `/reminders`, `/admin/pricing-tiers`, `/admin/supplier-prices` подтверждены в роутере и `routes/web.php` (есть `Route::fallback`); иконки B4 подтверждены в Lucide-mapping; polling-тест использует `advanceTimersByTimeAsync` (а не `flushPromises` под fake-таймерами).
diff --git a/docs/superpowers/plans/2026-05-16-sprint3b-dashboard-deeplinks.md b/docs/superpowers/plans/2026-05-16-sprint3b-dashboard-deeplinks.md
deleted file mode 100644
index 870d7d5..0000000
--- a/docs/superpowers/plans/2026-05-16-sprint3b-dashboard-deeplinks.md
+++ /dev/null
@@ -1,823 +0,0 @@
-# Sprint 3B — Dashboard & Deep-links Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Закрыть аудит-эпики C1+J3 (живой дашборд через новый backend-эндпоинт) и C8+F3 (deep-link `/deals?openId=` из напоминаний и колокольчика).
-
-**Architecture:** J3 — новый `DashboardController::summary` с агрегацией по `deals` + `tenants` (RLS-обёртка `SET LOCAL app.current_tenant_id`, паттерн `DealController`). C1 — `DashboardView` фетчит endpoint и пробрасывает данные в уже-prop-driven компоненты (`DashboardKpiRow`/`DashboardBalance`/`ActivityChart`/`FunnelChart`), при ошибке — fallback на mock. C8/F3 — три точки навигации переводятся на `query: { openId }`, а `DealsView` читает `route.query.openId` и открывает drawer найденной сделки.
-
-**Tech Stack:** PHP 8.3 + Laravel 13, PostgreSQL 16 (партиционированная `deals`), Pest 4; Vue 3 `<script setup>` + Vuetify 3, vue-router 4, Vitest 4 + @vue/test-utils, TypeScript.
-
-**Source:** [portal-wide audit spec §3 Sprint 3](../specs/2026-05-15-portal-audit-design.md) — эпики C1, J3, C8, F3.
-
-**Branch:** feature-ветка от origin/main `65381f2` (Sprint 3A уже запушен). Не пушить без явного запроса заказчика.
-
----
-
-## Контекст и факты recon
-
-- **J3 — эндпоинта нет.** `routes/web.php` имеет только `Route::view('/dashboard','welcome')`; `DashboardController` отсутствует. Паттерн контроллера — `DealController` (`app/app/Http/Controllers/Api/DealController.php`): `DB::transaction` + `DB::statement('SET LOCAL app.current_tenant_id = '.$tenantId)`, `tenant_id` query-параметром (MVP, без auth-middleware), defense-in-depth `where('tenant_id', …)`.
-- **Схема (`db/schema.sql`):** `deals` — `tenant_id`, `project_id`, `status` (slug), `received_at TIMESTAMPTZ` (ключ партиционирования), `is_test BOOLEAN`, `deleted_at` (soft-delete). `tenants` — `balance_rub DECIMAL(12,2)`, `balance_leads INT`, `limits JSONB` (`{"max_projects":10,...}`). Статус оплаты — slug `paid`.
-- **`Project` модель** — scope `active()` = `whereNull('archived_at')` (НЕ фильтрует `is_active`). «Активные проекты» дашборда = `archived_at IS NULL AND is_active = true`.
-- **C1 — все 4 dashboard-компонента уже prop-driven:** `DashboardKpiRow` (prop `kpis: Kpi[]`, тип экспортируется из компонента), `DashboardBalance` (prop `balance: Balance`, тип экспортируется), `ActivityChart` (props `points: number[]`, `labels: string[]`, `max: number`), `FunnelChart` (prop `counts: Record<string, number>`). DashboardView их не трогает — только фетч + проброс.
-- **C8** — `RemindersView.vue:70-73`: `openDeal(dealId)` → `void dealId; router.push('/deals')` (явно «на MVP без deep-link»).
-- **F3** — `AppTopbar.vue:56-62`: `handleNotificationClick(id, dealId)` → `markRead` + `if (dealId !== null) router.push('/deals')`. Notification имеет `deal_id: number | null` (`api/notifications.ts:26`).
-- **Deep-link consumer** — `DealsView.vue` НЕ читает `route.query`. Имеет `openDeal(deal: MockDeal)` → `selectedDeal.value = deal; drawerOpen.value = true`. `dealsState` грузится async (`loadDeals`, limit 200). `useRoute` сейчас не импортируется.
-- Тесты: backend — `app/tests/Feature/**/*.php` (Pest); frontend — `app/tests/Frontend/**/*.spec.ts` (Vitest). Команды backend — из `app/` (`composer test`, `php artisan test`); frontend — из `app/` (`npx vitest run …`).
-
----
-
-## File Structure
-
-| Файл | Ответственность | Действие |
-|---|---|---|
-| `app/app/Http/Controllers/Api/DashboardController.php` | агрегат дашборда | Create (Task 1) |
-| `app/routes/web.php` | маршрут `/api/dashboard/summary` | Modify (Task 1) |
-| `app/tests/Feature/DashboardSummaryTest.php` | Pest-тесты эндпоинта | Create (Task 1) |
-| `app/resources/js/api/dashboard.ts` | API-клиент дашборда | Create (Task 2) |
-| `app/resources/js/views/DashboardView.vue` | фетч + проброс props | Modify (Task 2) |
-| `app/tests/Frontend/DashboardView.spec.ts` | тесты DashboardView | Modify (Task 2) |
-| `app/resources/js/views/DealsView.vue` | чтение `route.query.openId` → drawer | Modify (Task 3) |
-| `app/resources/js/views/RemindersView.vue` | deep-link openDeal | Modify (Task 3) |
-| `app/resources/js/components/layout/AppTopbar.vue` | deep-link bell | Modify (Task 3) |
-| `app/tests/Frontend/DealsView.spec.ts` | тест openId-drawer | Modify (Task 3) |
-| `app/tests/Frontend/RemindersView.spec.ts` | тест deep-link | Modify (Task 3) |
-
----
-
-## Task 1: J3 — backend `GET /api/dashboard/summary`
-
-**Files:**
-
-- Create: `app/app/Http/Controllers/Api/DashboardController.php`
-- Modify: `app/routes/web.php`
-- Test: `app/tests/Feature/DashboardSummaryTest.php`
-
-**Endpoint contract** — `GET /api/dashboard/summary?tenant_id=N&range=today|7d|30d` (range default `7d`):
-
-```json
-{
-  "range": "7d",
-  "leads_received": { "value": 247, "delta_pct": 12.3, "delta_dir": "up" },
-  "conversion":     { "value": 18.4, "delta_pp": 2.1, "delta_dir": "up" },
-  "active_projects":{ "active": 8, "limit": 10 },
-  "balance":        { "amount_rub": "14250.00", "runway_days": 4, "runway_leads": 285 },
-  "activity":       { "points": [3,5,2,8,6,9,4], "labels": ["сб","вс","пн","вт","ср","чт","сегодня"], "max": 10 },
-  "funnel":         { "new": 18, "paid": 45, ... }
-}
-```
-
-`delta_dir` ∈ `up|down|neutral`. Окна: `today` = [startOfDay, now], `7d` = [now−7d, now], `30d` = [now−30d, now]; предыдущее окно — равной длины непосредственно перед текущим. Все агрегаты — `tenant_id` + `deleted_at IS NULL` + `is_test = false`. `funnel` — текущий снимок (вне окна). `runway_leads` = `tenants.balance_leads`; `runway_days` = `floor(balance_leads / avgDailyLeads7d)` (avgDaily = leads за 7д / 7; при avgDaily=0 → 0). `activity` — 7 daily-бакетов по `received_at` в MSK; `max` = `max(10, ceil(maxPoint/10)*10)`.
-
-- [ ] **Step 1: Изучить factory-паттерн существующих Feature-тестов**
-
-Прочитать один существующий тест в `app/tests/Feature/` который создаёт `Tenant` + `Deal` (например любой `Deal*Test.php` или supplier-тест) — зафиксировать, как создаются tenant/project/deal (фабрики `Tenant::factory()`, `Project::factory()`, `Deal::factory()` или прямые `::create`), как тест выставляет `received_at`/`status`, и как пользуется RLS (`postgres` superuser на dev — BYPASSRLS). Тест Task 1 должен использовать ровно тот же механизм. Это не плейсхолдер — это обязательная сверка фактического API фабрик перед написанием теста.
-
-- [ ] **Step 2: Написать падающий Pest-тест**
-
-Создать `app/tests/Feature/DashboardSummaryTest.php`. Минимум 6 тест-кейсов (синтаксис Pest mirror `tests/Feature/`-паттерна из Step 1):
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Deal;
-use App\Models\Project;
-use App\Models\Tenant;
-
-// helper: создать сделку с заданными status/received_at для тенанта/проекта.
-// Реализовать через фабрику/способ, зафиксированный в Step 1.
-
-it('422 без tenant_id', function () {
-    $this->getJson('/api/dashboard/summary')->assertStatus(422);
-});
-
-it('404 для несуществующего тенанта', function () {
-    $this->getJson('/api/dashboard/summary?tenant_id=999999')->assertStatus(404);
-});
-
-it('возвращает структуру summary с range по умолчанию 7d', function () {
-    $tenant = Tenant::factory()->create(['limits' => ['max_projects' => 10], 'balance_rub' => '14250.00', 'balance_leads' => 285]);
-    $this->getJson("/api/dashboard/summary?tenant_id={$tenant->id}")
-        ->assertOk()
-        ->assertJsonPath('range', '7d')
-        ->assertJsonStructure([
-            'range',
-            'leads_received' => ['value', 'delta_pct', 'delta_dir'],
-            'conversion' => ['value', 'delta_pp', 'delta_dir'],
-            'active_projects' => ['active', 'limit'],
-            'balance' => ['amount_rub', 'runway_days', 'runway_leads'],
-            'activity' => ['points', 'labels', 'max'],
-            'funnel',
-        ]);
-});
-
-it('leads_received считает только сделки окна, без deleted и is_test', function () {
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->create(['tenant_id' => $tenant->id]);
-    // 3 живые сделки в окне 7d + 1 deleted + 1 is_test + 1 вне окна (8 дней назад)
-    makeDeal($tenant, $project, 'new', now()->subDays(1));
-    makeDeal($tenant, $project, 'new', now()->subDays(2));
-    makeDeal($tenant, $project, 'paid', now()->subDays(3));
-    makeDeal($tenant, $project, 'new', now()->subDays(1), deletedAt: now());
-    makeDeal($tenant, $project, 'new', now()->subDays(1), isTest: true);
-    makeDeal($tenant, $project, 'new', now()->subDays(8));
-
-    $this->getJson("/api/dashboard/summary?tenant_id={$tenant->id}&range=7d")
-        ->assertOk()
-        ->assertJsonPath('leads_received.value', 3);
-});
-
-it('conversion = доля статуса paid в окне', function () {
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->create(['tenant_id' => $tenant->id]);
-    makeDeal($tenant, $project, 'paid', now()->subDays(1));
-    makeDeal($tenant, $project, 'new', now()->subDays(1));
-    makeDeal($tenant, $project, 'new', now()->subDays(1));
-    makeDeal($tenant, $project, 'new', now()->subDays(1));
-    // 1 paid из 4 → 25.0%
-    $this->getJson("/api/dashboard/summary?tenant_id={$tenant->id}")
-        ->assertOk()
-        ->assertJsonPath('conversion.value', 25.0);
-});
-
-it('active_projects считает archived_at IS NULL AND is_active=true + limit из limits', function () {
-    $tenant = Tenant::factory()->create(['limits' => ['max_projects' => 10]]);
-    Project::factory()->create(['tenant_id' => $tenant->id, 'archived_at' => null, 'is_active' => true]);
-    Project::factory()->create(['tenant_id' => $tenant->id, 'archived_at' => null, 'is_active' => true]);
-    Project::factory()->create(['tenant_id' => $tenant->id, 'archived_at' => now(), 'is_active' => true]);
-    Project::factory()->create(['tenant_id' => $tenant->id, 'archived_at' => null, 'is_active' => false]);
-    $this->getJson("/api/dashboard/summary?tenant_id={$tenant->id}")
-        ->assertOk()
-        ->assertJsonPath('active_projects.active', 2)
-        ->assertJsonPath('active_projects.limit', 10);
-});
-
-it('funnel группирует живые сделки по статусу', function () {
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->create(['tenant_id' => $tenant->id]);
-    makeDeal($tenant, $project, 'new', now()->subDays(1));
-    makeDeal($tenant, $project, 'new', now()->subDays(1));
-    makeDeal($tenant, $project, 'paid', now()->subDays(1));
-    $this->getJson("/api/dashboard/summary?tenant_id={$tenant->id}")
-        ->assertOk()
-        ->assertJsonPath('funnel.new', 2)
-        ->assertJsonPath('funnel.paid', 1);
-});
-
-it('activity возвращает 7 точек и 7 меток', function () {
-    $tenant = Tenant::factory()->create();
-    $this->getJson("/api/dashboard/summary?tenant_id={$tenant->id}")
-        ->assertOk()
-        ->assertJsonCount(7, 'activity.points')
-        ->assertJsonCount(7, 'activity.labels');
-});
-```
-
-Реализовать `makeDeal($tenant, $project, $status, $receivedAt, $deletedAt = null, $isTest = false)` как локальный helper в файле теста, опираясь на фабрику из Step 1. `deals` партиционирована по `received_at` — убедиться, что партиция для тестовых дат существует (если тестовый bootstrap её не создаёт — использовать `received_at` в пределах мая-июня 2026, для которых партиции в `schema.sql` уже есть, либо вызвать `partitions:create-months`).
-
-- [ ] **Step 3: Запустить тест — убедиться, что падает**
-
-Run (из `app/`): `php artisan test --filter=DashboardSummaryTest`
-Expected: FAIL — маршрут `/api/dashboard/summary` не существует (404 на всех кейсах).
-
-- [ ] **Step 4: Добавить маршрут**
-
-В `app/routes/web.php` рядом с другими `/api/*` (например после блока deals) добавить:
-
-```php
-// Дашборд — агрегат KPI/баланса/активности/воронки (audit J3). На MVP без
-// auth-middleware (tenant_id параметром); production: middleware('auth:sanctum','tenant').
-Route::get('/api/dashboard/summary', 'App\Http\Controllers\Api\DashboardController@summary');
-```
-
-- [ ] **Step 5: Реализовать DashboardController**
-
-Создать `app/app/Http/Controllers/Api/DashboardController.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Http\Controllers\Api;
-
-use App\Http\Controllers\Controller;
-use App\Models\Tenant;
-use Carbon\CarbonImmutable;
-use Illuminate\Http\JsonResponse;
-use Illuminate\Http\Request;
-use Illuminate\Support\Facades\DB;
-
-/**
- * Дашборд — агрегат для DashboardView (audit C1/J3).
- *
- * GET /api/dashboard/summary?tenant_id={id}&range=today|7d|30d
- *
- * На MVP без auth-middleware (tenant_id параметром, как DealController).
- * Production: middleware('auth:sanctum','tenant') → tenant_id из user.
- *
- * Все агрегаты — tenant-scoped, deleted_at IS NULL, is_test=false.
- * RLS-обёртка SET LOCAL app.current_tenant_id (PgBouncer-safe), как DealController.
- */
-class DashboardController extends Controller
-{
-    private const RU_WEEKDAYS = ['вс', 'пн', 'вт', 'ср', 'чт', 'пт', 'сб'];
-
-    public function summary(Request $request): JsonResponse
-    {
-        $tenantId = (int) $request->query('tenant_id', '0');
-        if ($tenantId < 1) {
-            return response()->json(['message' => 'Параметр tenant_id обязателен.'], 422);
-        }
-
-        $tenant = Tenant::find($tenantId);
-        if ($tenant === null) {
-            return response()->json(['message' => 'Тенант не найден.'], 404);
-        }
-
-        $range = in_array($request->query('range'), ['today', '7d', '30d'], true)
-            ? (string) $request->query('range')
-            : '7d';
-
-        $now = CarbonImmutable::now();
-        [$windowStart, $prevStart] = match ($range) {
-            'today' => [$now->startOfDay(), $now->startOfDay()->subDay()],
-            '30d' => [$now->subDays(30), $now->subDays(60)],
-            default => [$now->subDays(7), $now->subDays(14)],
-        };
-
-        $data = DB::transaction(function () use ($tenantId, $tenant, $now, $range, $windowStart, $prevStart) {
-            DB::statement('SET LOCAL app.current_tenant_id = '.$tenantId);
-
-            $base = fn () => DB::table('deals')
-                ->where('tenant_id', $tenantId)
-                ->whereNull('deleted_at')
-                ->where('is_test', false);
-
-            // --- leads received: текущее + предыдущее окно ---
-            $curLeads = (clone $base())->whereBetween('received_at', [$windowStart, $now])->count();
-            $prevLeads = (clone $base())->whereBetween('received_at', [$prevStart, $windowStart])->count();
-
-            // --- conversion: % статуса 'paid' в окне ---
-            $curPaid = (clone $base())->where('status', 'paid')
-                ->whereBetween('received_at', [$windowStart, $now])->count();
-            $prevPaid = (clone $base())->where('status', 'paid')
-                ->whereBetween('received_at', [$prevStart, $windowStart])->count();
-            $curConv = $curLeads > 0 ? round($curPaid / $curLeads * 100, 1) : 0.0;
-            $prevConv = $prevLeads > 0 ? round($prevPaid / $prevLeads * 100, 1) : 0.0;
-
-            // --- active projects ---
-            $activeProjects = DB::table('projects')
-                ->where('tenant_id', $tenantId)
-                ->whereNull('archived_at')
-                ->where('is_active', true)
-                ->count();
-            $maxProjects = (int) (($tenant->limits['max_projects'] ?? 0));
-
-            // --- activity: 7 daily-бакетов по received_at (MSK) ---
-            $activityStart = $now->subDays(6)->startOfDay();
-            $byDay = (clone $base())
-                ->where('received_at', '>=', $activityStart)
-                ->selectRaw("to_char((received_at AT TIME ZONE 'Europe/Moscow')::date, 'YYYY-MM-DD') AS d, COUNT(*) AS c")
-                ->groupBy('d')
-                ->pluck('c', 'd');
-            $points = [];
-            $labels = [];
-            for ($i = 6; $i >= 0; $i--) {
-                $day = $now->subDays($i);
-                $key = $day->format('Y-m-d');
-                $points[] = (int) ($byDay[$key] ?? 0);
-                $labels[] = $i === 0 ? 'сегодня' : self::RU_WEEKDAYS[(int) $day->format('w')];
-            }
-            $maxPoint = $points === [] ? 0 : max($points);
-            $axisMax = max(10, (int) (ceil($maxPoint / 10) * 10));
-
-            // --- funnel: текущий снимок по статусам ---
-            $funnel = (clone $base())
-                ->selectRaw('status, COUNT(*) AS c')
-                ->groupBy('status')
-                ->pluck('c', 'status')
-                ->map(fn ($c) => (int) $c)
-                ->toArray();
-
-            // --- runway ---
-            $avgDaily = $curLeads / 7.0; // средний дневной приток за 7д окно
-            $balanceLeads = (int) ($tenant->balance_leads ?? 0);
-            $runwayDays = $avgDaily > 0 ? (int) floor($balanceLeads / $avgDaily) : 0;
-
-            return [
-                'range' => $range,
-                'leads_received' => self::deltaBlock($curLeads, $prevLeads, 'delta_pct', self::pctDelta($curLeads, $prevLeads)),
-                'conversion' => self::deltaBlock($curConv, $prevConv, 'delta_pp', round($curConv - $prevConv, 1)),
-                'active_projects' => ['active' => $activeProjects, 'limit' => $maxProjects],
-                'balance' => [
-                    'amount_rub' => (string) $tenant->balance_rub,
-                    'runway_days' => $runwayDays,
-                    'runway_leads' => $balanceLeads,
-                ],
-                'activity' => ['points' => $points, 'labels' => $labels, 'max' => $axisMax],
-                'funnel' => (object) $funnel,
-            ];
-        });
-
-        return response()->json($data);
-    }
-
-    /** Процентная дельта current vs previous; 0.0 если previous=0. */
-    private static function pctDelta(float $cur, float $prev): float
-    {
-        return $prev > 0 ? round(($cur - $prev) / $prev * 100, 1) : 0.0;
-    }
-
-    /** Блок {value, <deltaKey>, delta_dir}. */
-    private static function deltaBlock(float $value, float $prev, string $deltaKey, float $delta): array
-    {
-        $dir = $value > $prev ? 'up' : ($value < $prev ? 'down' : 'neutral');
-
-        return ['value' => $value, $deltaKey => $delta, 'delta_dir' => $dir];
-    }
-}
-```
-
-- [ ] **Step 6: Запустить тест — убедиться, что проходит**
-
-Run (из `app/`): `php artisan test --filter=DashboardSummaryTest`
-Expected: PASS — все ≥7 кейсов зелёные. Если падает на партициях `deals` — перенести тестовые `received_at` в существующий партиционный диапазон или прогнать `php artisan partitions:create-months`.
-
-- [ ] **Step 7: Проверка стиля и статанализа**
-
-Run (из `app/`): `composer pint` и `composer stan`
-Expected: Pint — без правок (или авто-fix применён), Larastan — 0 ошибок (при новых false-positive по `Request::query` — добавить запись в `phpstan-baseline.neon` через `--generate-baseline`, как принято в проекте).
-
-- [ ] **Step 8: Commit**
-
-```bash
-git add app/app/Http/Controllers/Api/DashboardController.php app/routes/web.php app/tests/Feature/DashboardSummaryTest.php app/phpstan-baseline.neon
-git commit -m "feat(dashboard): GET /api/dashboard/summary — агрегат KPI/баланса/активности (audit J3)
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
-(`phpstan-baseline.neon` добавлять только если он реально изменён.) Lefthook pre-commit прогонит pint/larastan/squawk/gitleaks — если упадёт, чинить причину, не `--no-verify`.
-
----
-
-## Task 2: C1 — DashboardView на real API
-
-**Files:**
-
-- Create: `app/resources/js/api/dashboard.ts`
-- Modify: `app/resources/js/views/DashboardView.vue`
-- Test: `app/tests/Frontend/DashboardView.spec.ts`
-
-- [ ] **Step 1: Написать падающий тест API-клиента + view**
-
-Создать `app/resources/js/api/dashboard.ts` пока НЕ создаём — сначала тест. Полностью переписать `app/tests/Frontend/DashboardView.spec.ts`:
-
-```ts
-import { describe, it, expect, vi, beforeEach } from 'vitest';
-import { mount, flushPromises } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-import { createPinia, setActivePinia } from 'pinia';
-import DashboardView from '../../resources/js/views/DashboardView.vue';
-import type { DashboardSummary } from '../../resources/js/api/dashboard';
-
-vi.mock('../../resources/js/api/dashboard', () => ({
-    getDashboardSummary: vi.fn(),
-}));
-
-const dashboardApi = await import('../../resources/js/api/dashboard');
-
-function makeSummary(overrides: Partial<DashboardSummary> = {}): DashboardSummary {
-    return {
-        range: '7d',
-        leads_received: { value: 247, delta_pct: 12.3, delta_dir: 'up' },
-        conversion: { value: 18.4, delta_pp: 2.1, delta_dir: 'up' },
-        active_projects: { active: 8, limit: 10 },
-        balance: { amount_rub: '14250.00', runway_days: 4, runway_leads: 285 },
-        activity: { points: [3, 5, 2, 8, 6, 9, 4], labels: ['сб', 'вс', 'пн', 'вт', 'ср', 'чт', 'сегодня'], max: 10 },
-        funnel: { new: 18, paid: 45 },
-        ...overrides,
-    };
-}
-
-const mountView = () => {
-    setActivePinia(createPinia());
-    return mount(DashboardView, { global: { plugins: [createVuetify()] } });
-};
-
-beforeEach(() => vi.clearAllMocks());
-
-describe('DashboardView.vue ↔ /api/dashboard/summary', () => {
-    it('getDashboardSummary вызывается на mount', async () => {
-        vi.mocked(dashboardApi.getDashboardSummary).mockResolvedValueOnce(makeSummary());
-        mountView();
-        await flushPromises();
-        expect(dashboardApi.getDashboardSummary).toHaveBeenCalledTimes(1);
-    });
-
-    it('успех — KPI и баланс из API видны', async () => {
-        vi.mocked(dashboardApi.getDashboardSummary).mockResolvedValueOnce(
-            makeSummary({ balance: { amount_rub: '99000.00', runway_days: 9, runway_leads: 500 } }),
-        );
-        const wrapper = mountView();
-        await flushPromises();
-        const text = wrapper.text();
-        expect(text).toContain('Получено лидов');
-        expect(text).toContain('Конверсия в оплату');
-        expect(text).toContain('Активные проекты');
-        expect(text).toContain('Баланс');
-        expect(text).toContain('99 000');
-    });
-
-    it('ошибка API — fallback на mock, view не падает', async () => {
-        vi.mocked(dashboardApi.getDashboardSummary).mockRejectedValueOnce(new Error('500'));
-        const wrapper = mountView();
-        await flushPromises();
-        expect(wrapper.text()).toContain('Получено лидов');
-        expect(wrapper.find('.runway-fill').exists()).toBe(true);
-    });
-
-    it('смена range перезапрашивает summary', async () => {
-        vi.mocked(dashboardApi.getDashboardSummary).mockResolvedValue(makeSummary());
-        const wrapper = mountView();
-        await flushPromises();
-        expect(dashboardApi.getDashboardSummary).toHaveBeenCalledTimes(1);
-        (wrapper.vm as unknown as { range: string }).range = '30d';
-        await flushPromises();
-        expect(dashboardApi.getDashboardSummary).toHaveBeenCalledTimes(2);
-    });
-});
-```
-
-- [ ] **Step 2: Запустить тест — убедиться, что падает**
-
-Run (из `app/`): `npx vitest run tests/Frontend/DashboardView.spec.ts`
-Expected: FAIL — `api/dashboard.ts` не существует (import не резолвится).
-
-- [ ] **Step 3: Создать API-клиент**
-
-Создать `app/resources/js/api/dashboard.ts`:
-
-```ts
-import { apiClient } from './client';
-
-/**
- * API-клиент дашборда (audit C1/J3). Эндпоинт GET /api/dashboard/summary.
- * На MVP без auth — tenant_id параметром (на prod возьмётся из middleware).
- */
-
-export type DeltaDir = 'up' | 'down' | 'neutral';
-export type DashboardRange = 'today' | '7d' | '30d';
-
-export interface DashboardSummary {
-    range: string;
-    leads_received: { value: number; delta_pct: number; delta_dir: DeltaDir };
-    conversion: { value: number; delta_pp: number; delta_dir: DeltaDir };
-    active_projects: { active: number; limit: number };
-    balance: { amount_rub: string; runway_days: number; runway_leads: number };
-    activity: { points: number[]; labels: string[]; max: number };
-    funnel: Record<string, number>;
-}
-
-export async function getDashboardSummary(tenantId: number, range: DashboardRange): Promise<DashboardSummary> {
-    const { data } = await apiClient.get<DashboardSummary>('/api/dashboard/summary', {
-        params: { tenant_id: tenantId, range },
-    });
-    return data;
-}
-```
-
-- [ ] **Step 4: Переписать DashboardView на фетч + проброс**
-
-Заменить `<script setup>` в `app/resources/js/views/DashboardView.vue` (template/charts row остаются; KPI-row и balance теперь из reactive-state). Полный новый `<script setup>`:
-
-```ts
-<script setup lang="ts">
-/**
- * Дашборд — стартовая страница. Audit C1/J3: KPI/баланс/активность/воронка
- * грузятся из GET /api/dashboard/summary; при ошибке — fallback на mock,
- * чтобы UI оставался работоспособным (dev / отсутствие backend).
- */
-import { ref, watch } from 'vue';
-import ActivityChart from '../components/charts/ActivityChart.vue';
-import FunnelChart from '../components/charts/FunnelChart.vue';
-import DashboardPageHead from '../components/dashboard/DashboardPageHead.vue';
-import DashboardKpiRow, { type Kpi } from '../components/dashboard/DashboardKpiRow.vue';
-import DashboardBalance, { type Balance } from '../components/dashboard/DashboardBalance.vue';
-import { getDashboardSummary, type DashboardRange, type DashboardSummary } from '../api/dashboard';
-import { useAuthStore } from '../stores/auth';
-
-const auth = useAuthStore();
-const range = ref<DashboardRange | 'custom'>('7d');
-
-// runwayMax — display-константа полосы (7 сегментов), не из API.
-const RUNWAY_MAX = 7;
-
-// Mock-fallback — UI работоспособен без backend (dev / 500 / нет auth).
-const MOCK_KPIS: Kpi[] = [
-    { label: 'Получено лидов', value: '247', delta: { dir: 'up', text: '12.3%' }, sub: 'vs предыдущий период' },
-    { label: 'Конверсия в оплату', value: '18.4', unit: '%', delta: { dir: 'up', text: '2.1pp' }, sub: 'vs предыдущий период' },
-    { label: 'Активные проекты', value: '8', unit: '/ 10', delta: { dir: 'neutral', text: '' }, sub: 'лимит тарифа' },
-];
-const MOCK_BALANCE: Balance = { amount: '14 250', runwayDays: 4, runwayMax: RUNWAY_MAX, runwayLeads: 285 };
-
-const kpis = ref<Kpi[]>(MOCK_KPIS);
-const balance = ref<Balance>(MOCK_BALANCE);
-const activityPoints = ref<number[]>([16, 31, 27, 47, 39, 56, 50]);
-const activityLabels = ref<string[]>(['пн', 'вт', 'ср', 'чт', 'пт', 'сб', 'сегодня']);
-const activityMax = ref(60);
-const funnelCounts = ref<Record<string, number> | undefined>(undefined);
-const fetchError = ref(false);
-
-/** Форматирует число с пробелами-разделителями тысяч ('14250.00' → '14 250'). */
-function formatRub(raw: string): string {
-    const int = Math.round(parseFloat(raw)).toString();
-    return int.replace(/\B(?=(\d{3})+(?!\d))/g, ' ');
-}
-
-function applySummary(s: DashboardSummary): void {
-    kpis.value = [
-        {
-            label: 'Получено лидов',
-            value: String(s.leads_received.value),
-            delta: { dir: s.leads_received.delta_dir, text: `${s.leads_received.delta_pct}%` },
-            sub: 'vs предыдущий период',
-        },
-        {
-            label: 'Конверсия в оплату',
-            value: String(s.conversion.value),
-            unit: '%',
-            delta: { dir: s.conversion.delta_dir, text: `${s.conversion.delta_pp}pp` },
-            sub: 'vs предыдущий период',
-        },
-        {
-            label: 'Активные проекты',
-            value: String(s.active_projects.active),
-            unit: `/ ${s.active_projects.limit}`,
-            delta: { dir: 'neutral', text: '' },
-            sub: 'лимит тарифа',
-        },
-    ];
-    balance.value = {
-        amount: formatRub(s.balance.amount_rub),
-        runwayDays: Math.min(s.balance.runway_days, RUNWAY_MAX),
-        runwayMax: RUNWAY_MAX,
-        runwayLeads: s.balance.runway_leads,
-    };
-    activityPoints.value = s.activity.points;
-    activityLabels.value = s.activity.labels;
-    activityMax.value = s.activity.max;
-    funnelCounts.value = s.funnel;
-}
-
-async function load(): Promise<void> {
-    const tenantId = auth.user?.tenant_id;
-    if (!tenantId || range.value === 'custom') return;
-    try {
-        applySummary(await getDashboardSummary(tenantId, range.value));
-        fetchError.value = false;
-    } catch {
-        fetchError.value = true; // оставляем последнее значение / mock
-    }
-}
-
-watch(range, load);
-load();
-</script>
-```
-
-Шаблон `<template>` менять минимально — заменить статичные `:kpis="kpis"` / `:balance="balance"` на reactive-ref'ы (Vue разворачивает `.value` в шаблоне автоматически, синтаксис `:kpis="kpis"` не меняется) и пробросить чарт-props + funnel + degradation-alert. Заменить блок `<v-row class="charts-row …">` на:
-
-```html
-        <v-alert
-            v-if="fetchError"
-            type="warning"
-            variant="tonal"
-            density="compact"
-            class="mt-3"
-            data-testid="dashboard-fetch-error"
-        >
-            Не удалось обновить данные дашборда — показаны последние известные значения.
-        </v-alert>
-
-        <v-row class="charts-row mt-4">
-            <v-col cols="12" md="7">
-                <ActivityChart :points="activityPoints" :labels="activityLabels" :max="activityMax" />
-            </v-col>
-            <v-col cols="12" md="5">
-                <FunnelChart :counts="funnelCounts" />
-            </v-col>
-        </v-row>
-```
-
-(`FunnelChart` prop `counts` опциональный — `undefined` оставит его mock-default; при успехе API передаст реальные counts.)
-
-- [ ] **Step 5: Запустить тест — убедиться, что проходит**
-
-Run (из `app/`): `npx vitest run tests/Frontend/DashboardView.spec.ts`
-Expected: PASS — 4 теста зелёные.
-
-- [ ] **Step 6: type-check + lint**
-
-Run (из `app/`): `npm run type-check` и `npm run lint:vue`
-Expected: 0 ошибок. `ActivityChart` prop `points` non-optional при передаче — ок; `FunnelChart` `counts?: Record<string,number>` принимает `undefined`.
-
-- [ ] **Step 7: Commit**
-
-```bash
-git add app/resources/js/api/dashboard.ts app/resources/js/views/DashboardView.vue app/tests/Frontend/DashboardView.spec.ts
-git commit -m "feat(dashboard): DashboardView на real API /api/dashboard/summary (audit C1)
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
----
-
-## Task 3: C8 + F3 — deep-link `/deals?openId=`
-
-**Files:**
-
-- Modify: `app/resources/js/views/DealsView.vue`
-- Modify: `app/resources/js/views/RemindersView.vue`
-- Modify: `app/resources/js/components/layout/AppTopbar.vue`
-- Test: `app/tests/Frontend/DealsView.spec.ts`, `app/tests/Frontend/RemindersView.spec.ts`
-
-- [ ] **Step 1: Написать падающие тесты**
-
-**1a.** В `app/tests/Frontend/DealsView.spec.ts` добавить тест: при `route.query.openId` совпадающем с id сделки в `dealsState` — drawer открыт. Использовать установленный в файле паттерн mount'а DealsView с роутером; если файл монтирует без роутера — добавить memory-router с маршрутом `/deals` и `push('/deals?openId=<id>')` до mount. Тест (адаптировать имена под фактический mount-helper файла):
-
-```ts
-    it('route.query.openId открывает drawer соответствующей сделки', async () => {
-        // mount DealsView на /deals?openId=<существующий id из MOCK_DEALS>
-        // после loadDeals() (flushPromises) — drawerOpen=true, selectedDeal.id === openId
-        const openId = MOCK_DEALS[0].id;
-        const wrapper = await mountDealsViewAt(`/deals?openId=${openId}`);
-        await flushPromises();
-        const vm = wrapper.vm as unknown as { drawerOpen: boolean; selectedDeal: { id: number } | null };
-        expect(vm.drawerOpen).toBe(true);
-        expect(vm.selectedDeal?.id).toBe(openId);
-    });
-
-    it('openId не найден среди сделок — drawer не открывается, без ошибки', async () => {
-        const wrapper = await mountDealsViewAt('/deals?openId=99999999');
-        await flushPromises();
-        const vm = wrapper.vm as unknown as { drawerOpen: boolean };
-        expect(vm.drawerOpen).toBe(false);
-    });
-```
-
-`drawerOpen` и `selectedDeal` добавить в `defineExpose` DealsView (Step 3).
-
-**1b.** В `app/tests/Frontend/RemindersView.spec.ts` добавить тест: `openDeal(42)` вызывает `router.push` с `{ path: '/deals', query: { openId: 42 } }`. Использовать `vi.spyOn(router, 'push')` по паттерну файла.
-
-- [ ] **Step 2: Запустить тесты — убедиться, что падают**
-
-Run (из `app/`): `npx vitest run tests/Frontend/DealsView.spec.ts tests/Frontend/RemindersView.spec.ts`
-Expected: FAIL — DealsView не реагирует на `openId`; RemindersView пушит `/deals` без query.
-
-- [ ] **Step 3: DealsView — читать `route.query.openId`**
-
-В `app/resources/js/views/DealsView.vue`:
-
-**3a.** В импортах добавить `useRoute`:
-
-```ts
-import { useRoute } from 'vue-router';
-```
-
-и в `<script setup>` рядом с другими const'ами:
-
-```ts
-const route = useRoute();
-```
-
-**3b.** Добавить функцию открытия по id и вызвать её после загрузки. После `function openDeal(deal: MockDeal) { … }` добавить:
-
-```ts
-/** Audit C8/F3: deep-link — открыть drawer сделки по ?openId= из URL. */
-function openDealFromQuery(): void {
-    const raw = route.query.openId;
-    const id = Number(Array.isArray(raw) ? raw[0] : raw);
-    if (!Number.isInteger(id) || id <= 0) return;
-    const deal = dealsState.find((d) => d.id === id);
-    if (deal) openDeal(deal);
-}
-```
-
-**3c.** В `onMounted` — вызвать после загрузки. Заменить:
-
-```ts
-onMounted(() => {
-    void leadStatusesStore.load();
-    void loadDeals();
-});
-```
-
-на:
-
-```ts
-onMounted(async () => {
-    void leadStatusesStore.load();
-    await loadDeals();
-    openDealFromQuery();
-});
-```
-
-И реагировать на смену query (навигация на `/deals?openId=` когда DealsView уже смонтирован) — добавить watch рядом с другими watch'ами:
-
-```ts
-watch(
-    () => route.query.openId,
-    () => openDealFromQuery(),
-);
-```
-
-**3d.** В `defineExpose({ … })` добавить `drawerOpen`, `selectedDeal`, `openDealFromQuery` (для тестов).
-
-- [ ] **Step 4: RemindersView — deep-link openDeal**
-
-В `app/resources/js/views/RemindersView.vue` заменить:
-
-```ts
-async function openDeal(dealId: number): Promise<void> {
-    void dealId; // на MVP — без deep-link на конкретный drawer.
-    await router.push('/deals');
-}
-```
-
-на:
-
-```ts
-async function openDeal(dealId: number): Promise<void> {
-    // Audit C8: deep-link на конкретный drawer через ?openId=.
-    await router.push({ path: '/deals', query: { openId: dealId } });
-}
-```
-
-- [ ] **Step 5: AppTopbar — deep-link bell**
-
-В `app/resources/js/components/layout/AppTopbar.vue` заменить:
-
-```ts
-async function handleNotificationClick(id: number, dealId: number | null): Promise<void> {
-    await notifications.markRead(id);
-    if (dealId !== null) {
-        // На MVP — push на DealsView (deep-link на конкретный drawer — отдельный коммит).
-        await router.push('/deals');
-    }
-}
-```
-
-на:
-
-```ts
-async function handleNotificationClick(id: number, dealId: number | null): Promise<void> {
-    await notifications.markRead(id);
-    if (dealId !== null) {
-        // Audit F3: deep-link на конкретный drawer через ?openId=.
-        await router.push({ path: '/deals', query: { openId: dealId } });
-    }
-}
-```
-
-- [ ] **Step 6: Запустить тесты — убедиться, что проходят**
-
-Run (из `app/`): `npx vitest run tests/Frontend/DealsView.spec.ts tests/Frontend/RemindersView.spec.ts`
-Expected: PASS — все тесты зелёные.
-
-- [ ] **Step 7: Полный sweep**
-
-Run (из `app/`): `npm run test:vue`, `npm run type-check`, `npm run lint:vue`
-Expected: Vitest 0 failed (выписать точные счётчики), type-check 0, lint 0.
-
-- [ ] **Step 8: Commit**
-
-```bash
-git add app/resources/js/views/DealsView.vue app/resources/js/views/RemindersView.vue app/resources/js/components/layout/AppTopbar.vue app/tests/Frontend/DealsView.spec.ts app/tests/Frontend/RemindersView.spec.ts
-git commit -m "feat(deals): deep-link /deals?openId= из напоминаний и колокольчика (audit C8/F3)
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
----
-
-## Definition of Done
-
-- **J3:** `GET /api/dashboard/summary?tenant_id=N&range=…` возвращает контракт выше; Pest ≥7 кейсов зелёные; Pint/Larastan 0.
-- **C1:** DashboardView грузит summary на mount + при смене range; KPI/баланс/активность/воронка — из API; ошибка → degradation-alert + последние/mock-значения.
-- **C8/F3:** клик по напоминанию и по уведомлению-колокольчику с `deal_id` ведёт на `/deals?openId=<id>`; DealsView открывает drawer найденной сделки; openId не найден → no-op без ошибки.
-- `npm run test:vue` 0 failed; `npm run type-check` 0; `npm run lint:vue` 0; `php artisan test --filter=DashboardSummaryTest` 0 failed.
-- 3 атомарных коммита (J3 / C1 / C8+F3). Без push до явного запроса.
-
-## Self-Review (выполнено при написании плана)
-
-**Spec coverage:** C1 → Task 2; J3 → Task 1; C8 → Task 3 (RemindersView + DealsView consumer); F3 → Task 3 (AppTopbar + DealsView consumer). Все 4 ID Sprint 3B покрыты.
-
-**Placeholder scan:** код приведён полностью. Единственная инструкция-без-кода — Task 1 Step 1 (изучить factory-паттерн существующих Feature-тестов) — это обязательная сверка фактического API фабрик, т.к. точный API `Deal::factory()` не в контексте автора плана; и Task 3 Step 1 (адаптировать mount-helper под фактический DealsView.spec) — оба требуют чтения одного reference-файла, не выдумывания.
-
-**Type consistency:** `DashboardSummary` (api/dashboard.ts) ↔ контракт эндпоинта J3 ↔ `applySummary` в DashboardView совпадают по полям. `Kpi`/`Balance` импортируются из существующих компонентов без изменения. `getDashboardSummary(tenantId, range)` — единая сигнатура в клиенте, тесте и view.
-
-**Риск:** партиционирование `deals` по `received_at` — тестовые даты должны попадать в существующие партиции (май-окт 2026 уже в schema.sql) либо `partitions:create-months` (отмечено в Task 1 Step 2/6).
diff --git a/docs/superpowers/plans/2026-05-16-sprint3c-reports.md b/docs/superpowers/plans/2026-05-16-sprint3c-reports.md
deleted file mode 100644
index 7a9a5d2..0000000
--- a/docs/superpowers/plans/2026-05-16-sprint3c-reports.md
+++ /dev/null
@@ -1,1364 +0,0 @@
-# Sprint 3C — Reports (F1 + F2) Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Реализовать 3 недостающих провайдера отчётов (managers/sources/billing summary) и endpoint скачивания готового файла отчёта по signed URL (24 ч).
-
-**Architecture:** F1 — 3 новых класса `ReportDataProvider` (managers/sources/billing), зарегистрированы в `ReportGeneratorRegistry`; формат-слой (csv/xlsx/json/pdf) уже готов и переиспользуется без изменений. F2 — новый route `GET /api/reports/jobs/{id}/file` под `signed`-middleware (не под `auth:sanctum` — подпись URL = capability-token), метод `ReportJobController@download` отдаёт файл потоком; `toResource()` отдаёт `download_url` (24 ч); frontend проводит `download_url` через api→mapper→`ReportJobsList` и вешает на кнопку «Скачать».
-
-**Tech Stack:** PHP 8.3 / Laravel 13 / Pest 4 / PostgreSQL 16 (партиционированная `deals`, RLS); Vue 3 / Vuetify 3 / Vitest 4 / TypeScript.
-
----
-
-## Контекст для исполнителя (прочитать до начала)
-
-**Аудит-источник:** `docs/superpowers/specs/2026-05-15-portal-audit-design.md` §F — F1 (Reports Provider'ы, 3 из 4) и F2 (Reports Скачать). Sprint 3C идёт после закрытых 3A/3B.
-
-**Существующая архитектура отчётов (НЕ менять, только расширять):**
-
-- `app/app/Models/ReportJob.php` — модель. `TYPES = ['deals_export','managers_summary','sources_summary','billing_summary']` уже объявлены все 4. `FORMATS = ['csv','xlsx','json','pdf']`. Статусы pending→processing→done|failed.
-- `app/app/Services/Reports/Providers/ReportDataProvider.php` — интерфейс: `headers(): array`, `rows(ReportJob $job): array`, `slug(): string`.
-- `app/app/Services/Reports/Providers/DealsExportProvider.php` — единственный готовый провайдер, **эталон стиля** (RLS-обёртка `DB::transaction` + `SET LOCAL app.current_tenant_id`).
-- `app/app/Services/Reports/ReportGeneratorRegistry.php` — резолвер: `provider(type)` match, `formatter(format)` match, `isSupported(type, format)`.
-- `app/app/Jobs/GenerateReportJob.php` — оркестратор: provider→formatter→`Storage::disk('local')->put('reports/{tenant_id}/{job_id}.{ext}', $content)`.
-- `app/app/Http/Controllers/Api/ReportJobController.php` — CRUD + retry/cancel/delete; `toResource()` сериализует job.
-- Formatter-классы `csv/xlsx/json` — готовы; `PdfStubFormatter` намеренно кидает RuntimeException (PDF → failed-job, Post-MVP).
-- Routes: `app/routes/web.php` строки 62-72, группа `Route::middleware(['auth:sanctum','tenant'])->prefix('/api/reports/jobs')`.
-
-**RLS:** `report_jobs`, `deals`, `lead_charges`, `balance_transactions` — все ENABLE ROW LEVEL SECURITY (policy `tenant_isolation` по `current_setting('app.current_tenant_id')`). На dev/test БД работает под `postgres` superuser (RLS `ENABLE`, не `FORCE` для `report_jobs` → superuser обходит политику), поэтому в коде ОБЯЗАТЕЛЕН явный `where('tenant_id', ...)` как defense-in-depth + `SET LOCAL` для prod-роли `crm_app_user`. Этот паттерн виден во всех методах `ReportJobController` и в `DealsExportProvider`.
-
-**Партиции `deals`:** партиционирована по `received_at`, партиции существуют на май–октябрь 2026. В тестах вставлять сделки с `received_at` = `Carbon::now()` (текущий месяц → партиция есть).
-
-**«Won»-статус:** конверсия считается по `deals.status = 'paid'` — так же, как в свежем `DashboardController` (Sprint 3B / J3). Не вводить новых определений.
-
-**Конвенции тестов:** существующие Pest-файлы используют `uses(DatabaseTransactions::class)`, `Storage::fake('local')`, top-level helper-функции с УНИКАЛЬНЫМИ именами (`makeJob`, `makeReportJob` уже заняты — новые helper'ы называть иначе, иначе PHP redeclare-fatal при прогоне всего suite).
-
----
-
-## File Structure
-
-**Создаются:**
-
-- `app/app/Services/Reports/Providers/ManagersSummaryProvider.php` — агрегат сделок по менеджерам.
-- `app/app/Services/Reports/Providers/SourcesSummaryProvider.php` — агрегат сделок по `utm_source`.
-- `app/app/Services/Reports/Providers/BillingSummaryProvider.php` — агрегат `balance_transactions` по типу операции.
-- `app/tests/Feature/Reports/ManagersSummaryProviderTest.php`
-- `app/tests/Feature/Reports/SourcesSummaryProviderTest.php`
-- `app/tests/Feature/Reports/BillingSummaryProviderTest.php`
-- `app/tests/Feature/Reports/ReportDownloadTest.php`
-
-**Модифицируются:**
-
-- `app/app/Services/Reports/ReportGeneratorRegistry.php` — +3 провайдера в конструктор, +3 ветки `provider()`, упрощение `isSupported()`.
-- `app/app/Http/Controllers/Api/ReportJobController.php` — +метод `download()`, `toResource()` +`download_url`.
-- `app/routes/web.php` — +route `reports.download` под `signed`.
-- `app/tests/Feature/Reports/ReportJobControllerTest.php` — переписать тест `managers_summary не реализован`, +2 интеграционных теста (sources/billing).
-- `app/resources/js/api/reports.ts` — `ApiReportJob` +`download_url`.
-- `app/resources/js/composables/mockReports.ts` — `ReportJob` +`downloadUrl`.
-- `app/resources/js/composables/reportsMapper.ts` — `mapApiReportJob` +`downloadUrl`.
-- `app/resources/js/components/reports/ReportJobsList.vue` — кнопка «Скачать» → `:href`.
-- `app/tests/Frontend/reportsMapper.spec.ts`, `reports-api.spec.ts`, `ReportsView.spec.ts` — +`download_url` в fixtures, +тесты.
-
----
-
-### Task 1: ManagersSummaryProvider (F1, провайдер 1/3)
-
-**Files:**
-
-- Create: `app/app/Services/Reports/Providers/ManagersSummaryProvider.php`
-- Create: `app/tests/Feature/Reports/ManagersSummaryProviderTest.php`
-- Modify: `app/app/Services/Reports/ReportGeneratorRegistry.php`
-- Modify: `app/tests/Feature/Reports/ReportJobControllerTest.php` (строки 339-351 — переписать тест)
-
-- [ ] **Step 1: Написать падающий тест провайдера**
-
-Создать `app/tests/Feature/Reports/ManagersSummaryProviderTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Project;
-use App\Models\ReportJob;
-use App\Models\Tenant;
-use App\Models\User;
-use App\Services\Reports\Providers\ManagersSummaryProvider;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Carbon;
-use Illuminate\Support\Facades\DB;
-
-uses(DatabaseTransactions::class);
-
-beforeEach(function () {
-    $this->tenant = Tenant::factory()->create();
-    $this->project = Project::factory()->create(['tenant_id' => $this->tenant->id]);
-});
-
-/** Вставляет сделку напрямую (deals партиционирована, фабрики нет). */
-function seedManagerDeal(int $tenantId, int $projectId, array $overrides = []): void
-{
-    DB::table('deals')->insert(array_merge([
-        'tenant_id' => $tenantId,
-        'project_id' => $projectId,
-        'phone' => '+7999'.random_int(1000000, 9999999),
-        'status' => 'new',
-        'received_at' => Carbon::now()->startOfMonth()->addDays(10),
-        'created_at' => Carbon::now(),
-        'updated_at' => Carbon::now(),
-    ], $overrides));
-}
-
-/** ReportJob без сохранения — провайдер читает только tenant_id + parameters. */
-function managersJob(int $tenantId): ReportJob
-{
-    return new ReportJob([
-        'tenant_id' => $tenantId,
-        'type' => 'managers_summary',
-        'parameters' => [
-            'format' => 'csv',
-            'date_from' => Carbon::now()->startOfMonth()->toDateString(),
-            'date_to' => Carbon::now()->endOfMonth()->toDateString(),
-        ],
-    ]);
-}
-
-test('headers: 4 колонки', function () {
-    expect((new ManagersSummaryProvider)->headers())
-        ->toBe(['Менеджер', 'Всего сделок', 'Оплачено', 'Конверсия (%)']);
-});
-
-test('slug = managers', function () {
-    expect((new ManagersSummaryProvider)->slug())->toBe('managers');
-});
-
-test('агрегирует сделки по менеджеру: total, paid, конверсия', function () {
-    $manager = User::factory()->create([
-        'tenant_id' => $this->tenant->id, 'first_name' => 'Иван', 'last_name' => 'Петров',
-    ]);
-    seedManagerDeal($this->tenant->id, $this->project->id, ['manager_id' => $manager->id, 'status' => 'paid']);
-    seedManagerDeal($this->tenant->id, $this->project->id, ['manager_id' => $manager->id, 'status' => 'paid']);
-    seedManagerDeal($this->tenant->id, $this->project->id, ['manager_id' => $manager->id, 'status' => 'new']);
-
-    $rows = (new ManagersSummaryProvider)->rows(managersJob($this->tenant->id));
-
-    expect($rows)->toHaveCount(1);
-    expect($rows[0])->toBe(['Иван Петров', 3, 2, 66.7]);
-});
-
-test('сделки без менеджера → строка «Не назначен»', function () {
-    seedManagerDeal($this->tenant->id, $this->project->id, ['manager_id' => null, 'status' => 'new']);
-
-    $rows = (new ManagersSummaryProvider)->rows(managersJob($this->tenant->id));
-
-    expect($rows)->toHaveCount(1);
-    expect($rows[0][0])->toBe('Не назначен');
-});
-
-test('исключает soft-deleted и тестовые сделки', function () {
-    $manager = User::factory()->create(['tenant_id' => $this->tenant->id]);
-    seedManagerDeal($this->tenant->id, $this->project->id, ['manager_id' => $manager->id]);
-    seedManagerDeal($this->tenant->id, $this->project->id, ['manager_id' => $manager->id, 'deleted_at' => Carbon::now()]);
-    seedManagerDeal($this->tenant->id, $this->project->id, ['manager_id' => $manager->id, 'is_test' => true]);
-
-    $rows = (new ManagersSummaryProvider)->rows(managersJob($this->tenant->id));
-
-    expect($rows)->toHaveCount(1);
-    expect($rows[0][1])->toBe(1);
-});
-
-test('изолирует по tenant_id', function () {
-    $other = Tenant::factory()->create();
-    $otherProject = Project::factory()->create(['tenant_id' => $other->id]);
-    seedManagerDeal($other->id, $otherProject->id);
-
-    $rows = (new ManagersSummaryProvider)->rows(managersJob($this->tenant->id));
-
-    expect($rows)->toBe([]);
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `cd app && php artisan test tests/Feature/Reports/ManagersSummaryProviderTest.php`
-Expected: FAIL — `Class "App\Services\Reports\Providers\ManagersSummaryProvider" not found`.
-
-- [ ] **Step 3: Создать провайдер**
-
-Создать `app/app/Services/Reports/Providers/ManagersSummaryProvider.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Reports\Providers;
-
-use App\Models\ReportJob;
-use Illuminate\Support\Carbon;
-use Illuminate\Support\Facades\DB;
-
-/**
- * managers_summary — агрегат сделок по менеджерам за период (audit F1).
- *
- * Группировка по deals.manager_id; неназначенные (manager_id IS NULL) сводятся
- * в строку «Не назначен». «Оплачено» = status='paid' (won-статус воронки, как
- * в DashboardController). Конверсия = paid / total * 100, округление до 0.1.
- *
- * parameters: date_from, date_to (Y-m-d). Исключаются soft-deleted
- * (deleted_at IS NULL) и тестовые (is_test=false) сделки. RLS-обёртка
- * SET LOCAL app.current_tenant_id — паттерн DealsExportProvider.
- */
-class ManagersSummaryProvider implements ReportDataProvider
-{
-    public function headers(): array
-    {
-        return ['Менеджер', 'Всего сделок', 'Оплачено', 'Конверсия (%)'];
-    }
-
-    public function rows(ReportJob $job): array
-    {
-        $params = $job->parameters ?? [];
-        $dateFrom = Carbon::parse($params['date_from'])->startOfDay();
-        $dateTo = Carbon::parse($params['date_to'])->endOfDay();
-
-        return DB::transaction(function () use ($job, $dateFrom, $dateTo): array {
-            DB::statement('SET LOCAL app.current_tenant_id = '.(int) $job->tenant_id);
-
-            $rows = DB::table('deals')
-                ->leftJoin('users', 'deals.manager_id', '=', 'users.id')
-                ->where('deals.tenant_id', $job->tenant_id)
-                ->whereNull('deals.deleted_at')
-                ->where('deals.is_test', false)
-                ->whereBetween('deals.received_at', [$dateFrom, $dateTo])
-                ->groupBy('deals.manager_id', 'users.first_name', 'users.last_name', 'users.email')
-                ->orderByRaw('COUNT(*) DESC')
-                ->orderBy('deals.manager_id')
-                ->selectRaw(
-                    "deals.manager_id,
-                     users.first_name, users.last_name, users.email,
-                     COUNT(*) AS total,
-                     COUNT(*) FILTER (WHERE deals.status = 'paid') AS paid"
-                )
-                ->get();
-
-            return $rows->map(function ($row): array {
-                $name = trim(($row->first_name ?? '').' '.($row->last_name ?? ''));
-                if ($name === '') {
-                    $name = (string) ($row->email ?? '');
-                }
-                if ($name === '') {
-                    $name = 'Не назначен';
-                }
-                $total = (int) $row->total;
-                $paid = (int) $row->paid;
-                $conversion = $total > 0 ? round($paid / $total * 100, 1) : 0.0;
-
-                return [$name, $total, $paid, $conversion];
-            })->all();
-        });
-    }
-
-    public function slug(): string
-    {
-        return 'managers';
-    }
-}
-```
-
-- [ ] **Step 4: Зарегистрировать провайдер в ReportGeneratorRegistry**
-
-В `app/app/Services/Reports/ReportGeneratorRegistry.php`:
-
-Добавить `use` после строки 13 (`use App\Services\Reports\Providers\DealsExportProvider;`):
-
-```php
-use App\Services\Reports\Providers\ManagersSummaryProvider;
-```
-
-В конструкторе добавить параметр после `DealsExportProvider $dealsExport`:
-
-```php
-    public function __construct(
-        private readonly DealsExportProvider $dealsExport,
-        private readonly ManagersSummaryProvider $managersSummary,
-        private readonly CsvFormatter $csv,
-        private readonly XlsxFormatter $xlsx,
-        private readonly JsonFormatter $json,
-        private readonly PdfStubFormatter $pdf,
-    ) {}
-```
-
-В `provider()` добавить ветку перед `default`:
-
-```php
-    public function provider(string $type): ReportDataProvider
-    {
-        return match ($type) {
-            'deals_export' => $this->dealsExport,
-            'managers_summary' => $this->managersSummary,
-            default => throw new InvalidArgumentException("Тип отчёта не реализован: {$type}"),
-        };
-    }
-```
-
-В `isSupported()` заменить строку `$supportedTypes = ['deals_export'];` на:
-
-```php
-        $supportedTypes = ['deals_export', 'managers_summary'];
-```
-
-- [ ] **Step 5: Запустить тест провайдера — зелёный**
-
-Run: `cd app && php artisan test tests/Feature/Reports/ManagersSummaryProviderTest.php`
-Expected: PASS — 6 passed.
-
-- [ ] **Step 6: Переписать устаревший интеграционный тест в ReportJobControllerTest**
-
-В `app/tests/Feature/Reports/ReportJobControllerTest.php` ПОЛНОСТЬЮ заменить тест `POST /api/reports/jobs (sync queue): managers_summary не реализован → failed` (строки 339-351) на:
-
-```php
-test('POST /api/reports/jobs (sync queue): managers_summary → done с CSV', function () {
-    config()->set('queue.default', 'sync');
-
-    $now = Carbon::now()->startOfMonth()->addDays(10);
-    $project = Project::factory()->create(['tenant_id' => $this->tenant->id]);
-    $manager = User::factory()->create([
-        'tenant_id' => $this->tenant->id, 'first_name' => 'Иван', 'last_name' => 'Петров',
-    ]);
-    DB::table('deals')->insert([
-        'tenant_id' => $this->tenant->id,
-        'project_id' => $project->id,
-        'manager_id' => $manager->id,
-        'phone' => '+79990001122',
-        'status' => 'paid',
-        'received_at' => $now,
-        'created_at' => Carbon::now(),
-        'updated_at' => Carbon::now(),
-    ]);
-
-    $response = $this->postJson('/api/reports/jobs', [
-        'type' => 'managers_summary', 'format' => 'csv',
-        'parameters' => [
-            'date_from' => $now->copy()->startOfMonth()->toDateString(),
-            'date_to' => $now->copy()->endOfMonth()->toDateString(),
-        ],
-    ]);
-
-    $response->assertStatus(201);
-    $job = ReportJob::find($response->json('job.id'));
-    expect($job->status)->toBe('done');
-    expect($job->file_path)->toEndWith('.csv');
-
-    $content = Storage::disk('local')->get($job->file_path);
-    expect($content)->toContain('Менеджер');
-    expect($content)->toContain('Иван Петров');
-});
-```
-
-- [ ] **Step 7: Запустить ReportJobControllerTest — зелёный**
-
-Run: `cd app && php artisan test tests/Feature/Reports/ReportJobControllerTest.php`
-Expected: PASS — все тесты зелёные (включая переписанный managers_summary).
-
-- [ ] **Step 8: Pint + commit**
-
-```bash
-cd app && composer pint
-git add app/app/Services/Reports/Providers/ManagersSummaryProvider.php app/app/Services/Reports/ReportGeneratorRegistry.php app/tests/Feature/Reports/ManagersSummaryProviderTest.php app/tests/Feature/Reports/ReportJobControllerTest.php
-git commit -m "feat(reports): ManagersSummaryProvider — агрегат сделок по менеджерам (F1)"
-```
-
----
-
-### Task 2: SourcesSummaryProvider (F1, провайдер 2/3)
-
-**Files:**
-
-- Create: `app/app/Services/Reports/Providers/SourcesSummaryProvider.php`
-- Create: `app/tests/Feature/Reports/SourcesSummaryProviderTest.php`
-- Modify: `app/app/Services/Reports/ReportGeneratorRegistry.php`
-- Modify: `app/tests/Feature/Reports/ReportJobControllerTest.php` (добавить тест)
-
-- [ ] **Step 1: Написать падающий тест провайдера**
-
-Создать `app/tests/Feature/Reports/SourcesSummaryProviderTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Project;
-use App\Models\ReportJob;
-use App\Models\Tenant;
-use App\Services\Reports\Providers\SourcesSummaryProvider;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Carbon;
-use Illuminate\Support\Facades\DB;
-
-uses(DatabaseTransactions::class);
-
-beforeEach(function () {
-    $this->tenant = Tenant::factory()->create();
-    $this->project = Project::factory()->create(['tenant_id' => $this->tenant->id]);
-});
-
-function seedSourceDeal(int $tenantId, int $projectId, array $overrides = []): void
-{
-    DB::table('deals')->insert(array_merge([
-        'tenant_id' => $tenantId,
-        'project_id' => $projectId,
-        'phone' => '+7999'.random_int(1000000, 9999999),
-        'status' => 'new',
-        'received_at' => Carbon::now()->startOfMonth()->addDays(10),
-        'created_at' => Carbon::now(),
-        'updated_at' => Carbon::now(),
-    ], $overrides));
-}
-
-function sourcesJob(int $tenantId): ReportJob
-{
-    return new ReportJob([
-        'tenant_id' => $tenantId,
-        'type' => 'sources_summary',
-        'parameters' => [
-            'format' => 'csv',
-            'date_from' => Carbon::now()->startOfMonth()->toDateString(),
-            'date_to' => Carbon::now()->endOfMonth()->toDateString(),
-        ],
-    ]);
-}
-
-test('headers: 4 колонки', function () {
-    expect((new SourcesSummaryProvider)->headers())
-        ->toBe(['Источник', 'Всего сделок', 'Оплачено', 'Конверсия (%)']);
-});
-
-test('slug = sources', function () {
-    expect((new SourcesSummaryProvider)->slug())->toBe('sources');
-});
-
-test('агрегирует сделки по utm_source', function () {
-    seedSourceDeal($this->tenant->id, $this->project->id, ['utm_source' => 'yandex', 'status' => 'paid']);
-    seedSourceDeal($this->tenant->id, $this->project->id, ['utm_source' => 'yandex', 'status' => 'new']);
-    seedSourceDeal($this->tenant->id, $this->project->id, ['utm_source' => 'vk', 'status' => 'paid']);
-
-    $rows = (new SourcesSummaryProvider)->rows(sourcesJob($this->tenant->id));
-
-    expect($rows)->toHaveCount(2);
-    // ORDER BY COUNT(*) DESC → yandex (2) первый.
-    expect($rows[0])->toBe(['yandex', 2, 1, 50.0]);
-    expect($rows[1])->toBe(['vk', 1, 1, 100.0]);
-});
-
-test('сделки без utm_source → «Прямые / без метки»', function () {
-    seedSourceDeal($this->tenant->id, $this->project->id, ['utm_source' => null]);
-
-    $rows = (new SourcesSummaryProvider)->rows(sourcesJob($this->tenant->id));
-
-    expect($rows)->toHaveCount(1);
-    expect($rows[0][0])->toBe('Прямые / без метки');
-});
-
-test('исключает soft-deleted и тестовые сделки', function () {
-    seedSourceDeal($this->tenant->id, $this->project->id, ['utm_source' => 'yandex']);
-    seedSourceDeal($this->tenant->id, $this->project->id, ['utm_source' => 'yandex', 'deleted_at' => Carbon::now()]);
-    seedSourceDeal($this->tenant->id, $this->project->id, ['utm_source' => 'yandex', 'is_test' => true]);
-
-    $rows = (new SourcesSummaryProvider)->rows(sourcesJob($this->tenant->id));
-
-    expect($rows)->toHaveCount(1);
-    expect($rows[0][1])->toBe(1);
-});
-
-test('изолирует по tenant_id', function () {
-    $other = Tenant::factory()->create();
-    $otherProject = Project::factory()->create(['tenant_id' => $other->id]);
-    seedSourceDeal($other->id, $otherProject->id, ['utm_source' => 'yandex']);
-
-    $rows = (new SourcesSummaryProvider)->rows(sourcesJob($this->tenant->id));
-
-    expect($rows)->toBe([]);
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `cd app && php artisan test tests/Feature/Reports/SourcesSummaryProviderTest.php`
-Expected: FAIL — `Class "App\Services\Reports\Providers\SourcesSummaryProvider" not found`.
-
-- [ ] **Step 3: Создать провайдер**
-
-Создать `app/app/Services/Reports/Providers/SourcesSummaryProvider.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Reports\Providers;
-
-use App\Models\ReportJob;
-use Illuminate\Support\Carbon;
-use Illuminate\Support\Facades\DB;
-
-/**
- * sources_summary — агрегат сделок по источнику (utm_source) за период (audit F1).
- *
- * Группировка по deals.utm_source; сделки без метки (NULL/пусто) сводятся в
- * строку «Прямые / без метки». «Оплачено» = status='paid'. Конверсия =
- * paid / total * 100, округление до 0.1.
- *
- * parameters: date_from, date_to (Y-m-d). Исключаются soft-deleted и тестовые
- * сделки. RLS-обёртка SET LOCAL app.current_tenant_id — паттерн DealsExportProvider.
- */
-class SourcesSummaryProvider implements ReportDataProvider
-{
-    public function headers(): array
-    {
-        return ['Источник', 'Всего сделок', 'Оплачено', 'Конверсия (%)'];
-    }
-
-    public function rows(ReportJob $job): array
-    {
-        $params = $job->parameters ?? [];
-        $dateFrom = Carbon::parse($params['date_from'])->startOfDay();
-        $dateTo = Carbon::parse($params['date_to'])->endOfDay();
-
-        return DB::transaction(function () use ($job, $dateFrom, $dateTo): array {
-            DB::statement('SET LOCAL app.current_tenant_id = '.(int) $job->tenant_id);
-
-            $rows = DB::table('deals')
-                ->where('tenant_id', $job->tenant_id)
-                ->whereNull('deleted_at')
-                ->where('is_test', false)
-                ->whereBetween('received_at', [$dateFrom, $dateTo])
-                ->groupBy('utm_source')
-                ->orderByRaw('COUNT(*) DESC')
-                ->orderBy('utm_source')
-                ->selectRaw(
-                    "utm_source,
-                     COUNT(*) AS total,
-                     COUNT(*) FILTER (WHERE status = 'paid') AS paid"
-                )
-                ->get();
-
-            return $rows->map(function ($row): array {
-                $source = $row->utm_source !== null && trim((string) $row->utm_source) !== ''
-                    ? (string) $row->utm_source
-                    : 'Прямые / без метки';
-                $total = (int) $row->total;
-                $paid = (int) $row->paid;
-                $conversion = $total > 0 ? round($paid / $total * 100, 1) : 0.0;
-
-                return [$source, $total, $paid, $conversion];
-            })->all();
-        });
-    }
-
-    public function slug(): string
-    {
-        return 'sources';
-    }
-}
-```
-
-- [ ] **Step 4: Зарегистрировать провайдер в ReportGeneratorRegistry**
-
-В `app/app/Services/Reports/ReportGeneratorRegistry.php`:
-
-Добавить `use` рядом с `ManagersSummaryProvider`:
-
-```php
-use App\Services\Reports\Providers\SourcesSummaryProvider;
-```
-
-В конструкторе добавить параметр после `ManagersSummaryProvider $managersSummary`:
-
-```php
-        private readonly SourcesSummaryProvider $sourcesSummary,
-```
-
-В `provider()` добавить ветку:
-
-```php
-            'sources_summary' => $this->sourcesSummary,
-```
-
-В `isSupported()` заменить строку `$supportedTypes` на:
-
-```php
-        $supportedTypes = ['deals_export', 'managers_summary', 'sources_summary'];
-```
-
-- [ ] **Step 5: Запустить тест провайдера — зелёный**
-
-Run: `cd app && php artisan test tests/Feature/Reports/SourcesSummaryProviderTest.php`
-Expected: PASS — 6 passed.
-
-- [ ] **Step 6: Добавить интеграционный тест в ReportJobControllerTest**
-
-В конец `app/tests/Feature/Reports/ReportJobControllerTest.php` добавить:
-
-```php
-test('POST /api/reports/jobs (sync queue): sources_summary → done с CSV', function () {
-    config()->set('queue.default', 'sync');
-
-    $now = Carbon::now()->startOfMonth()->addDays(10);
-    $project = Project::factory()->create(['tenant_id' => $this->tenant->id]);
-    DB::table('deals')->insert([
-        'tenant_id' => $this->tenant->id,
-        'project_id' => $project->id,
-        'phone' => '+79990002233',
-        'status' => 'paid',
-        'utm_source' => 'yandex',
-        'received_at' => $now,
-        'created_at' => Carbon::now(),
-        'updated_at' => Carbon::now(),
-    ]);
-
-    $response = $this->postJson('/api/reports/jobs', [
-        'type' => 'sources_summary', 'format' => 'csv',
-        'parameters' => [
-            'date_from' => $now->copy()->startOfMonth()->toDateString(),
-            'date_to' => $now->copy()->endOfMonth()->toDateString(),
-        ],
-    ]);
-
-    $response->assertStatus(201);
-    $job = ReportJob::find($response->json('job.id'));
-    expect($job->status)->toBe('done');
-    expect($job->file_path)->toEndWith('.csv');
-
-    $content = Storage::disk('local')->get($job->file_path);
-    expect($content)->toContain('Источник');
-    expect($content)->toContain('yandex');
-});
-```
-
-- [ ] **Step 7: Запустить ReportJobControllerTest — зелёный**
-
-Run: `cd app && php artisan test tests/Feature/Reports/ReportJobControllerTest.php`
-Expected: PASS.
-
-- [ ] **Step 8: Pint + commit**
-
-```bash
-cd app && composer pint
-git add app/app/Services/Reports/Providers/SourcesSummaryProvider.php app/app/Services/Reports/ReportGeneratorRegistry.php app/tests/Feature/Reports/SourcesSummaryProviderTest.php app/tests/Feature/Reports/ReportJobControllerTest.php
-git commit -m "feat(reports): SourcesSummaryProvider — агрегат сделок по utm_source (F1)"
-```
-
----
-
-### Task 3: BillingSummaryProvider (F1, провайдер 3/3)
-
-**Files:**
-
-- Create: `app/app/Services/Reports/Providers/BillingSummaryProvider.php`
-- Create: `app/tests/Feature/Reports/BillingSummaryProviderTest.php`
-- Modify: `app/app/Services/Reports/ReportGeneratorRegistry.php`
-- Modify: `app/tests/Feature/Reports/ReportJobControllerTest.php` (добавить тест)
-
-- [ ] **Step 1: Написать падающий тест провайдера**
-
-Создать `app/tests/Feature/Reports/BillingSummaryProviderTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\BalanceTransaction;
-use App\Models\ReportJob;
-use App\Models\Tenant;
-use App\Services\Reports\Providers\BillingSummaryProvider;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Carbon;
-
-uses(DatabaseTransactions::class);
-
-beforeEach(function () {
-    $this->tenant = Tenant::factory()->create();
-});
-
-function seedBillingTx(int $tenantId, string $type, float $amount, ?Carbon $at = null): void
-{
-    BalanceTransaction::create([
-        'tenant_id' => $tenantId,
-        'type' => $type,
-        'amount_rub' => $amount,
-        'amount_leads' => 0,
-        'description' => 'test',
-        'created_at' => $at ?? Carbon::now()->startOfMonth()->addDays(10),
-    ]);
-}
-
-function billingJob(int $tenantId): ReportJob
-{
-    return new ReportJob([
-        'tenant_id' => $tenantId,
-        'type' => 'billing_summary',
-        'parameters' => [
-            'format' => 'csv',
-            'date_from' => Carbon::now()->startOfMonth()->toDateString(),
-            'date_to' => Carbon::now()->endOfMonth()->toDateString(),
-        ],
-    ]);
-}
-
-test('headers: 3 колонки', function () {
-    expect((new BillingSummaryProvider)->headers())
-        ->toBe(['Тип операции', 'Количество', 'Сумма (₽)']);
-});
-
-test('slug = billing', function () {
-    expect((new BillingSummaryProvider)->slug())->toBe('billing');
-});
-
-test('агрегирует balance_transactions по типу: count + сумма', function () {
-    seedBillingTx($this->tenant->id, 'topup', 5000);
-    seedBillingTx($this->tenant->id, 'topup', 3000);
-    seedBillingTx($this->tenant->id, 'lead_charge', -250);
-
-    $rows = (new BillingSummaryProvider)->rows(billingJob($this->tenant->id));
-
-    // ORDER BY type → 'lead_charge' < 'topup'.
-    expect($rows)->toHaveCount(2);
-    expect($rows[0])->toBe(['Списание за лиды', 1, '-250.00']);
-    expect($rows[1])->toBe(['Пополнение', 2, '8000.00']);
-});
-
-test('исключает транзакции вне периода', function () {
-    seedBillingTx($this->tenant->id, 'topup', 5000);
-    seedBillingTx($this->tenant->id, 'topup', 1000, Carbon::now()->subMonths(3));
-
-    $rows = (new BillingSummaryProvider)->rows(billingJob($this->tenant->id));
-
-    expect($rows)->toHaveCount(1);
-    expect($rows[0])->toBe(['Пополнение', 1, '5000.00']);
-});
-
-test('изолирует по tenant_id', function () {
-    $other = Tenant::factory()->create();
-    seedBillingTx($other->id, 'topup', 9999);
-
-    $rows = (new BillingSummaryProvider)->rows(billingJob($this->tenant->id));
-
-    expect($rows)->toBe([]);
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `cd app && php artisan test tests/Feature/Reports/BillingSummaryProviderTest.php`
-Expected: FAIL — `Class "App\Services\Reports\Providers\BillingSummaryProvider" not found`.
-
-- [ ] **Step 3: Создать провайдер**
-
-Создать `app/app/Services/Reports/Providers/BillingSummaryProvider.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Reports\Providers;
-
-use App\Models\ReportJob;
-use Illuminate\Support\Carbon;
-use Illuminate\Support\Facades\DB;
-
-/**
- * billing_summary — агрегат balance_transactions по типу операции (audit F1).
- *
- * Группировка по balance_transactions.type; count + SUM(amount_rub). Тип
- * операции переводится в человекочитаемую метку. parameters: date_from,
- * date_to (Y-m-d) — фильтр по created_at.
- *
- * RLS-обёртка SET LOCAL app.current_tenant_id (balance_transactions имеет RLS
- * tenant_isolation) + явный where('tenant_id') — паттерн BillingController.
- */
-class BillingSummaryProvider implements ReportDataProvider
-{
-    /** Канон-типы balance_transactions.type → RU-метка (schema §7.6 CHECK). */
-    private const TYPE_LABELS = [
-        'trial_bonus' => 'Стартовый бонус',
-        'topup' => 'Пополнение',
-        'lead_charge' => 'Списание за лиды',
-        'refund' => 'Возврат',
-        'manual_adjustment' => 'Ручная корректировка',
-        'historical_import' => 'Импорт истории',
-        'chargeback_writedown' => 'Chargeback — списание в долг',
-        'chargeback_repayment' => 'Chargeback — погашение долга',
-    ];
-
-    public function headers(): array
-    {
-        return ['Тип операции', 'Количество', 'Сумма (₽)'];
-    }
-
-    public function rows(ReportJob $job): array
-    {
-        $params = $job->parameters ?? [];
-        $dateFrom = Carbon::parse($params['date_from'])->startOfDay();
-        $dateTo = Carbon::parse($params['date_to'])->endOfDay();
-
-        return DB::transaction(function () use ($job, $dateFrom, $dateTo): array {
-            DB::statement('SET LOCAL app.current_tenant_id = '.(int) $job->tenant_id);
-
-            $rows = DB::table('balance_transactions')
-                ->where('tenant_id', $job->tenant_id)
-                ->whereBetween('created_at', [$dateFrom, $dateTo])
-                ->groupBy('type')
-                ->orderBy('type')
-                ->selectRaw('type, COUNT(*) AS cnt, COALESCE(SUM(amount_rub), 0) AS sum_rub')
-                ->get();
-
-            return $rows->map(function ($row): array {
-                $label = self::TYPE_LABELS[$row->type] ?? (string) $row->type;
-
-                return [$label, (int) $row->cnt, (string) $row->sum_rub];
-            })->all();
-        });
-    }
-
-    public function slug(): string
-    {
-        return 'billing';
-    }
-}
-```
-
-- [ ] **Step 4: Зарегистрировать провайдер + упростить isSupported()**
-
-В `app/app/Services/Reports/ReportGeneratorRegistry.php`:
-
-Добавить `use`:
-
-```php
-use App\Services\Reports\Providers\BillingSummaryProvider;
-```
-
-В конструкторе добавить параметр после `SourcesSummaryProvider $sourcesSummary`:
-
-```php
-        private readonly BillingSummaryProvider $billingSummary,
-```
-
-В `provider()` добавить ветку:
-
-```php
-            'billing_summary' => $this->billingSummary,
-```
-
-Заменить весь метод `isSupported()` (теперь реализованы все 4 типа — whitelist `$supportedTypes` избыточен) на:
-
-```php
-    public function isSupported(string $type, string $format): bool
-    {
-        // Все 4 типа ReportJob::TYPES реализованы (F1, 2026-05-16).
-        // PDF валидируется, но PdfStubFormatter кидает RuntimeException →
-        // GenerateReportJob ловит → failed-job (intended, Post-MVP).
-        return in_array($type, ReportJob::TYPES, true)
-            && in_array($format, ReportJob::FORMATS, true);
-    }
-```
-
-- [ ] **Step 5: Запустить тест провайдера — зелёный**
-
-Run: `cd app && php artisan test tests/Feature/Reports/BillingSummaryProviderTest.php`
-Expected: PASS — 5 passed.
-
-- [ ] **Step 6: Добавить интеграционный тест в ReportJobControllerTest**
-
-В конец `app/tests/Feature/Reports/ReportJobControllerTest.php` добавить (после `use` уже импортирован `BalanceTransaction`? — нет; добавить `use App\Models\BalanceTransaction;` в шапку файла рядом с прочими `use`):
-
-```php
-test('POST /api/reports/jobs (sync queue): billing_summary → done с CSV', function () {
-    config()->set('queue.default', 'sync');
-
-    BalanceTransaction::create([
-        'tenant_id' => $this->tenant->id,
-        'type' => 'topup',
-        'amount_rub' => 5000,
-        'amount_leads' => 0,
-        'description' => 'test topup',
-        'created_at' => Carbon::now()->startOfMonth()->addDays(5),
-    ]);
-
-    $response = $this->postJson('/api/reports/jobs', [
-        'type' => 'billing_summary', 'format' => 'csv',
-        'parameters' => [
-            'date_from' => Carbon::now()->startOfMonth()->toDateString(),
-            'date_to' => Carbon::now()->endOfMonth()->toDateString(),
-        ],
-    ]);
-
-    $response->assertStatus(201);
-    $job = ReportJob::find($response->json('job.id'));
-    expect($job->status)->toBe('done');
-    expect($job->file_path)->toEndWith('.csv');
-
-    $content = Storage::disk('local')->get($job->file_path);
-    expect($content)->toContain('Тип операции');
-    expect($content)->toContain('Пополнение');
-});
-```
-
-- [ ] **Step 7: Запустить ReportJobControllerTest — зелёный**
-
-Run: `cd app && php artisan test tests/Feature/Reports/ReportJobControllerTest.php`
-Expected: PASS.
-
-- [ ] **Step 8: Pint + commit**
-
-```bash
-cd app && composer pint
-git add app/app/Services/Reports/Providers/BillingSummaryProvider.php app/app/Services/Reports/ReportGeneratorRegistry.php app/tests/Feature/Reports/BillingSummaryProviderTest.php app/tests/Feature/Reports/ReportJobControllerTest.php
-git commit -m "feat(reports): BillingSummaryProvider + isSupported всех 4 типов (F1 закрыт)"
-```
-
----
-
-### Task 4: Download endpoint + signed URL (F2 backend)
-
-**Files:**
-
-- Modify: `app/app/Http/Controllers/Api/ReportJobController.php` — +метод `download()`, `toResource()` +`download_url`
-- Modify: `app/routes/web.php` — +route `reports.download`
-- Create: `app/tests/Feature/Reports/ReportDownloadTest.php`
-
-**Дизайн F2:** route `GET /api/reports/jobs/{id}/file` — НЕ под `auth:sanctum`, а под `signed`-middleware. Подпись URL (24 ч) = capability-token: signed URL генерируется только в `toResource()` при листинге/просмотре отчётов СВОЕГО тенанта, подделать подпись для чужого `id` нельзя. Параметр `tenant` в подписи нужен для RLS-контекста (`download` работает без авторизованного `user()`); подпись покрывает все query-параметры, `tenant` подделать нельзя.
-
-- [ ] **Step 1: Написать падающий тест**
-
-Создать `app/tests/Feature/Reports/ReportDownloadTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\ReportJob;
-use App\Models\Tenant;
-use App\Models\User;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Carbon;
-use Illuminate\Support\Facades\Storage;
-use Illuminate\Support\Facades\URL;
-
-uses(DatabaseTransactions::class);
-
-beforeEach(function () {
-    $this->tenant = Tenant::factory()->create();
-    $this->user = User::factory()->create(['tenant_id' => $this->tenant->id]);
-    Storage::fake('local');
-});
-
-function doneReportJob(int $tenantId, int $userId, array $overrides = []): ReportJob
-{
-    return ReportJob::create(array_merge([
-        'tenant_id' => $tenantId,
-        'user_id' => $userId,
-        'type' => 'deals_export',
-        'parameters' => ['format' => 'csv', 'date_from' => '2026-04-01', 'date_to' => '2026-04-30'],
-        'status' => ReportJob::STATUS_DONE,
-        'file_path' => null,
-        'file_size' => null,
-        'finished_at' => Carbon::now(),
-        'expires_at' => Carbon::now()->addDays(30),
-    ], $overrides));
-}
-
-function signedDownloadUrl(ReportJob $job, ?Carbon $expiry = null): string
-{
-    return URL::temporarySignedRoute(
-        'reports.download',
-        $expiry ?? Carbon::now()->addHours(24),
-        ['id' => $job->id, 'tenant' => $job->tenant_id],
-    );
-}
-
-test('download: success → 200 + attachment файла', function () {
-    $path = "reports/{$this->tenant->id}/1.csv";
-    Storage::disk('local')->put($path, "col\r\nval\r\n");
-    $job = doneReportJob($this->tenant->id, $this->user->id, ['file_path' => $path]);
-
-    $response = $this->get(signedDownloadUrl($job));
-
-    $response->assertOk();
-    $response->assertDownload("report-{$job->id}.csv");
-});
-
-test('download: невалидная подпись → 403', function () {
-    $job = doneReportJob($this->tenant->id, $this->user->id, ['file_path' => 'reports/x/1.csv']);
-
-    $this->get("/api/reports/jobs/{$job->id}/file?tenant={$this->tenant->id}&expires=9999999999&signature=deadbeef")
-        ->assertStatus(403);
-});
-
-test('download: просроченная подпись → 403', function () {
-    $path = "reports/{$this->tenant->id}/2.csv";
-    Storage::disk('local')->put($path, 'data');
-    $job = doneReportJob($this->tenant->id, $this->user->id, ['file_path' => $path]);
-
-    $this->get(signedDownloadUrl($job, Carbon::now()->subHour()))->assertStatus(403);
-});
-
-test('download: file_path=NULL (истёк) → 410', function () {
-    $job = doneReportJob($this->tenant->id, $this->user->id, ['file_path' => null]);
-
-    $this->get(signedDownloadUrl($job))->assertStatus(410);
-});
-
-test('download: файл отсутствует на диске → 404', function () {
-    $job = doneReportJob($this->tenant->id, $this->user->id, ['file_path' => 'reports/missing/9.csv']);
-
-    $this->get(signedDownloadUrl($job))->assertStatus(404);
-});
-
-test('download: несуществующий job → 404', function () {
-    $job = doneReportJob($this->tenant->id, $this->user->id, ['file_path' => 'reports/x/1.csv']);
-    $url = signedDownloadUrl($job);
-    // Подменяем id на несуществующий, не ломая подпись: подпись станет
-    // невалидной → 403. Для чистой проверки 404 строим подпись на чужой id.
-    $ghost = new ReportJob(['id' => 999999, 'tenant_id' => $this->tenant->id]);
-    $ghost->id = 999999;
-    $this->get(signedDownloadUrl($ghost))->assertStatus(404);
-});
-
-test('toResource (GET /jobs/{id}): done-job содержит download_url', function () {
-    $path = "reports/{$this->tenant->id}/3.csv";
-    Storage::disk('local')->put($path, 'data');
-    $job = doneReportJob($this->tenant->id, $this->user->id, ['file_path' => $path]);
-
-    $response = $this->actingAs($this->user)->getJson("/api/reports/jobs/{$job->id}");
-
-    $response->assertOk();
-    $url = $response->json('job.download_url');
-    expect($url)->toContain("/api/reports/jobs/{$job->id}/file");
-    expect($url)->toContain('signature=');
-});
-
-test('toResource: pending-job → download_url = null', function () {
-    $job = ReportJob::create([
-        'tenant_id' => $this->tenant->id,
-        'user_id' => $this->user->id,
-        'type' => 'deals_export',
-        'parameters' => ['format' => 'csv', 'date_from' => '2026-04-01', 'date_to' => '2026-04-30'],
-        'status' => ReportJob::STATUS_PENDING,
-    ]);
-
-    $response = $this->actingAs($this->user)->getJson("/api/reports/jobs/{$job->id}");
-
-    expect($response->json('job.download_url'))->toBeNull();
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `cd app && php artisan test tests/Feature/Reports/ReportDownloadTest.php`
-Expected: FAIL — route `reports.download` не существует (`Route [reports.download] not defined`).
-
-- [ ] **Step 3: Добавить route в web.php**
-
-В `app/routes/web.php` сразу ПОСЛЕ группы `/api/reports/jobs` (после строки 72 `});`) добавить:
-
-```php
-// F2 (audit): скачивание готового файла отчёта по signed URL (24 ч, OPEN-И-20).
-// НЕ под auth:sanctum — подпись URL = capability-token (генерируется только
-// в ReportJobController::toResource() для отчётов своего тенанта).
-Route::get('/api/reports/jobs/{id}/file', 'App\Http\Controllers\Api\ReportJobController@download')
-    ->where('id', '[0-9]+')
-    ->name('reports.download')
-    ->middleware('signed');
-```
-
-- [ ] **Step 4: Добавить метод download() + download_url в toResource()**
-
-В `app/app/Http/Controllers/Api/ReportJobController.php`:
-
-Добавить `use` в шапку (рядом с прочими `use Illuminate\...`):
-
-```php
-use Illuminate\Support\Facades\URL;
-use Symfony\Component\HttpFoundation\Response;
-```
-
-Добавить метод `download()` перед приватным `toResource()`:
-
-```php
-    /**
-     * GET /api/reports/jobs/{id}/file?tenant=&expires=&signature= — скачать
-     * готовый файл отчёта (F2, OPEN-И-20).
-     *
-     * Под `signed`-middleware (не auth:sanctum): подпись URL = capability-token.
-     * `tenant` в подписи нужен для RLS-контекста (нет авторизованного user'а).
-     * Подпись покрывает все query-параметры — `tenant`/`id` подделать нельзя.
-     */
-    public function download(Request $request, int $id): Response
-    {
-        $tenantId = (int) $request->query('tenant', '0');
-
-        return DB::transaction(function () use ($id, $tenantId): Response {
-            DB::statement('SET LOCAL app.current_tenant_id = '.$tenantId);
-
-            $job = ReportJob::query()
-                ->where('id', $id)
-                ->where('tenant_id', $tenantId)
-                ->first();
-
-            if ($job === null) {
-                return response()->json(['message' => 'Отчёт не найден.'], 404);
-            }
-
-            if ($job->status !== ReportJob::STATUS_DONE || $job->file_path === null) {
-                return response()->json(['message' => 'Файл отчёта недоступен или истёк.'], 410);
-            }
-
-            if (! Storage::disk('local')->exists($job->file_path)) {
-                return response()->json(['message' => 'Файл отчёта не найден в хранилище.'], 404);
-            }
-
-            $extension = pathinfo($job->file_path, PATHINFO_EXTENSION);
-
-            return Storage::disk('local')->download(
-                $job->file_path,
-                sprintf('report-%d.%s', $job->id, $extension)
-            );
-        });
-    }
-
-    /**
-     * Signed URL (24 ч) на скачивание файла. NULL для не-готовых job'ов или
-     * после истечения retention (file_path обнулён cron'ом reports:cleanup-expired).
-     */
-    private function downloadUrl(ReportJob $job): ?string
-    {
-        if ($job->status !== ReportJob::STATUS_DONE || $job->file_path === null) {
-            return null;
-        }
-
-        return URL::temporarySignedRoute(
-            'reports.download',
-            Carbon::now()->addHours(24),
-            ['id' => $job->id, 'tenant' => $job->tenant_id],
-        );
-    }
-```
-
-В методе `toResource()` добавить ключ `download_url` (например, после `'file_path' => $job->file_path,`):
-
-```php
-            'file_path' => $job->file_path,
-            'download_url' => $this->downloadUrl($job),
-```
-
-- [ ] **Step 5: Запустить тест — зелёный**
-
-Run: `cd app && php artisan test tests/Feature/Reports/ReportDownloadTest.php`
-Expected: PASS — 8 passed.
-
-- [ ] **Step 6: Прогнать весь Reports-каталог (регрессия toResource)**
-
-Run: `cd app && php artisan test tests/Feature/Reports/`
-Expected: PASS — добавление ключа `download_url` в ответ не ломает существующие тесты (они проверяют конкретные ключи через `expect()->json('...')`).
-
-- [ ] **Step 7: Pint + Larastan + commit**
-
-```bash
-cd app && composer pint && composer stan
-git add app/app/Http/Controllers/Api/ReportJobController.php app/routes/web.php app/tests/Feature/Reports/ReportDownloadTest.php
-git commit -m "feat(reports): download endpoint + signed URL 24ч (F2 backend)"
-```
-
-Если Larastan даёт новые ошибки на `download()` (возвращаемый тип `Response`) — убедиться, что импортирован `Symfony\Component\HttpFoundation\Response` (базовый класс и `JsonResponse`, и `StreamedResponse`).
-
----
-
-### Task 5: Провести download_url на frontend и подключить кнопку «Скачать» (F2 frontend)
-
-**Files:**
-
-- Modify: `app/resources/js/api/reports.ts`
-- Modify: `app/resources/js/composables/mockReports.ts`
-- Modify: `app/resources/js/composables/reportsMapper.ts`
-- Modify: `app/resources/js/components/reports/ReportJobsList.vue`
-- Modify: `app/tests/Frontend/reportsMapper.spec.ts`
-- Modify: `app/tests/Frontend/reports-api.spec.ts`
-- Modify: `app/tests/Frontend/ReportsView.spec.ts`
-
-- [ ] **Step 1: Обновить fixtures + написать падающие тесты**
-
-В `app/tests/Frontend/reportsMapper.spec.ts` — в функции `makeApi` добавить поле в объект (после `is_expired: false,`):
-
-```js
-        download_url: 'http://localhost/api/reports/jobs/1/file?tenant=1&signature=fake',
-```
-
-И добавить новый тест в `describe('reportsMapper', ...)`:
-
-```js
-    it('downloadUrl берётся из api.download_url', () => {
-        const ui = mapApiReportJob(makeApi({ download_url: 'http://x/file?signature=abc' }));
-        expect(ui.downloadUrl).toBe('http://x/file?signature=abc');
-    });
-
-    it('downloadUrl = null если api.download_url null', () => {
-        expect(mapApiReportJob(makeApi({ download_url: null })).downloadUrl).toBeNull();
-    });
-```
-
-В `app/tests/Frontend/reports-api.spec.ts` — в объект `FAKE_JOB` добавить (после `is_expired: false,`):
-
-```js
-    download_url: null,
-```
-
-В `app/tests/Frontend/ReportsView.spec.ts` — в функции `makeApiJob` добавить в объект (после `is_expired: false,`):
-
-```js
-        download_url: 'http://localhost/api/reports/jobs/1/file?tenant=1&signature=fake',
-```
-
-И добавить новый тест в `describe('ReportsView.vue (API integration)', ...)`:
-
-```js
-    it('done-job: кнопка «Скачать» имеет href из download_url', async () => {
-        (reportsApi.listReportJobs as ReturnType<typeof vi.fn>).mockResolvedValue({
-            jobs: [makeApiJob({ status: 'done', download_url: 'http://localhost/dl?signature=xyz' })],
-            total: 1,
-            limit: 50,
-            offset: 0,
-            counts: { pending: 0, processing: 0, done: 1, failed: 0 },
-            quota: { active: 0, max_active: 3 },
-        } satisfies ListReportJobsResponse);
-        const wrapper = await mountView();
-        const dl = wrapper.find('[aria-label="Скачать"]');
-        expect(dl.exists()).toBe(true);
-        expect(dl.attributes('href')).toBe('http://localhost/dl?signature=xyz');
-    });
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `cd app && npm run test:vue -- reportsMapper reports-api ReportsView`
-Expected: FAIL — TS-ошибки (`download_url` отсутствует в типе `ApiReportJob`, `downloadUrl` — в `ReportJob`) и упавший тест про href.
-
-- [ ] **Step 3: Добавить download_url в ApiReportJob**
-
-В `app/resources/js/api/reports.ts` в интерфейс `ApiReportJob` добавить поле (после `file_path: string | null;`):
-
-```ts
-    file_path: string | null;
-    download_url: string | null;
-```
-
-- [ ] **Step 4: Добавить downloadUrl в UI-тип ReportJob**
-
-В `app/resources/js/composables/mockReports.ts` в интерфейс `ReportJob` добавить поле (после `error: string | null;`):
-
-```ts
-    error: string | null;
-    downloadUrl: string | null; // signed URL (24ч) скачивания готового файла; null для не-готовых
-```
-
-- [ ] **Step 5: Прокинуть downloadUrl в mapApiReportJob**
-
-В `app/resources/js/composables/reportsMapper.ts` в объект, возвращаемый `mapApiReportJob`, добавить поле (после `error: api.error_message,`):
-
-```ts
-        error: api.error_message,
-        downloadUrl: api.download_url,
-```
-
-- [ ] **Step 6: Подключить href на кнопку «Скачать»**
-
-В `app/resources/js/components/reports/ReportJobsList.vue` заменить блок кнопки скачивания:
-
-```vue
-                    <v-btn
-                        v-if="job.status === 'done'"
-                        icon="mdi-download"
-                        variant="text"
-                        size="small"
-                        aria-label="Скачать"
-                        :data-testid="`download-${job.id}`"
-                    />
-```
-
-на:
-
-```vue
-                    <v-btn
-                        v-if="job.status === 'done' && job.downloadUrl"
-                        :href="job.downloadUrl"
-                        icon="mdi-download"
-                        variant="text"
-                        size="small"
-                        aria-label="Скачать"
-                        :data-testid="`download-${job.id}`"
-                    />
-```
-
-(`v-btn` с `href` рендерится как `<a>`; ответ сервера отдаёт `Content-Disposition: attachment` → браузер скачивает файл без ухода со страницы.)
-
-- [ ] **Step 7: Запустить тесты — зелёные**
-
-Run: `cd app && npm run test:vue -- reportsMapper reports-api ReportsView`
-Expected: PASS — включая новые тесты про `downloadUrl` и href.
-
-- [ ] **Step 8: type-check + lint + commit**
-
-```bash
-cd app && npm run type-check && npm run lint:vue
-git add app/resources/js/api/reports.ts app/resources/js/composables/mockReports.ts app/resources/js/composables/reportsMapper.ts app/resources/js/components/reports/ReportJobsList.vue app/tests/Frontend/reportsMapper.spec.ts app/tests/Frontend/reports-api.spec.ts app/tests/Frontend/ReportsView.spec.ts
-git commit -m "feat(reports): кнопка «Скачать» → signed download URL (F2 frontend)"
-```
-
----
-
-### Финальная верификация (после всех задач)
-
-- [ ] **Полный backend-прогон:**
-
-Run: `cd app && php artisan test --parallel`
-Expected: PASS — 0 failed (новые provider/download тесты + регрессия). Failure'ы выписать с file:line.
-
-- [ ] **Полный frontend-прогон:**
-
-Run: `cd app && npm run test:vue`
-Expected: PASS — 0 failed.
-
-- [ ] **Type-check + линтеры:**
-
-Run: `cd app && npm run type-check && npm run lint:vue && composer pint -- --test && composer stan`
-Expected: vue-tsc 0 ошибок, ESLint 0, Pint clean, Larastan 0 новых.
-
-- [ ] **Pre-commit перед финалом не нужен — каждая задача коммитилась отдельно.** Финальный код-ревью всей реализации через subagent-driven-development final reviewer.
-
----
-
-## Self-Review (выполнено при составлении плана)
-
-**1. Spec coverage:**
-
-- F1 «Reports Provider'ы — managers/sources/billing summary» → Tasks 1, 2, 3. ✅ Все 3 недостающих провайдера + регистрация в Registry + интеграционные тесты.
-- F2 «Reports Скачать-файл endpoint `/api/reports/jobs/{id}/file` + signed URL 24ч» → Task 4 (backend: route + `download()` + `download_url`) + Task 5 (frontend: проводка + кнопка). ✅
-- F3 (bell deep-link) — закрыт в Sprint 3B, вне 3C. ✅ Не дублируется.
-
-**2. Placeholder scan:** Код полный в каждом шаге; команды с ожидаемым выводом; тест-код приведён целиком. Нет «TODO»/«fill in». ✅
-
-**3. Type consistency:**
-
-- `ReportDataProvider` сигнатуры (`headers()`, `rows(ReportJob)`, `slug()`) — соблюдены во всех 3 провайдерах.
-- `ReportGeneratorRegistry` конструктор расширяется инкрементально (Task 1→2→3), порядок параметров фиксирован: `dealsExport, managersSummary, sourcesSummary, billingSummary, csv, xlsx, json, pdf`.
-- `download_url` (snake_case API) ↔ `downloadUrl` (camelCase UI) — конверсия в `mapApiReportJob`, совпадает в типах `ApiReportJob`/`ReportJob`.
-- Route name `reports.download` — одинаков в `web.php`, `downloadUrl()` и тестах.
-
-**Замечания:**
-
-- Добавление required-поля `download_url` в `ApiReportJob` ломает TS-компиляцию 3 fixture-функций (`makeApi`, `FAKE_JOB`, `makeApiJob`) — Task 5 Step 1 явно их чинит.
-- Существующий тест `managers_summary не реализован → failed` становится неверным после Task 1 — Task 1 Step 6 его переписывает.
diff --git a/docs/superpowers/plans/2026-05-16-sprint3d-admin-actions.md b/docs/superpowers/plans/2026-05-16-sprint3d-admin-actions.md
deleted file mode 100644
index 0c118fd..0000000
--- a/docs/superpowers/plans/2026-05-16-sprint3d-admin-actions.md
+++ /dev/null
@@ -1,1128 +0,0 @@
-# Sprint 3D — Admin Actions (G4/G5/G6) Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Дать SaaS-админу действия над тенантами в биллинге (приостановка/возврат/смена тарифа), карточку инцидента с drill-down и кнопку РКН-уведомления.
-
-**Architecture:** Backend — новые методы на `AdminBillingController` и `AdminIncidentsController` (паттерн существующих admin-контроллеров: `DB::table` + `DB::transaction`, audit-trail в `saas_admin_audit_log`, MVP без auth-middleware). Frontend — выпадающее меню действий в `AdminBillingView`, новая карточка `AdminIncidentDetailView` по образцу `AdminTenantDetailView`. Аудит-источник: `docs/superpowers/specs/2026-05-15-portal-audit-design.md` строки G4/G5/G6.
-
-**Tech Stack:** PHP 8.3 / Laravel 13 / PostgreSQL 16 / Pest 4 — Vue 3 / Vuetify 3 / vue-router 4 / Vitest 4 / TypeScript.
-
-**Branch:** `feat/sprint3d-admin-actions` от `origin/main`.
-
----
-
-## File Structure
-
-**Backend create:**
-
-- `app/app/Http/Controllers/Concerns/ResolvesAdminUserId.php` — трейт-помощник: резолв `admin_user_id` для audit-log (выносит дублирующийся метод из `AdminPricingTiersController`/`AdminSystemSettingsController`; используется только новым кодом).
-- `app/tests/Feature/AdminBillingActionsTest.php` — Pest G4.
-- `app/tests/Feature/AdminIncidentShowTest.php` — Pest G5.
-- `app/tests/Feature/AdminIncidentRknNotifyTest.php` — Pest G6.
-
-**Backend modify:**
-
-- `app/app/Http/Controllers/Api/AdminBillingController.php` — +`tariffPlans()`, +`updateStatus()`, +`refund()`, +`changeTariff()`.
-- `app/app/Http/Controllers/Api/AdminIncidentsController.php` — +`show()`, +`notifyRkn()`.
-- `app/routes/web.php` — +6 маршрутов.
-
-**Frontend create:**
-
-- `app/resources/js/views/admin/AdminIncidentDetailView.vue` — карточка инцидента.
-- `app/tests/Frontend/AdminBillingViewActions.spec.ts` — Vitest G4.
-- `app/tests/Frontend/AdminIncidentDetailView.spec.ts` — Vitest G5/G6.
-
-**Frontend modify:**
-
-- `app/resources/js/api/admin.ts` — +6 функций + типы.
-- `app/resources/js/views/admin/AdminBillingView.vue` — +колонка действий.
-- `app/resources/js/views/admin/AdminIncidentsView.vue` — строки кликабельны → детальная.
-- `app/resources/js/router/index.ts` — +маршрут `/admin/incidents/:id`.
-- `app/tests/Frontend/AdminIncidentsView.spec.ts` — +тест навигации.
-- `app/tests/Frontend/admin-api.spec.ts` — +тесты новых функций.
-
-**Известная мелочь:** `resolveAdminUserId` остаётся продублированным в `AdminPricingTiersController` и `AdminSystemSettingsController` — рефактор этих рабочих контроллеров вне scope; новый трейт применяется только к новому коду.
-
----
-
-## Task 1: G4 backend — billing actions (status / refund / change-tariff)
-
-**Files:**
-
-- Create: `app/app/Http/Controllers/Concerns/ResolvesAdminUserId.php`
-- Modify: `app/app/Http/Controllers/Api/AdminBillingController.php`
-- Modify: `app/routes/web.php` (после строки 99 `GET /api/admin/billing`)
-- Test: `app/tests/Feature/AdminBillingActionsTest.php`
-
-**Контракт endpoint'ов** (все MVP без auth-middleware — паритет с `GET /api/admin/billing`):
-
-| Метод | Путь | Тело | Ответ |
-|---|---|---|---|
-| GET | `/api/admin/billing/tariff-plans` | — | `{plans:[{id,name,price_monthly}]}` |
-| PATCH | `/api/admin/billing/tenants/{id}/status` | `{status,reason}` | `{id,status}` |
-| POST | `/api/admin/billing/tenants/{id}/refund` | `{amount_rub,reason}` | `{id,balance_rub,transaction_id}` |
-| PATCH | `/api/admin/billing/tenants/{id}/tariff` | `{tariff_id,reason}` | `{id,tariff_id,tariff_name}` |
-
-Правила: `status` ∈ `active,suspended`; `reason` строка `min:10 max:1000`; `amount_rub` numeric `>0`, не больше текущего `balance_rub` (иначе 422); `tariff_id` `exists:tariff_plans,id`. Несуществующий или soft-deleted тенант (`deleted_at` не NULL) → 404. Каждое мутирующее действие пишет строку в `saas_admin_audit_log`.
-
-- [ ] **Step 1: Создать трейт `ResolvesAdminUserId`**
-
-`app/app/Http/Controllers/Concerns/ResolvesAdminUserId.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Http\Controllers\Concerns;
-
-use Illuminate\Http\Request;
-use Illuminate\Support\Facades\DB;
-
-/**
- * Резолв saas_admin_users.id для audit-trail на MVP (saas-admin SSO ⏸ Б-1).
- *
- * Берёт admin_user_id из request-параметра; при отсутствии валидного —
- * создаёт/переиспользует системный стаб-аккаунт (не loginable, is_active=false),
- * чтобы соблюсти NOT NULL + FK на saas_admin_users в saas_admin_audit_log.
- *
- * Паттерн ранее дублировался в AdminPricingTiersController /
- * AdminSystemSettingsController; новый код использует этот трейт.
- */
-trait ResolvesAdminUserId
-{
-    protected function resolveAdminUserId(Request $request, string $stubEmail, string $stubName): int
-    {
-        $requested = $request->input('admin_user_id');
-        if (is_int($requested) || (is_string($requested) && ctype_digit($requested))) {
-            $existing = DB::table('saas_admin_users')->where('id', (int) $requested)->value('id');
-            if ($existing !== null) {
-                return (int) $existing;
-            }
-        }
-
-        $existingId = DB::table('saas_admin_users')->where('email', $stubEmail)->value('id');
-        if ($existingId !== null) {
-            return (int) $existingId;
-        }
-
-        return (int) DB::table('saas_admin_users')->insertGetId([
-            'email' => $stubEmail,
-            'full_name' => $stubName,
-            'password_hash' => '$2y$04$system-stub-not-loginable',
-            'role' => 'super_admin',
-            'is_active' => false,
-            'sso_provider' => 'local',
-            'is_break_glass' => false,
-        ]);
-    }
-}
-```
-
-- [ ] **Step 2: Написать failing-тест `AdminBillingActionsTest.php`**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\BalanceTransaction;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\DB;
-
-uses(DatabaseTransactions::class);
-
-function makeBillingTenant(array $overrides = []): int
-{
-    return (int) DB::table('tenants')->insertGetId(array_merge([
-        'subdomain' => 'bt-'.bin2hex(random_bytes(4)),
-        'organization_name' => 'Billing Test Co',
-        'contact_email' => 'bt-'.bin2hex(random_bytes(3)).'@test.local',
-        'webhook_token' => bin2hex(random_bytes(16)),
-        'status' => 'active',
-        'balance_rub' => '5000.00',
-        'is_trial' => false,
-        'created_at' => now(),
-    ], $overrides));
-}
-
-test('GET tariff-plans возвращает список планов', function () {
-    $r = $this->getJson('/api/admin/billing/tariff-plans');
-    $r->assertOk();
-    expect($r->json('plans'))->toBeArray();
-});
-
-test('PATCH status suspended меняет статус + пишет audit-log', function () {
-    $id = makeBillingTenant(['status' => 'active']);
-    $r = $this->patchJson("/api/admin/billing/tenants/{$id}/status", [
-        'status' => 'suspended',
-        'reason' => 'Просрочка оплаты более 30 дней.',
-    ]);
-    $r->assertOk();
-    expect($r->json('status'))->toBe('suspended');
-    expect(DB::table('tenants')->where('id', $id)->value('status'))->toBe('suspended');
-    expect(DB::table('saas_admin_audit_log')->where('action', 'tenant.suspend')->where('target_id', $id)->exists())->toBeTrue();
-});
-
-test('PATCH status active разблокирует', function () {
-    $id = makeBillingTenant(['status' => 'suspended']);
-    $this->patchJson("/api/admin/billing/tenants/{$id}/status", [
-        'status' => 'active', 'reason' => 'Оплата получена, блокировка снята.',
-    ])->assertOk();
-    expect(DB::table('tenants')->where('id', $id)->value('status'))->toBe('active');
-});
-
-test('PATCH status reason короче 10 символов → 422', function () {
-    $id = makeBillingTenant();
-    $this->patchJson("/api/admin/billing/tenants/{$id}/status", ['status' => 'suspended', 'reason' => 'мало'])
-        ->assertStatus(422);
-});
-
-test('PATCH status несуществующий тенант → 404', function () {
-    $this->patchJson('/api/admin/billing/tenants/99999999/status', [
-        'status' => 'suspended', 'reason' => 'Любое основание длиной более десяти.',
-    ])->assertStatus(404);
-});
-
-test('PATCH status soft-deleted тенант → 404', function () {
-    $id = makeBillingTenant(['deleted_at' => now()]);
-    $this->patchJson("/api/admin/billing/tenants/{$id}/status", [
-        'status' => 'suspended', 'reason' => 'Любое основание длиной более десяти.',
-    ])->assertStatus(404);
-});
-
-test('POST refund списывает с баланса + создаёт balance_transactions refund', function () {
-    $id = makeBillingTenant(['balance_rub' => '5000.00']);
-    $r = $this->postJson("/api/admin/billing/tenants/{$id}/refund", [
-        'amount_rub' => 1500, 'reason' => 'Возврат по обращению клиента №42.',
-    ]);
-    $r->assertOk();
-    expect($r->json('balance_rub'))->toBe('3500.00');
-    expect(DB::table('tenants')->where('id', $id)->value('balance_rub'))->toBe('3500.00');
-    $tx = BalanceTransaction::where('tenant_id', $id)->where('type', 'refund')->first();
-    expect($tx)->not->toBeNull();
-    expect((string) $tx->amount_rub)->toBe('-1500.00');
-    expect((string) $tx->balance_rub_after)->toBe('3500.00');
-    expect(DB::table('saas_admin_audit_log')->where('action', 'tenant.refund')->where('target_id', $id)->exists())->toBeTrue();
-});
-
-test('POST refund больше баланса → 422, баланс не меняется', function () {
-    $id = makeBillingTenant(['balance_rub' => '1000.00']);
-    $this->postJson("/api/admin/billing/tenants/{$id}/refund", [
-        'amount_rub' => 5000, 'reason' => 'Возврат по обращению клиента №7.',
-    ])->assertStatus(422);
-    expect(DB::table('tenants')->where('id', $id)->value('balance_rub'))->toBe('1000.00');
-    expect(BalanceTransaction::where('tenant_id', $id)->count())->toBe(0);
-});
-
-test('POST refund неположительная сумма → 422', function () {
-    $id = makeBillingTenant();
-    $this->postJson("/api/admin/billing/tenants/{$id}/refund", ['amount_rub' => 0, 'reason' => 'Основание длиннее десяти символов.'])
-        ->assertStatus(422);
-});
-
-test('PATCH tariff меняет current_tariff_id + audit-log', function () {
-    $id = makeBillingTenant();
-    $tariffId = (int) DB::table('tariff_plans')->orderBy('id')->value('id');
-    expect($tariffId)->toBeGreaterThan(0);
-    $r = $this->patchJson("/api/admin/billing/tenants/{$id}/tariff", [
-        'tariff_id' => $tariffId, 'reason' => 'Переход на тариф по договорённости с клиентом.',
-    ]);
-    $r->assertOk();
-    expect((int) DB::table('tenants')->where('id', $id)->value('current_tariff_id'))->toBe($tariffId);
-    expect(DB::table('saas_admin_audit_log')->where('action', 'tenant.change_tariff')->where('target_id', $id)->exists())->toBeTrue();
-});
-
-test('PATCH tariff несуществующий tariff_id → 422', function () {
-    $id = makeBillingTenant();
-    $this->patchJson("/api/admin/billing/tenants/{$id}/tariff", [
-        'tariff_id' => 88888888, 'reason' => 'Основание длиннее десяти символов.',
-    ])->assertStatus(422);
-});
-```
-
-**NB:** тест `PATCH tariff` опирается на наличие хотя бы одной строки в `tariff_plans`. `db/schema.sql` загружает справочник тарифов в секции 11. Если на тестовой БД таблица пуста — тест провалится на `expect($tariffId)->toBeGreaterThan(0)`; в этом случае добавить в тест `DB::table('tariff_plans')->insert([...])` перед резолвом id (колонки: `name`, `price_monthly`, `slug` если есть — свериться с `db/schema.sql` `CREATE TABLE tariff_plans`).
-
-- [ ] **Step 3: Прогнать тест — убедиться, что падает**
-
-Run: `cd app && php artisan test tests/Feature/AdminBillingActionsTest.php`
-Expected: FAIL — route not defined (404 на всех новых путях).
-
-- [ ] **Step 4: Добавить методы в `AdminBillingController`**
-
-В шапку класса — `use App\Http\Controllers\Concerns\ResolvesAdminUserId;`, `use App\Models\BalanceTransaction;`, `use App\Models\SaasAdminAuditLog;`, `use Illuminate\Http\Response;`. В тело класса — `use ResolvesAdminUserId;`.
-
-Добавить 4 метода:
-
-```php
-/** GET /api/admin/billing/tariff-plans — список планов для диалога смены тарифа. */
-public function tariffPlans(): JsonResponse
-{
-    $plans = DB::table('tariff_plans')
-        ->select(['id', 'name', 'price_monthly'])
-        ->orderBy('price_monthly')
-        ->get()
-        ->map(fn ($p) => [
-            'id' => (int) $p->id,
-            'name' => $p->name,
-            'price_monthly' => (string) $p->price_monthly,
-        ]);
-
-    return response()->json(['plans' => $plans]);
-}
-
-/** PATCH /api/admin/billing/tenants/{id}/status — приостановить/разблокировать тенанта. */
-public function updateStatus(Request $request, int $id): JsonResponse
-{
-    $validated = $request->validate([
-        'status' => ['required', 'in:active,suspended'],
-        'reason' => ['required', 'string', 'min:10', 'max:1000'],
-    ]);
-
-    $tenant = $this->findActiveTenant($id);
-    $adminUserId = $this->resolveAdminUserId($request, 'system-billing@liderra.local', 'System Billing Bot');
-
-    DB::transaction(function () use ($tenant, $validated, $adminUserId, $request): void {
-        DB::table('tenants')->where('id', $tenant->id)->update([
-            'status' => $validated['status'],
-            'updated_at' => now(),
-        ]);
-
-        SaasAdminAuditLog::create([
-            'admin_user_id' => $adminUserId,
-            'action' => $validated['status'] === 'suspended' ? 'tenant.suspend' : 'tenant.activate',
-            'target_type' => 'tenant',
-            'target_id' => $tenant->id,
-            'target_tenant_id' => $tenant->id,
-            'payload_before' => ['status' => $tenant->status],
-            'payload_after' => ['status' => $validated['status']],
-            'reason' => $validated['reason'],
-            'ip_address' => $request->ip() ?? '127.0.0.1',
-            'user_agent' => $request->userAgent(),
-        ]);
-    });
-
-    return response()->json(['id' => $tenant->id, 'status' => $validated['status']]);
-}
-
-/** POST /api/admin/billing/tenants/{id}/refund — возврат средств: списание с баланса + ledger-запись. */
-public function refund(Request $request, int $id): JsonResponse
-{
-    $validated = $request->validate([
-        'amount_rub' => ['required', 'numeric', 'gt:0'],
-        'reason' => ['required', 'string', 'min:10', 'max:1000'],
-    ]);
-
-    $tenant = $this->findActiveTenant($id);
-
-    $amount = number_format((float) $validated['amount_rub'], 2, '.', '');
-    $balance = (string) $tenant->balance_rub;
-    if (bccomp($amount, $balance, 2) === 1) {
-        abort(422, 'refund amount exceeds tenant balance');
-    }
-    $newBalance = bcsub($balance, $amount, 2);
-    $adminUserId = $this->resolveAdminUserId($request, 'system-billing@liderra.local', 'System Billing Bot');
-
-    $transactionId = DB::transaction(function () use ($tenant, $amount, $newBalance, $validated, $adminUserId, $request): int {
-        DB::statement('SET LOCAL app.current_tenant_id = ?', [(string) $tenant->id]);
-
-        DB::table('tenants')->where('id', $tenant->id)->update([
-            'balance_rub' => $newBalance,
-            'updated_at' => now(),
-        ]);
-
-        $tx = BalanceTransaction::create([
-            'tenant_id' => $tenant->id,
-            'type' => BalanceTransaction::TYPE_REFUND,
-            'amount_rub' => '-'.$amount,
-            'amount_leads' => 0,
-            'balance_rub_after' => $newBalance,
-            'description' => $validated['reason'],
-            'admin_user_id' => $adminUserId,
-            'created_at' => now(),
-        ]);
-
-        SaasAdminAuditLog::create([
-            'admin_user_id' => $adminUserId,
-            'action' => 'tenant.refund',
-            'target_type' => 'tenant',
-            'target_id' => $tenant->id,
-            'target_tenant_id' => $tenant->id,
-            'payload_before' => ['balance_rub' => (string) $tenant->balance_rub],
-            'payload_after' => ['balance_rub' => $newBalance, 'amount_rub' => $amount, 'transaction_id' => $tx->id],
-            'reason' => $validated['reason'],
-            'ip_address' => $request->ip() ?? '127.0.0.1',
-            'user_agent' => $request->userAgent(),
-        ]);
-
-        return (int) $tx->id;
-    });
-
-    return response()->json([
-        'id' => $tenant->id,
-        'balance_rub' => $newBalance,
-        'transaction_id' => $transactionId,
-    ]);
-}
-
-/** PATCH /api/admin/billing/tenants/{id}/tariff — сменить тарифный план тенанта. */
-public function changeTariff(Request $request, int $id): JsonResponse
-{
-    $validated = $request->validate([
-        'tariff_id' => ['required', 'integer', 'exists:tariff_plans,id'],
-        'reason' => ['required', 'string', 'min:10', 'max:1000'],
-    ]);
-
-    $tenant = $this->findActiveTenant($id);
-    $tariff = DB::table('tariff_plans')->where('id', $validated['tariff_id'])->first();
-    $adminUserId = $this->resolveAdminUserId($request, 'system-billing@liderra.local', 'System Billing Bot');
-
-    DB::transaction(function () use ($tenant, $tariff, $validated, $adminUserId, $request): void {
-        DB::table('tenants')->where('id', $tenant->id)->update([
-            'current_tariff_id' => $tariff->id,
-            'updated_at' => now(),
-        ]);
-
-        SaasAdminAuditLog::create([
-            'admin_user_id' => $adminUserId,
-            'action' => 'tenant.change_tariff',
-            'target_type' => 'tenant',
-            'target_id' => $tenant->id,
-            'target_tenant_id' => $tenant->id,
-            'payload_before' => ['current_tariff_id' => $tenant->current_tariff_id],
-            'payload_after' => ['current_tariff_id' => (int) $tariff->id],
-            'reason' => $validated['reason'],
-            'ip_address' => $request->ip() ?? '127.0.0.1',
-            'user_agent' => $request->userAgent(),
-        ]);
-    });
-
-    return response()->json([
-        'id' => $tenant->id,
-        'tariff_id' => (int) $tariff->id,
-        'tariff_name' => $tariff->name,
-    ]);
-}
-
-/** Возвращает не-удалённого тенанта либо abort(404). */
-private function findActiveTenant(int $id): object
-{
-    $tenant = DB::table('tenants')->where('id', $id)->whereNull('deleted_at')->first();
-    if ($tenant === null) {
-        abort(404, 'tenant not found');
-    }
-
-    return $tenant;
-}
-```
-
-- [ ] **Step 5: Добавить маршруты в `routes/web.php`**
-
-Сразу после строки `Route::get('/api/admin/billing', ...)` (≈строка 99):
-
-```php
-// Sprint 3D (G4): SaaS-admin billing row-actions — приостановка/возврат/смена тарифа.
-Route::get('/api/admin/billing/tariff-plans', 'App\Http\Controllers\Api\AdminBillingController@tariffPlans');
-Route::patch('/api/admin/billing/tenants/{id}/status', 'App\Http\Controllers\Api\AdminBillingController@updateStatus')
-    ->where('id', '[0-9]+');
-Route::post('/api/admin/billing/tenants/{id}/refund', 'App\Http\Controllers\Api\AdminBillingController@refund')
-    ->where('id', '[0-9]+');
-Route::patch('/api/admin/billing/tenants/{id}/tariff', 'App\Http\Controllers\Api\AdminBillingController@changeTariff')
-    ->where('id', '[0-9]+');
-```
-
-- [ ] **Step 6: Прогнать тест — убедиться, что проходит**
-
-Run: `cd app && php artisan test tests/Feature/AdminBillingActionsTest.php`
-Expected: PASS — все кейсы зелёные.
-
-- [ ] **Step 7: Регенерация phpstan-baseline (quirk 25) + pint**
-
-Новый Pest-файл порождает Larastan false-positives `TestCall::$tenant`. Регенерация:
-
-```bash
-cd app
-composer pint
-# 1. убрать строку "- phpstan-baseline.neon" из includes: в phpstan.neon
-php vendor/bin/phpstan analyse --generate-baseline=phpstan-baseline.neon --memory-limit=512M
-# 2. вернуть строку "- phpstan-baseline.neon" в includes: в phpstan.neon
-composer stan
-```
-
-Expected: `composer stan` — `[OK] No errors`.
-
-- [ ] **Step 8: Commit**
-
-```bash
-git add app/app/Http/Controllers/Concerns/ResolvesAdminUserId.php \
-  app/app/Http/Controllers/Api/AdminBillingController.php \
-  app/routes/web.php app/tests/Feature/AdminBillingActionsTest.php \
-  app/phpstan-baseline.neon
-git commit -m "feat(admin): G4 backend — billing tenant actions (status/refund/tariff)"
-```
-
----
-
-## Task 2: G4 frontend — billing row-actions UI
-
-**Files:**
-
-- Modify: `app/resources/js/api/admin.ts`
-- Modify: `app/resources/js/views/admin/AdminBillingView.vue`
-- Test: `app/tests/Frontend/AdminBillingViewActions.spec.ts`
-
-- [ ] **Step 1: Добавить API-функции в `api/admin.ts`**
-
-В конец файла:
-
-```typescript
-// === SaaS-admin → Биллинг: row-actions (Sprint 3D G4) ===
-
-export interface AdminTariffPlan {
-    id: number;
-    name: string;
-    price_monthly: string;
-}
-
-export async function listAdminTariffPlans(): Promise<AdminTariffPlan[]> {
-    const { data } = await apiClient.get<{ plans: AdminTariffPlan[] }>('/api/admin/billing/tariff-plans');
-    return data.plans;
-}
-
-export async function updateTenantStatus(
-    id: number,
-    status: 'active' | 'suspended',
-    reason: string,
-): Promise<{ id: number; status: string }> {
-    await ensureCsrfCookie();
-    const { data } = await apiClient.patch<{ id: number; status: string }>(
-        `/api/admin/billing/tenants/${id}/status`,
-        { status, reason },
-    );
-    return data;
-}
-
-export async function refundTenant(
-    id: number,
-    amountRub: number,
-    reason: string,
-): Promise<{ id: number; balance_rub: string; transaction_id: number }> {
-    await ensureCsrfCookie();
-    const { data } = await apiClient.post<{ id: number; balance_rub: string; transaction_id: number }>(
-        `/api/admin/billing/tenants/${id}/refund`,
-        { amount_rub: amountRub, reason },
-    );
-    return data;
-}
-
-export async function changeTenantTariff(
-    id: number,
-    tariffId: number,
-    reason: string,
-): Promise<{ id: number; tariff_id: number; tariff_name: string }> {
-    await ensureCsrfCookie();
-    const { data } = await apiClient.patch<{ id: number; tariff_id: number; tariff_name: string }>(
-        `/api/admin/billing/tenants/${id}/tariff`,
-        { tariff_id: tariffId, reason },
-    );
-    return data;
-}
-```
-
-- [ ] **Step 2: Написать failing-тест `AdminBillingViewActions.spec.ts`**
-
-Образец монтирования и моков — `app/tests/Frontend/AdminBillingViewApi.spec.ts` (read it). Тест мокает `../../resources/js/api/admin` через `vi.mock`. Кейсы:
-
-```
-1. в строке таблицы есть кнопка-меню действий (data-testid="row-actions-{id}")
-2. клик «Приостановить» → открывается диалог с textarea основания
-3. submit диалога приостановки с валидным основанием → вызывает updateTenantStatus(id,'suspended',reason) и перечитывает loadBilling
-4. диалог возврата: submit вызывает refundTenant(id, amount, reason)
-5. диалог смены тарифа: на открытии тянет listAdminTariffPlans(); submit вызывает changeTenantTariff(id, tariffId, reason)
-6. ошибка API в действии → показывается v-alert/snackbar (НЕ молчаливый провал — урок аудита G1/G2)
-7. основание короче 10 символов → submit-кнопка disabled или показывает ошибку валидации
-```
-
-Запустить: `cd app && npm run test:vue -- AdminBillingViewActions` → Expected: FAIL (нет колонки действий).
-
-- [ ] **Step 3: Реализовать UI действий в `AdminBillingView.vue`**
-
-Добавить в `<v-data-table>` колонку `actions` (последняя, `sortable:false`, `align:'end'`) со слотом `#[`item.actions`]` — `<v-menu>` с `<v-btn icon="mdi-dots-vertical" data-testid="row-actions-{id}">` активатором и `<v-list>` из 3 пунктов:
-
-- «Приостановить» (если `status !== 'suspended'`) / «Разблокировать» (если `suspended`).
-- «Возврат средств».
-- «Сменить тариф».
-
-Состояние: `actionDialog = ref<null | 'status' | 'refund' | 'tariff'>(null)`, `actionRow = ref<BillingRow | null>(null)`, `actionReason = ref('')`, `actionAmount = ref<number | null>(null)`, `actionTariffId = ref<number | null>(null)`, `actionLoading = ref(false)`, `actionError = ref('')`, `tariffPlans = ref<AdminTariffPlan[]>([])`.
-
-Три `<v-dialog>` (или один с переключаемым телом):
-
-- **status** — текст подтверждения + `<v-textarea v-model="actionReason" data-testid="action-reason">`.
-- **refund** — `<v-text-field type="number" v-model.number="actionAmount" data-testid="refund-amount">` + textarea основания. Подсказка: «доступно к возврату: {balance}».
-- **tariff** — `<v-select :items="tariffPlans" item-title="name" item-value="id" v-model="actionTariffId" data-testid="tariff-select">` + textarea основания. При открытии диалога — `tariffPlans.value = await listAdminTariffPlans()`.
-
-Submit-handler: общий `confirmAction()`:
-
-1. валидация: `actionReason.length >= 10`; для refund — `actionAmount > 0`; для tariff — `actionTariffId !== null`. Иначе `actionError` + ранний return.
-2. `actionLoading = true`, `actionError = ''`.
-3. try: вызвать соответствующую API-функцию; `await loadBilling()`; закрыть диалог (`actionDialog = null`).
-4. catch: `actionError = extractErrorMessage(e)` (импортировать из `../../api/client`) — **ошибка обязана быть видимой** в диалоге через `<v-alert v-if="actionError" type="error" data-testid="action-error">`.
-5. finally: `actionLoading = false`.
-
-Кнопка submit — `:loading="actionLoading"`, `:disabled` при невалидном основании.
-
-`defineExpose` дополнить: `actionDialog, actionRow, actionReason, actionAmount, actionTariffId, actionError, confirmAction, openAction` (где `openAction(type, row)` ставит state и для tariff подгружает планы) — чтобы Vitest мог дёргать flow без полного UI-драйва.
-
-- [ ] **Step 4: Прогнать тесты**
-
-Run: `cd app && npm run test:vue -- AdminBillingViewActions AdminBillingView`
-Expected: PASS — новый файл зелёный, существующий `AdminBillingView.spec.ts`/`AdminBillingViewApi.spec.ts` не сломаны.
-
-- [ ] **Step 5: vue-tsc + ESLint**
-
-Run: `cd app && npm run type-check && npm run lint:vue`
-Expected: 0 ошибок.
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/resources/js/api/admin.ts \
-  app/resources/js/views/admin/AdminBillingView.vue \
-  app/tests/Frontend/AdminBillingViewActions.spec.ts
-git commit -m "feat(admin): G4 frontend — billing row-actions menu + dialogs"
-```
-
----
-
-## Task 3: G5 backend — incident detail endpoint
-
-**Files:**
-
-- Modify: `app/app/Http/Controllers/Api/AdminIncidentsController.php`
-- Modify: `app/routes/web.php` (после строки 102 `GET /api/admin/incidents`)
-- Test: `app/tests/Feature/AdminIncidentShowTest.php`
-
-**Контракт:** `GET /api/admin/incidents/{id}` → 200 c полной карточкой инцидента либо 404. Ответ — объект `incident` со всеми полезными колонками `incidents_log` + `incident_id` (формат `INC-YYYY-MMDD-NNNN`), `status` (derive как в `index`), `rkn_deadline_at`, разрешённые имена `affected_tenants` (`[{id,organization_name}]`) и `created_by_admin` / `closed_by_admin` (full_name либо null).
-
-- [ ] **Step 1: Написать failing-тест `AdminIncidentShowTest.php`**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\DB;
-
-uses(DatabaseTransactions::class);
-
-beforeEach(function () {
-    DB::table('incidents_log')->delete();
-    $this->adminId = (int) DB::table('saas_admin_users')->insertGetId([
-        'email' => 'inc-'.bin2hex(random_bytes(3)).'@test',
-        'full_name' => 'Incident Admin',
-        'password_hash' => bcrypt('test1234'),
-        'is_active' => true,
-        'role' => 'support',
-        'created_at' => now(),
-    ]);
-});
-
-function makeShowIncident(int $adminId, array $overrides = []): int
-{
-    $started = $overrides['started_at'] ?? now()->subHours(3);
-    $detected = $overrides['detected_at'] ?? $started;
-
-    return (int) DB::table('incidents_log')->insertGetId(array_merge([
-        'type' => 'service_outage',
-        'severity' => 'high',
-        'started_at' => $started,
-        'detected_at' => $detected,
-        'resolved_at' => null,
-        'summary' => 'Show test incident',
-        'created_by_admin_id' => $adminId,
-        'created_at' => now(),
-    ], $overrides));
-}
-
-test('GET /api/admin/incidents/{id} 200 + полная карточка', function () {
-    $id = makeShowIncident($this->adminId, ['summary' => 'API 502 burst', 'severity' => 'critical']);
-    $r = $this->getJson("/api/admin/incidents/{$id}");
-    $r->assertOk();
-    expect($r->json('incident.id'))->toBe($id);
-    expect($r->json('incident.summary'))->toBe('API 502 burst');
-    expect($r->json('incident.severity'))->toBe('critical');
-    expect($r->json('incident.incident_id'))->toMatch('/^INC-\d{4}-\d{4}-\d{4}$/');
-    expect($r->json('incident.status'))->toBe('investigating');
-    expect($r->json('incident.created_by_admin'))->toBe('Incident Admin');
-});
-
-test('GET /api/admin/incidents/{id} несуществующий → 404', function () {
-    $this->getJson('/api/admin/incidents/99999999')->assertStatus(404);
-});
-
-test('GET /api/admin/incidents/{id} data_breach без rkn_notified_at → rkn_deadline_at +24ч', function () {
-    $id = makeShowIncident($this->adminId, ['type' => 'data_breach', 'detected_at' => now()->subHour()]);
-    $r = $this->getJson("/api/admin/incidents/{$id}");
-    expect($r->json('incident.rkn_notified'))->toBeFalse();
-    expect($r->json('incident.rkn_deadline_at'))->toBeString();
-});
-
-test('GET /api/admin/incidents/{id} разрешает имена affected_tenants', function () {
-    $tenantId = (int) DB::table('tenants')->insertGetId([
-        'subdomain' => 'inc-'.bin2hex(random_bytes(4)),
-        'organization_name' => 'Affected Org',
-        'contact_email' => 'a@test.local',
-        'webhook_token' => bin2hex(random_bytes(16)),
-        'created_at' => now(),
-    ]);
-    $id = makeShowIncident($this->adminId, ['affected_tenant_ids' => '{'.$tenantId.'}']);
-    $r = $this->getJson("/api/admin/incidents/{$id}");
-    expect($r->json('incident.affected_tenants'))->toHaveCount(1);
-    expect($r->json('incident.affected_tenants.0.organization_name'))->toBe('Affected Org');
-});
-
-test('GET /api/admin/incidents/{id} resolved инцидент → status resolved', function () {
-    $id = makeShowIncident($this->adminId, ['resolved_at' => now()]);
-    expect($this->getJson("/api/admin/incidents/{$id}")->json('incident.status'))->toBe('resolved');
-});
-```
-
-- [ ] **Step 2: Прогнать тест — убедиться, что падает**
-
-Run: `cd app && php artisan test tests/Feature/AdminIncidentShowTest.php`
-Expected: FAIL — route not defined.
-
-- [ ] **Step 3: Добавить метод `show()` в `AdminIncidentsController`**
-
-```php
-/** GET /api/admin/incidents/{id} — полная карточка инцидента (drill-down G5). */
-public function show(int $id): JsonResponse
-{
-    $row = DB::table('incidents_log')->where('id', $id)->first();
-    if ($row === null) {
-        abort(404, 'incident not found');
-    }
-
-    $tenantIds = is_array($row->affected_tenant_ids)
-        ? $row->affected_tenant_ids
-        : ($row->affected_tenant_ids !== null ? $this->parsePgArrayValues((string) $row->affected_tenant_ids) : []);
-
-    $tenants = $tenantIds === []
-        ? collect()
-        : DB::table('tenants')->whereIn('id', $tenantIds)
-            ->select(['id', 'organization_name'])->get();
-
-    $admins = DB::table('saas_admin_users')
-        ->whereIn('id', array_filter([$row->created_by_admin_id, $row->closed_by_admin_id]))
-        ->pluck('full_name', 'id');
-
-    return response()->json([
-        'incident' => [
-            'id' => (int) $row->id,
-            'incident_id' => $this->formatIncidentId($row),
-            'type' => $row->type,
-            'severity' => $row->severity,
-            'summary' => $row->summary,
-            'root_cause' => $row->root_cause,
-            'postmortem_url' => $row->postmortem_url,
-            'started_at' => CarbonImmutable::parse($row->started_at)->toIso8601String(),
-            'detected_at' => CarbonImmutable::parse($row->detected_at)->toIso8601String(),
-            'resolved_at' => $row->resolved_at !== null
-                ? CarbonImmutable::parse($row->resolved_at)->toIso8601String() : null,
-            'status' => $this->deriveStatus($row),
-            'affected_tenants' => $tenants->map(fn ($t) => [
-                'id' => (int) $t->id,
-                'organization_name' => $t->organization_name,
-            ])->values(),
-            'affected_users_count' => $row->affected_users_count !== null ? (int) $row->affected_users_count : null,
-            'notification_sent_at' => $row->notification_sent_at !== null
-                ? CarbonImmutable::parse($row->notification_sent_at)->toIso8601String() : null,
-            'rkn_notified' => $row->rkn_notified_at !== null,
-            'rkn_notified_at' => $row->rkn_notified_at !== null
-                ? CarbonImmutable::parse($row->rkn_notified_at)->toIso8601String() : null,
-            'rkn_deadline_at' => $row->type === 'data_breach' && $row->rkn_notified_at === null
-                ? CarbonImmutable::parse($row->detected_at)->addHours(24)->toIso8601String() : null,
-            'created_by_admin' => $admins->get($row->created_by_admin_id),
-            'closed_by_admin' => $row->closed_by_admin_id !== null ? $admins->get($row->closed_by_admin_id) : null,
-            'created_at' => $row->created_at !== null
-                ? CarbonImmutable::parse($row->created_at)->toIso8601String() : null,
-            'updated_at' => $row->updated_at !== null
-                ? CarbonImmutable::parse($row->updated_at)->toIso8601String() : null,
-        ],
-    ]);
-}
-
-/**
- * PG-array literal '{1,2,3}' → массив int.
- *
- * @return list<int>
- */
-private function parsePgArrayValues(string $literal): array
-{
-    $trimmed = trim($literal, '{}');
-    if ($trimmed === '') {
-        return [];
-    }
-
-    return array_map('intval', explode(',', $trimmed));
-}
-```
-
-- [ ] **Step 4: Добавить маршрут в `routes/web.php`**
-
-После `Route::get('/api/admin/incidents', ...)` (≈строка 102):
-
-```php
-// Sprint 3D (G5): SaaS-admin incident detail-view drill-down.
-Route::get('/api/admin/incidents/{id}', 'App\Http\Controllers\Api\AdminIncidentsController@show')
-    ->where('id', '[0-9]+');
-```
-
-**NB:** маршрут `{id}` идёт ПОСЛЕ списочного `GET /api/admin/incidents` — конфликта нет (разные пути; `{id}` ограничен `[0-9]+`).
-
-- [ ] **Step 5: Прогнать тест**
-
-Run: `cd app && php artisan test tests/Feature/AdminIncidentShowTest.php`
-Expected: PASS.
-
-- [ ] **Step 6: Регенерация phpstan-baseline (quirk 25) + pint + stan**
-
-Та же 3-шаговая процедура, что в Task 1 Step 7. Затем `composer stan` → `[OK]`.
-
-- [ ] **Step 7: Commit**
-
-```bash
-git add app/app/Http/Controllers/Api/AdminIncidentsController.php \
-  app/routes/web.php app/tests/Feature/AdminIncidentShowTest.php \
-  app/phpstan-baseline.neon
-git commit -m "feat(admin): G5 backend — incident detail endpoint"
-```
-
----
-
-## Task 4: G6 backend — РКН-notify endpoint
-
-**Files:**
-
-- Modify: `app/app/Http/Controllers/Api/AdminIncidentsController.php`
-- Modify: `app/routes/web.php`
-- Test: `app/tests/Feature/AdminIncidentRknNotifyTest.php`
-
-**Контракт:** `POST /api/admin/incidents/{id}/rkn-notify` — фиксирует факт уведомления Роскомнадзора об утечке ПДн (152-ФЗ). 404 — инцидента нет; 422 — `type !== 'data_breach'` (РКН-уведомление применимо только к утечке ПДн); 409 — `rkn_notified_at` уже проставлен; 200 — успех: `rkn_notified_at = now()`, `updated_at = now()`, строка в `saas_admin_audit_log` (`action = incident.rkn_notify`), в ответе — обновлённая карточка (та же форма, что у `show()`).
-
-- [ ] **Step 1: Написать failing-тест `AdminIncidentRknNotifyTest.php`**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\DB;
-
-uses(DatabaseTransactions::class);
-
-beforeEach(function () {
-    DB::table('incidents_log')->delete();
-    $this->adminId = (int) DB::table('saas_admin_users')->insertGetId([
-        'email' => 'rkn-'.bin2hex(random_bytes(3)).'@test',
-        'full_name' => 'RKN Admin',
-        'password_hash' => bcrypt('test1234'),
-        'is_active' => true,
-        'role' => 'support',
-        'created_at' => now(),
-    ]);
-});
-
-function makeRknIncident(int $adminId, array $overrides = []): int
-{
-    $started = $overrides['started_at'] ?? now()->subHours(2);
-
-    return (int) DB::table('incidents_log')->insertGetId(array_merge([
-        'type' => 'data_breach',
-        'severity' => 'critical',
-        'started_at' => $started,
-        'detected_at' => $started,
-        'summary' => 'PDN leak test',
-        'created_by_admin_id' => $adminId,
-        'created_at' => now(),
-    ], $overrides));
-}
-
-test('POST rkn-notify проставляет rkn_notified_at + audit-log', function () {
-    $id = makeRknIncident($this->adminId);
-    $r = $this->postJson("/api/admin/incidents/{$id}/rkn-notify");
-    $r->assertOk();
-    expect($r->json('incident.rkn_notified'))->toBeTrue();
-    expect($r->json('incident.rkn_notified_at'))->toBeString();
-    expect(DB::table('incidents_log')->where('id', $id)->value('rkn_notified_at'))->not->toBeNull();
-    expect(DB::table('saas_admin_audit_log')->where('action', 'incident.rkn_notify')->where('target_id', $id)->exists())
-        ->toBeTrue();
-});
-
-test('POST rkn-notify несуществующий инцидент → 404', function () {
-    $this->postJson('/api/admin/incidents/99999999/rkn-notify')->assertStatus(404);
-});
-
-test('POST rkn-notify не data_breach → 422', function () {
-    $id = makeRknIncident($this->adminId, ['type' => 'service_outage']);
-    $this->postJson("/api/admin/incidents/{$id}/rkn-notify")->assertStatus(422);
-    expect(DB::table('incidents_log')->where('id', $id)->value('rkn_notified_at'))->toBeNull();
-});
-
-test('POST rkn-notify повторно → 409', function () {
-    $id = makeRknIncident($this->adminId, ['rkn_notified_at' => now()->subHour()]);
-    $this->postJson("/api/admin/incidents/{$id}/rkn-notify")->assertStatus(409);
-});
-```
-
-- [ ] **Step 2: Прогнать тест — убедиться, что падает**
-
-Run: `cd app && php artisan test tests/Feature/AdminIncidentRknNotifyTest.php`
-Expected: FAIL — route not defined.
-
-- [ ] **Step 3: Добавить `notifyRkn()` в `AdminIncidentsController`**
-
-В шапку — `use App\Http\Controllers\Concerns\ResolvesAdminUserId;`, `use App\Models\SaasAdminAuditLog;`, `use Illuminate\Http\Request;` (Request уже импортирован). В тело класса — `use ResolvesAdminUserId;`.
-
-```php
-/** POST /api/admin/incidents/{id}/rkn-notify — зафиксировать уведомление РКН (G6, 152-ФЗ). */
-public function notifyRkn(Request $request, int $id): JsonResponse
-{
-    $row = DB::table('incidents_log')->where('id', $id)->first();
-    if ($row === null) {
-        abort(404, 'incident not found');
-    }
-    if ($row->type !== 'data_breach') {
-        abort(422, 'РКН-уведомление применимо только к инцидентам типа data_breach');
-    }
-    if ($row->rkn_notified_at !== null) {
-        abort(409, 'РКН уже уведомлён по этому инциденту');
-    }
-
-    $adminUserId = $this->resolveAdminUserId($request, 'system-incidents@liderra.local', 'System Incidents Bot');
-
-    DB::transaction(function () use ($row, $adminUserId, $request): void {
-        DB::table('incidents_log')->where('id', $row->id)->update([
-            'rkn_notified_at' => now(),
-            'updated_at' => now(),
-        ]);
-
-        SaasAdminAuditLog::create([
-            'admin_user_id' => $adminUserId,
-            'action' => 'incident.rkn_notify',
-            'target_type' => 'incident',
-            'target_id' => $row->id,
-            'payload_before' => ['rkn_notified_at' => null],
-            'payload_after' => ['rkn_notified_at' => now()->toIso8601String()],
-            'reason' => 'Роскомнадзор уведомлён об утечке ПДн через админ-интерфейс (152-ФЗ).',
-            'ip_address' => $request->ip() ?? '127.0.0.1',
-            'user_agent' => $request->userAgent(),
-        ]);
-    });
-
-    return $this->show($id);
-}
-```
-
-(`notifyRkn` переиспользует `show($id)` для тела ответа — обновлённая карточка.)
-
-- [ ] **Step 4: Добавить маршрут в `routes/web.php`**
-
-После маршрута `GET /api/admin/incidents/{id}` из Task 3:
-
-```php
-Route::post('/api/admin/incidents/{id}/rkn-notify', 'App\Http\Controllers\Api\AdminIncidentsController@notifyRkn')
-    ->where('id', '[0-9]+');
-```
-
-- [ ] **Step 5: Прогнать тест**
-
-Run: `cd app && php artisan test tests/Feature/AdminIncidentRknNotifyTest.php`
-Expected: PASS.
-
-- [ ] **Step 6: Регенерация phpstan-baseline (quirk 25) + pint + stan**
-
-Та же 3-шаговая процедура. `composer stan` → `[OK]`.
-
-- [ ] **Step 7: Commit**
-
-```bash
-git add app/app/Http/Controllers/Api/AdminIncidentsController.php \
-  app/routes/web.php app/tests/Feature/AdminIncidentRknNotifyTest.php \
-  app/phpstan-baseline.neon
-git commit -m "feat(admin): G6 backend — incident РКН-notify endpoint"
-```
-
----
-
-## Task 5: G5+G6 frontend — incident detail view + РКН-notify button
-
-**Files:**
-
-- Create: `app/resources/js/views/admin/AdminIncidentDetailView.vue`
-- Modify: `app/resources/js/api/admin.ts`
-- Modify: `app/resources/js/router/index.ts`
-- Modify: `app/resources/js/views/admin/AdminIncidentsView.vue`
-- Test: `app/tests/Frontend/AdminIncidentDetailView.spec.ts`
-- Test: `app/tests/Frontend/AdminIncidentsView.spec.ts` (модификация)
-- Test: `app/tests/Frontend/admin-api.spec.ts` (модификация)
-
-- [ ] **Step 1: Добавить API-функции в `api/admin.ts`**
-
-```typescript
-// === SaaS-admin → Инциденты: detail-view + РКН-notify (Sprint 3D G5/G6) ===
-
-export interface ApiIncidentAffectedTenant {
-    id: number;
-    organization_name: string;
-}
-
-export interface ApiAdminIncidentDetail {
-    id: number;
-    incident_id: string;
-    type: string;
-    severity: 'low' | 'medium' | 'high' | 'critical';
-    summary: string;
-    root_cause: string | null;
-    postmortem_url: string | null;
-    started_at: string;
-    detected_at: string;
-    resolved_at: string | null;
-    status: 'open' | 'investigating' | 'resolved';
-    affected_tenants: ApiIncidentAffectedTenant[];
-    affected_users_count: number | null;
-    notification_sent_at: string | null;
-    rkn_notified: boolean;
-    rkn_notified_at: string | null;
-    rkn_deadline_at: string | null;
-    created_by_admin: string | null;
-    closed_by_admin: string | null;
-    created_at: string | null;
-    updated_at: string | null;
-}
-
-export async function getAdminIncidentDetail(id: number): Promise<ApiAdminIncidentDetail> {
-    const { data } = await apiClient.get<{ incident: ApiAdminIncidentDetail }>(`/api/admin/incidents/${id}`);
-    return data.incident;
-}
-
-export async function notifyIncidentRkn(id: number): Promise<ApiAdminIncidentDetail> {
-    await ensureCsrfCookie();
-    const { data } = await apiClient.post<{ incident: ApiAdminIncidentDetail }>(
-        `/api/admin/incidents/${id}/rkn-notify`,
-        {},
-    );
-    return data.incident;
-}
-```
-
-- [ ] **Step 2: Написать failing-тест `AdminIncidentDetailView.spec.ts`**
-
-Образец — `app/tests/Frontend/AdminTenantDetailView.spec.ts` (read it: монтирование с router-mock, `vi.mock` на `api/admin`, проверка loading/404/error). Кейсы:
-
-```
-1. на mount вызывает getAdminIncidentDetail(route.params.id) и рендерит summary/incident_id/severity
-2. 404 от API → блок data-testid="incident-not-found"
-3. прочая ошибка → блок data-testid="incident-fetch-error" + кнопка повтора
-4. data_breach без rkn_notified → видна кнопка data-testid="rkn-notify-btn"
-5. клик rkn-notify → confirm → вызывает notifyIncidentRkn(id), карточка обновляется (rkn_notified=true, кнопка исчезает)
-6. type !== 'data_breach' → кнопки rkn-notify нет
-7. rkn_notified=true → вместо кнопки показан факт «РКН уведомлён {дата}»
-8. ошибка notifyIncidentRkn → видимый v-alert (data-testid="rkn-error")
-```
-
-Запустить: `cd app && npm run test:vue -- AdminIncidentDetailView` → Expected: FAIL (компонента нет).
-
-- [ ] **Step 3: Создать `AdminIncidentDetailView.vue`**
-
-Структура по образцу `AdminTenantDetailView.vue` (loading / notFound / fetchError / контент). `<script setup lang="ts">`:
-
-- `route` / `router`, `id = computed(() => Number(route.params.id))`.
-- `incident = ref<ApiAdminIncidentDetail | null>(null)`, `loading`, `notFound`, `fetchError`, `rknError = ref('')`, `rknLoading = ref(false)`.
-- `loadIncident()`: `getAdminIncidentDetail(id.value)`; catch — `status===404` → `notFound=true`, иначе `fetchError = extractErrorMessage(e)`.
-- `onMounted(loadIncident)` + `watch(id, loadIncident)`.
-- `confirmRkn()`: `rknLoading=true`; try `incident.value = await notifyIncidentRkn(id.value)`; catch `rknError = extractErrorMessage(e)`; finally `rknLoading=false`.
-- `goBack()` → `router.push({ name: 'admin-incidents' })`.
-- `defineExpose({ incident, loading, notFound, fetchError, rknError, loadIncident, confirmRkn })`.
-
-Шаблон: хедер с `incident_id` + чипы severity/status (мапы — переиспользовать из `AdminIncidentsView` логику; локальные `severityMap`/`statusMap` допустимы — компонент самостоятельный), кнопка «Назад». Тело — `summary`, `root_cause`, `postmortem_url` (ссылкой если есть), даты `started_at`/`detected_at`/`resolved_at`, список `affected_tenants` (имена; каждый — link на `{name:'admin-tenant-detail'}` опционально, но не обязательно), `affected_users_count`. Секция РКН:
-
-- если `incident.type === 'data_breach'`:
-  - `rkn_notified === false` → блок с дедлайном `rkn_deadline_at` + `<v-btn data-testid="rkn-notify-btn" color="error" :loading="rknLoading">Уведомить РКН</v-btn>`. Клик — открыть `<v-dialog>` подтверждения (действие юридически значимое) → submit вызывает `confirmRkn()`.
-  - `rkn_notified === true` → строка «РКН уведомлён {formatDate(rkn_notified_at)}».
-  - `<v-alert v-if="rknError" type="error" data-testid="rkn-error">`.
-- иначе секции РКН нет.
-
-`formatDate` — как в `AdminIncidentsView.vue` (скопировать helper).
-
-- [ ] **Step 4: Добавить маршрут в `router/index.ts`**
-
-Сразу после блока `admin-incidents` (≈строка 212):
-
-```typescript
-    {
-        path: '/admin/incidents/:id',
-        name: 'admin-incident-detail',
-        component: () => import('../views/admin/AdminIncidentDetailView.vue'),
-        meta: { layout: 'admin', title: 'Инцидент', requiresAuth: true },
-    },
-```
-
-(devIndex намеренно не задан — это временная dev-фича, новые маршруты её не требуют; коллизий индексов нет.)
-
-- [ ] **Step 5: Сделать строки `AdminIncidentsView` кликабельными**
-
-В `AdminIncidentsView.vue`: импортировать `useRouter`, добавить `const router = useRouter()`. На `<v-list-item>` добавить `@click="router.push({ name: 'admin-incident-detail', params: { id: row.id } })"`, `:data-testid="\`incident-row-${row.id}\`"`,`style="cursor: pointer"`. Список-бейдж «РКН pending» остаётся (информативный).
-
-- [ ] **Step 6: Дописать тесты `AdminIncidentsView.spec.ts` и `admin-api.spec.ts`**
-
-`AdminIncidentsView.spec.ts` — +кейс: клик по строке инцидента вызывает `router.push` с `name:'admin-incident-detail'` и `params.id`. (Смонтировать с router-mock — см. как уже устроен файл.)
-
-`admin-api.spec.ts` — +кейсы: `getAdminIncidentDetail` дёргает `GET /api/admin/incidents/{id}` и возвращает `.incident`; `notifyIncidentRkn` дёргает `POST .../rkn-notify`; `listAdminTariffPlans`/`updateTenantStatus`/`refundTenant`/`changeTenantTariff` бьют по верным путям/методам (по образцу существующих кейсов в файле).
-
-- [ ] **Step 7: Прогнать тесты + type-check + lint**
-
-Run: `cd app && npm run test:vue -- AdminIncidentDetailView AdminIncidentsView admin-api && npm run type-check && npm run lint:vue`
-Expected: все PASS, 0 ошибок vue-tsc/ESLint.
-
-- [ ] **Step 8: Commit**
-
-```bash
-git add app/resources/js/views/admin/AdminIncidentDetailView.vue \
-  app/resources/js/api/admin.ts app/resources/js/router/index.ts \
-  app/resources/js/views/admin/AdminIncidentsView.vue \
-  app/tests/Frontend/AdminIncidentDetailView.spec.ts \
-  app/tests/Frontend/AdminIncidentsView.spec.ts \
-  app/tests/Frontend/admin-api.spec.ts
-git commit -m "feat(admin): G5/G6 frontend — incident detail view + РКН-notify"
-```
-
----
-
-## Финальная верификация (после всех 5 задач)
-
-- [ ] Pest: `cd app && php artisan test` — выписать `passed/failed`, 0 failed.
-- [ ] Vitest: `cd app && npm run test:vue` — 0 failed.
-- [ ] `cd app && composer pint -- --test && composer stan && npm run type-check && npm run lint:vue` — всё чисто.
-- [ ] Финальное code-review всей ветки (subagent-driven Final reviewer).
-
----
-
-## Self-Review (проверка плана против аудит-спеки)
-
-**Spec coverage:**
-
-- G4 «AdminBillingView row-actions — Dropdown 3 actions + backend» → Task 1 (3 действия + tariff-plans helper) + Task 2 (выпадающее меню + 3 диалога). ✓
-- G5 «AdminIncidentsView drill-down — `/admin/incidents/:id`» → Task 3 (endpoint) + Task 5 (карточка + маршрут + кликабельные строки). ✓
-- G6 «AdminIncidentsView РКН-notify — Button + endpoint» → Task 4 (endpoint) + Task 5 (кнопка на карточке). ✓
-
-**Дизайн-решение:** кнопка РКН-уведомления размещена на карточке инцидента (G5), а не в списке — там есть место под confirm-диалог юридически значимого действия; список сохраняет информативный бейдж «РКН pending» и получает click-through на карточку. Аудит-намерение (превратить пассивный бейдж в actionable flow) выполнено.
-
-**Out-of-scope (осознанно):** auth:saas-admin middleware (J1/J2, ⏸ Б-1) — все новые endpoint'ы на MVP без auth, паритет с существующими `/api/admin/*`; кросс-гард «нельзя разблокировать тенанта с `chargeback_unrecovered_rub > 0`» — отдельная бизнес-логика, не в G4; РКН-notify не шлёт реальное письмо/форму в Роскомнадзор — фиксирует только факт (`rkn_notified_at`), интеграция вне MVP.
-
-**Type consistency:** `ApiAdminIncidentDetail` (Task 5) — поля совпадают с ответом `show()` (Task 3). `AdminTariffPlan` (Task 2) — совпадает с `tariffPlans()` (Task 1). Имена audit-действий: `tenant.suspend`/`tenant.activate`/`tenant.refund`/`tenant.change_tariff`/`incident.rkn_notify` — единообразны backend ↔ тесты.
-
-**Placeholder scan:** код приведён полностью для backend; для Vue-компонентов задана точная структура + явные `data-testid` + список тест-кейсов (реализация по образцу указанных существующих файлов — паттерн subagent-driven).
diff --git a/docs/superpowers/plans/2026-05-16-sprint3e-settings-tabs.md b/docs/superpowers/plans/2026-05-16-sprint3e-settings-tabs.md
deleted file mode 100644
index 8e2bfdc..0000000
--- a/docs/superpowers/plans/2026-05-16-sprint3e-settings-tabs.md
+++ /dev/null
@@ -1,240 +0,0 @@
-# Sprint 3E — Settings placeholder-tabs (D6/D7) Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Убрать из `SettingsView` 4 placeholder-вкладки («Проекты», «Команда», «Интеграции», «Тихие часы»), которые показывают «В разработке» — UI не должен обещать нереализованный функционал.
-
-**Architecture:** Чистое удаление. `SettingsView` оставляет 4 рабочие вкладки (Профиль, Безопасность, API и Webhook, Уведомления). Компонент `PlaceholderTab.vue` удаляется целиком. Spec-тест приводится к 4-вкладочному состоянию + добавляется регрессионная проверка, что placeholder'ы пропали.
-
-**Tech Stack:** Vue 3 (`<script setup>` + TypeScript), Vuetify 3, Vitest 4 + @vue/test-utils.
-
----
-
-## Контекст и per-tab решение (audit D6/D7)
-
-Аудит портала ([docs/superpowers/specs/2026-05-15-portal-audit-design.md](../specs/2026-05-15-portal-audit-design.md)):
-
-- **D6** — «PlaceholderTab × 4 — реализовать или скрыть (decide per-tab)».
-- **D7** — «SettingsView left-rail: 8 tab'ов, 4 заглушки — Hide-if-not-implemented».
-
-**Per-tab решение — скрыть все 4** (реализация каждой = отдельный эпик, вне scope Sprint 3E):
-
-| Вкладка | Решение | Обоснование |
-|---|---|---|
-| Проекты | скрыть | Полноценный `/projects` view уже есть — вкладка чистый дубль. |
-| Команда | скрыть | Нет ни `/team`-маршрута, ни backend; реализация = отдельный L-эпик со schema-работой, не в графике спринтов. |
-| Интеграции | скрыть | Telegram/1С/JivoSite/Yandex SSO — все внешне-блокированы (Б-1 и пр.). |
-| Тихие часы | скрыть | `quiet_hours` отсутствует в `db/schema.sql`; ТЗ §17.8 спецификацию даёт, но колонок/backend нет — отдельный эпик. |
-
-«Импорт»-вкладка из предложения D7 — это H8 (Sprint 4, миграция §6), **вне scope Sprint 3E**.
-
-Скрытие не отменяет ТЗ-требования (Команда / Тихие часы §17.8) — вкладки вернутся при реальной реализации соответствующих модулей.
-
----
-
-## File Structure
-
-- Modify: `app/resources/js/views/SettingsView.vue` — убрать 4 placeholder-вкладки, `placeholderProps` computed, импорт и использование `PlaceholderTab`, неиспользуемый импорт `computed`; обновить docblock.
-- Delete: `app/resources/js/views/settings/PlaceholderTab.vue` — компонент больше не используется.
-- Test: `app/tests/Frontend/SettingsView.spec.ts` — 8 → 4 вкладки, убрать placeholder-тест, добавить регрессию.
-
-**НЕ трогать:** `app/dev-indices.json` (авто-генерируемый временной DevIndex-фичей, уже `M` в git status — не стейджить, не коммитить); `SettingsView.story.vue` (ссылается только на `SettingsView`, не на `PlaceholderTab` — изменений не требует).
-
----
-
-## Task 1: Скрыть 4 placeholder-вкладки в SettingsView
-
-**Files:**
-
-- Modify: `app/resources/js/views/SettingsView.vue`
-- Delete: `app/resources/js/views/settings/PlaceholderTab.vue`
-- Test: `app/tests/Frontend/SettingsView.spec.ts`
-
-- [ ] **Step 1: Привести spec-тест к 4-вкладочному состоянию (failing test first)**
-
-Заменить весь файл `app/tests/Frontend/SettingsView.spec.ts` на:
-
-```ts
-import { describe, it, expect } from 'vitest';
-import { mount } from '@vue/test-utils';
-import { createPinia } from 'pinia';
-import { createVuetify } from 'vuetify';
-import SettingsView from '../../resources/js/views/SettingsView.vue';
-
-describe('SettingsView.vue', () => {
-    const factory = () =>
-        mount(SettingsView, {
-            global: { plugins: [createPinia(), createVuetify()] },
-        });
-
-    it('монтируется и содержит заголовок «Настройки»', () => {
-        const wrapper = factory();
-        expect(wrapper.find('h1').text()).toBe('Настройки');
-    });
-
-    it('содержит ровно 4 nav-tabs (placeholder-вкладки убраны, audit D6/D7)', () => {
-        const wrapper = factory();
-        const items = wrapper.findAll('.tabs-rail .v-list-item');
-        expect(items.length).toBe(4);
-    });
-
-    it('содержит все 4 названия рабочих вкладок', () => {
-        const wrapper = factory();
-        const text = wrapper.text();
-        const labels = ['Профиль', 'Безопасность', 'API и Webhook', 'Уведомления'];
-        labels.forEach((l) => expect(text).toContain(l));
-    });
-
-    it('не содержит placeholder-вкладок и текста «В разработке»', () => {
-        const wrapper = factory();
-        const railText = wrapper.find('.tabs-rail').text();
-        ['Команда', 'Интеграции', 'Тихие часы'].forEach((l) => expect(railText).not.toContain(l));
-        expect(wrapper.text()).not.toContain('В разработке');
-    });
-
-    it('по умолчанию показывает вкладку «Профиль»', () => {
-        const wrapper = factory();
-        const text = wrapper.text();
-        // ProfileTab содержит поля Имя / Фамилия (split из «Полное имя» в audit D1) и Тайм-зона.
-        expect(text).toContain('Имя');
-        expect(text).toContain('Фамилия');
-        expect(text).toContain('Тайм-зона');
-    });
-
-    it('переключение на «Уведомления» показывает матрицу 8×3', async () => {
-        const wrapper = factory();
-        const items = wrapper.findAll('.tabs-rail .v-list-item');
-        const notifItem = items.find((i) => i.text().includes('Уведомления'));
-        await notifItem!.trigger('click');
-        await wrapper.vm.$nextTick();
-        const text = wrapper.text();
-        expect(text).toContain('События × каналы');
-        // 8 типов событий из schema users.notification_preferences.
-        ['Новый лид', 'Напоминание', 'Низкий баланс', 'Нулевой баланс', 'Анонсы и промо'].forEach((e) =>
-            expect(text).toContain(e),
-        );
-    });
-
-    it('переключение на «Безопасность» показывает 2FA и сессии', async () => {
-        const wrapper = factory();
-        const items = wrapper.findAll('.tabs-rail .v-list-item');
-        const secItem = items.find((i) => i.text().includes('Безопасность'));
-        await secItem!.trigger('click');
-        await wrapper.vm.$nextTick();
-        const text = wrapper.text();
-        expect(text).toContain('Двухфакторная авторизация');
-        expect(text).toContain('Активные сессии');
-    });
-
-    it('переключение на «API и Webhook» показывает API-ключ и signing secret', async () => {
-        const wrapper = factory();
-        const items = wrapper.findAll('.tabs-rail .v-list-item');
-        const apiItem = items.find((i) => i.text().includes('API'));
-        await apiItem!.trigger('click');
-        await wrapper.vm.$nextTick();
-        const text = wrapper.text();
-        expect(text).toContain('API-ключ');
-        expect(text).toContain('Signing secret');
-        expect(text).toContain('HMAC');
-    });
-});
-```
-
-Изменения относительно текущего файла: тест «ровно 8 nav-tabs» → 4; «8 названий вкладок» → 4 рабочих; тест «placeholder-вкладки показывают „В разработке"» удалён, вместо него — регрессия «не содержит placeholder-вкладок».
-
-- [ ] **Step 2: Прогнать тест — убедиться, что падает**
-
-Run: `cd app && npm run test:vue -- --run SettingsView`
-Expected: FAIL — текущий `SettingsView.vue` рендерит 8 вкладок, тесты «ровно 4 nav-tabs» и «не содержит placeholder-вкладок» красные.
-
-- [ ] **Step 3: Удалить 4 placeholder-вкладки из `SettingsView.vue`**
-
-Заменить блок `<script setup>` (строки 1–61) на:
-
-```vue
-<script setup lang="ts">
-/**
- * Settings — настройки тенанта/пользователя. 4 рабочие вкладки.
- *
- * Источник дизайна: liderra_v8_handoff/concepts/v8_settings.html.
- * Полностью реализованы (с UI-разводкой): Профиль, Безопасность, API и Webhook,
- * Уведомления (матрица 8×3 по schema v8.7 §4 users.notification_preferences).
- *
- * Аудит D6/D7 (Sprint 3E, 2026-05-16): placeholder-вкладки Проекты/Команда/
- * Интеграции/Тихие часы убраны — UI не должен обещать «в разработке».
- * «Проекты» дублировали /projects; «Команда» и «Тихие часы» (ТЗ §17.8)
- * требуют schema+backend (отдельные эпики); «Интеграции» внешне-блокированы (Б-1).
- * Вкладки вернутся при реальной реализации соответствующих модулей.
- */
-import { ref } from 'vue';
-import ApiTab from './settings/ApiTab.vue';
-import NotificationsTab from './settings/NotificationsTab.vue';
-import ProfileTab from './settings/ProfileTab.vue';
-import SecurityTab from './settings/SecurityTab.vue';
-
-interface Tab {
-    id: string;
-    label: string;
-    icon: string;
-}
-
-const tabs: Tab[] = [
-    { id: 'profile', label: 'Профиль', icon: 'mdi-account-outline' },
-    { id: 'security', label: 'Безопасность', icon: 'mdi-shield-lock-outline' },
-    { id: 'api', label: 'API и Webhook', icon: 'mdi-api' },
-    { id: 'notifications', label: 'Уведомления', icon: 'mdi-bell-outline' },
-];
-
-const activeTab = ref('profile');
-</script>
-```
-
-В `<template>` заменить блок `<v-card variant="outlined" class="tab-pane pa-6">…</v-card>` (строки 89–99) на:
-
-```vue
-                <v-card variant="outlined" class="tab-pane pa-6">
-                    <ProfileTab v-if="activeTab === 'profile'" />
-                    <SecurityTab v-else-if="activeTab === 'security'" />
-                    <ApiTab v-else-if="activeTab === 'api'" />
-                    <NotificationsTab v-else-if="activeTab === 'notifications'" />
-                </v-card>
-```
-
-`<style scoped>` — без изменений. Удаляются: импорт `PlaceholderTab`, импорт `computed` (становится неиспользуемым — остаётся только `ref`), `placeholderProps` computed, 4 строки placeholder-вкладок в `tabs`, `<PlaceholderTab>` в шаблоне.
-
-- [ ] **Step 4: Удалить `PlaceholderTab.vue`**
-
-Удалить файл `app/resources/js/views/settings/PlaceholderTab.vue` (`git rm`). Компонент больше нигде не импортируется (grep `PlaceholderTab` по `app/resources/js` → только `SettingsView.vue`, который мы уже почистили).
-
-- [ ] **Step 5: Прогнать тест — убедиться, что зелёный**
-
-Run: `cd app && npm run test:vue -- --run SettingsView`
-Expected: PASS — все 8 тестов SettingsView зелёные.
-
-- [ ] **Step 6: Проверить vue-tsc и ESLint**
-
-Run: `cd app && npm run type-check` → 0 ошибок (важно: неиспользуемый импорт `computed` удалён, иначе vue-tsc/ESLint ругнётся).
-Run: `cd app && npm run lint:vue` → 0 ошибок.
-
-- [ ] **Step 7: Полный прогон Vitest (регрессия)**
-
-Run: `cd app && npm run test:vue`
-Expected: 0 failed. Базовый объём перед изменением — 100 файлов / 838 passed / 3 skipped; после Sprint 3E удалён 1 тест → ожидается 100 файлов / 837 passed / 3 skipped (точное число — из реального вывода, не экстраполировать).
-
-- [ ] **Step 8: Commit**
-
-```bash
-git add app/resources/js/views/SettingsView.vue app/tests/Frontend/SettingsView.spec.ts
-git rm app/resources/js/views/settings/PlaceholderTab.vue
-git commit -m "feat(settings): D6/D7 — убрать placeholder-вкладки SettingsView"
-```
-
-**НЕ стейджить** `app/dev-indices.json` (авто-генерируемый, pre-existing `M`).
-
----
-
-## Self-Review
-
-- Spec coverage: D6 (4 placeholder-вкладки убраны) ✅; D7 (left-rail 8→4) ✅. «Импорт»-вкладка из D7 — H8/Sprint 4, явно вне scope.
-- Placeholder scan: нет TODO/TBD; весь код приведён дословно.
-- Type consistency: `tabs` остаётся `Tab[]`; `activeTab` — `ref('profile')`; `computed` удалён вместе с единственным потребителем `placeholderProps`.
diff --git a/docs/superpowers/plans/2026-05-16-sprint3f-api-middleware.md b/docs/superpowers/plans/2026-05-16-sprint3f-api-middleware.md
deleted file mode 100644
index b8e97e3..0000000
--- a/docs/superpowers/plans/2026-05-16-sprint3f-api-middleware.md
+++ /dev/null
@@ -1,355 +0,0 @@
-# Sprint 3F — API middleware (J1/J2) Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Закрыть аудит-находки J1 (auth+tenant middleware на `/api/deals*`) и J2 (стаб-гейт SaaS-admin зоны `/api/admin/*`) — убрать незащищённые API-эндпоинты, где tenant подставляется параметром запроса.
-
-**Architecture:** J1 — на 8 роутов `/api/deals*` навешивается `['auth:sanctum','tenant']`; три контроллера (`DealController`, `DealBulkActionController`, `DealExportController`) перестают читать `tenant_id` из запроса и берут его из `auth()->user()->tenant_id`; 8 Pest-файлов мигрируют с `?tenant_id=` на `actingAs($user)`. J2 — новый middleware `EnsureSaasAdmin` (стаб: dev/testing пропускает, production fail-closed 503) вешается на весь блок `/api/admin/*`; реальная Yandex 360 SSO-авторизация — TODO под Б-1+DO-4.
-
-**Tech Stack:** PHP 8.3 + Laravel 13, Sanctum SPA session auth, PostgreSQL 16 (RLS), Pest 4.
-
----
-
-## Контекст (audit J1/J2)
-
-Аудит портала ([docs/superpowers/specs/2026-05-15-portal-audit-design.md](../specs/2026-05-15-portal-audit-design.md)), раздел J:
-
-- **J1** — «CTO-18 — auth+tenant middleware на `/api/deals` (требует Б-1 для prod)». Сейчас 8 роутов `/api/deals*` идут **без middleware**: `tenant_id` берётся параметром. Любой клиент читает/пишет сделки чужого тенанта, подставив `tenant_id`. `auth:sanctum`+`tenant` уже используются на `/api/reminders`, `/api/reports/*`, `/api/billing/*`, `/api/projects` — на dev работают, Б-1 их **не блокирует** (Б-1 блокирует только production-deploy). J1 = применить тот же middleware к `/api/deals*`.
-- **J2** — «`/api/admin/*` — auth:saas-admin middleware (требует Б-1 + DO-4)». Гварда `saas-admin` в `config/auth.php` **нет** (только `web`); реальный гвард = Yandex 360 SSO, аудит явно пишет «**после Б-1+DO-4**» — оба registry-блокера открыты. Полноценный J2 невозможен. Решение заказчика (2026-05-16): **заготовка-стаб** — middleware-гейт, на dev пропускает, на production fail-closed; production SSO — TODO.
-
-**Scope J1 — backend + Pest.** Фронтенд (`app/resources/js/api/deals.ts` и 3 view) НЕ трогаем: после рефактора backend игнорирует клиентский `tenant_id` (Laravel `validate()` молча отбрасывает лишние ключи; лишний query-параметр игнорируется), фронт продолжает слать сессионную cookie и работает без изменений. Клиентский `tenant_id` становится вестигиальным безвредным параметром — его удаление косметическое, в аудите J1 не значится, вне scope Sprint 3F. Это устраняет дублирующий риск (8 frontend-файлов + 11 Vitest-спеков) при нулевом выигрыше для безопасности: backend, игнорируя клиентский `tenant_id`, уже закрывает кросс-tenant утечку.
-
-**Регистровые items.** J1 связан с CTO-18, J2 — с Б-1+DO-4 (все открыты). Sprint 3F реализует **код** находок J1/J2 (что заказчик авторизовал командой «делай 3f»), но **не закрывает** CTO-18/Б-1/DO-4 в реестре `Открытые_вопросы` — закрытие требует явного «закрываем» от заказчика. Реестр в этом спринте не трогаем.
-
----
-
-## File Structure
-
-**Task 1 (J2):**
-
-- Create: `app/app/Http/Middleware/EnsureSaasAdmin.php` — стаб-гейт SaaS-admin зоны.
-- Modify: `app/bootstrap/app.php` — alias `'saas-admin'` в `$middleware->alias([...])`.
-- Modify: `app/routes/web.php` — обернуть блок `/api/admin/*` (impersonation/tenants/billing/incidents/system-settings/pricing-tiers/suppliers) в `Route::middleware('saas-admin')->group(...)`.
-- Test: `app/tests/Feature/SaasAdminMiddlewareTest.php` — passthrough на testing + fail-closed 503 на production.
-
-**Task 2 (J1):**
-
-- Modify: `app/routes/web.php` — 8 роутов `/api/deals*` в `Route::middleware(['auth:sanctum','tenant'])->group(...)`.
-- Modify: `app/app/Http/Controllers/Api/DealController.php` — `index/show/store/update`: tenant из `auth()->user()`.
-- Modify: `app/app/Http/Controllers/Api/DealBulkActionController.php` — `transition/destroy/restore`: то же.
-- Modify: `app/app/Http/Controllers/Api/DealExportController.php` — `export`: то же.
-- Test (migrate): `app/tests/Feature/DealIndexTest.php`, `DealShowTest.php`, `DealCreateTest.php`, `DealUpdateTest.php`, `DealTransitionTest.php`, `DealDestroyTest.php`, `DealRestoreTest.php`, `LookupsTest.php` (только 3 `/api/deals`-теста).
-
-**НЕ трогать:** `app/dev-indices.json` (авто-генерируемый, pre-existing `M` — не стейджить); фронтенд `deals.ts` и deal-views (см. Scope выше); `DealModelTest.php` (модельный unit-тест, HTTP не вызывает); lookup-эндпоинты `/api/managers` и `/api/lead-statuses` (в аудит-находке J1 не значатся — остаются без middleware; `/api/managers`-тесты в `LookupsTest` не трогать).
-
----
-
-## Task 1: J2 — стаб-гейт `EnsureSaasAdmin` на `/api/admin/*`
-
-**Files:**
-
-- Create: `app/app/Http/Middleware/EnsureSaasAdmin.php`
-- Modify: `app/bootstrap/app.php`
-- Modify: `app/routes/web.php`
-- Test: `app/tests/Feature/SaasAdminMiddlewareTest.php`
-
-- [ ] **Step 1: Написать failing-тест `SaasAdminMiddlewareTest.php`**
-
-Создать `app/tests/Feature/SaasAdminMiddlewareTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-
-/**
- * J2 (Sprint 3F) — стаб-гейт SaaS-admin зоны.
- *
- * EnsureSaasAdmin на /api/admin/*: dev/testing пропускает (admin-панель
- * работает на dev), прочие окружения — fail-closed 503 до подключения
- * реального Yandex 360 SSO (TODO под Б-1+DO-4).
- */
-uses(DatabaseTransactions::class);
-
-test('/api/admin/* пропускается на testing-окружении (стаб permissive)', function () {
-    // Дефолтное тестовое окружение = testing → middleware пропускает.
-    $this->getJson('/api/admin/tenants')->assertStatus(200);
-});
-
-test('/api/admin/* возвращает 503 вне dev/testing (стаб fail-closed)', function () {
-    $this->app->detectEnvironment(fn () => 'production');
-
-    $this->getJson('/api/admin/tenants')->assertStatus(503);
-});
-```
-
-- [ ] **Step 2: Прогнать тест — убедиться, что падает**
-
-Run: `cd app && composer test -- --filter=SaasAdminMiddlewareTest`
-Expected: FAIL — middleware `EnsureSaasAdmin` ещё не существует, alias `saas-admin` не зарегистрирован, на роуты не навешан; тест «503 вне dev/testing» получит 200.
-
-- [ ] **Step 3: Создать middleware `EnsureSaasAdmin.php`**
-
-Создать `app/app/Http/Middleware/EnsureSaasAdmin.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Http\Middleware;
-
-use Closure;
-use Illuminate\Http\Request;
-use Symfony\Component\HttpFoundation\Response;
-
-/**
- * Гейт SaaS-admin зоны (/api/admin/*) — audit-находка J2.
- *
- * СТАБ (Sprint 3F): полноценная авторизация saas-admin требует Yandex 360
- * SSO-входа, который гейтится Б-1 (регистрация ООО) + DO-4. До их закрытия
- * реального механизма аутентификации нет.
- *
- * Поведение стаба:
- *   - dev / testing (local, testing) → пропускаем. Admin-панель работает на
- *     dev; admin_user_id передаётся параметром (трейт ResolvesAdminUserId).
- *   - прочие окружения (production / staging) → fail-closed 503: зона
- *     закрыта до подключения реального SSO. Явный 503 лучше, чем тихо
- *     открытый /api/admin/* в проде.
- *
- * TODO (после Б-1 + DO-4): заменить на проверку Yandex 360 SSO-сессии
- * saas-admin (отдельный guard) + роль (compliance и т.п. где требуется).
- */
-class EnsureSaasAdmin
-{
-    public function handle(Request $request, Closure $next): Response
-    {
-        if (! app()->environment('local', 'testing')) {
-            abort(503, 'SaaS-admin авторизация не настроена (ожидает Б-1 + DO-4).');
-        }
-
-        return $next($request);
-    }
-}
-```
-
-- [ ] **Step 4: Зарегистрировать alias `saas-admin` в `bootstrap/app.php`**
-
-В `app/bootstrap/app.php` добавить импорт и расширить `$middleware->alias([...])`:
-
-Импорт (после `use App\Http\Middleware\SetTenantContext;`):
-
-```php
-use App\Http\Middleware\EnsureSaasAdmin;
-```
-
-Блок alias заменить на:
-
-```php
-        $middleware->alias([
-            'tenant' => SetTenantContext::class,
-            'saas-admin' => EnsureSaasAdmin::class,
-        ]);
-```
-
-- [ ] **Step 5: Навесить `saas-admin` на блок `/api/admin/*` в `routes/web.php`**
-
-В `app/routes/web.php` весь блок admin-роутов (от комментария `// SaaS-admin impersonation flow (Ю-1)...` до строки с `AdminSuppliersController@update` включительно — это группы impersonation/tenants/billing/incidents/system-settings/pricing-tiers/suppliers) обернуть в `Route::middleware('saas-admin')->group(...)`. Структура:
-
-```php
-// J2 (Sprint 3F): стаб-гейт SaaS-admin зоны. EnsureSaasAdmin — dev/testing
-// пропускает, production fail-closed 503. Реальный Yandex 360 SSO — TODO под
-// Б-1+DO-4. admin_user_id внутри контроллеров (трейт ResolvesAdminUserId)
-// стаб не меняет — это отдельная зона ответственности.
-Route::middleware('saas-admin')->group(function () {
-    // SaaS-admin impersonation flow (Ю-1). ...
-    Route::prefix('/api/admin/impersonation')->group(function () {
-        // ... без изменений ...
-    });
-
-    // ... все остальные admin-роуты без изменений, только с отступом +4 ...
-
-    Route::patch('/api/admin/suppliers/{id}', 'App\Http\Controllers\Api\AdminSuppliersController@update')
-        ->where('id', '[0-9]+');
-});
-```
-
-Содержимое роутов внутри — без изменений (только индентация +4; `composer pint` в Step 7 выровняет, но писать сразу корректно). Роуты `/api/billing/charges`, `/api/billing/*`, `/api/api-keys`, `/api/tenants/me/webhook-settings`, `/api/dashboard/summary` и далее — **вне** этой группы (это tenant-зона, не admin).
-
-- [ ] **Step 6: Прогнать тест — убедиться, что зелёный**
-
-Run: `cd app && composer test -- --filter=SaasAdminMiddlewareTest`
-Expected: PASS — 2/2.
-
-- [ ] **Step 7: Pint + Larastan + регрессия admin-тестов**
-
-Run: `cd app && composer pint` → 0 правок или авто-формат применён.
-Run: `cd app && composer stan` → 0 ошибок (новый файл middleware типизирован; тест использует только реальные методы `TestCase`, динамических свойств нет — baseline regen не требуется).
-Run: `cd app && composer test -- --filter="Admin"` → 0 failed. Все существующие admin-тесты (AdminBilling/AdminIncidents/AdminTenants/AdminSystemSettings/AdminPricingTiers/AdminSuppliers/Impersonation) проходят: на `testing`-окружении `EnsureSaasAdmin` прозрачен.
-
-- [ ] **Step 8: Commit**
-
-```bash
-git add app/app/Http/Middleware/EnsureSaasAdmin.php app/bootstrap/app.php app/routes/web.php app/tests/Feature/SaasAdminMiddlewareTest.php
-git commit -m "feat(api): J2 — стаб-гейт EnsureSaasAdmin на /api/admin/*"
-```
-
-**НЕ стейджить** `app/dev-indices.json`.
-
----
-
-## Task 2: J1 — `auth:sanctum`+`tenant` middleware на `/api/deals*`
-
-**Files:**
-
-- Modify: `app/routes/web.php`
-- Modify: `app/app/Http/Controllers/Api/DealController.php`
-- Modify: `app/app/Http/Controllers/Api/DealBulkActionController.php`
-- Modify: `app/app/Http/Controllers/Api/DealExportController.php`
-- Test (migrate): `DealIndexTest.php`, `DealShowTest.php`, `DealCreateTest.php`, `DealUpdateTest.php`, `DealTransitionTest.php`, `DealDestroyTest.php`, `DealRestoreTest.php`, `LookupsTest.php`
-
-> **NB про порядок шагов:** миграция атомарна — добавление middleware немедленно «краснит» все 8 deal-тест-файлов (они не аутентифицируются). Поэтому routes+контроллеры+тесты мигрируют в одной задаче/одном коммите; промежуточный red — внутри задачи (Step 3 это фиксирует как TDD-red), green — в Step 6.
-
-- [ ] **Step 1: Навесить middleware на 8 роутов `/api/deals*` в `routes/web.php`**
-
-В `app/routes/web.php` блок из 8 deal-роутов (`GET /api/deals`, `GET /api/deals/{id}`, `POST /api/deals`, `POST /api/deals/export`, `POST /api/deals/transition`, `PATCH /api/deals/{id}`, `DELETE /api/deals`, `POST /api/deals/restore`) обернуть в группу. Заменить docblock-комментарий и роуты на:
-
-```php
-// Сделки — single-resource CRUD + bulk + export. J1 (Sprint 3F, audit):
-// auth:sanctum + tenant. tenant_id берётся из auth()->user()->tenant_id
-// (SetTenantContext), НЕ из параметра запроса — закрывает кросс-tenant утечку.
-//
-// Sprint 3 Phase A (audit O-refactor-01): single-resource CRUD в
-// DealController, bulk (transition/destroy/restore) — в
-// DealBulkActionController, export — в DealExportController.
-Route::middleware(['auth:sanctum', 'tenant'])->group(function () {
-    Route::get('/api/deals', 'App\Http\Controllers\Api\DealController@index');
-    Route::get('/api/deals/{id}', 'App\Http\Controllers\Api\DealController@show')->where('id', '[0-9]+');
-    Route::post('/api/deals', 'App\Http\Controllers\Api\DealController@store');
-    Route::post('/api/deals/export', 'App\Http\Controllers\Api\DealExportController@export');
-    Route::post('/api/deals/transition', 'App\Http\Controllers\Api\DealBulkActionController@transition');
-    Route::patch('/api/deals/{id}', 'App\Http\Controllers\Api\DealController@update')->where('id', '[0-9]+');
-    Route::delete('/api/deals', 'App\Http\Controllers\Api\DealBulkActionController@destroy');
-    Route::post('/api/deals/restore', 'App\Http\Controllers\Api\DealBulkActionController@restore');
-});
-```
-
-Lookup-роуты `/api/managers` и `/api/lead-statuses` (идут сразу после) — **вне** группы, без изменений.
-
-- [ ] **Step 2: Рефактор контроллеров — tenant из `auth()->user()`**
-
-Универсальное правило для всех 4 методов `DealController` + 3 методов `DealBulkActionController` + `export` `DealExportController`:
-
-1. Убрать чтение `tenant_id` из запроса: для `index`/`show` — строку `$tenantId = (int) $request->query('tenant_id', '0');` и следующий за ней блок `if ($tenantId < 1) { return ... 422; }`. Для `store`/`update`/`transition`/`destroy`/`restore`/`export` — ключ `'tenant_id' => 'required|integer|min:1',` из массива правил `$request->validate([...])`.
-2. Убрать резолюцию `Tenant` + 404: блок `$tenant = Tenant::find(...); if ($tenant === null) { return ... 404; }` (в `export` — `abort(404, ...)`).
-3. Добавить `$tenantId = (int) $request->user()->tenant_id;` (для `index`/`show` — на месте удалённого; для остальных — сразу после `$validated = $request->validate([...]);`).
-4. Заменить все `$tenant->id` на `$tenantId`, в `use (...)` замыканий `$tenant` → `$tenantId`.
-5. Убрать `use App\Models\Tenant;` (станет неиспользуемым; `composer pint` подчистит, но убрать явно).
-6. Внутренние `DB::transaction(...)` + `DB::statement('SET LOCAL app.current_tenant_id = ...')` — **оставить без изменений**. Для write-методов это атомарность; для `DealExportController::export` это **обязательно** — StreamedResponse-замыкание выполняется уже после commit'а транзакции `tenant`-middleware (см. комментарий в `export()` строки про «после Laravel-response pipeline»), tenant-контекст middleware streaming НЕ покрывает.
-7. Обновить docblock-и: убрать абзацы «На MVP без auth-middleware… `tenant_id` параметром… Production: middleware» — заменить на «J1 (Sprint 3F): `auth:sanctum`+`tenant`, `tenant_id` из `auth()->user()`.»
-
-Конкретно по `DealController`:
-
-- `index(Request $request)`: удалить строки `$tenantId = (int) $request->query('tenant_id', '0');` + `if ($tenantId < 1) {...422}` + `$tenant = Tenant::find($tenantId);` + `if ($tenant === null) {...404}`. На их место: `$tenantId = (int) $request->user()->tenant_id;`. Остальное (уже использует `$tenantId`) — без изменений.
-- `show(Request $request, int $id)`: то же — удалить query/422/Tenant::find/404, поставить `$tenantId = (int) $request->user()->tenant_id;`.
-- `store(Request $request)`: из `validate` убрать `'tenant_id' => 'required|integer|min:1',`; убрать `$tenant = Tenant::find($validated['tenant_id']); if (...404)`; добавить `$tenantId = (int) $request->user()->tenant_id;`; заменить `$tenant->id` → `$tenantId` (manager-guard, `use (...)` замыкания, `SET LOCAL`, `Project::firstOrCreate`, `Deal::create`, `ActivityLog::create`).
-- `update(Request $request, int $id)`: из `validate` убрать `'tenant_id' => 'required|integer|min:1',`; убрать `$tenant = Tenant::find($validated['tenant_id']); if (...404)`; добавить `$tenantId = (int) $request->user()->tenant_id;`; заменить `$tenant->id` → `$tenantId` (manager-guard, `use (...)`, `SET LOCAL`, оба `where('tenant_id', ...)`, три `ActivityLog::create(['tenant_id' => ...])`).
-
-`DealBulkActionController` — `transition`/`destroy`/`restore` идентично: убрать `tenant_id` из `validate`, убрать `Tenant::find`+404, `$tenantId = (int) $request->user()->tenant_id;`, `$tenant->id` → `$tenantId`, `use ($validated, $tenant)` → `use ($validated, $tenantId)`.
-
-`DealExportController::export` — убрать `tenant_id` из `validate`, убрать `Tenant::find`+`abort(404)`, `$tenantId = (int) $request->user()->tenant_id;`, в `use (...)` StreamedResponse-замыкания `$tenant` → `$tenantId`, `$tenant->id` → `$tenantId`.
-
-- [ ] **Step 3: Прогнать deal-тесты — убедиться в массовом red**
-
-Run: `cd app && composer test -- --filter="Deal"`
-Expected: FAIL — `DealIndexTest`/`DealShowTest`/`DealCreateTest`/`DealUpdateTest`/`DealTransitionTest`/`DealDestroyTest`/`DealRestoreTest` массово красные: запросы без `actingAs` теперь получают `401`. Это подтверждает, что auth-гейт активен (TDD-red).
-
-- [ ] **Step 4: Мигрировать 8 тест-файлов на `actingAs`**
-
-Универсальный рецепт для каждого HTTP-теста на `/api/deals*`:
-
-**(R1) `beforeEach`** — после создания `$this->tenant` добавить:
-
-```php
-    $this->user = User::factory()->for($this->tenant)->create();
-    $this->actingAs($this->user);
-```
-
-(`use App\Models\User;` — добавить в импорты файла, если ещё нет.)
-
-**(R2) URL** — убрать `?tenant_id=...` / `&tenant_id=...`: `'/api/deals?tenant_id='.$this->tenant->id` → `'/api/deals'`; `'/api/deals?tenant_id='.$id.'&status_in[]=new'` → `'/api/deals?status_in[]=new'` (если параметр был первым — следующий `&` становится `?`).
-
-**(R3) Body** — убрать ключ `'tenant_id' => ...,` из массивов `postJson`/`patchJson`/`deleteJson`.
-
-**(R4) Тесты «404 unknown tenant_id»** — **удалить целиком**. После J1 tenant берётся из `auth()->user()->tenant_id` (FK-гарантированно валиден), пути «unknown tenant» больше нет. Удаляются: `DealIndexTest` «404 для unknown tenant_id», `DealShowTest` «404 для unknown tenant», `DealUpdateTest` «404 unknown tenant», `DealTransitionTest` «404 на unknown tenant», `DealDestroyTest` «404 на unknown tenant», `DealRestoreTest` «404 на unknown tenant», `DealCreateTest` «404 при unknown tenant_id» и «POST /api/deals/export 404 unknown tenant».
-
-**(R5) Тесты «422 без tenant_id»** — конвертировать в «401 без auth»: тело — запрос **без** `actingAs` → `401`. Пример (`DealIndexTest`):
-
-```php
-test('GET /api/deals возвращает 401 без auth', function () {
-    auth()->logout();
-    $this->getJson('/api/deals')->assertStatus(401);
-});
-```
-
-Конвертируются: `DealIndexTest` «422 без tenant_id», `DealShowTest` «422 без tenant_id», `DealUpdateTest` «422 без tenant_id».
-
-**(R6) Endpoints без теста «422 без tenant_id»** (transition/destroy/restore/store/export) — добавить по одному новому тесту «401 без auth» (запрос без `actingAs`), чтобы каждый из 8 endpoint'ов имел 401-покрытие. Пример (`DealTransitionTest`):
-
-```php
-test('POST /api/deals/transition возвращает 401 без auth', function () {
-    auth()->logout();
-    $this->postJson('/api/deals/transition', ['ids' => [1], 'status' => 'new'])->assertStatus(401);
-});
-```
-
-**(R7) Тесты пустого body «422»** (`DealTransitionTest`/`DealDestroyTest`/`DealRestoreTest`: `postJson('/api/deals/transition', [])->assertStatus(422)` и аналоги) — остаются `422` (поля `ids`/`status` по-прежнему `required`); `actingAs` обеспечивается через `beforeEach` (R1), иначе был бы `401`. Если имя теста содержит «без tenant_id» — переименовать (например «422 на пустой body»).
-
-**(R8) `DealCreateTest` «422 без обязательных полей»** — остаётся `422` (`project_name`/`phone` по-прежнему `required`), но `assertJson`-проверка ключей: `toHaveKeys(['tenant_id', 'project_name', 'phone'])` → `toHaveKeys(['project_name', 'phone'])` (`tenant_id` больше не валидируемое поле).
-
-**(R9) Кросс-tenant RLS-тесты** (`DealIndexTest` «не возвращает сделки чужого tenant'а», «изолирует чужие удалённые»; `DealShowTest` «404 чужая сделка»; `DealUpdateTest` «404 чужая сделка»; и т.п.) — **оставить логику**: чужие данные сеются через `DB::statement('SET app.current_tenant_id = ...')`, `actingAs` — пользователь `$this->tenant`. Применить только R2/R3 (убрать `tenant_id` из запроса). Изоляция продолжает проверяться: backend берёт tenant из auth-пользователя.
-
-**(R10) `LookupsTest.php`** — содержит тесты `/api/managers` (НЕ трогать — endpoint без middleware) и 3 теста `POST /api/deals` (manager-guard). `beforeEach` НЕ менять (тесты `/api/managers` чувствительны к числу users тенанта — лишний `$this->user` сломал бы `toHaveCount(2)`). Вместо этого в каждый из 3 `/api/deals`-тестов («422 если manager_id не принадлежит tenant'у», «422 если manager_id не активен», «принимает manager_id из своего tenant'а») первой строкой добавить `$this->actingAs(User::factory()->for($this->tenant)->create());` и применить R3 (убрать `tenant_id` из body). Файл использует `RefreshDatabase` — created user не протекает между тестами.
-
-- [ ] **Step 5: Прогнать deal-тесты — убедиться в green**
-
-Run: `cd app && composer test -- --filter="Deal"`
-Run: `cd app && composer test -- --filter="LookupsTest"`
-Expected: PASS — 0 failed в обоих. Точное число тестов — из реального вывода (R4 удалил 8 тестов, R5/R6 добавил/конвертировал 401-тесты).
-
-- [ ] **Step 6: Pint + Larastan (regen baseline) + полная регрессия Pest**
-
-Run: `cd app && composer pint` → авто-формат применён (в т.ч. удаление неиспользуемого `use App\Models\Tenant;`).
-
-Run: `cd app && composer stan` → ожидаются НОВЫЕ ошибки от `$this->user` (новое динамическое свойство в тест-файлах) + сдвиг номеров строк → регенерировать baseline (quirk 25, 3 шага):
-
-1. В `app/phpstan.neon` временно закомментировать строку `- phpstan-baseline.neon` в `includes:`.
-2. Run: `cd app && vendor/bin/phpstan analyse --generate-baseline`
-3. Раскомментировать `- phpstan-baseline.neon` в `app/phpstan.neon`.
-
-После — повторно `cd app && composer stan` → 0 ошибок.
-
-Run: `cd app && composer test` → 0 failed (полная регрессия Pest). Базовый объём перед Sprint 3F (origin/main `ca0c4d9`) — 853 tests / 850 passed / 3 skipped / 0 failed; после Sprint 3F число изменится (J2 +2 теста; J1 −8 удалённых «404 unknown» +5..8 «401 без auth») — **точное число из реального вывода, не экстраполировать**.
-
-- [ ] **Step 7: Commit**
-
-```bash
-git add app/routes/web.php app/app/Http/Controllers/Api/DealController.php app/app/Http/Controllers/Api/DealBulkActionController.php app/app/Http/Controllers/Api/DealExportController.php app/app/Http/Controllers/Api/Concerns app/tests/Feature/DealIndexTest.php app/tests/Feature/DealShowTest.php app/tests/Feature/DealCreateTest.php app/tests/Feature/DealUpdateTest.php app/tests/Feature/DealTransitionTest.php app/tests/Feature/DealDestroyTest.php app/tests/Feature/DealRestoreTest.php app/tests/Feature/LookupsTest.php app/phpstan-baseline.neon
-git commit -m "feat(api): J1 — auth:sanctum+tenant middleware на /api/deals*"
-```
-
-(`app/app/Http/Controllers/Api/Concerns` в `git add` — на случай, если рефактор ничего там не создаст, путь просто проигнорируется; основное — 4 backend-файла + 8 тестов + baseline.)
-
-**НЕ стейджить** `app/dev-indices.json`.
-
----
-
-## Self-Review
-
-- **Spec coverage:** J1 (auth+tenant на `/api/deals*` — 8 роутов, 3 контроллера, 8 тест-файлов) ✅; J2 (стаб-гейт `/api/admin/*`) ✅. CTO-18/Б-1/DO-4 в реестре `Открытые_вопросы` не закрываются (нет «закрываем» от заказчика) — реализуется только код находок.
-- **Placeholder scan:** нет TODO/TBD в коде, кроме намеренного docblock-`TODO` в `EnsureSaasAdmin` (фиксирует, что стаб ждёт реального SSO под Б-1+DO-4 — это документация контракта, не пропуск работы). Тест-миграция задана точным рецептом R1–R10 (механическое преобразование, не placeholder).
-- **Type consistency:** `$tenantId` — `int` во всех 8 методах (`(int) $request->user()->tenant_id`); alias `'saas-admin'` и класс `EnsureSaasAdmin` совпадают между `bootstrap/app.php` и `routes/web.php`; middleware-массив `['auth:sanctum','tenant']` — порядок как в существующих группах (`/api/reminders` и др.).
-- **Атомарность J1:** middleware и миграция тестов — один коммит (Step 1–7 одной задачи); промежуточный red зафиксирован Step 3 как TDD-проверка активности auth-гейта.
-- **Регрессия admin/deal:** J2 на `testing` прозрачен → admin-тесты зелёные без изменений; J1 мигрирует все потребители `/api/deals*` (8 Pest-файлов, включая частично `LookupsTest`) — фронтенд не потребитель backend-тестов, его `tenant_id` backend молча игнорирует.
diff --git a/docs/superpowers/plans/2026-05-16-sprint4-historical-import.md b/docs/superpowers/plans/2026-05-16-sprint4-historical-import.md
deleted file mode 100644
index ccbef41..0000000
--- a/docs/superpowers/plans/2026-05-16-sprint4-historical-import.md
+++ /dev/null
@@ -1,3413 +0,0 @@
-# Sprint 4 — Историческая миграция лидов (§6 CSV-импорт) Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Тенант загружает CSV-выгрузку лидов из crm.bp-gr.ru, видит прогресс, маппит неизвестные статусы и получает email с результатом — исторические сделки переносятся без списания баланса.
-
-**Architecture:** Загруженный CSV сохраняется на диск, `ImportLeadsJob` (queued) парсит его через `CsvLeadsParser`, `HistoricalImportService` выполняет идемпотентный advisory-lock upsert в `deals` (та же логика, что `ProcessWebhookJob`), создавая недостающие месячные партиции под исторические даты. Прогресс и счётчики пишутся в `import_log`; неизвестные статусы воронки — в `import_unknown_statuses` для ручного маппинга через wizard. Баланс не списывается — фиксируется одна транзакция типа `historical_import`.
-
-**Tech Stack:** PHP 8.3 / Laravel 13 / PostgreSQL 16 (RLS + партиционирование) / Pest 4 — backend; Vue 3 + Vuetify 3 + Vitest 4 — frontend.
-
----
-
-## Scope
-
-Покрывает аудит-находки **H1, H2, H3, H4, H5, H6, H8, H9** (миграция **лидов**, спецификация — ТЗ §6).
-
-**Вынесено из плана:**
-
-- **H7 (bulk-импорт проектов)** — формат «18-колоночного CSV проектов» не специфицирован в ТЗ §6. §6.2 описывает только CSV **лидов** (9 колонок); 17-колоночная таблица в `Analiz_originala_v8_3.md:1318` — это stats-экран `/admin/visit/rt-stat`, не импортируемый формат. H7 требует отдельного format-спека → отдельный план «Sprint 4B».
-- **H8 «кнопка в ProjectsView»** — относится к импорту **проектов** (H7), а не лидов. UI-вход для лидов в этом плане — отдельный маршрут `/import` + пункт сайдбара (Task 12).
-
-## Стартовое состояние
-
-- Ветка от `origin/main` (Sprint 3F, `447ef59`). `import_log` **уже существует** в `db/schema.sql` (раздел 6.7) с RLS-политикой — нужен только `ALTER` (+5 колонок). `import_unknown_statuses` — новая таблица. Тип транзакции `historical_import` **уже** в `CHECK` на `balance_transactions`.
-- **Зависимость от Sprint 3E:** ветка `feat/sprint3e-settings-tabs` (реструктуризация вкладок `SettingsView`) не влита. Этот план НЕ трогает `SettingsView` — UI-вход через отдельный маршрут `/import` (Task 12), коллизии нет.
-- **Конвенция миграций:** `migrate:fresh` сначала грузит `db/schema.sql`, затем гоняет миграции. Поэтому каждая инкрементальная миграция guard'ится `Schema::hasTable`/`hasColumn` (см. `2026_05_11_140000_add_archived_at_to_projects.php`).
-- **Quirk 25:** любой новый Pest-тест-файл триггерит ложные срабатывания Larastan (`TestCall::$prop`/`method.notFound`) → после написания тестов нужна регенерация `app/phpstan-baseline.neon` (3 шага: закомментировать `- phpstan-baseline.neon` в `phpstan.neon` → `vendor/bin/phpstan analyse --generate-baseline` → раскомментировать). Делается одним заходом в конце соответствующего Task'а.
-
----
-
-## File Structure
-
-**Backend (`app/`):**
-
-- `database/migrations/2026_05_16_120000_sprint4_historical_import_schema.php` — H1+H2 schema delta.
-- `app/Models/ImportLog.php`, `app/Models/ImportUnknownStatus.php` — Eloquent-модели.
-- `database/factories/ImportLogFactory.php`, `database/factories/ImportUnknownStatusFactory.php`.
-- `app/Services/MonthlyPartitionManager.php` — создание месячных партиций (extract из `PartitionsCreateMonths`).
-- `app/Services/Import/StatusRuToSlugMapper.php` — чистый маппер статусов (ТЗ §6.4).
-- `app/Services/Import/CsvLeadsParser.php` + `app/Services/Import/ParsedLeadRow.php` — парсинг и валидация CSV.
-- `app/Services/Import/HistoricalImportService.php` — оркестрация upsert'а.
-- `app/Jobs/ImportLeadsJob.php` — queued-обработчик.
-- `app/Mail/ImportCompletedNotification.php` + `resources/views/mail/import-completed.blade.php`.
-- `app/Http/Controllers/Api/ImportController.php` + `app/Http/Requests/StoreImportRequest.php` + `app/Http/Requests/ResolveUnknownStatusesRequest.php`.
-- `routes/web.php` — 5 маршрутов в группе `auth:sanctum`+`tenant`.
-
-**Frontend (`app/resources/js/`):**
-
-- `api/imports.ts` — API-обёртки.
-- `views/ImportView.vue` — экран импорта.
-- `components/import/UnknownStatusesDialog.vue` — wizard маппинга.
-- `router/index.ts` — маршрут `/import`.
-- `components/AppSidebar.vue` — пункт навигации.
-
-**Docs / schema:**
-
-- `db/schema.sql` — раздел `import_unknown_statuses` + 5 колонок `import_log` + RLS + GRANTs; bump версии.
-- `db/CHANGELOG_schema.md` — запись о delta.
-- `db/02_grants.sql` — GRANTs для `import_unknown_statuses`.
-- `docs/Как_перенести_данные_из_crm-bp-gr.md` — H9 мини-инструкция.
-
----
-
-## Task 1: Schema delta — `import_unknown_statuses` + enrichment `import_log` (H1+H2)
-
-**Files:**
-
-- Create: `app/database/migrations/2026_05_16_120000_sprint4_historical_import_schema.php`
-- Modify: `db/schema.sql` (раздел 6.7 рядом с `import_log`; RLS-секция; GRANTs-секция; заголовок-версия на строке 5)
-- Modify: `db/02_grants.sql`
-- Modify: `db/CHANGELOG_schema.md`
-- Test: `app/tests/Feature/Import/ImportSchemaTest.php`
-
-- [ ] **Step 1: Написать падающий тест**
-
-`app/tests/Feature/Import/ImportSchemaTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Schema;
-
-test('import_log имеет 5 новых колонок enrichment', function (): void {
-    foreach (['entity_type', 'source_system', 'mapping_config', 'unknown_statuses_count', 'dry_run'] as $column) {
-        expect(Schema::hasColumn('import_log', $column))->toBeTrue("import_log.$column отсутствует");
-    }
-});
-
-test('import_unknown_statuses существует с RLS', function (): void {
-    expect(Schema::hasTable('import_unknown_statuses'))->toBeTrue();
-
-    $rls = DB::selectOne(
-        "SELECT relrowsecurity FROM pg_class WHERE relname = 'import_unknown_statuses'"
-    );
-    expect($rls->relrowsecurity)->toBeTrue('RLS не включён на import_unknown_statuses');
-
-    $policy = DB::selectOne(
-        "SELECT 1 AS ok FROM pg_policies WHERE tablename = 'import_unknown_statuses' AND policyname = 'tenant_isolation'"
-    );
-    expect($policy)->not->toBeNull('Политика tenant_isolation отсутствует');
-});
-
-test('import_unknown_statuses имеет UNIQUE (tenant_id, status_ru)', function (): void {
-    $unique = DB::selectOne(
-        "SELECT 1 AS ok FROM pg_constraint
-         WHERE conrelid = 'import_unknown_statuses'::regclass AND contype = 'u'"
-    );
-    expect($unique)->not->toBeNull('UNIQUE-ограничение отсутствует');
-});
-```
-
-- [ ] **Step 2: Прогнать тест — убедиться, что падает**
-
-Run: `cd app && php vendor/bin/pest tests/Feature/Import/ImportSchemaTest.php`
-Expected: FAIL — колонок/таблицы нет.
-
-- [ ] **Step 3: Создать миграцию**
-
-`app/database/migrations/2026_05_16_120000_sprint4_historical_import_schema.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Database\Migrations\Migration;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Schema;
-
-/**
- * Sprint 4 (H1+H2) — историческая миграция лидов §6.
- *
- * H1: новая таблица import_unknown_statuses (tenant-level resolved mappings).
- * H2: enrichment import_log — +5 колонок.
- *
- * Guard'ы: migrate:fresh грузит schema.sql v8.20+ (где delta уже есть) до миграций,
- * поэтому каждый кусок применяется только при отсутствии.
- */
-return new class extends Migration
-{
-    public function up(): void
-    {
-        foreach ([
-            'entity_type' => "ALTER TABLE import_log ADD COLUMN entity_type VARCHAR(20) NOT NULL DEFAULT 'leads' CHECK (entity_type IN ('leads','projects'))",
-            'source_system' => "ALTER TABLE import_log ADD COLUMN source_system VARCHAR(50) NOT NULL DEFAULT 'crm.bp-gr.ru'",
-            'mapping_config' => 'ALTER TABLE import_log ADD COLUMN mapping_config JSONB',
-            'unknown_statuses_count' => 'ALTER TABLE import_log ADD COLUMN unknown_statuses_count INT NOT NULL DEFAULT 0',
-            'dry_run' => 'ALTER TABLE import_log ADD COLUMN dry_run BOOLEAN NOT NULL DEFAULT FALSE',
-        ] as $column => $ddl) {
-            if (! Schema::hasColumn('import_log', $column)) {
-                DB::statement($ddl);
-            }
-        }
-
-        if (! Schema::hasTable('import_unknown_statuses')) {
-            DB::statement(<<<'SQL'
-                CREATE TABLE import_unknown_statuses (
-                    id              BIGSERIAL PRIMARY KEY,
-                    tenant_id       BIGINT NOT NULL REFERENCES tenants(id) ON DELETE CASCADE,
-                    import_log_id   BIGINT REFERENCES import_log(id) ON DELETE SET NULL,
-                    status_ru       VARCHAR(100) NOT NULL,
-                    occurrences     INT NOT NULL DEFAULT 0,
-                    mapped_to_slug  VARCHAR(50) REFERENCES lead_statuses(slug),
-                    resolved_at     TIMESTAMPTZ,
-                    resolved_by     BIGINT REFERENCES users(id),
-                    created_at      TIMESTAMPTZ NOT NULL DEFAULT NOW(),
-                    updated_at      TIMESTAMPTZ,
-                    UNIQUE (tenant_id, status_ru)
-                )
-                SQL);
-
-            DB::statement(
-                'CREATE INDEX idx_import_unknown_statuses_unresolved
-                 ON import_unknown_statuses (tenant_id) WHERE mapped_to_slug IS NULL'
-            );
-
-            DB::statement('ALTER TABLE import_unknown_statuses ENABLE ROW LEVEL SECURITY');
-            DB::statement(
-                "CREATE POLICY tenant_isolation ON import_unknown_statuses
-                 USING (tenant_id = current_setting('app.current_tenant_id')::bigint)"
-            );
-        }
-    }
-
-    public function down(): void
-    {
-        // down() не симметричен: на проекте rollback применяется только после
-        // migrate:fresh (см. add_archived_at_to_projects). Для отката v8.20 —
-        // отдельный schema-bump, не эта миграция.
-        DB::statement('DROP TABLE IF EXISTS import_unknown_statuses');
-
-        foreach (['entity_type', 'source_system', 'mapping_config', 'unknown_statuses_count', 'dry_run'] as $column) {
-            if (Schema::hasColumn('import_log', $column)) {
-                Schema::table('import_log', fn ($table) => $table->dropColumn($column));
-            }
-        }
-    }
-};
-```
-
-- [ ] **Step 4: Обновить `db/schema.sql`**
-
-В `db/schema.sql` в определении `CREATE TABLE import_log` (раздел 6.7, ~строка 1478) добавить 5 колонок перед закрывающей `)`:
-
-```sql
-    entity_type     VARCHAR(20) NOT NULL DEFAULT 'leads'
-                    CHECK (entity_type IN ('leads','projects')),
-    source_system   VARCHAR(50) NOT NULL DEFAULT 'crm.bp-gr.ru',
-    mapping_config  JSONB,
-    unknown_statuses_count INT NOT NULL DEFAULT 0,
-    dry_run         BOOLEAN NOT NULL DEFAULT FALSE,
-```
-
-Сразу после блока `import_log` добавить новую таблицу:
-
-```sql
--- -----------------------------------------------------------------------------
--- import_unknown_statuses — tenant-level маппинг неизвестных статусов CSV (раздел 6.4)
--- Sprint 4 (H1): русский статус из CSV, не найденный в STATUS_RU_TO_SLUG, пишется сюда.
--- Wizard (§6.6) проставляет mapped_to_slug; повторный импорт применяет маппинг.
--- -----------------------------------------------------------------------------
-CREATE TABLE import_unknown_statuses (
-    id              BIGSERIAL PRIMARY KEY,
-    tenant_id       BIGINT NOT NULL REFERENCES tenants(id) ON DELETE CASCADE,
-    import_log_id   BIGINT REFERENCES import_log(id) ON DELETE SET NULL,
-    status_ru       VARCHAR(100) NOT NULL,
-    occurrences     INT NOT NULL DEFAULT 0,
-    mapped_to_slug  VARCHAR(50) REFERENCES lead_statuses(slug),
-    resolved_at     TIMESTAMPTZ,
-    resolved_by     BIGINT REFERENCES users(id),
-    created_at      TIMESTAMPTZ NOT NULL DEFAULT NOW(),
-    updated_at      TIMESTAMPTZ,
-    UNIQUE (tenant_id, status_ru)
-);
-
-CREATE INDEX idx_import_unknown_statuses_unresolved
-    ON import_unknown_statuses (tenant_id) WHERE mapped_to_slug IS NULL;
-```
-
-В RLS-секцию (рядом со строкой `ALTER TABLE import_log ENABLE ROW LEVEL SECURITY`, ~2705) добавить:
-
-```sql
-ALTER TABLE import_unknown_statuses  ENABLE ROW LEVEL SECURITY;
-```
-
-Рядом со строкой `CREATE POLICY tenant_isolation ON import_log` (~2745):
-
-```sql
-CREATE POLICY tenant_isolation ON import_unknown_statuses USING (tenant_id = current_setting('app.current_tenant_id')::bigint);
-```
-
-В GRANTs-секции `db/schema.sql` найти строки `GRANT ... ON import_log ...` и сразу под ними добавить зеркальные для новой таблицы:
-
-```sql
-GRANT SELECT, INSERT, UPDATE, DELETE ON import_unknown_statuses TO crm_app_user, crm_app_admin;
-GRANT SELECT ON import_unknown_statuses TO crm_readonly;
-GRANT USAGE, SELECT ON SEQUENCE import_unknown_statuses_id_seq TO crm_app_user, crm_app_admin;
-```
-
-Заголовок `db/schema.sql` строка 5 — прочитать текущую базовую версию (на момент написания плана `v8.19`), bump minor +0.01 (`v8.19` → `v8.20`). Если там уже `v8.20`+ — bump до следующей. Дописать в строку 5 краткое: `Sprint 4: import_unknown_statuses + import_log enrichment (+5 колонок)`.
-
-- [ ] **Step 5: Обновить `db/02_grants.sql` и `db/CHANGELOG_schema.md`**
-
-В `db/02_grants.sql` добавить те же 3 GRANT-строки из Step 4 (зеркально блоку `import_log`).
-
-В `db/CHANGELOG_schema.md` добавить запись сверху списка:
-
-```markdown
-## v8.20 — 2026-05-16 — Sprint 4 (историческая миграция лидов §6)
-
-- **+1 таблица** `import_unknown_statuses` (tenant-level маппинг неизвестных статусов CSV; RLS `tenant_isolation`; UNIQUE `(tenant_id, status_ru)`; partial index `idx_import_unknown_statuses_unresolved`).
-- **+5 колонок** в `import_log`: `entity_type`, `source_system`, `mapping_config`, `unknown_statuses_count`, `dry_run`.
-- GRANTs для `import_unknown_statuses`: SELECT/INSERT/UPDATE/DELETE — `crm_app_user`/`crm_app_admin`; SELECT — `crm_readonly`.
-- Миграция: `2026_05_16_120000_sprint4_historical_import_schema.php` (guard'ы `hasTable`/`hasColumn`).
-```
-
-(Если базовая версия в Step 4 оказалась иной — синхронизировать номер заголовка.)
-
-- [ ] **Step 6: Применить миграцию и проверить `migrate:fresh`**
-
-Run: `cd app && php artisan migrate`
-Затем: `cd app && php artisan migrate:fresh --seed`
-Expected: обе команды — exit 0, без `duplicate column`/`already exists`.
-
-- [ ] **Step 7: Прогнать тест — убедиться, что проходит**
-
-Run: `cd app && php vendor/bin/pest tests/Feature/Import/ImportSchemaTest.php`
-Expected: PASS 3/3.
-
-- [ ] **Step 8: Коммит**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация"
-git add app/database/migrations/2026_05_16_120000_sprint4_historical_import_schema.php app/tests/Feature/Import/ImportSchemaTest.php db/schema.sql db/02_grants.sql db/CHANGELOG_schema.md
-git commit -m "feat(import): H1+H2 — схема import_unknown_statuses + enrichment import_log"
-```
-
----
-
-## Task 2: Eloquent-модели `ImportLog` и `ImportUnknownStatus`
-
-**Files:**
-
-- Create: `app/app/Models/ImportLog.php`
-- Create: `app/app/Models/ImportUnknownStatus.php`
-- Create: `app/database/factories/ImportLogFactory.php`
-- Create: `app/database/factories/ImportUnknownStatusFactory.php`
-- Test: `app/tests/Feature/Import/ImportModelsTest.php`
-
-- [ ] **Step 1: Написать падающий тест**
-
-`app/tests/Feature/Import/ImportModelsTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\ImportLog;
-use App\Models\ImportUnknownStatus;
-use App\Models\Tenant;
-use App\Models\User;
-use Illuminate\Support\Facades\DB;
-
-beforeEach(function (): void {
-    $this->tenant = Tenant::factory()->create();
-    $this->user = User::factory()->for($this->tenant)->create();
-    DB::statement('SET app.current_tenant_id = '.$this->tenant->id);
-});
-
-test('ImportLog создаётся с дефолтами и кастует mapping_config/dry_run', function (): void {
-    $log = ImportLog::create([
-        'tenant_id' => $this->tenant->id,
-        'user_id' => $this->user->id,
-        'filename' => 'leads.csv',
-        'file_path' => 'imports/1/uuid.csv',
-        'mapping_config' => ['status' => ['Новые' => 'new']],
-        'dry_run' => true,
-    ]);
-
-    expect($log->status)->toBe('pending')
-        ->and($log->entity_type)->toBe('leads')
-        ->and($log->dry_run)->toBeTrue()
-        ->and($log->mapping_config)->toBe(['status' => ['Новые' => 'new']]);
-});
-
-test('ImportUnknownStatus хранит маппинг и фильтруется scope unresolved', function (): void {
-    ImportUnknownStatus::create([
-        'tenant_id' => $this->tenant->id,
-        'status_ru' => 'Архив',
-        'occurrences' => 3,
-    ]);
-    ImportUnknownStatus::create([
-        'tenant_id' => $this->tenant->id,
-        'status_ru' => 'Спам',
-        'occurrences' => 1,
-        'mapped_to_slug' => 'closed',
-        'resolved_at' => now(),
-    ]);
-
-    expect(ImportUnknownStatus::unresolved()->count())->toBe(1)
-        ->and(ImportUnknownStatus::unresolved()->first()->status_ru)->toBe('Архив');
-});
-```
-
-- [ ] **Step 2: Прогнать — убедиться, что падает**
-
-Run: `cd app && php vendor/bin/pest tests/Feature/Import/ImportModelsTest.php`
-Expected: FAIL — классов `ImportLog`/`ImportUnknownStatus` нет.
-
-- [ ] **Step 3: Создать модель `ImportLog`**
-
-`app/app/Models/ImportLog.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Models;
-
-use Database\Factories\ImportLogFactory;
-use Illuminate\Database\Eloquent\Factories\HasFactory;
-use Illuminate\Database\Eloquent\Model;
-use Illuminate\Database\Eloquent\Relations\BelongsTo;
-
-/**
- * Журнал CSV-импорта (schema §6.7, Sprint 4).
- *
- * Tenant-aware модель с RLS: tenant_isolation по current_setting('app.current_tenant_id').
- * Sprint 4 enrichment: entity_type / source_system / mapping_config / unknown_statuses_count / dry_run.
- *
- * @mixin IdeHelperImportLog
- */
-class ImportLog extends Model
-{
-    /** @use HasFactory<ImportLogFactory> */
-    use HasFactory;
-
-    public const UPDATED_AT = null;
-
-    public const CREATED_AT = null;
-
-    protected $table = 'import_log';
-
-    protected $fillable = [
-        'tenant_id',
-        'user_id',
-        'filename',
-        'file_path',
-        'rows_total',
-        'rows_added',
-        'rows_updated',
-        'rows_skipped',
-        'status',
-        'error_message',
-        'started_at',
-        'finished_at',
-        'entity_type',
-        'source_system',
-        'mapping_config',
-        'unknown_statuses_count',
-        'dry_run',
-    ];
-
-    protected function casts(): array
-    {
-        return [
-            'tenant_id' => 'integer',
-            'user_id' => 'integer',
-            'rows_total' => 'integer',
-            'rows_added' => 'integer',
-            'rows_updated' => 'integer',
-            'rows_skipped' => 'integer',
-            'unknown_statuses_count' => 'integer',
-            'dry_run' => 'boolean',
-            'mapping_config' => 'array',
-            'started_at' => 'datetime',
-            'finished_at' => 'datetime',
-        ];
-    }
-
-    /** @return BelongsTo<Tenant, $this> */
-    public function tenant(): BelongsTo
-    {
-        return $this->belongsTo(Tenant::class);
-    }
-
-    /** @return BelongsTo<User, $this> */
-    public function user(): BelongsTo
-    {
-        return $this->belongsTo(User::class);
-    }
-}
-```
-
-> NB: таблица `import_log` имеет только `started_at`/`finished_at` (нет `created_at`/`updated_at`) — поэтому `CREATED_AT`/`UPDATED_AT = null`, иначе Eloquent попытается писать несуществующие колонки.
-
-- [ ] **Step 4: Создать модель `ImportUnknownStatus`**
-
-`app/app/Models/ImportUnknownStatus.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Models;
-
-use Database\Factories\ImportUnknownStatusFactory;
-use Illuminate\Database\Eloquent\Builder;
-use Illuminate\Database\Eloquent\Factories\HasFactory;
-use Illuminate\Database\Eloquent\Model;
-use Illuminate\Database\Eloquent\Relations\BelongsTo;
-
-/**
- * Неизвестный статус воронки из CSV-импорта (schema §6.4, Sprint 4 H1).
- *
- * Tenant-aware модель с RLS. UNIQUE (tenant_id, status_ru): повторный импорт
- * инкрементит occurrences и переиспользует ранее проставленный mapped_to_slug.
- *
- * @mixin IdeHelperImportUnknownStatus
- */
-class ImportUnknownStatus extends Model
-{
-    /** @use HasFactory<ImportUnknownStatusFactory> */
-    use HasFactory;
-
-    protected $fillable = [
-        'tenant_id',
-        'import_log_id',
-        'status_ru',
-        'occurrences',
-        'mapped_to_slug',
-        'resolved_at',
-        'resolved_by',
-    ];
-
-    protected function casts(): array
-    {
-        return [
-            'tenant_id' => 'integer',
-            'import_log_id' => 'integer',
-            'occurrences' => 'integer',
-            'resolved_by' => 'integer',
-            'resolved_at' => 'datetime',
-            'created_at' => 'datetime',
-            'updated_at' => 'datetime',
-        ];
-    }
-
-    /**
-     * Незамапленные статусы (mapped_to_slug IS NULL) — вход для wizard'а §6.6.
-     *
-     * @param  Builder<ImportUnknownStatus>  $query
-     * @return Builder<ImportUnknownStatus>
-     */
-    public function scopeUnresolved(Builder $query): Builder
-    {
-        return $query->whereNull('mapped_to_slug');
-    }
-
-    /** @return BelongsTo<Tenant, $this> */
-    public function tenant(): BelongsTo
-    {
-        return $this->belongsTo(Tenant::class);
-    }
-}
-```
-
-- [ ] **Step 5: Создать фабрики**
-
-`app/database/factories/ImportLogFactory.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace Database\Factories;
-
-use App\Models\ImportLog;
-use App\Models\Tenant;
-use App\Models\User;
-use Illuminate\Database\Eloquent\Factories\Factory;
-
-/** @extends Factory<ImportLog> */
-class ImportLogFactory extends Factory
-{
-    protected $model = ImportLog::class;
-
-    public function definition(): array
-    {
-        return [
-            'tenant_id' => Tenant::factory(),
-            'user_id' => User::factory(),
-            'filename' => 'leads-export.csv',
-            'file_path' => 'imports/1/'.$this->faker->uuid().'.csv',
-            'status' => 'pending',
-            'entity_type' => 'leads',
-            'source_system' => 'crm.bp-gr.ru',
-            'dry_run' => false,
-        ];
-    }
-}
-```
-
-`app/database/factories/ImportUnknownStatusFactory.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace Database\Factories;
-
-use App\Models\ImportUnknownStatus;
-use App\Models\Tenant;
-use Illuminate\Database\Eloquent\Factories\Factory;
-
-/** @extends Factory<ImportUnknownStatus> */
-class ImportUnknownStatusFactory extends Factory
-{
-    protected $model = ImportUnknownStatus::class;
-
-    public function definition(): array
-    {
-        return [
-            'tenant_id' => Tenant::factory(),
-            'status_ru' => $this->faker->unique()->word(),
-            'occurrences' => $this->faker->numberBetween(1, 20),
-            'mapped_to_slug' => null,
-        ];
-    }
-}
-```
-
-- [ ] **Step 6: Прогнать тест — убедиться, что проходит**
-
-Run: `cd app && php vendor/bin/pest tests/Feature/Import/ImportModelsTest.php`
-Expected: PASS 2/2.
-
-- [ ] **Step 7: Коммит**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация"
-git add app/app/Models/ImportLog.php app/app/Models/ImportUnknownStatus.php app/database/factories/ImportLogFactory.php app/database/factories/ImportUnknownStatusFactory.php app/tests/Feature/Import/ImportModelsTest.php
-git commit -m "feat(import): Eloquent-модели ImportLog + ImportUnknownStatus"
-```
-
----
-
-## Task 3: Сервис `MonthlyPartitionManager` (extract + рефактор команды)
-
-Исторические `received_at` лидов выходят за пределы существующих партиций `deals` (только май–окт 2026). Нужен сервис создания месячных партиций под произвольный диапазон дат. Логика DDL уже есть в `PartitionsCreateMonths` — выносим в переиспользуемый сервис (DRY), команда рефакторится на него.
-
-**Files:**
-
-- Create: `app/app/Services/MonthlyPartitionManager.php`
-- Modify: `app/app/Console/Commands/PartitionsCreateMonths.php`
-- Test: `app/tests/Feature/Import/MonthlyPartitionManagerTest.php`
-
-- [ ] **Step 1: Написать падающий тест**
-
-`app/tests/Feature/Import/MonthlyPartitionManagerTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Services\MonthlyPartitionManager;
-use Illuminate\Support\Carbon;
-use Illuminate\Support\Facades\DB;
-
-function partitionExists(string $name): bool
-{
-    return DB::selectOne(
-        "SELECT 1 AS ok FROM pg_class WHERE relname = ? AND relkind = 'r'",
-        [$name],
-    ) !== null;
-}
-
-test('ensureRange создаёт месячные партиции deals под диапазон', function (): void {
-    $manager = app(MonthlyPartitionManager::class);
-
-    $created = $manager->ensureRange(
-        'deals',
-        Carbon::parse('2024-02-15'),
-        Carbon::parse('2024-04-03'),
-    );
-
-    expect($created)->toBeGreaterThanOrEqual(3)
-        ->and(partitionExists('deals_2024_02'))->toBeTrue()
-        ->and(partitionExists('deals_2024_03'))->toBeTrue()
-        ->and(partitionExists('deals_2024_04'))->toBeTrue();
-});
-
-test('ensureRange идемпотентна — повторный вызов не падает', function (): void {
-    $manager = app(MonthlyPartitionManager::class);
-
-    $manager->ensureRange('deals', Carbon::parse('2024-02-15'), Carbon::parse('2024-02-20'));
-    $secondRun = $manager->ensureRange('deals', Carbon::parse('2024-02-15'), Carbon::parse('2024-02-20'));
-
-    expect($secondRun)->toBe(0); // всё уже существует
-});
-
-test('ensureRange отвергает неизвестную таблицу', function (): void {
-    app(MonthlyPartitionManager::class)->ensureRange('orders', now(), now());
-})->throws(InvalidArgumentException::class);
-```
-
-- [ ] **Step 2: Прогнать — убедиться, что падает**
-
-Run: `cd app && php vendor/bin/pest tests/Feature/Import/MonthlyPartitionManagerTest.php`
-Expected: FAIL — класса `MonthlyPartitionManager` нет.
-
-- [ ] **Step 3: Создать сервис**
-
-`app/app/Services/MonthlyPartitionManager.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services;
-
-use Carbon\CarbonInterface;
-use Illuminate\Support\Facades\DB;
-use InvalidArgumentException;
-
-/**
- * Создаёт месячные RANGE-партиции для таблиц, партиционированных по received_at.
- *
- * Native-замена pg_partman (расширение недоступно на Windows-стеке без сборки
- * из исходников). Идемпотентна: партиция, которая уже есть, пропускается.
- *
- * Используется:
- *   - cron `partitions:create-months` — N месяцев вперёд;
- *   - HistoricalImportService — под исторический диапазон дат CSV.
- */
-class MonthlyPartitionManager
-{
-    /** @var array<int, string> Таблицы, партиционированные по received_at помесячно. */
-    public const PARTITIONED_TABLES = ['deals', 'supplier_lead_costs'];
-
-    /**
-     * Гарантирует наличие месячных партиций таблицы для всех месяцев,
-     * пересекающих [$from, $to] включительно.
-     *
-     * @return int Сколько партиций реально создано (0 — все уже были).
-     */
-    public function ensureRange(string $table, CarbonInterface $from, CarbonInterface $to): int
-    {
-        if (! in_array($table, self::PARTITIONED_TABLES, true)) {
-            throw new InvalidArgumentException("Таблица '{$table}' не партиционирована помесячно");
-        }
-
-        $month = $from->copy()->startOfMonth();
-        $last = $to->copy()->startOfMonth();
-        $created = 0;
-
-        while ($month->lessThanOrEqualTo($last)) {
-            $created += $this->ensureMonth($table, $month) ? 1 : 0;
-            $month->addMonth();
-        }
-
-        return $created;
-    }
-
-    /**
-     * Создаёт одну месячную партицию. Возвращает true, если партиция создана,
-     * false — если уже существовала.
-     */
-    public function ensureMonth(string $table, CarbonInterface $monthStart): bool
-    {
-        if (! in_array($table, self::PARTITIONED_TABLES, true)) {
-            throw new InvalidArgumentException("Таблица '{$table}' не партиционирована помесячно");
-        }
-
-        $start = $monthStart->copy()->startOfMonth();
-        $end = $start->copy()->addMonth();
-        $partition = sprintf('%s_%s', $table, $start->format('Y_m'));
-
-        $exists = DB::selectOne(
-            "SELECT 1 AS ok FROM pg_class WHERE relname = ? AND relkind = 'r'",
-            [$partition],
-        );
-
-        if ($exists !== null) {
-            return false;
-        }
-
-        DB::statement(sprintf(
-            "CREATE TABLE %s PARTITION OF %s FOR VALUES FROM ('%s') TO ('%s')",
-            $partition,
-            $table,
-            $start->format('Y-m-d'),
-            $end->format('Y-m-d'),
-        ));
-
-        return true;
-    }
-}
-```
-
-- [ ] **Step 4: Рефакторить `PartitionsCreateMonths` на сервис**
-
-Заменить тело `handle()` в `app/app/Console/Commands/PartitionsCreateMonths.php` так, чтобы цикл использовал `MonthlyPartitionManager::ensureMonth()`. Метод `partitionExists()` и константу `PARTITIONED_TABLES` из команды удалить (теперь в сервисе). Новое `handle()`:
-
-```php
-public function handle(MonthlyPartitionManager $manager): int
-{
-    $ahead = max(1, (int) $this->option('ahead'));
-    $now = Carbon::now()->startOfMonth();
-
-    $created = 0;
-    $skipped = 0;
-
-    for ($i = 0; $i <= $ahead; $i++) {
-        $monthStart = $now->copy()->addMonths($i);
-
-        foreach (MonthlyPartitionManager::PARTITIONED_TABLES as $table) {
-            $partitionName = sprintf('%s_%s', $table, $monthStart->format('Y_m'));
-
-            if ($manager->ensureMonth($table, $monthStart)) {
-                $created++;
-                $this->info("  create <fg=green>{$partitionName}</>");
-            } else {
-                $skipped++;
-                $this->line("  skip   <fg=gray>{$partitionName}</> (already exists)");
-            }
-        }
-    }
-
-    $this->newLine();
-    $this->info("Done: {$created} created, {$skipped} skipped (ahead={$ahead}).");
-
-    return self::SUCCESS;
-}
-```
-
-Добавить `use App\Services\MonthlyPartitionManager;`, удалить теперь неиспользуемый `use ... DB;` если он больше нигде не нужен в файле.
-
-- [ ] **Step 5: Прогнать тесты — сервис + регрессия команды**
-
-Run: `cd app && php vendor/bin/pest tests/Feature/Import/MonthlyPartitionManagerTest.php tests/Feature/PartitionsCreateMonthsTest.php`
-Expected: PASS — новый тест 3/3 + существующий `PartitionsCreateMonthsTest` зелёный (поведение команды не изменилось).
-
-- [ ] **Step 6: Коммит**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация"
-git add app/app/Services/MonthlyPartitionManager.php app/app/Console/Commands/PartitionsCreateMonths.php app/tests/Feature/Import/MonthlyPartitionManagerTest.php
-git commit -m "feat(import): сервис MonthlyPartitionManager + рефактор partitions:create-months"
-```
-
----
-
-## Task 4: Сервис `StatusRuToSlugMapper` (ТЗ §6.4)
-
-Чистый сервис: маппит русское название статуса воронки в slug по фиксированной таблице ТЗ §6.4. Tenant-специфичные переопределения (из `import_unknown_statuses`) НЕ здесь — их накладывает `HistoricalImportService` (Task 6).
-
-**Files:**
-
-- Create: `app/app/Services/Import/StatusRuToSlugMapper.php`
-- Test: `app/tests/Unit/Import/StatusRuToSlugMapperTest.php`
-
-- [ ] **Step 1: Написать падающий тест**
-
-`app/tests/Unit/Import/StatusRuToSlugMapperTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Services\Import\StatusRuToSlugMapper;
-
-test('маппит все 14 канонических статусов §6.4', function (): void {
-    $mapper = new StatusRuToSlugMapper;
-
-    expect($mapper->toSlug('Новые'))->toBe('new')
-        ->and($mapper->toSlug('Оплачено'))->toBe('paid')
-        ->and($mapper->toSlug('Конечный недозвон'))->toBe('final_missed')
-        ->and($mapper->map())->toHaveCount(14);
-});
-
-test('тримит пробелы вокруг значения', function (): void {
-    expect((new StatusRuToSlugMapper)->toSlug('  Переговоры  '))->toBe('negotiations');
-});
-
-test('возвращает null для неизвестного статуса', function (): void {
-    expect((new StatusRuToSlugMapper)->toSlug('Архив'))->toBeNull()
-        ->and((new StatusRuToSlugMapper)->toSlug(''))->toBeNull();
-});
-```
-
-- [ ] **Step 2: Прогнать — убедиться, что падает**
-
-Run: `cd app && php vendor/bin/pest tests/Unit/Import/StatusRuToSlugMapperTest.php`
-Expected: FAIL — класса нет.
-
-- [ ] **Step 3: Создать сервис**
-
-`app/app/Services/Import/StatusRuToSlugMapper.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Import;
-
-/**
- * Маппинг русских названий статусов воронки в slug (ТЗ §6.4).
- *
- * Чистый сервис без зависимостей. Tenant-специфичные переопределения
- * неизвестных статусов накладываются вызывающим кодом (HistoricalImportService).
- */
-class StatusRuToSlugMapper
-{
-    /** @var array<string, string> Канонический маппинг ТЗ §6.4 (14 статусов воронки). */
-    private const STATUS_RU_TO_SLUG = [
-        'Новые' => 'new',
-        'Просмотрено' => 'viewed',
-        'Проработан' => 'worked',
-        'База' => 'base',
-        'Недозвон' => 'missed',
-        'Переговоры' => 'negotiations',
-        'Ожидаем оплаты' => 'waiting_payment',
-        'Партнерка' => 'partnership',
-        'Оплачено' => 'paid',
-        'Закрыто и не реализовано' => 'closed',
-        'Тест драйв' => 'test_drive',
-        'Горячий' => 'hot',
-        'На замену' => 'replacement',
-        'Конечный недозвон' => 'final_missed',
-    ];
-
-    /**
-     * Возвращает slug или null, если статус не входит в каноническую таблицу.
-     */
-    public function toSlug(string $statusRu): ?string
-    {
-        return self::STATUS_RU_TO_SLUG[trim($statusRu)] ?? null;
-    }
-
-    /**
-     * Полная каноническая таблица — для UI wizard'а (показать варианты).
-     *
-     * @return array<string, string>
-     */
-    public function map(): array
-    {
-        return self::STATUS_RU_TO_SLUG;
-    }
-}
-```
-
-- [ ] **Step 4: Прогнать — убедиться, что проходит**
-
-Run: `cd app && php vendor/bin/pest tests/Unit/Import/StatusRuToSlugMapperTest.php`
-Expected: PASS 3/3.
-
-- [ ] **Step 5: Коммит**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация"
-git add app/app/Services/Import/StatusRuToSlugMapper.php app/tests/Unit/Import/StatusRuToSlugMapperTest.php
-git commit -m "feat(import): сервис StatusRuToSlugMapper (ТЗ §6.4)"
-```
-
----
-
-## Task 5: Сервис `CsvLeadsParser` + DTO `ParsedLeadRow`
-
-Парсит CSV-выгрузку лидов crm.bp-gr.ru (ТЗ §6.2): срезает BOM, разбирает строки, валидирует. Возвращает валидные строки как DTO + список ошибок (строка/сообщение). Невалидные строки в БД не попадают.
-
-**Files:**
-
-- Create: `app/app/Services/Import/ParsedLeadRow.php`
-- Create: `app/app/Services/Import/CsvParseResult.php`
-- Create: `app/app/Services/Import/CsvLeadsParser.php`
-- Test: `app/tests/Unit/Import/CsvLeadsParserTest.php`
-
-- [ ] **Step 1: Написать падающий тест**
-
-`app/tests/Unit/Import/CsvLeadsParserTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Services\Import\CsvLeadsParser;
-
-function csvLeads(string $body, bool $withBom = true): string
-{
-    $header = 'id,Проект,Тег проекта,Телефон,Создано,Напоминание,Комментарий,Состояние,Имя';
-
-    return ($withBom ? "\xEF\xBB\xBF" : '').$header."\n".$body;
-}
-
-test('парсит валидную строку в ParsedLeadRow', function (): void {
-    $result = (new CsvLeadsParser)->parse(csvLeads(
-        '1001,B1_Окна,окна,79161234567,2024/03/15 10:30:00,,Тёплый клиент,Переговоры,Иван'
-    ));
-
-    expect($result->rows)->toHaveCount(1)
-        ->and($result->errors)->toBeEmpty();
-
-    $row = $result->rows[0];
-    expect($row->sourceCrmId)->toBe(1001)
-        ->and($row->projectName)->toBe('Окна')          // префикс B1_ срезан
-        ->and($row->projectTag)->toBe('окна')
-        ->and($row->phone)->toBe('79161234567')
-        ->and($row->statusRu)->toBe('Переговоры')
-        ->and($row->contactName)->toBe('Иван')
-        ->and($row->reminderAt)->toBeNull()
-        ->and($row->receivedAt->format('Y-m-d H:i:s'))->toBe('2024-03-15 10:30:00');
-});
-
-test('срезает BOM и не считает заголовок строкой данных', function (): void {
-    $result = (new CsvLeadsParser)->parse(csvLeads(
-        '1,Проект,тег,79990001122,2024/01/01 00:00:00,,,Новые,'
-    ));
-
-    expect($result->rows)->toHaveCount(1)
-        ->and($result->rows[0]->sourceCrmId)->toBe(1);
-});
-
-test('парсит напоминание когда оно непустое', function (): void {
-    $result = (new CsvLeadsParser)->parse(csvLeads(
-        '2,П,т,79990001122,2024/01/01 09:00:00,2024/01/05 12:00:00,,Новые,'
-    ));
-
-    expect($result->rows[0]->reminderAt?->format('Y-m-d H:i:s'))->toBe('2024-01-05 12:00:00');
-});
-
-test('собирает ошибки невалидного телефона и даты, не роняя парсинг', function (): void {
-    $result = (new CsvLeadsParser)->parse(csvLeads(
-        "3,П,т,8916123,2024/01/01 00:00:00,,,Новые,\n".
-        "4,П,т,79990001122,НЕ-ДАТА,,,Новые,\n".
-        '5,П,т,79990001133,2024/01/02 00:00:00,,,Новые,'
-    ));
-
-    expect($result->rows)->toHaveCount(1)              // только строка 5 валидна
-        ->and($result->rows[0]->sourceCrmId)->toBe(5)
-        ->and($result->errors)->toHaveCount(2);
-
-    expect($result->errors[0]['line'])->toBe(2);        // 1-я data-строка (после header)
-});
-
-test('обрабатывает кавычки и запятые внутри поля', function (): void {
-    $result = (new CsvLeadsParser)->parse(csvLeads(
-        '6,П,т,79990001122,2024/01/01 00:00:00,,"Комментарий, с запятой",Новые,Пётр'
-    ));
-
-    expect($result->rows[0]->comment)->toBe('Комментарий, с запятой');
-});
-```
-
-- [ ] **Step 2: Прогнать — убедиться, что падает**
-
-Run: `cd app && php vendor/bin/pest tests/Unit/Import/CsvLeadsParserTest.php`
-Expected: FAIL — классов нет.
-
-- [ ] **Step 3: Создать DTO `ParsedLeadRow`**
-
-`app/app/Services/Import/ParsedLeadRow.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Import;
-
-use Carbon\CarbonImmutable;
-
-/**
- * Одна валидная строка CSV-импорта лидов (ТЗ §6.3).
- */
-final readonly class ParsedLeadRow
-{
-    public function __construct(
-        public int $sourceCrmId,
-        public string $projectName,
-        public ?string $projectTag,
-        public string $phone,
-        public CarbonImmutable $receivedAt,
-        public ?CarbonImmutable $reminderAt,
-        public ?string $comment,
-        public string $statusRu,
-        public ?string $contactName,
-    ) {}
-}
-```
-
-- [ ] **Step 4: Создать DTO `CsvParseResult`**
-
-`app/app/Services/Import/CsvParseResult.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Import;
-
-/**
- * Результат парсинга CSV: валидные строки + ошибки по номеру строки.
- */
-final readonly class CsvParseResult
-{
-    /**
-     * @param  array<int, ParsedLeadRow>  $rows
-     * @param  array<int, array{line: int, message: string}>  $errors
-     */
-    public function __construct(
-        public array $rows,
-        public array $errors,
-    ) {}
-}
-```
-
-- [ ] **Step 5: Создать `CsvLeadsParser`**
-
-`app/app/Services/Import/CsvLeadsParser.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Import;
-
-use Carbon\CarbonImmutable;
-use Throwable;
-
-/**
- * Парсер CSV-выгрузки лидов из crm.bp-gr.ru (ТЗ §6.2/§6.3).
- *
- * Формат: UTF-8 с BOM, разделитель — запятая, дата `Y/m/d H:i:s`,
- * телефон `7XXXXXXXXXX`. Заголовок:
- *   id,Проект,Тег проекта,Телефон,Создано,Напоминание,Комментарий,Состояние,Имя
- *
- * Невалидные строки не роняют парсинг — собираются в errors[].
- * Файл целиком загружается в память (MVP: ожидаемый объём — единицы тысяч строк).
- */
-class CsvLeadsParser
-{
-    private const EXPECTED_COLUMNS = 9;
-
-    private const DATE_FORMAT = 'Y/m/d H:i:s';
-
-    public function parse(string $content): CsvParseResult
-    {
-        // Срезаем UTF-8 BOM.
-        if (str_starts_with($content, "\xEF\xBB\xBF")) {
-            $content = substr($content, 3);
-        }
-
-        $lines = preg_split('/\r\n|\r|\n/', trim($content)) ?: [];
-        $rows = [];
-        $errors = [];
-
-        // Строка 0 — заголовок, пропускаем. dataLine — 1-based номер строки данных.
-        foreach (array_slice($lines, 1) as $index => $rawLine) {
-            $dataLine = $index + 1;
-
-            if (trim($rawLine) === '') {
-                continue;
-            }
-
-            $cells = str_getcsv($rawLine);
-
-            if (count($cells) < self::EXPECTED_COLUMNS) {
-                $errors[] = ['line' => $dataLine, 'message' => 'Ожидалось 9 колонок, получено '.count($cells)];
-
-                continue;
-            }
-
-            $parsed = $this->parseRow($cells, $dataLine, $errors);
-            if ($parsed !== null) {
-                $rows[] = $parsed;
-            }
-        }
-
-        return new CsvParseResult($rows, $errors);
-    }
-
-    /**
-     * @param  array<int, string>  $cells
-     * @param  array<int, array{line: int, message: string}>  $errors
-     */
-    private function parseRow(array $cells, int $dataLine, array &$errors): ?ParsedLeadRow
-    {
-        [$id, $project, $tag, $phone, $createdAt, $reminder, $comment, $status, $name] = $cells;
-
-        $phone = trim($phone);
-        if (preg_match('/^7\d{10}$/', $phone) !== 1) {
-            $errors[] = ['line' => $dataLine, 'message' => "Невалидный телефон: '{$phone}'"];
-
-            return null;
-        }
-
-        $receivedAt = $this->parseDate($createdAt);
-        if ($receivedAt === null) {
-            $errors[] = ['line' => $dataLine, 'message' => "Невалидная дата 'Создано': '{$createdAt}'"];
-
-            return null;
-        }
-
-        $reminderAt = trim($reminder) === '' ? null : $this->parseDate($reminder);
-        if (trim($reminder) !== '' && $reminderAt === null) {
-            $errors[] = ['line' => $dataLine, 'message' => "Невалидная дата 'Напоминание': '{$reminder}'"];
-
-            return null;
-        }
-
-        $status = trim($status);
-        if ($status === '') {
-            $errors[] = ['line' => $dataLine, 'message' => 'Пустое поле «Состояние»'];
-
-            return null;
-        }
-
-        // Префикс B[123]_ из названия проекта срезается (паритет с ProcessWebhookJob).
-        $projectName = (string) preg_replace('/^B[123]_/', '', trim($project));
-        if ($projectName === '') {
-            $errors[] = ['line' => $dataLine, 'message' => 'Пустое название проекта'];
-
-            return null;
-        }
-
-        return new ParsedLeadRow(
-            sourceCrmId: (int) trim($id),
-            projectName: $projectName,
-            projectTag: trim($tag) === '' ? null : trim($tag),
-            phone: $phone,
-            receivedAt: $receivedAt,
-            reminderAt: $reminderAt,
-            comment: trim($comment) === '' ? null : trim($comment),
-            statusRu: $status,
-            contactName: trim($name) === '' ? null : trim($name),
-        );
-    }
-
-    private function parseDate(string $value): ?CarbonImmutable
-    {
-        try {
-            $date = CarbonImmutable::createFromFormat(self::DATE_FORMAT, trim($value));
-        } catch (Throwable) {
-            return null;
-        }
-
-        // createFromFormat возвращает false при несовпадении формата.
-        return $date instanceof CarbonImmutable ? $date : null;
-    }
-}
-```
-
-- [ ] **Step 6: Прогнать — убедиться, что проходит**
-
-Run: `cd app && php vendor/bin/pest tests/Unit/Import/CsvLeadsParserTest.php`
-Expected: PASS 5/5.
-
-- [ ] **Step 7: Коммит**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация"
-git add app/app/Services/Import/ParsedLeadRow.php app/app/Services/Import/CsvParseResult.php app/app/Services/Import/CsvLeadsParser.php app/tests/Unit/Import/CsvLeadsParserTest.php
-git commit -m "feat(import): CsvLeadsParser + DTO ParsedLeadRow/CsvParseResult"
-```
-
----
-
-## Task 6: Сервис `HistoricalImportService` — идемпотентный upsert
-
-Ядро миграции. На входе — список `ParsedLeadRow` + `ImportLog`. Создаёт партиции под исторический диапазон, для каждой строки делает advisory-lock upsert в `deals` (логика `ProcessWebhookJob::upsertDeal`), создаёт `reminders` для непустого «Напоминание», пишет неизвестные статусы в `import_unknown_statuses`. **Баланс не списывается** — одна транзакция `historical_import` фиксируется отдельно (ТЗ §6.5).
-
-**Архитектурные решения:**
-
-- ТЗ §6.3 маппит «Напоминание» на `deals.reminder_at` — **этой колонки больше нет** (удалена в schema v8.3, заменена таблицей `reminders`). Поэтому непустое «Напоминание» создаёт строку `reminders` (`text` = «Импортировано из crm.bp-gr.ru», `remind_at` = дата, `created_by` = импортирующий пользователь).
-- Идемпотентность — через `webhook_dedup_keys` по `(tenant_id, source_crm_id)`, та же advisory-lock логика, что в `ProcessWebhookJob`. Повторный импорт: ТЗ §6.5 стадия 3a → UPDATE `status/contact_name/comment` (в отличие от webhook'а, где `status` не перезаписывается — для исторической миграции перезапись осознанная, ТЗ §6.5).
-- Каждая строка — в собственной транзакции (`SET LOCAL` + advisory lock + upsert + reminder). Ошибка одной строки не роняет остальные. Партиции создаются один раз заранее.
-- `dry_run`: маппинг + валидация + детект неизвестных статусов, без создания партиций/сделок/напоминаний. Возвращает проекцию счётчиков.
-
-**Files:**
-
-- Create: `app/app/Services/Import/ImportResult.php`
-- Create: `app/app/Services/Import/HistoricalImportService.php`
-- Test: `app/tests/Feature/Import/HistoricalImportServiceTest.php`
-
-- [ ] **Step 1: Написать падающий тест**
-
-`app/tests/Feature/Import/HistoricalImportServiceTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Deal;
-use App\Models\ImportLog;
-use App\Models\ImportUnknownStatus;
-use App\Models\Reminder;
-use App\Models\Tenant;
-use App\Models\User;
-use App\Services\Import\CsvLeadsParser;
-use App\Services\Import\HistoricalImportService;
-use Illuminate\Support\Facades\DB;
-
-beforeEach(function (): void {
-    $this->tenant = Tenant::factory()->create(['balance_leads' => 5]);
-    $this->user = User::factory()->for($this->tenant)->create();
-    DB::statement('SET app.current_tenant_id = '.$this->tenant->id);
-    $this->service = app(HistoricalImportService::class);
-});
-
-function importLog(Tenant $tenant, User $user, bool $dryRun = false): ImportLog
-{
-    return ImportLog::create([
-        'tenant_id' => $tenant->id,
-        'user_id' => $user->id,
-        'filename' => 'leads.csv',
-        'file_path' => 'imports/x.csv',
-        'dry_run' => $dryRun,
-    ]);
-}
-
-function parseFixture(string $body): array
-{
-    $header = "\xEF\xBB\xBF".'id,Проект,Тег проекта,Телефон,Создано,Напоминание,Комментарий,Состояние,Имя';
-
-    return (new CsvLeadsParser)->parse($header."\n".$body)->rows;
-}
-
-test('импортирует исторические лиды, создавая партиции под старые даты', function (): void {
-    $rows = parseFixture(
-        '5001,Окна,окна,79161112233,2023/07/10 10:00:00,,Комментарий,Переговоры,Иван'
-    );
-
-    $result = $this->service->import($this->tenant->id, $this->user->id, importLog($this->tenant, $this->user), $rows);
-
-    expect($result->added)->toBe(1)
-        ->and($result->updated)->toBe(0);
-
-    $deal = Deal::query()->where('source_crm_id', 5001)->firstOrFail();
-    expect($deal->status)->toBe('negotiations')
-        ->and($deal->phone)->toBe('79161112233')
-        ->and($deal->received_at->format('Y-m-d'))->toBe('2023-07-10');
-});
-
-test('баланс лидов не списывается, фиксируется транзакция historical_import', function (): void {
-    $rows = parseFixture(
-        '5002,Окна,окна,79161112234,2023/07/11 10:00:00,,,Новые,'
-    );
-
-    $this->service->import($this->tenant->id, $this->user->id, importLog($this->tenant, $this->user), $rows);
-
-    expect($this->tenant->fresh()->balance_leads)->toBe(5); // не изменился
-
-    $tx = DB::table('balance_transactions')
-        ->where('tenant_id', $this->tenant->id)
-        ->where('type', 'historical_import')
-        ->first();
-    expect($tx)->not->toBeNull()
-        ->and((int) $tx->amount_leads)->toBe(0);
-});
-
-test('повторный импорт того же файла не создаёт дублей (idempotent UPDATE)', function (): void {
-    $rows = parseFixture(
-        '5003,Окна,окна,79161112235,2023/08/01 10:00:00,,Старый,Новые,'
-    );
-    $this->service->import($this->tenant->id, $this->user->id, importLog($this->tenant, $this->user), $rows);
-
-    $rows2 = parseFixture(
-        '5003,Окна,окна,79161112235,2023/08/01 10:00:00,,Обновлённый,Оплачено,Пётр'
-    );
-    $result = $this->service->import($this->tenant->id, $this->user->id, importLog($this->tenant, $this->user), $rows2);
-
-    expect($result->added)->toBe(0)
-        ->and($result->updated)->toBe(1)
-        ->and(Deal::query()->where('source_crm_id', 5003)->count())->toBe(1);
-
-    $deal = Deal::query()->where('source_crm_id', 5003)->firstOrFail();
-    expect($deal->status)->toBe('paid')               // §6.5 стадия 3a: status перезаписан
-        ->and($deal->contact_name)->toBe('Пётр')
-        ->and($deal->comment)->toBe('Обновлённый');
-});
-
-test('непустое «Напоминание» создаёт строку reminders', function (): void {
-    $rows = parseFixture(
-        '5004,Окна,окна,79161112236,2023/09/01 10:00:00,2023/09/05 14:00:00,,Новые,'
-    );
-    $this->service->import($this->tenant->id, $this->user->id, importLog($this->tenant, $this->user), $rows);
-
-    $deal = Deal::query()->where('source_crm_id', 5004)->firstOrFail();
-    $reminder = Reminder::query()->where('deal_id', $deal->id)->firstOrFail();
-    expect($reminder->remind_at->format('Y-m-d H:i'))->toBe('2023-09-05 14:00')
-        ->and($reminder->created_by)->toBe($this->user->id);
-});
-
-test('неизвестный статус → сделка new + запись в import_unknown_statuses', function (): void {
-    $log = importLog($this->tenant, $this->user);
-    $rows = parseFixture(
-        "5005,Окна,окна,79161112237,2023/10/01 10:00:00,,,Архив,\n".
-        '5006,Окна,окна,79161112238,2023/10/02 10:00:00,,,Архив,'
-    );
-    $result = $this->service->import($this->tenant->id, $this->user->id, $log, $rows);
-
-    expect($result->unknownStatuses)->toBe(['Архив' => 2])
-        ->and(Deal::query()->where('source_crm_id', 5005)->firstOrFail()->status)->toBe('new');
-
-    $unknown = ImportUnknownStatus::query()->where('status_ru', 'Архив')->firstOrFail();
-    expect($unknown->occurrences)->toBe(2)
-        ->and($unknown->mapped_to_slug)->toBeNull();
-});
-
-test('resolved-маппинг tenant-а применяется к ранее неизвестному статусу', function (): void {
-    ImportUnknownStatus::create([
-        'tenant_id' => $this->tenant->id,
-        'status_ru' => 'Архив',
-        'occurrences' => 1,
-        'mapped_to_slug' => 'closed',
-        'resolved_at' => now(),
-    ]);
-    $rows = parseFixture(
-        '5007,Окна,окна,79161112239,2023/11/01 10:00:00,,,Архив,'
-    );
-    $this->service->import($this->tenant->id, $this->user->id, importLog($this->tenant, $this->user), $rows);
-
-    expect(Deal::query()->where('source_crm_id', 5007)->firstOrFail()->status)->toBe('closed');
-});
-
-test('dry_run не пишет сделки, но считает проекцию', function (): void {
-    $rows = parseFixture(
-        '5008,Окна,окна,79161112240,2023/12/01 10:00:00,,,Новые,'
-    );
-    $result = $this->service->import($this->tenant->id, $this->user->id, importLog($this->tenant, $this->user, dryRun: true), $rows);
-
-    expect($result->added)->toBe(1)
-        ->and(Deal::query()->where('source_crm_id', 5008)->exists())->toBeFalse();
-});
-```
-
-- [ ] **Step 2: Прогнать — убедиться, что падает**
-
-Run: `cd app && php vendor/bin/pest tests/Feature/Import/HistoricalImportServiceTest.php`
-Expected: FAIL — классов нет.
-
-- [ ] **Step 3: Создать DTO `ImportResult`**
-
-`app/app/Services/Import/ImportResult.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Import;
-
-/**
- * Итог импорта одного файла.
- */
-final readonly class ImportResult
-{
-    /**
-     * @param  array<string, int>  $unknownStatuses  статус_ru => количество вхождений
-     * @param  array<int, array{line: int, message: string}>  $errors
-     */
-    public function __construct(
-        public int $added,
-        public int $updated,
-        public int $skipped,
-        public array $unknownStatuses,
-        public array $errors,
-    ) {}
-}
-```
-
-- [ ] **Step 4: Создать `HistoricalImportService`**
-
-`app/app/Services/Import/HistoricalImportService.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Import;
-
-use App\Models\Deal;
-use App\Models\ImportLog;
-use App\Models\ImportUnknownStatus;
-use App\Models\Project;
-use App\Models\Reminder;
-use App\Services\MonthlyPartitionManager;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Log;
-use Throwable;
-
-/**
- * Оркестрация исторической миграции лидов из CSV crm.bp-gr.ru (ТЗ §6).
- *
- * Идемпотентность — через webhook_dedup_keys (та же advisory-lock логика, что
- * ProcessWebhookJob). Баланс НЕ списывается: исторические данные не являются
- * новыми лидами (ТЗ §6.5) — фиксируется одна транзакция типа historical_import.
- */
-class HistoricalImportService
-{
-    public function __construct(
-        private readonly MonthlyPartitionManager $partitions,
-        private readonly StatusRuToSlugMapper $statusMapper,
-    ) {}
-
-    /**
-     * @param  array<int, ParsedLeadRow>  $rows
-     */
-    public function import(int $tenantId, int $userId, ImportLog $log, array $rows, bool $dryRun = false): ImportResult
-    {
-        $dryRun = $dryRun || $log->dry_run;
-
-        if ($rows === []) {
-            return new ImportResult(0, 0, 0, [], []);
-        }
-
-        // Партиции deals под исторический диапазон дат CSV (один раз заранее).
-        if (! $dryRun) {
-            $dates = array_map(fn (ParsedLeadRow $r) => $r->receivedAt, $rows);
-            $this->partitions->ensureRange(
-                'deals',
-                min($dates),
-                max($dates),
-            );
-        }
-
-        // Tenant-резолвленные переопределения неизвестных статусов.
-        $overrides = $this->loadStatusOverrides($tenantId);
-
-        $added = 0;
-        $updated = 0;
-        $skipped = 0;
-        $unknown = [];
-        $errors = [];
-
-        foreach ($rows as $row) {
-            $slug = $this->resolveStatus($row->statusRu, $overrides, $unknown);
-
-            if ($dryRun) {
-                $added++; // проекция: для dry-run не различаем add/update
-
-                continue;
-            }
-
-            try {
-                $wasCreated = $this->upsertRow($tenantId, $userId, $row, $slug);
-                $wasCreated ? $added++ : $updated++;
-            } catch (Throwable $e) {
-                $skipped++;
-                $errors[] = ['line' => $row->sourceCrmId, 'message' => $e->getMessage()];
-                Log::warning('import.row_failed', ['source_crm_id' => $row->sourceCrmId, 'error' => $e->getMessage()]);
-            }
-        }
-
-        if (! $dryRun) {
-            $this->persistUnknownStatuses($tenantId, $userId, $log->id, $unknown);
-            $this->recordHistoricalTransaction($tenantId, $added + $updated);
-        }
-
-        return new ImportResult($added, $updated, $skipped, $unknown, $errors);
-    }
-
-    /**
-     * @return array<string, string> status_ru => slug (только resolved)
-     */
-    private function loadStatusOverrides(int $tenantId): array
-    {
-        return DB::transaction(function () use ($tenantId): array {
-            DB::statement('SET LOCAL app.current_tenant_id = '.$tenantId);
-
-            return ImportUnknownStatus::query()
-                ->whereNotNull('mapped_to_slug')
-                ->pluck('mapped_to_slug', 'status_ru')
-                ->all();
-        });
-    }
-
-    /**
-     * Маппит статус: каноническая таблица §6.4 → tenant-override → fallback 'new'.
-     * Неизвестный статус инкрементит счётчик в $unknown по ссылке.
-     *
-     * @param  array<string, string>  $overrides
-     * @param  array<string, int>  $unknown
-     */
-    private function resolveStatus(string $statusRu, array $overrides, array &$unknown): string
-    {
-        $slug = $this->statusMapper->toSlug($statusRu);
-        if ($slug !== null) {
-            return $slug;
-        }
-
-        $key = trim($statusRu);
-        if (isset($overrides[$key])) {
-            return $overrides[$key];
-        }
-
-        $unknown[$key] = ($unknown[$key] ?? 0) + 1;
-
-        return 'new';
-    }
-
-    /**
-     * Идемпотентный upsert одной строки в собственной транзакции.
-     * Возвращает true — создана новая сделка, false — обновлена существующая.
-     */
-    private function upsertRow(int $tenantId, int $userId, ParsedLeadRow $row, string $slug): bool
-    {
-        return DB::transaction(function () use ($tenantId, $userId, $row, $slug): bool {
-            DB::statement('SET LOCAL app.current_tenant_id = '.$tenantId);
-
-            $project = Project::firstOrCreate(
-                ['tenant_id' => $tenantId, 'name' => $row->projectName],
-                ['tag' => $row->projectTag, 'type' => 'import'],
-            );
-
-            // advisory lock (tenant_id, source_crm_id) — сериализует upsert (§6.5).
-            $lockKey = (($tenantId & 0xFFFFFFFF) << 32) | ($row->sourceCrmId & 0xFFFFFFFF);
-            DB::statement('SELECT pg_advisory_xact_lock(?)', [$lockKey]);
-
-            $existing = DB::selectOne(
-                'SELECT deal_id, deal_received_at FROM webhook_dedup_keys WHERE tenant_id = ? AND source_crm_id = ?',
-                [$tenantId, $row->sourceCrmId],
-            );
-
-            if ($existing !== null) {
-                $deal = Deal::query()
-                    ->where('id', $existing->deal_id)
-                    ->where('received_at', $existing->deal_received_at)
-                    ->firstOrFail();
-                // §6.5 стадия 3a: для исторической миграции status перезаписывается.
-                $deal->update([
-                    'status' => $slug,
-                    'contact_name' => $row->contactName,
-                    'comment' => $row->comment,
-                ]);
-                $this->syncReminder($tenantId, $userId, $deal, $row);
-
-                return false;
-            }
-
-            $deal = Deal::create([
-                'tenant_id' => $tenantId,
-                'source_crm_id' => $row->sourceCrmId,
-                'project_id' => $project->id,
-                'phone' => $row->phone,
-                'status' => $slug,
-                'contact_name' => $row->contactName,
-                'comment' => $row->comment,
-                'received_at' => $row->receivedAt,
-            ]);
-
-            DB::table('webhook_dedup_keys')->insert([
-                'tenant_id' => $tenantId,
-                'source_crm_id' => $row->sourceCrmId,
-                'deal_id' => $deal->id,
-                'deal_received_at' => $deal->received_at,
-                'created_at' => now(),
-            ]);
-
-            $this->syncReminder($tenantId, $userId, $deal, $row);
-
-            return true;
-        });
-    }
-
-    /**
-     * Создаёт reminders-строку для непустого «Напоминание» (ТЗ §6.3 — поле
-     * deals.reminder_at удалено в v8.3, заменено таблицей reminders).
-     * Идемпотентно: не дублирует напоминание при повторном импорте.
-     */
-    private function syncReminder(int $tenantId, int $userId, Deal $deal, ParsedLeadRow $row): void
-    {
-        if ($row->reminderAt === null) {
-            return;
-        }
-
-        $exists = Reminder::query()
-            ->where('deal_id', $deal->id)
-            ->where('remind_at', $row->reminderAt)
-            ->exists();
-
-        if ($exists) {
-            return;
-        }
-
-        Reminder::create([
-            'tenant_id' => $tenantId,
-            'deal_id' => $deal->id,
-            'text' => 'Импортировано из crm.bp-gr.ru',
-            'remind_at' => $row->reminderAt,
-            'created_by' => $userId,
-        ]);
-    }
-
-    /**
-     * upsert import_unknown_statuses: инкремент occurrences, маппинг не трогаем.
-     *
-     * @param  array<string, int>  $unknown
-     */
-    private function persistUnknownStatuses(int $tenantId, int $userId, int $importLogId, array $unknown): void
-    {
-        if ($unknown === []) {
-            return;
-        }
-
-        DB::transaction(function () use ($tenantId, $importLogId, $unknown): void {
-            DB::statement('SET LOCAL app.current_tenant_id = '.$tenantId);
-
-            foreach ($unknown as $statusRu => $count) {
-                $existing = ImportUnknownStatus::query()->where('status_ru', $statusRu)->first();
-
-                if ($existing !== null) {
-                    $existing->increment('occurrences', $count);
-
-                    continue;
-                }
-
-                ImportUnknownStatus::create([
-                    'tenant_id' => $tenantId,
-                    'import_log_id' => $importLogId,
-                    'status_ru' => $statusRu,
-                    'occurrences' => $count,
-                ]);
-            }
-        });
-    }
-
-    /**
-     * Одна информационная транзакция historical_import (баланс не меняется, ТЗ §6.5).
-     */
-    private function recordHistoricalTransaction(int $tenantId, int $count): void
-    {
-        if ($count === 0) {
-            return;
-        }
-
-        DB::transaction(function () use ($tenantId, $count): void {
-            DB::statement('SET LOCAL app.current_tenant_id = '.$tenantId);
-
-            DB::table('balance_transactions')->insert([
-                'tenant_id' => $tenantId,
-                'type' => 'historical_import',
-                'amount_rub' => 0,
-                'amount_leads' => 0,
-                'description' => "Импортировано {$count} исторических сделок (баланс не списан)",
-                'created_at' => now(),
-            ]);
-        });
-    }
-}
-```
-
-- [ ] **Step 5: Прогнать — убедиться, что проходит**
-
-Run: `cd app && php vendor/bin/pest tests/Feature/Import/HistoricalImportServiceTest.php`
-Expected: PASS 8/8.
-
-- [ ] **Step 6: Коммит**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация"
-git add app/app/Services/Import/ImportResult.php app/app/Services/Import/HistoricalImportService.php app/tests/Feature/Import/HistoricalImportServiceTest.php
-git commit -m "feat(import): HistoricalImportService — идемпотентный upsert лидов"
-```
-
----
-
-## Task 7: `ImportLeadsJob` — queued-обработчик
-
-Queued-job: читает CSV с диска, парсит, прогоняет через `HistoricalImportService`, обновляет `import_log` (статусы pending→processing→done/failed, счётчики), отправляет email.
-
-**Files:**
-
-- Create: `app/app/Jobs/ImportLeadsJob.php`
-- Test: `app/tests/Feature/Import/ImportLeadsJobTest.php`
-
-- [ ] **Step 1: Написать падающий тест**
-
-`app/tests/Feature/Import/ImportLeadsJobTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Jobs\ImportLeadsJob;
-use App\Mail\ImportCompletedNotification;
-use App\Models\Deal;
-use App\Models\ImportLog;
-use App\Models\Tenant;
-use App\Models\User;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Mail;
-use Illuminate\Support\Facades\Storage;
-
-beforeEach(function (): void {
-    $this->tenant = Tenant::factory()->create();
-    $this->user = User::factory()->for($this->tenant)->create();
-    DB::statement('SET app.current_tenant_id = '.$this->tenant->id);
-    Mail::fake();
-});
-
-function storedCsv(int $tenantId, string $body): string
-{
-    $header = "\xEF\xBB\xBF".'id,Проект,Тег проекта,Телефон,Создано,Напоминание,Комментарий,Состояние,Имя';
-    $path = "imports/{$tenantId}/test.csv";
-    Storage::disk('local')->put($path, $header."\n".$body);
-
-    return $path;
-}
-
-test('job импортирует лиды и переводит import_log в done', function (): void {
-    $path = storedCsv($this->tenant->id,
-        '7001,Окна,окна,79161112233,2023/05/10 10:00:00,,,Новые,Иван'
-    );
-    $log = ImportLog::create([
-        'tenant_id' => $this->tenant->id,
-        'user_id' => $this->user->id,
-        'filename' => 'leads.csv',
-        'file_path' => $path,
-        'status' => 'pending',
-    ]);
-
-    (new ImportLeadsJob($log->id, $this->tenant->id))->handle(app(\App\Services\Import\HistoricalImportService::class), app(\App\Services\Import\CsvLeadsParser::class));
-
-    $log->refresh();
-    expect($log->status)->toBe('done')
-        ->and($log->rows_added)->toBe(1)
-        ->and($log->finished_at)->not->toBeNull()
-        ->and(Deal::query()->where('source_crm_id', 7001)->exists())->toBeTrue();
-
-    Mail::assertSent(ImportCompletedNotification::class);
-});
-
-test('job переводит import_log в failed при отсутствии файла', function (): void {
-    $log = ImportLog::create([
-        'tenant_id' => $this->tenant->id,
-        'user_id' => $this->user->id,
-        'filename' => 'leads.csv',
-        'file_path' => 'imports/missing.csv',
-        'status' => 'pending',
-    ]);
-
-    (new ImportLeadsJob($log->id, $this->tenant->id))->handle(app(\App\Services\Import\HistoricalImportService::class), app(\App\Services\Import\CsvLeadsParser::class));
-
-    expect($log->refresh()->status)->toBe('failed')
-        ->and($log->error_message)->not->toBeNull();
-});
-
-test('job пишет unknown_statuses_count и rows_skipped', function (): void {
-    $path = storedCsv($this->tenant->id,
-        "7002,Окна,окна,79161112234,2023/05/11 10:00:00,,,Архив,\n".
-        '7003,Окна,окна,BADPHONE,2023/05/12 10:00:00,,,Новые,'
-    );
-    $log = ImportLog::create([
-        'tenant_id' => $this->tenant->id,
-        'user_id' => $this->user->id,
-        'filename' => 'leads.csv',
-        'file_path' => $path,
-        'status' => 'pending',
-    ]);
-
-    (new ImportLeadsJob($log->id, $this->tenant->id))->handle(app(\App\Services\Import\HistoricalImportService::class), app(\App\Services\Import\CsvLeadsParser::class));
-
-    $log->refresh();
-    expect($log->status)->toBe('done')
-        ->and($log->unknown_statuses_count)->toBe(1)   // «Архив»
-        ->and($log->rows_skipped)->toBe(1);            // битый телефон
-});
-```
-
-- [ ] **Step 2: Прогнать — убедиться, что падает**
-
-Run: `cd app && php vendor/bin/pest tests/Feature/Import/ImportLeadsJobTest.php`
-Expected: FAIL — класса `ImportLeadsJob` нет.
-
-- [ ] **Step 3: Создать `ImportLeadsJob`**
-
-`app/app/Jobs/ImportLeadsJob.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Jobs;
-
-use App\Mail\ImportCompletedNotification;
-use App\Models\ImportLog;
-use App\Models\User;
-use App\Services\Import\CsvLeadsParser;
-use App\Services\Import\HistoricalImportService;
-use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Foundation\Queue\Queueable as FoundationQueueable;
-use Illuminate\Queue\InteractsWithQueue;
-use Illuminate\Queue\SerializesModels;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Log;
-use Illuminate\Support\Facades\Mail;
-use Illuminate\Support\Facades\Storage;
-use Throwable;
-
-/**
- * Асинхронная обработка CSV-импорта исторических лидов (ТЗ §6.6).
- *
- * Жизненный цикл import_log: pending → processing → done | failed.
- * RLS: каждый доступ к БД задаёт SET LOCAL app.current_tenant_id (воркер
- * вне middleware-контекста — паритет с ProcessWebhookJob).
- */
-class ImportLeadsJob implements ShouldQueue
-{
-    use FoundationQueueable;
-    use InteractsWithQueue;
-    use Queueable;
-    use SerializesModels;
-
-    public int $tries = 1;
-
-    public int $timeout = 600;
-
-    public function __construct(
-        public int $importLogId,
-        public int $tenantId,
-    ) {}
-
-    public function handle(HistoricalImportService $service, CsvLeadsParser $parser): void
-    {
-        $log = $this->loadLog();
-        if ($log === null) {
-            Log::error('import.log_not_found', ['import_log_id' => $this->importLogId]);
-
-            return;
-        }
-
-        $this->updateLog($log->id, ['status' => 'processing', 'started_at' => now()]);
-
-        try {
-            if (! Storage::disk('local')->exists($log->file_path)) {
-                throw new \RuntimeException("Файл импорта не найден: {$log->file_path}");
-            }
-
-            $content = (string) Storage::disk('local')->get($log->file_path);
-            $parsed = $parser->parse($content);
-
-            $result = $service->import($this->tenantId, $log->user_id, $log, $parsed->rows, $log->dry_run);
-
-            $this->updateLog($log->id, [
-                'status' => 'done',
-                'rows_total' => count($parsed->rows) + count($parsed->errors),
-                'rows_added' => $result->added,
-                'rows_updated' => $result->updated,
-                'rows_skipped' => count($parsed->errors) + $result->skipped,
-                'unknown_statuses_count' => count($result->unknownStatuses),
-                'finished_at' => now(),
-            ]);
-
-            $this->notify($log->user_id, 'done');
-        } catch (Throwable $e) {
-            Log::error('import.job_failed', ['import_log_id' => $log->id, 'error' => $e->getMessage()]);
-            $this->updateLog($log->id, [
-                'status' => 'failed',
-                'error_message' => $e->getMessage(),
-                'finished_at' => now(),
-            ]);
-            $this->notify($log->user_id, 'failed');
-        }
-    }
-
-    private function loadLog(): ?ImportLog
-    {
-        return DB::transaction(function (): ?ImportLog {
-            DB::statement('SET LOCAL app.current_tenant_id = '.$this->tenantId);
-
-            return ImportLog::query()->find($this->importLogId);
-        });
-    }
-
-    /**
-     * @param  array<string, mixed>  $attributes
-     */
-    private function updateLog(int $logId, array $attributes): void
-    {
-        DB::transaction(function () use ($logId, $attributes): void {
-            DB::statement('SET LOCAL app.current_tenant_id = '.$this->tenantId);
-            ImportLog::query()->whereKey($logId)->update($attributes);
-        });
-    }
-
-    private function notify(int $userId, string $outcome): void
-    {
-        $log = $this->loadLog();
-        $user = DB::transaction(function () use ($userId): ?User {
-            DB::statement('SET LOCAL app.current_tenant_id = '.$this->tenantId);
-
-            return User::query()->find($userId);
-        });
-
-        if ($log === null || $user === null || $user->email === null) {
-            return;
-        }
-
-        try {
-            Mail::to($user->email)->send(new ImportCompletedNotification($log, $outcome));
-        } catch (Throwable $e) {
-            // Отказ почтового канала не должен валить успешный импорт.
-            Log::warning('import.mail_failed', ['import_log_id' => $log->id, 'error' => $e->getMessage()]);
-        }
-    }
-}
-```
-
-> NB: `tries = 1` — импорт идемпотентен на уровне строк, но повторный прогон всего job'а после частичного фейла усложняет счётчики; на MVP — без авто-ретрая, при `failed` пользователь перезапускает вручную.
-
-- [ ] **Step 4: Прогнать тест (зависит от Task 8 Mailable)**
-
-`ImportLeadsJob` ссылается на `ImportCompletedNotification` — тест Step 1 пройдёт только после Task 8. Допускается реализовать Task 8 до прогона. Временный прогон без Mailable:
-
-Run: `cd app && php vendor/bin/pest tests/Feature/Import/ImportLeadsJobTest.php`
-Expected: FAIL с `Class "App\Mail\ImportCompletedNotification" not found` — это ожидаемо, закрывается Task 8.
-
-- [ ] **Step 5: Коммит**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация"
-git add app/app/Jobs/ImportLeadsJob.php app/tests/Feature/Import/ImportLeadsJobTest.php
-git commit -m "feat(import): ImportLeadsJob — queued-обработчик CSV-импорта"
-```
-
----
-
-## Task 8: Mailable `ImportCompletedNotification`
-
-Email пользователю по завершении импорта (ТЗ §6.6 — «Email пользователю + уведомление в интерфейсе»).
-
-**Files:**
-
-- Create: `app/app/Mail/ImportCompletedNotification.php`
-- Create: `app/resources/views/mail/import-completed.blade.php`
-- Test: `app/tests/Feature/Import/ImportCompletedNotificationTest.php`
-
-- [ ] **Step 1: Написать падающий тест**
-
-`app/tests/Feature/Import/ImportCompletedNotificationTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Mail\ImportCompletedNotification;
-use App\Models\ImportLog;
-use App\Models\Tenant;
-use App\Models\User;
-use Illuminate\Support\Facades\DB;
-
-beforeEach(function (): void {
-    $this->tenant = Tenant::factory()->create();
-    $this->user = User::factory()->for($this->tenant)->create();
-    DB::statement('SET app.current_tenant_id = '.$this->tenant->id);
-});
-
-test('письмо об успешном импорте содержит счётчики', function (): void {
-    $log = ImportLog::factory()->create([
-        'tenant_id' => $this->tenant->id,
-        'user_id' => $this->user->id,
-        'status' => 'done',
-        'rows_added' => 120,
-        'rows_updated' => 8,
-        'rows_skipped' => 2,
-    ]);
-
-    $rendered = (new ImportCompletedNotification($log, 'done'))->render();
-
-    expect($rendered)->toContain('120')
-        ->and($rendered)->toContain('Импорт завершён');
-});
-
-test('письмо о неуспешном импорте сообщает об ошибке', function (): void {
-    $log = ImportLog::factory()->create([
-        'tenant_id' => $this->tenant->id,
-        'user_id' => $this->user->id,
-        'status' => 'failed',
-        'error_message' => 'Файл повреждён',
-    ]);
-
-    $mailable = new ImportCompletedNotification($log, 'failed');
-    $rendered = $mailable->render();
-
-    expect($rendered)->toContain('Файл повреждён')
-        ->and($mailable->envelope()->subject)->toContain('не удался');
-});
-```
-
-- [ ] **Step 2: Прогнать — убедиться, что падает**
-
-Run: `cd app && php vendor/bin/pest tests/Feature/Import/ImportCompletedNotificationTest.php`
-Expected: FAIL — класса нет.
-
-- [ ] **Step 3: Создать Mailable**
-
-`app/app/Mail/ImportCompletedNotification.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Mail;
-
-use App\Models\ImportLog;
-use Illuminate\Bus\Queueable;
-use Illuminate\Mail\Mailable;
-use Illuminate\Mail\Mailables\Content;
-use Illuminate\Mail\Mailables\Envelope;
-use Illuminate\Queue\SerializesModels;
-
-/**
- * Уведомление о завершении CSV-импорта исторических лидов (ТЗ §6.6).
- */
-class ImportCompletedNotification extends Mailable
-{
-    use Queueable;
-    use SerializesModels;
-
-    /**
-     * @param  string  $outcome  'done' | 'failed'
-     */
-    public function __construct(
-        public ImportLog $log,
-        public string $outcome,
-    ) {}
-
-    public function envelope(): Envelope
-    {
-        $subject = $this->outcome === 'done'
-            ? 'Импорт данных завершён — Лидерра'
-            : 'Импорт данных не удался — Лидерра';
-
-        return new Envelope(subject: $subject);
-    }
-
-    public function content(): Content
-    {
-        return new Content(
-            markdown: 'mail.import-completed',
-            with: [
-                'log' => $this->log,
-                'outcome' => $this->outcome,
-            ],
-        );
-    }
-}
-```
-
-- [ ] **Step 4: Создать blade-шаблон**
-
-`app/resources/views/mail/import-completed.blade.php`:
-
-```blade
-<x-mail::message>
-@if ($outcome === 'done')
-# Импорт завершён
-
-Импорт файла **{{ $log->filename }}** успешно завершён.
-
-| Показатель | Значение |
-|:-----------|---------:|
-| Добавлено сделок | {{ $log->rows_added }} |
-| Обновлено сделок | {{ $log->rows_updated }} |
-| Пропущено строк | {{ $log->rows_skipped }} |
-| Неизвестных статусов | {{ $log->unknown_statuses_count }} |
-
-@if ($log->unknown_statuses_count > 0)
-Обнаружены неизвестные статусы воронки — замапьте их вручную на экране «Импорт данных».
-@endif
-@else
-# Импорт не удался
-
-Импорт файла **{{ $log->filename }}** завершился ошибкой:
-
-> {{ $log->error_message }}
-
-Проверьте формат файла и повторите загрузку на экране «Импорт данных».
-@endif
-
-<x-mail::button :url="config('app.url').'/import'">
-Открыть «Импорт данных»
-</x-mail::button>
-
-С уважением,<br>
-Лидерра
-</x-mail::message>
-```
-
-> NB: компоненты `<x-mail::message>` / `<x-mail::button>` — стандартные Laravel mail-компоненты. Если в проекте не опубликованы — выполнить `php artisan vendor:publish --tag=laravel-mail` (проверить наличие `resources/views/vendor/mail/`; другие Mailable проекта используют те же компоненты — публикация уже могла быть сделана).
-
-- [ ] **Step 5: Прогнать тесты — Mailable + job из Task 7**
-
-Run: `cd app && php vendor/bin/pest tests/Feature/Import/ImportCompletedNotificationTest.php tests/Feature/Import/ImportLeadsJobTest.php`
-Expected: PASS — Mailable 2/2 + `ImportLeadsJobTest` 3/3 (теперь зелёный — Mailable существует).
-
-- [ ] **Step 6: Коммит**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация"
-git add app/app/Mail/ImportCompletedNotification.php app/resources/views/mail/import-completed.blade.php app/tests/Feature/Import/ImportCompletedNotificationTest.php
-git commit -m "feat(import): Mailable ImportCompletedNotification"
-```
-
----
-
-## Task 9: `ImportController` + маршруты + FormRequests
-
-REST-эндпойнты импорта под `auth:sanctum`+`tenant` (паритет с J1 Sprint 3F).
-
-**Files:**
-
-- Create: `app/app/Http/Requests/StoreImportRequest.php`
-- Create: `app/app/Http/Requests/ResolveUnknownStatusesRequest.php`
-- Create: `app/app/Http/Controllers/Api/ImportController.php`
-- Modify: `app/routes/web.php`
-- Test: `app/tests/Feature/Import/ImportControllerTest.php`
-
-- [ ] **Step 1: Написать падающий тест**
-
-`app/tests/Feature/Import/ImportControllerTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Jobs\ImportLeadsJob;
-use App\Models\ImportLog;
-use App\Models\ImportUnknownStatus;
-use App\Models\Tenant;
-use App\Models\User;
-use Illuminate\Http\UploadedFile;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Queue;
-use Illuminate\Support\Facades\Storage;
-
-beforeEach(function (): void {
-    $this->tenant = Tenant::factory()->create();
-    $this->user = User::factory()->for($this->tenant)->create();
-    $this->actingAs($this->user);
-});
-
-test('POST /api/imports принимает CSV, создаёт import_log, диспатчит job', function (): void {
-    Queue::fake();
-    Storage::fake('local');
-
-    $csv = "\xEF\xBB\xBF".'id,Проект,Тег проекта,Телефон,Создано,Напоминание,Комментарий,Состояние,Имя'."\n".
-        '9001,Окна,окна,79161112233,2023/05/10 10:00:00,,,Новые,';
-
-    $response = $this->postJson('/api/imports', [
-        'file' => UploadedFile::fake()->createWithContent('leads.csv', $csv),
-    ]);
-
-    $response->assertStatus(201)
-        ->assertJsonPath('data.status', 'pending')
-        ->assertJsonPath('data.filename', 'leads.csv');
-
-    Queue::assertPushed(ImportLeadsJob::class);
-    expect(ImportLog::query()->count())->toBe(1);
-});
-
-test('POST /api/imports отвергает не-CSV файл', function (): void {
-    Storage::fake('local');
-
-    $response = $this->postJson('/api/imports', [
-        'file' => UploadedFile::fake()->create('image.png', 10, 'image/png'),
-    ]);
-
-    $response->assertStatus(422)->assertJsonValidationErrorFor('file');
-});
-
-test('POST /api/imports требует авторизации', function (): void {
-    app('auth')->forgetGuards();
-
-    $this->postJson('/api/imports', [])->assertStatus(401);
-});
-
-test('GET /api/imports возвращает только import_log своего тенанта', function (): void {
-    DB::statement('SET app.current_tenant_id = '.$this->tenant->id);
-    ImportLog::factory()->count(2)->create([
-        'tenant_id' => $this->tenant->id,
-        'user_id' => $this->user->id,
-    ]);
-
-    $this->getJson('/api/imports')
-        ->assertStatus(200)
-        ->assertJsonCount(2, 'data');
-});
-
-test('GET /api/imports/{id} отдаёт прогресс', function (): void {
-    DB::statement('SET app.current_tenant_id = '.$this->tenant->id);
-    $log = ImportLog::factory()->create([
-        'tenant_id' => $this->tenant->id,
-        'user_id' => $this->user->id,
-        'status' => 'processing',
-        'rows_added' => 10,
-    ]);
-
-    $this->getJson("/api/imports/{$log->id}")
-        ->assertStatus(200)
-        ->assertJsonPath('data.status', 'processing')
-        ->assertJsonPath('data.rows_added', 10);
-});
-
-test('GET /api/imports/unknown-statuses возвращает незамапленные статусы', function (): void {
-    DB::statement('SET app.current_tenant_id = '.$this->tenant->id);
-    ImportUnknownStatus::create([
-        'tenant_id' => $this->tenant->id, 'status_ru' => 'Архив', 'occurrences' => 3,
-    ]);
-    ImportUnknownStatus::create([
-        'tenant_id' => $this->tenant->id, 'status_ru' => 'Спам', 'occurrences' => 1,
-        'mapped_to_slug' => 'closed', 'resolved_at' => now(),
-    ]);
-
-    $this->getJson('/api/imports/unknown-statuses')
-        ->assertStatus(200)
-        ->assertJsonCount(1, 'data')
-        ->assertJsonPath('data.0.status_ru', 'Архив');
-});
-
-test('POST /api/imports/unknown-statuses/resolve проставляет маппинг', function (): void {
-    DB::statement('SET app.current_tenant_id = '.$this->tenant->id);
-    $unknown = ImportUnknownStatus::create([
-        'tenant_id' => $this->tenant->id, 'status_ru' => 'Архив', 'occurrences' => 3,
-    ]);
-
-    $this->postJson('/api/imports/unknown-statuses/resolve', [
-        'mappings' => [['status_ru' => 'Архив', 'slug' => 'closed']],
-    ])->assertStatus(200);
-
-    expect($unknown->refresh()->mapped_to_slug)->toBe('closed')
-        ->and($unknown->resolved_at)->not->toBeNull();
-});
-
-test('resolve отвергает несуществующий slug', function (): void {
-    DB::statement('SET app.current_tenant_id = '.$this->tenant->id);
-
-    $this->postJson('/api/imports/unknown-statuses/resolve', [
-        'mappings' => [['status_ru' => 'Архив', 'slug' => 'нет-такого']],
-    ])->assertStatus(422);
-});
-```
-
-- [ ] **Step 2: Прогнать — убедиться, что падает**
-
-Run: `cd app && php vendor/bin/pest tests/Feature/Import/ImportControllerTest.php`
-Expected: FAIL — контроллера/маршрутов нет (404/500).
-
-- [ ] **Step 3: Создать `StoreImportRequest`**
-
-`app/app/Http/Requests/StoreImportRequest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Http\Requests;
-
-use Illuminate\Foundation\Http\FormRequest;
-
-/**
- * Валидация загрузки CSV-файла импорта (ТЗ §6.2).
- */
-class StoreImportRequest extends FormRequest
-{
-    public function authorize(): bool
-    {
-        return $this->user() !== null;
-    }
-
-    /**
-     * @return array<string, mixed>
-     */
-    public function rules(): array
-    {
-        return [
-            // mimes csv,txt — экспорт crm.bp-gr.ru отдаётся как text/csv или text/plain.
-            'file' => ['required', 'file', 'mimes:csv,txt', 'max:10240'],
-            'dry_run' => ['sometimes', 'boolean'],
-        ];
-    }
-}
-```
-
-- [ ] **Step 4: Создать `ResolveUnknownStatusesRequest`**
-
-`app/app/Http/Requests/ResolveUnknownStatusesRequest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Http\Requests;
-
-use Illuminate\Foundation\Http\FormRequest;
-use Illuminate\Validation\Rule;
-
-/**
- * Валидация ручного маппинга неизвестных статусов воронки (§6.4 wizard).
- */
-class ResolveUnknownStatusesRequest extends FormRequest
-{
-    public function authorize(): bool
-    {
-        return $this->user() !== null;
-    }
-
-    /**
-     * @return array<string, mixed>
-     */
-    public function rules(): array
-    {
-        return [
-            'mappings' => ['required', 'array', 'min:1'],
-            'mappings.*.status_ru' => ['required', 'string', 'max:100'],
-            'mappings.*.slug' => ['required', 'string', Rule::exists('lead_statuses', 'slug')],
-        ];
-    }
-}
-```
-
-- [ ] **Step 5: Создать `ImportController`**
-
-`app/app/Http/Controllers/Api/ImportController.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Http\Controllers\Api;
-
-use App\Http\Controllers\Controller;
-use App\Http\Requests\ResolveUnknownStatusesRequest;
-use App\Http\Requests\StoreImportRequest;
-use App\Jobs\ImportLeadsJob;
-use App\Models\ImportLog;
-use App\Models\ImportUnknownStatus;
-use Illuminate\Http\JsonResponse;
-use Illuminate\Http\Request;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Str;
-
-/**
- * CSV-импорт исторических лидов из crm.bp-gr.ru (ТЗ §6).
- *
- * Все маршруты — под auth:sanctum + tenant (RLS-контекст задан middleware).
- * tenant_id берётся из авторизованного пользователя, не из запроса.
- */
-class ImportController extends Controller
-{
-    /**
-     * POST /api/imports — загрузка CSV, создание import_log, dispatch job'а.
-     */
-    public function store(StoreImportRequest $request): JsonResponse
-    {
-        $tenantId = (int) $request->user()->tenant_id;
-        $file = $request->file('file');
-        $storedName = Str::uuid()->toString().'.csv';
-        $path = $file->storeAs("imports/{$tenantId}", $storedName, 'local');
-
-        $log = ImportLog::create([
-            'tenant_id' => $tenantId,
-            'user_id' => $request->user()->id,
-            'filename' => $file->getClientOriginalName(),
-            'file_path' => $path,
-            'status' => 'pending',
-            'entity_type' => 'leads',
-            'source_system' => 'crm.bp-gr.ru',
-            'dry_run' => $request->boolean('dry_run'),
-        ]);
-
-        ImportLeadsJob::dispatch($log->id, $tenantId);
-
-        return response()->json(['data' => $this->toResource($log)], 201);
-    }
-
-    /**
-     * GET /api/imports — история импортов тенанта (RLS отфильтрует по tenant).
-     */
-    public function index(): JsonResponse
-    {
-        $logs = ImportLog::query()
-            ->orderByDesc('id')
-            ->limit(50)
-            ->get()
-            ->map(fn (ImportLog $log) => $this->toResource($log));
-
-        return response()->json(['data' => $logs]);
-    }
-
-    /**
-     * GET /api/imports/{importLog} — прогресс одного импорта (для polling'а).
-     */
-    public function show(ImportLog $importLog): JsonResponse
-    {
-        return response()->json(['data' => $this->toResource($importLog)]);
-    }
-
-    /**
-     * GET /api/imports/unknown-statuses — незамапленные статусы (вход wizard'а §6.6).
-     */
-    public function unknownStatuses(): JsonResponse
-    {
-        $rows = ImportUnknownStatus::query()
-            ->unresolved()
-            ->orderByDesc('occurrences')
-            ->get()
-            ->map(fn (ImportUnknownStatus $s) => [
-                'id' => $s->id,
-                'status_ru' => $s->status_ru,
-                'occurrences' => $s->occurrences,
-            ]);
-
-        return response()->json(['data' => $rows]);
-    }
-
-    /**
-     * POST /api/imports/unknown-statuses/resolve — ручной маппинг статусов.
-     */
-    public function resolveUnknownStatuses(ResolveUnknownStatusesRequest $request): JsonResponse
-    {
-        $tenantId = (int) $request->user()->tenant_id;
-        $userId = (int) $request->user()->id;
-
-        DB::transaction(function () use ($request, $tenantId, $userId): void {
-            DB::statement('SET LOCAL app.current_tenant_id = '.$tenantId);
-
-            foreach ($request->validated()['mappings'] as $mapping) {
-                ImportUnknownStatus::query()
-                    ->where('status_ru', $mapping['status_ru'])
-                    ->update([
-                        'mapped_to_slug' => $mapping['slug'],
-                        'resolved_at' => now(),
-                        'resolved_by' => $userId,
-                    ]);
-            }
-        });
-
-        return response()->json(['data' => ['resolved' => count($request->validated()['mappings'])]]);
-    }
-
-    /**
-     * @return array<string, mixed>
-     */
-    private function toResource(ImportLog $log): array
-    {
-        return [
-            'id' => $log->id,
-            'filename' => $log->filename,
-            'status' => $log->status,
-            'rows_total' => $log->rows_total,
-            'rows_added' => $log->rows_added,
-            'rows_updated' => $log->rows_updated,
-            'rows_skipped' => $log->rows_skipped,
-            'unknown_statuses_count' => $log->unknown_statuses_count,
-            'dry_run' => $log->dry_run,
-            'error_message' => $log->error_message,
-            'started_at' => $log->started_at?->toIso8601String(),
-            'finished_at' => $log->finished_at?->toIso8601String(),
-        ];
-    }
-}
-```
-
-> NB: route-model-binding `{importLog}` резолвится внутри tenant-транзакции middleware `tenant` → RLS автоматически отсекает чужие `import_log` (вернёт 404). Параметр `request` в `index()`/`unknownStatuses()` не нужен — tenant-контекст уже в RLS.
-
-- [ ] **Step 6: Зарегистрировать маршруты в `routes/web.php`**
-
-Найти группу `Route::middleware(['auth:sanctum', 'tenant'])->group(function () { ... })` (создана в Sprint 3F J1 для `/api/deals*`). Внутри неё добавить:
-
-```php
-// Sprint 4 — CSV-импорт исторических лидов (ТЗ §6).
-Route::get('/api/imports/unknown-statuses', [\App\Http\Controllers\Api\ImportController::class, 'unknownStatuses']);
-Route::post('/api/imports/unknown-statuses/resolve', [\App\Http\Controllers\Api\ImportController::class, 'resolveUnknownStatuses']);
-Route::get('/api/imports', [\App\Http\Controllers\Api\ImportController::class, 'index']);
-Route::post('/api/imports', [\App\Http\Controllers\Api\ImportController::class, 'store']);
-Route::get('/api/imports/{importLog}', [\App\Http\Controllers\Api\ImportController::class, 'show']);
-```
-
-> ВАЖНО: маршрут `/api/imports/unknown-statuses` объявить **до** `/api/imports/{importLog}` — иначе `{importLog}` перехватит `unknown-statuses` как id. Если в файле используется единый стиль импортов классов сверху — добавить `use App\Http\Controllers\Api\ImportController;` и сократить ссылки.
-
-- [ ] **Step 7: Прогнать тест — убедиться, что проходит**
-
-Run: `cd app && php vendor/bin/pest tests/Feature/Import/ImportControllerTest.php`
-Expected: PASS 8/8.
-
-- [ ] **Step 8: Регенерация Larastan baseline + полный backend-прогон (quirk 25)**
-
-Новые Pest-файлы (`tests/Feature/Import/*`, `tests/Unit/Import/*`) дают ложные `TestCall` ошибки Larastan. Регенерировать baseline:
-
-1. В `app/phpstan.neon` закомментировать строку `- phpstan-baseline.neon`.
-2. Run: `cd app && php vendor/bin/phpstan analyse --generate-baseline`
-3. Раскомментировать строку обратно.
-
-Затем полный прогон логического блока (бэкенд Sprint 4 готов):
-
-Run: `cd app && php vendor/bin/pest tests/Feature/Import tests/Unit/Import`
-Run: `cd app && composer pint && composer stan`
-Expected: Pest — все Import-тесты зелёные; Pint — clean; Larastan — 0 errors.
-
-- [ ] **Step 9: Коммит**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация"
-git add app/app/Http/Controllers/Api/ImportController.php app/app/Http/Requests/StoreImportRequest.php app/app/Http/Requests/ResolveUnknownStatusesRequest.php app/routes/web.php app/tests/Feature/Import/ImportControllerTest.php app/phpstan-baseline.neon
-git commit -m "feat(import): ImportController + маршруты /api/imports"
-```
-
----
-
-## Task 10: Frontend — `api/imports.ts` + `ImportView.vue`
-
-Экран импорта: загрузка файла, прогресс (polling), таблица результата, история импортов.
-
-**Files:**
-
-- Create: `app/resources/js/api/imports.ts`
-- Create: `app/resources/js/views/ImportView.vue`
-- Test: `app/resources/js/views/__tests__/ImportView.spec.ts`
-
-> Пре-проверка перед написанием: открыть существующий `app/resources/js/api/dashboard.ts` — повторить его стиль (axios-инстанс, экспорт функций, типы). Открыть соседний `*.spec.ts` (напр. `views/__tests__/DashboardView.spec.ts`) — повторить расположение и стиль тестов (mount, мок axios). Если каталог `__tests__` называется иначе — положить spec по фактической конвенции.
-
-- [ ] **Step 1: Создать `api/imports.ts`**
-
-`app/resources/js/api/imports.ts`:
-
-```ts
-import axios from 'axios';
-
-export interface ImportLogResource {
-    id: number;
-    filename: string;
-    status: 'pending' | 'processing' | 'done' | 'failed';
-    rows_total: number;
-    rows_added: number;
-    rows_updated: number;
-    rows_skipped: number;
-    unknown_statuses_count: number;
-    dry_run: boolean;
-    error_message: string | null;
-    started_at: string | null;
-    finished_at: string | null;
-}
-
-export interface UnknownStatus {
-    id: number;
-    status_ru: string;
-    occurrences: number;
-}
-
-export interface StatusMapping {
-    status_ru: string;
-    slug: string;
-}
-
-/** POST /api/imports — загрузить CSV. */
-export async function uploadImport(file: File, dryRun = false): Promise<ImportLogResource> {
-    const form = new FormData();
-    form.append('file', file);
-    if (dryRun) {
-        form.append('dry_run', '1');
-    }
-    const { data } = await axios.post<{ data: ImportLogResource }>('/api/imports', form);
-    return data.data;
-}
-
-/** GET /api/imports — история импортов. */
-export async function listImports(): Promise<ImportLogResource[]> {
-    const { data } = await axios.get<{ data: ImportLogResource[] }>('/api/imports');
-    return data.data;
-}
-
-/** GET /api/imports/{id} — прогресс одного импорта. */
-export async function getImport(id: number): Promise<ImportLogResource> {
-    const { data } = await axios.get<{ data: ImportLogResource }>(`/api/imports/${id}`);
-    return data.data;
-}
-
-/** GET /api/imports/unknown-statuses — незамапленные статусы. */
-export async function getUnknownStatuses(): Promise<UnknownStatus[]> {
-    const { data } = await axios.get<{ data: UnknownStatus[] }>('/api/imports/unknown-statuses');
-    return data.data;
-}
-
-/** POST /api/imports/unknown-statuses/resolve — сохранить маппинг. */
-export async function resolveUnknownStatuses(mappings: StatusMapping[]): Promise<void> {
-    await axios.post('/api/imports/unknown-statuses/resolve', { mappings });
-}
-```
-
-- [ ] **Step 2: Написать падающий тест**
-
-`app/resources/js/views/__tests__/ImportView.spec.ts`:
-
-```ts
-import { mount, flushPromises } from '@vue/test-utils';
-import { describe, expect, it, vi, beforeEach } from 'vitest';
-import { createVuetify } from 'vuetify';
-import * as components from 'vuetify/components';
-import * as directives from 'vuetify/directives';
-import ImportView from '../ImportView.vue';
-import * as importsApi from '../../api/imports';
-
-const vuetify = createVuetify({ components, directives });
-
-function mountView() {
-    return mount(ImportView, {
-        global: {
-            plugins: [vuetify],
-            stubs: { UnknownStatusesDialog: true },
-        },
-    });
-}
-
-describe('ImportView', () => {
-    beforeEach(() => {
-        vi.restoreAllMocks();
-        vi.spyOn(importsApi, 'listImports').mockResolvedValue([]);
-        vi.spyOn(importsApi, 'getUnknownStatuses').mockResolvedValue([]);
-    });
-
-    it('грузит историю импортов при монтировании', async () => {
-        const spy = vi.spyOn(importsApi, 'listImports').mockResolvedValue([
-            {
-                id: 1, filename: 'leads.csv', status: 'done', rows_total: 5,
-                rows_added: 5, rows_updated: 0, rows_skipped: 0,
-                unknown_statuses_count: 0, dry_run: false,
-                error_message: null, started_at: null, finished_at: null,
-            },
-        ]);
-        const wrapper = mountView();
-        await flushPromises();
-
-        expect(spy).toHaveBeenCalled();
-        expect(wrapper.text()).toContain('leads.csv');
-    });
-
-    it('кнопка загрузки заблокирована без выбранного файла', async () => {
-        const wrapper = mountView();
-        await flushPromises();
-
-        const uploadBtn = wrapper.find('[data-test="upload-btn"]');
-        expect(uploadBtn.attributes('disabled')).toBeDefined();
-    });
-
-    it('показывает баннер о неизвестных статусах', async () => {
-        vi.spyOn(importsApi, 'getUnknownStatuses').mockResolvedValue([
-            { id: 1, status_ru: 'Архив', occurrences: 3 },
-        ]);
-        const wrapper = mountView();
-        await flushPromises();
-
-        expect(wrapper.find('[data-test="unknown-banner"]').exists()).toBe(true);
-    });
-});
-```
-
-- [ ] **Step 3: Прогнать — убедиться, что падает**
-
-Run: `cd app && npm run test:vue -- ImportView`
-Expected: FAIL — `ImportView.vue` нет.
-
-- [ ] **Step 4: Создать `ImportView.vue`**
-
-`app/resources/js/views/ImportView.vue`:
-
-```vue
-<script setup lang="ts">
-/**
- * Импорт данных — загрузка CSV исторических лидов из crm.bp-gr.ru (ТЗ §6).
- *
- * Flow: выбрать файл → загрузить → polling прогресса → таблица результата.
- * Неизвестные статусы маппятся через UnknownStatusesDialog.
- */
-import { computed, onMounted, onUnmounted, ref } from 'vue';
-import {
-    getImport,
-    getUnknownStatuses,
-    listImports,
-    uploadImport,
-    type ImportLogResource,
-    type UnknownStatus,
-} from '../api/imports';
-import UnknownStatusesDialog from '../components/import/UnknownStatusesDialog.vue';
-
-const file = ref<File | null>(null);
-const dryRun = ref(false);
-const uploading = ref(false);
-const errorMessage = ref<string | null>(null);
-const history = ref<ImportLogResource[]>([]);
-const activeImport = ref<ImportLogResource | null>(null);
-const unknownStatuses = ref<UnknownStatus[]>([]);
-const wizardOpen = ref(false);
-
-let pollTimer: ReturnType<typeof setInterval> | null = null;
-
-const canUpload = computed(() => file.value !== null && !uploading.value);
-const isProcessing = computed(
-    () => activeImport.value?.status === 'pending' || activeImport.value?.status === 'processing',
-);
-
-async function refreshHistory(): Promise<void> {
-    try {
-        history.value = await listImports();
-    } catch {
-        // история — не критично, тихо игнорируем
-    }
-}
-
-async function refreshUnknown(): Promise<void> {
-    try {
-        unknownStatuses.value = await getUnknownStatuses();
-    } catch {
-        unknownStatuses.value = [];
-    }
-}
-
-function stopPolling(): void {
-    if (pollTimer !== null) {
-        clearInterval(pollTimer);
-        pollTimer = null;
-    }
-}
-
-function startPolling(id: number): void {
-    stopPolling();
-    pollTimer = setInterval(async () => {
-        try {
-            activeImport.value = await getImport(id);
-            if (!isProcessing.value) {
-                stopPolling();
-                await refreshHistory();
-                await refreshUnknown();
-            }
-        } catch {
-            stopPolling();
-        }
-    }, 2000);
-}
-
-async function submit(): Promise<void> {
-    if (file.value === null) {
-        return;
-    }
-    uploading.value = true;
-    errorMessage.value = null;
-    try {
-        activeImport.value = await uploadImport(file.value, dryRun.value);
-        startPolling(activeImport.value.id);
-        file.value = null;
-    } catch (e: unknown) {
-        errorMessage.value = 'Не удалось загрузить файл. Проверьте формат (CSV, до 10 МБ).';
-    } finally {
-        uploading.value = false;
-    }
-}
-
-async function onWizardResolved(): Promise<void> {
-    wizardOpen.value = false;
-    await refreshUnknown();
-}
-
-onMounted(async () => {
-    await refreshHistory();
-    await refreshUnknown();
-});
-
-onUnmounted(stopPolling);
-</script>
-
-<template>
-    <v-container fluid class="import-view pa-6">
-        <header class="page-head mb-4">
-            <h1 class="text-h4 mb-2">Импорт данных</h1>
-            <p class="text-body-2 text-medium-emphasis ma-0">
-                Перенос исторических лидов из crm.bp-gr.ru. Формат — CSV-выгрузка (UTF-8).
-            </p>
-        </header>
-
-        <v-alert
-            v-if="unknownStatuses.length > 0"
-            data-test="unknown-banner"
-            type="warning"
-            variant="tonal"
-            class="mb-4"
-        >
-            Найдено {{ unknownStatuses.length }} неизвестных статусов воронки — замапьте вручную.
-            <template #append>
-                <v-btn size="small" variant="flat" @click="wizardOpen = true">Замапить</v-btn>
-            </template>
-        </v-alert>
-
-        <v-card variant="outlined" class="pa-6 mb-6">
-            <v-file-input
-                v-model="file"
-                label="CSV-файл выгрузки лидов"
-                accept=".csv,text/csv"
-                prepend-icon="mdi-database-import-outline"
-                variant="outlined"
-                density="comfortable"
-                :disabled="uploading"
-            />
-            <v-checkbox
-                v-model="dryRun"
-                label="Пробный прогон (проверить файл без записи сделок)"
-                density="compact"
-                hide-details
-            />
-            <v-alert v-if="errorMessage" type="error" variant="tonal" class="mt-3">
-                {{ errorMessage }}
-            </v-alert>
-            <div class="mt-4">
-                <v-btn
-                    data-test="upload-btn"
-                    color="primary"
-                    :loading="uploading"
-                    :disabled="!canUpload"
-                    @click="submit"
-                >
-                    Загрузить
-                </v-btn>
-            </div>
-        </v-card>
-
-        <v-card v-if="activeImport" variant="outlined" class="pa-6 mb-6">
-            <h2 class="text-h6 mb-3">Текущий импорт — {{ activeImport.filename }}</h2>
-            <v-progress-linear
-                v-if="isProcessing"
-                indeterminate
-                color="primary"
-                class="mb-3"
-            />
-            <div data-test="active-status" class="text-body-2">
-                Статус: <strong>{{ activeImport.status }}</strong>
-            </div>
-            <v-table v-if="!isProcessing" density="compact" class="mt-3">
-                <tbody>
-                    <tr><td>Добавлено</td><td>{{ activeImport.rows_added }}</td></tr>
-                    <tr><td>Обновлено</td><td>{{ activeImport.rows_updated }}</td></tr>
-                    <tr><td>Пропущено</td><td>{{ activeImport.rows_skipped }}</td></tr>
-                    <tr><td>Неизвестных статусов</td><td>{{ activeImport.unknown_statuses_count }}</td></tr>
-                </tbody>
-            </v-table>
-            <v-alert
-                v-if="activeImport.status === 'failed'"
-                type="error"
-                variant="tonal"
-                class="mt-3"
-            >
-                {{ activeImport.error_message }}
-            </v-alert>
-        </v-card>
-
-        <v-card variant="outlined" class="pa-6">
-            <h2 class="text-h6 mb-3">История импортов</h2>
-            <v-table v-if="history.length > 0" density="compact">
-                <thead>
-                    <tr>
-                        <th>Файл</th><th>Статус</th><th>Добавлено</th><th>Обновлено</th><th>Пропущено</th>
-                    </tr>
-                </thead>
-                <tbody>
-                    <tr v-for="row in history" :key="row.id">
-                        <td>{{ row.filename }}</td>
-                        <td>{{ row.status }}</td>
-                        <td>{{ row.rows_added }}</td>
-                        <td>{{ row.rows_updated }}</td>
-                        <td>{{ row.rows_skipped }}</td>
-                    </tr>
-                </tbody>
-            </v-table>
-            <p v-else class="text-body-2 text-medium-emphasis ma-0">Импортов пока нет.</p>
-        </v-card>
-
-        <UnknownStatusesDialog
-            v-model="wizardOpen"
-            :statuses="unknownStatuses"
-            @resolved="onWizardResolved"
-        />
-    </v-container>
-</template>
-
-<style scoped>
-.import-view {
-    max-width: 1100px;
-}
-</style>
-```
-
-- [ ] **Step 5: Прогнать тест (зависит от Task 11 — `UnknownStatusesDialog`)**
-
-`ImportView` импортирует `UnknownStatusesDialog`. Тест монтирует со `stubs: { UnknownStatusesDialog: true }`, но импорт компонента должен резолвиться — реализовать Task 11 до прогона. Временный прогон до Task 11 даст ошибку резолва импорта.
-
-Run: `cd app && npm run test:vue -- ImportView`
-Expected (после Task 11): PASS 3/3.
-
-- [ ] **Step 6: Коммит**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация"
-git add app/resources/js/api/imports.ts app/resources/js/views/ImportView.vue app/resources/js/views/__tests__/ImportView.spec.ts
-git commit -m "feat(import): ImportView + api/imports.ts"
-```
-
----
-
-## Task 11: `UnknownStatusesDialog` — wizard маппинга статусов (H6)
-
-Диалог: список незамапленных статусов, для каждого — `v-select` из 14 канонических slug'ов; «Сохранить» → POST resolve.
-
-**Files:**
-
-- Create: `app/resources/js/components/import/UnknownStatusesDialog.vue`
-- Test: `app/resources/js/components/import/__tests__/UnknownStatusesDialog.spec.ts`
-
-- [ ] **Step 1: Написать падающий тест**
-
-`app/resources/js/components/import/__tests__/UnknownStatusesDialog.spec.ts`:
-
-```ts
-import { mount, flushPromises } from '@vue/test-utils';
-import { describe, expect, it, vi, beforeEach } from 'vitest';
-import { createVuetify } from 'vuetify';
-import * as components from 'vuetify/components';
-import * as directives from 'vuetify/directives';
-import UnknownStatusesDialog from '../UnknownStatusesDialog.vue';
-import * as importsApi from '../../../api/imports';
-
-const vuetify = createVuetify({ components, directives });
-
-function mountDialog() {
-    return mount(UnknownStatusesDialog, {
-        props: {
-            modelValue: true,
-            statuses: [
-                { id: 1, status_ru: 'Архив', occurrences: 3 },
-                { id: 2, status_ru: 'Спам', occurrences: 1 },
-            ],
-        },
-        global: { plugins: [vuetify] },
-        attachTo: document.body,
-    });
-}
-
-describe('UnknownStatusesDialog', () => {
-    beforeEach(() => {
-        vi.restoreAllMocks();
-        vi.spyOn(importsApi, 'resolveUnknownStatuses').mockResolvedValue();
-    });
-
-    it('рендерит строку на каждый неизвестный статус', () => {
-        const wrapper = mountDialog();
-        expect(document.body.textContent).toContain('Архив');
-        expect(document.body.textContent).toContain('Спам');
-        wrapper.unmount();
-    });
-
-    it('кнопка сохранения заблокирована пока не выбраны все маппинги', async () => {
-        const wrapper = mountDialog();
-        await flushPromises();
-        const save = document.querySelector('[data-test="save-mappings"]') as HTMLButtonElement;
-        expect(save.disabled).toBe(true);
-        wrapper.unmount();
-    });
-
-    it('сохраняет маппинги и эмитит resolved', async () => {
-        const spy = vi.spyOn(importsApi, 'resolveUnknownStatuses').mockResolvedValue();
-        const wrapper = mountDialog();
-        // выбираем slug для обоих статусов через программную установку
-        wrapper.vm.selection['Архив'] = 'closed';
-        wrapper.vm.selection['Спам'] = 'closed';
-        await flushPromises();
-        await wrapper.vm.save();
-        await flushPromises();
-
-        expect(spy).toHaveBeenCalledWith([
-            { status_ru: 'Архив', slug: 'closed' },
-            { status_ru: 'Спам', slug: 'closed' },
-        ]);
-        expect(wrapper.emitted('resolved')).toBeTruthy();
-        wrapper.unmount();
-    });
-});
-```
-
-- [ ] **Step 2: Прогнать — убедиться, что падает**
-
-Run: `cd app && npm run test:vue -- UnknownStatusesDialog`
-Expected: FAIL — компонента нет.
-
-- [ ] **Step 3: Создать `UnknownStatusesDialog.vue`**
-
-`app/resources/js/components/import/UnknownStatusesDialog.vue`:
-
-```vue
-<script setup lang="ts">
-/**
- * Wizard маппинга неизвестных статусов воронки из CSV-импорта (ТЗ §6.4/§6.6).
- *
- * Для каждого незамапленного русского статуса пользователь выбирает один из
- * 14 канонических slug'ов. Сохранение → POST /api/imports/unknown-statuses/resolve.
- */
-import { computed, reactive, ref } from 'vue';
-import { resolveUnknownStatuses, type StatusMapping, type UnknownStatus } from '../../api/imports';
-
-const props = defineProps<{
-    modelValue: boolean;
-    statuses: UnknownStatus[];
-}>();
-
-const emit = defineEmits<{
-    'update:modelValue': [value: boolean];
-    resolved: [];
-}>();
-
-/** 14 канонических статусов воронки (ТЗ §6.4). */
-const STATUS_OPTIONS: { value: string; title: string }[] = [
-    { value: 'new', title: 'Новые' },
-    { value: 'viewed', title: 'Просмотрено' },
-    { value: 'worked', title: 'Проработан' },
-    { value: 'base', title: 'База' },
-    { value: 'missed', title: 'Недозвон' },
-    { value: 'negotiations', title: 'Переговоры' },
-    { value: 'waiting_payment', title: 'Ожидаем оплаты' },
-    { value: 'partnership', title: 'Партнерка' },
-    { value: 'paid', title: 'Оплачено' },
-    { value: 'closed', title: 'Закрыто и не реализовано' },
-    { value: 'test_drive', title: 'Тест драйв' },
-    { value: 'hot', title: 'Горячий' },
-    { value: 'replacement', title: 'На замену' },
-    { value: 'final_missed', title: 'Конечный недозвон' },
-];
-
-const selection = reactive<Record<string, string | null>>({});
-const saving = ref(false);
-const error = ref<string | null>(null);
-
-const dialogOpen = computed({
-    get: () => props.modelValue,
-    set: (v: boolean) => emit('update:modelValue', v),
-});
-
-const allMapped = computed(
-    () => props.statuses.length > 0 && props.statuses.every((s) => !!selection[s.status_ru]),
-);
-
-async function save(): Promise<void> {
-    if (!allMapped.value) {
-        return;
-    }
-    saving.value = true;
-    error.value = null;
-    try {
-        const mappings: StatusMapping[] = props.statuses.map((s) => ({
-            status_ru: s.status_ru,
-            slug: selection[s.status_ru] as string,
-        }));
-        await resolveUnknownStatuses(mappings);
-        emit('resolved');
-    } catch {
-        error.value = 'Не удалось сохранить маппинг. Повторите попытку.';
-    } finally {
-        saving.value = false;
-    }
-}
-
-defineExpose({ selection, save });
-</script>
-
-<template>
-    <v-dialog v-model="dialogOpen" max-width="640">
-        <v-card>
-            <v-card-title class="text-h6">Маппинг неизвестных статусов</v-card-title>
-            <v-card-text>
-                <p class="text-body-2 text-medium-emphasis mb-4">
-                    Эти статусы из CSV не входят в стандартную воронку. Выберите
-                    соответствие — повторный импорт применит маппинг автоматически.
-                </p>
-                <div
-                    v-for="status in statuses"
-                    :key="status.id"
-                    class="d-flex align-center ga-3 mb-3"
-                >
-                    <div class="flex-grow-1">
-                        <strong>{{ status.status_ru }}</strong>
-                        <span class="text-caption text-medium-emphasis ml-2">
-                            ({{ status.occurrences }} шт.)
-                        </span>
-                    </div>
-                    <v-select
-                        v-model="selection[status.status_ru]"
-                        :items="STATUS_OPTIONS"
-                        label="Статус воронки"
-                        density="compact"
-                        variant="outlined"
-                        hide-details
-                        style="max-width: 280px"
-                    />
-                </div>
-                <v-alert v-if="error" type="error" variant="tonal" class="mt-2">
-                    {{ error }}
-                </v-alert>
-            </v-card-text>
-            <v-card-actions>
-                <v-spacer />
-                <v-btn variant="text" @click="dialogOpen = false">Отмена</v-btn>
-                <v-btn
-                    data-test="save-mappings"
-                    color="primary"
-                    variant="flat"
-                    :loading="saving"
-                    :disabled="!allMapped"
-                    @click="save"
-                >
-                    Сохранить
-                </v-btn>
-            </v-card-actions>
-        </v-card>
-    </v-dialog>
-</template>
-```
-
-- [ ] **Step 4: Прогнать тесты — диалог + ImportView из Task 10**
-
-Run: `cd app && npm run test:vue -- UnknownStatusesDialog ImportView`
-Expected: PASS — `UnknownStatusesDialog` 3/3 + `ImportView` 3/3 (теперь импорт резолвится).
-
-- [ ] **Step 5: Коммит**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация"
-git add app/resources/js/components/import/UnknownStatusesDialog.vue app/resources/js/components/import/__tests__/UnknownStatusesDialog.spec.ts
-git commit -m "feat(import): UnknownStatusesDialog — wizard маппинга статусов"
-```
-
----
-
-## Task 12: UI-вход — маршрут `/import` + сайдбар (H8) + инструкция (H9)
-
-**Files:**
-
-- Modify: `app/resources/js/router/index.ts`
-- Modify: `app/resources/js/components/AppSidebar.vue`
-- Create: `docs/Как_перенести_данные_из_crm-bp-gr.md`
-- Test: `app/resources/js/router/__tests__/router.spec.ts` (или фактический файл роутер-тестов — пре-проверить)
-
-> **Decision (H8):** UI-вход для импорта **лидов** — отдельный маршрут `/import` + пункт сайдбара, НЕ вкладка `SettingsView`. Причина: (1) избегаем коллизии с невлитым Sprint 3E (реструктуризация вкладок Settings); (2) импорт — самостоятельный flow, не «настройка». «Кнопка в ProjectsView» из аудит-спека относится к импорту **проектов** (H7) — вне scope этого плана.
-
-- [ ] **Step 1: Написать падающий тест маршрута**
-
-Пре-проверка: открыть `app/resources/js/router/index.ts` — найти стиль объявления маршрутов (`meta: { layout: 'app' }`, lazy-import). Открыть существующий роутер-тест, повторить стиль. Добавить кейс:
-
-```ts
-it('маршрут /import зарегистрирован с layout app', () => {
-    const route = router.resolve('/import');
-    expect(route.name).toBe('import');
-    expect(route.meta.layout).toBe('app');
-});
-```
-
-- [ ] **Step 2: Прогнать — убедиться, что падает**
-
-Run: `cd app && npm run test:vue -- router`
-Expected: FAIL — маршрута нет.
-
-- [ ] **Step 3: Добавить маршрут в `router/index.ts`**
-
-В массив `routes` добавить (повторив стиль соседних app-маршрутов — lazy-import + `meta.layout`):
-
-```ts
-{
-    path: '/import',
-    name: 'import',
-    component: () => import('../views/ImportView.vue'),
-    meta: { layout: 'app' },
-},
-```
-
-> Если соседние маршруты используют `meta.devIndex` — добавить следующий по счёту индекс. Если есть `meta.requiresAuth` или аналог — добавить по конвенции файла.
-
-- [ ] **Step 4: Добавить пункт в `AppSidebar.vue`**
-
-Пре-проверка: открыть `app/resources/js/components/AppSidebar.vue` — найти структуру навигации (массив `navItems`/группы «Работа» и т.п.). Добавить пункт в подходящую группу (рядом с «Сделки»/«Проекты»), повторив форму существующих элементов:
-
-```ts
-{ title: 'Импорт данных', icon: 'mdi-database-import-outline', to: '/import' },
-```
-
-> Точные ключи (`title`/`label`, `icon`/`countKey`, `to`/`route`) — взять из соседних элементов файла, не выдумывать. Если навигация сгруппирована — поместить в группу «Работа» (или ближайшую по смыслу).
-
-- [ ] **Step 5: Создать инструкцию H9**
-
-`docs/Как_перенести_данные_из_crm-bp-gr.md`:
-
-```markdown
-# Как перенести данные из crm.bp-gr.ru
-
-> Опциональный модуль. Нужен, если вы раньше вели лиды в crm.bp-gr.ru и хотите
-> перенести историю в Лидерру. Новые лиды приходят через webhook автоматически —
-> импорт нужен только для исторических данных.
-
-## Шаг 1. Выгрузите CSV из crm.bp-gr.ru
-
-Откройте в crm.bp-gr.ru:
-
-```
-
-https://crm.bp-gr.ru/admin/visit/index-visit-archive?ext=csv
-
-```
-
-Сохранится файл с колонками:
-`id, Проект, Тег проекта, Телефон, Создано, Напоминание, Комментарий, Состояние, Имя`.
-
-Файл должен быть в кодировке UTF-8, разделитель — запятая.
-
-## Шаг 2. Загрузите файл в Лидерре
-
-1. Откройте раздел **«Импорт данных»** в боковом меню.
-2. Выберите CSV-файл.
-3. (Опционально) включите **«Пробный прогон»** — проверка файла без записи сделок.
-4. Нажмите **«Загрузить»**.
-
-## Шаг 3. Дождитесь завершения
-
-Импорт идёт в фоне. На экране виден прогресс; по завершении придёт письмо
-со сводкой: сколько сделок добавлено, обновлено, пропущено.
-
-Повторная загрузка того же файла безопасна — дубли не создаются (сделки
-сопоставляются по `id` из crm.bp-gr.ru). Баланс лидов при импорте **не списывается**.
-
-## Шаг 4. Замапьте неизвестные статусы (если появятся)
-
-Если в файле встретятся статусы воронки, которых нет в Лидерре, появится баннер
-**«Найдено N неизвестных статусов»**. Нажмите **«Замапить»**, выберите для каждого
-соответствие из стандартной воронки и сохраните. Затем загрузите файл ещё раз —
-сделки с этими статусами обновятся автоматически.
-
-## Возможные ошибки
-
-| Симптом | Причина | Решение |
-|---|---|---|
-| Строка пропущена | Невалидный телефон (не `7XXXXXXXXXX`) или дата | Исправьте строку в CSV |
-| Импорт «failed» | Файл повреждён / не CSV | Перевыгрузите файл из crm.bp-gr.ru |
-| Статус сделки стал «Новые» | Неизвестный статус, ещё не замаплен | Замапьте статус и повторите импорт |
-```
-
-- [ ] **Step 6: Прогнать тест маршрута + полный Vitest-блок**
-
-Run: `cd app && npm run test:vue -- router ImportView UnknownStatusesDialog`
-Expected: PASS — router-кейс зелёный + Import-тесты зелёные.
-
-- [ ] **Step 7: Коммит**
-
-```bash
-cd "c:/моя/проекты/портал crm/Документация"
-git add app/resources/js/router/index.ts app/resources/js/components/AppSidebar.vue "docs/Как_перенести_данные_из_crm-bp-gr.md" app/resources/js/router/__tests__/router.spec.ts
-git commit -m "feat(import): маршрут /import + сайдбар + инструкция H9"
-```
-
----
-
-## Финальная верификация (после всех задач)
-
-- [ ] **Полный регресс-прогон:**
-
-```bash
-cd app
-php artisan migrate:fresh --seed                       # схема v8.20 применяется чисто
-php vendor/bin/pest --parallel                          # весь backend
-npm run test:vue                                        # весь frontend
-composer pint && composer stan                          # стиль + статанализ
-npx vue-tsc --noEmit                                    # типы Vue
-```
-
-Expected: Pest — 0 failed (новые Import-тесты + 0 регрессий); Vitest — 0 failed; Pint — clean; Larastan — 0; vue-tsc — 0.
-
-- [ ] **Browser smoke** (Playwright MCP, dev-сервер запущен): открыть `/import`, проверить рендер, отсутствие console-ошибок.
-
-- [ ] **Реестр открытых вопросов** — НЕ трогать. H1–H9 — аудит-находки, не реестровые `Б-/CTO-/DO-/Ю-/Диз-/OPEN-`. Если по ходу всплывут реестровые вопросы — оставить открытыми (нет «закрываем» от заказчика).
-
----
-
-## Self-Review (выполнено при написании плана)
-
-**1. Покрытие spec'а (аудит §3 Sprint 4 — H1–H9):**
-
-| H | Покрыто | Где |
-|---|---|---|
-| H1 — `import_unknown_statuses` + RLS | ✅ | Task 1 |
-| H2 — enrichment `import_log` (+5 колонок) | ✅ | Task 1 |
-| H3 — `CsvLeadsParser` + `StatusRuToSlugMapper` + `HistoricalImportService` | ✅ | Tasks 4, 5, 6 |
-| H4 — `ImportLeadsJob` + `ImportController` + route + email | ✅ | Tasks 7, 8, 9 |
-| H5 — Frontend ImportView (dropzone + progress + результат) | ✅ | Task 10 |
-| H6 — Unknown statuses wizard | ✅ | Task 11 |
-| H7 — Bulk-импорт проектов | ⏭️ **вынесено** | см. «Scope» — формат не специфицирован в ТЗ §6 → отдельный план Sprint 4B |
-| H8 — UI-вход | ✅ (решение: `/import` + сайдбар) | Task 12 |
-| H9 — Мини-инструкция | ✅ | Task 12 |
-
-**2. Placeholder-скан:** в коде задач нет «TODO»/«добавить обработку ошибок»/«аналогично Task N». Пре-проверки (`api/dashboard.ts`, `AppSidebar.vue`, `router/index.ts`) — это инструкции свериться с фактической конвенцией перед написанием, не placeholder'ы кода.
-
-**3. Согласованность типов:**
-
-- `ImportLog`/`ImportUnknownStatus` (Task 2) — `fillable`/`casts` совпадают с колонками миграции Task 1 (`entity_type`, `source_system`, `mapping_config`, `unknown_statuses_count`, `dry_run`).
-- `ImportResult` (Task 6) — поля `added/updated/skipped/unknownStatuses/errors` используются в `ImportLeadsJob` (Task 7) консистентно.
-- `MonthlyPartitionManager::ensureRange/ensureMonth` (Task 3) — сигнатуры совпадают с вызовами в `HistoricalImportService` (Task 6) и `PartitionsCreateMonths` (Task 3 Step 4).
-- `ImportLogResource`/`UnknownStatus`/`StatusMapping` (TS, Task 10) — поля совпадают с `ImportController::toResource()`/`unknownStatuses()` JSON (Task 9).
-- 14 slug'ов в `UnknownStatusesDialog.STATUS_OPTIONS` (Task 11) = `STATUS_RU_TO_SLUG` в `StatusRuToSlugMapper` (Task 4) = ТЗ §6.4.
-
-**4. Ключевые архитектурные решения зафиксированы:**
-
-- ТЗ §6.3 «Напоминание → `deals.reminder_at`» — колонка удалена в v8.3; план маршрутизирует на таблицу `reminders` (Task 6 `syncReminder`).
-- Исторические даты вне партиций `deals` — `MonthlyPartitionManager` создаёт партиции под диапазон CSV (Task 3 + Task 6).
-- Идемпотентность — `webhook_dedup_keys` + advisory lock (паритет с `ProcessWebhookJob`).
-- Баланс не списывается — одна транзакция `historical_import` (Task 6 `recordHistoricalTransaction`).
-- Quirk 25 — регенерация Larastan baseline учтена (Task 9 Step 8).
-- Коллизия со Sprint 3E (`SettingsView`) исключена — UI-вход через `/import`, Settings не трогается.
-
----
-
-## Execution Handoff
-
-План сохранён: `docs/superpowers/plans/2026-05-16-sprint4-historical-import.md`.
-
-**Зависимость:** план ветвится от `origin/main` (`447ef59`, Sprint 3F). Со Sprint 3E коллизии нет (Settings не трогается). H7 (импорт проектов) — отдельный план Sprint 4B (нужен format-спек 18-колоночного CSV).
diff --git a/docs/superpowers/plans/2026-05-16-sprint5a-auth-polish.md b/docs/superpowers/plans/2026-05-16-sprint5a-auth-polish.md
deleted file mode 100644
index 04dc9d2..0000000
--- a/docs/superpowers/plans/2026-05-16-sprint5a-auth-polish.md
+++ /dev/null
@@ -1,567 +0,0 @@
-# Sprint 5A — Auth polish Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Закрыть 5 P2-эпиков подсистемы Auth из portal-wide аудита (A1, A4, A5, A6, A8) — Sprint 5, под-план A.
-
-**Architecture:** Точечные правки 4 auth-view'ов (Vue 3 + Vuetify 3) + DemoSeeder-тулинг. Каждый эпик — отдельная атомарная задача с TDD-циклом (failing test → impl → green → commit). A5 — задача-характеризация (regression-тест), т.к. находка аудита не воспроизводится против текущего кода.
-
-**Tech Stack:** Vue 3.5 + Vuetify 3.12 + TypeScript, Vitest 4 (frontend), Pest 4 (backend), Laravel 13.
-
-**Источник:** [docs/superpowers/specs/2026-05-15-portal-audit-design.md](../specs/2026-05-15-portal-audit-design.md) §3 Sprint 5 + §4 раздел A.
-
-**Исполнять в изолированном worktree** off `origin/main` (`c64be74`): текущая ветка `feat/sprint3f-api-middleware` отстала от origin/main и содержит несвязанный staged WIP (`automation-graph.html`, `dev-indices.json`) — его НЕ трогать. Ветка спринта: `feat/sprint5a-auth-polish`.
-
----
-
-## Эпики (из аудита §4.A)
-
-| ID | Объект | Находка | Решение |
-|---|---|---|---|
-| A1 | `LoginView.vue` Yandex 360 SSO | dead stub без `:disabled` | disabled + tooltip «после Б-1» |
-| A4 | `ResetPasswordView.vue` поле подтверждения | нет `:error-messages` на несовпадение | computed-ошибка «Пароли не совпадают» |
-| A5 | `ForgotPasswordView.vue` catch | аудит: «fallback недостижим» | **не воспроизводится** → regression-тест, фиксирующий достижимость |
-| A6 | `TwoFactorView.vue` таймер | хардкод «02:34» | реальный обратный отсчёт TOTP-окна (30 с) |
-| A8 | DemoSeeder | «422 при логине» (не пере-сидирован) | `composer demo:seed` + раздел в README + idempotency-тест |
-
-## File Structure
-
-| Файл | Ответственность | Задача |
-|---|---|---|
-| `app/resources/js/views/auth/LoginView.vue` | экран входа — SSO-кнопка в disabled-tooltip обёртке | T1 (A1) |
-| `app/resources/js/views/auth/ResetPasswordView.vue` | экран нового пароля — computed-ошибка подтверждения | T2 (A4) |
-| `app/resources/js/views/auth/ForgotPasswordView.vue` | без правок — только regression-тест | T3 (A5) |
-| `app/resources/js/views/auth/TwoFactorView.vue` | экран 2FA — таймер TOTP-окна на `setInterval` | T4 (A6) |
-| `app/composer.json` | +script `demo:seed` | T5 (A8) |
-| `app/README.md` | +раздел «Демо-данные» | T5 (A8) |
-| `app/tests/Feature/DemoSeederTest.php` | новый — idempotency DemoSeeder | T5 (A8) |
-| `app/tests/Frontend/{LoginView,ResetPasswordView,ForgotPasswordView,TwoFactorView}.spec.ts` | +по 1 тесту на эпик | T1-T4 |
-
-**Команды (запускать из `app/`):**
-
-- Один Vitest-файл: `npx vitest run tests/Frontend/<File>.spec.ts`
-- Один Vitest-тест: `npx vitest run tests/Frontend/<File>.spec.ts -t "<имя>"`
-- Pest-файл: `php artisan test tests/Feature/DemoSeederTest.php`
-- Полная регрессия: `npm run test:vue`, `php artisan test`, `npm run type-check`, `npm run lint:vue`, `composer pint`
-
----
-
-## Task 1: A1 — LoginView Yandex 360 SSO disabled + tooltip
-
-**Files:**
-
-- Modify: `app/resources/js/views/auth/LoginView.vue:107` (SSO-кнопка) + `<style>` блок
-- Test: `app/tests/Frontend/LoginView.spec.ts` (+1 тест)
-
-- [ ] **Step 1: Написать падающий тест**
-
-Добавить в `app/tests/Frontend/LoginView.spec.ts` внутрь `describe('LoginView.vue', ...)` после последнего `it`:
-
-```ts
-    it('A1: SSO Yandex 360 — кнопка disabled до подключения Б-1', async () => {
-        const wrapper = await mountLoginView();
-        const ssoBtn = wrapper.findAll('button').find((b) => b.text().includes('Yandex 360'));
-        expect(ssoBtn).toBeDefined();
-        expect(ssoBtn!.classes()).toContain('v-btn--disabled');
-    });
-```
-
-- [ ] **Step 2: Запустить тест — убедиться, что падает**
-
-Run: `npx vitest run tests/Frontend/LoginView.spec.ts -t "A1"`
-Expected: FAIL — кнопка не disabled, класс `v-btn--disabled` отсутствует.
-
-- [ ] **Step 3: Реализация**
-
-В `app/resources/js/views/auth/LoginView.vue` заменить строку 107:
-
-```html
-            <v-btn block size="large" variant="outlined"> Войти через Yandex 360 </v-btn>
-```
-
-на (disabled-кнопка не ловит hover — tooltip вешаем на обёртку-`div`):
-
-```html
-            <v-tooltip
-                text="Вход через Yandex 360 станет доступен после регистрации юр. лица (Б-1)."
-                location="top"
-            >
-                <template #activator="{ props }">
-                    <div v-bind="props" class="yandex-sso-wrap">
-                        <v-btn block size="large" variant="outlined" disabled>
-                            Войти через Yandex 360
-                        </v-btn>
-                    </div>
-                </template>
-            </v-tooltip>
-```
-
-В `<style scoped>` добавить после блока `.login-form { ... }`:
-
-```css
-.yandex-sso-wrap {
-    width: 100%;
-}
-```
-
-- [ ] **Step 4: Запустить тест — убедиться, что проходит**
-
-Run: `npx vitest run tests/Frontend/LoginView.spec.ts`
-Expected: PASS — все тесты файла (старые 6 + новый A1). Старый тест «содержит ... Yandex 360 SSO» проходит — текст кнопки сохранён.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/resources/js/views/auth/LoginView.vue app/tests/Frontend/LoginView.spec.ts
-git commit -m "feat(auth): A1 — Yandex 360 SSO disabled + tooltip (Sprint 5A)"
-```
-
----
-
-## Task 2: A4 — ResetPasswordView ошибка несовпадения паролей
-
-**Files:**
-
-- Modify: `app/resources/js/views/auth/ResetPasswordView.vue` (script + поле подтверждения, строки 110-118)
-- Test: `app/tests/Frontend/ResetPasswordView.spec.ts` (+1 тест)
-
-- [ ] **Step 1: Написать падающий тест**
-
-Добавить в `app/tests/Frontend/ResetPasswordView.spec.ts` внутрь `describe('ResetPasswordView.vue', ...)` после последнего `it`:
-
-```ts
-    it('A4: показывает ошибку при несовпадении пароля и подтверждения', async () => {
-        const wrapper = await mountReset();
-        const pwInputs = wrapper.findAll('input[type="password"]');
-        await pwInputs[0].setValue('new-strong-pass-1234');
-        await pwInputs[1].setValue('different-pass-9999');
-        await wrapper.vm.$nextTick();
-        expect(wrapper.text()).toContain('Пароли не совпадают');
-    });
-```
-
-- [ ] **Step 2: Запустить тест — убедиться, что падает**
-
-Run: `npx vitest run tests/Frontend/ResetPasswordView.spec.ts -t "A4"`
-Expected: FAIL — текст «Пароли не совпадают» отсутствует (у поля подтверждения нет `:error-messages`).
-
-- [ ] **Step 3: Реализация**
-
-В `app/resources/js/views/auth/ResetPasswordView.vue` в `<script setup>` добавить после объявления `canSubmit` (после строки 38, перед `async function handleSubmit`):
-
-```ts
-/**
- * Ошибка поля подтверждения: client-side проверка совпадения +
- * проброс backend-ошибки `password_confirmation` если придёт с 422.
- */
-const confirmationError = computed<string[]>(() => {
-    if (passwordConfirmation.value.length > 0 && password.value !== passwordConfirmation.value) {
-        return ['Пароли не совпадают'];
-    }
-    return errors.value.password_confirmation ?? [];
-});
-```
-
-В `<template>` заменить блок поля «Повторите пароль» (строки 110-118):
-
-```html
-            <v-text-field
-                v-model="passwordConfirmation"
-                label="Повторите пароль"
-                :type="showPassword ? 'text' : 'password'"
-                autocomplete="new-password"
-                variant="outlined"
-                density="comfortable"
-                required
-            />
-```
-
-на:
-
-```html
-            <v-text-field
-                v-model="passwordConfirmation"
-                label="Повторите пароль"
-                :type="showPassword ? 'text' : 'password'"
-                autocomplete="new-password"
-                variant="outlined"
-                density="comfortable"
-                required
-                :error-messages="confirmationError"
-            />
-```
-
-(`computed` уже импортирован — строка 17: `import { computed, ref } from 'vue';`.)
-
-- [ ] **Step 4: Запустить тест — убедиться, что проходит**
-
-Run: `npx vitest run tests/Frontend/ResetPasswordView.spec.ts`
-Expected: PASS — старые 5 тестов + новый A4. Тест «успешный submit» проходит: при совпадающих паролях `confirmationError` пустой.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/resources/js/views/auth/ResetPasswordView.vue app/tests/Frontend/ResetPasswordView.spec.ts
-git commit -m "feat(auth): A4 — ResetPassword ошибка несовпадения паролей (Sprint 5A)"
-```
-
----
-
-## Task 3: A5 — ForgotPasswordView regression-тест generic fallback
-
-> **NB:** Находка аудита A5 «fallback недостижим» **не воспроизводится** против текущего кода (`extractValidationErrors` возвращает строго `Record|null`; store сбрасывает `lockoutSeconds=null` в начале запроса). Эта задача — не TDD-фикс, а **характеризационный regression-тест**, фиксирующий, что generic-fallback показывается на не-валидационной/не-429 ошибке. Код view НЕ меняется.
-
-**Files:**
-
-- Test: `app/tests/Frontend/ForgotPasswordView.spec.ts` (+1 тест)
-- (правок в `ForgotPasswordView.vue` не предполагается)
-
-- [ ] **Step 1: Написать характеризационный тест**
-
-Добавить в `app/tests/Frontend/ForgotPasswordView.spec.ts` внутрь `describe('ForgotPasswordView.vue', ...)` после последнего `it`:
-
-```ts
-    it('A5: при не-валидационной ошибке (500/network) показывает generic fallback', async () => {
-        // forgotPassword отклоняется обычной ошибкой; extractValidationErrors и
-        // extractRateLimitRetry замоканы → null (см. vi.mock в шапке файла).
-        vi.mocked(authApi.forgotPassword).mockRejectedValue(new Error('Network Error'));
-
-        const wrapper = await mountForgot();
-        await wrapper.find('input[type="email"]').setValue('user@example.ru');
-        await wrapper.find('form').trigger('submit.prevent');
-        await wrapper.vm.$nextTick();
-        await wrapper.vm.$nextTick();
-
-        expect(wrapper.text()).toContain('Произошла ошибка. Попробуйте позже.');
-    });
-```
-
-- [ ] **Step 2: Запустить тест**
-
-Run: `npx vitest run tests/Frontend/ForgotPasswordView.spec.ts -t "A5"`
-Expected: **PASS** — поведение fallback корректно, находка не воспроизводится.
-
-- [ ] **Step 3: Развилка по результату Step 2**
-
-- **Если PASS** (ожидаемо) → A5 классифицируется как «verified — not reproduced»; код view не меняется; переходим к Step 4.
-- **Если FAIL** (неожиданно — реальный баг) → применить фикс в `app/resources/js/views/auth/ForgotPasswordView.vue`, заменив блок `catch` (строки 32-39):
-
-  ```ts
-      } catch (error: unknown) {
-          const validationErrors = extractValidationErrors(error);
-          if (validationErrors && Object.keys(validationErrors).length > 0) {
-              errors.value = validationErrors;
-          } else if (auth.lockoutSeconds === null) {
-              errors.value = { email: ['Произошла ошибка. Попробуйте позже.'] };
-          }
-      }
-  ```
-
-  Перезапустить Step 2 — добиться PASS, и `git add` также файл view.
-
-- [ ] **Step 4: Запустить весь файл — убедиться, что все проходят**
-
-Run: `npx vitest run tests/Frontend/ForgotPasswordView.spec.ts`
-Expected: PASS — старые 5 тестов + новый A5.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/tests/Frontend/ForgotPasswordView.spec.ts
-git commit -m "test(auth): A5 — regression generic fallback ForgotPassword (Sprint 5A)"
-```
-
-(При срабатывании развилки FAIL — добавить в `git add` также `app/resources/js/views/auth/ForgotPasswordView.vue` и заменить тип коммита на `fix(auth): A5 — ...`.)
-
----
-
-## Task 4: A6 — TwoFactorView реальный обратный отсчёт TOTP-окна
-
-**Files:**
-
-- Modify: `app/resources/js/views/auth/TwoFactorView.vue` (script: import + countdown-логика + onMounted/onUnmounted; template строка 129)
-- Test: `app/tests/Frontend/TwoFactorView.spec.ts` (+1 тест с fake timers)
-
-- [ ] **Step 1: Написать падающий тест**
-
-Добавить в `app/tests/Frontend/TwoFactorView.spec.ts` внутрь `describe('TwoFactorView.vue', ...)` после последнего `it`:
-
-```ts
-    it('A6: показывает реальный обратный отсчёт TOTP-окна (30 с)', async () => {
-        vi.useFakeTimers();
-        vi.setSystemTime(new Date(10_000)); // epoch 10 c → 30 - (10 % 30) = 20
-        try {
-            const wrapper = await mountTwoFactor();
-            const el = wrapper.find('[data-testid="totp-countdown"]');
-            expect(el.exists()).toBe(true);
-            expect(el.text()).toBe('00:20');
-
-            vi.setSystemTime(new Date(15_000)); // epoch 15 c → 30 - 15 = 15
-            vi.advanceTimersByTime(1000);
-            await wrapper.vm.$nextTick();
-            expect(el.text()).toBe('00:15');
-        } finally {
-            vi.useRealTimers();
-        }
-    });
-```
-
-В первой строке файла дополнить импорт vitest — `vi` сейчас не импортируется:
-
-```ts
-import { describe, it, expect } from 'vitest';
-```
-
-заменить на:
-
-```ts
-import { describe, it, expect, vi } from 'vitest';
-```
-
-- [ ] **Step 2: Запустить тест — убедиться, что падает**
-
-Run: `npx vitest run tests/Frontend/TwoFactorView.spec.ts -t "A6"`
-Expected: FAIL — элемент `[data-testid="totp-countdown"]` не существует (сейчас хардкод `02:34` без testid).
-
-- [ ] **Step 3: Реализация**
-
-В `app/resources/js/views/auth/TwoFactorView.vue` заменить строку 14 (импорт):
-
-```ts
-import { computed, nextTick, onMounted, ref, useTemplateRef } from 'vue';
-```
-
-на:
-
-```ts
-import { computed, nextTick, onMounted, onUnmounted, ref, useTemplateRef } from 'vue';
-```
-
-Заменить блок (строки 28-36) — `userEmail` + `onMounted`:
-
-```ts
-const userEmail = computed(() => auth.user?.email ?? 'аккаунт');
-
-// Если попали на /2fa без pending state (requires2fa=false и не залогинен) —
-// прямой URL без login → отправляем на /login.
-onMounted(() => {
-    if (!auth.requires2fa && !auth.isAuthenticated) {
-        router.replace('/login');
-    }
-});
-```
-
-на:
-
-```ts
-const userEmail = computed(() => auth.user?.email ?? 'аккаунт');
-
-/**
- * TOTP-окно: код в приложении-аутентификаторе меняется каждые 30 секунд.
- * Показываем честный обратный отсчёт до смены кода (заменяет хардкод «02:34»).
- * Значение 30..1 секунд, формат «00:NN».
- */
-function totpWindowLeft(): number {
-    return 30 - (Math.floor(Date.now() / 1000) % 30);
-}
-const totpSecondsLeft = ref(totpWindowLeft());
-const totpCountdown = computed(() => `00:${String(totpSecondsLeft.value).padStart(2, '0')}`);
-let totpTimer: ReturnType<typeof setInterval> | undefined;
-
-// Если попали на /2fa без pending state (requires2fa=false и не залогинен) —
-// прямой URL без login → отправляем на /login.
-onMounted(() => {
-    if (!auth.requires2fa && !auth.isAuthenticated) {
-        router.replace('/login');
-    }
-    totpTimer = setInterval(() => {
-        totpSecondsLeft.value = totpWindowLeft();
-    }, 1000);
-});
-
-onUnmounted(() => {
-    if (totpTimer) clearInterval(totpTimer);
-});
-```
-
-В `<template>` заменить строку 129:
-
-```html
-                <span class="text-caption text-medium-emphasis font-mono">02:34</span>
-```
-
-на:
-
-```html
-                <span
-                    class="text-caption text-medium-emphasis font-mono"
-                    :title="`До смены кода в приложении: ${totpCountdown}`"
-                    data-testid="totp-countdown"
-                    >{{ totpCountdown }}</span
-                >
-```
-
-- [ ] **Step 4: Запустить тест — убедиться, что проходит**
-
-Run: `npx vitest run tests/Frontend/TwoFactorView.spec.ts`
-Expected: PASS — старые 3 теста + новый A6. Старые тесты используют реальные таймеры; `setInterval` чистится через `onUnmounted` при teardown.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/resources/js/views/auth/TwoFactorView.vue app/tests/Frontend/TwoFactorView.spec.ts
-git commit -m "feat(auth): A6 — реальный обратный отсчёт TOTP-окна в 2FA (Sprint 5A)"
-```
-
----
-
-## Task 5: A8 — DemoSeeder re-seed script + README + idempotency-тест
-
-**Files:**
-
-- Create: `app/tests/Feature/DemoSeederTest.php`
-- Modify: `app/composer.json` (блок `scripts`)
-- Modify: `app/README.md` (+раздел «Демо-данные»)
-
-- [ ] **Step 1: Написать падающий тест**
-
-Создать `app/tests/Feature/DemoSeederTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Tenant;
-use App\Models\User;
-use Database\Seeders\DemoSeeder;
-use Illuminate\Foundation\Testing\RefreshDatabase;
-
-uses(RefreshDatabase::class);
-
-it('DemoSeeder идемпотентен — повторный запуск не дублирует demo-tenant и admin', function () {
-    $this->seed(DemoSeeder::class);
-    $this->seed(DemoSeeder::class);
-
-    expect(Tenant::query()->where('subdomain', 'demo')->count())->toBe(1)
-        ->and(User::query()->where('email', 'admin@demo.local')->count())->toBe(1);
-});
-```
-
-- [ ] **Step 2: Запустить тест — убедиться, что он есть и проходит/падает осознанно**
-
-Run: `php artisan test tests/Feature/DemoSeederTest.php`
-Expected: **PASS** — DemoSeeder уже идемпотентен (`updateOrCreate`/`updateOrInsert`). Тест фиксирует это как регрессионную защиту «re-seed скрипта».
-Если FAIL — значит сидер не идемпотентен; это реальный баг, исправить `DemoSeeder.php` (привести вставки к `updateOrInsert` с ключом `tenant_id`+`name`) и добиться PASS.
-
-- [ ] **Step 3: Добавить composer-script `demo:seed`**
-
-В `app/composer.json` в блоке `"scripts"` добавить строку после `"audit-offline"`:
-
-Заменить:
-
-```json
-        "audit-offline": "@composer audit --locked",
-        "ide-helper": [
-```
-
-на:
-
-```json
-        "audit-offline": "@composer audit --locked",
-        "demo:seed": "@php artisan db:seed --class=DemoSeeder --force",
-        "ide-helper": [
-```
-
-- [ ] **Step 4: Добавить раздел в `app/README.md`**
-
-Дописать в конец файла `app/README.md` раздел:
-
-```markdown
-## Демо-данные (dev)
-
-Демо-tenant создаётся `DemoSeeder` автоматически при `composer setup` /
-`php artisan migrate --seed` в окружениях `local` и `testing`
-(см. `DatabaseSeeder` — в `production` DemoSeeder не запускается).
-
-**Учётные данные демо-входа:**
-
-- URL: `/login`
-- Email: `admin@demo.local`
-- Пароль: `password`
-
-Что создаётся: demo-tenant (`subdomain=demo`, баланс 1000 ₽ / 100 лидов),
-admin-пользователь, 3 проекта (сайт/звонок/СМС) и ~14 демо-сделок.
-
-**Пере-сидировать демо-данные** (идемпотентно, существующие записи обновляются,
-дублей не создаётся):
-
-```bash
-composer demo:seed
-```
-
-Эквивалент: `php artisan db:seed --class=DemoSeeder --force`.
-
-Если при логине демо-аккаунта возвращается 422 — демо-данные не засеяны
-на текущей dev-БД (например, после `migrate:fresh`); запустите `composer demo:seed`.
-
-```
-
-- [ ] **Step 5: Проверить `demo:seed` вручную + запустить тест**
-
-Run: `composer demo:seed`
-Expected: вывод содержит `Demo tenant id=... subdomain=demo` и `Login: admin@demo.local / password`.
-
-Run: `php artisan test tests/Feature/DemoSeederTest.php`
-Expected: PASS.
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/tests/Feature/DemoSeederTest.php app/composer.json app/README.md
-git commit -m "feat(dev): A8 — composer demo:seed + README демо-данные + idempotency-тест (Sprint 5A)"
-```
-
----
-
-## Task 6: Регрессия Sprint 5A
-
-**Files:** нет правок — финальный gate.
-
-- [ ] **Step 1: Полный Vitest**
-
-Run (из `app/`): `npm run test:vue`
-Expected: все файлы зелёные, 0 failed (4 новых теста A1/A4/A5/A6 + дельта).
-
-- [ ] **Step 2: Полный Pest**
-
-Run (из `app/`): `php artisan test`
-Expected: 0 failed (новый `DemoSeederTest` зелёный).
-
-- [ ] **Step 3: Type-check + lint + формат**
-
-Run (из `app/`):
-
-```
-npm run type-check
-npm run lint:vue
-composer pint
-```
-
-Expected: vue-tsc 0 ошибок; ESLint 0 ошибок; Pint без изменений (или авто-формат закоммитить отдельным `style:`-коммитом).
-
-- [ ] **Step 4: Зафиксировать результат**
-
-Выписать в финальный отчёт фактические числа Pest/Vitest (passed/failed/skipped) с указанием дельты. Если что-то красное — НЕ заявлять Sprint 5A закрытым; чинить по `superpowers:systematic-debugging`.
-
----
-
-## Self-Review
-
-**1. Spec coverage:** A1 ✅ T1 / A4 ✅ T2 / A5 ✅ T3 (re-classified verify) / A6 ✅ T4 / A8 ✅ T5. Все 5 эпиков раздела A из аудита §3 Sprint 5 покрыты.
-
-**2. Placeholder scan:** код приведён полностью в каждом шаге; команды и Expected — конкретны. Развилка T3 Step 3 содержит готовый фикс-код, не «TODO». Раздел README — полный текст.
-
-**3. Type consistency:** `confirmationError` (T2) — `computed<string[]>`, совместим с `:error-messages`. `totpWindowLeft()`/`totpSecondsLeft`/`totpCountdown`/`totpTimer` (T4) — имена консистентны между script и template (`data-testid="totp-countdown"` ↔ тест T4 Step 1). `mountLoginView`/`mountReset`/`mountForgot`/`mountTwoFactor` — существующие хелперы spec-файлов, не переопределяются.
-
-**Известное ограничение:** A5 — задача-характеризация, не фикс (находка аудита не воспроизводится). При закрытии Sprint 5A зафиксировать статус A5 как «verified — not reproduced» в отчёте/реестре.
diff --git a/docs/superpowers/plans/2026-05-17-deals-page-redesign.md b/docs/superpowers/plans/2026-05-17-deals-page-redesign.md
deleted file mode 100644
index 60ecce7..0000000
--- a/docs/superpowers/plans/2026-05-17-deals-page-redesign.md
+++ /dev/null
@@ -1,2831 +0,0 @@
-# Редизайн страницы «Сделки» — план реализации
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Превратить страницу «Сделки» из CRM с ручным созданием/корзиной в реестр лидов, поставленных crm.bp: новые колонки, фильтры, экспорт по диапазону дат, пагинация, master-detail панель; воронку статусов 14 → 5.
-
-**Architecture:** Две фазы. **Фаза A** — редизайн страницы (frontend + `DealController@index` + `DealExportController`), работает на текущем наборе из 14 статусов. **Фаза B** — схлопывание воронки 14 → 5 (схема + миграция + Канбан + маппинг импорта). Фаза B стартует ПОСЛЕ гейта подтверждения slug'ов. Фильтрация и пагинация — server-side через `GET /api/deals`. Панель деталей — общий `DealDetailBody.vue`, обёрнутый либо в overlay-дровер (Канбан), либо в inline-`<aside>` (Сделки).
-
-**Tech Stack:** Laravel 13 / PHP 8.3, Vue 3 + Vuetify 3, PostgreSQL 16 (партиционированная `deals`), Pest 4, Vitest, OpenSpout (экспорт).
-
-**Спека:** `docs/superpowers/specs/2026-05-17-deals-page-redesign-design.md`.
-
----
-
-## Контекст и ограничения
-
-- **Laravel-корень вложен** — приложение в `app/app/...`, тесты в `app/tests/...`, фронт в `app/resources/js/...`.
-- **`MockDeal`** (`composables/mockDeals.ts`) используется и страницей «Сделки», и Канбаном — новые поля добавляются **опциональными**, чтобы не ломать Канбан.
-- **Backend `store`/`destroy`/`restore`** (ручное создание, soft-delete) — **остаются в коде** (`DealController`, `DealBulkActionController`, маршруты, тесты `DealCreate/Destroy/Restore`). Из UI они убираются; удаление самих endpoint'ов — вне scope (отдельная чистка).
-- **Колонка «Город»** — рендерится `—`, фильтр-селект пуст/disabled. Источник данных — открытый вопрос §4 спеки, вне реализации.
-- **Без push.** Коммитить только атомарно по задачам. Хуки не обходить.
-- TDD: failing-тест → запуск (RED) → реализация → запуск (GREEN) → коммит. После логического блока — relevant Vitest/Pest; перед коммитом — pre-commit.
-
-## Структура файлов
-
-**Фаза A — изменяются:**
-
-- `app/resources/js/composables/mockDeals.ts` — расширить `MockDeal` (city/comment/signalType/receivedAt/nextReminderAt); удалить `DEALS_TABS`/`DealsTab` (после A6+A10).
-- `app/resources/js/api/deals.ts` — `ApiDeal` +4 поля, `ListDealsParams` +date-range, `exportDealsByRange()`.
-- `app/resources/js/composables/dealsApiMapper.ts` — `mapApiDeal` заполняет новые поля.
-- `app/app/Http/Controllers/Api/DealController.php` — `index`: фильтр `received_at` BETWEEN, в payload `comment`/`city`/`project_signal_type`/`next_reminder_at`.
-- `app/app/Http/Controllers/Api/DealExportController.php` — экспорт по диапазону дат вместо `ids`.
-- `app/resources/js/components/deals/DealsFilters.vue` — переписать (поиск по телефону, Статус, Проект, Город).
-- `app/resources/js/components/deals/DealsTable.vue` — новый набор колонок.
-- `app/resources/js/components/deals/DealsBulkBar.vue` — только смена статуса.
-- `app/resources/js/components/deals/DealDetailDrawer.vue` — тонкая обёртка (overlay/inline).
-- `app/resources/js/views/DealsView.vue` — полный переписанный экран.
-
-**Фаза A — создаются:**
-
-- `app/resources/js/components/deals/DealDetailBody.vue` — извлечённое тело панели сделки.
-- `app/tests/Feature/DealExportTest.php` — тесты экспорта по диапазону дат.
-
-**Фаза B — изменяются:**
-
-- `db/schema.sql` (seed `lead_statuses`) + `db/CHANGELOG_schema.md`.
-- `app/database/migrations/2026_05_17_120000_deals_funnel_14_to_5_statuses.php` (новый).
-- `app/resources/js/composables/leadStatuses.ts` — `LEAD_STATUSES` 14 → 5.
-- `app/resources/js/composables/useStatusPill.ts` — +`viewed`/`lost`.
-- `app/app/Services/Import/StatusRuToSlugMapper.php` — маппинг под 5.
-- `app/resources/js/composables/mockDeals.ts` (`MOCK_DEALS` slug'и), `app/database/factories/DealFactory.php`, тесты со старыми slug'ами.
-
----
-
-## ФАЗА A — редизайн страницы
-
-### Task A1: Расширить тип `MockDeal`
-
-**Files:**
-
-- Modify: `app/resources/js/composables/mockDeals.ts:10-19`
-- Test: `app/tests/Frontend/dealsApiMapper.spec.ts`
-
-- [ ] **Step 1: Расширить интерфейс `MockDeal`**
-
-В `mockDeals.ts` заменить блок интерфейса (строки 10-19) на:
-
-```ts
-export interface MockDeal {
-    id: number;
-    name: string;
-    phone: string;
-    statusSlug: LeadStatus['slug'];
-    project: string;
-    manager: { initials: string; name: string };
-    cost: number;
-    receivedMinutesAgo: number;
-    // Редизайн «Сделки» (2026-05-17). Опциональны — Канбан/MOCK_DEALS не трогаем.
-    signalType?: 'call' | 'site' | 'sms' | null;
-    city?: string | null;
-    comment?: string | null;
-    receivedAt?: string | null; // ISO — колонка «Поставлен»
-    nextReminderAt?: string | null; // ISO — колонка «Напоминание»
-}
-```
-
-`DEALS_TABS`, `DealsTab`, `MOCK_DEALS`, `MOCK_PROJECTS`, `MOCK_MANAGERS` — НЕ трогать в этой задаче.
-
-- [ ] **Step 2: Проверить компиляцию типов**
-
-Run: `cd app; npx vue-tsc --noEmit -p tsconfig.json`
-Expected: 0 ошибок (поля опциональны — существующий код валиден).
-
-- [ ] **Step 3: Запустить Vitest по затронутому**
-
-Run: `cd app; npx vitest run tests/Frontend/dealsApiMapper.spec.ts tests/Frontend/DealsTable.spec.ts`
-Expected: PASS (аддитивное изменение).
-
-- [ ] **Step 4: Commit**
-
-```bash
-git add app/resources/js/composables/mockDeals.ts
-git commit -m "feat(deals): extend MockDeal with city/comment/signalType/receivedAt/nextReminderAt"
-```
-
-### Task A2: Расширить `api/deals.ts`
-
-**Files:**
-
-- Modify: `app/resources/js/api/deals.ts`
-- Test: `app/tests/Frontend/deals-api.spec.ts`
-
-- [ ] **Step 1: Расширить `ApiDeal`**
-
-В `api/deals.ts` в интерфейс `ApiDeal` (строки 133-145) добавить 4 поля перед закрывающей `}`:
-
-```ts
-    comment: string | null;
-    city: string | null;
-    project_signal_type: string | null;
-    next_reminder_at: string | null;
-```
-
-- [ ] **Step 2: Расширить `ListDealsParams`**
-
-В `ListDealsParams` (строки 172-182) добавить после `search?: string;`:
-
-```ts
-    /** Диапазон дат поставки (received_at). ISO-дата 'YYYY-MM-DD'. */
-    receivedFrom?: string;
-    receivedTo?: string;
-```
-
-В `listDeals()` (строки 191-205) в объект `params` добавить:
-
-```ts
-            received_from: params.receivedFrom,
-            received_to: params.receivedTo,
-```
-
-- [ ] **Step 3: Добавить `exportDealsByRange()`**
-
-После функции `exportDealsXlsx` (после строки 131) добавить:
-
-```ts
-export interface ExportDealsByRangePayload {
-    tenant_id: number;
-    received_from?: string;
-    received_to?: string;
-    format: 'csv' | 'xlsx';
-}
-
-/**
- * Экспорт сделок по диапазону дат поставки. format='xlsx' → Blob, 'csv' → строка.
- */
-export async function exportDealsByRange(payload: ExportDealsByRangePayload): Promise<Blob | string> {
-    await ensureCsrfCookie();
-    if (payload.format === 'xlsx') {
-        const { data } = await apiClient.post<Blob>('/api/deals/export', payload, { responseType: 'blob' });
-        return data;
-    }
-    const { data } = await apiClient.post<string>('/api/deals/export', payload, { responseType: 'text' });
-    return data;
-}
-```
-
-Старые `exportDeals`/`exportDealsXlsx` пока **оставить** (удаляются в Task A10).
-
-- [ ] **Step 4: Проверить типы и тесты**
-
-Run: `cd app; npx vue-tsc --noEmit -p tsconfig.json; npx vitest run tests/Frontend/deals-api.spec.ts`
-Expected: 0 ошибок типов; PASS (аддитивно).
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/resources/js/api/deals.ts
-git commit -m "feat(deals): api/deals — ApiDeal +4 fields, date-range list params, exportDealsByRange"
-```
-
-### Task A3: `mapApiDeal` заполняет новые поля
-
-**Files:**
-
-- Modify: `app/resources/js/composables/dealsApiMapper.ts:60-77`
-- Test: `app/tests/Frontend/dealsApiMapper.spec.ts`
-
-- [ ] **Step 1: Failing-тест**
-
-В `tests/Frontend/dealsApiMapper.spec.ts` добавить тест (в конец describe-блока для `mapApiDeal`; если файл — плоский набор `test()`, добавить в конец файла):
-
-```ts
-test('mapApiDeal переносит city/comment/signalType/receivedAt/nextReminderAt', () => {
-    const iso = '2026-05-15T09:00:00+00:00';
-    const result = mapApiDeal({
-        id: 7,
-        tenant_id: 1,
-        project_id: 2,
-        project_name: 'Окна',
-        phone: '+7 999 000-00-00',
-        contact_name: null,
-        status: 'new',
-        manager_id: null,
-        manager_name: null,
-        manager_initials: null,
-        received_at: iso,
-        comment: 'звонил клиент',
-        city: 'Москва',
-        project_signal_type: 'call',
-        next_reminder_at: iso,
-    });
-    expect(result.city).toBe('Москва');
-    expect(result.comment).toBe('звонил клиент');
-    expect(result.signalType).toBe('call');
-    expect(result.receivedAt).toBe(iso);
-    expect(result.nextReminderAt).toBe(iso);
-});
-```
-
-- [ ] **Step 2: Запустить — RED**
-
-Run: `cd app; npx vitest run tests/Frontend/dealsApiMapper.spec.ts`
-Expected: FAIL — `city`/`comment`/`signalType` undefined.
-
-- [ ] **Step 3: Реализация**
-
-В `dealsApiMapper.ts` в `mapApiDeal` (return-объект, строки 64-76) добавить перед закрывающей `};` после `receivedMinutesAgo`:
-
-```ts
-        signalType: (api.project_signal_type as MockDeal['signalType']) ?? null,
-        city: api.city,
-        comment: api.comment,
-        receivedAt: api.received_at,
-        nextReminderAt: api.next_reminder_at,
-```
-
-- [ ] **Step 4: Запустить — GREEN**
-
-Run: `cd app; npx vitest run tests/Frontend/dealsApiMapper.spec.ts`
-Expected: PASS.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/resources/js/composables/dealsApiMapper.ts app/tests/Frontend/dealsApiMapper.spec.ts
-git commit -m "feat(deals): mapApiDeal maps city/comment/signalType/receivedAt/nextReminderAt"
-```
-
-### Task A4: `DealController@index` — фильтр по диапазону дат + новые поля payload
-
-**Files:**
-
-- Modify: `app/app/Http/Controllers/Api/DealController.php`
-- Test: `app/tests/Feature/DealIndexTest.php`
-
-- [ ] **Step 1: Failing-тесты**
-
-В `tests/Feature/DealIndexTest.php` добавить в конец файла:
-
-```php
-test('GET /api/deals фильтрует по received_from/received_to', function () {
-    Deal::factory()->for($this->tenant)->for($this->project)->create(['received_at' => '2026-05-10 12:00:00']);
-    Deal::factory()->for($this->tenant)->for($this->project)->create(['received_at' => '2026-05-15 12:00:00']);
-    Deal::factory()->for($this->tenant)->for($this->project)->create(['received_at' => '2026-05-20 12:00:00']);
-
-    $r = $this->getJson('/api/deals?received_from=2026-05-12&received_to=2026-05-16');
-
-    expect($r->json('total'))->toBe(1);
-});
-
-test('GET /api/deals received_to включает весь день (конец дня)', function () {
-    Deal::factory()->for($this->tenant)->for($this->project)->create(['received_at' => '2026-05-16 23:30:00']);
-
-    expect($this->getJson('/api/deals?received_to=2026-05-16')->json('total'))->toBe(1);
-});
-
-test('GET /api/deals возвращает comment/city/project_signal_type/next_reminder_at', function () {
-    $this->project->update(['signal_type' => 'call', 'signal_identifier' => '79990001122']);
-    $deal = Deal::factory()->for($this->tenant)->for($this->project)->create([
-        'comment' => 'перезвонить',
-        'city' => 'Казань',
-    ]);
-
-    $r = $this->getJson('/api/deals');
-
-    expect($r->json('deals.0.comment'))->toBe('перезвонить');
-    expect($r->json('deals.0.city'))->toBe('Казань');
-    expect($r->json('deals.0.project_signal_type'))->toBe('call');
-    expect($r->json('deals.0'))->toHaveKey('next_reminder_at');
-});
-```
-
-- [ ] **Step 2: Запустить — RED**
-
-Run: `cd app; php artisan test --filter=DealIndexTest`
-Expected: FAIL — date-фильтр игнорируется, ключей `comment`/`city`/`project_signal_type` нет.
-
-- [ ] **Step 3: Реализация — импорт Carbon**
-
-В `DealController.php` после `use Illuminate\Support\Facades\DB;` (строка 16) добавить:
-
-```php
-use Illuminate\Support\Carbon;
-```
-
-- [ ] **Step 4: Реализация — чтение date-параметров**
-
-В `index()` после строки `$cursorRaw = (string) $request->query('cursor', '');` (строка 66) добавить:
-
-```php
-        $receivedFrom = trim((string) $request->query('received_from', ''));
-        $receivedTo = trim((string) $request->query('received_to', ''));
-```
-
-Расширить сигнатуру замыкания `DB::transaction(function () use (...))` (строка 84) — добавить `$receivedFrom, $receivedTo` в `use(...)`.
-
-- [ ] **Step 5: Реализация — select с subquery + eager-load signal_type**
-
-В замыкании заменить блок построения `$query` (строки 94-96) на:
-
-```php
-            $query = Deal::query()
-                ->select('deals.*')
-                ->addSelect(['next_reminder_at' => DB::table('reminders')
-                    ->select('remind_at')
-                    ->whereColumn('reminders.deal_id', 'deals.id')
-                    ->whereNull('reminders.completed_at')
-                    ->orderBy('remind_at')
-                    ->limit(1),
-                ])
-                ->where('tenant_id', $tenantId)
-                ->with(['project:id,name,signal_type', 'manager:id,email,first_name,last_name']);
-```
-
-- [ ] **Step 6: Реализация — применить date-фильтр**
-
-После блока `if ($search !== '') { ... }` (после строки 117) добавить:
-
-```php
-            if ($receivedFrom !== '') {
-                $query->where('received_at', '>=', Carbon::parse($receivedFrom)->startOfDay());
-            }
-            if ($receivedTo !== '') {
-                // received_to включительно — до конца дня (+1 день, строгое <).
-                $query->where('received_at', '<', Carbon::parse($receivedTo)->addDay()->startOfDay());
-            }
-```
-
-- [ ] **Step 7: Реализация — новые поля в payload**
-
-В `$payload['deals']` mapping (строки 174-190) добавить после `'received_at' => $d->received_at?->toIso8601String(),`:
-
-```php
-                'comment' => $d->comment,
-                'city' => $d->city,
-                'project_signal_type' => $d->project?->signal_type,
-                'next_reminder_at' => $d->next_reminder_at
-                    ? Carbon::parse($d->next_reminder_at)->toIso8601String()
-                    : null,
-```
-
-- [ ] **Step 8: Запустить — GREEN**
-
-Run: `cd app; php artisan test --filter=DealIndexTest`
-Expected: PASS (все, включая прежние тесты).
-
-- [ ] **Step 9: Commit**
-
-```bash
-git add app/app/Http/Controllers/Api/DealController.php app/tests/Feature/DealIndexTest.php
-git commit -m "feat(deals): DealController@index — received_at date-range filter + comment/city/signal_type/next_reminder_at"
-```
-
-### Task A5: `DealExportController` — экспорт по диапазону дат
-
-**Files:**
-
-- Modify: `app/app/Http/Controllers/Api/DealExportController.php`
-- Create: `app/tests/Feature/DealExportTest.php`
-
-- [ ] **Step 1: Failing-тест — создать `DealExportTest.php`**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Deal;
-use App\Models\Project;
-use App\Models\Tenant;
-use App\Models\User;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\DB;
-
-uses(DatabaseTransactions::class);
-
-beforeEach(function () {
-    $this->tenant = Tenant::factory()->create();
-    $this->user = User::factory()->for($this->tenant)->create();
-    $this->actingAs($this->user);
-    DB::statement('SET app.current_tenant_id = '.$this->tenant->id);
-    $this->project = Project::factory()->for($this->tenant)->create(['name' => 'Окна Москва']);
-});
-
-test('POST /api/deals/export требует auth', function () {
-    auth()->logout();
-    $this->postJson('/api/deals/export', ['format' => 'csv'])->assertStatus(401);
-});
-
-test('POST /api/deals/export csv возвращает сделки в диапазоне дат', function () {
-    Deal::factory()->for($this->tenant)->for($this->project)->create([
-        'phone' => '+7 999 111-11-11', 'received_at' => '2026-05-15 10:00:00',
-    ]);
-    Deal::factory()->for($this->tenant)->for($this->project)->create([
-        'phone' => '+7 999 222-22-22', 'received_at' => '2026-05-25 10:00:00',
-    ]);
-
-    $r = $this->post('/api/deals/export', [
-        'received_from' => '2026-05-14', 'received_to' => '2026-05-16', 'format' => 'csv',
-    ]);
-
-    $r->assertStatus(200);
-    $r->assertHeader('content-type', 'text/csv; charset=utf-8');
-    $body = $r->streamedContent();
-    expect($body)->toContain('+7 999 111-11-11');
-    expect($body)->not->toContain('+7 999 222-22-22');
-});
-
-test('POST /api/deals/export xlsx отдаёт spreadsheet content-type', function () {
-    Deal::factory()->for($this->tenant)->for($this->project)->create(['received_at' => '2026-05-15 10:00:00']);
-
-    $r = $this->post('/api/deals/export', ['format' => 'xlsx']);
-
-    $r->assertStatus(200);
-    $r->assertHeader('content-type', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet');
-});
-
-test('POST /api/deals/export не экспортирует чужой tenant (RLS)', function () {
-    $other = Tenant::factory()->create();
-    DB::statement('SET app.current_tenant_id = '.$other->id);
-    $foreignProject = Project::factory()->for($other)->create();
-    Deal::factory()->for($other)->for($foreignProject)->create(['phone' => '+7 900 000-00-00']);
-
-    DB::statement('SET app.current_tenant_id = '.$this->tenant->id);
-    $r = $this->post('/api/deals/export', ['format' => 'csv']);
-
-    expect($r->streamedContent())->not->toContain('+7 900 000-00-00');
-});
-```
-
-- [ ] **Step 2: Запустить — RED**
-
-Run: `cd app; php artisan test --filter=DealExportTest`
-Expected: FAIL — контроллер требует `ids`, валидация падает (422) / содержимое не совпадает.
-
-- [ ] **Step 3: Реализация — переписать `DealExportController.php`**
-
-Полностью заменить файл на:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Http\Controllers\Api;
-
-use App\Http\Controllers\Controller;
-use App\Models\Deal;
-use Illuminate\Http\Request;
-use Illuminate\Support\Carbon;
-use Illuminate\Support\Facades\DB;
-use OpenSpout\Common\Entity\Row;
-use OpenSpout\Common\Entity\Style\Style;
-use OpenSpout\Writer\CSV\Options as CsvOptions;
-use OpenSpout\Writer\CSV\Writer as CsvWriter;
-use OpenSpout\Writer\XLSX\Writer as XlsxWriter;
-use Symfony\Component\HttpFoundation\StreamedResponse;
-
-/**
- * Экспорт сделок в CSV / XLSX через OpenSpout streaming.
- *
- * Редизайн «Сделки» (2026-05-17): экспорт по ДИАПАЗОНУ ДАТ поставки
- * (received_at), не по списку id. Окно задаётся received_from/received_to;
- * оба опциональны (пусто = весь период). Колонки соответствуют таблице
- * страницы (без чекбокса и без «Напоминание» — экспорт = дамп лидов).
- *
- * RLS-обёртка SET LOCAL внутри транзакции (PgBouncer-safe).
- */
-class DealExportController extends Controller
-{
-    /** Заголовки — общие для CSV и XLSX. */
-    private const HEADERS = ['Телефон', 'Источник', 'Город', 'Статус', 'Комментарий', 'Поставлен'];
-
-    /** signal_type → русская метка для колонки «Источник». */
-    private const SIGNAL_LABELS = ['call' => 'Звонки', 'site' => 'Сайт', 'sms' => 'СМС'];
-
-    public function export(Request $request): StreamedResponse
-    {
-        $validated = $request->validate([
-            'received_from' => 'nullable|date',
-            'received_to' => 'nullable|date',
-            'format' => 'nullable|string|in:csv,xlsx',
-        ]);
-
-        $tenantId = (int) $request->user()->tenant_id;
-        $format = $validated['format'] ?? 'csv';
-        $from = isset($validated['received_from']) && $validated['received_from'] !== ''
-            ? Carbon::parse($validated['received_from'])->startOfDay() : null;
-        $to = isset($validated['received_to']) && $validated['received_to'] !== ''
-            ? Carbon::parse($validated['received_to'])->addDay()->startOfDay() : null;
-
-        $filename = 'deals_export_'.now()->format('Y-m-d').'.'.$format;
-        $headers = $format === 'xlsx'
-            ? [
-                'Content-Type' => 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
-                'Content-Disposition' => 'attachment; filename="'.$filename.'"',
-            ]
-            : [
-                'Content-Type' => 'text/csv; charset=utf-8',
-                'Content-Disposition' => 'attachment; filename="'.$filename.'"',
-            ];
-
-        return new StreamedResponse(function () use ($tenantId, $format, $from, $to) {
-            DB::transaction(function () use ($tenantId, $format, $from, $to) {
-                DB::statement('SET LOCAL app.current_tenant_id = '.$tenantId);
-
-                $statusNames = DB::table('lead_statuses')->pluck('name_ru', 'slug');
-
-                $writer = $this->openWriter($format);
-                $writer->openToFile('php://output');
-
-                if ($format === 'xlsx') {
-                    /** @var XlsxWriter $writer */
-                    $writer->getCurrentSheet()->setName('Сделки');
-                    $writer->addRow(Row::fromValuesWithStyle(self::HEADERS, (new Style)->withFontBold(true)));
-                } else {
-                    $writer->addRow(Row::fromValues(self::HEADERS));
-                }
-
-                $query = Deal::query()
-                    ->where('tenant_id', $tenantId)
-                    ->with('project:id,name,signal_type')
-                    ->orderByDesc('received_at');
-                if ($from !== null) {
-                    $query->where('received_at', '>=', $from);
-                }
-                if ($to !== null) {
-                    $query->where('received_at', '<', $to);
-                }
-
-                $query->chunkById(500, function ($deals) use ($writer, $statusNames) {
-                    foreach ($deals as $deal) {
-                        /** @var Deal $deal */
-                        $signal = $deal->project?->signal_type;
-                        $source = trim(($deal->project?->name ?? '—').' · '
-                            .(self::SIGNAL_LABELS[$signal] ?? '—'));
-                        $writer->addRow(Row::fromValues([
-                            (string) $deal->phone,
-                            $source,
-                            (string) ($deal->city ?? ''),
-                            (string) ($statusNames[$deal->status] ?? $deal->status),
-                            (string) ($deal->comment ?? ''),
-                            $deal->received_at?->toDateTimeString() ?? '',
-                        ]));
-                    }
-                }, 'id');
-
-                $writer->close();
-            });
-        }, 200, $headers);
-    }
-
-    private function openWriter(string $format): CsvWriter|XlsxWriter
-    {
-        if ($format === 'xlsx') {
-            return new XlsxWriter;
-        }
-
-        return new CsvWriter(new CsvOptions(
-            FIELD_DELIMITER: ';',
-            FIELD_ENCLOSURE: '"',
-            SHOULD_ADD_BOM: true,
-        ));
-    }
-}
-```
-
-- [ ] **Step 4: Запустить — GREEN**
-
-Run: `cd app; php artisan test --filter=DealExportTest`
-Expected: PASS.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/app/Http/Controllers/Api/DealExportController.php app/tests/Feature/DealExportTest.php
-git commit -m "feat(deals): DealExportController — export by delivery-date range, lead-registry columns"
-```
-
-### Task A6: `DealsFilters.vue` — переписать (телефон, Статус, Проект, Город)
-
-**Files:**
-
-- Modify: `app/resources/js/components/deals/DealsFilters.vue` (полная замена)
-- Test: `app/tests/Frontend/DealsFilters.spec.ts` (создать)
-
-Контракт: stateless presentation, состояние держит родитель через `v-model:*`. Все четыре фильтра — single-select (`string|number|null`). Проект — `id`, опции `{id,name}`. Город — `string`, опции из `availableCities` (сейчас пусто → select disabled).
-
-- [ ] **Step 1: Failing-тест — создать `DealsFilters.spec.ts`**
-
-```ts
-import { describe, it, expect } from 'vitest';
-import { mount } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-import DealsFilters from '../../resources/js/components/deals/DealsFilters.vue';
-
-const vuetify = createVuetify();
-const baseProps = {
-    searchPhone: '',
-    filterStatus: null,
-    filterProject: null,
-    filterCity: null,
-    leadStatuses: [{ slug: 'new', nameRu: 'Новые', isSystem: true, sortOrder: 1, colorHex: '#000' }],
-    availableProjects: [{ id: 1, name: 'Окна' }],
-    availableCities: [] as string[],
-};
-
-describe('DealsFilters', () => {
-    it('рендерит поле поиска по телефону', () => {
-        const w = mount(DealsFilters, { props: baseProps, global: { plugins: [vuetify] } });
-        expect(w.find('[data-testid="filter-search-phone"]').exists()).toBe(true);
-    });
-
-    it('эмитит update:searchPhone при вводе', async () => {
-        const w = mount(DealsFilters, { props: baseProps, global: { plugins: [vuetify] } });
-        await w.find('[data-testid="filter-search-phone"] input').setValue('999');
-        expect(w.emitted('update:searchPhone')?.at(-1)).toEqual(['999']);
-    });
-
-    it('город-селект disabled при пустом availableCities', () => {
-        const w = mount(DealsFilters, { props: baseProps, global: { plugins: [vuetify] } });
-        expect(w.find('[data-testid="filter-city"]').classes()).toContain('v-input--disabled');
-    });
-
-    it('кнопка сброса видна когда есть активный фильтр', () => {
-        const w = mount(DealsFilters, {
-            props: { ...baseProps, filterStatus: 'new' },
-            global: { plugins: [vuetify] },
-        });
-        expect(w.find('[data-testid="clear-filters-btn"]').exists()).toBe(true);
-    });
-});
-```
-
-- [ ] **Step 2: Запустить — RED**
-
-Run: `cd app; npx vitest run tests/Frontend/DealsFilters.spec.ts`
-Expected: FAIL — компонент ещё старый (нет `filter-search-phone`).
-
-- [ ] **Step 3: Реализация — переписать `DealsFilters.vue`**
-
-```vue
-<script setup lang="ts">
-/**
- * Фильтр-бар реестра «Сделки»: поиск по телефону + 3 select'а (Статус, Проект,
- * Город). Состояние держит родитель через v-model:*. Город — пока без данных
- * (источник §4 спеки не определён): select disabled при пустом availableCities.
- */
-import type { LeadStatus } from '../../composables/leadStatuses';
-
-const props = defineProps<{
-    searchPhone: string;
-    filterStatus: string | null;
-    filterProject: number | null;
-    filterCity: string | null;
-    leadStatuses: LeadStatus[];
-    availableProjects: { id: number; name: string }[];
-    availableCities: string[];
-}>();
-
-defineEmits<{
-    'update:searchPhone': [value: string];
-    'update:filterStatus': [value: string | null];
-    'update:filterProject': [value: number | null];
-    'update:filterCity': [value: string | null];
-    'clear-filters': [];
-}>();
-
-const hasActiveFilter = () =>
-    props.filterStatus !== null || props.filterProject !== null || props.filterCity !== null;
-</script>
-
-<template>
-    <div class="deals-filters">
-        <v-text-field
-            :model-value="searchPhone"
-            placeholder="Поиск по телефону…"
-            prepend-inner-icon="mdi-magnify"
-            variant="outlined"
-            density="compact"
-            hide-details
-            clearable
-            class="filters-search"
-            data-testid="filter-search-phone"
-            @update:model-value="(v: string) => $emit('update:searchPhone', v ?? '')"
-        />
-        <v-select
-            :model-value="filterStatus"
-            :items="leadStatuses"
-            item-title="nameRu"
-            item-value="slug"
-            label="Статус"
-            variant="outlined"
-            density="compact"
-            hide-details
-            clearable
-            class="filters-select"
-            data-testid="filter-status"
-            @update:model-value="(v: string | null) => $emit('update:filterStatus', v ?? null)"
-        />
-        <v-select
-            :model-value="filterProject"
-            :items="availableProjects"
-            item-title="name"
-            item-value="id"
-            label="Проект"
-            variant="outlined"
-            density="compact"
-            hide-details
-            clearable
-            class="filters-select"
-            data-testid="filter-project"
-            @update:model-value="(v: number | null) => $emit('update:filterProject', v ?? null)"
-        />
-        <v-select
-            :model-value="filterCity"
-            :items="availableCities"
-            label="Город"
-            variant="outlined"
-            density="compact"
-            hide-details
-            clearable
-            :disabled="availableCities.length === 0"
-            class="filters-select"
-            data-testid="filter-city"
-            @update:model-value="(v: string | null) => $emit('update:filterCity', v ?? null)"
-        />
-        <v-btn
-            v-if="hasActiveFilter()"
-            variant="text"
-            size="small"
-            prepend-icon="mdi-filter-off"
-            data-testid="clear-filters-btn"
-            @click="$emit('clear-filters')"
-        >
-            Сбросить
-        </v-btn>
-    </div>
-</template>
-
-<style scoped>
-.deals-filters {
-    display: flex;
-    align-items: center;
-    gap: 12px;
-    flex-wrap: wrap;
-}
-.filters-search {
-    flex: 1 1 240px;
-    max-width: 320px;
-}
-.filters-select {
-    min-width: 170px;
-    max-width: 220px;
-}
-</style>
-```
-
-- [ ] **Step 4: Запустить — GREEN**
-
-Run: `cd app; npx vitest run tests/Frontend/DealsFilters.spec.ts`
-Expected: PASS.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/resources/js/components/deals/DealsFilters.vue app/tests/Frontend/DealsFilters.spec.ts
-git commit -m "feat(deals): DealsFilters — phone search + Status/Project/City selects"
-```
-
-### Task A7: `DealsTable.vue` — новый набор колонок
-
-**Files:**
-
-- Modify: `app/resources/js/components/deals/DealsTable.vue` (полная замена)
-- Test: `app/tests/Frontend/DealsTable.spec.ts`
-
-Колонки: чекбокс · Телефон · Источник · Город · Статус · Напоминание · Комментарий · Поставлен. Клик по строке → `row-click`. Активная строка (открыта панель) подсвечивается через `activeDealId`.
-
-- [ ] **Step 1: Обновить тест `DealsTable.spec.ts`**
-
-Полностью заменить файл:
-
-```ts
-import { describe, it, expect } from 'vitest';
-import { mount } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-import DealsTable from '../../resources/js/components/deals/DealsTable.vue';
-import type { MockDeal } from '../../resources/js/composables/mockDeals';
-
-const vuetify = createVuetify();
-
-const sampleDeals: MockDeal[] = [
-    {
-        id: 1, name: '+7 (916) 100-00-01', phone: '+7 (916) 100-00-01', statusSlug: 'new',
-        project: 'Окна', manager: { initials: 'AD', name: 'Admin' }, cost: 0, receivedMinutesAgo: 5,
-        signalType: 'call', city: 'Москва', comment: 'звонил', receivedAt: '2026-05-15T09:00:00+00:00',
-        nextReminderAt: '2026-05-18T07:00:00+00:00',
-    },
-    {
-        id: 2, name: '+7 (916) 100-00-02', phone: '+7 (916) 100-00-02', statusSlug: 'new',
-        project: 'Двери', manager: { initials: 'AD', name: 'Admin' }, cost: 0, receivedMinutesAgo: 30,
-        signalType: 'site', city: null, comment: null, receivedAt: '2026-05-14T09:00:00+00:00',
-        nextReminderAt: null,
-    },
-];
-
-describe('DealsTable', () => {
-    it('рендерит колонки реестра лидов', () => {
-        const w = mount(DealsTable, {
-            props: { deals: sampleDeals, selectedIds: [], statusBySlug: new Map() },
-            global: { plugins: [vuetify] },
-        });
-        const headers = w.findAll('thead th').map((h) => h.text());
-        ['Телефон', 'Источник', 'Город', 'Статус', 'Напоминание', 'Комментарий', 'Поставлен'].forEach((label) => {
-            expect(headers.some((h) => h.includes(label))).toBe(true);
-        });
-    });
-
-    it('город без значения рендерится как «—»', () => {
-        const w = mount(DealsTable, {
-            props: { deals: sampleDeals, selectedIds: [], statusBySlug: new Map() },
-            global: { plugins: [vuetify] },
-        });
-        expect(w.text()).toContain('—');
-    });
-
-    it('select-all чекбокс имеет aria-label', () => {
-        const w = mount(DealsTable, {
-            props: { deals: sampleDeals, selectedIds: [], statusBySlug: new Map() },
-            global: { plugins: [vuetify] },
-        });
-        expect(
-            w.find('th .v-selection-control input[type="checkbox"][aria-label="Выбрать все сделки"]').exists(),
-        ).toBe(true);
-    });
-
-    it('клик по строке эмитит row-click с deal', async () => {
-        const w = mount(DealsTable, {
-            props: { deals: sampleDeals, selectedIds: [], statusBySlug: new Map() },
-            global: { plugins: [vuetify] },
-        });
-        await w.find('tbody tr').trigger('click');
-        expect(w.emitted('row-click')?.[0]?.[0]).toMatchObject({ id: 1 });
-    });
-});
-```
-
-- [ ] **Step 2: Запустить — RED**
-
-Run: `cd app; npx vitest run tests/Frontend/DealsTable.spec.ts`
-Expected: FAIL — старые колонки (Лид/Менеджер/Стоимость/Время).
-
-- [ ] **Step 3: Реализация — переписать `DealsTable.vue`**
-
-```vue
-<script setup lang="ts">
-/**
- * Таблица реестра лидов «Сделки» (редизайн 2026-05-17).
- * Колонки: чекбокс · Телефон · Источник · Город · Статус · Напоминание ·
- * Комментарий · Поставлен. Напоминание/Комментарий — read-only.
- */
-import type { MockDeal } from '../../composables/mockDeals';
-import type { LeadStatus } from '../../composables/leadStatuses';
-import StatusPill from '../ui/StatusPill.vue';
-
-const props = withDefaults(
-    defineProps<{
-        deals: MockDeal[];
-        selectedIds: number[];
-        statusBySlug: Map<string, LeadStatus>;
-        activeDealId?: number | null;
-    }>(),
-    { activeDealId: null },
-);
-
-const emit = defineEmits<{
-    'update:selectedIds': [value: number[]];
-    'row-click': [deal: MockDeal];
-}>();
-
-const SIGNAL_LABELS: Record<string, string> = { call: 'Звонки', site: 'Сайт', sms: 'СМС' };
-
-function signalLabel(t: MockDeal['signalType']): string {
-    return t ? (SIGNAL_LABELS[t] ?? '') : '';
-}
-
-function formatDateTime(iso: string | null | undefined): string {
-    if (!iso) return '—';
-    const d = new Date(iso);
-    return new Intl.DateTimeFormat('ru-RU', {
-        day: '2-digit', month: '2-digit', year: 'numeric', hour: '2-digit', minute: '2-digit',
-    }).format(d);
-}
-
-function rowProps(deal: MockDeal): Record<string, unknown> {
-    return { class: deal.id === props.activeDealId ? 'deals-row-active' : '' };
-}
-</script>
-
-<template>
-    <v-card variant="outlined" class="deals-table-card">
-        <v-data-table
-            :model-value="selectedIds"
-            :items="deals"
-            :headers="[
-                { title: 'Телефон', key: 'phone', sortable: true },
-                { title: 'Источник', key: 'project', sortable: false },
-                { title: 'Город', key: 'city', sortable: false },
-                { title: 'Статус', key: 'statusSlug', sortable: false },
-                { title: 'Напоминание', key: 'nextReminderAt', sortable: true },
-                { title: 'Комментарий', key: 'comment', sortable: false },
-                { title: 'Поставлен', key: 'receivedAt', align: 'end', sortable: true },
-            ]"
-            show-select
-            item-value="id"
-            items-per-page="-1"
-            hide-default-footer
-            hover
-            :row-props="(p: { item: MockDeal }) => rowProps(p.item)"
-            @update:model-value="(v: number[]) => emit('update:selectedIds', v)"
-            @click:row="(_e: Event, { item }: { item: MockDeal }) => emit('row-click', item)"
-        >
-            <template #[`item.phone`]="{ item }: { item: MockDeal }">
-                <span class="num ld-mono">{{ item.phone }}</span>
-            </template>
-
-            <template #[`item.project`]="{ item }: { item: MockDeal }">
-                <div class="cell-source">
-                    <span class="source-project">{{ item.project }}</span>
-                    <span v-if="signalLabel(item.signalType)" class="source-signal">{{
-                        signalLabel(item.signalType)
-                    }}</span>
-                </div>
-            </template>
-
-            <template #[`item.city`]="{ item }: { item: MockDeal }">
-                <span :class="{ 'text-medium-emphasis': !item.city }">{{ item.city || '—' }}</span>
-            </template>
-
-            <template #[`item.statusSlug`]="{ item }: { item: MockDeal }">
-                <StatusPill
-                    :slug="item.statusSlug"
-                    :label="statusBySlug.get(item.statusSlug)?.nameRu ?? item.statusSlug"
-                />
-            </template>
-
-            <template #[`item.nextReminderAt`]="{ item }: { item: MockDeal }">
-                <span class="num ld-mono-s" :class="{ 'text-medium-emphasis': !item.nextReminderAt }">{{
-                    formatDateTime(item.nextReminderAt)
-                }}</span>
-            </template>
-
-            <template #[`item.comment`]="{ item }: { item: MockDeal }">
-                <span class="cell-comment" :class="{ 'text-medium-emphasis': !item.comment }">{{
-                    item.comment || '—'
-                }}</span>
-            </template>
-
-            <template #[`item.receivedAt`]="{ item }: { item: MockDeal }">
-                <span class="num ld-mono-s">{{ formatDateTime(item.receivedAt) }}</span>
-            </template>
-
-            <template #[`header.data-table-select`]="{ allSelected, selectAll, someSelected }">
-                <v-checkbox-btn
-                    :model-value="allSelected"
-                    :indeterminate="someSelected && !allSelected"
-                    aria-label="Выбрать все сделки"
-                    @update:model-value="selectAll"
-                />
-            </template>
-
-            <template #[`item.data-table-select`]="{ isSelected, toggleSelect, internalItem, item }">
-                <v-checkbox-btn
-                    :model-value="isSelected(internalItem)"
-                    :aria-label="`Выбрать сделку «${(item as MockDeal).phone}»`"
-                    @update:model-value="() => toggleSelect(internalItem)"
-                />
-            </template>
-        </v-data-table>
-
-        <div v-if="deals.length === 0" class="empty-state pa-8 text-center text-medium-emphasis">
-            Нет сделок по выбранным фильтрам
-        </div>
-    </v-card>
-</template>
-
-<style scoped>
-.deals-table-card {
-    background: #fff;
-}
-.num {
-    font-family: 'JetBrains Mono', ui-monospace, monospace;
-    font-feature-settings: 'tnum';
-}
-.cell-source {
-    display: flex;
-    flex-direction: column;
-    line-height: 1.3;
-}
-.source-project {
-    font-weight: 500;
-    color: #081319;
-}
-.source-signal {
-    font-size: 11px;
-    color: #6b6356;
-}
-.cell-comment {
-    display: inline-block;
-    max-width: 240px;
-    overflow: hidden;
-    text-overflow: ellipsis;
-    white-space: nowrap;
-    vertical-align: bottom;
-}
-:deep(.deals-row-active) {
-    background: rgba(15, 110, 86, 0.07);
-}
-</style>
-```
-
-- [ ] **Step 4: Запустить — GREEN**
-
-Run: `cd app; npx vitest run tests/Frontend/DealsTable.spec.ts`
-Expected: PASS.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/resources/js/components/deals/DealsTable.vue app/tests/Frontend/DealsTable.spec.ts
-git commit -m "feat(deals): DealsTable — lead-registry columns (Телефон/Источник/Город/Статус/Напоминание/Комментарий/Поставлен)"
-```
-
-### Task A8: `DealsBulkBar.vue` — только смена статуса
-
-**Files:**
-
-- Modify: `app/resources/js/components/deals/DealsBulkBar.vue` (полная замена)
-- Test: `app/tests/Frontend/DealsBulkBar.spec.ts` (создать)
-
-Убираем Экспорт/Удалить/Восстановить и `trashMode`. Остаётся: «Сменить статус» (меню) + ✕.
-
-- [ ] **Step 1: Failing-тест — создать `DealsBulkBar.spec.ts`**
-
-```ts
-import { describe, it, expect } from 'vitest';
-import { mount } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-import DealsBulkBar from '../../resources/js/components/deals/DealsBulkBar.vue';
-
-const vuetify = createVuetify();
-const leadStatuses = [
-    { slug: 'new', nameRu: 'Новые', isSystem: true, sortOrder: 1, colorHex: '#3B82F6' },
-    { slug: 'viewed', nameRu: 'Просмотрено', isSystem: true, sortOrder: 2, colorHex: '#8B5CF6' },
-];
-
-describe('DealsBulkBar', () => {
-    it('скрыт при selectedCount=0', () => {
-        const w = mount(DealsBulkBar, {
-            props: { selectedCount: 0, statusMenuOpen: false, leadStatuses },
-            global: { plugins: [vuetify] },
-        });
-        expect(w.find('[data-testid="bulk-bar"]').exists()).toBe(false);
-    });
-
-    it('виден при selectedCount>0 и показывает количество', () => {
-        const w = mount(DealsBulkBar, {
-            props: { selectedCount: 3, statusMenuOpen: false, leadStatuses },
-            global: { plugins: [vuetify] },
-        });
-        const bar = w.find('[data-testid="bulk-bar"]');
-        expect(bar.exists()).toBe(true);
-        expect(bar.text()).toContain('3');
-    });
-
-    it('НЕ содержит кнопок Экспорт/Удалить', () => {
-        const w = mount(DealsBulkBar, {
-            props: { selectedCount: 2, statusMenuOpen: false, leadStatuses },
-            global: { plugins: [vuetify] },
-        });
-        expect(w.find('[data-testid="bulk-export-btn"]').exists()).toBe(false);
-        expect(w.find('[data-testid="bulk-delete-btn"]').exists()).toBe(false);
-    });
-
-    it('✕ эмитит clear-selected', async () => {
-        const w = mount(DealsBulkBar, {
-            props: { selectedCount: 2, statusMenuOpen: false, leadStatuses },
-            global: { plugins: [vuetify] },
-        });
-        await w.find('[data-testid="bulk-clear-btn"]').trigger('click');
-        expect(w.emitted('clear-selected')).toBeTruthy();
-    });
-});
-```
-
-- [ ] **Step 2: Запустить — RED**
-
-Run: `cd app; npx vitest run tests/Frontend/DealsBulkBar.spec.ts`
-Expected: FAIL — компонент требует prop `trashMode` / содержит лишние кнопки.
-
-- [ ] **Step 3: Реализация — переписать `DealsBulkBar.vue`**
-
-```vue
-<script setup lang="ts">
-/**
- * Sticky-bar массовой смены статуса для выбранных сделок (редизайн 2026-05-17).
- * Только смена статуса — корзина/экспорт убраны (экспорт — панель по датам).
- */
-import type { MockDeal } from '../../composables/mockDeals';
-import type { LeadStatus } from '../../composables/leadStatuses';
-
-defineProps<{
-    selectedCount: number;
-    statusMenuOpen: boolean;
-    leadStatuses: LeadStatus[];
-}>();
-
-defineEmits<{
-    'update:statusMenuOpen': [value: boolean];
-    'apply-status': [slug: MockDeal['statusSlug']];
-    'clear-selected': [];
-}>();
-</script>
-
-<template>
-    <v-card
-        v-if="selectedCount > 0"
-        class="bulk-bar mt-3"
-        color="secondary"
-        theme="dark"
-        variant="flat"
-        data-testid="bulk-bar"
-    >
-        <div class="bulk-bar-inner">
-            <span class="bulk-count">Выбрано <span class="num">{{ selectedCount }}</span></span>
-            <v-spacer />
-            <v-menu
-                :model-value="statusMenuOpen"
-                :close-on-content-click="false"
-                @update:model-value="(v: boolean) => $emit('update:statusMenuOpen', v)"
-            >
-                <template #activator="{ props: menuProps }">
-                    <v-btn
-                        v-bind="menuProps"
-                        variant="tonal"
-                        size="small"
-                        prepend-icon="mdi-tag-arrow-right"
-                        data-testid="bulk-status-btn"
-                    >
-                        Сменить статус
-                    </v-btn>
-                </template>
-                <v-list density="compact" max-height="320" min-width="240">
-                    <v-list-item
-                        v-for="s in leadStatuses"
-                        :key="s.slug"
-                        :data-testid="`bulk-status-item-${s.slug}`"
-                        @click="$emit('apply-status', s.slug)"
-                    >
-                        <template #prepend>
-                            <span class="status-dot" :style="{ background: s.colorHex }" />
-                        </template>
-                        <v-list-item-title>{{ s.nameRu }}</v-list-item-title>
-                    </v-list-item>
-                </v-list>
-            </v-menu>
-            <v-btn
-                icon="mdi-close"
-                variant="text"
-                size="small"
-                data-testid="bulk-clear-btn"
-                @click="$emit('clear-selected')"
-            />
-        </div>
-    </v-card>
-</template>
-
-<style scoped>
-.num {
-    font-family: 'JetBrains Mono', ui-monospace, monospace;
-    font-feature-settings: 'tnum';
-    font-weight: 500;
-}
-.status-dot {
-    display: inline-block;
-    width: 6px;
-    height: 6px;
-    border-radius: 50%;
-    margin-right: 6px;
-}
-.bulk-bar {
-    position: sticky;
-    top: 0;
-    z-index: 4;
-}
-.bulk-bar-inner {
-    display: flex;
-    align-items: center;
-    gap: 8px;
-    padding: 8px 12px;
-}
-.bulk-count {
-    color: #f6f3ec;
-    font-size: 13px;
-}
-</style>
-```
-
-- [ ] **Step 4: Запустить — GREEN**
-
-Run: `cd app; npx vitest run tests/Frontend/DealsBulkBar.spec.ts`
-Expected: PASS.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/resources/js/components/deals/DealsBulkBar.vue app/tests/Frontend/DealsBulkBar.spec.ts
-git commit -m "feat(deals): DealsBulkBar — status-change only (drop export/delete/trash)"
-```
-
-### Task A9: Извлечь `DealDetailBody.vue` + обёртка `DealDetailDrawer.vue` (overlay/inline)
-
-**Files:**
-
-- Create: `app/resources/js/components/deals/DealDetailBody.vue`
-- Modify: `app/resources/js/components/deals/DealDetailDrawer.vue` (полная замена — тонкая обёртка)
-- Test: `app/tests/Frontend/DealDetailDrawer.spec.ts`, `app/tests/Frontend/DealDetailDrawerApi.spec.ts`
-
-Тело панели (hero/параметры/комментарий/напоминания/timeline + загрузка events/reminders) → `DealDetailBody.vue`. `DealDetailDrawer.vue` → обёртка: prop `inline` выбирает корень — `<v-navigation-drawer>` (overlay, для Канбана) или `<aside>` (inline, master-detail для «Сделок»).
-
-- [ ] **Step 1: Failing-тест — `DealDetailDrawer.spec.ts`**
-
-Заменить `tests/Frontend/DealDetailDrawer.spec.ts` на:
-
-```ts
-import { describe, it, expect } from 'vitest';
-import { mount } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-import { createPinia, setActivePinia } from 'pinia';
-import DealDetailDrawer from '../../resources/js/components/deals/DealDetailDrawer.vue';
-import type { MockDeal } from '../../resources/js/composables/mockDeals';
-
-const vuetify = createVuetify();
-const deal: MockDeal = {
-    id: 1, name: '+7 999', phone: '+7 999', statusSlug: 'new', project: 'Окна',
-    manager: { initials: 'AD', name: 'Admin' }, cost: 0, receivedMinutesAgo: 5,
-};
-
-function mountDrawer(props: Record<string, unknown>) {
-    setActivePinia(createPinia());
-    return mount(DealDetailDrawer, {
-        props: { open: true, deal, ...props },
-        global: { plugins: [vuetify, createPinia()], stubs: { DealDetailBody: true } },
-    });
-}
-
-describe('DealDetailDrawer wrapper', () => {
-    it('inline=true рендерит <aside> (master-detail панель)', () => {
-        const w = mountDrawer({ inline: true });
-        expect(w.find('aside.deal-detail-inline').exists()).toBe(true);
-    });
-
-    it('inline=false (по умолчанию) рендерит overlay v-navigation-drawer', () => {
-        const w = mountDrawer({});
-        expect(w.find('aside.deal-detail-inline').exists()).toBe(false);
-    });
-
-    it('inline-панель содержит DealDetailBody', () => {
-        const w = mountDrawer({ inline: true });
-        expect(w.findComponent({ name: 'DealDetailBody' }).exists()).toBe(true);
-    });
-});
-```
-
-- [ ] **Step 2: Запустить — RED**
-
-Run: `cd app; npx vitest run tests/Frontend/DealDetailDrawer.spec.ts`
-Expected: FAIL — нет `inline`-режима, нет `<aside.deal-detail-inline>`.
-
-- [ ] **Step 3: Создать `DealDetailBody.vue`**
-
-Перенести в новый файл всё содержимое текущего `DealDetailDrawer.vue` КРОМЕ `<v-navigation-drawer>`-обёртки. Изменения против оригинала: prop `open` убран; `drawerOpen` computed убран; `watch` слушает `[props.deal?.id, props.tenantId]`; hero `@close` ре-эмитит `close`.
-
-```vue
-<script setup lang="ts">
-/**
- * Тело панели деталей сделки (hero + параметры + комментарий + напоминания +
- * timeline). Извлечено из DealDetailDrawer (редизайн 2026-05-17) — общее тело
- * для overlay-дровера (Канбан) и inline-панели master-detail («Сделки»).
- *
- * Backend: GET /api/deals/{id}, PATCH /api/deals/{id}, GET /api/deals/{id}/events.
- */
-import { computed, defineAsyncComponent, ref, watch } from 'vue';
-import type { MockDeal } from '../../composables/mockDeals';
-import { type DealEvent } from '../../composables/mockDealEvents';
-import { mapApiDealEvent } from '../../composables/dealsApiMapper';
-import * as dealsApi from '../../api/deals';
-import * as remindersApi from '../../api/reminders';
-import type { ApiReminder } from '../../api/reminders';
-import { useLeadStatusesStore } from '../../stores/leadStatuses';
-import DealDetailHero from './DealDetailHero.vue';
-import DealDetailTimeline from './DealDetailTimeline.vue';
-const ReminderDialog = defineAsyncComponent(() => import('../reminders/ReminderDialog.vue'));
-
-const leadStatusesStore = useLeadStatusesStore();
-
-const props = defineProps<{
-    deal: MockDeal | null;
-    tenantId?: number;
-}>();
-
-const emit = defineEmits<{ close: [] }>();
-
-const status = computed(() => {
-    if (!props.deal) return null;
-    return leadStatusesStore.findBySlug(props.deal.statusSlug);
-});
-
-function formatCost(cost: number): string {
-    return new Intl.NumberFormat('ru-RU').format(cost) + ' ₽';
-}
-
-const events = ref<DealEvent[]>([]);
-const eventsLoading = ref(false);
-const eventsFetchError = ref(false);
-
-const commentDraft = ref<string>('');
-const commentSaving = ref(false);
-const commentSaveError = ref(false);
-const commentToastOpen = ref(false);
-const commentToastText = ref('');
-
-const reminders = ref<ApiReminder[]>([]);
-const remindersLoading = ref(false);
-const reminderDialogOpen = ref(false);
-
-async function loadReminders() {
-    if (!props.deal || !props.tenantId) {
-        reminders.value = [];
-        return;
-    }
-    remindersLoading.value = true;
-    try {
-        const res = await remindersApi.listReminders({ filter: 'active', dealId: props.deal.id });
-        reminders.value = res.items;
-    } catch {
-        reminders.value = [];
-    } finally {
-        remindersLoading.value = false;
-    }
-}
-
-async function completeReminderInDrawer(id: number) {
-    try {
-        await remindersApi.completeReminder(id);
-        reminders.value = reminders.value.filter((r) => r.id !== id);
-    } catch {
-        /* silent */
-    }
-}
-
-function onReminderSaved() {
-    void loadReminders();
-}
-
-function formatReminderTime(iso: string | null): string {
-    if (!iso) return '—';
-    const ms = new Date(iso).getTime() - Date.now();
-    const min = Math.round(Math.abs(ms) / 60_000);
-    const future = ms > 0;
-    if (min < 60) return future ? `через ${min} мин` : `${min} мин назад`;
-    const hr = Math.round(min / 60);
-    if (hr < 24) return future ? `через ${hr} ч` : `${hr} ч назад`;
-    const days = Math.round(hr / 24);
-    return future ? `через ${days} д` : `${days} д назад`;
-}
-
-async function loadEvents() {
-    if (!props.deal || !props.tenantId) {
-        events.value = [];
-        commentDraft.value = '';
-        return;
-    }
-    eventsLoading.value = true;
-    eventsFetchError.value = false;
-    try {
-        const res = await dealsApi.getDeal(props.deal.id, props.tenantId);
-        events.value = res.events.map((e) => mapApiDealEvent(e));
-        commentDraft.value = res.deal.comment ?? '';
-    } catch {
-        eventsFetchError.value = true;
-        events.value = [];
-        commentDraft.value = '';
-    } finally {
-        eventsLoading.value = false;
-    }
-}
-
-async function saveComment() {
-    if (!props.deal || !props.tenantId) return;
-    commentSaving.value = true;
-    commentSaveError.value = false;
-    try {
-        await dealsApi.updateDeal(props.deal.id, {
-            tenant_id: props.tenantId,
-            comment: commentDraft.value || null,
-        });
-        commentToastText.value = 'Комментарий сохранён.';
-        commentToastOpen.value = true;
-        await loadEvents();
-    } catch {
-        commentSaveError.value = true;
-        commentToastText.value = 'Не удалось сохранить — попробуйте позже.';
-        commentToastOpen.value = true;
-    } finally {
-        commentSaving.value = false;
-    }
-}
-
-// Загрузка при появлении/смене сделки (панель монтируется только при deal != null).
-watch(
-    () => [props.deal?.id, props.tenantId] as const,
-    () => {
-        if (props.deal) {
-            loadEvents();
-            void loadReminders();
-        }
-    },
-    { immediate: true },
-);
-
-defineExpose({
-    events, eventsLoading, eventsFetchError, loadEvents,
-    commentDraft, commentSaving, commentSaveError, commentToastOpen, commentToastText, saveComment,
-});
-</script>
-
-<template>
-    <div v-if="deal" class="drawer-content">
-        <DealDetailHero :deal="deal" :status="status" @close="emit('close')" />
-
-        <v-divider />
-
-        <section class="section pa-5">
-            <h3 class="section-title text-subtitle-2 mb-3">Параметры</h3>
-            <dl class="params">
-                <div class="param">
-                    <dt class="text-caption text-medium-emphasis">Проект</dt>
-                    <dd class="text-body-2">{{ deal.project }}</dd>
-                </div>
-                <div class="param">
-                    <dt class="text-caption text-medium-emphasis">Стоимость лида</dt>
-                    <dd class="text-body-2 num">{{ formatCost(deal.cost) }}</dd>
-                </div>
-                <div class="param">
-                    <dt class="text-caption text-medium-emphasis">Менеджер</dt>
-                    <dd class="text-body-2">
-                        <v-avatar size="20" color="secondary" class="mr-1">
-                            <span class="text-caption">{{ deal.manager.initials }}</span>
-                        </v-avatar>
-                        {{ deal.manager.name }}
-                    </dd>
-                </div>
-                <div class="param">
-                    <dt class="text-caption text-medium-emphasis">Источник</dt>
-                    <dd class="text-body-2 link">Я.Директ → landing-1</dd>
-                </div>
-            </dl>
-        </section>
-
-        <v-divider />
-
-        <section v-if="tenantId" class="section pa-5" data-testid="comment-section">
-            <h3 class="section-title text-subtitle-2 mb-3">Комментарий</h3>
-            <v-textarea
-                v-model="commentDraft"
-                placeholder="Заметка менеджера…"
-                variant="outlined"
-                density="comfortable"
-                auto-grow
-                rows="3"
-                hide-details
-                counter="5000"
-                data-testid="comment-textarea"
-            />
-            <div class="d-flex ga-2 mt-2 justify-end">
-                <v-btn
-                    :loading="commentSaving"
-                    color="primary"
-                    size="small"
-                    prepend-icon="mdi-content-save-outline"
-                    data-testid="save-comment-btn"
-                    @click="saveComment"
-                >
-                    Сохранить
-                </v-btn>
-            </div>
-        </section>
-
-        <v-divider v-if="tenantId" />
-
-        <section v-if="tenantId && deal" class="section pa-5" data-testid="reminders-section">
-            <div class="d-flex justify-space-between align-center mb-3">
-                <h3 class="section-title text-subtitle-2 mb-0">Напоминания</h3>
-                <v-btn
-                    size="x-small"
-                    variant="text"
-                    prepend-icon="mdi-plus"
-                    data-testid="add-reminder-btn"
-                    @click="reminderDialogOpen = true"
-                >
-                    Создать
-                </v-btn>
-            </div>
-            <div v-if="reminders.length === 0 && !remindersLoading" class="text-caption text-medium-emphasis">
-                Нет активных напоминаний.
-            </div>
-            <ul v-else class="reminders-list">
-                <li v-for="r in reminders" :key="r.id" class="reminder-row" data-testid="drawer-reminder-item">
-                    <v-btn
-                        icon="mdi-check-circle-outline"
-                        size="x-small"
-                        variant="text"
-                        density="comfortable"
-                        :data-testid="`drawer-complete-${r.id}`"
-                        @click="completeReminderInDrawer(r.id)"
-                    />
-                    <div class="reminder-body">
-                        <div class="reminder-text">{{ r.text || 'Без описания' }}</div>
-                        <div class="reminder-meta text-caption text-medium-emphasis">
-                            {{ formatReminderTime(r.remind_at) }}
-                        </div>
-                    </div>
-                </li>
-            </ul>
-        </section>
-
-        <v-divider v-if="tenantId && deal" />
-
-        <DealDetailTimeline :events="events" :events-fetch-error="eventsFetchError" />
-
-        <v-snackbar
-            v-model="commentToastOpen"
-            :timeout="3000"
-            :color="commentSaveError ? 'warning' : undefined"
-            data-testid="comment-toast"
-            location="bottom right"
-        >
-            {{ commentToastText }}
-        </v-snackbar>
-
-        <ReminderDialog
-            v-if="tenantId && deal"
-            v-model="reminderDialogOpen"
-            :deal-id="deal.id"
-            @saved="onReminderSaved"
-        />
-    </div>
-</template>
-
-<style scoped>
-.drawer-content {
-    display: flex;
-    flex-direction: column;
-}
-.section-title {
-    font-weight: 600;
-    color: #081319;
-}
-.params {
-    display: grid;
-    grid-template-columns: 1fr 1fr;
-    gap: 16px 12px;
-    margin: 0;
-}
-.param dt {
-    font-size: 11px;
-    margin-bottom: 2px;
-}
-.param dd {
-    margin: 0;
-    color: #081319;
-}
-.param .link {
-    color: #0f6e56;
-    cursor: pointer;
-}
-.param .link:hover {
-    text-decoration: underline;
-}
-.num {
-    font-family: 'JetBrains Mono', ui-monospace, monospace;
-    font-feature-settings: 'tnum';
-}
-.reminders-list {
-    list-style: none;
-    padding: 0;
-    margin: 0;
-    display: flex;
-    flex-direction: column;
-    gap: 6px;
-}
-.reminder-row {
-    display: flex;
-    align-items: center;
-    gap: 8px;
-    padding: 6px 8px;
-    border: 1px solid #e8e3d6;
-    border-radius: 6px;
-    background: #fdfaf3;
-}
-.reminder-body {
-    flex: 1;
-    min-width: 0;
-}
-.reminder-text {
-    font-size: 13px;
-    line-height: 1.4;
-    color: #081319;
-}
-.reminder-meta {
-    margin-top: 2px;
-}
-</style>
-```
-
-- [ ] **Step 4: Переписать `DealDetailDrawer.vue` как обёртку**
-
-```vue
-<script setup lang="ts">
-/**
- * Обёртка панели деталей сделки. `inline=false` (по умолчанию) — overlay
- * v-navigation-drawer (Канбан). `inline=true` — боковая панель master-detail
- * для страницы «Сделки» (список сжимается, панель встаёт рядом, не перекрывает).
- * Тело — общий DealDetailBody.vue.
- */
-import { computed } from 'vue';
-import type { MockDeal } from '../../composables/mockDeals';
-import DealDetailBody from './DealDetailBody.vue';
-
-const props = withDefaults(
-    defineProps<{
-        open: boolean;
-        deal: MockDeal | null;
-        tenantId?: number;
-        inline?: boolean;
-    }>(),
-    { inline: false },
-);
-
-const emit = defineEmits<{ 'update:open': [value: boolean] }>();
-
-const drawerOpen = computed({
-    get: () => props.open,
-    set: (v) => emit('update:open', v),
-});
-
-function close() {
-    emit('update:open', false);
-}
-</script>
-
-<template>
-    <aside v-if="inline" v-show="open" class="deal-detail-inline" data-testid="deal-detail-panel">
-        <DealDetailBody :deal="deal" :tenant-id="tenantId" @close="close" />
-    </aside>
-    <v-navigation-drawer
-        v-else
-        v-model="drawerOpen"
-        location="right"
-        temporary
-        :width="480"
-        class="deal-drawer"
-    >
-        <DealDetailBody :deal="deal" :tenant-id="tenantId" @close="close" />
-    </v-navigation-drawer>
-</template>
-
-<style scoped>
-.deal-drawer {
-    background: #fff;
-}
-.deal-detail-inline {
-    flex: 0 0 400px;
-    width: 400px;
-    background: #fff;
-    border: 1px solid #e8e3d6;
-    border-radius: 8px;
-    overflow-y: auto;
-    align-self: flex-start;
-    max-height: calc(100vh - 160px);
-    position: sticky;
-    top: 16px;
-}
-</style>
-```
-
-- [ ] **Step 5: Обновить `DealDetailDrawerApi.spec.ts`**
-
-`defineExpose` (events/loadEvents/saveComment/...) переехал в `DealDetailBody`. В `DealDetailDrawerApi.spec.ts` заменить импорт и mount-цель с `DealDetailDrawer` на `DealDetailBody` (`import DealDetailBody from '../../resources/js/components/deals/DealDetailBody.vue'`), убрать prop `open` из props, заменить проверку открытия на наличие `deal`. Остальная логика теста (мок `dealsApi.getDeal`, проверки `vm.events`/`vm.saveComment`) — без изменений.
-
-- [ ] **Step 6: Запустить — GREEN**
-
-Run: `cd app; npx vitest run tests/Frontend/DealDetailDrawer.spec.ts tests/Frontend/DealDetailDrawerApi.spec.ts`
-Expected: PASS.
-
-- [ ] **Step 7: Commit**
-
-```bash
-git add app/resources/js/components/deals/DealDetailBody.vue app/resources/js/components/deals/DealDetailDrawer.vue app/tests/Frontend/DealDetailDrawer.spec.ts app/tests/Frontend/DealDetailDrawerApi.spec.ts
-git commit -m "refactor(deals): extract DealDetailBody; DealDetailDrawer = overlay/inline wrapper"
-```
-
-### Task A10: `DealsView.vue` — полный переписанный экран
-
-**Files:**
-
-- Modify: `app/resources/js/views/DealsView.vue` (полная замена)
-- Test: `app/tests/Frontend/DealsView.spec.ts` (переписывается в A11)
-
-Реестр лидов: server-side фильтрация + пагинация. Убраны trash-режим, `NewDealDialog`, «Новая сделка», `.ld-filterbar`/`FilterChip`/`DensityToggle`/status-legend, табы. Добавлены: панель экспорта (диапазон дат + Excel/CSV), селектор строк 10/20/50, master-detail панель (`DealDetailDrawer inline`).
-
-- [ ] **Step 1: Реализация — переписать `DealsView.vue`**
-
-```vue
-<script setup lang="ts">
-/**
- * Страница «Сделки» — реестр лидов, поставленных crm.bp (редизайн 2026-05-17).
- *
- * Лиды поступают ТОЛЬКО от поставщика — ручного создания и корзины нет.
- * Фильтрация (телефон/Статус/Проект + диапазон дат поставки) и пагинация —
- * server-side через GET /api/deals. Клик по строке открывает master-detail
- * панель справа (список сжимается, панель не перекрывает таблицу).
- *
- * Спека: docs/superpowers/specs/2026-05-17-deals-page-redesign-design.md
- */
-import { computed, onMounted, reactive, ref, watch } from 'vue';
-import { useRoute } from 'vue-router';
-import type { MockDeal } from '../composables/mockDeals';
-import { mapApiDeal } from '../composables/dealsApiMapper';
-import { usePolling } from '../composables/usePolling';
-import DealsFilters from '../components/deals/DealsFilters.vue';
-import DealsBulkBar from '../components/deals/DealsBulkBar.vue';
-import DealsTable from '../components/deals/DealsTable.vue';
-import DealDetailDrawer from '../components/deals/DealDetailDrawer.vue';
-import { useAuthStore } from '../stores/auth';
-import { useLeadStatusesStore } from '../stores/leadStatuses';
-import * as dealsApi from '../api/deals';
-import { triggerBlobDownload, triggerCsvDownload } from '../composables/useCsvDownload';
-
-const route = useRoute();
-const auth = useAuthStore();
-const leadStatusesStore = useLeadStatusesStore();
-
-// --- Фильтры (single-select) + диапазон дат поставки ---
-const searchPhone = ref('');
-const filterStatus = ref<string | null>(null);
-const filterProject = ref<number | null>(null);
-const filterCity = ref<string | null>(null);
-const receivedFrom = ref(''); // 'YYYY-MM-DD'
-const receivedTo = ref('');
-
-// --- Пагинация ---
-const PER_PAGE_OPTIONS = [10, 20, 50];
-const perPage = ref(20);
-const page = ref(1);
-
-// --- Данные текущей страницы ---
-const dealsState = reactive<MockDeal[]>([]);
-const total = ref(0);
-const loading = ref(false);
-const fetchError = ref(false);
-const availableProjects = ref<dealsApi.ApiProject[]>([]);
-
-const leadStatuses = computed(() => leadStatusesStore.statuses);
-const statusBySlug = computed(() => leadStatusesStore.bySlug);
-const availableCities = computed(() =>
-    Array.from(new Set(dealsState.map((d) => d.city).filter((c): c is string => !!c))).sort(),
-);
-const pageCount = computed(() => Math.max(1, Math.ceil(total.value / perPage.value)));
-
-// --- Master-detail панель ---
-const selectedDeal = ref<MockDeal | null>(null);
-const panelOpen = ref(false);
-
-// --- Bulk-смена статуса ---
-const selected = ref<number[]>([]);
-const statusMenuOpen = ref(false);
-
-// --- Тосты ---
-const exportToastOpen = ref(false);
-const exportToastText = ref('');
-const statusToastOpen = ref(false);
-const statusToastText = ref('');
-
-async function loadDeals() {
-    if (!auth.user?.tenant_id) return;
-    loading.value = true;
-    fetchError.value = false;
-    try {
-        const res = await dealsApi.listDeals({
-            tenantId: auth.user.tenant_id,
-            statusIn: filterStatus.value ? [filterStatus.value] : undefined,
-            projectId: filterProject.value ?? undefined,
-            search: searchPhone.value.trim() || undefined,
-            receivedFrom: receivedFrom.value || undefined,
-            receivedTo: receivedTo.value || undefined,
-            limit: perPage.value,
-            offset: (page.value - 1) * perPage.value,
-        });
-        total.value = res.total;
-        dealsState.splice(0, dealsState.length, ...res.deals.map((d) => mapApiDeal(d)));
-    } catch {
-        fetchError.value = true;
-        dealsState.splice(0, dealsState.length);
-        total.value = 0;
-    } finally {
-        loading.value = false;
-    }
-}
-
-async function loadProjects() {
-    if (!auth.user?.tenant_id) return;
-    try {
-        availableProjects.value = await dealsApi.listProjects(auth.user.tenant_id);
-    } catch {
-        availableProjects.value = [];
-    }
-}
-
-// Фильтры (кроме поиска) и perPage → сброс на стр.1 + перезагрузка.
-watch([filterStatus, filterProject, receivedFrom, receivedTo, perPage], () => {
-    page.value = 1;
-    void loadDeals();
-});
-watch(page, () => void loadDeals());
-
-// Поиск по телефону — debounce 350 мс.
-let searchTimer: ReturnType<typeof setTimeout> | undefined;
-watch(searchPhone, () => {
-    if (searchTimer) clearTimeout(searchTimer);
-    searchTimer = setTimeout(() => {
-        page.value = 1;
-        void loadDeals();
-    }, 350);
-});
-
-function clearFilters() {
-    searchPhone.value = '';
-    filterStatus.value = null;
-    filterProject.value = null;
-    filterCity.value = null;
-}
-
-async function applyBulkStatus(slug: MockDeal['statusSlug']) {
-    const ids = [...selected.value];
-    statusMenuOpen.value = false;
-    ids.forEach((id) => {
-        const d = dealsState.find((x) => x.id === id);
-        if (d) d.statusSlug = slug;
-    });
-    if (!auth.user?.tenant_id || ids.length === 0) return;
-    try {
-        const res = await dealsApi.transitionDeals({ tenant_id: auth.user.tenant_id, ids, status: slug });
-        statusToastText.value = `Обновлено ${res.updated} из ${res.requested}.`;
-    } catch {
-        statusToastText.value = 'Не удалось сохранить статус — изменения только локально.';
-    }
-    statusToastOpen.value = true;
-    selected.value = [];
-}
-
-async function exportByRange(format: 'xlsx' | 'csv') {
-    if (!auth.user?.tenant_id) {
-        exportToastText.value = 'Нет данных для экспорта.';
-        exportToastOpen.value = true;
-        return;
-    }
-    try {
-        const result = await dealsApi.exportDealsByRange({
-            tenant_id: auth.user.tenant_id,
-            received_from: receivedFrom.value || undefined,
-            received_to: receivedTo.value || undefined,
-            format,
-        });
-        const stamp = new Date().toISOString().slice(0, 10);
-        if (format === 'xlsx') {
-            triggerBlobDownload(result as Blob, `deals_export_${stamp}.xlsx`);
-            exportToastText.value = 'Экспорт XLSX сформирован.';
-        } else {
-            triggerCsvDownload(result as string, `deals_export_${stamp}.csv`);
-            exportToastText.value = 'Экспорт CSV сформирован.';
-        }
-    } catch {
-        exportToastText.value = 'Не удалось сформировать экспорт.';
-    }
-    exportToastOpen.value = true;
-}
-
-function openPanel(deal: MockDeal) {
-    if (panelOpen.value && selectedDeal.value?.id === deal.id) {
-        closePanel();
-        return;
-    }
-    selectedDeal.value = deal;
-    panelOpen.value = true;
-}
-
-function closePanel() {
-    panelOpen.value = false;
-}
-
-/** Deep-link /deals?openId= — открыть панель сделки с текущей страницы (audit C8/F3). */
-function openDealFromQuery(): void {
-    const raw = route.query.openId;
-    const id = Number(Array.isArray(raw) ? raw[0] : raw);
-    if (!Number.isInteger(id) || id <= 0) return;
-    const deal = dealsState.find((d) => d.id === id);
-    if (deal) openPanel(deal);
-}
-
-onMounted(async () => {
-    void leadStatusesStore.load();
-    void loadProjects();
-    await loadDeals();
-    openDealFromQuery();
-});
-
-watch(() => route.query.openId, () => openDealFromQuery());
-
-// Polling — авто-refresh текущей страницы (pause при скрытой вкладке).
-usePolling(loadDeals);
-
-defineExpose({
-    searchPhone, filterStatus, filterProject, filterCity, receivedFrom, receivedTo,
-    perPage, page, pageCount, dealsState, total, loading, fetchError, availableProjects,
-    selected, selectedDeal, panelOpen, statusMenuOpen,
-    loadDeals, clearFilters, applyBulkStatus, exportByRange, openPanel, closePanel,
-    exportToastOpen, exportToastText, statusToastOpen, statusToastText,
-});
-</script>
-
-<template>
-    <v-container fluid class="deals pa-6">
-        <header class="page-head">
-            <div>
-                <h1 class="text-h4 mb-2 page-title">Сделки</h1>
-                <div class="page-stats text-body-2 text-medium-emphasis">
-                    Реестр лидов от crm.bp ·
-                    <span class="num">{{ total }}</span> в выборке
-                </div>
-            </div>
-            <v-btn
-                variant="outlined"
-                prepend-icon="mdi-refresh"
-                :loading="loading"
-                data-testid="reload-btn"
-                @click="loadDeals"
-            >
-                Обновить
-            </v-btn>
-        </header>
-
-        <!-- Панель экспорта: диапазон дат поставки + Excel/CSV -->
-        <v-card variant="outlined" class="export-panel mt-4">
-            <div class="export-panel-inner">
-                <span class="export-label text-body-2">Диапазон поставки:</span>
-                <v-text-field
-                    v-model="receivedFrom"
-                    type="date"
-                    label="от"
-                    variant="outlined"
-                    density="compact"
-                    hide-details
-                    class="date-input"
-                    data-testid="export-from"
-                />
-                <v-text-field
-                    v-model="receivedTo"
-                    type="date"
-                    label="до"
-                    variant="outlined"
-                    density="compact"
-                    hide-details
-                    class="date-input"
-                    data-testid="export-to"
-                />
-                <v-spacer />
-                <v-btn
-                    variant="outlined"
-                    prepend-icon="mdi-file-excel-outline"
-                    data-testid="export-xlsx-btn"
-                    @click="exportByRange('xlsx')"
-                >
-                    Экспорт в Excel
-                </v-btn>
-                <v-btn
-                    variant="outlined"
-                    prepend-icon="mdi-file-delimited-outline"
-                    data-testid="export-csv-btn"
-                    @click="exportByRange('csv')"
-                >
-                    Экспорт в CSV
-                </v-btn>
-            </div>
-        </v-card>
-
-        <DealsFilters
-            v-model:search-phone="searchPhone"
-            v-model:filter-status="filterStatus"
-            v-model:filter-project="filterProject"
-            v-model:filter-city="filterCity"
-            :lead-statuses="leadStatuses"
-            :available-projects="availableProjects"
-            :available-cities="availableCities"
-            class="mt-4"
-            @clear-filters="clearFilters"
-        />
-
-        <!-- Селектор числа строк — между фильтрами и таблицей -->
-        <div class="perpage mt-3">
-            <span class="text-body-2 text-medium-emphasis">Показывать по:</span>
-            <v-btn-toggle
-                v-model="perPage"
-                mandatory
-                density="comfortable"
-                variant="outlined"
-                color="primary"
-                data-testid="perpage-toggle"
-            >
-                <v-btn v-for="n in PER_PAGE_OPTIONS" :key="n" :value="n" size="small">{{ n }}</v-btn>
-            </v-btn-toggle>
-        </div>
-
-        <DealsBulkBar
-            v-model:status-menu-open="statusMenuOpen"
-            :selected-count="selected.length"
-            :lead-statuses="leadStatuses"
-            @apply-status="applyBulkStatus"
-            @clear-selected="selected = []"
-        />
-
-        <v-alert
-            v-if="fetchError"
-            type="warning"
-            variant="tonal"
-            density="compact"
-            closable
-            class="mt-3"
-            data-testid="fetch-error-alert"
-        >
-            Не удалось загрузить сделки. Попробуйте обновить.
-        </v-alert>
-
-        <!-- master-detail: список сжимается, панель встаёт рядом (не overlay) -->
-        <div class="deals-body mt-4">
-            <div class="deals-list">
-                <DealsTable
-                    :deals="dealsState"
-                    :selected-ids="selected"
-                    :status-by-slug="statusBySlug"
-                    :active-deal-id="panelOpen ? selectedDeal?.id ?? null : null"
-                    @update:selected-ids="selected = $event"
-                    @row-click="openPanel"
-                />
-            </div>
-            <DealDetailDrawer
-                inline
-                :open="panelOpen"
-                :deal="selectedDeal"
-                :tenant-id="auth.user?.tenant_id"
-                @update:open="(v: boolean) => (panelOpen = v)"
-            />
-        </div>
-
-        <!-- Футер: пагинация -->
-        <div v-if="pageCount > 1" class="tfoot mt-4">
-            <v-pagination
-                v-model="page"
-                :length="pageCount"
-                :total-visible="7"
-                density="comfortable"
-                data-testid="deals-pagination"
-            />
-        </div>
-
-        <v-snackbar v-model="exportToastOpen" :timeout="3000" data-testid="export-toast" location="bottom right">
-            {{ exportToastText }}
-        </v-snackbar>
-        <v-snackbar v-model="statusToastOpen" :timeout="3000" data-testid="status-toast" location="bottom right">
-            {{ statusToastText }}
-        </v-snackbar>
-    </v-container>
-</template>
-
-<style scoped>
-.deals {
-    max-width: 1440px;
-}
-.page-head {
-    display: flex;
-    align-items: flex-start;
-    justify-content: space-between;
-    flex-wrap: wrap;
-    gap: 16px;
-}
-.page-title {
-    font-variation-settings: 'opsz' 28;
-    letter-spacing: -0.018em;
-}
-.num {
-    font-family: 'JetBrains Mono', ui-monospace, monospace;
-    font-feature-settings: 'tnum';
-    font-weight: 500;
-}
-.export-panel {
-    background: #fff;
-}
-.export-panel-inner {
-    display: flex;
-    align-items: center;
-    gap: 12px;
-    flex-wrap: wrap;
-    padding: 12px 16px;
-}
-.export-label {
-    color: #6b6356;
-    flex-shrink: 0;
-}
-.date-input {
-    max-width: 170px;
-}
-.perpage {
-    display: flex;
-    align-items: center;
-    gap: 12px;
-}
-.deals-body {
-    display: flex;
-    align-items: flex-start;
-    gap: 16px;
-}
-.deals-list {
-    flex: 1 1 auto;
-    min-width: 0;
-}
-.tfoot {
-    display: flex;
-    justify-content: center;
-}
-</style>
-```
-
-- [ ] **Step 2: Проверить типы**
-
-Run: `cd app; npx vue-tsc --noEmit -p tsconfig.json`
-Expected: 0 ошибок (старый `DealsView.spec.ts` ещё на старом контракте — упадёт в Vitest, чинится в A11; типы `.vue`-файла валидны).
-
-- [ ] **Step 3: Commit**
-
-```bash
-git add app/resources/js/views/DealsView.vue
-git commit -m "feat(deals): DealsView — lead-registry redesign (export panel, per-page, master-detail panel)"
-```
-
-### Task A11: Тест-свип + регрессия Фазы A
-
-**Files:**
-
-- Replace: `app/tests/Frontend/DealsView.spec.ts`
-- Delete: `app/tests/Frontend/DealsViewRedesign.spec.ts`
-- Modify: `app/tests/Frontend/DealsListIntegration.spec.ts`, `app/resources/js/composables/mockDeals.ts`
-- Verify: `app/tests/Frontend/deals-api.spec.ts`
-
-`DealsViewRedesign.spec.ts` тестирует удалённый `.ld-filterbar`/`FilterChip`/`DensityToggle` — удаляется целиком. `DealsView.spec.ts` — полностью переписывается под новый контракт.
-
-- [ ] **Step 1: Переписать `DealsView.spec.ts`**
-
-```ts
-import { describe, it, expect, vi, afterEach } from 'vitest';
-import { mount, flushPromises } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-import { createRouter, createMemoryHistory } from 'vue-router';
-import { createPinia, setActivePinia } from 'pinia';
-import DealsView from '../../resources/js/views/DealsView.vue';
-import * as dealsApi from '../../resources/js/api/deals';
-import { useAuthStore } from '../../resources/js/stores/auth';
-import type { AuthUser } from '../../resources/js/api/auth';
-import type { MockDeal } from '../../resources/js/composables/mockDeals';
-
-function apiDeal(id: number, over: Partial<dealsApi.ApiDeal> = {}): dealsApi.ApiDeal {
-    return {
-        id, tenant_id: 42, project_id: 1, project_name: 'Окна', phone: `+7 916 000-00-0${id}`,
-        contact_name: null, status: 'new', manager_id: null, manager_name: null,
-        manager_initials: null, received_at: '2026-05-15T09:00:00+00:00',
-        comment: null, city: null, project_signal_type: 'call', next_reminder_at: null,
-        ...over,
-    };
-}
-
-async function mountDeals(deals: dealsApi.ApiDeal[] = [apiDeal(1), apiDeal(2)], total = 2) {
-    setActivePinia(createPinia());
-    const auth = useAuthStore();
-    auth.user = { id: 1, tenant_id: 42, email: 't@t.com' } as AuthUser;
-    vi.spyOn(dealsApi, 'listDeals').mockResolvedValue({ deals, total, limit: 20, offset: 0 });
-    vi.spyOn(dealsApi, 'listProjects').mockResolvedValue([
-        { id: 1, name: 'Окна', tag: null, type: 'supplier' },
-    ]);
-    const router = createRouter({
-        history: createMemoryHistory(),
-        routes: [{ path: '/deals', component: DealsView }],
-    });
-    await router.push('/deals');
-    await router.isReady();
-    const wrapper = mount(DealsView, {
-        global: { plugins: [createVuetify(), router], stubs: { DealDetailDrawer: true } },
-    });
-    await flushPromises();
-    return wrapper;
-}
-
-describe('DealsView.vue — реестр лидов', () => {
-    it('заголовок «Сделки»', async () => {
-        expect((await mountDeals()).find('h1').text()).toBe('Сделки');
-    });
-
-    it('панель экспорта: поля дат + кнопки Excel/CSV', async () => {
-        const w = await mountDeals();
-        expect(w.find('[data-testid="export-from"]').exists()).toBe(true);
-        expect(w.find('[data-testid="export-to"]').exists()).toBe(true);
-        expect(w.find('[data-testid="export-xlsx-btn"]').exists()).toBe(true);
-        expect(w.find('[data-testid="export-csv-btn"]').exists()).toBe(true);
-    });
-
-    it('селектор «Показывать по» с вариантами 10/20/50', async () => {
-        const w = await mountDeals();
-        const toggle = w.find('[data-testid="perpage-toggle"]');
-        expect(toggle.exists()).toBe(true);
-        ['10', '20', '50'].forEach((n) => expect(toggle.text()).toContain(n));
-    });
-
-    it('НЕТ кнопки «Новая сделка» и режима «Корзина»', async () => {
-        const w = await mountDeals();
-        expect(w.text()).not.toContain('Новая сделка');
-        expect(w.text()).not.toContain('Корзина');
-    });
-
-    it('загружает сделки в dealsState через API', async () => {
-        const w = await mountDeals([apiDeal(1), apiDeal(2), apiDeal(3)], 3);
-        const vm = w.vm as unknown as { dealsState: MockDeal[]; total: number };
-        expect(vm.dealsState.length).toBe(3);
-        expect(vm.total).toBe(3);
-    });
-
-    it('openPanel выбирает сделку, повторный клик закрывает', async () => {
-        const w = await mountDeals();
-        const vm = w.vm as unknown as {
-            dealsState: MockDeal[]; panelOpen: boolean; selectedDeal: MockDeal | null;
-            openPanel: (d: MockDeal) => void;
-        };
-        vm.openPanel(vm.dealsState[0]);
-        expect(vm.panelOpen).toBe(true);
-        expect(vm.selectedDeal?.id).toBe(1);
-        vm.openPanel(vm.dealsState[0]);
-        expect(vm.panelOpen).toBe(false);
-    });
-
-    it('bulk-bar появляется при выборе и applyBulkStatus меняет статус', async () => {
-        const w = await mountDeals();
-        const vm = w.vm as unknown as {
-            selected: number[]; dealsState: MockDeal[]; applyBulkStatus: (s: string) => Promise<void>;
-        };
-        vi.spyOn(dealsApi, 'transitionDeals').mockResolvedValue({ updated: 2, requested: 2, status: 'viewed' });
-        vm.selected = [1, 2];
-        await flushPromises();
-        expect(w.find('[data-testid="bulk-bar"]').exists()).toBe(true);
-        await vm.applyBulkStatus('viewed');
-        expect(vm.dealsState.find((d) => d.id === 1)?.statusSlug).toBe('viewed');
-    });
-
-    it('exportByRange xlsx вызывает exportDealsByRange', async () => {
-        const w = await mountDeals();
-        const spy = vi.spyOn(dealsApi, 'exportDealsByRange').mockResolvedValue(new Blob());
-        Object.defineProperty(URL, 'createObjectURL', { value: vi.fn(() => 'blob:m'), configurable: true });
-        Object.defineProperty(URL, 'revokeObjectURL', { value: vi.fn(), configurable: true });
-        vi.spyOn(HTMLAnchorElement.prototype, 'click').mockImplementation(() => {});
-        const vm = w.vm as unknown as { exportByRange: (f: string) => Promise<void>; exportToastOpen: boolean };
-        await vm.exportByRange('xlsx');
-        expect(spy).toHaveBeenCalledOnce();
-        expect(vm.exportToastOpen).toBe(true);
-    });
-
-    it('loadDeals reject → dealsState пустой + fetchError', async () => {
-        setActivePinia(createPinia());
-        const auth = useAuthStore();
-        auth.user = { id: 1, tenant_id: 42, email: 't@t.com' } as AuthUser;
-        vi.spyOn(dealsApi, 'listDeals').mockRejectedValue(new Error('500'));
-        vi.spyOn(dealsApi, 'listProjects').mockResolvedValue([]);
-        const router = createRouter({ history: createMemoryHistory(), routes: [{ path: '/deals', component: DealsView }] });
-        await router.push('/deals');
-        await router.isReady();
-        const w = mount(DealsView, {
-            global: { plugins: [createVuetify(), router], stubs: { DealDetailDrawer: true } },
-        });
-        await flushPromises();
-        const vm = w.vm as unknown as { dealsState: MockDeal[]; fetchError: boolean };
-        expect(vm.dealsState.length).toBe(0);
-        expect(vm.fetchError).toBe(true);
-    });
-});
-
-afterEach(() => vi.restoreAllMocks());
-```
-
-- [ ] **Step 2: Удалить `DealsViewRedesign.spec.ts`**
-
-```bash
-git rm app/tests/Frontend/DealsViewRedesign.spec.ts
-```
-
-- [ ] **Step 3: Удалить `DEALS_TABS`/`DealsTab` из `mockDeals.ts`**
-
-Удалить из `mockDeals.ts` интерфейс `DealsTab` и const `DEALS_TABS` (после A6/A10 их никто не импортирует). `MOCK_DEALS`/`MOCK_PROJECTS`/`MOCK_MANAGERS` — оставить (используются Канбаном/`NewDealDialog`).
-
-- [ ] **Step 4: Прогнать Vitest, починить упавшее**
-
-Run: `cd app; npx vitest run --maxWorkers=2`
-Expected: исследовать падения. Ожидаемо требуют правок: `DealsListIntegration.spec.ts` (использует старый контракт DealsView). Починить так же, как `DealsView.spec.ts` (мок `listDeals`/`listProjects`, новый набор testid). Если тест проверял удалённое поведение (trash/new-deal/tabs) — удалить такой тест. `deals-api.spec.ts` — если использует `exportDeals`/`bulkDeleteDeals` — оставить (функции не удалялись). Гнать до 0 fail.
-
-- [ ] **Step 5: Прогнать Pest (backend Фазы A)**
-
-Run: `cd app; php artisan test --filter="DealIndexTest|DealExportTest|DealShowTest|DealUpdateTest"`
-Expected: 0 fail.
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/tests/Frontend/ app/resources/js/composables/mockDeals.ts
-git commit -m "test(deals): rewrite DealsView spec for redesign; drop DealsViewRedesign spec + DEALS_TABS"
-```
-
-- [ ] **Step 7: Полная регрессия Фазы A**
-
-Run: `cd app; php artisan test; npx vitest run --maxWorkers=2; npx vue-tsc --noEmit -p tsconfig.json`
-Expected: 0 fail / 0 ошибок типов. Любые падения — выписать `file:line`, починить, повторить. Это закрывает Фазу A.
-
----
-
-## ⛔ ГЕЙТ перед Фазой B — подтверждение slug'ов
-
-**Фаза B меняет схему БД (миграция 14 → 5 статусов). Стартовать ТОЛЬКО после явного «да» заказчика на точные slug'и.**
-
-Маппинг §3 спеки заказчик подтвердил («2. вопрос да»). Не подтверждены **точные slug'и** новых 5 статусов. План фиксирует (спека §3, §9 Q2):
-
-| # | slug | name_ru | Старые 14 → сюда |
-|---|---|---|---|
-| 1 | `new` *(slug сохраняется)* | Новая сделка | `new` |
-| 2 | `viewed` *(сохраняется)* | Просмотрено | `viewed` |
-| 3 | `in_progress` *(новый)* | В работе | `worked`, `base`, `missed`, `negotiations`, `waiting_payment`, `partnership`, `test_drive`, `hot`, `replacement`, `final_missed` |
-| 4 | `won` *(новый)* | Сделка | `paid` |
-| 5 | `lost` *(новый)* | Не реализовано | `closed` |
-
-`new`/`viewed` намеренно сохраняют slug — `RouteSupplierLeadJob`, `DealController@store` default'ят `'new'`, миграция их не трогает.
-
-**Действие исполнителя:** показать таблицу заказчику. На «да» — выполнять B1–B8. На правку slug'ов — обновить значения в B1–B6 и продолжить.
-
-## ФАЗА B — воронка 14 → 5
-
-### Task B1: `schema.sql` seed `lead_statuses` + CHANGELOG
-
-**Files:**
-
-- Modify: `db/schema.sql` (seed `lead_statuses`, строки ~2577-2592; комментарии ~318-319, ~2577)
-- Modify: `db/CHANGELOG_schema.md`
-
-- [ ] **Step 1: Заменить seed `lead_statuses`**
-
-В `db/schema.sql` блок `INSERT INTO lead_statuses ...` (начинается ~строка 2578) заменить 14 строк значений на 5:
-
-```sql
--- 5 статусов воронки (редизайн «Сделки» 2026-05-17 — было 14)
-INSERT INTO lead_statuses (slug, name_ru, is_system, sort_order, color_hex) VALUES
-    ('new',         'Новая сделка',     TRUE, 1, '#3B82F6'),
-    ('viewed',      'Просмотрено',      TRUE, 2, '#8B5CF6'),
-    ('in_progress', 'В работе',         TRUE, 3, '#06B6D4'),
-    ('won',         'Сделка',           TRUE, 4, '#10B981'),
-    ('lost',        'Не реализовано',   TRUE, 5, '#6B7280');
-```
-
-Комментарий выше INSERT и комментарий над `CREATE TABLE lead_statuses` (~строки 318-319 «14 статусов: 6 системных + 8 настраиваемых») заменить на «5 статусов воронки (все системные)».
-
-- [ ] **Step 2: Запись в `CHANGELOG_schema.md`**
-
-Добавить запись (формат — как у предыдущих): bump версии схемы (следующий за текущим), дата 2026-05-17, описание: «Воронка статусов 14 → 5: seed `lead_statuses` (`new`/`viewed`/`in_progress`/`won`/`lost`). Инкрементальная миграция `2026_05_17_120000_deals_funnel_14_to_5_statuses.php` ремапит `deals.status`, `tenant_status_overrides.status_slug`, `import_unknown_statuses.mapped_to_slug`. Редизайн страницы «Сделки», спека `docs/superpowers/specs/2026-05-17-deals-page-redesign-design.md`.» Версию в шапке `schema.sql` (строка 4) синхронизировать.
-
-- [ ] **Step 3: Проверка — `migrate:fresh` + smoke**
-
-Run: `cd app; php artisan migrate:fresh --seed; php artisan test --filter="RlsSmokeTest"`
-Expected: миграция проходит; `lead_statuses` содержит 5 строк; smoke 0 fail.
-
-Run: `cd app; php artisan tinker --execute="echo \App\Models\Tenant::count();"` — sanity-проверка БД жива.
-
-- [ ] **Step 4: Commit**
-
-```bash
-git add db/schema.sql db/CHANGELOG_schema.md
-git commit -m "feat(deals): schema — lead_statuses funnel 14->5 (new/viewed/in_progress/won/lost)"
-```
-
-### Task B2: Инкрементальная миграция 14 → 5
-
-**Files:**
-
-- Create: `app/database/migrations/2026_05_17_120000_deals_funnel_14_to_5_statuses.php`
-- Create: `app/tests/Feature/LeadStatusesFunnelTest.php`
-
-`new`/`viewed` сохраняют slug. FK-порядок: сначала INSERT новых slug'ов, затем ремап ссылок (`deals.status`, `import_unknown_statuses.mapped_to_slug`), затем DELETE устаревших `lead_statuses`. `tenant_status_overrides` — обсолетные строки удаляются (кастомные ярлыки схлопнутых статусов теряют смысл; заодно исключает PK-коллизию `(tenant_id, status_slug)` при ремапе двух старых в один новый).
-
-- [ ] **Step 1: Failing-тест — создать `LeadStatusesFunnelTest.php`**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Support\Facades\DB;
-
-test('lead_statuses содержит ровно 5 статусов воронки', function () {
-    $slugs = DB::table('lead_statuses')->orderBy('sort_order')->pluck('slug')->all();
-    expect($slugs)->toBe(['new', 'viewed', 'in_progress', 'won', 'lost']);
-});
-
-test('новые статусы имеют корректные русские названия', function () {
-    $names = DB::table('lead_statuses')->pluck('name_ru', 'slug');
-    expect($names['new'])->toBe('Новая сделка');
-    expect($names['in_progress'])->toBe('В работе');
-    expect($names['won'])->toBe('Сделка');
-    expect($names['lost'])->toBe('Не реализовано');
-});
-
-test('старых slug-ов воронки в lead_statuses не осталось', function () {
-    $obsolete = DB::table('lead_statuses')
-        ->whereIn('slug', ['worked', 'paid', 'closed', 'hot', 'negotiations'])
-        ->count();
-    expect($obsolete)->toBe(0);
-});
-```
-
-- [ ] **Step 2: Запустить — RED**
-
-Run: `cd app; php artisan test --filter=LeadStatusesFunnelTest`
-Expected: FAIL — `schema.sql` уже сеет 5 (после B1), но тест прогоняется ДО создания миграции; если B1 уже в дереве — тест может пройти. В этом случае создать миграцию (Step 3) ради ремапа существующих БД и продолжить.
-
-- [ ] **Step 3: Создать миграцию**
-
-`app/database/migrations/2026_05_17_120000_deals_funnel_14_to_5_statuses.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Database\Migrations\Migration;
-use Illuminate\Support\Facades\DB;
-
-/**
- * Воронка статусов 14 → 5 (редизайн «Сделки» 2026-05-17).
- *
- * Новые 5: new / viewed / in_progress / won / lost. Slug'и `new` и `viewed`
- * сохраняются (RouteSupplierLeadJob / DealController@store default'ят 'new').
- * Ремап старых 14 → 5 в deals.status и import_unknown_statuses.mapped_to_slug
- * перед DELETE устаревших lead_statuses (FK-safe). tenant_status_overrides
- * со старыми slug'ами удаляются (кастомные ярлыки схлопнутых статусов
- * обсолетны + исключает PK-коллизию при ремапе).
- *
- * На migrate:fresh schema.sql уже сеет 5 — UPDATE/DELETE здесь no-op.
- * down() необратима (схлопывание lossy).
- *
- * Спека: docs/superpowers/specs/2026-05-17-deals-page-redesign-design.md §3.
- */
-return new class extends Migration
-{
-    /** Старый slug → новый. new/viewed не меняются (отсутствуют в карте). */
-    private const REMAP = [
-        'worked' => 'in_progress', 'base' => 'in_progress', 'missed' => 'in_progress',
-        'negotiations' => 'in_progress', 'waiting_payment' => 'in_progress',
-        'partnership' => 'in_progress', 'test_drive' => 'in_progress', 'hot' => 'in_progress',
-        'replacement' => 'in_progress', 'final_missed' => 'in_progress',
-        'paid' => 'won', 'closed' => 'lost',
-    ];
-
-    private const KEEP = ['new', 'viewed', 'in_progress', 'won', 'lost'];
-
-    public function up(): void
-    {
-        DB::transaction(function () {
-            // 1) Новые slug'и обязаны существовать до ремапа FK-ссылок.
-            DB::table('lead_statuses')->upsert([
-                ['slug' => 'new', 'name_ru' => 'Новая сделка', 'is_system' => true, 'sort_order' => 1, 'color_hex' => '#3B82F6'],
-                ['slug' => 'viewed', 'name_ru' => 'Просмотрено', 'is_system' => true, 'sort_order' => 2, 'color_hex' => '#8B5CF6'],
-                ['slug' => 'in_progress', 'name_ru' => 'В работе', 'is_system' => true, 'sort_order' => 3, 'color_hex' => '#06B6D4'],
-                ['slug' => 'won', 'name_ru' => 'Сделка', 'is_system' => true, 'sort_order' => 4, 'color_hex' => '#10B981'],
-                ['slug' => 'lost', 'name_ru' => 'Не реализовано', 'is_system' => true, 'sort_order' => 5, 'color_hex' => '#6B7280'],
-            ], ['slug'], ['name_ru', 'is_system', 'sort_order', 'color_hex']);
-
-            // 2) Ремап ссылок на старые slug'и.
-            foreach (self::REMAP as $old => $new) {
-                DB::table('deals')->where('status', $old)->update(['status' => $new]);
-                DB::table('import_unknown_statuses')->where('mapped_to_slug', $old)->update(['mapped_to_slug' => $new]);
-            }
-
-            // 3) Обсолетные кастомные ярлыки статусов — удалить (FK на lead_statuses).
-            DB::table('tenant_status_overrides')->whereNotIn('status_slug', self::KEEP)->delete();
-
-            // 4) Удалить устаревшие статусы (все FK-ссылки перенаправлены).
-            DB::table('lead_statuses')->whereNotIn('slug', self::KEEP)->delete();
-        });
-    }
-
-    public function down(): void
-    {
-        throw new RuntimeException('Воронка 14→5 необратима (схлопывание статусов lossy).');
-    }
-};
-```
-
-- [ ] **Step 4: db-тест + smoke (обязательно после изменения миграции)**
-
-Run: `cd app; php artisan migrate:fresh --seed; php artisan test --filter="LeadStatusesFunnelTest|RlsSmokeTest"`
-Expected: миграция проходит без ошибок; `LeadStatusesFunnelTest` 3/3 PASS; `RlsSmokeTest` 0 fail.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/database/migrations/2026_05_17_120000_deals_funnel_14_to_5_statuses.php app/tests/Feature/LeadStatusesFunnelTest.php
-git commit -m "feat(deals): migration — remap deals.status + drop obsolete lead_statuses (14->5)"
-```
-
-### Task B3: `leadStatuses.ts` — `LEAD_STATUSES` 14 → 5
-
-**Files:**
-
-- Modify: `app/resources/js/composables/leadStatuses.ts`
-
-- [ ] **Step 1: Заменить `LEAD_STATUSES`**
-
-Заменить массив `LEAD_STATUSES` (строки 20-35) на:
-
-```ts
-export const LEAD_STATUSES: LeadStatus[] = [
-    { slug: 'new', nameRu: 'Новая сделка', isSystem: true, sortOrder: 1, colorHex: '#3B82F6' },
-    { slug: 'viewed', nameRu: 'Просмотрено', isSystem: true, sortOrder: 2, colorHex: '#8B5CF6' },
-    { slug: 'in_progress', nameRu: 'В работе', isSystem: true, sortOrder: 3, colorHex: '#06B6D4' },
-    { slug: 'won', nameRu: 'Сделка', isSystem: true, sortOrder: 4, colorHex: '#10B981' },
-    { slug: 'lost', nameRu: 'Не реализовано', isSystem: true, sortOrder: 5, colorHex: '#6B7280' },
-];
-```
-
-В шапочном комментарии (строки 1-11) «14 системных и пользовательских статусов» → «5 системных статусов воронки (редизайн 2026-05-17)»; ссылку на `db/schema.sql:2130` оставить как ориентир (источник истины — seed `lead_statuses`).
-
-- [ ] **Step 2: Проверить типы**
-
-Run: `cd app; npx vue-tsc --noEmit -p tsconfig.json`
-Expected: 0 ошибок.
-
-- [ ] **Step 3: Commit**
-
-```bash
-git add app/resources/js/composables/leadStatuses.ts
-git commit -m "feat(deals): leadStatuses composable — 5-status funnel snapshot"
-```
-
-### Task B4: `useStatusPill.ts` — добавить `viewed`/`lost`
-
-**Files:**
-
-- Modify: `app/resources/js/composables/useStatusPill.ts`
-- Test: `app/tests/Frontend/StatusPill.spec.ts` (если есть; иначе пропустить Step 1)
-
-5 slug'ов воронки должны иметь стиль пилюли. `new`/`in_progress`/`won` уже в `STYLES`; добавляем `viewed` и `lost`.
-
-- [ ] **Step 1: Реализация**
-
-В `STATUS_PILL_SLUGS` (строки 14-29) добавить `'viewed'` и `'lost'` (в любую позицию массива). В `STYLES` (строки 33-48) добавить:
-
-```ts
-    viewed: { bg: 'rgba(122,91,163,0.15)', color: '#7A5BA3' },
-    lost: { bg: 'rgba(107,99,86,0.18)', color: '#6B6356' },
-```
-
-- [ ] **Step 2: Проверить типы + StatusPill-тесты**
-
-Run: `cd app; npx vue-tsc --noEmit -p tsconfig.json; npx vitest run tests/Frontend/StatusPill`
-Expected: 0 ошибок типов; StatusPill-тесты PASS (если файл есть).
-
-- [ ] **Step 3: Commit**
-
-```bash
-git add app/resources/js/composables/useStatusPill.ts
-git commit -m "feat(deals): useStatusPill — add viewed/lost funnel slugs"
-```
-
-### Task B5: `StatusRuToSlugMapper` — маппинг под 5
-
-**Files:**
-
-- Modify: `app/app/Services/Import/StatusRuToSlugMapper.php`
-- Test: `app/tests/Feature/Import/StatusRuToSlugMapperTest.php` (если есть — обновить; иначе создать)
-
-Исторические CSV поставщика несут СТАРЫЕ 14 русских названий — все должны мапиться в новые 5 slug'ов. Плюс новые 4 русских имени.
-
-- [ ] **Step 1: Failing-тест**
-
-Создать/обновить `tests/Feature/Import/StatusRuToSlugMapperTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Services\Import\StatusRuToSlugMapper;
-
-test('старые русские статусы мапятся в 5 новых slug-ов', function () {
-    $m = new StatusRuToSlugMapper;
-    expect($m->toSlug('Новые'))->toBe('new');
-    expect($m->toSlug('Просмотрено'))->toBe('viewed');
-    expect($m->toSlug('Проработан'))->toBe('in_progress');
-    expect($m->toSlug('Переговоры'))->toBe('in_progress');
-    expect($m->toSlug('Конечный недозвон'))->toBe('in_progress');
-    expect($m->toSlug('Оплачено'))->toBe('won');
-    expect($m->toSlug('Закрыто и не реализовано'))->toBe('lost');
-});
-
-test('новые русские названия статусов тоже мапятся', function () {
-    $m = new StatusRuToSlugMapper;
-    expect($m->toSlug('Новая сделка'))->toBe('new');
-    expect($m->toSlug('В работе'))->toBe('in_progress');
-    expect($m->toSlug('Сделка'))->toBe('won');
-    expect($m->toSlug('Не реализовано'))->toBe('lost');
-});
-
-test('неизвестный статус → null', function () {
-    expect((new StatusRuToSlugMapper)->toSlug('Абракадабра'))->toBeNull();
-});
-```
-
-- [ ] **Step 2: Запустить — RED**
-
-Run: `cd app; php artisan test --filter=StatusRuToSlugMapperTest`
-Expected: FAIL — старые названия мапятся в старые slug'и.
-
-- [ ] **Step 3: Реализация — заменить `STATUS_RU_TO_SLUG`**
-
-В `StatusRuToSlugMapper.php` заменить константу (строки 15-31):
-
-```php
-    /** @var array<string, string> Русские названия → 5 slug'ов воронки (редизайн 2026-05-17). */
-    private const STATUS_RU_TO_SLUG = [
-        // Новые названия 5-статусной воронки.
-        'Новая сделка' => 'new',
-        'Просмотрено' => 'viewed',
-        'В работе' => 'in_progress',
-        'Сделка' => 'won',
-        'Не реализовано' => 'lost',
-        // Старые 14 названий поставщика → новые slug'и (исторический CSV-импорт).
-        'Новые' => 'new',
-        'Проработан' => 'in_progress',
-        'База' => 'in_progress',
-        'Недозвон' => 'in_progress',
-        'Переговоры' => 'in_progress',
-        'Ожидаем оплаты' => 'in_progress',
-        'Партнерка' => 'in_progress',
-        'Оплачено' => 'won',
-        'Закрыто и не реализовано' => 'lost',
-        'Тест драйв' => 'in_progress',
-        'Горячий' => 'in_progress',
-        'На замену' => 'in_progress',
-        'Конечный недозвон' => 'in_progress',
-    ];
-```
-
-Doc-комментарий класса «14 статусов» → «5 статусов воронки».
-
-- [ ] **Step 4: Запустить — GREEN**
-
-Run: `cd app; php artisan test --filter=StatusRuToSlugMapperTest`
-Expected: PASS.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/app/Services/Import/StatusRuToSlugMapper.php app/tests/Feature/Import/StatusRuToSlugMapperTest.php
-git commit -m "feat(deals): StatusRuToSlugMapper — remap supplier RU statuses to 5-slug funnel"
-```
-
-### Task B6: Свип старых slug'ов — `MOCK_DEALS` + тесты
-
-**Files:**
-
-- Modify: `app/resources/js/composables/mockDeals.ts` (`MOCK_DEALS`)
-- Modify: тесты, хардкодящие старые slug'и (выявляются grep'ом)
-
-Старые slug'и (`worked`, `base`, `missed`, `negotiations`, `waiting_payment`, `partnership`, `paid`, `closed`, `test_drive`, `hot`, `replacement`, `final_missed`) больше не валидны. `DealFactory` default `'new'` — НЕ требует правки.
-
-- [ ] **Step 1: Найти все вхождения**
-
-Run: `cd app; git grep -n -E "'(worked|base|missed|negotiations|waiting_payment|partnership|paid|closed|test_drive|hot|replacement|final_missed)'" -- resources/js tests`
-Изучить вывод. Игнорировать совпадения, не относящиеся к статусам сделок (напр. `closed` в другом контексте).
-
-- [ ] **Step 2: Применить REMAP к `MOCK_DEALS`**
-
-В `mockDeals.ts` в каждом элементе `MOCK_DEALS` заменить `statusSlug` по карте: `worked|base|missed|negotiations|waiting_payment|partnership|test_drive|hot|replacement|final_missed → in_progress`; `paid → won`; `closed → lost`; `new`/`viewed` — без изменений.
-
-- [ ] **Step 3: Применить REMAP к тестам**
-
-В тестовых файлах из Step 1 (Pest: `DealIndexTest`, `DealTransitionTest`, `DealUpdateTest` и др.; Vitest-specs) заменить старые slug-строки по той же карте. Где тест по смыслу проверял конкретный старый статус (напр. transition в `paid`) — заменить на эквивалентный новый (`won`).
-
-- [ ] **Step 4: Прогнать затронутые тесты**
-
-Run: `cd app; npx vitest run --maxWorkers=2; php artisan test`
-Expected: разобрать падения, дочинить до 0 fail. Полная регрессия — в B8.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add -A
-git commit -m "test(deals): sweep obsolete 14-status slugs to 5-status funnel (MOCK_DEALS + tests)"
-```
-
-### Task B7: Канбан — 5 колонок
-
-**Files:**
-
-- Modify: `app/resources/js/views/KanbanView.vue` (комментарий)
-- Modify: `app/tests/Frontend/KanbanView.spec.ts` (если ассертит число колонок)
-
-`KanbanView` строит колонки из `leadStatuses` store → после B3 автоматически 5 колонок. Кода-логики менять не нужно — только комментарии/тесты.
-
-- [ ] **Step 1: Прочитать `KanbanView.vue` и `KanbanView.spec.ts`**
-
-Run (для локализации): `cd app; git grep -n "14" -- resources/js/views/KanbanView.vue tests/Frontend/KanbanView.spec.ts`
-
-- [ ] **Step 2: Обновить упоминания «14»**
-
-В `KanbanView.vue` комментарии «14 колонок/статусов» → «5 колонок воронки». В `KanbanView.spec.ts`, если тест ассертит `toHaveLength(14)` для колонок — заменить на `5`; если ассертит конкретные старые slug'и колонок — заменить на `['new','viewed','in_progress','won','lost']`.
-
-- [ ] **Step 3: Прогнать Канбан-тесты**
-
-Run: `cd app; npx vitest run tests/Frontend/KanbanView`
-Expected: PASS.
-
-- [ ] **Step 4: Commit**
-
-```bash
-git add app/resources/js/views/KanbanView.vue app/tests/Frontend/KanbanView.spec.ts
-git commit -m "feat(deals): Kanban — 5-column funnel (comment + test sync)"
-```
-
-### Task B8: Полная регрессия Фазы B
-
-**Files:** —
-
-- [ ] **Step 1: db smoke после миграции**
-
-Run: `cd app; php artisan migrate:fresh --seed; php artisan test --filter="RlsSmokeTest|LeadStatusesFunnelTest"`
-Expected: 0 fail.
-
-- [ ] **Step 2: Полная регрессия**
-
-Run: `cd app; php artisan test; npx vitest run --maxWorkers=2; npx vue-tsc --noEmit -p tsconfig.json`
-Expected: 0 fail / 0 ошибок типов. Падения — выписать `file:line`, починить (типовая причина — пропущенный старый slug в тесте), повторить.
-
-- [ ] **Step 3: Финальный коммит регрессии (если были фиксы)**
-
-```bash
-git add -A
-git commit -m "test(deals): phase B regression sweep — 5-status funnel green"
-```
-
----
-
-## Self-review (проверка плана против спеки)
-
-**Покрытие спеки:**
-
-- §2 шапка/статистика → A10. Панель экспорта (даты + Excel/CSV) → A5+A10. Фильтры (телефон/Статус/Проект/Город) → A6. Селектор строк 10/20/50 → A10. Колонки таблицы → A7. Master-detail панель → A9+A10. Футер-пагинация → A10. Сайдбар (Импорт/Отчёты) — **уже сделано до плана** (вне scope).
-- §3 воронка 14→5 → B1–B8 (схема, миграция, leadStatuses, Канбан, StatusRuToSlugMapper). `RouteSupplierLeadJob` — изменения НЕ требуются (slug `new` сохранён) — зафиксировано в гейте.
-- §4 «Город» — колонка рендерится `—`, фильтр пуст/disabled (A6/A7); источник данных вне scope.
-- §5 компоненты — все перечисленные затронуты (`mockDeals`/`api/deals`/`dealsApiMapper`/`DealController`/`DealExportController`/`DealsFilters`/`DealsTable`/`DealsBulkBar`/`DealDetailDrawer`/`DealsView`/`leadStatuses`/`StatusRuToSlugMapper`).
-- §6 декомпозиция — Фаза A (A1–A11), Фаза B (B1–B8) за гейтом.
-- §8 тестирование — TDD в каждой задаче; db-тесты после миграции (B2/B8).
-
-**Расхождения, зафиксированные осознанно:**
-
-- Backend `store`/`destroy`/`restore` + старые `exportDeals`/`bulkDeleteDeals` в `api/deals.ts` — НЕ удаляются (вне scope §5; удаление = отдельная чистка).
-- Колонка/фильтр «Город» — UI-каркас есть, данных нет (§4 открыт).
-- Тест ремапа `deals.status` на проде — не покрыт unit-тестом (миграция уже применена в `migrate:fresh`); корректность — через ревью SQL + B8. Прод-данных нет (Б-1).
-
-## Execution Handoff
-
-**Plan complete and saved to `docs/superpowers/plans/2026-05-17-deals-page-redesign.md`.**
-
-Фаза A исполняется сразу. Фаза B — после гейта подтверждения slug'ов заказчиком.
-
-Two execution options:
-
-1. **Subagent-Driven (recommended)** — свежий субагент на задачу, two-stage review между задачами.
-2. **Inline Execution** — задачи в текущей сессии, чекпоинты для ревью.
-
-Which approach?
diff --git a/docs/superpowers/plans/2026-05-17-sprint5b-layout-views.md b/docs/superpowers/plans/2026-05-17-sprint5b-layout-views.md
deleted file mode 100644
index 0cf6577..0000000
--- a/docs/superpowers/plans/2026-05-17-sprint5b-layout-views.md
+++ /dev/null
@@ -1,1060 +0,0 @@
-# Sprint 5B — Layout/Views Polish Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Закрыть 5 P2-эпиков подраздела Layout/Views портал-аудита (B2, B3, C3, C6, C7): живой счётчик сделок в сайдбаре, рабочая ⌘K command-palette, экспорт всего списка из шапки DealsView, degradation-alert в NewDealDialog, верификация degradation-alert в DealDetailDrawer.
-
-**Architecture:** Backend — один новый query-параметр `count_only` на существующем `GET /api/deals`. Frontend — новый Pinia-store счётчика, новый компонент `CommandPalette.vue` + module-singleton composable, точечные правки 4 view/layout-компонентов. Без изменений схемы БД, без новых роутов, без новых зависимостей.
-
-**Tech Stack:** PHP 8.3 / Laravel 13 / Pest 4 (backend); Vue 3.5 + Vuetify 3.12 + TypeScript / Pinia 3 / vue-router 4 / Vitest 4 (frontend).
-
-**Решения заказчика (2026-05-17):** B3 → минимальная command-palette; C3 → подвязать кнопку «Экспорт» на экспорт всего отфильтрованного списка.
-
----
-
-## Контекст: текущее состояние (file:line)
-
-| Эпик | Файл | Состояние |
-|---|---|---|
-| B2 | `app/resources/js/components/layout/AppSidebar.vue:35` | `count: 247` — хардкод |
-| B2 | `app/app/Http/Controllers/Api/DealController.php:54-190` | `index` возвращает `total`, но всегда тянет строки |
-| B3 | `app/resources/js/components/layout/AppSidebar.vue:66-69` | `.ld-cmdk-stub` — `role=button` без handler |
-| B3 | `app/resources/js/components/layout/AppTopbar.vue:102-107` | `<v-btn ... disabled>Поиск` — disabled-заглушка |
-| C3 | `app/resources/js/views/DealsView.vue:516` | `<v-btn>Экспорт</v-btn>` — без `@click` |
-| C6 | `app/resources/js/components/deals/NewDealDialog.vue:44-46` | `loadLookups` catch — молчаливый fallback на mock |
-| C7 | `app/resources/js/components/deals/DealDetailTimeline.vue:25-35` | degradation-alert **уже есть** (`events-fetch-error-alert`) |
-
-C7 — реализация уже выполнена (вероятно, в Sprint 3 Phase C при extraction `DealDetailTimeline`). Задача T5 — верификация + характеризационный тест, **без правки production-кода**.
-
----
-
-## File Structure
-
-**Создаются:**
-
-- `app/resources/js/stores/dealsCount.ts` — Pinia-store счётчика сделок (B2).
-- `app/resources/js/composables/useCommandPalette.ts` — module-singleton состояние палитры (B3).
-- `app/resources/js/components/layout/CommandPalette.vue` — компонент палитры (B3).
-- `app/tests/Frontend/CommandPalette.spec.ts` — тесты палитры (B3).
-
-**Модифицируются:**
-
-- `app/app/Http/Controllers/Api/DealController.php` — `count_only` параметр (B2).
-- `app/tests/Feature/DealIndexTest.php` — +3 теста `count_only` (B2).
-- `app/resources/js/api/deals.ts` — `fetchDealsCount()` (B2).
-- `app/resources/js/components/layout/AppSidebar.vue` — счётчик из store (B2) + ⌘K handler (B3).
-- `app/resources/js/components/layout/AppTopbar.vue` — кнопка «Поиск» открывает палитру (B3).
-- `app/resources/js/layouts/AppLayout.vue` — монтирует `<CommandPalette>` (B3).
-- `app/resources/js/views/DealsView.vue` — экспорт всего списка (C3).
-- `app/resources/js/components/deals/NewDealDialog.vue` — degradation-alert (C6).
-- `app/tests/Frontend/AppSidebarRedesign.spec.ts` — +тесты счётчика и ⌘K (B2/B3).
-- `app/tests/Frontend/DealsView.spec.ts` — +тест экспорта всего списка (C3).
-- `app/tests/Frontend/NewDealDialog.spec.ts` — +тест degradation-alert (C6).
-- `app/tests/Frontend/DealDetailDrawerApi.spec.ts` — +характеризационный тест (C7, если не покрыто).
-
----
-
-## Команды (для всех задач)
-
-```bash
-# Backend (из app/)
-cd app
-./vendor/bin/pest tests/Feature/DealIndexTest.php   # один файл
-composer pint
-composer stan
-
-# Frontend (из app/)
-npx vitest run tests/Frontend/CommandPalette.spec.ts   # один файл
-npm run type-check
-npm run lint:vue
-```
-
-Bash-вывод показывать в ответе всегда (economy-режим).
-
----
-
-## Task 1 — B2: живой счётчик «Сделки» в сайдбаре
-
-**Files:**
-
-- Modify: `app/app/Http/Controllers/Api/DealController.php`
-- Test: `app/tests/Feature/DealIndexTest.php` (append)
-- Create: `app/resources/js/stores/dealsCount.ts`
-- Modify: `app/resources/js/api/deals.ts`
-- Modify: `app/resources/js/components/layout/AppSidebar.vue`
-- Test: `app/tests/Frontend/AppSidebarRedesign.spec.ts` (append)
-
-### Backend: `count_only` параметр
-
-- [ ] **Step 1: Написать падающие тесты**
-
-Дописать в конец `app/tests/Feature/DealIndexTest.php` (перед последним `test(...)` или в самый конец файла — после строки 291):
-
-```php
-test('GET /api/deals?count_only=1 возвращает только total без массива deals', function () {
-    Deal::factory()->for($this->tenant)->for($this->project)->create(['status' => 'new']);
-    Deal::factory()->for($this->tenant)->for($this->project)->create(['status' => 'paid']);
-
-    $r = $this->getJson('/api/deals?count_only=1');
-
-    $r->assertStatus(200);
-    expect($r->json('total'))->toBe(2);
-    expect($r->json('deals'))->toBeNull();
-});
-
-test('GET /api/deals?count_only=1 учитывает фильтры (status_in)', function () {
-    Deal::factory()->for($this->tenant)->for($this->project)->create(['status' => 'new']);
-    Deal::factory()->for($this->tenant)->for($this->project)->create(['status' => 'new']);
-    Deal::factory()->for($this->tenant)->for($this->project)->create(['status' => 'paid']);
-
-    expect($this->getJson('/api/deals?count_only=1&status_in[]=new')->json('total'))->toBe(2);
-});
-
-test('GET /api/deals?count_only=1 изолирует чужой tenant (RLS)', function () {
-    Deal::factory()->for($this->tenant)->for($this->project)->create(['status' => 'new']);
-
-    DB::statement('SET app.current_tenant_id = '.$this->otherTenant->id);
-    $foreignProject = Project::factory()->for($this->otherTenant)->create();
-    Deal::factory()->for($this->otherTenant)->for($foreignProject)->create(['status' => 'new']);
-
-    expect($this->getJson('/api/deals?count_only=1')->json('total'))->toBe(1);
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падают**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/DealIndexTest.php`
-Expected: 3 новых теста FAIL (`count_only` пока игнорируется → `deals` присутствует в ответе, `toBeNull()` падает).
-
-- [ ] **Step 3: Реализовать `count_only` в `DealController@index`**
-
-В `app/app/Http/Controllers/Api/DealController.php`, после строки 64 (`$onlyDeleted = $request->boolean('only_deleted');`) добавить:
-
-```php
-        $countOnly = $request->boolean('count_only');
-```
-
-Внутри transaction-замыкания, **сразу после блока фильтров** (после строки 116 `}` закрывающей `if ($search !== '')`, перед `if ($cursor !== null) {`) добавить:
-
-```php
-            // Audit B2: count_only — отдаём только COUNT(*), пропуская SELECT строк
-            // и cursor/offset-логику (лёгкий запрос для бейджа в сайдбаре).
-            if ($countOnly) {
-                return [collect(), $query->count(), null];
-            }
-
-```
-
-После `DB::transaction(...)` (после строки 160 `});`), **перед** сборкой `$payload` (перед строкой 162 `$payload = [`) добавить:
-
-```php
-        if ($countOnly) {
-            return response()->json(['total' => $total]);
-        }
-
-```
-
-- [ ] **Step 4: Запустить тесты — убедиться, что зелёные**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/DealIndexTest.php`
-Expected: все тесты PASS (новые 3 + существующие 17 — без регрессий).
-
-- [ ] **Step 5: Pint + Larastan**
-
-Run: `cd app && composer pint && composer stan`
-Expected: Pint — no changes / passed; Larastan — 0 errors (тесты дописаны в существующий файл, новый Larastan-baseline не требуется).
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/app/Http/Controllers/Api/DealController.php app/tests/Feature/DealIndexTest.php
-git commit -m "feat(api): B2 — count_only параметр на GET /api/deals"
-```
-
-### Frontend: store + сайдбар
-
-- [ ] **Step 7: Добавить `fetchDealsCount` в API-слой**
-
-В `app/resources/js/api/deals.ts`, после `listProjects` (после строки 235), добавить:
-
-```ts
-/**
- * Лёгкий count-only запрос для бейджа «Сделки» в AppSidebar (audit B2).
- * Backend пропускает SELECT строк — отдаёт только COUNT(*).
- */
-export async function fetchDealsCount(tenantId: number): Promise<number> {
-    const { data } = await apiClient.get<{ total: number }>('/api/deals', {
-        params: { tenant_id: tenantId, count_only: 1 },
-    });
-    return data.total;
-}
-```
-
-- [ ] **Step 8: Создать store `dealsCount.ts`**
-
-Создать `app/resources/js/stores/dealsCount.ts`:
-
-```ts
-import { defineStore } from 'pinia';
-import { ref } from 'vue';
-import { fetchDealsCount } from '../api/deals';
-
-/**
- * Счётчик сделок tenant'а для бейджа «Сделки» в AppSidebar (audit B2).
- * count=null до загрузки или на fail → бейдж скрыт (resolveCount → 0).
- */
-export const useDealsCountStore = defineStore('dealsCount', () => {
-    const count = ref<number | null>(null);
-
-    async function load(tenantId: number): Promise<void> {
-        try {
-            count.value = await fetchDealsCount(tenantId);
-        } catch {
-            count.value = null;
-        }
-    }
-
-    return { count, load };
-});
-```
-
-- [ ] **Step 9: Написать падающий тест счётчика**
-
-Дописать в `app/tests/Frontend/AppSidebarRedesign.spec.ts` (следовать существующим импортам/setup-харнессу файла — Pinia, router-stub). Тест:
-
-```ts
-test('B2: бейдж «Сделки» рендерит count из dealsCount-store', async () => {
-    const wrapper = mountSidebar(); // использовать существующий mount-хелпер файла
-    const store = useDealsCountStore();
-    store.count = 42;
-    await wrapper.vm.$nextTick();
-
-    const badge = wrapper.find('[data-testid="nav-count-deals"]');
-    expect(badge.exists()).toBe(true);
-    expect(badge.text()).toBe('42');
-});
-
-test('B2: бейдж «Сделки» скрыт пока count=null', async () => {
-    const wrapper = mountSidebar();
-    const store = useDealsCountStore();
-    store.count = null;
-    await wrapper.vm.$nextTick();
-
-    expect(wrapper.find('[data-testid="nav-count-deals"]').exists()).toBe(false);
-});
-```
-
-Добавить импорт `import { useDealsCountStore } from '../../resources/js/stores/dealsCount';` (путь — выровнять по существующим импортам файла). Если в файле нет `mountSidebar`-хелпера — использовать тот же `mount(AppSidebar, {...})`-паттерн, что в существующих тестах файла.
-
-- [ ] **Step 10: Запустить — убедиться, что падает**
-
-Run: `cd app && npx vitest run tests/Frontend/AppSidebarRedesign.spec.ts`
-Expected: 2 новых теста FAIL (бейдж = 247 хардкод, `nav-count-deals` testid отсутствует).
-
-- [ ] **Step 11: Подключить store в `AppSidebar.vue`**
-
-В `app/resources/js/components/layout/AppSidebar.vue`:
-
-Заменить импорты (строки 10-12):
-
-```ts
-import { computed, onMounted } from 'vue';
-import { useRoute } from 'vue-router';
-import Kbd from '../ui/Kbd.vue';
-import { useAuthStore } from '../../stores/auth';
-import { useDealsCountStore } from '../../stores/dealsCount';
-```
-
-После `const route = useRoute();` (строка 28) добавить:
-
-```ts
-const auth = useAuthStore();
-const dealsCount = useDealsCountStore();
-
-onMounted(() => {
-    if (auth.user?.tenant_id) void dealsCount.load(auth.user.tenant_id);
-});
-```
-
-Заменить строку 35 (элемент «Сделки» в `navGroups`):
-
-```ts
-            { title: 'Сделки', icon: 'mdi-format-list-bulleted', to: '/deals', count: dealsCount.count ?? undefined, countKey: 'deals' },
-```
-
-`navGroups` — `computed`, обращение к `dealsCount.count` делает бейдж реактивным. `resolveCount` (строки 53-55) уже отдаёт `item.count ?? 0` → при `count=null` бейдж скрыт (`v-if resolveCount > 0`).
-
-- [ ] **Step 12: Запустить тесты — убедиться, что зелёные**
-
-Run: `cd app && npx vitest run tests/Frontend/AppSidebarRedesign.spec.ts`
-Expected: все тесты PASS.
-
-- [ ] **Step 13: type-check + lint**
-
-Run: `cd app && npm run type-check && npm run lint:vue`
-Expected: 0 errors.
-
-- [ ] **Step 14: Commit**
-
-```bash
-git add app/resources/js/api/deals.ts app/resources/js/stores/dealsCount.ts app/resources/js/components/layout/AppSidebar.vue app/tests/Frontend/AppSidebarRedesign.spec.ts
-git commit -m "feat(ui): B2 — счётчик «Сделки» в сайдбаре из API вместо хардкода"
-```
-
----
-
-## Task 2 — B3: минимальная ⌘K command-palette
-
-**Files:**
-
-- Create: `app/resources/js/composables/useCommandPalette.ts`
-- Create: `app/resources/js/components/layout/CommandPalette.vue`
-- Create: `app/tests/Frontend/CommandPalette.spec.ts`
-- Modify: `app/resources/js/components/layout/AppSidebar.vue`
-- Modify: `app/resources/js/components/layout/AppTopbar.vue`
-- Modify: `app/resources/js/layouts/AppLayout.vue`
-- Test: `app/tests/Frontend/AppSidebarRedesign.spec.ts` (append)
-
-> NB: AppSidebar.vue здесь правится поверх изменений Task 1 — реализатор увидит уже подключённый store.
-
-- [ ] **Step 1: Создать composable `useCommandPalette.ts`**
-
-Создать `app/resources/js/composables/useCommandPalette.ts`:
-
-```ts
-import { ref } from 'vue';
-
-/**
- * Глобальное состояние command-palette (⌘K, audit B3). Module-level singleton
- * ref — AppSidebar/AppTopbar открывают палитру без prop-drilling, CommandPalette
- * (смонтирована один раз в AppLayout) использует тот же ref как v-model.
- */
-const open = ref(false);
-
-export function useCommandPalette() {
-    return {
-        open,
-        openPalette: (): void => {
-            open.value = true;
-        },
-        closePalette: (): void => {
-            open.value = false;
-        },
-    };
-}
-```
-
-- [ ] **Step 2: Написать падающий тест палитры**
-
-Создать `app/tests/Frontend/CommandPalette.spec.ts`. Харнесс (vuetify-плагин, mount-опции) — скопировать из `app/tests/Frontend/AppSidebarRedesign.spec.ts` (sibling-спека с router). `useRouter` замокать для перехвата `push`.
-
-```ts
-import { describe, expect, test, vi, beforeEach } from 'vitest';
-import { mount } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-import * as components from 'vuetify/components';
-import * as directives from 'vuetify/directives';
-import CommandPalette from '../../resources/js/components/layout/CommandPalette.vue';
-import { useCommandPalette } from '../../resources/js/composables/useCommandPalette';
-
-const pushMock = vi.fn();
-vi.mock('vue-router', () => ({
-    useRouter: () => ({ push: pushMock }),
-}));
-
-const vuetify = createVuetify({ components, directives });
-
-function mountPalette() {
-    return mount(CommandPalette, {
-        global: {
-            plugins: [vuetify],
-            stubs: { VDialog: true }, // teleport → inline render
-        },
-    });
-}
-
-describe('CommandPalette (B3)', () => {
-    beforeEach(() => {
-        pushMock.mockClear();
-        useCommandPalette().closePalette(); // сброс singleton между тестами
-    });
-
-    test('по умолчанию показывает все 8 разделов', () => {
-        const wrapper = mountPalette();
-        expect(wrapper.vm.filteredItems).toHaveLength(8);
-    });
-
-    test('фильтрует по подстроке (case-insensitive)', () => {
-        const wrapper = mountPalette();
-        wrapper.vm.query = 'КАНБ';
-        expect(wrapper.vm.filteredItems).toHaveLength(1);
-        expect(wrapper.vm.filteredItems[0].to).toBe('/kanban');
-    });
-
-    test('пустой результат при отсутствии совпадений', () => {
-        const wrapper = mountPalette();
-        wrapper.vm.query = 'zzzнеттакого';
-        expect(wrapper.vm.filteredItems).toHaveLength(0);
-    });
-
-    test('selectItem навигирует и закрывает палитру', () => {
-        const { open } = useCommandPalette();
-        open.value = true;
-        const wrapper = mountPalette();
-        wrapper.vm.selectItem({ title: 'Сделки', icon: 'x', to: '/deals' });
-        expect(pushMock).toHaveBeenCalledWith('/deals');
-        expect(open.value).toBe(false);
-    });
-
-    test('onSubmit навигирует на первый отфильтрованный результат', () => {
-        const wrapper = mountPalette();
-        wrapper.vm.query = 'отч';
-        wrapper.vm.onSubmit();
-        expect(pushMock).toHaveBeenCalledWith('/reports');
-    });
-});
-```
-
-- [ ] **Step 3: Запустить — убедиться, что падает**
-
-Run: `cd app && npx vitest run tests/Frontend/CommandPalette.spec.ts`
-Expected: FAIL — `CommandPalette.vue` не существует (import error).
-
-- [ ] **Step 4: Создать компонент `CommandPalette.vue`**
-
-Создать `app/resources/js/components/layout/CommandPalette.vue`:
-
-```vue
-<script setup lang="ts">
-/**
- * Минимальная command-palette (audit B3). Открывается по ⌘K / Ctrl+K, кликом
- * на плашку в AppSidebar или кнопку «Поиск» в AppTopbar. Список — навигация
- * по 8 разделам портала; фильтр по подстроке; Enter → первый результат.
- * Монтируется один раз в AppLayout.
- */
-import { computed, onMounted, onUnmounted, ref, watch } from 'vue';
-import { useRouter } from 'vue-router';
-import { useCommandPalette } from '../../composables/useCommandPalette';
-
-interface PaletteItem {
-    title: string;
-    icon: string;
-    to: string;
-}
-
-const NAV_ITEMS: PaletteItem[] = [
-    { title: 'Проекты', icon: 'mdi-folder-multiple-outline', to: '/projects' },
-    { title: 'Сделки', icon: 'mdi-format-list-bulleted', to: '/deals' },
-    { title: 'Канбан', icon: 'mdi-view-column-outline', to: '/kanban' },
-    { title: 'Дашборд', icon: 'mdi-view-dashboard-outline', to: '/dashboard' },
-    { title: 'Импорт данных', icon: 'mdi-database-import-outline', to: '/import' },
-    { title: 'Биллинг', icon: 'mdi-credit-card-outline', to: '/billing' },
-    { title: 'Отчёты', icon: 'mdi-chart-box-outline', to: '/reports' },
-    { title: 'Настройки', icon: 'mdi-cog-outline', to: '/settings' },
-];
-
-const { open, closePalette } = useCommandPalette();
-const router = useRouter();
-
-const query = ref('');
-
-const filteredItems = computed<PaletteItem[]>(() => {
-    const q = query.value.trim().toLowerCase();
-    if (q === '') return NAV_ITEMS;
-    return NAV_ITEMS.filter((i) => i.title.toLowerCase().includes(q));
-});
-
-// Сброс query при каждом открытии.
-watch(open, (isOpen) => {
-    if (isOpen) query.value = '';
-});
-
-function selectItem(item: PaletteItem): void {
-    closePalette();
-    void router.push(item.to);
-}
-
-function onSubmit(): void {
-    const first = filteredItems.value[0];
-    if (first) selectItem(first);
-}
-
-function onGlobalKeydown(e: KeyboardEvent): void {
-    if ((e.metaKey || e.ctrlKey) && e.key.toLowerCase() === 'k') {
-        e.preventDefault();
-        open.value = !open.value;
-    }
-}
-
-onMounted(() => window.addEventListener('keydown', onGlobalKeydown));
-onUnmounted(() => window.removeEventListener('keydown', onGlobalKeydown));
-
-defineExpose({ query, filteredItems, selectItem, onSubmit });
-</script>
-
-<template>
-    <v-dialog v-model="open" :max-width="520" data-testid="command-palette">
-        <v-card class="cmdk-card">
-            <v-text-field
-                v-model="query"
-                autofocus
-                placeholder="Поиск разделов…"
-                variant="plain"
-                density="comfortable"
-                hide-details
-                prepend-inner-icon="mdi-magnify"
-                class="cmdk-input px-3 pt-2"
-                data-testid="command-palette-input"
-                @keydown.enter="onSubmit"
-            />
-            <v-divider />
-            <v-list density="compact" class="cmdk-list" data-testid="command-palette-list">
-                <v-list-item
-                    v-for="item in filteredItems"
-                    :key="item.to"
-                    :prepend-icon="item.icon"
-                    :title="item.title"
-                    data-testid="command-palette-item"
-                    @click="selectItem(item)"
-                />
-                <v-list-item
-                    v-if="filteredItems.length === 0"
-                    class="text-medium-emphasis"
-                    title="Ничего не найдено"
-                    data-testid="command-palette-empty"
-                />
-            </v-list>
-        </v-card>
-    </v-dialog>
-</template>
-
-<style scoped>
-.cmdk-card {
-    overflow: hidden;
-}
-.cmdk-list {
-    max-height: 320px;
-    overflow-y: auto;
-}
-</style>
-```
-
-- [ ] **Step 5: Запустить тесты палитры — убедиться, что зелёные**
-
-Run: `cd app && npx vitest run tests/Frontend/CommandPalette.spec.ts`
-Expected: 5 тестов PASS.
-
-- [ ] **Step 6: Подключить ⌘K-handler в `AppSidebar.vue`**
-
-В `app/resources/js/components/layout/AppSidebar.vue`:
-
-Добавить импорт (после `import Kbd from '../ui/Kbd.vue';`):
-
-```ts
-import { useCommandPalette } from '../../composables/useCommandPalette';
-```
-
-В `<script setup>` (рядом с `const auth = useAuthStore();` из Task 1) добавить:
-
-```ts
-const { openPalette } = useCommandPalette();
-```
-
-Заменить блок `.ld-cmdk-stub` (строки 66-69) на:
-
-```html
-        <div
-            class="ld-cmdk-stub"
-            role="button"
-            tabindex="0"
-            data-testid="cmdk-stub"
-            @click="openPalette"
-            @keydown.enter="openPalette"
-            @keydown.space.prevent="openPalette"
-        >
-            <span class="ld-cmdk-stub__placeholder">Поиск, команды…</span>
-            <Kbd dark>⌘K</Kbd>
-        </div>
-```
-
-- [ ] **Step 7: Подключить ⌘K-handler в `AppTopbar.vue`**
-
-В `app/resources/js/components/layout/AppTopbar.vue`:
-
-Добавить импорт (после строки 10, рядом с импортами stores):
-
-```ts
-import { useCommandPalette } from '../../composables/useCommandPalette';
-```
-
-В `<script setup>` (после `const router = useRouter();`) добавить:
-
-```ts
-const { openPalette } = useCommandPalette();
-```
-
-Заменить кнопку «Поиск» (строки 102-107) — убрать `disabled`, добавить `@click`:
-
-```html
-        <v-btn
-            variant="outlined"
-            size="small"
-            prepend-icon="mdi-magnify"
-            class="searchbar mr-2"
-            data-testid="topbar-search-btn"
-            @click="openPalette"
-        >
-            Поиск
-            <template #append>
-                <kbd class="search-kbd">⌘K</kbd>
-            </template>
-        </v-btn>
-```
-
-- [ ] **Step 8: Смонтировать `<CommandPalette>` в `AppLayout.vue`**
-
-В `app/resources/js/layouts/AppLayout.vue`:
-
-Добавить импорт (после строки 20 `import DevIndexBadge ...`):
-
-```ts
-import CommandPalette from '../components/layout/CommandPalette.vue';
-```
-
-В шаблоне, внутри `<v-app>`, после `<DevIndexBadge ... />` (строка 75) добавить:
-
-```html
-        <CommandPalette />
-```
-
-- [ ] **Step 9: Написать тест ⌘K-врезки сайдбара**
-
-Дописать в `app/tests/Frontend/AppSidebarRedesign.spec.ts`:
-
-```ts
-test('B3: клик на ⌘K-плашку открывает command-palette', async () => {
-    const { open, closePalette } = useCommandPalette();
-    closePalette();
-    const wrapper = mountSidebar();
-
-    await wrapper.find('[data-testid="cmdk-stub"]').trigger('click');
-    expect(open.value).toBe(true);
-});
-```
-
-Импорт: `import { useCommandPalette } from '../../resources/js/composables/useCommandPalette';` (путь выровнять по файлу).
-
-- [ ] **Step 10: Запустить связанные тесты**
-
-Run: `cd app && npx vitest run tests/Frontend/CommandPalette.spec.ts tests/Frontend/AppSidebarRedesign.spec.ts tests/Frontend/AppLayout.spec.ts`
-Expected: все PASS. Если `AppLayout.spec.ts` падает из-за нового `<CommandPalette>` в дереве — добавить `CommandPalette` в `stubs` существующего mount-харнесса этого файла.
-
-- [ ] **Step 11: type-check + lint**
-
-Run: `cd app && npm run type-check && npm run lint:vue`
-Expected: 0 errors.
-
-- [ ] **Step 12: Commit**
-
-```bash
-git add app/resources/js/composables/useCommandPalette.ts app/resources/js/components/layout/CommandPalette.vue app/resources/js/components/layout/AppSidebar.vue app/resources/js/components/layout/AppTopbar.vue app/resources/js/layouts/AppLayout.vue app/tests/Frontend/CommandPalette.spec.ts app/tests/Frontend/AppSidebarRedesign.spec.ts
-git commit -m "feat(ui): B3 — минимальная ⌘K command-palette навигации"
-```
-
----
-
-## Task 3 — C3: экспорт всего списка из шапки DealsView
-
-**Files:**
-
-- Modify: `app/resources/js/views/DealsView.vue`
-- Test: `app/tests/Frontend/DealsView.spec.ts` (append)
-
-- [ ] **Step 1: Написать падающий тест**
-
-Дописать в `app/tests/Frontend/DealsView.spec.ts` (следовать существующему mount-харнессу/мокам файла; экспорт-функции `dealsApi` мокаются — см. существующие тесты `applyBulkExport`):
-
-```ts
-test('C3: exportAllFiltered вызывает backend-экспорт со всеми отфильтрованными id', async () => {
-    const xlsxSpy = vi.spyOn(dealsApi, 'exportDealsXlsx').mockResolvedValue(new Blob());
-    const wrapper = mountDealsView(); // существующий хелпер; auth.user.tenant_id задан
-    await flushPromises();
-
-    await wrapper.vm.exportAllFiltered();
-
-    expect(xlsxSpy).toHaveBeenCalledTimes(1);
-    const callArg = xlsxSpy.mock.calls[0][0];
-    expect(callArg.ids).toEqual(wrapper.vm.dealsState.map((d: { id: number }) => d.id));
-    expect(wrapper.vm.exportToastOpen).toBe(true);
-});
-
-test('C3: exportAllFiltered на пустом списке показывает toast и не зовёт backend', async () => {
-    const xlsxSpy = vi.spyOn(dealsApi, 'exportDealsXlsx').mockResolvedValue(new Blob());
-    const wrapper = mountDealsView();
-    await flushPromises();
-    wrapper.vm.dealsState.splice(0, wrapper.vm.dealsState.length); // очистить список
-
-    await wrapper.vm.exportAllFiltered();
-
-    expect(xlsxSpy).not.toHaveBeenCalled();
-    expect(wrapper.vm.exportToastText).toBe('Список пуст — нечего экспортировать.');
-});
-```
-
-> Без выбранных фильтров `filteredDeals` = весь `dealsState` (вкладка `active` фильтрует по slug — если mock-сделки активны). Реализатор: если mock-данные имеют неактивные статусы — выставить `activeTab='all'` через exposed или сравнивать с `filteredDeals`, а не `dealsState`. Сверить с фактическим составом `MOCK_DEALS`.
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `cd app && npx vitest run tests/Frontend/DealsView.spec.ts`
-Expected: 2 новых теста FAIL (`exportAllFiltered` не существует / не в `defineExpose`).
-
-- [ ] **Step 3: Рефакторинг экспорт-функций в `DealsView.vue`**
-
-В `app/resources/js/views/DealsView.vue` заменить `applyBulkExport` + `buildLocalCsv` (строки 342-392) на:
-
-```ts
-async function applyBulkExport(format: 'xlsx' | 'csv' = 'xlsx') {
-    if (selected.value.length === 0) {
-        exportToastText.value = 'Нет выбранных сделок.';
-        exportToastOpen.value = true;
-        return;
-    }
-    await exportDealIds([...selected.value], format);
-}
-
-// Audit C3: экспорт всех отфильтрованных сделок — кнопка «Экспорт» в page-head.
-async function exportAllFiltered(format: 'xlsx' | 'csv' = 'xlsx') {
-    const ids = filteredDeals.value.map((d) => d.id);
-    if (ids.length === 0) {
-        exportToastText.value = 'Список пуст — нечего экспортировать.';
-        exportToastOpen.value = true;
-        return;
-    }
-    await exportDealIds(ids, format);
-}
-
-/**
- * Общий экспорт по списку id. С tenant_id — backend (RLS-фильтрация чужих id).
- * На fail / без tenant — fallback на локальный CSV.
- */
-async function exportDealIds(ids: number[], format: 'xlsx' | 'csv') {
-    if (auth.user?.tenant_id) {
-        try {
-            if (format === 'xlsx') {
-                const blob = await dealsApi.exportDealsXlsx({
-                    tenant_id: auth.user.tenant_id,
-                    ids,
-                });
-                triggerBlobDownload(blob, `deals_export_${new Date().toISOString().slice(0, 10)}.xlsx`);
-                exportToastText.value = `Экспортировано ${ids.length} сделок в XLSX.`;
-            } else {
-                const csv = await dealsApi.exportDeals({
-                    tenant_id: auth.user.tenant_id,
-                    ids,
-                });
-                triggerCsvDownload(csv, `deals_export_${new Date().toISOString().slice(0, 10)}.csv`);
-                exportToastText.value = `Экспортировано ${ids.length} сделок в CSV.`;
-            }
-            exportToastOpen.value = true;
-            return;
-        } catch {
-            exportToastText.value = 'Backend недоступен — экспорт сформирован локально (CSV).';
-        }
-    }
-
-    buildLocalCsv(ids);
-}
-
-function buildLocalCsv(ids: number[]) {
-    const idSet = new Set(ids);
-    const rows = dealsState.filter((d) => idSet.has(d.id));
-    const headers = ['ID', 'Имя', 'Телефон', 'Статус', 'Проект', 'Менеджер', 'Стоимость', 'Получено мин назад'];
-    const csv = buildCsvString(
-        headers,
-        rows.map((d) => [d.id, d.name, d.phone, d.statusSlug, d.project, d.manager.name, d.cost, d.receivedMinutesAgo]),
-    );
-    triggerCsvDownload(csv, `deals_export_${new Date().toISOString().slice(0, 10)}.csv`);
-
-    if (!exportToastText.value) {
-        exportToastText.value = `Экспортировано ${rows.length} сделок в CSV.`;
-    }
-    exportToastOpen.value = true;
-}
-```
-
-- [ ] **Step 4: Добавить `exportAllFiltered` в `defineExpose`**
-
-В блоке `defineExpose({...})` (строки 395-433) добавить строку рядом с `applyBulkExport`:
-
-```ts
-    exportAllFiltered,
-```
-
-- [ ] **Step 5: Подвязать кнопку в шаблоне**
-
-Заменить строку 516 в `DealsView.vue`:
-
-```html
-                <v-btn
-                    v-if="!trashMode"
-                    variant="outlined"
-                    prepend-icon="mdi-download"
-                    data-testid="export-all-btn"
-                    @click="exportAllFiltered()"
-                >
-                    Экспорт
-                </v-btn>
-```
-
-- [ ] **Step 6: Запустить тесты — убедиться, что зелёные**
-
-Run: `cd app && npx vitest run tests/Frontend/DealsView.spec.ts tests/Frontend/DealsViewRedesign.spec.ts`
-Expected: все PASS (новые 2 + существующие — без регрессий по `applyBulkExport`).
-
-- [ ] **Step 7: type-check + lint**
-
-Run: `cd app && npm run type-check && npm run lint:vue`
-Expected: 0 errors.
-
-- [ ] **Step 8: Commit**
-
-```bash
-git add app/resources/js/views/DealsView.vue app/tests/Frontend/DealsView.spec.ts
-git commit -m "feat(ui): C3 — кнопка «Экспорт» в шапке DealsView экспортирует весь список"
-```
-
----
-
-## Task 4 — C6: degradation-alert в NewDealDialog
-
-**Files:**
-
-- Modify: `app/resources/js/components/deals/NewDealDialog.vue`
-- Test: `app/tests/Frontend/NewDealDialog.spec.ts` (append)
-
-- [ ] **Step 1: Написать падающий тест**
-
-Дописать в `app/tests/Frontend/NewDealDialog.spec.ts` (следовать существующему харнессу файла; `VDialog` стабится для inline-рендера):
-
-```ts
-test('C6: при провале loadLookups показывает degradation-alert', async () => {
-    vi.spyOn(dealsApi, 'listProjects').mockRejectedValue(new Error('network'));
-    vi.spyOn(dealsApi, 'listManagers').mockRejectedValue(new Error('network'));
-
-    const wrapper = mountNewDealDialog({ tenantId: 7 }); // существующий хелпер
-    // открыть диалог (model → true), если хелпер не открывает сам:
-    await wrapper.setProps({ modelValue: true });
-    await flushPromises();
-
-    expect(wrapper.vm.lookupsFailed).toBe(true);
-    expect(wrapper.find('[data-testid="lookups-error-alert"]').exists()).toBe(true);
-});
-
-test('C6: при успешном loadLookups alert отсутствует', async () => {
-    vi.spyOn(dealsApi, 'listProjects').mockResolvedValue([{ id: 1, name: 'P', tag: null, type: 'manual' }]);
-    vi.spyOn(dealsApi, 'listManagers').mockResolvedValue([{ id: 1, email: 'a@b.c', first_name: 'A', last_name: 'B', name: 'A B', initials: 'AB' }]);
-
-    const wrapper = mountNewDealDialog({ tenantId: 7 });
-    await wrapper.setProps({ modelValue: true });
-    await flushPromises();
-
-    expect(wrapper.vm.lookupsFailed).toBe(false);
-    expect(wrapper.find('[data-testid="lookups-error-alert"]').exists()).toBe(false);
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `cd app && npx vitest run tests/Frontend/NewDealDialog.spec.ts`
-Expected: тест с провалом FAIL (`lookupsFailed` не существует).
-
-- [ ] **Step 3: Добавить флаг + alert в `NewDealDialog.vue`**
-
-В `app/resources/js/components/deals/NewDealDialog.vue`:
-
-После `const busy = ref(false);` (строка 77) добавить:
-
-```ts
-// Audit C6: loadLookups упал → показываем degradation-alert (списки = mock).
-const lookupsFailed = ref(false);
-```
-
-В `loadLookups` catch-блок (строки 44-46) заменить на:
-
-```ts
-    } catch {
-        // Audit C6: фиксируем провал — UI покажет degradation-alert.
-        lookupsFailed.value = true;
-    }
-```
-
-В функцию `reset()` (строки 84-94) добавить строку (например, после `submitError.value = null;`):
-
-```ts
-    lookupsFailed.value = false;
-```
-
-Перед `function close()` (строка 173) добавить:
-
-```ts
-defineExpose({ lookupsFailed });
-```
-
-В шаблоне, в `<v-card-text>`, **после** блока `submit-error-alert` (после строки 192 `</v-alert>`) добавить:
-
-```html
-                <v-alert
-                    v-if="lookupsFailed"
-                    type="warning"
-                    variant="tonal"
-                    density="compact"
-                    class="mb-3"
-                    data-testid="lookups-error-alert"
-                >
-                    Не удалось загрузить списки проектов и менеджеров — показаны примерные
-                    значения. Проверьте выбор перед сохранением.
-                </v-alert>
-```
-
-- [ ] **Step 4: Запустить тесты — убедиться, что зелёные**
-
-Run: `cd app && npx vitest run tests/Frontend/NewDealDialog.spec.ts`
-Expected: все PASS.
-
-- [ ] **Step 5: type-check + lint**
-
-Run: `cd app && npm run type-check && npm run lint:vue`
-Expected: 0 errors.
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/resources/js/components/deals/NewDealDialog.vue app/tests/Frontend/NewDealDialog.spec.ts
-git commit -m "feat(ui): C6 — degradation-alert в NewDealDialog при провале загрузки списков"
-```
-
----
-
-## Task 5 — C7: верификация degradation-alert DealDetailDrawer
-
-**Files:**
-
-- Verify (NO production change): `app/resources/js/components/deals/DealDetailDrawer.vue`, `DealDetailTimeline.vue`
-- Test: `app/tests/Frontend/DealDetailDrawerApi.spec.ts` (append, если не покрыто)
-
-> C7 — degradation-alert уже реализован: `DealDetailTimeline.vue:25-35` рендерит `events-fetch-error-alert`, `DealDetailDrawer.vue:289` пробрасывает `eventsFetchError`. Задача — подтвердить поведение характеризационным тестом (паттерн A5 из Sprint 5A). **Production-код не меняется.**
-
-- [ ] **Step 1: Проверить существующее покрытие**
-
-Run: `cd app && npx vitest run tests/Frontend/DealDetailDrawerApi.spec.ts tests/Frontend/DealDetailDrawer.spec.ts`
-Затем grep по обоим файлам: ищем `eventsFetchError` и `events-fetch-error-alert`.
-
-- Если тест, проверяющий `eventsFetchError === true` при провале `getDeal`, **уже есть** → C7 верифицирован, перейти к Step 4 (production-код и тесты не трогаем, зафиксировать факт в отчёте).
-- Если такого теста **нет** → Step 2.
-
-- [ ] **Step 2: Написать характеризационный тест**
-
-Дописать в `app/tests/Frontend/DealDetailDrawerApi.spec.ts` (следовать харнессу файла — `getDeal` мокается):
-
-```ts
-test('C7: провал getDeal выставляет eventsFetchError и fallback на MOCK_EVENTS', async () => {
-    vi.spyOn(dealsApi, 'getDeal').mockRejectedValue(new Error('500'));
-    const wrapper = mountDrawer({ open: true, deal: SAMPLE_DEAL, tenantId: 7 }); // существующий хелпер
-    await flushPromises();
-
-    expect(wrapper.vm.eventsFetchError).toBe(true);
-    expect(wrapper.vm.events.length).toBeGreaterThan(0); // MOCK_EVENTS fallback
-});
-
-test('C7: при eventsFetchError DealDetailTimeline рендерит degradation-alert', async () => {
-    vi.spyOn(dealsApi, 'getDeal').mockRejectedValue(new Error('500'));
-    const wrapper = mountDrawer({ open: true, deal: SAMPLE_DEAL, tenantId: 7 });
-    await flushPromises();
-
-    expect(wrapper.find('[data-testid="events-fetch-error-alert"]').exists()).toBe(true);
-});
-```
-
-> Если `events-fetch-error-alert` не находится из-за `v-navigation-drawer`-телепорта — проверять только `wrapper.vm.eventsFetchError` (флаг — достаточная характеризация; alert-рендер из флага тривиален и виден в `DealDetailTimeline.vue:25`).
-
-- [ ] **Step 3: Запустить — убедиться, что зелёные**
-
-Run: `cd app && npx vitest run tests/Frontend/DealDetailDrawerApi.spec.ts`
-Expected: все PASS (тесты подтверждают уже существующее поведение — должны пройти сразу, это характеризация, не TDD-red).
-
-- [ ] **Step 4: Commit**
-
-Если добавлены тесты:
-
-```bash
-git add app/tests/Frontend/DealDetailDrawerApi.spec.ts
-git commit -m "test(ui): C7 — характеризационный тест degradation-alert DealDetailDrawer"
-```
-
-Если C7 уже был покрыт — коммита нет; зафиксировать в отчёте «C7 verified, покрытие уже существовало в <файл:тест>».
-
----
-
-## Task 6 — Регрессия Sprint 5B
-
-**Files:** нет правок — только прогон.
-
-- [ ] **Step 1: Подготовка worktree-окружения (quirk #96)**
-
-Native `EnterWorktree` даёт fresh checkout без gitignored-контента. Перед полной регрессией:
-
-```bash
-mkdir -p app/storage/framework/views app/storage/framework/sessions
-```
-
-Скопировать из main-checkout (если идентичны lock-файлы): `app/node_modules`, `app/vendor`, `app/.env`, `bin/gitleaks.exe`, `bin/lychee.exe`, каталог `лендинг/`. Затем:
-
-```bash
-cd app && npm run build
-```
-
-(иначе `ExampleTest` падает `ViteManifestNotFoundException`).
-
-- [ ] **Step 2: Backend — полный Pest**
-
-Run: `cd app && ./vendor/bin/pest --parallel`
-Expected: 0 failed. Baseline до Sprint 5B — Pest 891/888 passed/0 failed/3 skipped (Sprint 5A). После 5B: +3 backend-теста (`count_only`) → ожидаемо 894/891/0/3. Любой `failed` — выписать file:line, классифицировать (quirk 72 vs реальный регресс).
-
-- [ ] **Step 3: Frontend — полный Vitest**
-
-Run: `cd app && npx vitest run`
-Expected: 0 failed. Baseline — 102 files / 849 passed / 3 skipped. После 5B: +новые тесты (B2/B3/C3/C6/C7). Выписать фактические числа.
-
-- [ ] **Step 4: type-check + lint + Pint**
-
-Run:
-
-```bash
-cd app && npm run type-check
-cd app && npm run lint:vue
-cd app && composer pint -- --test
-```
-
-Expected: vue-tsc 0 errors; ESLint — 0 **новых** ошибок (известная pre-existing — `tests/Frontend/ImportView.spec.ts:4`, не Sprint 5B; verified на c64be74); Pint — 0 diff.
-
-- [ ] **Step 5: Зафиксировать результат**
-
-Блок в отчёте: Pest X/Y/fail/skip, Vitest Xf/Y/skip, vue-tsc, ESLint, Pint — с фактическими числами и явным списком failures (если есть).
-
----
-
-## Acceptance criteria Sprint 5B
-
-- B2 — бейдж «Сделки» отражает реальное число сделок tenant'а (не хардкод 247); на fail API — бейдж скрыт.
-- B3 — ⌘K (клавиша + плашка сайдбара + кнопка топбара) открывает работающую палитру навигации; кнопка «Поиск» в топбаре больше не `disabled`.
-- C3 — кнопка «Экспорт» в шапке DealsView экспортирует все отфильтрованные сделки.
-- C6 — провал загрузки списков в NewDealDialog показывает degradation-alert.
-- C7 — degradation-alert DealDetailDrawer подтверждён тестом.
-- Регрессия: Pest + Vitest + vue-tsc + Pint зелёные; 0 новых ESLint-ошибок.
-
-## Self-review (выполнено при написании плана)
-
-- **Spec-coverage:** 5 эпиков 5B (B2/B3/C3/C6/C7) — по задаче на каждый + T6 регрессия. ✓
-- **Placeholder-scan:** код приведён полностью в каждом шаге; «следовать харнессу файла» — только для тест-setup (импорты/mount-хелперы), не для логики. ✓
-- **Type-consistency:** `count_only` (snake_case query-param) ↔ `fetchDealsCount` ↔ store `useDealsCountStore.count` ↔ `countKey: 'deals'` ↔ `data-testid="nav-count-deals"`; `useCommandPalette().open/openPalette/closePalette` consistent во всех 4 потребителях; `exportDealIds/exportAllFiltered/buildLocalCsv(ids)` сигнатуры согласованы. ✓
-- **Известный риск:** AppSidebar.vue правится в T1 и T2 — subagent-driven исполняет последовательно, T2 садится поверх T1 без конфликта.
diff --git a/docs/superpowers/plans/2026-05-17-sprint5c-billing-admin.md b/docs/superpowers/plans/2026-05-17-sprint5c-billing-admin.md
deleted file mode 100644
index 8416fb8..0000000
--- a/docs/superpowers/plans/2026-05-17-sprint5c-billing-admin.md
+++ /dev/null
@@ -1,700 +0,0 @@
-# Sprint 5C — Billing/Admin Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development to
-> implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Закрыть 5 P2-эпиков подсистемы Billing/Admin портального аудита — E2, E4, G3, G7, G10.
-
-**Architecture:** Frontend Vue 3.5 + Vuetify 3.12 + TypeScript (Composition API, `<script setup>`);
-backend Laravel 13. Изменения локализованы в 4 view/компонентах биллинга/админки + 1 контроллере +
-1 api-модуле. БД не трогаем (schema без изменений). Decide-эпики E2/E4 разрешены заказчиком
-2026-05-17: E2 → `disabled` + tooltip (паттерн 5A A1); E4 → убрать mock-баннер целиком.
-
-**Tech Stack:** Vue 3.5, Vuetify 3.12, TypeScript, Pinia, vue-router 4, Pest 4, Vitest 4, Laravel 13.
-
-**Порядок задач:** T1 (E2) и T2 (E4) независимы. T3→T4→T5 (G3→G7→G10) — последовательны, все три
-правят `AdminPricingTiersView.vue`; T3 — фундамент (вынос API), T4 и T5 строятся поверх.
-
----
-
-## Task 1: E2 — BalanceCard «Автопополнение» + «Сменить тариф» → `disabled` + tooltip
-
-**Контекст:** `BalanceCard.vue` — три wallet-карты в `BillingView`. Кнопка «Пополнить» подвязана
-(`@click="$emit('topup')"`). Кнопки «Автопополнение» (рекуррентный биллинг) и «Сменить тариф»
-(self-service смена тарифа) — без обработчиков; backend-endpoint'ов под них нет, реализация вне
-scope P2. Решение заказчика — `disabled` + tooltip (как 5A A1 Yandex SSO). Disabled `v-btn` не
-ловит pointer-события → активатор tooltip навешивается на оборачивающий `<span>`.
-
-**Files:**
-
-- Modify: `app/resources/js/components/billing/BalanceCard.vue`
-- Create: `app/tests/Frontend/BalanceCard.spec.ts`
-
-- [ ] **Step 1: Написать падающий тест** — `app/tests/Frontend/BalanceCard.spec.ts`
-
-```ts
-import { describe, it, expect } from 'vitest';
-import { mount } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-import BalanceCard from '../../resources/js/components/billing/BalanceCard.vue';
-
-const vuetify = createVuetify();
-
-function factory() {
-    return mount(BalanceCard, {
-        global: { plugins: [vuetify] },
-        props: {
-            walletRub: 14250,
-            leadsBalance: 285,
-            tariffName: 'Про',
-            tariffPrice: '990.00',
-            tariffFeatures: ['Webhook', 'Канбан'],
-        },
-    });
-}
-
-describe('BalanceCard.vue', () => {
-    it('кнопка «Пополнить» активна и эмитит topup', async () => {
-        const wrapper = factory();
-        const btn = wrapper.findAll('button').find((b) => b.text().includes('Пополнить'));
-        expect(btn).toBeDefined();
-        expect(btn!.attributes('disabled')).toBeUndefined();
-        await btn!.trigger('click');
-        expect(wrapper.emitted('topup')).toBeTruthy();
-    });
-
-    it('кнопка «Автопополнение» disabled (E2 — нет backend)', () => {
-        const wrapper = factory();
-        const btn = wrapper.findAll('button').find((b) => b.text().includes('Автопополнение'));
-        expect(btn).toBeDefined();
-        expect(btn!.attributes('disabled')).toBeDefined();
-    });
-
-    it('кнопка «Сменить тариф» disabled (E2 — нет backend)', () => {
-        const wrapper = factory();
-        const btn = wrapper.findAll('button').find((b) => b.text().includes('Сменить тариф'));
-        expect(btn).toBeDefined();
-        expect(btn!.attributes('disabled')).toBeDefined();
-    });
-});
-```
-
-- [ ] **Step 2: Прогнать тест — убедиться, что падает**
-
-Run: `cd app && npx vitest run tests/Frontend/BalanceCard.spec.ts`
-Expected: FAIL — «Автопополнение» и «Сменить тариф» сейчас не disabled.
-
-- [ ] **Step 3: Обернуть обе кнопки в `v-tooltip` с `disabled`**
-
-В `BalanceCard.vue` заменить кнопку «Автопополнение» (сейчас `<v-btn variant="outlined"
-prepend-icon="mdi-autorenew" size="small"> Автопополнение </v-btn>`) на:
-
-```vue
-<v-tooltip text="Автопополнение будет доступно после подключения платёжного шлюза.">
-    <template #activator="{ props: tipProps }">
-        <span v-bind="tipProps" class="d-inline-flex">
-            <v-btn variant="outlined" prepend-icon="mdi-autorenew" size="small" disabled>
-                Автопополнение
-            </v-btn>
-        </span>
-    </template>
-</v-tooltip>
-```
-
-Заменить кнопку «Сменить тариф →» (сейчас `<v-btn variant="outlined" size="small"
-class="mt-auto">Сменить тариф →</v-btn>`) на:
-
-```vue
-<v-tooltip text="Самостоятельная смена тарифа появится после запуска биллинга.">
-    <template #activator="{ props: tipProps }">
-        <span v-bind="tipProps" class="mt-auto d-inline-flex">
-            <v-btn variant="outlined" size="small" disabled>Сменить тариф →</v-btn>
-        </span>
-    </template>
-</v-tooltip>
-```
-
-Примечание: класс `mt-auto` перенесён с кнопки на `<span>`-обёртку — обёртка теперь flex-ребёнок
-карты, ей нужен `mt-auto` для прижатия книзу.
-
-- [ ] **Step 4: Прогнать тест — убедиться, что проходит**
-
-Run: `cd app && npx vitest run tests/Frontend/BalanceCard.spec.ts`
-Expected: PASS (3/3).
-
-- [ ] **Step 5: Lint + type-check**
-
-Run: `cd app && npx vue-tsc --noEmit -p tsconfig.json && npm run lint:vue`
-Expected: 0 ошибок.
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/resources/js/components/billing/BalanceCard.vue app/tests/Frontend/BalanceCard.spec.ts
-git commit -m "feat(billing): E2 — disabled+tooltip на кнопках Автопополнение/Сменить тариф"
-```
-
----
-
-## Task 2: E4 — убрать mock pending-баннер в BillingView + удалить mockBilling.ts
-
-**Контекст:** `BillingView.vue` рисует `v-alert` «1 платёж в обработке» по хардкоду `MOCK_PENDING`
-из `composables/mockBilling.ts`. Платёжного шлюза нет (заблокирован Б-1), `POST /api/billing/topup`
-кредитует баланс мгновенно — состояния «платёж в обработке» в БД не существует и не появится до
-Б-1. Хардкод-баннер с фейковым «TX-89421 ЮKassa 14:21» вводит в заблуждение в проде. Решение
-заказчика — убрать баннер и файл `mockBilling.ts` целиком.
-
-**Files:**
-
-- Modify: `app/resources/js/views/BillingView.vue`
-- Delete: `app/resources/js/composables/mockBilling.ts`
-- Modify: `app/tests/Frontend/BillingView.spec.ts`
-
-- [ ] **Step 1: Проверить, что `mockBilling` нигде больше не используется**
-
-Run: `cd app && npx --yes grep -rn "mockBilling\|MOCK_PENDING" resources tests` (либо Grep-тул)
-Expected: совпадения только в `views/BillingView.vue` и `composables/mockBilling.ts`. Если есть
-другие — остановиться и эскалировать контроллеру.
-
-- [ ] **Step 2: Написать падающий тест** — добавить в `app/tests/Frontend/BillingView.spec.ts`
-внутрь `describe('BillingView.vue', ...)`:
-
-```ts
-    it('не показывает pending-баннер (E4 — mock убран)', async () => {
-        const wrapper = factory();
-        await flushPromises();
-        expect(wrapper.text()).not.toContain('в обработке');
-    });
-```
-
-- [ ] **Step 3: Прогнать тест — убедиться, что падает**
-
-Run: `cd app && npx vitest run tests/Frontend/BillingView.spec.ts`
-Expected: FAIL — баннер «1 платёж в обработке» сейчас рендерится (`MOCK_PENDING` truthy).
-
-- [ ] **Step 4: Убрать баннер и импорт из `BillingView.vue`**
-
-1. Удалить строку импорта: `import { MOCK_PENDING } from '../composables/mockBilling';`
-2. Удалить блок `v-alert` (`<v-alert v-if="MOCK_PENDING" ...>...</v-alert>` — целиком, ~12 строк
-   внутри `<template v-else-if="wallet">` перед `<BalanceCard ...>`).
-3. В doc-комментарии (строки 8–12) убрать абзац про «Pending-баннер остаётся mock (MOCK_PENDING) —
-   это отдельный эпик E4». Заменить на одну строку:
-   `Sprint 5C (E4): pending-баннер убран — платёжного шлюза нет (Б-1), реального состояния «платёж в обработке» в БД не существует.`
-
-- [ ] **Step 5: Удалить файл `mockBilling.ts`**
-
-```bash
-git rm app/resources/js/composables/mockBilling.ts
-```
-
-- [ ] **Step 6: Прогнать тесты — убедиться, что проходят**
-
-Run: `cd app && npx vitest run tests/Frontend/BillingView.spec.ts`
-Expected: PASS (все, включая новый тест). `formatPlain`/`featureLabel` импорты остаются — они из
-`billingFormatters`, не из `mockBilling`.
-
-- [ ] **Step 7: Lint + type-check**
-
-Run: `cd app && npx vue-tsc --noEmit -p tsconfig.json && npm run lint:vue`
-Expected: 0 ошибок.
-
-- [ ] **Step 8: Commit**
-
-```bash
-git add app/resources/js/views/BillingView.vue app/tests/Frontend/BillingView.spec.ts
-git commit -m "feat(billing): E4 — убрать mock pending-баннер (нет платёжного шлюза до Б-1)"
-```
-
----
-
-## Task 3: G3 — AdminPricingTiersView + AdminSupplierPricesView → типизированный api/admin.ts
-
-**Контекст:** Обе админ-вьюхи уже на `<script setup lang="ts">` с интерфейсами (находка аудита
-«plain JS» устарела — Sprint 1 уже типизировал). Реальный остаток G3 — вьюхи дёргают сырой
-`import axios from 'axios'` напрямую, минуя `apiClient` (без `withCredentials`/`withXSRFToken`/
-CSRF — латентный баг для прода). Остальные админ-вьюхи (`AdminBillingView`) ходят через типизо-
-ванный `api/admin.ts` + `apiClient`. Задача — вынести вызовы pricing-tiers/suppliers в `api/admin.ts`.
-
-**Files:**
-
-- Modify: `app/resources/js/api/admin.ts`
-- Modify: `app/resources/js/views/admin/AdminPricingTiersView.vue`
-- Modify: `app/resources/js/views/admin/AdminSupplierPricesView.vue`
-- Modify: `app/tests/Frontend/AdminPricingTiersView.spec.ts`
-- Modify: `app/tests/Frontend/AdminSupplierPricesView.spec.ts`
-
-- [ ] **Step 1: Добавить функции и типы в `api/admin.ts`** (в конец файла)
-
-```ts
-// === SaaS-admin → Тарифная сетка (Plan 4 / Sprint 5C G3) ===
-
-export interface AdminPricingTier {
-    tier_no: number;
-    leads_in_tier: number | null;
-    price_per_lead_kopecks: number;
-    effective_from: string;
-}
-
-export interface PricingTiersResponse {
-    active: AdminPricingTier[];
-    scheduled: Record<string, AdminPricingTier[]>;
-}
-
-export interface PricingTierEditorRow {
-    tier_no: number;
-    leads_in_tier: number | null;
-    price_rub: string;
-}
-
-export async function getPricingTiers(): Promise<PricingTiersResponse> {
-    const { data } = await apiClient.get<{ data: PricingTiersResponse }>('/api/admin/pricing-tiers');
-    return { active: data.data.active, scheduled: data.data.scheduled ?? {} };
-}
-
-export async function createPricingTiers(tiers: PricingTierEditorRow[]): Promise<{ effective_from: string }> {
-    await ensureCsrfCookie();
-    const { data } = await apiClient.post<{ effective_from: string }>('/api/admin/pricing-tiers', { tiers });
-    return data;
-}
-
-export async function deleteScheduledPricingTier(effectiveFrom: string): Promise<void> {
-    await ensureCsrfCookie();
-    await apiClient.delete(`/api/admin/pricing-tiers/scheduled/${effectiveFrom}`);
-}
-
-// === SaaS-admin → Цены поставщиков (Plan 4 / Sprint 5C G3) ===
-
-export interface AdminSupplier {
-    id: number;
-    code: string;
-    name: string;
-    cost_rub: string;
-    quality_score: string;
-    is_active: boolean;
-}
-
-export async function getAdminSuppliers(): Promise<AdminSupplier[]> {
-    const { data } = await apiClient.get<{ data: AdminSupplier[] }>('/api/admin/suppliers');
-    return data.data;
-}
-
-export async function updateAdminSupplier(
-    id: number,
-    payload: { cost_rub: string; quality_score: string; is_active: boolean },
-): Promise<AdminSupplier> {
-    await ensureCsrfCookie();
-    const { data } = await apiClient.patch<{ data: AdminSupplier }>(`/api/admin/suppliers/${id}`, payload);
-    return data.data;
-}
-```
-
-- [ ] **Step 2: Переписать `AdminPricingTiersView.vue` на api/admin**
-
-1. Удалить `import axios from 'axios';`.
-2. Добавить:
-   `import { getPricingTiers, createPricingTiers, deleteScheduledPricingTier, type AdminPricingTier, type PricingTierEditorRow } from '../../api/admin';`
-3. Удалить локальные интерфейсы `Tier` и `EditorRow`; заменить их использования на `AdminPricingTier`
-   и `PricingTierEditorRow` соответственно (`active: ref<AdminPricingTier[]>([])`,
-   `scheduled: ref<Record<string, AdminPricingTier[]>>({})`, `editor: ref<PricingTierEditorRow[]>(...)`,
-   `defaultEditor: PricingTierEditorRow[]`).
-4. `load()` — заменить тело:
-
-   ```ts
-   const data = await getPricingTiers();
-   active.value = data.active;
-   scheduled.value = data.scheduled;
-   ```
-
-5. `submit()` — заменить `await axios.post('/api/admin/pricing-tiers', { tiers: editor.value });` на
-   `await createPricingTiers(editor.value);`.
-6. `confirmDelete()` — заменить `await axios.delete(\`/api/admin/pricing-tiers/scheduled/${effectiveFrom}\`);`
-   на `await deleteScheduledPricingTier(effectiveFrom);`.
-7. `extractErrorMessage` остаётся (импорт из `../../api/client`).
-
-- [ ] **Step 3: Переписать `AdminSupplierPricesView.vue` на api/admin**
-
-1. Удалить `import axios from 'axios';`.
-2. Добавить: `import { getAdminSuppliers, updateAdminSupplier, type AdminSupplier } from '../../api/admin';`
-3. Удалить локальный интерфейс `SupplierRow`; заменить использования на `AdminSupplier`
-   (`suppliers: ref<AdminSupplier[]>([])`, параметр `save(s: AdminSupplier)`).
-4. `load()` — заменить тело: `suppliers.value = await getAdminSuppliers();`.
-5. `save()` — заменить `axios.patch(...)` на:
-   `await updateAdminSupplier(s.id, { cost_rub: s.cost_rub, quality_score: s.quality_score, is_active: s.is_active });`
-
-- [ ] **Step 4: Переписать `AdminPricingTiersView.spec.ts` на мок api/admin**
-
-Эталон паттерна — `app/tests/Frontend/AdminBillingViewActions.spec.ts`. Ключевые правки:
-
-1. Убрать `import axios from 'axios';` и `vi.mock('axios');`.
-2. Добавить partial-мок:
-
-   ```ts
-   vi.mock('../../resources/js/api/admin', async (importOriginal) => {
-       const orig = await importOriginal<typeof import('../../resources/js/api/admin')>();
-       return { ...orig, getPricingTiers: vi.fn(), createPricingTiers: vi.fn(), deleteScheduledPricingTier: vi.fn() };
-   });
-   const adminApi = await import('../../resources/js/api/admin');
-   ```
-
-3. Добавить хелпер ошибки (копия из эталона):
-
-   ```ts
-   function makeAxiosError(message: string, status = 422): unknown {
-       return Object.assign(new Error(message), { isAxiosError: true, response: { status, data: { message } } });
-   }
-   ```
-
-4. `mockTiers` — оставить (это `AdminPricingTier[]`).
-5. Первый `describe` `beforeEach`:
-
-   ```ts
-   vi.mocked(adminApi.getPricingTiers).mockResolvedValue({ active: mockTiers, scheduled: {} });
-   vi.mocked(adminApi.createPricingTiers).mockResolvedValue({ effective_from: '2026-06-01' });
-   vi.mocked(adminApi.deleteScheduledPricingTier).mockResolvedValue(undefined);
-   ```
-
-6. Тест `submits POST ...` → `expect(adminApi.createPricingTiers).toHaveBeenCalledWith(expect.arrayContaining([expect.objectContaining({ tier_no: 7, leads_in_tier: null })]));`
-7. Тест `confirmDelete triggers DELETE ...` → `expect(adminApi.deleteScheduledPricingTier).toHaveBeenCalledWith('2026-06-01');` (`window.confirm = vi.fn(() => true)` — оставить, T5 уберёт).
-8. `describe` error handling — убрать `axios.isAxiosError` блок; в каждом тесте заменить
-   `(axios.X as any).mockRejectedValue({response:...})` на `vi.mocked(adminApi.fn).mockRejectedValue(makeAxiosError('...', status))`,
-   а `(axios.get as any).mockResolvedValue(...)` на `vi.mocked(adminApi.getPricingTiers).mockResolvedValue({ active: mockTiers, scheduled: {} })`.
-   `afterEach(() => vi.clearAllMocks())` — оставить.
-
-- [ ] **Step 5: Переписать `AdminSupplierPricesView.spec.ts` на мок api/admin**
-
-Аналогично Step 4:
-
-1. Убрать axios; `vi.mock('../../resources/js/api/admin', ...)` с `getAdminSuppliers`/`updateAdminSupplier` как `vi.fn()`.
-2. `makeAxiosError` хелпер.
-3. `beforeEach`: `vi.mocked(adminApi.getAdminSuppliers).mockResolvedValue(mockSuppliers);`
-   `vi.mocked(adminApi.updateAdminSupplier).mockResolvedValue(mockSuppliers[0]);`
-4. Тест `save() fires PATCH ...` → `expect(adminApi.updateAdminSupplier).toHaveBeenCalledWith(1, { cost_rub: '2.00', quality_score: '1.00', is_active: true });`
-5. Error-тесты → `mockRejectedValue(makeAxiosError(...))`; `load() ... rejects` → `vi.mocked(adminApi.getAdminSuppliers).mockRejectedValue(makeAxiosError('Database connection lost', 500))`.
-
-- [ ] **Step 6: Прогнать оба spec-файла**
-
-Run: `cd app && npx vitest run tests/Frontend/AdminPricingTiersView.spec.ts tests/Frontend/AdminSupplierPricesView.spec.ts`
-Expected: PASS (все тесты обоих файлов).
-
-- [ ] **Step 7: Lint + type-check**
-
-Run: `cd app && npx vue-tsc --noEmit -p tsconfig.json && npm run lint:vue`
-Expected: 0 ошибок (в т.ч. `import axios` удалён из обеих вьюх).
-
-- [ ] **Step 8: Commit**
-
-```bash
-git add app/resources/js/api/admin.ts app/resources/js/views/admin/AdminPricingTiersView.vue \
-  app/resources/js/views/admin/AdminSupplierPricesView.vue \
-  app/tests/Frontend/AdminPricingTiersView.spec.ts app/tests/Frontend/AdminSupplierPricesView.spec.ts
-git commit -m "refactor(admin): G3 — pricing-tiers/suppliers вьюхи на типизированный api/admin.ts"
-```
-
----
-
-## Task 4: G7 — AdminPricingTiers effective_from через date-picker
-
-**Контекст:** Сейчас `effective_from` новой сетки жёстко = 1-е число следующего месяца (МСК):
-backend `AdminPricingTiersController@store:92` хардкодит `startOfMonth()->addMonth()`, frontend
-показывает `nextMonthStart` в кнопке и заголовке диалога. G7 — дать админу выбрать дату.
-
-**Files:**
-
-- Modify: `app/app/Http/Controllers/Api/AdminPricingTiersController.php`
-- Modify: `app/resources/js/api/admin.ts`
-- Modify: `app/resources/js/views/admin/AdminPricingTiersView.vue`
-- Modify: `app/tests/Feature/Admin/AdminPricingTiersControllerTest.php`
-- Modify: `app/tests/Frontend/AdminPricingTiersView.spec.ts`
-
-- [ ] **Step 1: Написать падающий Pest-тест** — добавить в `AdminPricingTiersControllerTest.php`
-
-```php
-it('store accepts a custom effective_from date', function (): void {
-    $custom = \Illuminate\Support\Carbon::now('Europe/Moscow')->addMonths(3)->toDateString();
-
-    $response = $this->postJson('/api/admin/pricing-tiers', [
-        'tiers' => validTiersPayload(),
-        'effective_from' => $custom,
-    ]);
-
-    $response->assertCreated()->assertJson(['effective_from' => $custom]);
-    expect(\App\Models\PricingTier::where('effective_from', $custom)->count())->toBe(7);
-});
-
-it('store rejects effective_from in the past', function (): void {
-    $past = \Illuminate\Support\Carbon::now('Europe/Moscow')->subDay()->toDateString();
-
-    $this->postJson('/api/admin/pricing-tiers', [
-        'tiers' => validTiersPayload(),
-        'effective_from' => $past,
-    ])->assertStatus(422);
-});
-```
-
-Примечание: если в файле нет хелпера `validTiersPayload()` — переиспользовать массив тиров из
-существующего теста store (7 строк `tier_no`/`leads_in_tier`/`price_rub`); вынести в локальную
-функцию-хелпер в начале файла либо инлайнить массив в обоих новых тестах.
-
-- [ ] **Step 2: Прогнать — убедиться, что падает**
-
-Run: `cd app && php artisan test --filter=AdminPricingTiersControllerTest`
-Expected: FAIL — `effective_from` сейчас игнорируется (первый тест: дата = next-month, не custom;
-второй: 201 вместо 422).
-
-- [ ] **Step 3: Backend — принять `effective_from` в `store()`**
-
-В `AdminPricingTiersController@store`:
-
-1. Перед `$request->validate([...])` вычислить `$todayMsk = Carbon::now('Europe/Moscow')->toDateString();`
-2. В массив правил добавить:
-   `'effective_from' => ['sometimes', 'date_format:Y-m-d', 'after:'.$todayMsk],`
-3. Заменить строку `$effectiveFrom = Carbon::now('Europe/Moscow')->startOfMonth()->addMonth()->toDateString();` на:
-
-   ```php
-   $effectiveFrom = $request->input('effective_from')
-       ?? Carbon::now('Europe/Moscow')->startOfMonth()->addMonth()->toDateString();
-   ```
-
-   (`$todayMsk` из шага 1 переиспользуется правилом валидации; вычислять до `validate`.)
-
-- [ ] **Step 4: Прогнать Pest — убедиться, что проходит**
-
-Run: `cd app && php artisan test --filter=AdminPricingTiersControllerTest`
-Expected: PASS (старые тесты store без `effective_from` → дефолт next-month; 2 новых → custom/422).
-
-- [ ] **Step 5: api/admin.ts — `createPricingTiers` принимает `effectiveFrom`**
-
-Изменить сигнатуру (расширение T3-функции):
-
-```ts
-export async function createPricingTiers(
-    tiers: PricingTierEditorRow[],
-    effectiveFrom?: string,
-): Promise<{ effective_from: string }> {
-    await ensureCsrfCookie();
-    const payload: { tiers: PricingTierEditorRow[]; effective_from?: string } = { tiers };
-    if (effectiveFrom) payload.effective_from = effectiveFrom;
-    const { data } = await apiClient.post<{ effective_from: string }>('/api/admin/pricing-tiers', payload);
-    return data;
-}
-```
-
-- [ ] **Step 6: Frontend — date-picker в редакторе сетки**
-
-В `AdminPricingTiersView.vue`:
-
-1. Добавить ref после `nextMonthStart` computed:
-   `const effectiveFrom = ref<string>(nextMonthStart.value);`
-2. Добавить computed для `min` (завтра):
-
-   ```ts
-   const minEffectiveFrom = computed(() => {
-       const d = new Date();
-       d.setDate(d.getDate() + 1);
-       return d.toISOString().slice(0, 10);
-   });
-   ```
-
-3. В диалоге-редакторе перед `<table class="editor-table">` добавить поле:
-
-   ```vue
-   <v-text-field
-       v-model="effectiveFrom"
-       type="date"
-       label="Дата вступления в силу"
-       :min="minEffectiveFrom"
-       density="compact"
-       class="mb-3"
-       style="max-width: 240px"
-       data-testid="effective-from-input"
-   />
-   ```
-
-4. Заголовок диалога: `Новая сетка (effective_from = {{ effectiveFrom }})` (вместо `nextMonthStart`).
-   Кнопку открытия редактора `Редактировать сетку (с {{ nextMonthStart }})` — оставить
-   `nextMonthStart` (это дефолтная подсказка до открытия диалога).
-5. `submit()` — передать дату: `await createPricingTiers(editor.value, effectiveFrom.value);`.
-6. `successMessage` в `submit()` — использовать `effectiveFrom.value` вместо `nextMonthStart.value`.
-7. `defineExpose` — добавить `effectiveFrom`.
-
-- [ ] **Step 7: Написать Vitest для date-picker** — добавить в первый `describe` `AdminPricingTiersView.spec.ts`:
-
-```ts
-    it('редактор содержит поле даты effective_from с дефолтом = след. месяц', async () => {
-        const wrapper = mount(AdminPricingTiersView, { global: { plugins: [vuetify] } });
-        await new Promise((r) => setTimeout(r, 50));
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        (wrapper.vm as any).editorOpen = true;
-        await wrapper.vm.$nextTick();
-        expect(wrapper.find('[data-testid="effective-from-input"]').exists()).toBe(true);
-    });
-
-    it('submit передаёт выбранную effective_from в createPricingTiers', async () => {
-        const wrapper = mount(AdminPricingTiersView, { global: { plugins: [vuetify] } });
-        await new Promise((r) => setTimeout(r, 50));
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        (wrapper.vm as any).effectiveFrom = '2026-09-01';
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        await (wrapper.vm as any).submit();
-        expect(adminApi.createPricingTiers).toHaveBeenCalledWith(expect.any(Array), '2026-09-01');
-    });
-```
-
-- [ ] **Step 8: Прогнать FE-тест**
-
-Run: `cd app && npx vitest run tests/Frontend/AdminPricingTiersView.spec.ts`
-Expected: PASS.
-
-- [ ] **Step 9: Lint + type-check + Pint**
-
-Run: `cd app && npx vue-tsc --noEmit -p tsconfig.json && npm run lint:vue && composer pint -- --dirty`
-Expected: 0 ошибок.
-
-- [ ] **Step 10: Commit**
-
-```bash
-git add app/app/Http/Controllers/Api/AdminPricingTiersController.php app/resources/js/api/admin.ts \
-  app/resources/js/views/admin/AdminPricingTiersView.vue \
-  app/tests/Feature/Admin/AdminPricingTiersControllerTest.php app/tests/Frontend/AdminPricingTiersView.spec.ts
-git commit -m "feat(admin): G7 — выбор effective_from тарифной сетки через date-picker"
-```
-
----
-
-## Task 5: G10 — AdminPricingTiers `window.confirm` → `v-dialog`
-
-**Контекст:** `AdminPricingTiersView@confirmDelete` использует браузерный `window.confirm()` для
-подтверждения удаления запланированного набора тиров. Браузерный `confirm` блокирует UI и не
-доступен ассистивным технологиям — заменить на `v-dialog`. (Аудит назвал эпик «AdminBilling
-confirm()», но в `AdminBillingView` `confirm()` уже нет — Sprint 3D G4 заменил row-actions на
-`v-dialog`'и; фактический оставшийся браузерный confirm в админ-биллинге — здесь, в pricing-tiers.)
-
-**Files:**
-
-- Modify: `app/resources/js/views/admin/AdminPricingTiersView.vue`
-- Modify: `app/tests/Frontend/AdminPricingTiersView.spec.ts`
-
-- [ ] **Step 1: Написать падающие тесты** — заменить в первом `describe` тест
-`confirmDelete triggers DELETE to /scheduled/{date}` на два теста:
-
-```ts
-    it('confirmDelete открывает диалог подтверждения, DELETE не вызывается сразу', async () => {
-        const wrapper = mount(AdminPricingTiersView, { global: { plugins: [vuetify] } });
-        await new Promise((r) => setTimeout(r, 50));
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        const vm = wrapper.vm as any;
-        vm.confirmDelete('2026-06-01');
-        expect(vm.deleteDialogOpen).toBe(true);
-        expect(vm.deleteTarget).toBe('2026-06-01');
-        expect(adminApi.deleteScheduledPricingTier).not.toHaveBeenCalled();
-    });
-
-    it('performDelete вызывает deleteScheduledPricingTier для выбранной даты', async () => {
-        const wrapper = mount(AdminPricingTiersView, { global: { plugins: [vuetify] } });
-        await new Promise((r) => setTimeout(r, 50));
-        // eslint-disable-next-line @typescript-eslint/no-explicit-any
-        const vm = wrapper.vm as any;
-        vm.confirmDelete('2026-06-01');
-        await vm.performDelete();
-        expect(adminApi.deleteScheduledPricingTier).toHaveBeenCalledWith('2026-06-01');
-        expect(vm.deleteDialogOpen).toBe(false);
-    });
-```
-
-В error-handling `describe` тест `confirmDelete() shows errorMessage when ... rejects` —
-переименовать вызов: после `vm.confirmDelete('2026-06-01')` вызывать `await vm.performDelete()`
-(ошибку проверять после `performDelete`). Убрать `window.confirm = vi.fn(() => true)` из всех
-тестов этого файла (больше не нужен).
-
-- [ ] **Step 2: Прогнать — убедиться, что падает**
-
-Run: `cd app && npx vitest run tests/Frontend/AdminPricingTiersView.spec.ts`
-Expected: FAIL — `deleteDialogOpen`/`deleteTarget`/`performDelete` ещё не существуют.
-
-- [ ] **Step 3: Заменить `window.confirm` на `v-dialog`-flow**
-
-В `AdminPricingTiersView.vue`:
-
-1. Добавить state: `const deleteDialogOpen = ref(false);` и `const deleteTarget = ref<string | null>(null);`
-2. Заменить функцию `confirmDelete` — теперь только открывает диалог:
-
-   ```ts
-   function confirmDelete(effectiveFrom: string): void {
-       deleteTarget.value = effectiveFrom;
-       deleteDialogOpen.value = true;
-   }
-   ```
-
-3. Добавить `performDelete` — фактическое удаление (тело — бывший `confirmDelete` без `window.confirm`):
-
-   ```ts
-   async function performDelete(): Promise<void> {
-       const effectiveFrom = deleteTarget.value;
-       if (effectiveFrom === null) return;
-       deleteDialogOpen.value = false;
-       errorMessage.value = null;
-       successMessage.value = null;
-       try {
-           await deleteScheduledPricingTier(effectiveFrom);
-           successMessage.value = `Удалено: запланированный набор с ${effectiveFrom}.`;
-           successToastOpen.value = true;
-           await load();
-       } catch (err) {
-           errorMessage.value = extractErrorMessage(err, 'Не удалось удалить запланированный набор.');
-       } finally {
-           deleteTarget.value = null;
-       }
-   }
-   ```
-
-4. В `<template>` после диалога-редактора добавить confirm-диалог:
-
-   ```vue
-   <v-dialog v-model="deleteDialogOpen" max-width="440">
-       <v-card>
-           <v-card-title>Удалить запланированный набор?</v-card-title>
-           <v-card-text>
-               Запланированная сетка с <strong>{{ deleteTarget }}</strong> будет удалена.
-               Действие необратимо.
-           </v-card-text>
-           <v-card-actions>
-               <v-spacer />
-               <v-btn @click="deleteDialogOpen = false">Отмена</v-btn>
-               <v-btn color="error" data-testid="confirm-delete-btn" @click="performDelete">Удалить</v-btn>
-           </v-card-actions>
-       </v-card>
-   </v-dialog>
-   ```
-
-5. `defineExpose` — добавить `deleteDialogOpen`, `deleteTarget`, `performDelete`.
-
-- [ ] **Step 4: Прогнать FE-тест — убедиться, что проходит**
-
-Run: `cd app && npx vitest run tests/Frontend/AdminPricingTiersView.spec.ts`
-Expected: PASS.
-
-- [ ] **Step 5: Lint + type-check**
-
-Run: `cd app && npx vue-tsc --noEmit -p tsconfig.json && npm run lint:vue`
-Expected: 0 ошибок (в т.ч. `window.confirm` удалён из вьюхи).
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/resources/js/views/admin/AdminPricingTiersView.vue app/tests/Frontend/AdminPricingTiersView.spec.ts
-git commit -m "feat(admin): G10 — браузерный confirm() удаления сетки → v-dialog"
-```
-
----
-
-## Финал
-
-После всех 5 задач — финальный holistic review всей реализации, затем полная регрессия
-(`/regression full`: Pest --parallel, Vitest, Vite build, vue-tsc, ESLint, Pint, Larastan,
-markdownlint, cspell, lychee, gitleaks) и `superpowers:finishing-a-development-branch`.
-
-**Ожидаемые изменения относительно базы `345d14d`:** 5 feat/refactor-коммитов + этот plan-коммит.
-Файлы: `BalanceCard.vue`, `BillingView.vue`, `mockBilling.ts` (удалён), `api/admin.ts`,
-`AdminPricingTiersView.vue`, `AdminSupplierPricesView.vue`, `AdminPricingTiersController.php`,
-
-- 5 spec-файлов (1 новый `BalanceCard.spec.ts`). БД/schema — без изменений.
diff --git a/docs/superpowers/plans/2026-05-17-sprint5d-cleanup-mock-fallback.md b/docs/superpowers/plans/2026-05-17-sprint5d-cleanup-mock-fallback.md
deleted file mode 100644
index 3df0862..0000000
--- a/docs/superpowers/plans/2026-05-17-sprint5d-cleanup-mock-fallback.md
+++ /dev/null
@@ -1,480 +0,0 @@
-# Sprint 5D — Cleanup dev-артефактов (I3 + I4) Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Убрать production fake-data fallback (вьюхи рендерят выдуманные сделки/тенантов/инциденты при сбое API) и DEV-gate баннер `_dev_plain_code` в impersonation-диалоге.
-
-**Architecture:** Аудит портала, находки I3 + I4 (под-план Sprint 5D). 8 production-файлов инициализируют reactive-state mock-данными из `composables/mock*.ts` и держат их как fallback при ошибке API — в проде юзер при 500/network видит фейковые данные. Фикс: state инициализируется пустым (`[]` / нули); при ошибке показывается error-alert (уже есть `v-alert v-if="fetchError"` в каждом файле — меняется только текст). Файлы `mock*.ts` **остаются на месте** (типы + UI-константы там реальные; mock-массивы используются только тестами как фикстуры) — решение заказчика «убрать fake-fallback», без переезда файлов. I4: баннер `_dev_plain_code` гейтится за `import.meta.env.DEV`.
-
-**Tech Stack:** Vue 3.5 + Vuetify 3.12 + TypeScript, Vitest 4 (`@vue/test-utils` + jsdom).
-
-**Scope (I1 — отложен):** I1 (DevIndexBadge/DevIndexOverlay removal) решением заказчика отложен до заморозки UI — не в этом плане.
-
-**НЕ в scope (discovered minor):** `DealsView.vue` строка `const newToday = 3; // mock` — инлайн-литерал (не `mock*.ts`-композабл), показывает фейковое «+3 новых лида с утра». Требует реальной backend-метрики — отдельная находка, в 5D не трогается.
-
----
-
-## File Structure
-
-Production (8 файлов — убрать mock-fallback):
-
-- `app/resources/js/views/DealsView.vue` — `dealsState` init из `MOCK_DEALS`.
-- `app/resources/js/views/KanbanView.vue` — `dealsByStatus` + `totalDeals` init из `MOCK_DEALS`.
-- `app/resources/js/components/deals/NewDealDialog.vue` — `projectOptions`/`managerOptions` init из `MOCK_PROJECTS`/`MOCK_MANAGERS`.
-- `app/resources/js/components/deals/DealDetailDrawer.vue` — `events` init из `MOCK_EVENTS`, fallback на 2 catch-путях.
-- `app/resources/js/views/admin/AdminBillingView.vue` — `rowsState`/`summary` init из `ADMIN_BILLING_TENANTS`/`ADMIN_BILLING_SUMMARY`.
-- `app/resources/js/views/admin/AdminIncidentsView.vue` — `rowsState` + initial `stats` init из `ADMIN_INCIDENTS`.
-- `app/resources/js/views/admin/AdminSystemView.vue` — `settingsState` init из `ADMIN_SYSTEM_SETTINGS` (тип `AdminSystemSetting` — оставить).
-- `app/resources/js/views/admin/AdminTenantsView.vue` — `tenantsState`/`stats` init из `MOCK_TENANTS`/`MOCK_STATS`.
-
-Production (1 файл — I4):
-
-- `app/resources/js/components/admin/ImpersonationDialog.vue` — баннер `dev-code-banner` за `import.meta.env.DEV`.
-
-Не трогаются: `composables/mock*.ts` (типы/константы реальны, mock-массивы — тест-фикстуры).
-
-Tests (обновить — спеки писались вокруг mock-initial-state):
-
-- `app/tests/Frontend/DealsView.spec.ts`, `DealsViewRedesign.spec.ts`, `KanbanView.spec.ts`
-- `app/tests/Frontend/NewDealDialog*.spec.ts`, `DealDetailDrawer*.spec.ts` (имена уточнить через `ls`)
-- `app/tests/Frontend/AdminBillingView.spec.ts`, `AdminBillingViewApi.spec.ts`
-- `app/tests/Frontend/AdminIncidentsView.spec.ts`, `AdminIncidentsViewApi.spec.ts`
-- `app/tests/Frontend/AdminSystemView.spec.ts`, `AdminTenantsView.spec.ts`, `AdminTenantsViewApi.spec.ts`
-
----
-
-## Общий тест-принцип (для всех задач T1–T4)
-
-Init state → `[]` ломает существующие тесты двух типов. Стратегия:
-
-1. **Тесты, использующие mock как фикстуру** (рендер строк, bulk-actions, фильтры). Mock-композабл импортируется **в spec-файле** как фикстура (это разрешено — тесты могут использовать mock-данные). Два варианта вернуть данные в state — выбрать минимально-инвазивный для конкретного спека:
-   - **Вариант A (предпочтительно для `*Api.spec.ts` и где API уже `vi.mock`'нут):** мок data-API резолвится фикстурой → success-путь `loadX()` наполняет state, `fetchError=false`.
-   - **Вариант B (для smoke-спеков без `vi.mock`):** после `mount` + `flushPromises()` засеять exposed-state: `vm.<stateRef>.push(...<MOCK_FIXTURE>.map(clone))`. Для seed может потребоваться расширить `defineExpose` (см. задачи).
-2. **Тесты, явно ассертящие fake-fallback как поведение** (напр. `AdminBillingViewApi.spec.ts:96-106` — `expect(vm.rowsState.length).toBeGreaterThan(0)` после reject, заголовок «MOCK fallback остаётся»). **Инвертировать**: `toBe(0)`, заголовок → «state пустой».
-3. **Новый regression-тест на каждый production-файл:** API/loadX отклоняется → state пустой (`length === 0`) **и** error-видим (`fetchError`/alert). См. red-green в шагах задач.
-
-Каждая задача завершается полным зелёным прогоном `npm run test:vue` (0 fail) + `npm run lint:vue` + `npm run type-check`.
-
----
-
-## Task 1: DealsView + KanbanView — убрать MOCK_DEALS fallback
-
-**Files:**
-
-- Modify: `app/resources/js/views/DealsView.vue`
-- Modify: `app/resources/js/views/KanbanView.vue`
-- Test: `app/tests/Frontend/DealsView.spec.ts`, `DealsViewRedesign.spec.ts`, `KanbanView.spec.ts`
-
-- [ ] **Step 1: Regression-тест на пустой state при ошибке (DealsView) — должен упасть**
-
-В `DealsView.spec.ts` добавить (рядом с C3-тестами в конце файла):
-
-```ts
-test('I3: loadDeals reject → dealsState пустой + fetchError', async () => {
-    vi.spyOn(dealsApi, 'listDeals').mockRejectedValue(new Error('500'));
-    const wrapper = await mountDeals();
-    const auth = useAuthStore();
-    auth.user = { id: 1, tenant_id: 42, email: 't@t.io' } as AuthUser;
-    const vm = wrapper.vm as unknown as { loadDeals: () => Promise<void>; dealsState: unknown[]; fetchError: boolean };
-    await vm.loadDeals();
-    await flushPromises();
-    expect(vm.dealsState.length).toBe(0);
-    expect(vm.fetchError).toBe(true);
-});
-```
-
-- [ ] **Step 2: Прогнать — убедиться, что падает**
-
-Run: `cd app && npm run test:vue -- DealsView.spec.ts`
-Expected: новый тест FAIL (`dealsState.length` = длина `MOCK_DEALS`, не 0).
-
-- [ ] **Step 3: DealsView.vue — init пустой**
-
-Импорт (строка 18) — убрать `MOCK_DEALS`:
-
-```ts
-import { DEALS_TABS, type MockDeal } from '../composables/mockDeals';
-```
-
-Init `dealsState` (строка 113):
-
-```ts
-// Локальная reactive-копия. Наполняется через API (см. loadDeals/onMounted).
-// До загрузки и при ошибке — пустой массив; ошибка показывается через fetchError.
-const dealsState = reactive<MockDeal[]>([]);
-```
-
-Catch в `loadDeals` (строка 133) — комментарий:
-
-```ts
-    } catch {
-        fetchError.value = true; // state остаётся пустым — показываем error-alert
-    }
-```
-
-Шаблон, alert `fetch-error-alert` (строки ~714-724) — текст:
-
-```
-            Не удалось загрузить сделки. Попробуйте обновить.
-```
-
-Doc-комментарий вверху файла — строку `MVP: page-head + chiprow со срезами + поиск + v-data-table с mock'ами.` поправить на `... + v-data-table (данные из API).`
-
-- [ ] **Step 4: KanbanView.vue — init пустой**
-
-Импорт (строка 23):
-
-```ts
-import { type MockDeal } from '../composables/mockDeals';
-```
-
-Init `dealsByStatus` (строки 49-54):
-
-```ts
-const dealsByStatus = reactive<Record<string, MockDeal[]>>(
-    LEAD_STATUSES.reduce<Record<string, MockDeal[]>>((acc, s) => {
-        acc[s.slug] = [];
-        return acc;
-    }, {}),
-);
-```
-
-`totalDeals` (строка 111):
-
-```ts
-const totalDeals = ref(0);
-```
-
-Catch в `loadDeals` (строка 142) — комментарий: `fetchError.value = true; // state остаётся пустым — показываем error-alert`
-Alert `fetch-error-alert` (строки ~199-209) — текст: `Не удалось загрузить сделки. Попробуйте обновить.`
-
-- [ ] **Step 5: Аналогичный regression-тест для KanbanView**
-
-В `KanbanView.spec.ts` добавить тест: замокать `dealsApi.listDeals` reject, выставить `auth.user` с `tenant_id`, вызвать `vm.loadDeals()`, проверить что все массивы `dealsByStatus` пусты (`Object.values(vm.dealsByStatus).every(c => c.length === 0)`) и `vm.fetchError === true`.
-
-- [ ] **Step 6: Починить существующие тесты (DealsView.spec.ts, DealsViewRedesign.spec.ts, KanbanView.spec.ts)**
-
-Многие тесты используют `MOCK_DEALS` как фикстуру (рендер строк, `applyBulkStatus`, фильтры «Окна Москва»/«Иван П.», `route.query.openId=MOCK_DEALS[0].id`). Применить **Вариант B**: в mount-хелперах (`mountDeals`, `mountDealsViewAt`, аналог в KanbanView) после `mount` засеять state из mock-фикстуры:
-
-```ts
-const wrapper = mount(DealsView, { /* ... */ });
-await flushPromises();
-const vm = wrapper.vm as unknown as { dealsState: MockDeal[] };
-vm.dealsState.push(...MOCK_DEALS.map((d) => ({ ...d, manager: { ...d.manager } })));
-await flushPromises();
-return wrapper;
-```
-
-`MOCK_DEALS` уже импортируется в `DealsView.spec.ts`. Для KanbanView — засеять `dealsByStatus` по slug'ам. Тесты на новый-deal/bulk/фильтры/openId после seed работают как раньше. Прогонять после правки каждого спека.
-
-- [ ] **Step 7: Полный прогон + линт**
-
-Run: `cd app && npm run test:vue -- DealsView KanbanView && npm run lint:vue && npm run type-check`
-Expected: все DealsView/KanbanView спеки PASS (0 fail), ESLint 0, vue-tsc 0.
-
-- [ ] **Step 8: Commit**
-
-```bash
-git add app/resources/js/views/DealsView.vue app/resources/js/views/KanbanView.vue app/tests/Frontend/DealsView.spec.ts app/tests/Frontend/DealsViewRedesign.spec.ts app/tests/Frontend/KanbanView.spec.ts
-git commit -m "fix(deals): I3 — убрать MOCK_DEALS fallback в DealsView/KanbanView"
-```
-
----
-
-## Task 2: NewDealDialog + DealDetailDrawer — убрать mock-fallback
-
-**Files:**
-
-- Modify: `app/resources/js/components/deals/NewDealDialog.vue`
-- Modify: `app/resources/js/components/deals/DealDetailDrawer.vue`
-- Test: spec-файлы NewDealDialog / DealDetailDrawer (уточнить `ls tests/Frontend | grep -E "NewDeal|DealDetailDrawer"`)
-
-- [ ] **Step 1: NewDealDialog.vue — пустые опции**
-
-Импорт (строка 17):
-
-```ts
-import { type MockDeal, type MockManager } from '../../composables/mockDeals';
-```
-
-`projectOptions`/`managerOptions` (строки 24-25):
-
-```ts
-const projectOptions = ref<string[]>([]);
-const managerOptions = ref<MockManager[]>([]);
-```
-
-Doc-комментарий блока (строки 19-23) — переписать без «fallback на MOCK»:
-
-```ts
-/**
- * Списки проектов и менеджеров грузятся с backend через GET /api/projects,
- * /api/managers при открытии диалога (если передан tenantId). На fail —
- * списки пустые + degradation-alter (lookupsFailed), создание блокируется
- * до повторной успешной загрузки.
- */
-```
-
-Комментарий строки 80 → `// Audit C6: loadLookups упал → показываем degradation-alert (списки пусты).`
-Alert `lookups-error-alert` (строки ~207-210) — текст:
-
-```
-                    Не удалось загрузить списки проектов и менеджеров — попробуйте позже.
-```
-
-`defineExpose` (строка 178) — добавить `projectOptions`, `managerOptions` для seed в тестах:
-
-```ts
-defineExpose({ lookupsFailed, projectOptions, managerOptions });
-```
-
-- [ ] **Step 2: DealDetailDrawer.vue — пустой timeline**
-
-Импорт (строка 23):
-
-```ts
-import { type DealEvent } from '../../composables/mockDealEvents';
-```
-
-`events` init (строка 60):
-
-```ts
-const events = ref<DealEvent[]>([]);
-```
-
-`loadEvents` — путь без deal/tenantId (строка 119): `events.value = [];`
-`loadEvents` — catch (строка 131): `events.value = [];`
-Комментарий строки 59 → `// показываем реальные events. На fail / без tenant_id — events пуст + eventsFetchError.`
-
-- [ ] **Step 3: Regression-тесты (red-green)**
-
-NewDealDialog spec: тест — открыть диалог **без** `tenantId`, проверить `vm.projectOptions.length === 0` и `vm.managerOptions.length === 0` (раньше были mock). DealDetailDrawer spec: тест — `loadEvents` без tenantId / при reject `getDeal` → `vm.events.length === 0`. Сначала прогнать (увидеть fail на старом коде — но код уже правится в Step 1-2, поэтому: написать тест → если spec'и проверяют наличие mock-данных, они упадут до правки; порядок — допустимо написать тест и правку вместе, ключ: после правки тест зелёный и проверяет именно пустоту).
-
-- [ ] **Step 4: Починить существующие тесты**
-
-NewDealDialog: тесты submit-flow выбирают проект/менеджера — засеять `vm.projectOptions`/`vm.managerOptions` после mount (Вариант B), либо замокать `dealsApi.listProjects`/`listManagers` резолвом с фикстурой (Вариант A) при открытии с `tenantId`. DealDetailDrawer: тесты timeline — замокать `dealsApi.getDeal` резолвом с events, либо засеять `vm.events`. Тесты на `events-fetch-error-alert` (Sprint 5B C7) — events уже пуст при ошибке, проверить что alert по-прежнему рендерится.
-
-- [ ] **Step 5: Полный прогон + линт**
-
-Run: `cd app && npm run test:vue -- NewDealDialog DealDetailDrawer && npm run lint:vue && npm run type-check`
-Expected: PASS 0 fail, ESLint 0, vue-tsc 0.
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/resources/js/components/deals/NewDealDialog.vue app/resources/js/components/deals/DealDetailDrawer.vue app/tests/Frontend/
-git commit -m "fix(deals): I3 — убрать mock-fallback в NewDealDialog/DealDetailDrawer"
-```
-
----
-
-## Task 3: AdminBillingView + AdminIncidentsView — убрать mockAdmin fallback
-
-**Files:**
-
-- Modify: `app/resources/js/views/admin/AdminBillingView.vue`
-- Modify: `app/resources/js/views/admin/AdminIncidentsView.vue`
-- Test: `app/tests/Frontend/AdminBillingView.spec.ts`, `AdminBillingViewApi.spec.ts`, `AdminIncidentsView.spec.ts`, `AdminIncidentsViewApi.spec.ts`
-
-- [ ] **Step 1: AdminBillingView.vue — init пустой**
-
-Удалить импорт (строка 11) `import { ADMIN_BILLING_SUMMARY as MOCK_SUMMARY, ADMIN_BILLING_TENANTS } from '../../composables/mockAdmin';` целиком.
-`rowsState` (строки 37-49):
-
-```ts
-const rowsState = reactive<BillingRow[]>([]);
-```
-
-`summary` (строки 51-56):
-
-```ts
-const summary = reactive({
-    total_mrr_rub: 0,
-    monthly_revenue_rub: 0,
-    overdue_count: 0,
-    refunds_count_30d: 0,
-});
-```
-
-Doc-комментарий вверху (строки 8-9): `MVP — только display-вьюха с mock-данными.` → `Данные грузятся с backend GET /api/admin/billing.`
-Комментарий строки 20-24 (над `BillingRow`) — убрать упоминание «initial = MOCK».
-Alert `fetch-error-alert` (строки ~249-259) — текст: `Не удалось загрузить биллинг. Попробуйте обновить.`
-
-- [ ] **Step 2: AdminIncidentsView.vue — init пустой**
-
-Удалить импорт (строка 12) `import { ADMIN_INCIDENTS } from '../../composables/mockAdmin';`.
-`rowsState` (строки 77-90):
-
-```ts
-const rowsState = reactive<IncidentRow[]>([]);
-```
-
-Удалить блок initial-stats из mock (строки 96-100 — `stats.open = rowsState.filter(...)` ×3). `stats` остаётся инициализированным нулями на строке 91.
-Комментарий строки 76 (`// Reactive — initial = MOCK; replace на API на mount.`) → `// Reactive — наполняется через loadIncidents (API).`
-Комментарий строки 95 (`// Initial stats из mock ...`) — удалить вместе с блоком.
-Doc-комментарий (строки 8-9): `MVP — display + фильтр ...` → `Display + фильтр по статусу/severity. Данные с backend GET /api/admin/incidents.`
-Alert `fetch-error-alert` (строки ~170-180) — текст: `Не удалось загрузить инциденты. Попробуйте обновить.`
-
-- [ ] **Step 3: Тесты — инвертировать fake-fallback ассерты + regression**
-
-`AdminBillingViewApi.spec.ts:96-106` — тест `'reject → fetchError=true + alert виден + MOCK fallback остаётся'`:
-
-- заголовок → `'reject → fetchError=true + alert виден + rowsState пустой'`
-- `expect(vm.rowsState.length).toBeGreaterThan(0);` → `expect(vm.rowsState.length).toBe(0);`
-Аналогично проверить `AdminIncidentsViewApi.spec.ts` на наличие «MOCK fallback»-ассертов — инвертировать.
-Smoke-спеки `AdminBillingView.spec.ts` / `AdminIncidentsView.spec.ts`: если рендерят строки из mock-init — применить Вариант A (замокать `adminApi.listAdminBilling`/`listAdminIncidents` резолвом фикстуры — фикстуру взять из `composables/mockAdmin` импортом в спеке) или Вариант B (seed `vm.rowsState`). Добавить regression-тест где ещё нет: reject → `rowsState.length === 0` + `fetchError`.
-
-- [ ] **Step 4: Полный прогон + линт**
-
-Run: `cd app && npm run test:vue -- AdminBilling AdminIncidents && npm run lint:vue && npm run type-check`
-Expected: PASS 0 fail, ESLint 0, vue-tsc 0.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/resources/js/views/admin/AdminBillingView.vue app/resources/js/views/admin/AdminIncidentsView.vue app/tests/Frontend/
-git commit -m "fix(admin): I3 — убрать mockAdmin fallback в Billing/Incidents"
-```
-
----
-
-## Task 4: AdminSystemView + AdminTenantsView — убрать mock fallback
-
-**Files:**
-
-- Modify: `app/resources/js/views/admin/AdminSystemView.vue`
-- Modify: `app/resources/js/views/admin/AdminTenantsView.vue`
-- Test: `app/tests/Frontend/AdminSystemView.spec.ts`, `AdminTenantsView.spec.ts`, `AdminTenantsViewApi.spec.ts`
-
-- [ ] **Step 1: AdminSystemView.vue — init пустой**
-
-Удалить импорт mock-данных (строка 11) `import { ADMIN_SYSTEM_SETTINGS } from '../../composables/mockAdmin';`.
-**Оставить** импорт типа (строка 12) `import type { AdminSystemSetting } from '../../composables/mockAdmin';` — тип используется.
-`settingsState` (строка 30):
-
-```ts
-const settingsState = reactive<AdminSystemSetting[]>([]);
-```
-
-Комментарий строки 23-29 (над `settingsState`) — убрать «Инициируется mock-данными (fallback...)»:
-
-```ts
-/**
- * Settings-state. Наполняется на mount через `adminApi.listSystemSettings()`.
- * До загрузки и при ошибке — пустой; ошибка показывается через fetchError-banner.
- */
-```
-
-Catch в `loadSettings` (строка 41) — текст fallback в `extractErrorMessage`:
-
-```ts
-        fetchError.value = extractErrorMessage(err, 'Не удалось загрузить настройки с сервера. Попробуйте обновить.');
-```
-
-Комментарий строки 39-40 (`// На fail оставляем mock ...`) → `// На fail — settingsState пустой, показываем error-banner.`
-Doc-комментарий (строки 8-9): `MVP — display + read-only edit-режим.` → `Display + edit-режим. Данные с backend GET /api/admin/system-settings.`
-
-- [ ] **Step 2: AdminTenantsView.vue — init пустой**
-
-Импорт (строка 18) — убрать `MOCK_STATS`, `MOCK_TENANTS`:
-
-```ts
-import { type AdminTenant, type TenantStatus } from '../../composables/mockTenants';
-```
-
-`tenantsState` (строка 32):
-
-```ts
-const tenantsState = reactive<AdminTenant[]>([]);
-```
-
-`stats` (строка 33) — заменить `{ ...MOCK_STATS }` объектом с теми же ключами в нулях. **Сверить точную форму `MOCK_STATS` в `composables/mockTenants.ts`** (`loadTenants` пишет `total/active/trial/overdue`):
-
-```ts
-const stats = reactive({ total: 0, active: 0, trial: 0, overdue: 0 });
-```
-
-Alert `fetch-error-alert` (строки ~117-127) — текст: `Не удалось загрузить тенантов. Попробуйте обновить.`
-
-- [ ] **Step 3: Тесты — починить + regression**
-
-`AdminTenantsViewApi.spec.ts` — проверить на «MOCK fallback»-ассерты после reject, инвертировать на `length === 0`.
-Smoke-спеки `AdminSystemView.spec.ts` / `AdminTenantsView.spec.ts` — рендер строк из mock-init: Вариант A (мок `adminApi.listSystemSettings`/`listAdminTenants` резолвом фикстуры) или B (seed `vm.settingsState`/`vm.tenantsState`). Regression-тест: reject → state пустой + ошибка видна (`AdminSystemView.fetchError` — это `string|null`, при ошибке непустая строка; `AdminTenantsView.fetchError` — boolean).
-
-- [ ] **Step 4: Полный прогон + линт**
-
-Run: `cd app && npm run test:vue -- AdminSystem AdminTenants && npm run lint:vue && npm run type-check`
-Expected: PASS 0 fail, ESLint 0, vue-tsc 0.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/resources/js/views/admin/AdminSystemView.vue app/resources/js/views/admin/AdminTenantsView.vue app/tests/Frontend/
-git commit -m "fix(admin): I3 — убрать mock fallback в System/Tenants"
-```
-
----
-
-## Task 5: I4 — ImpersonationDialog devPlainCode за DEV-gate
-
-**Files:**
-
-- Modify: `app/resources/js/components/admin/ImpersonationDialog.vue`
-- Test: `app/tests/Frontend/ImpersonationDialog*.spec.ts` (уточнить `ls`)
-
-Контекст: баннер `data-testid="dev-code-banner"` (строки ~218-228) показывает `_dev_plain_code` (плейн-код impersonation) при `v-if="devPlainCode"`. Сейчас гейт — только наличие данных (backend на prod не отдаёт `_dev_plain_code`). Аудит I4: добавить явный frontend DEV-gate, чтобы баннер не отрисовывался в prod-сборке даже если бэк случайно отдаст код.
-
-- [ ] **Step 1: Regression-тест (red) — баннер скрыт в prod**
-
-В spec ImpersonationDialog добавить тест: `vi.stubEnv('DEV', false)` **до** mount → пройти flow до step `verify` с непустым `devPlainCode` (замокать `adminApi.impersonationInit` резолвом с `_dev_plain_code: '123456'`) → `expect(wrapper.find('[data-testid="dev-code-banner"]').exists()).toBe(false)`. `afterEach(() => vi.unstubAllEnvs())`.
-
-- [ ] **Step 2: Прогон — упадёт**
-
-Run: `cd app && npm run test:vue -- ImpersonationDialog`
-Expected: новый тест FAIL (баннер рендерится — гейт только по `devPlainCode`).
-
-- [ ] **Step 3: ImpersonationDialog.vue — DEV-gate**
-
-В `<script setup>` после `const devPlainCode = ref<string | null>(null);` (строка 49) добавить:
-
-```ts
-// I4: явный frontend DEV-gate. import.meta.env.DEV статически заменяется Vite —
-// в prod-сборке = false, баннер с плейн-кодом tree-shake'ится.
-const isDevEnv = import.meta.env.DEV;
-```
-
-`defineExpose` отсутствует — не добавлять (тест проверяет через DOM).
-Шаблон, баннер (строка 219) — гейт:
-
-```html
-                    <v-alert
-                        v-if="isDevEnv && devPlainCode"
-```
-
-Doc-комментарий (строка 8) — уточнить: `На dev показывается _dev_plain_code (за import.meta.env.DEV; на prod — баннер не рендерится).`
-
-- [ ] **Step 4: Прогон — зелёный**
-
-Run: `cd app && npm run test:vue -- ImpersonationDialog`
-Expected: новый тест PASS. Существующие тесты (в Vitest `import.meta.env.DEV === true`) — баннер по-прежнему виден при `devPlainCode`, PASS.
-
-- [ ] **Step 5: Линт + type-check**
-
-Run: `cd app && npm run lint:vue && npm run type-check`
-Expected: ESLint 0, vue-tsc 0.
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/resources/js/components/admin/ImpersonationDialog.vue app/tests/Frontend/
-git commit -m "fix(admin): I4 — devPlainCode-баннер за import.meta.env.DEV"
-```
-
----
-
-## Self-Review (контроллер, после всех задач)
-
-- **Покрытие спека:** I3 — 8 production-файлов init→пусто + error-текст (✓ T1-T4). I4 — DEV-gate (✓ T5). I1 — отложен (вне scope).
-- **Нет fake-data в prod-путях:** grep `MOCK_|ADMIN_` по `resources/js/views` + `resources/js/components/deals` + `ImpersonationDialog` — 0 совпадений в production-импортах (только типы). `mock*.ts` не удалены — типы/константы (`MockDeal`, `DEALS_TABS`, `AdminTenant`...) живы.
-- **Тесты:** полный `npm run test:vue` зелёный, 0 fail; новые regression-тесты на каждый файл; инвертированы явные «MOCK fallback» ассерты.
-- **Регрессия:** `npm run lint:vue` 0, `npm run type-check` 0, Pest не затронут (только frontend).
diff --git a/docs/superpowers/plans/2026-05-17-sprint6-p3-polish.md b/docs/superpowers/plans/2026-05-17-sprint6-p3-polish.md
deleted file mode 100644
index 0c3e15c..0000000
--- a/docs/superpowers/plans/2026-05-17-sprint6-p3-polish.md
+++ /dev/null
@@ -1,387 +0,0 @@
-# Sprint 6 — P3 Polish + Cleanup Tail Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Закрыть P3-эпики финального спринта portal-audit (`docs/superpowers/specs/2026-05-15-portal-audit-design.md` §3 Sprint 6) — a11y-доводка, гигиена констант, снятие устаревшего dev-workaround'а.
-
-**Architecture:** 5 независимых XS-эпиков, все — frontend-only (Vue 3.5 SFC + TypeScript), 0 backend / 0 schema / 0 миграций. Каждый эпик правит обособленную группу файлов — пересечений между задачами нет, порядок T1→T5 произвольный, конфликты исключены.
-
-**Tech Stack:** Vue 3.5 + Vuetify 3.12 + TypeScript, Vitest 4 (тесты), `import.meta.env.DEV` (DEV-гейт, статически вырезается Vite в prod-сборке).
-
-**Scope-решение по 3 эпикам Sprint 6, НЕ входящим в этот план:**
-
-- **F5** (`new_device_login` через session-fingerprint) — XL, требует инфраструктуры сессий-фингерпринтов; вне MVP, остаётся в реестре.
-- **G8** (ImpersonationDialog two-person approval, CTO-15) — требует Б-1 (Yandex 360 SSO); блокирован внешним блокером.
-- **I2** (dev-indices.json — gitignore-решение) — **отложен вместе с I1**. I1 (снос DevIndexBadge/DevIndexOverlay) заказчик отложил в Sprint 5D до заморозки UI; `dev-indices.json` — генерируемый манифест этой же временной фичи. Решать его git-судьбу до сноса фичи — churn на артефакте, который всё равно удалится. Отложен синхронно с I1.
-
-**Эпики в этом плане (5):** A9, B6, F4, G9, I5.
-
----
-
-## File Structure
-
-| Файл | Задача | Ответственность |
-|---|---|---|
-| `app/resources/js/views/auth/LoginView.vue` | T1 (A9) | eye-toggle через `#append-inner` slot с accessible-name |
-| `app/resources/js/views/auth/RegisterView.vue` | T1 (A9) | то же |
-| `app/resources/js/views/auth/ResetPasswordView.vue` | T1 (A9) | то же (только первое поле пароля; поле «Повторите» eye-иконки не имеет) |
-| `app/resources/js/layouts/AdminLayout.vue` | T2 (B6) | DEV-only баннер о застабленном auth-gate |
-| `app/resources/js/constants/polling.ts` | T3 (F4) | **создаётся** — именованные интервалы polling |
-| `app/resources/js/composables/usePolling.ts` | T3 (F4) | дефолт интервала из константы |
-| `app/resources/js/layouts/AppLayout.vue` | T3 (F4) | call-site → константы |
-| `app/resources/js/components/admin/ImpersonationBanner.vue` | T3 (F4) | call-site → константа |
-| `app/resources/js/views/ReportsView.vue` | T3 (F4) | call-site → константа |
-| `app/resources/js/views/admin/AdminSystemView.vue` | T4 (G9) | aria-label на edit-кнопки |
-| `app/resources/js/views/ProjectsView.vue` | T5 (I5) | удаление устаревшего clearable-workaround'а из `<style>` |
-| spec-файлы в `app/tests/Frontend/` | T1/T2/T4 | failing-тесты + сверка существующих |
-
----
-
-## Task 1: A9 — accessible-name на eye-icon переключателях пароля
-
-**Контекст:** В `LoginView`/`RegisterView`/`ResetPasswordView` поле пароля переключает видимость через Vuetify-проп `:append-inner-icon` + `@click:append-inner`. Иконка-переключатель кликабельна, но не имеет accessible-name и не доступна с клавиатуры → screen-reader пользователь не знает, что это кнопка. Фикс — заменить проп на слот `#append-inner` с `<v-icon>` в роли кнопки: `role="button"` + `tabindex` + `:aria-label` + keyboard-обработчики.
-
-**Files:**
-
-- Modify: `app/resources/js/views/auth/LoginView.vue:81-93`
-- Modify: `app/resources/js/views/auth/RegisterView.vue:97-109`
-- Modify: `app/resources/js/views/auth/ResetPasswordView.vue:107-119`
-- Test: `app/tests/Frontend/LoginView.spec.ts`, `RegisterView.spec.ts`, `ResetPasswordView.spec.ts`
-
-- [ ] **Step 1: Сверить существующие spec-файлы**
-
-Прочитать 3 spec-файла. Найти тесты, взаимодействующие с переключателем (grep `append-inner`, `showPassword`, `eye`). Если тест триггерит `click:append-inner` — после рефактора это событие не возникнет (теперь клик по `<v-icon>` в слоте), такие тесты переписать на клик по иконке с aria-label. Запомнить mount-setup (плагины Vuetify/Pinia/router-стабы) для нового теста.
-
-- [ ] **Step 2: Написать failing-тест (для каждой из 3 вью)**
-
-В каждый spec добавить тест (mount-setup взять из существующих тестов файла):
-
-```ts
-it('переключатель видимости пароля имеет accessible-name и работает', async () => {
-    const wrapper = mount(LoginView, { /* global: из существующего setup файла */ });
-    const toggle = wrapper.find('[aria-label="Показать пароль"]');
-    expect(toggle.exists()).toBe(true);
-    expect(toggle.attributes('role')).toBe('button');
-    await toggle.trigger('click');
-    expect(wrapper.find('[aria-label="Скрыть пароль"]').exists()).toBe(true);
-});
-```
-
-Для `RegisterView`/`ResetPasswordView` — аналогично, заменив компонент.
-
-- [ ] **Step 3: Прогнать тесты — убедиться, что падают**
-
-Run: `cd app && npm run test:vue -- LoginView RegisterView ResetPasswordView`
-Expected: 3 новых теста FAIL (`aria-label="Показать пароль"` не найден — сейчас проп `append-inner-icon`).
-
-- [ ] **Step 4: Реализовать слот в LoginView.vue**
-
-Заменить блок `app/resources/js/views/auth/LoginView.vue:81-93` (поле пароля):
-
-```vue
-            <v-text-field
-                v-model="password"
-                label="Пароль"
-                :type="showPassword ? 'text' : 'password'"
-                autocomplete="current-password"
-                placeholder="Минимум 8 символов"
-                variant="outlined"
-                density="comfortable"
-                required
-                :error-messages="errors.password"
-            >
-                <template #append-inner>
-                    <v-icon
-                        :icon="showPassword ? 'mdi-eye-off' : 'mdi-eye'"
-                        :aria-label="showPassword ? 'Скрыть пароль' : 'Показать пароль'"
-                        role="button"
-                        tabindex="0"
-                        @click="showPassword = !showPassword"
-                        @keydown.enter.prevent="showPassword = !showPassword"
-                        @keydown.space.prevent="showPassword = !showPassword"
-                    />
-                </template>
-            </v-text-field>
-```
-
-- [ ] **Step 5: Реализовать слот в RegisterView.vue**
-
-Заменить блок `app/resources/js/views/auth/RegisterView.vue:97-109` тем же паттерном (поле пароля, `autocomplete="new-password"` — сохранить, `placeholder="Минимум 8 символов"` — сохранить). Снять строки `:append-inner-icon="..."` и `@click:append-inner="..."`, добавить `#append-inner`-слот как в Step 4.
-
-- [ ] **Step 6: Реализовать слот в ResetPasswordView.vue**
-
-Заменить блок `app/resources/js/views/auth/ResetPasswordView.vue:107-119` (первое поле — «Новый пароль») тем же паттерном. **Поле «Повторите пароль» (`:122-130`) не трогать** — у него нет eye-иконки, оно наследует `showPassword`.
-
-- [ ] **Step 7: Прогнать тесты — убедиться, что зелёные**
-
-Run: `cd app && npm run test:vue -- LoginView RegisterView ResetPasswordView`
-Expected: PASS — новые 3 теста + все ранее существовавшие в этих файлах.
-
-- [ ] **Step 8: Commit**
-
-```bash
-git add app/resources/js/views/auth/LoginView.vue app/resources/js/views/auth/RegisterView.vue app/resources/js/views/auth/ResetPasswordView.vue app/tests/Frontend/LoginView.spec.ts app/tests/Frontend/RegisterView.spec.ts app/tests/Frontend/ResetPasswordView.spec.ts
-git commit -m "fix(a11y): accessible eye-toggle на полях пароля — Sprint 6 A9"
-```
-
----
-
-## Task 2: B6 — DEV-only баннер о застабленном auth-gate админки
-
-**Контекст:** Sprint 3F (J2) поставил middleware `EnsureSaasAdmin` на `/api/admin/*` как стаб: в dev пропускает все запросы, в prod отдаёт 503. Комментарий в шапке `AdminLayout.vue:9-12` фиксирует, что полноценный auth-guard (`super_admin` role + 2FA через Yandex 360 SSO) ждёт Б-1. B6 — сделать этот auth-gap видимым в dev-UI баннером. Гейт — `import.meta.env.DEV` (Vite статически вырежет баннер в prod-сборке, паттерн I4 из Sprint 5D).
-
-**Files:**
-
-- Modify: `app/resources/js/layouts/AdminLayout.vue` (script + template)
-- Test: `app/tests/Frontend/AdminLayout.spec.ts`
-
-- [ ] **Step 1: Сверить AdminLayout.spec.ts**
-
-Прочитать spec — запомнить mount-setup. Проверить наличие `vi.unstubAllEnvs()` в `afterEach` (если нет — добавить в Step 2, иначе stub `DEV` протечёт в другие тесты).
-
-- [ ] **Step 2: Написать failing-тест**
-
-В `AdminLayout.spec.ts` добавить (mount-setup — из существующих тестов):
-
-```ts
-it('B6: показывает DEV-баннер auth-gap в dev-режиме', () => {
-    const wrapper = mount(AdminLayout, { /* global: из существующего setup */ });
-    expect(wrapper.find('[data-testid="dev-auth-gap-banner"]').exists()).toBe(true);
-});
-
-it('B6: скрывает DEV-баннер в production-режиме', () => {
-    vi.stubEnv('DEV', false);
-    const wrapper = mount(AdminLayout, { /* global: из существующего setup */ });
-    expect(wrapper.find('[data-testid="dev-auth-gap-banner"]').exists()).toBe(false);
-});
-```
-
-Убедиться, что в файле есть `afterEach(() => { vi.unstubAllEnvs(); });` (добавить, если отсутствует).
-
-- [ ] **Step 3: Прогнать тест — убедиться, что падает**
-
-Run: `cd app && npm run test:vue -- AdminLayout`
-Expected: тест `показывает DEV-баннер` FAIL (`data-testid="dev-auth-gap-banner"` не найден).
-
-- [ ] **Step 4: Добавить DEV-флаг в script**
-
-В `app/resources/js/layouts/AdminLayout.vue` после `const auth = useAuthStore();` (`:39`) добавить:
-
-```ts
-
-/** DEV-режим: показываем баннер о застабленном auth-gate админки (B6). */
-const isDevEnv = import.meta.env.DEV;
-```
-
-- [ ] **Step 5: Добавить баннер в template**
-
-В `<v-main class="admin-main">` (`:133`) — перед `<ImpersonationBanner />` вставить:
-
-```vue
-            <v-alert
-                v-if="isDevEnv"
-                type="warning"
-                variant="tonal"
-                density="compact"
-                class="ma-4"
-                data-testid="dev-auth-gap-banner"
-            >
-                DEV-режим: доступ к админке открыт без SSO-проверки — middleware
-                <code>EnsureSaasAdmin</code> в dev пропускает все запросы. В production
-                требуется вход через Yandex 360 + роль <code>super_admin</code> (Б-1);
-                неавторизованные запросы получают 503.
-            </v-alert>
-```
-
-- [ ] **Step 6: Прогнать тест — убедиться, что зелёные**
-
-Run: `cd app && npm run test:vue -- AdminLayout`
-Expected: PASS — оба новых теста + ранее существовавшие.
-
-- [ ] **Step 7: Commit**
-
-```bash
-git add app/resources/js/layouts/AdminLayout.vue app/tests/Frontend/AdminLayout.spec.ts
-git commit -m "feat(admin): DEV-only баннер о застабленном auth-gate — Sprint 6 B6"
-```
-
----
-
-## Task 3: F4 — вынести polling-интервалы в `constants/polling.ts`
-
-**Контекст:** Дефолтный интервал `30_000` зашит в `usePolling.ts`, а call-site'ы `AppLayout`/`ImpersonationBanner`/`ReportsView` дублируют литералы `30_000`/`60_000`. F4 — собрать «магические» числа в один модуль. Чистый рефактор: поведение не меняется, защитная сетка — существующие тесты.
-
-**Files:**
-
-- Create: `app/resources/js/constants/polling.ts`
-- Modify: `app/resources/js/composables/usePolling.ts:18,25`
-- Modify: `app/resources/js/layouts/AppLayout.vue:17,60,61`
-- Modify: `app/resources/js/components/admin/ImpersonationBanner.vue:16,40`
-- Modify: `app/resources/js/views/ReportsView.vue:14,62`
-
-- [ ] **Step 1: Создать `constants/polling.ts`**
-
-```ts
-/**
- * Интервалы polling-обновления view-данных — единый источник «магических»
- * чисел для usePolling. До приезда SSE/WebSocket в production это покрывает
- * «real-time»-паттерн (см. composables/usePolling.ts).
- */
-
-/** Базовый интервал авто-обновления (сделки, биллинг, инциденты, тенанты, отчёты). */
-export const POLLING_INTERVAL_MS = 30_000;
-
-/** Интервал для менее срочных счётчиков (напоминания в сайдбаре). */
-export const POLLING_REMINDERS_INTERVAL_MS = 60_000;
-```
-
-- [ ] **Step 2: Подключить константу в usePolling.ts**
-
-В `app/resources/js/composables/usePolling.ts`:
-
-- Первой строкой добавить импорт: `import { POLLING_INTERVAL_MS } from '../constants/polling';` (после `import { onBeforeUnmount, onMounted } from 'vue';`).
-- Строка `:18` doc-комментарий: `/** Период polling в миллисекундах. По умолчанию 30_000. */` → `/** Период polling в миллисекундах. По умолчанию POLLING_INTERVAL_MS (30 с). */`
-- Строка `:25`: `const intervalMs = options.intervalMs ?? 30_000;` → `const intervalMs = options.intervalMs ?? POLLING_INTERVAL_MS;`
-
-- [ ] **Step 3: Обновить call-site'ы**
-
-`AppLayout.vue` — добавить к импортам (`:17`): `import { POLLING_INTERVAL_MS, POLLING_REMINDERS_INTERVAL_MS } from '../constants/polling';`
-
-- `:60` `usePolling(loadNotifications, { intervalMs: 30_000, enabled: true });` → `{ intervalMs: POLLING_INTERVAL_MS, enabled: true }`
-- `:61` `usePolling(loadReminderCounts, { intervalMs: 60_000, enabled: true });` → `{ intervalMs: POLLING_REMINDERS_INTERVAL_MS, enabled: true }`
-
-`ImpersonationBanner.vue` — добавить импорт `import { POLLING_INTERVAL_MS } from '../../constants/polling';`
-
-- `:40` `usePolling(load, { intervalMs: 30_000 });` → `{ intervalMs: POLLING_INTERVAL_MS }`
-
-`ReportsView.vue` — добавить импорт `import { POLLING_INTERVAL_MS } from '../constants/polling';`
-
-- `:62` `usePolling(loadJobs, { intervalMs: 30_000 });` → `{ intervalMs: POLLING_INTERVAL_MS }`
-
-Call-site'ы на дефолте (`DealsView`/`KanbanView`/`AdminBillingView`/`AdminIncidentsView`/`AdminTenantsView`) — **не трогать**, они уже получают значение через дефолт `usePolling`.
-
-- [ ] **Step 4: Type-check + тесты (рефактор — поведение без изменений)**
-
-Run: `cd app && npm run type-check && npm run test:vue -- usePolling AppLayout ImpersonationBanner ReportsView`
-Expected: vue-tsc 0 ошибок; все тесты PASS без изменений (интервалы численно те же — `30_000`/`60_000`).
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/resources/js/constants/polling.ts app/resources/js/composables/usePolling.ts app/resources/js/layouts/AppLayout.vue app/resources/js/components/admin/ImpersonationBanner.vue app/resources/js/views/ReportsView.vue
-git commit -m "refactor(polling): вынести интервалы в constants/polling.ts — Sprint 6 F4"
-```
-
----
-
-## Task 4: G9 — aria-label на edit-кнопки AdminSystemView
-
-**Контекст:** В списке `system_settings` каждая строка имеет кнопку «Изменить» (`AdminSystemView.vue:166-175`). У всех кнопок одинаковый видимый текст «Изменить» — screen-reader пользователь, проходя список, слышит «Изменить, Изменить, Изменить» без контекста, какая настройка. Фикс — `:aria-label` с ключом настройки.
-
-**Files:**
-
-- Modify: `app/resources/js/views/admin/AdminSystemView.vue:166-175`
-- Test: `app/tests/Frontend/AdminSystemView.spec.ts`
-
-- [ ] **Step 1: Написать failing-тест**
-
-В `AdminSystemView.spec.ts` добавить (mount-setup — из существующих тестов файла; компонент стартует с mock-данными до `onMounted`-загрузки, либо использовать `defineExpose`d `settingsState`):
-
-```ts
-it('G9: edit-кнопки имеют aria-label с ключом настройки', () => {
-    const wrapper = mount(AdminSystemView, { /* global: из существующего setup */ });
-    const editBtns = wrapper.findAll('[data-testid^="edit-"]');
-    expect(editBtns.length).toBeGreaterThan(0);
-    for (const btn of editBtns) {
-        const label = btn.attributes('aria-label') ?? '';
-        expect(label).toMatch(/^Изменить настройку .+/);
-    }
-});
-```
-
-- [ ] **Step 2: Прогнать тест — убедиться, что падает**
-
-Run: `cd app && npm run test:vue -- AdminSystemView`
-Expected: FAIL — `aria-label` отсутствует на кнопках.
-
-- [ ] **Step 3: Добавить aria-label**
-
-В `app/resources/js/views/admin/AdminSystemView.vue` в `<v-btn>` (`:166-175`) добавить строку `:aria-label` между `prepend-icon` и `:data-testid`:
-
-```vue
-                        <v-btn
-                            variant="text"
-                            size="small"
-                            density="comfortable"
-                            prepend-icon="mdi-pencil"
-                            :aria-label="`Изменить настройку ${setting.key}`"
-                            :data-testid="`edit-${setting.key}-btn`"
-                            @click="openEdit(setting)"
-                        >
-                            Изменить
-                        </v-btn>
-```
-
-- [ ] **Step 4: Прогнать тест — убедиться, что зелёный**
-
-Run: `cd app && npm run test:vue -- AdminSystemView`
-Expected: PASS — новый тест + ранее существовавшие.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/resources/js/views/admin/AdminSystemView.vue app/tests/Frontend/AdminSystemView.spec.ts
-git commit -m "fix(a11y): aria-label с ключом на edit-кнопках AdminSystem — Sprint 6 G9"
-```
-
----
-
-## Task 5: I5 — снять устаревший clearable-workaround из ProjectsView
-
-**Контекст:** `ProjectsView.vue:170-196` содержит CSS-workaround: у `clearable` `v-text-field` иконка `mdi-close-circle` делалась прозрачной, а вместо неё `::after`-псевдоэлементом рисовался Unicode-глиф `✕` — потому что MDI-шрифт не был подключён (Диз-4). CTO-19 (миграция на Lucide) закрыта: `app/resources/js/plugins/vuetify.ts:164` маппит `'mdi-close-circle': XCircle` — clearable-иконка теперь рендерится нативным Lucide-SVG. Workaround мёртв → удалить.
-
-**Files:**
-
-- Modify: `app/resources/js/views/ProjectsView.vue` (удаление CSS-блока `:170-196`)
-
-- [ ] **Step 1: Проверить премису (фальсифицировать перед удалением)**
-
-Подтвердить, что `app/resources/js/plugins/vuetify.ts` содержит `'mdi-close-circle': XCircle` в Lucide IconSet-маппинге и `XCircle` импортирован из `lucide-vue-next`. Если маппинга нет — задача **BLOCKED**, эскалировать (workaround снимать нельзя без замены).
-
-- [ ] **Step 2: Удалить CSS-блок workaround'а**
-
-В `app/resources/js/views/ProjectsView.vue` удалить строки `:170-196` целиком — комментарий-заголовок `/* Workaround: MDI-шрифт... */` и 4 CSS-правила: `.projects-view :deep(.v-field__clearable)`, `.projects-view :deep(.v-field__clearable .v-icon)`, `.projects-view :deep(.v-field--dirty .v-field__clearable)::after`, `.projects-view :deep(.v-field--dirty .v-field__clearable:hover)::after`. Соседние блоки (`.projects-grid` выше, `.toolbar-check` ниже) не трогать.
-
-- [ ] **Step 3: Type-check + сборка + существующие тесты**
-
-Run: `cd app && npm run type-check && npm run test:vue -- ProjectsView`
-Expected: vue-tsc 0; `ProjectsView.spec.ts` PASS без изменений (правка чисто CSS, JS-поведение не затронуто).
-
-- [ ] **Step 4: Визуальный smoke (Playwright)**
-
-Запустить dev-сервер, открыть `/projects`, ввести текст в поле поиска проектов (`clearable`). Подтвердить: иконка очистки (Lucide `XCircle`) **видима** справа в поле и клик по ней очищает значение. Сделать скриншот. Если иконка не рендерится — premise опровергнута, `git revert` Step 2 и эскалировать.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/resources/js/views/ProjectsView.vue
-git commit -m "chore(cleanup): снять устаревший MDI clearable-workaround (CTO-19 tail) — Sprint 6 I5"
-```
-
----
-
-## Финальная верификация (после всех 5 задач)
-
-- [ ] **Полная регрессия Vitest** — `cd app && npm run test:vue -- --maxWorkers=2` (full-suite без `--maxWorkers=2` OOM'ит в worktree — квирк 98). Ожидаемо: 0 fail; число passed ≥ baseline + новые тесты (T1 ×3, T2 ×2, T4 ×1).
-- [ ] **vue-tsc** — `cd app && npm run type-check` → 0 ошибок.
-- [ ] **ESLint** — `cd app && npm run lint:vue` → известная pre-existing ошибка `tests/Frontend/ImportView.spec.ts:4` (Sprint 4 долг, вне scope Sprint 6); 0 новых.
-- [ ] **Vite build** — `cd app && npm run build` → OK (подтверждает, что DEV-гейт B6 валиден для prod-сборки).
-- [ ] **Pest** опционально — Sprint 6 не трогает PHP-файлы (0 backend-изменений), backend-регрессия структурно невозможна; полный прогон Pest — belt, не обязателен.
-- [ ] **Финальный holistic code-review** всего диффа Sprint 6.
-- [ ] **Pre-push:** gitleaks-full-history + lychee (lefthook не в PATH worktree — прогонять вручную).
-
-## Self-Review (выполнено при написании плана)
-
-- **Spec coverage:** Sprint 6 §3 спека = 8 эпиков. A9/B6/F4/G9/I5 — в плане (5 задач). F5/G8 — внешне блокированы (инфра/Б-1). I2 — отложен с I1 (решение заказчика Sprint 5D). Покрытие полное и обоснованное.
-- **Placeholder-скан:** весь production-код приведён дословно (file:line); тест-код — с конкретными ассертами, mount-setup берётся из существующих spec-файлов (они прочитаны на Step 1 каждой задачи).
-- **Type consistency:** `POLLING_INTERVAL_MS` / `POLLING_REMINDERS_INTERVAL_MS` — единые имена в T3 (создание + 4 call-site). `data-testid="dev-auth-gap-banner"` — единое имя в T2 (template + 2 теста). `isDevEnv` — единое имя в T2.
diff --git a/docs/superpowers/plans/2026-05-18-deals-drawer-and-project-source-edit.md b/docs/superpowers/plans/2026-05-18-deals-drawer-and-project-source-edit.md
deleted file mode 100644
index f8c6a7d..0000000
--- a/docs/superpowers/plans/2026-05-18-deals-drawer-and-project-source-edit.md
+++ /dev/null
@@ -1,885 +0,0 @@
-# Deals drawer + project source edit — Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Привести drawer-«легенду» сделки и карточку проекта к запросу заказчика 18.05.2026 — статус-picker, корректные параметры (Тип/Источник), selected-driven видимость drawer/bulk-полосы, редактирование источника проекта.
-
-**Architecture:** 5 атомарных задач (1 коммит = 1 task). Frontend-only задачи 1-4 (Vue/TS). Задача 5 расширяет backend (UpdateProjectRequest + ProjectController) + UI ProjectDetailsDrawer. TDD per task: failing test → minimal impl → vitest/pest → commit.
-
-**Tech Stack:** Vue 3 + Vuetify 3 + Pinia, Laravel 13 + Pest 4, axios + ApiClient.
-
-**Источник истины** для решений: AskUserQuestion ответы 18.05.2026:
-
-- п.1: «при выборе 1 сделки она не нужна, нужна только легенда справа»
-- п.2: «при выборе 2-х и более легенда не нужна а полоса нужна»
-- п.3: статус в drawer кликабельный, dropdown статусов
-- п.4: убрать «Менеджер»/«Не назначен»
-- п.5: B-префикс уже убран (commit `36ea9cd`)
-- п.6: формат «отправитель + (ключевое слово как в карточке создания)» = `signal_identifier` для site/call; для sms — `sms_senders[0]` + `(${sms_keyword})` если есть
-- п.7: «Тип» (Сайт/Звонок/СМС) вместо «Менеджер»
-- п.8: подпись «Источник» над полями на 3 табах NewProjectDialog
-- п.9: редактировать источник **только в карточке проекта** (ProjectDetailsDrawer на /projects); в drawer сделки источник read-only
-
----
-
-## File Structure
-
-| Файл | Что делает |
-|---|---|
-| `app/resources/js/views/DealsView.vue` | Selected-driven: drawer hidden при ≥2 selected; auto-open при selected=1 |
-| `app/resources/js/components/deals/DealDetailHero.vue` | StatusPill → inline statuspicker (`v-menu` со списком статусов) |
-| `app/resources/js/components/deals/DealDetailBody.vue` | Убрать «Менеджер», добавить «Тип» + «Источник» (read-only) |
-| `app/resources/js/composables/mockDeals.ts` | +поля projectSignalType / projectSignalIdentifier / projectSmsSenders / projectSmsKeyword |
-| `app/resources/js/composables/dealsApiMapper.ts` | Маппинг новых API-полей |
-| `app/resources/js/api/deals.ts` | Расширить ApiDeal интерфейс новыми полями |
-| `app/app/Http/Controllers/Api/DealController.php` | Eager-load + отдавать новые поля проекта в payload |
-| `app/resources/js/views/projects/NewProjectDialog.vue` | Подпись «Источник» над полями на 3 табах |
-| `app/resources/js/components/projects/ProjectDetailsDrawer.vue` | Добавить редактирование signal_identifier (site/call) + sms_senders/keyword (sms) |
-| `app/app/Http/Requests/UpdateProjectRequest.php` | +правила валидации signal_identifier по signal_type проекта |
-| `app/app/Http/Controllers/Api/ProjectController.php` | update() — пропустить signal_identifier в Project::update |
-| `app/resources/js/stores/projectsStore.ts` | Project type — поле signal_identifier ОК; проверить только |
-
----
-
-## Task 1: Selected-driven drawer visibility (пп. 1+2)
-
-**Files:**
-
-- Modify: `app/resources/js/views/DealsView.vue` (полная логика panelOpen ↔ selected.length)
-- Test: `app/tests/Frontend/DealsView.spec.ts` (расширить существующий)
-
-**Логика:**
-
-- `selected.length === 0` → row-click открывает drawer (как сейчас)
-- `selected.length === 1` → drawer **авто-открыт для этой сделки**, bulk-полоса **скрыта**
-- `selected.length >= 2` → drawer **закрыт**, bulk-полоса видна
-
-DealsBulkBar уже показывается только при `selectedCount > 0` (нужно перепроверить — возможно показать при `>= 2` only).
-
-- [ ] **Step 1: Failing test для авто-открытия при selected=1**
-
-В `app/tests/Frontend/DealsView.spec.ts` добавить:
-
-```ts
-it('при selected=1 drawer авто-открывается на выбранной сделке, bulk-полоса скрыта', async () => {
-    const w = mount(DealsView, { global: { plugins: [vuetify, createPinia()] } });
-    await flushPromises();
-    w.vm.dealsState.push({ id: 42, name: 'X', phone: '+79991234567', statusSlug: 'new', project: 'p', manager: { initials: 'A', name: 'A' }, cost: 0, receivedMinutesAgo: 0 } as never);
-    w.vm.selected = [42];
-    await nextTick();
-    expect(w.vm.panelOpen).toBe(true);
-    expect(w.vm.selectedDeal?.id).toBe(42);
-});
-
-it('при selected>=2 drawer закрывается', async () => {
-    const w = mount(DealsView, { global: { plugins: [vuetify, createPinia()] } });
-    await flushPromises();
-    w.vm.dealsState.push({ id: 42, name: 'X', phone: '+1', statusSlug: 'new', project: 'p', manager: { initials: 'A', name: 'A' }, cost: 0, receivedMinutesAgo: 0 } as never);
-    w.vm.dealsState.push({ id: 43, name: 'Y', phone: '+2', statusSlug: 'new', project: 'p', manager: { initials: 'A', name: 'A' }, cost: 0, receivedMinutesAgo: 0 } as never);
-    w.vm.panelOpen = true;
-    w.vm.selectedDeal = w.vm.dealsState[0];
-    w.vm.selected = [42, 43];
-    await nextTick();
-    expect(w.vm.panelOpen).toBe(false);
-});
-```
-
-- [ ] **Step 2: Запустить тест — должен FAIL**
-
-`cd app && npx vitest run tests/Frontend/DealsView.spec.ts -t "при selected" --reporter=verbose`
-
-- [ ] **Step 3: Добавить watcher в DealsView.vue**
-
-Найти `watch([filterStatus, filterProject, receivedFrom, receivedTo, perPage], …)` (~строка 108) и **после** добавить:
-
-```ts
-// Selected-driven drawer visibility (18.05.2026 ux-request):
-// 0 selected → drawer по row-click; 1 selected → авто-открыт для этой сделки;
-// ≥2 selected → закрыт (показывается bulk-полоса).
-watch(selected, (ids) => {
-    if (ids.length === 1) {
-        const deal = dealsState.find((d) => d.id === ids[0]);
-        if (deal) {
-            selectedDeal.value = deal;
-            panelOpen.value = true;
-        }
-    } else if (ids.length >= 2) {
-        panelOpen.value = false;
-    }
-});
-```
-
-И **скрыть bulk-полосу при selected=1** — изменить отображение DealsBulkBar:
-
-```vue
-<DealsBulkBar
-    v-if="selected.length >= 2"
-    v-model:status-menu-open="statusMenuOpen"
-    :selected-count="selected.length"
-    :lead-statuses="leadStatuses"
-    @apply-status="applyBulkStatus"
-    @clear-selected="selected = []"
-/>
-```
-
-- [ ] **Step 4: Vitest пройти GREEN**
-
-`cd app && npx vitest run tests/Frontend/DealsView.spec.ts --reporter=default`
-Expected: все passes, в т.ч. 2 новых.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/resources/js/views/DealsView.vue app/tests/Frontend/DealsView.spec.ts
-git commit -m "feat(deals): drawer виден при selected≤1, bulk-полоса только при ≥2"
-```
-
----
-
-## Task 2: API: project source fields в drawer сделки (пп. 4+6+7)
-
-**Files:**
-
-- Modify: `app/app/Http/Controllers/Api/DealController.php` (eager-load + payload)
-- Modify: `app/resources/js/api/deals.ts` (ApiDeal +4 поля)
-- Modify: `app/resources/js/composables/mockDeals.ts` (MockDeal +4 поля)
-- Modify: `app/resources/js/composables/dealsApiMapper.ts` (маппер +4 поля)
-- Modify: `app/resources/js/components/deals/DealDetailBody.vue` (UI: убрать Менеджер, +Тип, +Источник)
-- Test: `app/tests/Feature/Deals/DealShowEndpointTest.php` или подобный для controller; `app/tests/Frontend/DealDetailBody.spec.ts` если есть, иначе расширить DealDetailDrawer.spec.ts
-
-- [ ] **Step 1: Pest failing для API payload**
-
-В существующем тесте `app/tests/Feature/Deals/*.php` для GET /api/deals/{id} добавить assertion:
-
-```php
-it('returns project signal_identifier/sms_keyword/sms_senders in deal payload', function () {
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->create([
-        'tenant_id' => $tenant->id,
-        'signal_type' => 'sms',
-        'signal_identifier' => 'MTS',
-        'sms_senders' => ['MTS', 'BEELINE'],
-        'sms_keyword' => 'КРЕДИТ',
-    ]);
-    $deal = Deal::factory()->create(['tenant_id' => $tenant->id, 'project_id' => $project->id]);
-
-    actingAsTenant($tenant);
-    $resp = $this->getJson("/api/deals/{$deal->id}?tenant_id={$tenant->id}");
-
-    $resp->assertOk()->assertJsonPath('deal.project_signal_identifier', 'MTS');
-    $resp->assertJsonPath('deal.project_sms_keyword', 'КРЕДИТ');
-    $resp->assertJsonPath('deal.project_sms_senders.0', 'MTS');
-});
-```
-
-- [ ] **Step 2: Запустить — FAIL**
-
-```
-cd app && ./vendor/bin/pest --filter "returns project signal_identifier"
-```
-
-Expected: FAIL (поля отсутствуют в payload).
-
-- [ ] **Step 3: Расширить DealController eager-load + transformer**
-
-В `app/app/Http/Controllers/Api/DealController.php`:
-
-- Строка 112 (`->with(['project:id,name,signal_type', ...])`) → расширить:
-  `->with(['project:id,name,signal_type,signal_identifier,sms_keyword,sms_senders', 'manager:id,email,first_name,last_name']);`
-- Строка 215 (`'project_signal_type' => …`) → добавить ниже:
-
-```php
-'project_signal_identifier' => $d->project?->signal_identifier,
-'project_sms_keyword' => $d->project?->sms_keyword,
-'project_sms_senders' => $d->project?->sms_senders,
-```
-
-Найти аналогичные места в `show()` методе (если есть) и добавить там же.
-
-- [ ] **Step 4: Pest passes**
-
-```
-cd app && ./vendor/bin/pest --filter "returns project signal_identifier" -v
-```
-
-Expected: PASS.
-
-- [ ] **Step 5: Расширить TypeScript интерфейсы**
-
-В `app/resources/js/api/deals.ts` интерфейс `ApiDeal` (строка 153) — добавить:
-
-```ts
-project_signal_identifier: string | null;
-project_sms_keyword: string | null;
-project_sms_senders: string[] | null;
-```
-
-В `app/resources/js/composables/mockDeals.ts` интерфейс `MockDeal` (строка 10) — добавить:
-
-```ts
-projectSignalType?: 'site' | 'call' | 'sms' | null;
-projectSignalIdentifier?: string | null;
-projectSmsKeyword?: string | null;
-projectSmsSenders?: string[] | null;
-```
-
-В `app/resources/js/composables/dealsApiMapper.ts` функция `mapApiDeal` — добавить маппинг новых полей.
-**ПРИМЕЧАНИЕ:** прочитать актуальный файл перед правкой, см. поля `signalType: d.project_signal_type as MockDeal['signalType']` — добавить аналогично:
-
-```ts
-projectSignalType: d.project_signal_type as MockDeal['projectSignalType'],
-projectSignalIdentifier: d.project_signal_identifier,
-projectSmsKeyword: d.project_sms_keyword,
-projectSmsSenders: d.project_sms_senders,
-```
-
-- [ ] **Step 6: Failing Vitest test для UI Drawer**
-
-Создать `app/tests/Frontend/DealDetailBody.spec.ts` (или расширить, если есть):
-
-```ts
-import { describe, it, expect } from 'vitest';
-import { mount } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-import { setActivePinia, createPinia } from 'pinia';
-import DealDetailBody from '../../resources/js/components/deals/DealDetailBody.vue';
-import type { MockDeal } from '../../resources/js/composables/mockDeals';
-
-const vuetify = createVuetify();
-setActivePinia(createPinia());
-
-function makeDeal(overrides: Partial<MockDeal> = {}): MockDeal {
-    return {
-        id: 1, name: 'A', phone: '+79991234567', statusSlug: 'new',
-        project: 'p', manager: { initials: 'AD', name: 'A' }, cost: 0,
-        receivedMinutesAgo: 1,
-        projectSignalType: 'site', projectSignalIdentifier: 'krk-finance.ru',
-        projectSmsKeyword: null, projectSmsSenders: null,
-        ...overrides,
-    };
-}
-
-describe('DealDetailBody — Тип и Источник (18.05.2026)', () => {
-    it('показывает Тип «Сайт» и Источник = signal_identifier для site', () => {
-        const w = mount(DealDetailBody, {
-            props: { deal: makeDeal() },
-            global: { plugins: [vuetify, createPinia()] },
-        });
-        expect(w.text()).toContain('Сайт');
-        expect(w.text()).toContain('krk-finance.ru');
-    });
-
-    it('для sms показывает sender + (keyword)', () => {
-        const w = mount(DealDetailBody, {
-            props: { deal: makeDeal({
-                projectSignalType: 'sms',
-                projectSignalIdentifier: null,
-                projectSmsSenders: ['MTS', 'BEELINE'],
-                projectSmsKeyword: 'КРЕДИТ',
-            }) },
-            global: { plugins: [vuetify, createPinia()] },
-        });
-        expect(w.text()).toContain('СМС');
-        expect(w.text()).toContain('MTS (КРЕДИТ)');
-    });
-
-    it('для sms без keyword показывает только sender', () => {
-        const w = mount(DealDetailBody, {
-            props: { deal: makeDeal({
-                projectSignalType: 'sms',
-                projectSignalIdentifier: null,
-                projectSmsSenders: ['MTS'],
-                projectSmsKeyword: null,
-            }) },
-            global: { plugins: [vuetify, createPinia()] },
-        });
-        expect(w.text()).toContain('СМС');
-        expect(w.text()).toContain('MTS');
-        expect(w.text()).not.toMatch(/\([^)]*\)/);
-    });
-
-    it('не отображает «Менеджер» секцию', () => {
-        const w = mount(DealDetailBody, {
-            props: { deal: makeDeal() },
-            global: { plugins: [vuetify, createPinia()] },
-        });
-        expect(w.text()).not.toContain('Менеджер');
-    });
-});
-```
-
-- [ ] **Step 7: Run — FAIL**
-
-`cd app && npx vitest run tests/Frontend/DealDetailBody.spec.ts --reporter=verbose`
-
-Expected: 4 fails.
-
-- [ ] **Step 8: Реализация DealDetailBody.vue**
-
-В `app/resources/js/components/deals/DealDetailBody.vue`:
-
-1. Добавить helpers в `<script setup>`:
-
-```ts
-const TYPE_LABELS: Record<string, string> = { site: 'Сайт', call: 'Звонок', sms: 'СМС' };
-const projectTypeLabel = computed((): string =>
-    props.deal?.projectSignalType ? (TYPE_LABELS[props.deal.projectSignalType] ?? '—') : '—',
-);
-const projectSourceLabel = computed((): string => {
-    if (!props.deal) return '—';
-    const t = props.deal.projectSignalType;
-    if (t === 'site' || t === 'call') return props.deal.projectSignalIdentifier ?? '—';
-    if (t === 'sms') {
-        const sender = props.deal.projectSmsSenders?.[0] ?? '';
-        const kw = props.deal.projectSmsKeyword;
-        if (sender && kw) return `${sender} (${kw})`;
-        return sender || '—';
-    }
-    return '—';
-});
-```
-
-1. В `<template>` найти блок `<div class="param">` для «Менеджер» (около строки 171-180) — **удалить целиком**.
-2. Между «Стоимость лида» и (где был Менеджер) добавить:
-
-```vue
-<div class="param">
-    <dt class="text-caption text-medium-emphasis">Тип</dt>
-    <dd class="text-body-2">{{ projectTypeLabel }}</dd>
-</div>
-<div class="param">
-    <dt class="text-caption text-medium-emphasis">Источник</dt>
-    <dd class="text-body-2">{{ projectSourceLabel }}</dd>
-</div>
-```
-
-- [ ] **Step 9: Vitest GREEN**
-
-`cd app && npx vitest run tests/Frontend/DealDetailBody.spec.ts --reporter=default`
-Expected: 4 passes.
-
-- [ ] **Step 10: Full Vitest перед коммитом**
-
-`cd app && npx vitest run --reporter=default --maxWorkers=2`
-
-Expected: 0 failed.
-
-- [ ] **Step 11: Pest full перед коммитом**
-
-`cd app && ./vendor/bin/pest --parallel 2>&1 | tail -10`
-
-Expected: 0 failed (новый Deal-show-payload тест passes).
-
-- [ ] **Step 12: Build**
-
-`cd app && npm run build 2>&1 | tail -5`
-
-Expected: `built in …s`.
-
-- [ ] **Step 13: Commit**
-
-```bash
-git add app/app/Http/Controllers/Api/DealController.php \
-        app/resources/js/api/deals.ts \
-        app/resources/js/composables/mockDeals.ts \
-        app/resources/js/composables/dealsApiMapper.ts \
-        app/resources/js/components/deals/DealDetailBody.vue \
-        app/tests/Frontend/DealDetailBody.spec.ts \
-        app/tests/Feature/Deals/*.php
-git commit -m "feat(deals/drawer): убрать «Менеджер», добавить «Тип» + «Источник» read-only"
-```
-
----
-
-## Task 3: Inline status picker в drawer (п. 3)
-
-**Files:**
-
-- Modify: `app/resources/js/components/deals/DealDetailHero.vue`
-- Test: `app/tests/Frontend/DealDetailHero.spec.ts` (создать или расширить)
-
-**Логика:** клик по статус-чипу → `v-menu` с `v-list` всех статусов → выбор отправляет `PATCH /api/deals/{id} { status: <slug> }`, optimistic UI.
-
-- [ ] **Step 1: Failing test**
-
-```ts
-import { describe, it, expect, vi } from 'vitest';
-import { mount } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-import DealDetailHero from '../../resources/js/components/deals/DealDetailHero.vue';
-
-const vuetify = createVuetify();
-
-const statuses = [
-    { slug: 'new', nameRu: 'Новая', colorHex: '#0F6E56' },
-    { slug: 'in_progress', nameRu: 'В работе', colorHex: '#0066CC' },
-    { slug: 'won', nameRu: 'Куплено', colorHex: '#00A36C' },
-];
-
-describe('DealDetailHero — inline status picker', () => {
-    it('клик по статус-чипу открывает меню статусов', async () => {
-        const w = mount(DealDetailHero, {
-            props: {
-                deal: { id: 1, name: 'A', phone: '+1', statusSlug: 'new', project: 'p',
-                        manager: { initials: 'A', name: 'A' }, cost: 0, receivedMinutesAgo: 1 },
-                status: statuses[0],
-                allStatuses: statuses,
-            },
-            global: { plugins: [vuetify], stubs: { teleport: true } },
-            attachTo: document.body,
-        });
-        await w.find('[data-testid="status-chip-trigger"]').trigger('click');
-        await new Promise(r => setTimeout(r, 50));
-        expect(document.body.textContent).toContain('В работе');
-        expect(document.body.textContent).toContain('Куплено');
-        w.unmount();
-    });
-
-    it('выбор статуса эмитит change-status с новым slug', async () => {
-        const w = mount(DealDetailHero, {
-            props: {
-                deal: { id: 1, name: 'A', phone: '+1', statusSlug: 'new', project: 'p',
-                        manager: { initials: 'A', name: 'A' }, cost: 0, receivedMinutesAgo: 1 },
-                status: statuses[0],
-                allStatuses: statuses,
-            },
-            global: { plugins: [vuetify], stubs: { teleport: true } },
-            attachTo: document.body,
-        });
-        await w.find('[data-testid="status-chip-trigger"]').trigger('click');
-        await new Promise(r => setTimeout(r, 50));
-        const items = [...document.body.querySelectorAll('[data-testid^="status-option-"]')];
-        const won = items.find(el => el.textContent?.includes('Куплено')) as HTMLElement | undefined;
-        won?.click();
-        await new Promise(r => setTimeout(r, 50));
-        expect(w.emitted('change-status')?.[0]?.[0]).toBe('won');
-        w.unmount();
-    });
-});
-```
-
-- [ ] **Step 2: Run — FAIL**
-
-`cd app && npx vitest run tests/Frontend/DealDetailHero.spec.ts -v`
-
-- [ ] **Step 3: Расширить DealDetailHero.vue**
-
-В `<script setup>` props:
-
-```ts
-import type { LeadStatus } from '../../composables/leadStatuses';
-defineProps<{
-    deal: MockDeal;
-    status: LeadStatus | null;
-    allStatuses: LeadStatus[];
-}>();
-defineEmits<{
-    close: [];
-    'change-status': [slug: string];
-}>();
-```
-
-В `<template>` блок `<div v-if="status" class="status-row mt-3">` (строки 43-48) — заменить на:
-
-```vue
-<div v-if="status" class="status-row mt-3">
-    <v-menu>
-        <template #activator="{ props: a }">
-            <v-chip v-bind="a" data-testid="status-chip-trigger" size="small" variant="tonal"
-                    :style="{ color: status.colorHex, borderColor: status.colorHex, cursor: 'pointer' }">
-                <span class="status-dot" :style="{ background: status.colorHex }" />
-                {{ status.nameRu }}
-                <v-icon size="14" class="ml-1">mdi-menu-down</v-icon>
-            </v-chip>
-        </template>
-        <v-list density="compact">
-            <v-list-item v-for="s in allStatuses" :key="s.slug"
-                         :data-testid="`status-option-${s.slug}`"
-                         @click="$emit('change-status', s.slug)">
-                <template #prepend>
-                    <span class="status-dot" :style="{ background: s.colorHex }" />
-                </template>
-                <v-list-item-title>{{ s.nameRu }}</v-list-item-title>
-            </v-list-item>
-        </v-list>
-    </v-menu>
-</div>
-```
-
-- [ ] **Step 4: Расширить parent DealDetailBody.vue**
-
-Передавать allStatuses и обрабатывать change-status. В `DealDetailBody.vue`:
-
-```vue
-<DealDetailHero :deal="deal" :status="status" :all-statuses="leadStatusesStore.statuses"
-                @close="emit('close')" @change-status="onStatusChange" />
-```
-
-Добавить handler:
-
-```ts
-async function onStatusChange(slug: string): Promise<void> {
-    if (!props.deal || !props.tenantId) return;
-    const prev = props.deal.statusSlug;
-    props.deal.statusSlug = slug as MockDeal['statusSlug'];
-    try {
-        await dealsApi.updateDeal(props.deal.id, { tenant_id: props.tenantId, status: slug });
-    } catch {
-        props.deal.statusSlug = prev;
-    }
-}
-```
-
-- [ ] **Step 5: Vitest GREEN**
-
-`cd app && npx vitest run tests/Frontend/DealDetailHero.spec.ts -v`
-
-- [ ] **Step 6: Full Vitest**
-
-`cd app && npx vitest run --reporter=default --maxWorkers=2 2>&1 | tail -10`
-
-- [ ] **Step 7: Commit**
-
-```bash
-git add app/resources/js/components/deals/DealDetailHero.vue \
-        app/resources/js/components/deals/DealDetailBody.vue \
-        app/tests/Frontend/DealDetailHero.spec.ts
-git commit -m "feat(deals/drawer): inline status picker в карточке сделки"
-```
-
----
-
-## Task 4: Подпись «Источник» в NewProjectDialog (п. 8)
-
-**Files:**
-
-- Modify: `app/resources/js/views/projects/NewProjectDialog.vue`
-- Test: `app/tests/Frontend/NewProjectDialog.spec.ts` (создать или расширить если есть)
-
-- [ ] **Step 1: Failing test**
-
-```ts
-import { describe, it, expect } from 'vitest';
-import { mount } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-import NewProjectDialog from '../../resources/js/views/projects/NewProjectDialog.vue';
-
-const vuetify = createVuetify();
-
-describe('NewProjectDialog — подпись «Источник» (18.05.2026)', () => {
-    it('на табе Сайт перед полем «Домен» есть подпись «Источник»', async () => {
-        const w = mount(NewProjectDialog, {
-            props: { modelValue: true, mode: 'create' },
-            global: { plugins: [vuetify], stubs: { teleport: true } },
-            attachTo: document.body,
-        });
-        await new Promise(r => setTimeout(r, 50));
-        expect(document.body.textContent).toContain('Источник');
-        w.unmount();
-    });
-});
-```
-
-- [ ] **Step 2: Run — FAIL**
-
-`cd app && npx vitest run tests/Frontend/NewProjectDialog.spec.ts -v`
-
-- [ ] **Step 3: Реализация**
-
-В `app/resources/js/views/projects/NewProjectDialog.vue` — внутри `<v-tabs-window v-model="form.signal_type" class="mt-4">` (строка 19) — перед каждым `<v-tabs-window-item>` контентом добавить заголовок секции:
-
-Для **site** (после `<v-tabs-window-item value="site">`):
-
-```vue
-<div class="text-caption text-medium-emphasis mb-1">Источник — домен сайта-«донора», с которого приходят лиды</div>
-```
-
-Для **call**:
-
-```vue
-<div class="text-caption text-medium-emphasis mb-1">Источник — телефонный номер «донора», на который звонят клиенты</div>
-```
-
-Для **sms**:
-
-```vue
-<div class="text-caption text-medium-emphasis mb-1">Источник — отправитель SMS и (опционально) ключевое слово в тексте</div>
-```
-
-- [ ] **Step 4: Vitest GREEN**
-
-`cd app && npx vitest run tests/Frontend/NewProjectDialog.spec.ts -v`
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/resources/js/views/projects/NewProjectDialog.vue \
-        app/tests/Frontend/NewProjectDialog.spec.ts
-git commit -m "feat(projects/new-dialog): подпись «Источник» над полями на 3 табах"
-```
-
----
-
-## Task 5: Редактирование источника в ProjectDetailsDrawer (п. 9)
-
-**Files:**
-
-- Modify: `app/app/Http/Requests/UpdateProjectRequest.php` (+signal_identifier rules)
-- Modify: `app/app/Http/Controllers/Api/ProjectController.php` (update — пропускать signal_identifier)
-- Modify: `app/resources/js/components/projects/ProjectDetailsDrawer.vue` (UI поля)
-- Test: `app/tests/Feature/Projects/UpdateProjectTest.php` (signal_identifier обновляется)
-
-**ВАЖНО (риски):**
-
-- signal_type **не редактируется** — менять signal_type у активного проекта = смена природы; не предусмотрено.
-- При смене signal_identifier у существующего проекта **прошлые сделки** уже привязаны к проекту, source-label в их карточке изменится автоматически (это поведение и хотел заказчик: «изменится у всех сделок этого проекта»).
-- Соблюсти validation: site = regex домена, call = regex 7\d{10}, sms = signal_identifier = sms_senders[0] (или просто пропускать через sms_senders/sms_keyword, как сейчас в UpdateProjectRequest).
-
-- [ ] **Step 1: Pest failing**
-
-Создать или расширить `app/tests/Feature/Projects/UpdateProjectTest.php`:
-
-```php
-it('updates signal_identifier for site project', function () {
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->create([
-        'tenant_id' => $tenant->id,
-        'signal_type' => 'site',
-        'signal_identifier' => 'old.ru',
-    ]);
-    actingAsTenant($tenant);
-
-    $resp = $this->patchJson("/api/projects/{$project->id}", [
-        'signal_identifier' => 'new-source.ru',
-    ]);
-
-    $resp->assertOk();
-    expect($project->fresh()->signal_identifier)->toBe('new-source.ru');
-});
-
-it('updates signal_identifier for call project (phone regex)', function () {
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->create([
-        'tenant_id' => $tenant->id,
-        'signal_type' => 'call',
-        'signal_identifier' => '79991111111',
-    ]);
-    actingAsTenant($tenant);
-
-    $resp = $this->patchJson("/api/projects/{$project->id}", [
-        'signal_identifier' => '79992222222',
-    ]);
-    $resp->assertOk();
-    expect($project->fresh()->signal_identifier)->toBe('79992222222');
-});
-
-it('rejects invalid signal_identifier (site regex)', function () {
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->create([
-        'tenant_id' => $tenant->id, 'signal_type' => 'site', 'signal_identifier' => 'ok.ru',
-    ]);
-    actingAsTenant($tenant);
-
-    $this->patchJson("/api/projects/{$project->id}", ['signal_identifier' => 'not-a-domain'])
-        ->assertStatus(422)
-        ->assertJsonValidationErrors(['signal_identifier']);
-});
-```
-
-- [ ] **Step 2: Run — FAIL**
-
-```
-cd app && ./vendor/bin/pest --filter "updates signal_identifier\|rejects invalid"
-```
-
-Expected: все FAIL (правило не разрешает signal_identifier).
-
-- [ ] **Step 3: Расширить UpdateProjectRequest**
-
-В `app/app/Http/Requests/UpdateProjectRequest.php` в массиве правил (около строки 27) — добавить condition-based валидацию:
-
-```php
-$rules = [
-    // ... existing rules name/daily_limit/regions/delivery_days_mask/sms_*
-];
-
-// Условно на тип проекта — signal_identifier валидируется по signal_type
-$project = $this->route('id') ? \App\Models\Project::find($this->route('id')) : null;
-if ($project) {
-    if ($project->signal_type === 'site') {
-        $rules['signal_identifier'] = ['sometimes', 'string', 'regex:/^[a-z0-9][a-z0-9\-]*(\.[a-z0-9][a-z0-9\-]*)*\.[a-z]{2,}$/i'];
-    } elseif ($project->signal_type === 'call') {
-        $rules['signal_identifier'] = ['sometimes', 'string', 'regex:/^7\d{10}$/'];
-    }
-    // sms: signal_identifier обновляется автоматически из sms_senders[0] в ProjectController (или через UpdateProjectAction)
-}
-
-return $rules;
-```
-
-(Адаптировать под существующую структуру файла — прочитать его сначала.)
-
-- [ ] **Step 4: Расширить ProjectController::update**
-
-В `app/app/Http/Controllers/Api/ProjectController.php` метод `update()` (около строки 96) — пропустить signal_identifier через assign:
-
-```php
-$validated = $request->validated();
-$project = Project::where('tenant_id', $tenantId)->findOrFail($id);
-
-// signal_type не меняем — explicitly NOT в $fillable update
-$updates = collect($validated)->only([
-    'name', 'daily_limit_target', 'regions', 'delivery_days_mask',
-    'sms_senders', 'sms_keyword', 'signal_identifier',
-])->toArray();
-
-$project->update($updates);
-return response()->json(['project' => $project->fresh()]);
-```
-
-(Адаптировать под существующую логику.)
-
-- [ ] **Step 5: Pest GREEN**
-
-```
-cd app && ./vendor/bin/pest --filter "updates signal_identifier\|rejects invalid"
-```
-
-Expected: 3 pass.
-
-- [ ] **Step 6: Расширить ProjectDetailsDrawer.vue**
-
-В `app/resources/js/components/projects/ProjectDetailsDrawer.vue` интерфейс `FormState` (около строки 12) — добавить:
-
-```ts
-signal_identifier: string;
-```
-
-И в `reseedFromProject` (около строки 32) — добавить:
-
-```ts
-form.signal_identifier = p.signal_identifier ?? '';
-```
-
-В `<template>` после `<label class="pdd-field">` блока «Название» (строки 124-128) — добавить блок «Источник», условно по signal_type:
-
-```vue
-<label v-if="project?.signal_type === 'site'" class="pdd-field">
-    <span class="pdd-label">Источник (домен сайта)</span>
-    <input v-model="form.signal_identifier" data-testid="pdd-signal-identifier" class="pdd-input"
-           placeholder="okna-konkurent.ru" />
-    <div v-if="errors.signal_identifier" class="pdd-error">{{ errors.signal_identifier[0] }}</div>
-</label>
-<label v-else-if="project?.signal_type === 'call'" class="pdd-field">
-    <span class="pdd-label">Источник (телефонный номер)</span>
-    <input v-model="form.signal_identifier" data-testid="pdd-signal-identifier" class="pdd-input"
-           placeholder="79161234567" />
-    <div v-if="errors.signal_identifier" class="pdd-error">{{ errors.signal_identifier[0] }}</div>
-</label>
-<!-- sms: signal_identifier подтягивается из sms_senders, отдельное поле не нужно -->
-<label v-else-if="project?.signal_type === 'sms'" class="pdd-field">
-    <span class="pdd-label">Отправители SMS (до 11 символов каждый)</span>
-    <v-combobox v-model="form.sms_senders" multiple chips clearable
-                data-testid="pdd-sms-senders" hide-details />
-</label>
-<label v-if="project?.signal_type === 'sms'" class="pdd-field">
-    <span class="pdd-label">Ключевое слово (опционально)</span>
-    <input v-model="form.sms_keyword" data-testid="pdd-sms-keyword" class="pdd-input" />
-</label>
-```
-
-В `onSave()` — добавить signal_identifier в payload:
-
-```ts
-if (props.project.signal_type === 'site' || props.project.signal_type === 'call') {
-    payload.signal_identifier = form.signal_identifier;
-}
-if (props.project.signal_type === 'sms') {
-    payload.sms_senders = form.sms_senders;
-    payload.sms_keyword = form.sms_keyword;
-}
-```
-
-- [ ] **Step 7: Vitest для ProjectDetailsDrawer**
-
-Создать `app/tests/Frontend/ProjectDetailsDrawer.spec.ts` (если нет) с тестом:
-
-```ts
-it('показывает поле редактирования signal_identifier для site-проекта', () => {
-    const w = mount(ProjectDetailsDrawer, {
-        props: { project: { id: 1, tenant_id: 1, name: 'P', signal_type: 'site',
-                            signal_identifier: 'old.ru', daily_limit_target: 50,
-                            regions: [], delivery_days_mask: 127, is_active: true } as never },
-        global: { plugins: [vuetify, createPinia()] },
-    });
-    const input = w.find('[data-testid="pdd-signal-identifier"]');
-    expect(input.exists()).toBe(true);
-    expect((input.element as HTMLInputElement).value).toBe('old.ru');
-});
-```
-
-`cd app && npx vitest run tests/Frontend/ProjectDetailsDrawer.spec.ts -v`
-Expected: PASS.
-
-- [ ] **Step 8: Full Pest + Vitest + Build**
-
-```
-cd app && ./vendor/bin/pest --parallel 2>&1 | tail -10
-cd app && npx vitest run --reporter=default --maxWorkers=2 2>&1 | tail -10
-cd app && npm run build 2>&1 | tail -5
-```
-
-Expected: всё GREEN.
-
-- [ ] **Step 9: Manual smoke на /projects**
-
-Открыть `http://127.0.0.1:8000/projects` → клик на любой site-проект → drawer справа → поле «Источник» видно с текущим доменом → меняем → «Сохранить» → перезагрузка карточки → новое значение применилось → перейти на `/deals` → drawer сделки этого проекта → «Источник» = новое значение.
-
-- [ ] **Step 10: Commit**
-
-```bash
-git add app/app/Http/Requests/UpdateProjectRequest.php \
-        app/app/Http/Controllers/Api/ProjectController.php \
-        app/resources/js/components/projects/ProjectDetailsDrawer.vue \
-        app/tests/Frontend/ProjectDetailsDrawer.spec.ts \
-        app/tests/Feature/Projects/UpdateProjectTest.php
-git commit -m "feat(projects/drawer): редактирование источника (site/call/sms) в карточке проекта"
-```
-
----
-
-## Финал: атомарный push
-
-После Task 5 — push всех 5 коммитов одним:
-
-```bash
-git fetch origin main
-git log HEAD..origin/main --oneline  # должно быть пусто
-git push origin feat/parallel-sessions-coordination:main
-```
-
-Эталон обновить: §1 HEAD, §6 «Текущие нити» добавить запись «18.05 — деали-drawer + edit-источник проекта».
-
----
-
-## Self-review
-
-**Spec coverage:**
-
-- п.1+2 ✅ Task 1
-- п.3 ✅ Task 3
-- п.4 ✅ Task 2 (Step 8 удаляет блок «Менеджер»)
-- п.5 ✅ уже сделано в `36ea9cd`
-- п.6 ✅ Task 2 (computed projectSourceLabel)
-- п.7 ✅ Task 2 (computed projectTypeLabel)
-- п.8 ✅ Task 4
-- п.9 ✅ Task 5
-
-**Placeholder scan:** в плане НЕТ «TBD»/«TODO», все code-блоки полные.
-
-**Type consistency:** `projectSignalType`/`projectSignalIdentifier`/`projectSmsKeyword`/`projectSmsSenders` consistent через Task 2 (api/mockDeals/mapper/UI). `allStatuses` consistent в Task 3 (Hero ← Body).
-
-**Риски:**
-
-- Task 5 затрагивает критическое поле `signal_identifier`; нет ограничения «нельзя менять у проекта с уже накопленными сделками». При желании заказчика добавить — отдельная задача (warn-dialog типа Task 5.5). Не делаем в MVP — заказчик прямо сказал «изменится у всех сделок этого проекта» (он понимает scope).
-- Pest тесты предполагают наличие `actingAsTenant()` helper'а в `app/tests/Pest.php`. Если такого нет — использовать существующий паттерн авторизации в тестах.
diff --git a/docs/superpowers/plans/2026-05-18-supplier-csv-reconcile-channel.md b/docs/superpowers/plans/2026-05-18-supplier-csv-reconcile-channel.md
deleted file mode 100644
index 570479d..0000000
--- a/docs/superpowers/plans/2026-05-18-supplier-csv-reconcile-channel.md
+++ /dev/null
@@ -1,1553 +0,0 @@
-# Резервный CSV-канал импорта лидов (Путь 2) — план реализации
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Резервный CSV-канал, который при обрыве webhook подбирает пропущенные лиды из отчёта поставщика «Запрос номеров» и сигнализирует о падении основного канала.
-
-**Architecture:** Каждые 30 минут (Laravel scheduler) `CsvReconcileJob` через `SupplierPortalClient` заказывает у поставщика отчёт «Запрос номеров» (async: заказать → дождаться → скачать), `SupplierCsvParser` парсит CSV `Name;Tag;Phone`, job убирает дубли по ключу `(phone, project)`, недостающие лиды создаёт в `supplier_leads` (`vid=NULL`) и запускает `RouteSupplierLeadJob`. drift > 5% → алерт. Админ-страница показывает здоровье канала и кнопку ручной сверки.
-
-**Tech Stack:** Laravel 13, PHP 8.3, PostgreSQL 16, Redis (Cache::lock), Pest 4, Vue 3 + Vuetify 3, Vitest.
-
-**Spec:** [docs/superpowers/specs/2026-05-18-supplier-csv-reconcile-channel-design.md](../specs/2026-05-18-supplier-csv-reconcile-channel-design.md)
-
----
-
-## Карта файлов
-
-| Файл | Ответственность | Задача |
-|---|---|---|
-| `app/database/migrations/2026_05_18_140000_supplier_leads_vid_nullable.php` | Миграция `vid → nullable` | T1 |
-| `db/schema.sql` | SoT-схема — `vid` без `NOT NULL` | T1 |
-| `db/CHANGELOG_schema.md` | Запись об изменении схемы | T1 |
-| `app/app/Services/Supplier/SupplierCsvParser.php` | Парсинг CSV `Name;Tag;Phone` (rework) | T2 |
-| `app/app/Services/Supplier/SupplierPortalClient.php` | +3 метода async-флоу отчёта; −`downloadLeadsCsv` | T3 |
-| `app/app/Jobs/Supplier/CsvReconcileJob.php` | Сверка: дедуп `(phone,project)`, recovery (rework) | T4 |
-| `app/routes/console.php` | Scheduler `everyThirtyMinutes` вместо `hourly` | T5 |
-| `app/app/Http/Controllers/Api/AdminSupplierIntegrationController.php` | API здоровья канала + ручной запуск | T6 |
-| `app/routes/web.php` | Роуты `/api/admin/supplier-integration*` + SPA-роут | T6, T7 |
-| `app/resources/js/views/admin/AdminSupplierIntegrationView.vue` | Экран «Интеграция с поставщиком» | T7 |
-| `app/resources/js/router/index.ts` | Роут `/admin/supplier-integration` | T7 |
-| `app/resources/js/components/AppSidebar.vue` | Пункт меню | T7 |
-
-Тесты: `tests/Feature/Supplier/SupplierLeadsVidNullableTest.php` (T1), `tests/Feature/Supplier/SupplierCsvParserTest.php` (T2), `tests/Feature/Supplier/SupplierPortalClientReportTest.php` (T3), `tests/Feature/Supplier/CsvReconcileJobTest.php` (rework, T4), `tests/Feature/Admin/AdminSupplierIntegrationTest.php` (T6), `tests/Frontend/AdminSupplierIntegrationView.spec.ts` (T7).
-
----
-
-## Task 1: Миграция `supplier_leads.vid` → nullable
-
-CSV «Запрос номеров» не содержит `vid`. CSV-recovered лиды получают `vid=NULL`. UNIQUE-индекс `idx_supplier_leads_vid_unique` остаётся — в PostgreSQL `NULL ≠ NULL`, множественные NULL не конфликтуют.
-
-**Files:**
-
-- Create: `app/database/migrations/2026_05_18_140000_supplier_leads_vid_nullable.php`
-- Modify: `db/schema.sql` (строка определения `vid` в `CREATE TABLE supplier_leads`)
-- Modify: `db/CHANGELOG_schema.md`
-- Test: `app/tests/Feature/Supplier/SupplierLeadsVidNullableTest.php`
-
-- [ ] **Step 1: Написать падающий тест**
-
-Создать `app/tests/Feature/Supplier/SupplierLeadsVidNullableTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\SupplierLead;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Tests\Concerns\SharesSupplierPdo;
-
-uses(DatabaseTransactions::class, SharesSupplierPdo::class);
-
-it('allows supplier_leads with vid=NULL (CSV-recovered leads)', function (): void {
-    $lead = SupplierLead::create([
-        'supplier_project_id' => null,
-        'platform' => 'B1',
-        'phone' => '79991234567',
-        'vid' => null,
-        'raw_payload' => ['project' => 'B1_a.com', 'tag' => 't', 'phone' => '79991234567'],
-        'received_at' => now(),
-        'source' => 'csv_recovery',
-        'recovered_from_csv_at' => now(),
-    ]);
-
-    expect($lead->id)->toBeGreaterThan(0);
-    expect($lead->fresh()->vid)->toBeNull();
-});
-
-it('allows multiple supplier_leads with vid=NULL under the UNIQUE index', function (): void {
-    foreach (['79990000001', '79990000002', '79990000003'] as $phone) {
-        SupplierLead::create([
-            'supplier_project_id' => null,
-            'platform' => 'B1',
-            'phone' => $phone,
-            'vid' => null,
-            'raw_payload' => ['project' => 'B1_a.com', 'phone' => $phone],
-            'received_at' => now(),
-            'source' => 'csv_recovery',
-            'recovered_from_csv_at' => now(),
-        ]);
-    }
-
-    expect(SupplierLead::whereNull('vid')->count())->toBeGreaterThanOrEqual(3);
-});
-
-it('still accepts a real numeric vid for webhook leads', function (): void {
-    $lead = SupplierLead::create([
-        'supplier_project_id' => null,
-        'platform' => 'B1',
-        'phone' => '79991234567',
-        'vid' => 432176649,
-        'raw_payload' => ['vid' => 432176649, 'project' => 'B1_a.com'],
-        'received_at' => now(),
-        'source' => 'webhook',
-    ]);
-
-    expect($lead->fresh()->vid)->toBe(432176649);
-});
-```
-
-- [ ] **Step 2: Запустить тест — убедиться, что падает**
-
-Run: `cd app && C:/tools/php83/php.exe artisan test tests/Feature/Supplier/SupplierLeadsVidNullableTest.php`
-Expected: FAIL — первый тест падает с `SQLSTATE[23502] ... null value in column "vid" violates not-null constraint`.
-
-- [ ] **Step 3: Создать миграцию**
-
-Создать `app/database/migrations/2026_05_18_140000_supplier_leads_vid_nullable.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Database\Migrations\Migration;
-use Illuminate\Support\Facades\DB;
-
-return new class extends Migration
-{
-    public function up(): void
-    {
-        // Guard: после migrate:fresh schema.sql загружается первой (load_initial_schema).
-        // Если schema.sql уже отдаёт vid как nullable — миграция no-op (idempotent).
-        $isNullable = DB::selectOne(
-            "SELECT is_nullable FROM information_schema.columns
-             WHERE table_name = 'supplier_leads' AND column_name = 'vid'"
-        );
-        if ($isNullable !== null && $isNullable->is_nullable === 'YES') {
-            return;
-        }
-
-        DB::statement('ALTER TABLE supplier_leads ALTER COLUMN vid DROP NOT NULL');
-    }
-
-    public function down(): void
-    {
-        // Внимание: down() не симметричен после migrate:fresh со свежей schema.sql.
-        // Не использовать как откат schema-bump — нужна отдельная schema-правка.
-        DB::statement('ALTER TABLE supplier_leads ALTER COLUMN vid SET NOT NULL');
-    }
-};
-```
-
-- [ ] **Step 4: Поправить `db/schema.sql`**
-
-Найти строку определения `vid` в `CREATE TABLE ... supplier_leads`:
-
-Run: `grep -n "vid" db/schema.sql`
-
-В блоке `CREATE TABLE` для `supplier_leads` строка вида `vid bigint NOT NULL,` (или `vid bigint NOT NULL`) — убрать `NOT NULL`, оставив `vid bigint,`. Комментарий рядом (если есть) — дополнить: `-- nullable: NULL у CSV-recovered лидов (Путь 2)`.
-
-Обновить версию схемы в шапке `db/schema.sql` (строка `-- Schema vX.YY` / заголовок) — инкремент minor-версии (прочитать текущую в `db/schema.sql` строки 1–10).
-
-- [ ] **Step 5: Запись в `db/CHANGELOG_schema.md`**
-
-Добавить запись сверху (после заголовка), формат — как у предыдущих записей файла:
-
-```markdown
-## vX.YY — 2026-05-18 — supplier_leads.vid → nullable
-
-`ALTER TABLE supplier_leads ALTER COLUMN vid DROP NOT NULL`. Резервный CSV-канал
-(Путь 2): отчёт поставщика «Запрос номеров» не содержит vid → CSV-recovered лиды
-имеют vid=NULL. UNIQUE-индекс idx_supplier_leads_vid_unique сохранён (в PostgreSQL
-NULL ≠ NULL — множественные NULL не конфликтуют). Миграция:
-2026_05_18_140000_supplier_leads_vid_nullable.php. RLS не затронут.
-```
-
-(`vX.YY` — та же версия, что выставлена в `db/schema.sql` на шаге 4.)
-
-- [ ] **Step 6: Перезалить схему и запустить тест**
-
-Run: `cd app && C:/tools/php83/php.exe artisan migrate:fresh 2>&1 | tail -5 && C:/tools/php83/php.exe artisan test tests/Feature/Supplier/SupplierLeadsVidNullableTest.php`
-Expected: PASS — 3 теста зелёные.
-
-- [ ] **Step 7: Smoke + регрессия supplier-тестов**
-
-Run: `cd app && C:/tools/php83/php.exe artisan test tests/Feature/Supplier tests/Feature/Jobs/RouteSupplierLeadJobTest.php tests/Feature/Http/Webhook/SupplierWebhookTest.php`
-Expected: PASS — webhook-путь с реальным vid не сломан. (Файл `CsvReconcileJobTest.php` на этом этапе ещё старый — если он падает из-за миграции, это ожидаемо; он будет переписан в T4. Зафиксировать его падения отдельно, не как регрессию T1.)
-
-- [ ] **Step 8: Коммит**
-
-```bash
-git add app/database/migrations/2026_05_18_140000_supplier_leads_vid_nullable.php db/schema.sql db/CHANGELOG_schema.md app/tests/Feature/Supplier/SupplierLeadsVidNullableTest.php
-git commit -m "feat(supplier): supplier_leads.vid → nullable для CSV-recovered лидов"
-```
-
----
-
-## Task 2: `SupplierCsvParser` — переписать под CSV `Name;Tag;Phone`
-
-Текущий парсер ждёт 6 колонок `vid;project;tag;phone;phones;time`. Реальный отчёт «Запрос номеров» — 3 колонки `Name;Tag;Phone`, без vid и времени.
-
-**Files:**
-
-- Modify: `app/app/Services/Supplier/SupplierCsvParser.php` (переписать полностью)
-- Test: `app/tests/Feature/Supplier/SupplierCsvParserTest.php` (создать)
-
-- [ ] **Step 1: Написать падающий тест**
-
-Создать `app/tests/Feature/Supplier/SupplierCsvParserTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Services\Supplier\SupplierCsvParser;
-
-function rowsOf(iterable $gen): array
-{
-    $out = [];
-    foreach ($gen as $row) {
-        $out[] = $row;
-    }
-
-    return $out;
-}
-
-it('parses 3-column Name;Tag;Phone CSV', function (): void {
-    $csv = "Name;Tag;Phone\nB1_a.com;tagA;79991234567\nB2_79990001122;tagB;79993334455\n";
-    $rows = rowsOf((new SupplierCsvParser)->parse($csv));
-
-    expect($rows)->toHaveCount(2);
-    expect($rows[0])->toBe(['project' => 'B1_a.com', 'tag' => 'tagA', 'phone' => '79991234567']);
-    expect($rows[1])->toBe(['project' => 'B2_79990001122', 'tag' => 'tagB', 'phone' => '79993334455']);
-});
-
-it('strips UTF-8 BOM and normalizes CRLF', function (): void {
-    $csv = "\xEF\xBB\xBFName;Tag;Phone\r\nB1_a.com;t;79991234567\r\n";
-    $rows = rowsOf((new SupplierCsvParser)->parse($csv));
-
-    expect($rows)->toHaveCount(1);
-    expect($rows[0]['project'])->toBe('B1_a.com');
-});
-
-it('skips malformed rows with fewer than 3 columns', function (): void {
-    $csv = "Name;Tag;Phone\nB1_a.com;t;79991234567\nbroken;row\nB2_b.com;t2;79990000000\n";
-    $rows = rowsOf((new SupplierCsvParser)->parse($csv));
-
-    expect($rows)->toHaveCount(2);
-    expect($rows[1]['project'])->toBe('B2_b.com');
-});
-
-it('returns nothing for empty CSV', function (): void {
-    expect(rowsOf((new SupplierCsvParser)->parse('')))->toBe([]);
-});
-
-it('returns nothing for header-only CSV', function (): void {
-    expect(rowsOf((new SupplierCsvParser)->parse("Name;Tag;Phone\n")))->toBe([]);
-});
-```
-
-- [ ] **Step 2: Запустить тест — убедиться, что падает**
-
-Run: `cd app && C:/tools/php83/php.exe artisan test tests/Feature/Supplier/SupplierCsvParserTest.php`
-Expected: FAIL — текущий парсер возвращает ключи `vid/project/phone/time` и ждёт 6 колонок; первый тест падает на сравнении массива.
-
-- [ ] **Step 3: Переписать `SupplierCsvParser`**
-
-Заменить содержимое `app/app/Services/Supplier/SupplierCsvParser.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Supplier;
-
-use Illuminate\Support\Facades\Log;
-
-/**
- * Streaming-парсер CSV-отчёта «Запрос номеров» supplier-портала crm.bp-gr.ru.
- *
- * Spec: docs/superpowers/specs/2026-05-18-supplier-csv-reconcile-channel-design.md §4.1
- * Столбцы: Name;Tag;Phone — 3 колонки. vid и время в этом отчёте отсутствуют.
- *
- * Возвращает Generator. BOM + CRLF поддерживаются. Malformed rows skip + log.
- */
-final class SupplierCsvParser
-{
-    private const EXPECTED_COLUMNS = 3;
-
-    /**
-     * @return iterable<int, array{project: string, tag: string, phone: string}>
-     */
-    public function parse(string $rawCsv): iterable
-    {
-        if ($rawCsv === '') {
-            return;
-        }
-
-        // Убираем UTF-8 BOM (EF BB BF)
-        if (str_starts_with($rawCsv, "\xEF\xBB\xBF")) {
-            $rawCsv = substr($rawCsv, 3);
-        }
-
-        // Нормализуем CRLF → LF
-        $rawCsv = str_replace("\r\n", "\n", $rawCsv);
-
-        $lines = explode("\n", $rawCsv);
-        $headerSkipped = false;
-        $lineNo = 0;
-
-        foreach ($lines as $line) {
-            $lineNo++;
-            if ($line === '') {
-                continue;
-            }
-            if (! $headerSkipped) {
-                $headerSkipped = true;
-
-                continue;
-            }
-
-            $cols = str_getcsv($line, separator: ';');
-            if (count($cols) < self::EXPECTED_COLUMNS) {
-                Log::warning('supplier_csv_parser.malformed_row', [
-                    'line_no' => $lineNo,
-                    'columns_found' => count($cols),
-                    'expected' => self::EXPECTED_COLUMNS,
-                    'sample' => substr($line, 0, 100),
-                ]);
-
-                continue;
-            }
-
-            yield [
-                'project' => (string) $cols[0],
-                'tag' => (string) $cols[1],
-                'phone' => (string) $cols[2],
-            ];
-        }
-    }
-}
-```
-
-- [ ] **Step 4: Запустить тест — убедиться, что проходит**
-
-Run: `cd app && C:/tools/php83/php.exe artisan test tests/Feature/Supplier/SupplierCsvParserTest.php`
-Expected: PASS — 5 тестов зелёные.
-
-- [ ] **Step 5: Коммит**
-
-```bash
-git add app/app/Services/Supplier/SupplierCsvParser.php app/tests/Feature/Supplier/SupplierCsvParserTest.php
-git commit -m "feat(supplier): SupplierCsvParser под отчёт «Запрос номеров» (Name;Tag;Phone)"
-```
-
----
-
-## Task 3: `SupplierPortalClient` — async-флоу заказа отчёта
-
-Добавить заказ отчёта «Запрос номеров» (async: заказать → дождаться «Обработан» → скачать). Удалить устаревший синхронный `downloadLeadsCsv`.
-
-> **Discovery-шаг обязателен (Step 1):** точные имена endpoint'ов, параметры заказа отчёта и значения статуса — placeholder в spec §4.3. Их нужно установить на реальном портале до написания кода. Код в Step 3 — на основе разведки 18.05 (`/admin/report/index`, `/admin/report/getfile?id=N`); скорректировать по факту.
-
-**Files:**
-
-- Modify: `app/app/Services/Supplier/SupplierPortalClient.php`
-- Test: `app/tests/Feature/Supplier/SupplierPortalClientReportTest.php` (создать)
-
-- [ ] **Step 1: Discovery — реальные endpoint'ы отчёта**
-
-Залогиниться на портал поставщика (`app/playwright/refresh-session.js` обновляет сессию), вручную в браузере заказать отчёт «Запрос номеров»: зафиксировать (а) URL+метод+параметры запроса генерации, (б) как узнаётся `report_id`, (в) URL+способ опроса статуса и текст статуса «Обработан», (г) URL скачивания файла. Записать факты в комментарий к этой задаче. Если они расходятся с предположениями Step 3 — скорректировать код Step 3 перед написанием тестов.
-
-- [ ] **Step 2: Написать падающий тест**
-
-Создать `app/tests/Feature/Supplier/SupplierPortalClientReportTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Services\Supplier\SupplierPortalClient;
-use Illuminate\Support\Carbon;
-use Illuminate\Support\Facades\Cache;
-use Illuminate\Support\Facades\Http;
-
-beforeEach(function (): void {
-    config(['services.supplier.portal_url' => 'https://crm.bp-gr.ru']);
-    Cache::store('redis')->put('supplier:session', ['phpsessid' => 'test', 'csrf' => 'test'], now()->addHour());
-});
-
-it('requestNumbersReport posts a generation request and returns report id', function (): void {
-    Http::fake([
-        'crm.bp-gr.ru/admin/report/generate*' => Http::response(['id' => 508346], 200),
-    ]);
-
-    $client = app(SupplierPortalClient::class);
-    $id = $client->requestNumbersReport(Carbon::parse('2026-05-17'), Carbon::parse('2026-05-18'));
-
-    expect($id)->toBe(508346);
-});
-
-it('waitReportReady polls until status is processed', function (): void {
-    Http::fakeSequence('crm.bp-gr.ru/admin/report/status*')
-        ->push(['status' => 'building'], 200)
-        ->push(['status' => 'processed'], 200);
-
-    $client = app(SupplierPortalClient::class);
-    $client->waitReportReady(508346);
-
-    expect(true)->toBeTrue(); // не бросил исключение — отчёт дождался
-});
-
-it('downloadReport returns raw CSV body', function (): void {
-    Http::fake([
-        'crm.bp-gr.ru/admin/report/getfile*' => Http::response("Name;Tag;Phone\nB1_a.com;t;79991234567\n", 200),
-    ]);
-
-    $client = app(SupplierPortalClient::class);
-    $csv = $client->downloadReport(508346);
-
-    expect($csv)->toContain('Name;Tag;Phone');
-});
-```
-
-- [ ] **Step 3: Запустить тест — убедиться, что падает**
-
-Run: `cd app && C:/tools/php83/php.exe artisan test tests/Feature/Supplier/SupplierPortalClientReportTest.php`
-Expected: FAIL — `Method App\Services\Supplier\SupplierPortalClient::requestNumbersReport does not exist`.
-
-- [ ] **Step 4: Добавить 3 метода в `SupplierPortalClient`**
-
-В `app/app/Services/Supplier/SupplierPortalClient.php` **удалить** метод `downloadLeadsCsv` (строки 123–142) и **добавить** вместо него (перед `private function request`):
-
-```php
-    /**
-     * Заказывает у поставщика отчёт «Запрос номеров» за диапазон [from, to].
-     * Возвращает report_id для последующего waitReportReady / downloadReport.
-     *
-     * Spec: docs/superpowers/specs/2026-05-18-supplier-csv-reconcile-channel-design.md §4.3
-     * NB: endpoint/параметры уточнены discovery-шагом T3 Step 1.
-     */
-    public function requestNumbersReport(CarbonInterface $from, CarbonInterface $to): int
-    {
-        $response = $this->request('POST', '/admin/report/generate', [
-            'type' => 'numbers',
-            'from' => $from->format('Y-m-d'),
-            'to' => $to->format('Y-m-d'),
-        ]);
-
-        return (int) ($response->json('id') ?? 0);
-    }
-
-    /**
-     * Опрашивает статус отчёта до значения «Обработан». На таймаут — SupplierTransientException.
-     */
-    public function waitReportReady(int $reportId): void
-    {
-        $maxAttempts = 20;
-        $delaySeconds = 3;
-
-        for ($attempt = 1; $attempt <= $maxAttempts; $attempt++) {
-            $response = $this->request('GET', '/admin/report/status', ['id' => $reportId]);
-            $status = (string) ($response->json('status') ?? '');
-
-            if ($status === 'processed') {
-                return;
-            }
-
-            if ($attempt < $maxAttempts) {
-                sleep($delaySeconds);
-            }
-        }
-
-        throw new SupplierTransientException(
-            "Report {$reportId} not ready after {$maxAttempts} polls"
-        );
-    }
-
-    /**
-     * Скачивает готовый отчёт как raw CSV-body (UTF-8 + BOM, CRLF).
-     * Парсинг — снаружи через SupplierCsvParser.
-     */
-    public function downloadReport(int $reportId): string
-    {
-        $response = $this->request('GET', '/admin/report/getfile', ['id' => $reportId]);
-
-        return $response->body();
-    }
-```
-
-`use App\Exceptions\Supplier\SupplierTransientException;` уже импортирован (строка 9). `CarbonInterface` уже импортирован (строка 13).
-
-- [ ] **Step 5: Запустить тест — убедиться, что проходит**
-
-Run: `cd app && C:/tools/php83/php.exe artisan test tests/Feature/Supplier/SupplierPortalClientReportTest.php`
-Expected: PASS — 3 теста зелёные.
-
-> Если тест `waitReportReady` идёт долго из-за `sleep()` — это ожидаемо (2 итерации, 1× sleep 3с). Допустимо. Если мешает — в Step 4 значение `$delaySeconds` оставить как есть (продакшн-поведение важнее скорости теста, 3с приемлемо).
-
-- [ ] **Step 6: Коммит**
-
-```bash
-git add app/app/Services/Supplier/SupplierPortalClient.php app/tests/Feature/Supplier/SupplierPortalClientReportTest.php
-git commit -m "feat(supplier): SupplierPortalClient — async-флоу заказа отчёта «Запрос номеров»"
-```
-
----
-
-## Task 4: `CsvReconcileJob` — переписать под дедуп `(phone, project)`
-
-Текущий job дедуплицирует по `vid` через `array_diff_key` и зовёт синхронный `downloadLeadsCsv` — оба невозможны на реальном CSV. Переписать: async-флоу заказа отчёта, дедуп по `(phone, project)`, окно 2 календарных дня.
-
-**Files:**
-
-- Modify: `app/app/Jobs/Supplier/CsvReconcileJob.php` (переписать `handle` + `extractPlatform`)
-- Test: `app/tests/Feature/Supplier/CsvReconcileJobTest.php` (переписать полностью)
-
-- [ ] **Step 1: Переписать тест-файл**
-
-Заменить содержимое `app/tests/Feature/Supplier/CsvReconcileJobTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Exceptions\Supplier\SupplierTransientException;
-use App\Jobs\RouteSupplierLeadJob;
-use App\Jobs\Supplier\CsvReconcileJob;
-use App\Jobs\Supplier\RefreshSupplierSessionJob;
-use App\Mail\CsvDriftAlertMail;
-use App\Models\SupplierLead;
-use App\Services\Supplier\SupplierCsvParser;
-use App\Services\Supplier\SupplierPortalClient;
-use Illuminate\Contracts\Mail\Mailer;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\Bus;
-use Illuminate\Support\Facades\Cache;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Http;
-use Illuminate\Support\Facades\Mail;
-use Tests\Concerns\SharesSupplierPdo;
-
-uses(DatabaseTransactions::class, SharesSupplierPdo::class);
-
-function putSupplierSession(): void
-{
-    Cache::store('redis')->put(
-        'supplier:session',
-        ['phpsessid' => 'test', 'csrf' => 'test'],
-        now()->addHour(),
-    );
-}
-
-beforeEach(function (): void {
-    Mail::fake();
-    Bus::fake([RouteSupplierLeadJob::class]);
-    app()->bind(RefreshSupplierSessionJob::class, fn () => new class
-    {
-        public function handle(): void
-        {
-            putSupplierSession();
-        }
-    });
-    Cache::store('redis')->forget('supplier:csv_reconcile');
-    putSupplierSession();
-    config(['services.supplier.portal_url' => 'https://crm.bp-gr.ru']);
-    config(['services.supplier.alert_email' => 'ops@liderra.ru']);
-});
-
-afterEach(function (): void {
-    Cache::store('redis')->forget('supplier:csv_reconcile');
-});
-
-/**
- * 3-колоночный CSV «Запрос номеров»: Name;Tag;Phone.
- *
- * @param  array<int, array{project: string, phone: string}>  $rows
- */
-function csvBody(array $rows): string
-{
-    $out = "Name;Tag;Phone\n";
-    foreach ($rows as $r) {
-        $out .= "{$r['project']};tag;{$r['phone']}\n";
-    }
-
-    return $out;
-}
-
-/**
- * Мокает весь async-флоу отчёта: generate → status(processed) → getfile(csv).
- */
-function fakeReportFlow(string $csv): void
-{
-    Http::fake([
-        'crm.bp-gr.ru/admin/report/generate*' => Http::response(['id' => 700001], 200),
-        'crm.bp-gr.ru/admin/report/status*' => Http::response(['status' => 'processed'], 200),
-        'crm.bp-gr.ru/admin/report/getfile*' => Http::response($csv, 200),
-    ]);
-}
-
-function runCsvReconcile(): void
-{
-    app(CsvReconcileJob::class)->handle(
-        app(SupplierPortalClient::class),
-        app(SupplierCsvParser::class),
-        app(Mailer::class),
-    );
-}
-
-it('no missing leads — status=ok, no recovery, no alert', function (): void {
-    // Все CSV-строки уже есть в supplier_leads (phone+project совпадают).
-    for ($i = 0; $i < 10; $i++) {
-        SupplierLead::create([
-            'supplier_project_id' => null,
-            'platform' => 'B1',
-            'phone' => "7999000000{$i}",
-            'vid' => 800000 + $i,
-            'raw_payload' => ['project' => 'B1_a.com', 'phone' => "7999000000{$i}"],
-            'received_at' => now()->subHour(),
-            'source' => 'webhook',
-        ]);
-    }
-
-    $rows = [];
-    for ($i = 0; $i < 10; $i++) {
-        $rows[] = ['project' => 'B1_a.com', 'phone' => "7999000000{$i}"];
-    }
-    fakeReportFlow(csvBody($rows));
-
-    runCsvReconcile();
-
-    $log = DB::table('supplier_csv_reconcile_log')->latest('id')->first();
-    expect($log->status)->toBe('ok');
-    expect((int) $log->total_csv_rows)->toBe(10);
-    expect((int) $log->matched_count)->toBe(10);
-    expect((int) $log->recovered_count)->toBe(0);
-
-    Mail::assertNothingSent();
-    Bus::assertNothingDispatched();
-});
-
-it('1 missing of 10 (drift 10%) — recovery + drift alert', function (): void {
-    // 9 из 10 уже есть; 1 строка CSV отсутствует → missing.
-    for ($i = 0; $i < 9; $i++) {
-        SupplierLead::create([
-            'supplier_project_id' => null,
-            'platform' => 'B1',
-            'phone' => "7999111000{$i}",
-            'vid' => 810000 + $i,
-            'raw_payload' => ['project' => 'B1_a.com', 'phone' => "7999111000{$i}"],
-            'received_at' => now()->subHour(),
-            'source' => 'webhook',
-        ]);
-    }
-
-    $rows = [];
-    for ($i = 0; $i < 10; $i++) {
-        $rows[] = ['project' => 'B1_a.com', 'phone' => "7999111000{$i}"];
-    }
-    fakeReportFlow(csvBody($rows));
-
-    runCsvReconcile();
-
-    $log = DB::table('supplier_csv_reconcile_log')->latest('id')->first();
-    expect($log->status)->toBe('drift_alert');
-    expect((float) $log->drift_ratio)->toBeGreaterThan(0.05);
-    expect((int) $log->recovered_count)->toBe(1);
-
-    // missing-лид создан с vid=NULL, source=csv_recovery.
-    $recovered = SupplierLead::where('source', 'csv_recovery')->first();
-    expect($recovered)->not->toBeNull();
-    expect($recovered->vid)->toBeNull();
-    expect($recovered->recovered_from_csv_at)->not->toBeNull();
-
-    Mail::assertSent(CsvDriftAlertMail::class, 1);
-    Bus::assertDispatched(RouteSupplierLeadJob::class, 1);
-});
-
-it('1 missing of 100 (drift 1%) — recovery without alert', function (): void {
-    for ($i = 0; $i < 99; $i++) {
-        SupplierLead::create([
-            'supplier_project_id' => null,
-            'platform' => 'B1',
-            'phone' => '79992'.str_pad((string) $i, 6, '0', STR_PAD_LEFT),
-            'vid' => 820000 + $i,
-            'raw_payload' => ['project' => 'B1_a.com', 'phone' => '79992'.str_pad((string) $i, 6, '0', STR_PAD_LEFT)],
-            'received_at' => now()->subHour(),
-            'source' => 'webhook',
-        ]);
-    }
-
-    $rows = [];
-    for ($i = 0; $i < 100; $i++) {
-        $rows[] = ['project' => 'B1_a.com', 'phone' => '79992'.str_pad((string) $i, 6, '0', STR_PAD_LEFT)];
-    }
-    fakeReportFlow(csvBody($rows));
-
-    runCsvReconcile();
-
-    $log = DB::table('supplier_csv_reconcile_log')->latest('id')->first();
-    expect($log->status)->toBe('ok');
-    expect((int) $log->recovered_count)->toBe(1);
-    Mail::assertNothingSent();
-});
-
-it('dedup is keyed by (phone, project) — same phone on different project is NOT a duplicate', function (): void {
-    // Webhook принял phone X на проект B1_a.com. CSV содержит тот же phone на B2_b.com.
-    SupplierLead::create([
-        'supplier_project_id' => null,
-        'platform' => 'B1',
-        'phone' => '79995550000',
-        'vid' => 830000,
-        'raw_payload' => ['project' => 'B1_a.com', 'phone' => '79995550000'],
-        'received_at' => now()->subHour(),
-        'source' => 'webhook',
-    ]);
-
-    fakeReportFlow(csvBody([
-        ['project' => 'B1_a.com', 'phone' => '79995550000'],   // совпадает — matched
-        ['project' => 'B2_b.com', 'phone' => '79995550000'],   // тот же phone, др. проект — missing
-    ]));
-
-    runCsvReconcile();
-
-    $log = DB::table('supplier_csv_reconcile_log')->latest('id')->first();
-    expect((int) $log->matched_count)->toBe(1);
-    expect((int) $log->recovered_count)->toBe(1);
-});
-
-it('empty CSV — status=ok, drift=0', function (): void {
-    fakeReportFlow("Name;Tag;Phone\n");
-
-    runCsvReconcile();
-
-    $log = DB::table('supplier_csv_reconcile_log')->latest('id')->first();
-    expect($log->status)->toBe('ok');
-    expect((int) $log->total_csv_rows)->toBe(0);
-});
-
-it('overlap lock held — job skips, no log row', function (): void {
-    $countBefore = DB::table('supplier_csv_reconcile_log')->count();
-
-    $lock = Cache::store('redis')->lock('supplier:csv_reconcile', 600);
-    $lock->get();
-
-    try {
-        runCsvReconcile();
-    } finally {
-        $lock->release();
-    }
-
-    expect(DB::table('supplier_csv_reconcile_log')->count())->toBe($countBefore);
-});
-
-it('SupplierTransientException — status=failed, error recorded, rethrown', function (): void {
-    Http::fake(['crm.bp-gr.ru/*' => Http::response('Server Error', 500)]);
-
-    expect(fn () => runCsvReconcile())->toThrow(SupplierTransientException::class);
-
-    $log = DB::table('supplier_csv_reconcile_log')->latest('id')->first();
-    expect($log->status)->toBe('failed');
-    expect($log->error_message)->toContain('500');
-});
-```
-
-- [ ] **Step 2: Запустить тест — убедиться, что падает**
-
-Run: `cd app && C:/tools/php83/php.exe artisan test tests/Feature/Supplier/CsvReconcileJobTest.php`
-Expected: FAIL — текущий `handle` зовёт `downloadLeadsCsv` (удалён в T3) и дедуплицирует по vid.
-
-- [ ] **Step 3: Переписать `CsvReconcileJob`**
-
-Заменить содержимое `app/app/Jobs/Supplier/CsvReconcileJob.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Jobs\Supplier;
-
-use App\Jobs\RouteSupplierLeadJob;
-use App\Mail\CsvDriftAlertMail;
-use App\Models\SupplierLead;
-use App\Services\Supplier\SupplierCsvParser;
-use App\Services\Supplier\SupplierPortalClient;
-use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Cache\LockProvider;
-use Illuminate\Contracts\Mail\Mailer;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Database\QueryException;
-use Illuminate\Foundation\Queue\Queueable as FoundationQueueable;
-use Illuminate\Queue\InteractsWithQueue;
-use Illuminate\Queue\SerializesModels;
-use Illuminate\Support\Carbon;
-use Illuminate\Support\Facades\Cache;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Log;
-use Throwable;
-
-/**
- * Резервный CSV-канал (Путь 2): сверка отчёта поставщика «Запрос номеров»
- * с принятыми webhook-лидами; recovery пропущенного + drift-детект.
- *
- * Spec: docs/superpowers/specs/2026-05-18-supplier-csv-reconcile-channel-design.md
- *
- * Алгоритм:
- *   1. Cache::lock — overlap-защита.
- *   2. INSERT supplier_csv_reconcile_log (status='running').
- *   3. Заказать отчёт «Запрос номеров» за окно (2 кал. дня) → дождаться → скачать.
- *   4. Parse CSV (Name;Tag;Phone).
- *   5. Дедуп по (phone, project): SELECT existing supplier_leads за окно.
- *   6. Diff = missing → INSERT supplier_leads (vid=NULL, source='csv_recovery') + RouteJob.
- *   7. UPDATE log + drift; drift > 5% → CsvDriftAlertMail.
- *   8. На exception — status='failed', throw (cron повторит через 30 мин).
- */
-final class CsvReconcileJob implements ShouldQueue
-{
-    use FoundationQueueable;
-    use InteractsWithQueue;
-    use Queueable;
-    use SerializesModels;
-
-    public int $tries = 1;
-
-    public int $timeout = 300;
-
-    private const DB_CONNECTION = 'pgsql_supplier';
-
-    private const DRIFT_THRESHOLD = 0.05;
-
-    private const WINDOW_DAYS = 2;
-
-    private const LOCK_NAME = 'supplier:csv_reconcile';
-
-    private const LOCK_TTL_SECONDS = 600;
-
-    public function handle(
-        SupplierPortalClient $portal,
-        SupplierCsvParser $parser,
-        Mailer $mailer,
-    ): void {
-        /** @var LockProvider $lockStore */
-        $lockStore = Cache::store('redis');
-        $lock = $lockStore->lock(self::LOCK_NAME, self::LOCK_TTL_SECONDS);
-        if (! $lock->get()) {
-            Log::info('csv_reconcile.skipped_overlap');
-
-            return;
-        }
-
-        // Окно: начало (сегодня − (WINDOW_DAYS−1) дней) 00:00 .. сейчас.
-        $windowEnd = Carbon::now();
-        $windowStart = Carbon::today()->subDays(self::WINDOW_DAYS - 1);
-
-        $logId = DB::connection(self::DB_CONNECTION)
-            ->table('supplier_csv_reconcile_log')
-            ->insertGetId([
-                'started_at' => now(),
-                'window_start' => $windowStart,
-                'window_end' => $windowEnd,
-                'status' => 'running',
-                'created_at' => now(),
-            ]);
-
-        try {
-            $reportId = $portal->requestNumbersReport($windowStart, $windowEnd);
-            $portal->waitReportReady($reportId);
-            $csv = $portal->downloadReport($reportId);
-
-            // CSV-строки по ключу phone|project (последняя строка с тем же ключом перетирает).
-            /** @var array<string, array{project: string, tag: string, phone: string}> $csvByKey */
-            $csvByKey = [];
-            foreach ($parser->parse($csv) as $row) {
-                $csvByKey[$this->dedupKey((string) $row['phone'], (string) $row['project'])] = $row;
-            }
-            $totalCsvRows = count($csvByKey);
-
-            // Существующие лиды за окно → set ключей phone|project.
-            $existingKeys = [];
-            DB::connection(self::DB_CONNECTION)
-                ->table('supplier_leads')
-                ->where('received_at', '>=', $windowStart)
-                ->select('phone', 'raw_payload')
-                ->orderBy('id')
-                ->chunk(500, function ($leads) use (&$existingKeys): void {
-                    foreach ($leads as $lead) {
-                        $payload = is_string($lead->raw_payload)
-                            ? json_decode($lead->raw_payload, true)
-                            : (array) $lead->raw_payload;
-                        $project = (string) ($payload['project'] ?? '');
-                        $existingKeys[$this->dedupKey((string) $lead->phone, $project)] = true;
-                    }
-                });
-
-            $missing = array_diff_key($csvByKey, $existingKeys);
-
-            $recoveredCount = 0;
-            foreach ($missing as $row) {
-                $platform = $this->extractPlatform((string) $row['project']);
-                if ($platform === null) {
-                    Log::warning('csv_reconcile.unparseable_project_skipped', [
-                        'project' => $row['project'],
-                    ]);
-
-                    continue;
-                }
-
-                try {
-                    $lead = SupplierLead::create([
-                        'vid' => null,
-                        'platform' => $platform,
-                        'phone' => (string) $row['phone'],
-                        'raw_payload' => $row,
-                        'received_at' => now(),
-                        'recovered_from_csv_at' => now(),
-                        'source' => 'csv_recovery',
-                        'supplier_project_id' => null,
-                    ]);
-                    RouteSupplierLeadJob::dispatch($lead->id);
-                    $recoveredCount++;
-                } catch (QueryException $e) {
-                    Log::warning('csv_reconcile.lead_insert_failed', [
-                        'phone' => $row['phone'],
-                        'project' => $row['project'],
-                        'error' => $e->getMessage(),
-                    ]);
-                }
-            }
-
-            $matchedCount = $totalCsvRows - count($missing);
-            $driftRatio = $totalCsvRows > 0 ? count($missing) / $totalCsvRows : 0.0;
-            $status = $driftRatio > self::DRIFT_THRESHOLD ? 'drift_alert' : 'ok';
-
-            $update = [
-                'finished_at' => now(),
-                'total_csv_rows' => $totalCsvRows,
-                'matched_count' => $matchedCount,
-                'recovered_count' => $recoveredCount,
-                'drift_ratio' => $driftRatio,
-                'status' => $status,
-            ];
-
-            if ($status === 'drift_alert') {
-                $mailer->to((string) config('services.supplier.alert_email'))
-                    ->send(new CsvDriftAlertMail(
-                        reconcileLogId: $logId,
-                        totalCsvRows: $totalCsvRows,
-                        missingCount: count($missing),
-                        recoveredCount: $recoveredCount,
-                        driftRatio: $driftRatio,
-                        windowStart: $windowStart,
-                        windowEnd: $windowEnd,
-                    ));
-                $update['alert_email_sent_at'] = now();
-            }
-
-            DB::connection(self::DB_CONNECTION)
-                ->table('supplier_csv_reconcile_log')
-                ->where('id', $logId)
-                ->update($update);
-
-        } catch (Throwable $e) {
-            DB::connection(self::DB_CONNECTION)
-                ->table('supplier_csv_reconcile_log')
-                ->where('id', $logId)
-                ->update([
-                    'finished_at' => now(),
-                    'status' => 'failed',
-                    'error_message' => substr($e->getMessage(), 0, 1000),
-                ]);
-            throw $e;
-        } finally {
-            $lock->release();
-        }
-    }
-
-    /**
-     * Ключ дедупа: нормализованный phone + project.
-     */
-    private function dedupKey(string $phone, string $project): string
-    {
-        return trim($phone).'|'.trim($project);
-    }
-
-    /**
-     * Извлекает platform (B1/B2/B3) из имени проекта формата `B[123]_<rest>`.
-     * Возвращает null если не парсится — caller пропустит строку с warning.
-     */
-    private function extractPlatform(string $project): ?string
-    {
-        if (preg_match('/^(B[123])_/', $project, $m) === 1) {
-            return $m[1];
-        }
-
-        return null;
-    }
-}
-```
-
-- [ ] **Step 4: Запустить тест — убедиться, что проходит**
-
-Run: `cd app && C:/tools/php83/php.exe artisan test tests/Feature/Supplier/CsvReconcileJobTest.php`
-Expected: PASS — 7 тестов зелёные.
-
-- [ ] **Step 5: Регрессия supplier-блока**
-
-Run: `cd app && C:/tools/php83/php.exe artisan test tests/Feature/Supplier`
-Expected: PASS — без регрессий в соседних supplier-тестах.
-
-- [ ] **Step 6: Коммит**
-
-```bash
-git add app/app/Jobs/Supplier/CsvReconcileJob.php app/tests/Feature/Supplier/CsvReconcileJobTest.php
-git commit -m "feat(supplier): CsvReconcileJob — дедуп (phone,project) + async-флоу отчёта"
-```
-
----
-
-## Task 5: Scheduler — `everyThirtyMinutes`
-
-`CsvReconcileJob` сейчас в расписании `->hourly()`. Заказчик подтвердил частоту 30 минут.
-
-**Files:**
-
-- Modify: `app/routes/console.php:56-58`
-- Test: `app/tests/Feature/Supplier/CsvReconcileScheduleTest.php` (создать)
-
-- [ ] **Step 1: Написать падающий тест**
-
-Создать `app/tests/Feature/Supplier/CsvReconcileScheduleTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Console\Scheduling\Schedule;
-
-it('CsvReconcileJob is scheduled every 30 minutes', function (): void {
-    /** @var Schedule $schedule */
-    $schedule = app(Schedule::class);
-
-    $csvEvent = collect($schedule->events())->first(function ($event): bool {
-        $repr = (string) ($event->description ?? '');
-        if (property_exists($event, 'job')) {
-            $repr .= ' '.((string) $event->job);
-        }
-
-        return str_contains($repr, 'CsvReconcileJob');
-    });
-
-    expect($csvEvent)->not->toBeNull();
-    // Laravel everyThirtyMinutes() → cron-выражение '*/30 * * * *'.
-    expect($csvEvent->expression)->toBe('*/30 * * * *');
-});
-```
-
-- [ ] **Step 2: Запустить тест — убедиться, что падает**
-
-Run: `cd app && C:/tools/php83/php.exe artisan test tests/Feature/Supplier/CsvReconcileScheduleTest.php`
-Expected: FAIL — текущее выражение `0 * * * *` (hourly), не `*/30 * * * *`.
-
-- [ ] **Step 3: Изменить расписание**
-
-В `app/routes/console.php` заменить строки 56–58:
-
-```php
-// Plan 4 Task 8: hourly CSV reconciliation (резерв-канал приёма лидов).
-// Spec: docs/superpowers/specs/2026-05-11-plan4-billing-csv-admin-design.md §5.3
-Schedule::job(new CsvReconcileJob)->hourly();
-```
-
-на:
-
-```php
-// Резервный CSV-канал (Путь 2): сверка каждые 30 минут.
-// Spec: docs/superpowers/specs/2026-05-18-supplier-csv-reconcile-channel-design.md §4.5
-Schedule::job(new CsvReconcileJob)->everyThirtyMinutes();
-```
-
-- [ ] **Step 4: Запустить тест — убедиться, что проходит**
-
-Run: `cd app && C:/tools/php83/php.exe artisan test tests/Feature/Supplier/CsvReconcileScheduleTest.php`
-Expected: PASS.
-
-- [ ] **Step 5: Коммит**
-
-```bash
-git add app/routes/console.php app/tests/Feature/Supplier/CsvReconcileScheduleTest.php
-git commit -m "feat(supplier): CsvReconcileJob — расписание каждые 30 минут"
-```
-
----
-
-## Task 6: API «Интеграция с поставщиком» — здоровье канала + ручной запуск
-
-Backend для админ-страницы: GET — здоровье канала + история сверок; POST — ручной запуск `CsvReconcileJob`.
-
-**Files:**
-
-- Create: `app/app/Http/Controllers/Api/AdminSupplierIntegrationController.php`
-- Modify: `app/routes/web.php` (в группе `Route::middleware('saas-admin')`)
-- Test: `app/tests/Feature/Admin/AdminSupplierIntegrationTest.php`
-
-- [ ] **Step 1: Написать падающий тест**
-
-Создать `app/tests/Feature/Admin/AdminSupplierIntegrationTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Jobs\Supplier\CsvReconcileJob;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\Bus;
-use Illuminate\Support\Facades\DB;
-use Tests\Concerns\SharesSupplierPdo;
-
-uses(DatabaseTransactions::class, SharesSupplierPdo::class);
-
-it('GET /api/admin/supplier-integration returns channel health + history', function (): void {
-    DB::connection('pgsql_supplier')->table('supplier_csv_reconcile_log')->insert([
-        'started_at' => now()->subMinutes(10),
-        'finished_at' => now()->subMinutes(9),
-        'window_start' => now()->subDay(),
-        'window_end' => now(),
-        'total_csv_rows' => 100,
-        'matched_count' => 98,
-        'recovered_count' => 2,
-        'drift_ratio' => 0.02,
-        'status' => 'ok',
-        'created_at' => now()->subMinutes(10),
-    ]);
-
-    $response = $this->getJson('/api/admin/supplier-integration');
-
-    $response->assertOk();
-    $response->assertJsonStructure([
-        'health' => ['last_run_at', 'last_status', 'drift_ratio', 'webhook_state'],
-        'history' => [['started_at', 'status', 'total_csv_rows', 'matched_count', 'recovered_count', 'drift_ratio']],
-    ]);
-    expect($response->json('health.last_status'))->toBe('ok');
-    expect($response->json('health.webhook_state'))->toBe('live');
-});
-
-it('webhook_state is "down" when last run had drift_alert', function (): void {
-    DB::connection('pgsql_supplier')->table('supplier_csv_reconcile_log')->insert([
-        'started_at' => now()->subMinutes(5),
-        'finished_at' => now()->subMinutes(4),
-        'window_start' => now()->subDay(),
-        'window_end' => now(),
-        'total_csv_rows' => 100,
-        'matched_count' => 80,
-        'recovered_count' => 20,
-        'drift_ratio' => 0.20,
-        'status' => 'drift_alert',
-        'created_at' => now()->subMinutes(5),
-    ]);
-
-    $response = $this->getJson('/api/admin/supplier-integration');
-
-    expect($response->json('health.webhook_state'))->toBe('down');
-});
-
-it('POST /api/admin/supplier-integration/reconcile dispatches CsvReconcileJob', function (): void {
-    Bus::fake([CsvReconcileJob::class]);
-
-    $response = $this->postJson('/api/admin/supplier-integration/reconcile');
-
-    $response->assertOk();
-    $response->assertJson(['dispatched' => true]);
-    Bus::assertDispatched(CsvReconcileJob::class, 1);
-});
-```
-
-- [ ] **Step 2: Запустить тест — убедиться, что падает**
-
-Run: `cd app && C:/tools/php83/php.exe artisan test tests/Feature/Admin/AdminSupplierIntegrationTest.php`
-Expected: FAIL — роут `/api/admin/supplier-integration` не существует (404).
-
-- [ ] **Step 3: Создать контроллер**
-
-Создать `app/app/Http/Controllers/Api/AdminSupplierIntegrationController.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Http\Controllers\Api;
-
-use App\Http\Controllers\Controller;
-use App\Jobs\Supplier\CsvReconcileJob;
-use Illuminate\Http\JsonResponse;
-use Illuminate\Support\Facades\DB;
-
-/**
- * SaaS-admin → Интеграция с поставщиком: здоровье резервного CSV-канала (Путь 2).
- *
- * Spec: docs/superpowers/specs/2026-05-18-supplier-csv-reconcile-channel-design.md §4.4
- */
-final class AdminSupplierIntegrationController extends Controller
-{
-    private const HISTORY_LIMIT = 20;
-
-    public function index(): JsonResponse
-    {
-        $rows = DB::connection('pgsql_supplier')
-            ->table('supplier_csv_reconcile_log')
-            ->orderByDesc('id')
-            ->limit(self::HISTORY_LIMIT)
-            ->get();
-
-        $last = $rows->first();
-
-        $webhookState = ($last !== null && $last->status === 'drift_alert') ? 'down' : 'live';
-
-        return response()->json([
-            'health' => [
-                'last_run_at' => $last->finished_at ?? $last->started_at ?? null,
-                'last_status' => $last->status ?? null,
-                'drift_ratio' => $last !== null ? (float) $last->drift_ratio : null,
-                'webhook_state' => $webhookState,
-            ],
-            'history' => $rows->map(fn ($r): array => [
-                'started_at' => $r->started_at,
-                'finished_at' => $r->finished_at,
-                'window_start' => $r->window_start,
-                'window_end' => $r->window_end,
-                'status' => $r->status,
-                'total_csv_rows' => (int) $r->total_csv_rows,
-                'matched_count' => (int) $r->matched_count,
-                'recovered_count' => (int) $r->recovered_count,
-                'drift_ratio' => (float) $r->drift_ratio,
-            ])->all(),
-        ]);
-    }
-
-    public function reconcile(): JsonResponse
-    {
-        CsvReconcileJob::dispatch();
-
-        return response()->json(['dispatched' => true]);
-    }
-}
-```
-
-- [ ] **Step 4: Зарегистрировать роуты**
-
-В `app/routes/web.php` внутри группы `Route::middleware('saas-admin')->group(function () {` (рядом с другими `/api/admin/*` роутами, напр. после блока `AdminSuppliersController`) добавить:
-
-```php
-    // Резервный CSV-канал (Путь 2): здоровье канала + ручной запуск сверки.
-    Route::get('/api/admin/supplier-integration', 'App\Http\Controllers\Api\AdminSupplierIntegrationController@index');
-    Route::post('/api/admin/supplier-integration/reconcile', 'App\Http\Controllers\Api\AdminSupplierIntegrationController@reconcile');
-```
-
-- [ ] **Step 5: Запустить тест — убедиться, что проходит**
-
-Run: `cd app && C:/tools/php83/php.exe artisan test tests/Feature/Admin/AdminSupplierIntegrationTest.php`
-Expected: PASS — 3 теста зелёные.
-
-- [ ] **Step 6: Коммит**
-
-```bash
-git add app/app/Http/Controllers/Api/AdminSupplierIntegrationController.php app/routes/web.php app/tests/Feature/Admin/AdminSupplierIntegrationTest.php
-git commit -m "feat(supplier): API «Интеграция с поставщиком» — здоровье CSV-канала + ручная сверка"
-```
-
----
-
-## Task 7: UI — экран «Интеграция с поставщиком»
-
-Vue-страница в админ-части: здоровье канала, кнопка «Сверить сейчас», история сверок.
-
-**Files:**
-
-- Create: `app/resources/js/views/admin/AdminSupplierIntegrationView.vue`
-- Modify: `app/resources/js/router/index.ts` (роут `/admin/supplier-integration`)
-- Modify: `app/resources/js/components/AppSidebar.vue` (пункт меню)
-- Modify: `app/routes/web.php` (SPA-роут `Route::view`)
-- Test: `app/tests/Frontend/AdminSupplierIntegrationView.spec.ts`
-
-> **Паттерн:** следовать существующему `app/resources/js/views/admin/AdminSupplierPricesView.vue` — структура layout, axios-вызовы, Vuetify-компоненты. Прочитать его перед написанием.
-
-- [ ] **Step 1: Написать падающий тест**
-
-Создать `app/tests/Frontend/AdminSupplierIntegrationView.spec.ts`:
-
-```ts
-import { describe, it, expect, vi, beforeEach } from 'vitest';
-import { mount } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-import * as components from 'vuetify/components';
-import * as directives from 'vuetify/directives';
-import axios from 'axios';
-import AdminSupplierIntegrationView from '../../resources/js/views/admin/AdminSupplierIntegrationView.vue';
-
-vi.mock('axios');
-
-const vuetify = createVuetify({ components, directives });
-
-const healthPayload = {
-    health: { last_run_at: '2026-05-18T12:00:00Z', last_status: 'ok', drift_ratio: 0.02, webhook_state: 'live' },
-    history: [
-        {
-            started_at: '2026-05-18T12:00:00Z', finished_at: '2026-05-18T12:01:00Z',
-            window_start: '2026-05-17T00:00:00Z', window_end: '2026-05-18T12:00:00Z',
-            status: 'ok', total_csv_rows: 100, matched_count: 98, recovered_count: 2, drift_ratio: 0.02,
-        },
-    ],
-};
-
-function mountView() {
-    return mount(AdminSupplierIntegrationView, { global: { plugins: [vuetify] } });
-}
-
-beforeEach(() => {
-    vi.clearAllMocks();
-    (axios.get as ReturnType<typeof vi.fn>).mockResolvedValue({ data: healthPayload });
-    (axios.post as ReturnType<typeof vi.fn>).mockResolvedValue({ data: { dispatched: true } });
-});
-
-describe('AdminSupplierIntegrationView', () => {
-    it('loads channel health on mount', async () => {
-        const wrapper = mountView();
-        await new Promise((r) => setTimeout(r, 0));
-        expect(axios.get).toHaveBeenCalledWith('/api/admin/supplier-integration');
-        expect(wrapper.text()).toContain('live');
-    });
-
-    it('renders reconcile history rows', async () => {
-        const wrapper = mountView();
-        await new Promise((r) => setTimeout(r, 0));
-        await wrapper.vm.$nextTick();
-        expect(wrapper.text()).toContain('100');
-    });
-
-    it('triggers manual reconcile on button click', async () => {
-        const wrapper = mountView();
-        await new Promise((r) => setTimeout(r, 0));
-        await wrapper.find('[data-test="reconcile-now"]').trigger('click');
-        expect(axios.post).toHaveBeenCalledWith('/api/admin/supplier-integration/reconcile');
-    });
-});
-```
-
-- [ ] **Step 2: Запустить тест — убедиться, что падает**
-
-Run: `cd app && npm run test:vue -- tests/Frontend/AdminSupplierIntegrationView.spec.ts`
-Expected: FAIL — файл `AdminSupplierIntegrationView.vue` не существует.
-
-- [ ] **Step 3: Создать Vue-компонент**
-
-Создать `app/resources/js/views/admin/AdminSupplierIntegrationView.vue`:
-
-```vue
-<script setup lang="ts">
-import { ref, onMounted } from 'vue';
-import axios from 'axios';
-
-interface ReconcileRow {
-    started_at: string;
-    finished_at: string | null;
-    window_start: string;
-    window_end: string;
-    status: string;
-    total_csv_rows: number;
-    matched_count: number;
-    recovered_count: number;
-    drift_ratio: number;
-}
-
-interface Health {
-    last_run_at: string | null;
-    last_status: string | null;
-    drift_ratio: number | null;
-    webhook_state: string;
-}
-
-const health = ref<Health | null>(null);
-const history = ref<ReconcileRow[]>([]);
-const loading = ref(false);
-const reconciling = ref(false);
-
-async function load(): Promise<void> {
-    loading.value = true;
-    try {
-        const { data } = await axios.get('/api/admin/supplier-integration');
-        health.value = data.health;
-        history.value = data.history;
-    } finally {
-        loading.value = false;
-    }
-}
-
-async function reconcileNow(): Promise<void> {
-    reconciling.value = true;
-    try {
-        await axios.post('/api/admin/supplier-integration/reconcile');
-        // Сверка асинхронная — даём ей время и перезагружаем здоровье.
-        setTimeout(() => void load(), 4000);
-    } finally {
-        reconciling.value = false;
-    }
-}
-
-function statusColor(status: string | null): string {
-    if (status === 'ok') return 'success';
-    if (status === 'drift_alert') return 'warning';
-    if (status === 'failed') return 'error';
-    return 'grey';
-}
-
-onMounted(() => void load());
-</script>
-
-<template>
-    <div class="pa-6">
-        <h1 class="text-h5 mb-4">Интеграция с поставщиком</h1>
-
-        <v-card class="mb-4">
-            <v-card-title>Здоровье резервного канала</v-card-title>
-            <v-card-text v-if="health">
-                <div class="mb-2">
-                    Webhook:
-                    <v-chip :color="health.webhook_state === 'live' ? 'success' : 'error'" size="small">
-                        {{ health.webhook_state }}
-                    </v-chip>
-                </div>
-                <div class="mb-2">
-                    Последняя сверка:
-                    <v-chip :color="statusColor(health.last_status)" size="small">
-                        {{ health.last_status ?? '—' }}
-                    </v-chip>
-                    <span class="ml-2">{{ health.last_run_at ?? '—' }}</span>
-                </div>
-                <div class="mb-4">
-                    Расхождение (drift):
-                    {{ health.drift_ratio !== null ? (health.drift_ratio * 100).toFixed(2) + ' %' : '—' }}
-                </div>
-                <v-btn
-                    data-test="reconcile-now"
-                    color="primary"
-                    :loading="reconciling"
-                    @click="reconcileNow"
-                >
-                    Сверить сейчас
-                </v-btn>
-            </v-card-text>
-        </v-card>
-
-        <v-card>
-            <v-card-title>История сверок</v-card-title>
-            <v-table>
-                <thead>
-                    <tr>
-                        <th>Начало</th>
-                        <th>Статус</th>
-                        <th>Строк CSV</th>
-                        <th>Совпало</th>
-                        <th>Подобрано</th>
-                        <th>Drift</th>
-                    </tr>
-                </thead>
-                <tbody>
-                    <tr v-for="(row, i) in history" :key="i">
-                        <td>{{ row.started_at }}</td>
-                        <td>
-                            <v-chip :color="statusColor(row.status)" size="x-small">{{ row.status }}</v-chip>
-                        </td>
-                        <td>{{ row.total_csv_rows }}</td>
-                        <td>{{ row.matched_count }}</td>
-                        <td>{{ row.recovered_count }}</td>
-                        <td>{{ (row.drift_ratio * 100).toFixed(2) }} %</td>
-                    </tr>
-                </tbody>
-            </v-table>
-        </v-card>
-    </div>
-</template>
-```
-
-- [ ] **Step 4: Зарегистрировать роут в router**
-
-В `app/resources/js/router/index.ts` добавить роут (рядом с другими `/admin/*` роутами, следовать существующему паттерну lazy-import + `meta.layout`):
-
-```ts
-    {
-        path: '/admin/supplier-integration',
-        name: 'admin-supplier-integration',
-        component: () => import('../views/admin/AdminSupplierIntegrationView.vue'),
-        meta: { layout: 'app' },
-    },
-```
-
-- [ ] **Step 5: Добавить пункт в боковое меню**
-
-В `app/resources/js/components/AppSidebar.vue` добавить пункт навигации в админ-секцию (следовать формату существующих `nav`-элементов файла — title, иконка Lucide, `to: '/admin/supplier-integration'`). Точный формат — по соседнему админ-пункту в том же файле.
-
-- [ ] **Step 6: Добавить SPA-роут в `web.php`**
-
-В `app/routes/web.php` рядом с другими `Route::view(...)` SPA-роутами добавить:
-
-```php
-Route::view('/admin/supplier-integration', 'welcome');
-```
-
-- [ ] **Step 7: Запустить тест — убедиться, что проходит**
-
-Run: `cd app && npm run test:vue -- tests/Frontend/AdminSupplierIntegrationView.spec.ts`
-Expected: PASS — 3 теста зелёные.
-
-- [ ] **Step 8: Сборка фронтенда**
-
-Run: `cd app && npm run build`
-Expected: сборка без ошибок (PROD-режим — портал отдаёт `public/build/`).
-
-- [ ] **Step 9: Коммит**
-
-```bash
-git add app/resources/js/views/admin/AdminSupplierIntegrationView.vue app/resources/js/router/index.ts app/resources/js/components/AppSidebar.vue app/routes/web.php app/tests/Frontend/AdminSupplierIntegrationView.spec.ts
-git commit -m "feat(supplier): UI-экран «Интеграция с поставщиком» — здоровье CSV-канала"
-```
-
----
-
-## Финальная проверка эпика
-
-- [ ] **Полная регрессия**
-
-```bash
-cd app && C:/tools/php83/php.exe artisan test tests/Feature/Supplier tests/Feature/Admin tests/Feature/Jobs/RouteSupplierLeadJobTest.php tests/Feature/Http/Webhook/SupplierWebhookTest.php
-cd app && npm run test:vue
-```
-
-Expected: все зелёные, 0 регрессий.
-
-- [ ] **Pre-commit перед каждым коммитом** уже прогоняет pint + larastan + gitleaks. Если Larastan baseline переполнен новыми тестами — обновить `app/phpstan-baseline.neon` (счётчики `actingAs` / `getJson` / `tenant` в новых тест-файлах), отдельным коммитом или в составе задачи.
-
-- [ ] **Push** — `git push origin <ветка>:main` (паттерн проекта); pre-push прогоняет gitleaks-full-history + lychee.
-
-## Замечания
-
-- **Endpoint'ы отчёта (T3)** — placeholder до discovery-шага T3 Step 1. Это единственная зона неопределённости; код T3 написан на лучшем предположении и корректируется по факту портала.
-- **Письмо drift-alert** доставляется только после настройки почты (Б-1); `CsvDriftAlertMail` формируется всегда, тест проверяет `Mail::assertSent` (fake).
-- **Плашка + колокольчик** при drift > 5% — spec §7 упоминает их; в этом плане drift фиксируется в `supplier_csv_reconcile_log` + письмо, а UI-индикатор «webhook down» (T6/T7) выполняет роль плашки на админ-странице. Отдельный in-app `notification` (колокольчик) — НЕ в этом плане (требует привязки к tenant-уровню `in_app_notifications`, а CSV-канал SaaS-level); если нужен — отдельная задача.
diff --git a/docs/superpowers/plans/2026-05-19-supplier-migration-followup.md b/docs/superpowers/plans/2026-05-19-supplier-migration-followup.md
deleted file mode 100644
index 8105639..0000000
--- a/docs/superpowers/plans/2026-05-19-supplier-migration-followup.md
+++ /dev/null
@@ -1,1089 +0,0 @@
-# Supplier Migration Follow-up Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Закрыть 5 хвостов миграции данных Лидерра ↔ crm.bp-gr.ru: defense-in-depth детект HTTP-200-логина в `SupplierPortalClient`, recon реальных локаторов формы rt-проекта, rewrite `manage-project.js` под Element UI с интерсептом ответа `rt-project-save` для надёжного захвата `external_id`, live-тест form-канала и полный 3-ярусный прогон `FailoverProjectChannel`.
-
-**Architecture:** Все правки — поверх существующего эпика `feat/supplier-project-failover` (origin/main `643e1a5`). Изменения:
-
-- Task 1: `SupplierPortalClient::request()` — после успешного HTTP 2xx распознавать страницу-логин Yii2 (тэги `loginform-username` / `LoginForm[username]`), форсить `RefreshSupplierSessionJob` + retry (новая ветка ретрая поверх существующей 401/403-логики).
-- Task 2: recon-snapshot реальных локаторов 13 полей формы rt-проекта (Element UI / Vue 2) в `docs/discovery/2026-05-19-rt-project-form-locators.md` — input для Task 3.
-- Task 3: переписать `app/playwright/manage-project.js` (Tier-2) на label-based / attribute-based локаторы Element UI; `external_id` получать через `page.waitForResponse('rt-project-save')` + парсинг тела ответа портала (надёжнее DOM-парсинга новой строки таблицы).
-- Task 4: live-smoke create+delete через rewrite-bridge (без удаления — оставляем артефакт под Task 5).
-- Task 5: tinker-скрипт `app/storage/_smoke_failover_3tier.php` гоняет 3 ветки: tier-1 live (AJAX) → принудительный fail-tier-1 (DI-стаб) → tier-2 live (form через переписанный bridge) → принудительный fail-tier-1+2 → tier-3 (manual queue + email-stub).
-
-**Tech Stack:** PHP 8.3 + Laravel 13 (Pest 4, Larastan), Playwright (node + chromium-1217), Element UI / Vue 2 (на стороне портала), Redis (Memurai), PostgreSQL 16.
-
----
-
-## Task 1: HTTP-200-логин детект в SupplierPortalClient + retry
-
-**Files:**
-
-- Modify: `app/app/Services/Supplier/SupplierPortalClient.php` (метод `request`, после успешного 2xx ответа — детект login page + retry path)
-- Test: `app/tests/Unit/Supplier/SupplierPortalClientTest.php` (новые case'ы)
-
-**Контракт детекта:** Yii2 login-page содержит атрибут `id="loginform-username"` и `name="loginform-password"` (проверено в `app/playwright/refresh-session.js:34-35`). Регэксп `~loginform-(username|password)~i` устойчив (не появляется в легитимных API-ответах rt-* / отчётов). Применяем детект только к ответам с Content-Type начинающимся на `text/html` ИЛИ к ответам без `application/json` в заголовке — это режет false-positive на массивных JSON-ответах (отчёты, projects).
-
-**Поведение:**
-
-- При обнаружении login-page в `text/html` ответе → если `! $isRetry` → dispatch_sync(RefreshSupplierSessionJob) + recursive call с `$isRetry=true`.
-- Если повтор тоже login-page → SupplierAuthException("Portal returned login page after refresh on {$path}").
-- 401/403-ветка остаётся как есть; новая логика — отдельный блок ПОСЛЕ существующей 401/403-проверки и ПЕРЕД проверкой `>= 500` (то есть только в успешной 2xx ветке).
-
-- [ ] **Step 1.1: Failing test — login page in HTML response triggers refresh + retry**
-
-Edit `app/tests/Unit/Supplier/SupplierPortalClientTest.php` — добавить в конец:
-
-```php
-test('200 HTML login page triggers RefreshSupplierSessionJob sync and retries once', function (): void {
-    Bus::fake([RefreshSupplierSessionJob::class]);
-
-    Http::fakeSequence('crm.bp-gr.ru/*')
-        ->push(
-            '<html><body><form action="/login"><input id="loginform-username" name="LoginForm[username]"></form></body></html>',
-            200,
-            ['Content-Type' => 'text/html; charset=utf-8'],
-        )
-        ->push('{"projects":[]}', 200, ['Content-Type' => 'application/json']);
-
-    app(SupplierPortalClient::class)->listProjects();
-
-    Bus::assertDispatchedSync(RefreshSupplierSessionJob::class);
-    Http::assertSentCount(2);
-});
-
-test('sticky HTML login page after retry throws SupplierAuthException', function (): void {
-    Bus::fake([RefreshSupplierSessionJob::class]);
-
-    Http::fakeSequence('crm.bp-gr.ru/*')
-        ->push(
-            '<html><input id="loginform-username"></html>',
-            200,
-            ['Content-Type' => 'text/html; charset=utf-8'],
-        )
-        ->push(
-            '<html><input id="loginform-username"></html>',
-            200,
-            ['Content-Type' => 'text/html; charset=utf-8'],
-        );
-
-    expect(fn () => app(SupplierPortalClient::class)->listProjects())
-        ->toThrow(SupplierAuthException::class, 'Portal returned login page after refresh');
-});
-
-test('JSON response with substring "loginform-username" is NOT misclassified as login page', function (): void {
-    Http::fake([
-        'crm.bp-gr.ru/*' => Http::response(
-            '{"projects":[{"name":"loginform-username is just a string here"}]}',
-            200,
-            ['Content-Type' => 'application/json'],
-        ),
-    ]);
-
-    $result = app(SupplierPortalClient::class)->listProjects();
-
-    expect($result)->toHaveCount(1);
-    Http::assertSentCount(1);  // no retry — JSON header skips login-detect
-});
-```
-
-- [ ] **Step 1.2: Run new tests to verify they fail**
-
-Run:
-
-```bash
-cd app && ./vendor/bin/pest tests/Unit/Supplier/SupplierPortalClientTest.php --filter="login page" -v
-```
-
-Expected: 3 FAIL — все тесты ожидают новое поведение, которого ещё нет.
-
-- [ ] **Step 1.3: Implement login-page detection в `request()`**
-
-Edit `app/app/Services/Supplier/SupplierPortalClient.php`:
-
-После строки 313 (`if ($response->status() >= 500) {`) — НЕТ. Login-detect должен быть в успешной ветке (после всех 4xx/5xx throws), ПЕРЕД финальным `return $response;` (строка 323).
-
-Заменить блок с строки 305 (после блока 401/403 retry) до строки 324 (`}`) — добавить новый блок между 4xx-throw и финальным return:
-
-```php
-        if ($response->status() >= 500) {
-            throw new SupplierTransientException(
-                "Supplier server error {$response->status()} on {$path}",
-                httpStatus: $response->status(),
-                responseBody: $response->body(),
-            );
-        }
-
-        if ($response->status() >= 400) {
-            throw new SupplierClientException(
-                "Supplier rejected {$path}: HTTP {$response->status()}",
-                httpStatus: $response->status(),
-                responseBody: $response->body(),
-            );
-        }
-
-        // Defense-in-depth: портал отдаёт логин-страницу с HTTP 200 при истекшей
-        // сессии middle-of-use (вместо 401/403). Детектим Yii2-маркер и форсим
-        // refresh+retry. Verified 2026-05-19: refresh-session.js ловит #loginform-username.
-        if ($this->isHtmlLoginPage($response)) {
-            if ($isRetry) {
-                throw new SupplierAuthException(
-                    "Portal returned login page after refresh on {$path}",
-                    httpStatus: $response->status(),
-                    responseBody: $response->body(),
-                );
-            }
-            try {
-                dispatch_sync(app(RefreshSupplierSessionJob::class));
-            } catch (\Throwable $e) {
-                throw new SupplierAuthException(
-                    "Session refresh failed during HTML-login retry on {$path}: {$e->getMessage()}",
-                    httpStatus: $response->status(),
-                    previous: $e,
-                );
-            }
-
-            return $this->request($method, $path, $body, isRetry: true, asJson: $asJson);
-        }
-
-        return $response;
-    }
-
-    private function isHtmlLoginPage(Response $response): bool
-    {
-        $contentType = (string) ($response->header('Content-Type') ?? '');
-        if (! str_starts_with(mb_strtolower($contentType), 'text/html')) {
-            return false;
-        }
-
-        return preg_match('~loginform-(username|password)~i', $response->body()) === 1;
-    }
-```
-
-NB: подпись `request()` — `bool $isRetry = false, bool $asJson = false` — рекурсивный вызов передаёт оба флага.
-
-- [ ] **Step 1.4: Run new tests to verify they pass**
-
-Run:
-
-```bash
-cd app && ./vendor/bin/pest tests/Unit/Supplier/SupplierPortalClientTest.php --filter="login page|loginform-username" -v
-```
-
-Expected: 3 PASS (новые тесты) + остальной файл должен остаться зелёным.
-
-- [ ] **Step 1.5: Run full SupplierPortalClientTest to check regression**
-
-Run:
-
-```bash
-cd app && ./vendor/bin/pest tests/Unit/Supplier/SupplierPortalClientTest.php -v
-```
-
-Expected: все тесты PASS (12+).
-
-- [ ] **Step 1.6: Larastan + Pint**
-
-Run:
-
-```bash
-cd app && ./vendor/bin/pint app/Services/Supplier/SupplierPortalClient.php && ./vendor/bin/phpstan analyse app/Services/Supplier/SupplierPortalClient.php tests/Unit/Supplier/SupplierPortalClientTest.php
-```
-
-Expected: Pint clean (FIXED/no changes), Larastan 0 errors (или baseline-обновления отметить отдельно).
-
-- [ ] **Step 1.7: Commit**
-
-```bash
-git add app/app/Services/Supplier/SupplierPortalClient.php app/tests/Unit/Supplier/SupplierPortalClientTest.php
-git commit -m "feat(supplier): detect HTTP-200 HTML login page → force refresh+retry (defense-in-depth)"
-```
-
-NB: если pre-commit hooks (lefthook) включают larastan baseline-update — добавить и его в коммит.
-
----
-
-## Task 2: Recon точных локаторов 13 полей формы rt-проекта
-
-**Files:**
-
-- Create: `docs/discovery/2026-05-19-rt-project-form-locators.md` (recon-документ — input для Task 3)
-
-**Цель:** записать **реальные** локаторы для каждого UI-поля формы добавления rt-проекта на crm.bp-gr.ru `/admin/visit/rt` (Element UI + Vue 2). Без этого Task 3 — слепой код.
-
-**13 полей** (выведено из `manage-project.js fillForm` + `FormProjectChannel::mapDto`):
-
-1. `active` — переключатель «Активный/Неактивный» (el-switch или el-checkbox)
-2. `tag` — поле «Тег» (el-input)
-3. `platforms[B1]` — чекбокс «B1»
-4. `platforms[B2]` — чекбокс «B2»
-5. `platforms[B3]` — чекбокс «B3»
-6. `name` — поле «Название» (el-input)
-7. `signal_type` — селект «Тип сигнала» (el-select c опциями «Сайты» / «Звонки» / «СМС»)
-8. `region_mode` — переключатель include/exclude регионов (el-radio-group)
-9. `regions[]` — мульти-селект регионов (el-select multiple) — **новое, не было в старом manage-project.js**, нужно для regions из DTO
-10. `domains` — поле «Домены» (el-input textarea), только при `signal_type=site`
-11. `limit` — поле «Лимит/день» (el-input-number)
-12. `workdays[]` — чекбоксы дней недели (1..7, el-checkbox-group)
-13. `save_button` — кнопка «Сохранить»
-
-- [ ] **Step 2.1: Login в портал через Playwright MCP**
-
-Через Playwright MCP в текущей сессии:
-
-```
-mcp__playwright__browser_navigate("https://crm.bp-gr.ru/admin/site/login")
-```
-
-Если редирект на форму логина — заполнить (login/password из `.env` `SUPPLIER_LOGIN`/`SUPPLIER_PASSWORD`):
-
-```
-mcp__playwright__browser_fill_form([
-  {target: <username-input>, name: "Логин", type: "textbox", value: "<SUPPLIER_LOGIN>"},
-  {target: <password-input>, name: "Пароль", type: "textbox", value: "<SUPPLIER_PASSWORD>"},
-])
-mcp__playwright__browser_click(<submit-button>)
-```
-
-Expected: после логина — главная админка `/admin/site/dashboard` или `/admin/visit/rt`.
-
-- [ ] **Step 2.2: Открыть форму «Добавить проект»**
-
-```
-mcp__playwright__browser_navigate("https://crm.bp-gr.ru/admin/visit/rt")
-mcp__playwright__browser_snapshot
-```
-
-Найти кнопку «Добавить проект» по тексту в snapshot; кликнуть; дождаться появления формы.
-
-```
-mcp__playwright__browser_click(<add-project-button>)
-mcp__playwright__browser_snapshot
-```
-
-NB: согласно памяти, форма — **inline-панель**, не модалка. Snapshot покажет фактическую структуру.
-
-- [ ] **Step 2.3: Извлечь DOM-локаторы каждого из 13 полей**
-
-Для каждого из 13 полей выполнить `browser_evaluate` с querySelector — записать **выбранный stable-локатор**, его тип (label-based / attribute / class), и **fallback**-локатор.
-
-Пример для поля `name`:
-
-```javascript
-mcp__playwright__browser_evaluate({
-  function: () => {
-    // Стратегия 1: label-based (предпочтительно для Element UI)
-    const labels = document.querySelectorAll('.el-form-item__label');
-    const nameLabel = Array.from(labels).find(l => l.textContent.trim() === 'Название');
-    const nameInput = nameLabel?.closest('.el-form-item')?.querySelector('input');
-
-    // Стратегия 2: attribute-based fallback
-    const byName = document.querySelector('input[placeholder*="название" i]');
-
-    return {
-      labelBasedFound: !!nameInput,
-      labelBasedHTML: nameInput?.outerHTML?.slice(0, 200),
-      fallbackFound: !!byName,
-      fallbackHTML: byName?.outerHTML?.slice(0, 200),
-    };
-  }
-})
-```
-
-Аналогично для каждого из 13 полей. Для `signal_type` (el-select) — записать **точный текст опций** «Сайты», «Звонки», «СМС» (или их реальные варианты — могут отличаться).
-
-- [ ] **Step 2.4: Найти save-кнопку + интерсепт-сигнал**
-
-```javascript
-mcp__playwright__browser_evaluate({
-  function: () => {
-    const buttons = Array.from(document.querySelectorAll('button'));
-    const saveBtn = buttons.find(b => b.textContent.trim() === 'Сохранить' || b.textContent.trim() === 'Создать');
-    return {
-      saveBtnFound: !!saveBtn,
-      saveBtnHTML: saveBtn?.outerHTML?.slice(0, 300),
-    };
-  }
-})
-```
-
-- [ ] **Step 2.5: Записать recon в `docs/discovery/2026-05-19-rt-project-form-locators.md`**
-
-Шаблон документа:
-
-```markdown
-# Локаторы формы rt-проекта crm.bp-gr.ru (recon 2026-05-19)
-
-**Среда:** crm.bp-gr.ru `/admin/visit/rt`, Element UI 2 + Vue 2, форма открыта по кнопке «Добавить проект» (inline-панель, НЕ модалка).
-
-**Снимок DOM:** Playwright MCP browser_snapshot 2026-05-19 (см. `rt-add-project-form.yml`).
-
-| № | Поле | Локатор (Playwright) | Fallback | Контракт |
-|---|---|---|---|---|
-| 1 | active | `<реальный селектор>` | `<fallback>` | el-switch / el-checkbox |
-| 2 | tag | `<реальный селектор>` | — | el-input, ввод текста |
-| 3 | platforms[B1] | `<реальный селектор>` | — | el-checkbox value=B1 |
-| 4 | platforms[B2] | `<реальный селектор>` | — | el-checkbox value=B2 |
-| 5 | platforms[B3] | `<реальный селектор>` | — | el-checkbox value=B3 |
-| 6 | name | `<реальный селектор>` | — | el-input |
-| 7 | signal_type | `<реальный селектор>` | — | el-select; опции: «Сайты»/«Звонки»/«СМС» (точный текст) |
-| 8 | region_mode | `<реальный селектор>` | — | el-radio-group; values: «Включить»/«Исключить» |
-| 9 | regions[] | `<реальный селектор>` | — | el-select multiple |
-| 10 | domains | `<реальный селектор>` | — | el-input textarea (`signal_type=site`) |
-| 11 | limit | `<реальный селектор>` | — | el-input-number |
-| 12 | workdays[1..7] | `<реальный селектор шаблон>` | — | el-checkbox-group, 7 чекбоксов |
-| 13 | save_button | `<реальный селектор>` | — | el-button «Сохранить» |
-
-## Интерсепт ответа
-
-POST `/admin/visit/rt-project-save` — Playwright `page.waitForResponse(r => r.url().endsWith('rt-project-save') && r.request().method() === 'POST')`. Body — JSON-конверт `{status, message, result, id}`. external_id — `body.id` (строка, привести к int).
-
-## Известное
-
-- Форма Element UI → классы вида `el-input__inner`, `el-select__caret` — стабильны между минор-релизами Element UI 2.x.
-- Label-based стратегия предпочтительна (текст «Название» / «Тип сигнала» — пользовательский, под контролем портала; меняется только при i18n-смене языка).
-- Текст опций select'а нужно **записать точно** — code в Task 3 будет матчить по точному тексту.
-```
-
-- [ ] **Step 2.6: Закрыть форму без сохранения**
-
-```
-mcp__playwright__browser_click(<отмена-или-крестик>)
-```
-
-Не оставлять висящую форму в админке. Если есть кнопка «Отмена» — кликнуть; если нет — закрыть таб через `mcp__playwright__browser_tabs(action=close)`.
-
-- [ ] **Step 2.7: Commit recon-документа**
-
-```bash
-git add docs/discovery/2026-05-19-rt-project-form-locators.md
-git commit -m "docs(discovery): rt-project form locators recon (Element UI + Vue 2)"
-```
-
----
-
-## Task 3: Rewrite manage-project.js под Element UI + интерсепт rt-project-save
-
-**Files:**
-
-- Modify: `app/playwright/manage-project.js` (полный rewrite функций `fillForm`, `createOp`, `updateOp`, `listOp`)
-- Test: `app/playwright/manage-project.test.js` (фикстура-режим + проверка контракта; если файл существует — обновить)
-
-**Контракт rewrite:**
-
-- Локаторы — из `docs/discovery/2026-05-19-rt-project-form-locators.md` (Task 2 output). Использовать label-based через `getByLabel`/`locator(':has-text("...")').locator(...)` где возможно.
-- `external_id` для create — **из интерсепта ответа** `POST /admin/visit/rt-project-save` через `page.waitForResponse()`, не из DOM. Парсить body → `{status, message, id}` → если `status !== 'OK'` → throw с message.
-- `listOp` — переписать через `page.evaluate` извлечение Vuex-state или скрейп строк таблицы (зависит от реального DOM в Task 2 snapshot).
-- Login — оставить как есть (`refresh-session.js` уже работает; форма та же).
-- Exit codes — без изменений (0/1/2/3/4).
-
-- [ ] **Step 3.1: Failing test — fillForm uses Element UI selectors**
-
-Edit `app/playwright/manage-project.test.js` (или создать если нет). Тест-стратегия: статическая HTML-фикстура с реальной разметкой Element UI (скопировать структуру из recon-документа Task 2), `skipLogin=true`, прогон `createOp` — assert на правильное заполнение полей через `page.evaluate`.
-
-NB: тест запускается через `node app/playwright/manage-project.test.js` (или vitest, если уже настроен в этой директории). Если нет — добавить минимальный test-runner через node:test или прямой assert.
-
-Шаблон:
-
-```javascript
-// app/playwright/manage-project.test.js
-const { spawn } = require('child_process');
-const { test } = require('node:test');
-const assert = require('node:assert');
-const fs = require('fs');
-const path = require('path');
-const http = require('http');
-
-const FIXTURE_PATH = path.join(__dirname, 'fixtures', 'rt-form-element-ui.html');
-
-function startFixtureServer() {
-  return new Promise((resolve) => {
-    const server = http.createServer((req, res) => {
-      const html = fs.readFileSync(FIXTURE_PATH, 'utf8');
-      res.writeHead(200, {'Content-Type': 'text/html; charset=utf-8'});
-      res.end(html);
-    }).listen(0, () => resolve(server));
-  });
-}
-
-function runManageProject(input) {
-  return new Promise((resolve) => {
-    const child = spawn('node', [path.join(__dirname, 'manage-project.js')], {stdio: ['pipe', 'pipe', 'pipe']});
-    let stdout = '', stderr = '';
-    child.stdout.on('data', d => stdout += d);
-    child.stderr.on('data', d => stderr += d);
-    child.on('close', code => resolve({code, stdout, stderr}));
-    child.stdin.write(JSON.stringify(input));
-    child.stdin.end();
-  });
-}
-
-test('fillForm fills 13 fields via Element UI label-based locators', async () => {
-  const server = await startFixtureServer();
-  try {
-    const url = `http://localhost:${server.address().port}`;
-    const result = await runManageProject({
-      operation: 'create', url, skipLogin: true,
-      dto: {tag: '_lidpotok', name: 'example.com', platforms: ['B1'], signal_type: 'site',
-            limit: 5, workdays: [1,2,3,4,5], domains: ['example.com'], region_mode: 'include', active: true},
-    });
-    // Фикстура мокает rt-project-save → возвращает {status:"OK", id:"99001"}
-    assert.strictEqual(result.code, 0, `stderr: ${result.stderr}`);
-    const out = JSON.parse(result.stdout);
-    assert.strictEqual(out.external_id, '99001');
-  } finally {
-    server.close();
-  }
-});
-```
-
-Фикстура `app/playwright/fixtures/rt-form-element-ui.html` — копия реальной структуры из Task 2 snapshot + script-стаб для fetch `rt-project-save`.
-
-- [ ] **Step 3.2: Run test to verify it fails**
-
-Run:
-
-```bash
-cd app/playwright && node --test manage-project.test.js
-```
-
-Expected: FAIL — старый код manage-project.js не работает с Element UI фикстурой (placeholder-селекторы не найдут поля).
-
-- [ ] **Step 3.3: Создать фикстуру `app/playwright/fixtures/rt-form-element-ui.html`**
-
-Минимальная HTML с структурой Element UI (классы `.el-form-item`, `.el-form-item__label`, `.el-input__inner` и т.д.) — копировать из Task 2 snapshot. Script-стаб мокает `rt-project-save` через fetch-override:
-
-```html
-<!DOCTYPE html>
-<html><head><meta charset="utf-8"></head><body>
-<div class="el-form">
-  <!-- 13 полей — точная структура из Task 2 recon -->
-  <div class="el-form-item"><label class="el-form-item__label">Тег</label>
-    <div class="el-form-item__content"><div class="el-input"><input class="el-input__inner" type="text"></div></div></div>
-  <!-- ... остальные поля по recon-документу ... -->
-  <button type="button" class="el-button el-button--primary" id="save-btn">
-    <span>Сохранить</span>
-  </button>
-</div>
-<script>
-  // Мок ответа портала: при клике на save-btn — fire fetch к rt-project-save с правильным конвертом
-  document.getElementById('save-btn').addEventListener('click', async () => {
-    await fetch('/admin/visit/rt-project-save', {method:'POST', body: '{}'});
-  });
-  // Перехватываем fetch — возвращаем {status:"OK", id:"99001"}
-  const _fetch = window.fetch;
-  window.fetch = async (url, opts) => {
-    if (String(url).includes('rt-project-save')) {
-      return new Response(JSON.stringify({status:'OK', message:'', result:null, id:'99001'}),
-        {status:200, headers:{'Content-Type':'application/json'}});
-    }
-    return _fetch(url, opts);
-  };
-</script>
-</body></html>
-```
-
-- [ ] **Step 3.4: Rewrite `fillForm` в `manage-project.js`**
-
-Edit `app/playwright/manage-project.js` — заменить `fillForm` функцию (строки 42-76). Использовать label-based стратегию из Task 2 recon. Шаблон (адаптировать под реальные локаторы):
-
-```javascript
-// Helper: el-form-item с конкретным label
-function fieldByLabel(page, label) {
-  return page.locator('.el-form-item', {has: page.locator('.el-form-item__label', {hasText: new RegExp(`^${label}$`)})});
-}
-
-async function fillForm(page, dto) {
-  // 1. active — el-switch
-  const activeField = fieldByLabel(page, 'Активный');
-  const isActive = await activeField.locator('.el-switch.is-checked').count() > 0;
-  if (isActive !== !!dto.active) await activeField.locator('.el-switch').click();
-
-  // 2. tag
-  if (dto.tag) await fieldByLabel(page, 'Тег').locator('input').fill(dto.tag);
-
-  // 3-5. platforms — checkboxes B1/B2/B3
-  for (const p of ['B1', 'B2', 'B3']) {
-    const wanted = (dto.platforms || []).includes(p);
-    const cb = fieldByLabel(page, 'Платформы').locator('.el-checkbox', {hasText: p});
-    const checked = await cb.locator('.is-checked').count() > 0;
-    if (checked !== wanted) await cb.click();
-  }
-
-  // 6. name
-  await fieldByLabel(page, 'Название').locator('input').fill(dto.name);
-
-  // 7. signal_type — el-select
-  const signalLabel = {site: 'Сайты', call: 'Звонки', sms: 'СМС'}[dto.signal_type] || 'Сайты';
-  await fieldByLabel(page, 'Тип сигнала').locator('.el-select').click();
-  await page.locator('.el-select-dropdown__item', {hasText: signalLabel}).click();
-
-  // 8. region_mode — el-radio-group
-  if (dto.region_mode === 'exclude') {
-    await fieldByLabel(page, 'Регионы').locator('.el-radio', {hasText: 'Исключить'}).click();
-  }
-
-  // 9. regions[] — el-select multiple (skip если пуст)
-  if (dto.regions && dto.regions.length) {
-    // открыть мульти-селект и добавить теги — конкретно зависит от Task 2 recon
-    // Если регионы — числа (id), нужен mapping на отображаемые имена; если строки — прямо .fill().
-  }
-
-  // 10. domains — textarea (только site)
-  if (dto.domains && dto.domains.length) {
-    await fieldByLabel(page, 'Домены').locator('textarea').fill(dto.domains.join('\n'));
-  }
-
-  // 11. limit — el-input-number
-  await fieldByLabel(page, 'Лимит').locator('input').fill(String(dto.limit));
-
-  // 12. workdays — checkboxes 1..7
-  for (let d = 1; d <= 7; d++) {
-    const wanted = (dto.workdays || [1,2,3,4,5,6,7]).includes(d);
-    const cb = fieldByLabel(page, 'Дни недели').locator('.el-checkbox', {hasText: new RegExp(`^${d}$|${dayName(d)}`)});
-    const checked = await cb.locator('.is-checked').count() > 0;
-    if (checked !== wanted) await cb.click();
-  }
-}
-
-function dayName(d) {
-  return ['Пн','Вт','Ср','Чт','Пт','Сб','Вс'][d-1];
-}
-```
-
-**NB:** точные `hasText` строки берутся из Task 2 recon. Если recon показал другой текст лейбла — править соответствующе.
-
-- [ ] **Step 3.5: Rewrite `createOp` с интерсептом rt-project-save**
-
-В том же файле — заменить `createOp` (строки 78-100):
-
-```javascript
-async function createOp(page, args) {
-  await login(page, args);
-
-  if (!args.skipLogin) {
-    await page.goto(args.url.replace(/\/$/, '') + '/admin/visit/rt', {waitUntil: 'load', timeout: TIMEOUT_MS});
-    // Кнопка «Добавить проект» — селектор из Task 2 recon
-    await page.locator('button:has-text("Добавить проект")').click();
-    // Inline-панель появляется — ждать формы (label «Название»)
-    await page.locator('.el-form-item__label:has-text("Название")').waitFor({state: 'visible', timeout: TIMEOUT_MS});
-  }
-
-  await fillForm(page, args.dto);
-
-  // Кликаем «Сохранить» + интерсептим ответ rt-project-save
-  const [saveResponse] = await Promise.all([
-    page.waitForResponse(
-      r => r.url().endsWith('/admin/visit/rt-project-save') && r.request().method() === 'POST',
-      {timeout: TIMEOUT_MS},
-    ),
-    page.locator('button:has-text("Сохранить")').click(),
-  ]);
-
-  const body = await saveResponse.json();
-  if (body.status !== 'OK') {
-    throw new Error(`Portal rejected save: ${body.message || 'unknown error'}`);
-  }
-  const externalId = String(body.id ?? '');
-  if (!externalId) {
-    throw new Error('Portal returned status=OK but empty id');
-  }
-
-  return {external_id: externalId};
-}
-```
-
-- [ ] **Step 3.6: Rewrite `updateOp` и `listOp` аналогично**
-
-`updateOp` — клик «редактировать» на строке таблицы (локатор из Task 2 recon), затем `fillForm`, затем интерсепт `rt-project-save` (теперь `body.status` — единственный success-критерий, `body.id` не используется — обновление того же id).
-
-`listOp` — если на странице есть `Vuex` state (можно достать через `window.__INITIAL_STATE__` или `window.app.$store.state`) — извлечь оттуда; иначе скрейп таблицы:
-
-```javascript
-async function listOp(page, args) {
-  await login(page, args);
-  if (!args.skipLogin) {
-    await page.goto(args.url.replace(/\/$/, '') + '/admin/visit/rt', {waitUntil: 'load', timeout: TIMEOUT_MS});
-  }
-
-  // Стратегия 1: Vuex (если доступен)
-  const projects = await page.evaluate(() => {
-    if (window.app?.$store?.state?.projects) {
-      return window.app.$store.state.projects.map(p => ({id: parseInt(p.id, 10), name: p.name, platform: p.platform, signal_type: p.type, unique_key: p.content}));
-    }
-    return null;
-  });
-  if (projects) return {projects};
-
-  // Стратегия 2: скрейп таблицы — конкретно зависит от DOM в Task 2 recon
-  const rows = await page.locator('<селектор таблицы из recon>').evaluateAll(nodes => nodes.map(n => ({
-    id: parseInt(n.dataset.id ?? '0', 10),
-    name: n.querySelector('<селектор name-колонки>')?.textContent?.trim(),
-  })));
-  return {projects: rows};
-}
-```
-
-- [ ] **Step 3.7: Run manage-project.test.js — verify pass**
-
-Run:
-
-```bash
-cd app/playwright && node --test manage-project.test.js
-```
-
-Expected: PASS — фикстура с Element UI разметкой + мок-fetch отдают `{external_id: "99001"}`.
-
-- [ ] **Step 3.8: Verify FormProjectChannel integration test still passes**
-
-Run:
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Supplier/SupplierPortalClientRtProjectTest.php tests/Feature/Integration/SupplierProjectsAccessTest.php tests/Feature/Integration/SupplierLeadFlowTest.php -v
-```
-
-Expected: все PASS — rewrite manage-project.js не должен ломать PHP-сторону (контракт ввода/вывода stdin/stdout не менялся, только внутренние селекторы).
-
-- [ ] **Step 3.9: Commit**
-
-```bash
-git add app/playwright/manage-project.js app/playwright/manage-project.test.js app/playwright/fixtures/rt-form-element-ui.html
-git commit -m "feat(supplier): rewrite manage-project.js for Element UI + intercept rt-project-save response for external_id"
-```
-
----
-
-## Task 4: Live-тест create+delete тестового rt-проекта через form-канал
-
-**Files:**
-
-- Run: tinker-скрипт `app/storage/_smoke_form_channel.php` (untracked, под cleanup)
-
-**Цель:** убедиться, что переписанный `manage-project.js` действительно работает против ЖИВОГО портала crm.bp-gr.ru (а не только против фикстуры Task 3). Cleanup в этом же task'е — создаём тестовый проект, ловим `external_id`, удаляем через **AJAX-канал** (Tier 1 уже работает на delete), фиксируем срез логов.
-
-- [ ] **Step 4.1: Pre-flight — supplier session валидна**
-
-```bash
-cd app && php artisan tinker --execute="dispatch_sync(new App\\Jobs\\Supplier\\RefreshSupplierSessionJob); echo Cache::store('redis')->has('supplier:session') ? 'OK' : 'FAIL';"
-```
-
-Expected: `OK`. Если FAIL — recon, что не так с refresh-session.js (но он уже валиден по `643e1a5`).
-
-- [ ] **Step 4.2: Создать tinker-скрипт `app/storage/_smoke_form_channel.php`**
-
-```php
-<?php
-use App\Services\Supplier\Channel\FormProjectChannel;
-use App\Services\Supplier\SupplierPortalClient;
-use App\Services\Supplier\Dto\SupplierProjectDto;
-
-$tag = 'LIDERRA_FORM_SMOKE_'.date('His');
-$dto = new SupplierProjectDto(
-    platform: 'B1',
-    signalType: 'site',
-    uniqueKey: "lidpotok-smoke-{$tag}.example",
-    limit: 1,
-    workdays: [1, 2, 3, 4, 5],
-    regions: [],
-    regionsReverse: false,
-    status: 'active',
-);
-
-echo "Создаю через Tier-2 (form)...\n";
-$externalId = app(FormProjectChannel::class)->createProject($dto);
-echo "  external_id={$externalId}\n";
-
-if (!$externalId) {
-    exit(1);
-}
-
-echo "Удаляю через Tier-1 AJAX (delete не реализован в form, удаляем напрямую)...\n";
-app(SupplierPortalClient::class)->deleteProject($externalId);
-echo "  deleted OK\n";
-```
-
-- [ ] **Step 4.3: Запустить smoke**
-
-```bash
-cd app && php artisan tinker storage/_smoke_form_channel.php 2>&1 | tee storage/logs/smoke-form-2026-05-19.log
-```
-
-Expected output:
-
-```
-Создаю через Tier-2 (form)...
-  external_id=<число>
-Удаляю через Tier-1 AJAX...
-  deleted OK
-```
-
-Если падает — собрать stderr из `app/storage/logs/laravel.log` + Playwright stderr из `app/storage/logs/playwright-*.log` (если PlaywrightBridge их пишет), classify error per quirk-таблице и зафиксировать.
-
-- [ ] **Step 4.4: Verify в портале, что тестовый проект удалён**
-
-Через Playwright MCP (один проверочный тик):
-
-```
-mcp__playwright__browser_navigate("https://crm.bp-gr.ru/admin/visit/rt")
-mcp__playwright__browser_evaluate({
-  function: () => {
-    const rows = Array.from(document.querySelectorAll('<селектор строк rt-таблицы>'));
-    return rows.filter(r => r.textContent.includes('lidpotok-smoke-')).length;
-  }
-})
-```
-
-Expected: `0` (проект удалён, в таблице его нет).
-
-- [ ] **Step 4.5: Зафиксировать smoke-результат**
-
-В файле `docs/discovery/2026-05-19-rt-project-form-locators.md` (created Task 2) дописать секцию:
-
-```markdown
-## Live-smoke 2026-05-19
-
-- `_smoke_form_channel.php` — Tier-2 create через manage-project.js → external_id=<N>, Tier-1 delete OK.
-- В админке портала после delete — проект не виден (verified browser_evaluate).
-```
-
-Commit (если recon-документ ещё не запушен — добавить и smoke; если запушен — отдельный commit):
-
-```bash
-git add docs/discovery/2026-05-19-rt-project-form-locators.md
-git commit -m "docs(discovery): live-smoke form-channel create+delete 2026-05-19"
-```
-
-NB: `app/storage/_smoke_form_channel.php` НЕ коммитим — он untracked в gitignore-зоне `app/storage/`. Удалить после Task 5.
-
----
-
-## Task 5: Полный 3-ярусный прогон FailoverProjectChannel
-
-**Files:**
-
-- Create (untracked, временный): `app/storage/_smoke_failover_3tier.php` — tinker-скрипт с DI-стабами для force-fail tier 1 и 2
-- Create: `app/tests/Feature/Supplier/FailoverProjectChannelLiveSmokeTest.php` — Pest-обёртка для tier-3 (manual queue + mailable), tier-1/tier-2 — только tinker (требует live портала)
-
-**Цель:** end-to-end доказательство, что 3-ярусная эскалация работает:
-
-- Ярус 1 live — реальный AJAX create через `AjaxProjectChannel` (с cleanup).
-- Force-fail ярус 1 → ярус 2 — реальный form-create через переписанный `manage-project.js` (cleanup).
-- Force-fail ярус 1+2 → ярус 3 — row в `supplier_manual_sync_queue` + queued `SupplierCriticalAlertMail` + `TierEscalatedException`.
-
-- [ ] **Step 5.1: Pest test — Tier-3 эскалация (полностью моки, no live)**
-
-Edit `app/tests/Feature/Supplier/FailoverProjectChannelLiveSmokeTest.php` (создать):
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Exceptions\Supplier\SupplierClientException;
-use App\Exceptions\Supplier\SupplierTransientException;
-use App\Mail\SupplierCriticalAlertMail;
-use App\Models\Project;
-use App\Models\SupplierManualSyncQueue;
-use App\Models\Tenant;
-use App\Services\Supplier\Channel\FailoverProjectChannel;
-use App\Services\Supplier\Channel\SupplierProjectChannel;
-use App\Services\Supplier\Channel\Exceptions\TierEscalatedException;
-use App\Services\Supplier\Dto\SupplierProjectDto;
-use Illuminate\Support\Facades\Mail;
-use Tests\TestCase;
-
-uses(TestCase::class, Illuminate\Foundation\Testing\RefreshDatabase::class);
-
-test('Tier-1 fail + Tier-2 fail → Tier-3 escalation creates manual queue row + queues alert mail', function (): void {
-    Mail::fake();
-    config(['services.supplier.alert_email' => 'ops@liderra.local']);
-
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->for($tenant)->create();
-
-    $tier1 = mock(SupplierProjectChannel::class);
-    $tier1->shouldReceive('listProjects')->andReturn([]);  // dedup-сверка пустая
-    $tier1->shouldReceive('createProject')->andThrow(new SupplierClientException('Tier-1 mock fail'));
-
-    $tier2 = mock(SupplierProjectChannel::class);
-    $tier2->shouldReceive('createProject')->andThrow(new RuntimeException('Tier-2 manage-project.js selector break'));
-
-    $channel = new FailoverProjectChannel($tier1, $tier2, app(Illuminate\Contracts\Mail\Mailer::class));
-
-    $dto = new SupplierProjectDto(
-        platform: 'B1', signalType: 'site', uniqueKey: 'failover-smoke.example',
-        limit: 1, workdays: [1,2,3,4,5], regions: [], regionsReverse: false, status: 'active',
-    );
-
-    expect(fn () => $channel->createProjectForLiderra($project, $dto))
-        ->toThrow(TierEscalatedException::class);
-
-    expect(SupplierManualSyncQueue::where('project_id', $project->id)->count())->toBe(1);
-
-    Mail::assertQueued(SupplierCriticalAlertMail::class, fn ($m) => $m->alertType === 'manual_required');
-});
-
-test('Tier-1 transient fail (portal unreachable) bypasses Tier-2 and goes straight to Tier-3', function (): void {
-    Mail::fake();
-    config(['services.supplier.alert_email' => 'ops@liderra.local']);
-
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->for($tenant)->create();
-
-    $tier1 = mock(SupplierProjectChannel::class);
-    $tier1->shouldReceive('listProjects')->andReturn([]);
-    $tier1->shouldReceive('createProject')->andThrow(new SupplierTransientException('Connection refused'));
-
-    $tier2 = mock(SupplierProjectChannel::class);
-    $tier2->shouldNotReceive('createProject');  // КЛЮЧЕВОЕ — transient НЕ должен попасть в tier-2
-
-    $channel = new FailoverProjectChannel($tier1, $tier2, app(Illuminate\Contracts\Mail\Mailer::class));
-
-    $dto = new SupplierProjectDto(
-        platform: 'B1', signalType: 'site', uniqueKey: 'transient-smoke.example',
-        limit: 1, workdays: [1,2,3,4,5], regions: [], regionsReverse: false, status: 'active',
-    );
-
-    expect(fn () => $channel->createProjectForLiderra($project, $dto))
-        ->toThrow(TierEscalatedException::class);
-
-    $row = SupplierManualSyncQueue::where('project_id', $project->id)->first();
-    expect($row->failure_reason)->toBe('portal_unreachable');
-});
-```
-
-- [ ] **Step 5.2: Run new Pest tests — verify pass**
-
-Run:
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Supplier/FailoverProjectChannelLiveSmokeTest.php -v
-```
-
-Expected: 2 PASS.
-
-Если есть failures — может быть, что `FailoverProjectChannel` ожидает другие интерфейсы или mock-моделей. Зафиксировать file:line, починить ожидания тестов.
-
-- [ ] **Step 5.3: Live tinker-скрипт `_smoke_failover_3tier.php` для tier-1 и tier-2**
-
-Create `app/storage/_smoke_failover_3tier.php`:
-
-```php
-<?php
-use App\Services\Supplier\Channel\AjaxProjectChannel;
-use App\Services\Supplier\Channel\FailoverProjectChannel;
-use App\Services\Supplier\Channel\FormProjectChannel;
-use App\Services\Supplier\Channel\SupplierProjectChannel;
-use App\Services\Supplier\Dto\SupplierProjectDto;
-use App\Services\Supplier\SupplierPortalClient;
-use App\Models\Project;
-use App\Models\Tenant;
-use App\Exceptions\Supplier\SupplierClientException;
-use Illuminate\Contracts\Mail\Mailer;
-
-// Setup: take существующий tenant + project (или создать минимальный)
-$tenant = Tenant::firstWhere('subdomain', 'demo') ?? Tenant::first();
-$project = Project::where('tenant_id', $tenant->id)->first();
-if (!$project) {
-    echo "Нет project для tenant {$tenant->id} — abort\n";
-    exit(1);
-}
-
-$mkDto = fn(string $key) => new SupplierProjectDto(
-    platform: 'B1', signalType: 'site', uniqueKey: $key,
-    limit: 1, workdays: [1,2,3,4,5], regions: [], regionsReverse: false, status: 'active',
-);
-
-$client = app(SupplierPortalClient::class);
-
-// --- Прогон 1: чистый Tier-1 (AJAX) ---
-echo "=== Прогон 1: Tier-1 live (AJAX) ===\n";
-$ajax = app(AjaxProjectChannel::class);
-$key1 = 'failover-tier1-'.date('His').'.example';
-$id1 = $ajax->createProject($mkDto($key1));
-echo "  Tier-1 OK, external_id={$id1}\n";
-$client->deleteProject($id1);
-echo "  cleanup OK\n\n";
-
-// --- Прогон 2: force-fail tier-1, tier-2 (form) реально ---
-echo "=== Прогон 2: force-fail tier-1 → tier-2 form live ===\n";
-$tier1Stub = new class($client) implements SupplierProjectChannel {
-    public function __construct(private SupplierPortalClient $client) {}
-    public function createProject(SupplierProjectDto $d): int {
-        throw new SupplierClientException('Forced tier-1 fail for smoke');
-    }
-    public function updateProject(int $id, SupplierProjectDto $d): void {
-        throw new SupplierClientException('Forced tier-1 fail for smoke');
-    }
-    public function listProjects(): array {
-        // дедуп-сверка должна работать как обычно — иначе FailoverProjectChannel
-        // упадёт в catch на самой первой проверке
-        return $this->client->listProjects();
-    }
-};
-$tier2 = app(FormProjectChannel::class);
-$failover2 = new FailoverProjectChannel($tier1Stub, $tier2, app(Mailer::class));
-$key2 = 'failover-tier2-'.date('His').'.example';
-$id2 = $failover2->createProjectForLiderra($project, $mkDto($key2));
-echo "  Tier-2 OK, external_id={$id2}\n";
-$client->deleteProject($id2);
-echo "  cleanup OK\n\n";
-
-// --- Прогон 3: force-fail tier-1 + tier-2 → tier-3 manual queue ---
-echo "=== Прогон 3: force-fail tier-1+2 → tier-3 manual queue ===\n";
-$tier2Stub = new class implements SupplierProjectChannel {
-    public function createProject(SupplierProjectDto $d): int {
-        throw new RuntimeException('Forced tier-2 fail for smoke');
-    }
-    public function updateProject(int $id, SupplierProjectDto $d): void {
-        throw new RuntimeException('Forced tier-2 fail for smoke');
-    }
-    public function listProjects(): array { return []; }
-};
-$failover3 = new FailoverProjectChannel($tier1Stub, $tier2Stub, app(Mailer::class));
-$key3 = 'failover-tier3-'.date('His').'.example';
-try {
-    $failover3->createProjectForLiderra($project, $mkDto($key3));
-    echo "  ОШИБКА: ожидался TierEscalatedException, не выброшен\n";
-    exit(1);
-} catch (\App\Services\Supplier\Channel\Exceptions\TierEscalatedException $e) {
-    echo "  Tier-3 OK, manual_queue_id={$e->queueId}, reason={$e->reason}\n";
-    // verify row в БД
-    $row = \App\Models\SupplierManualSyncQueue::find($e->queueId);
-    echo "  row.platform={$row->platform}, payload.unique_key={$row->payload_snapshot['unique_key']}\n";
-    // cleanup row (наш мусор)
-    $row->delete();
-    echo "  cleanup queue row OK\n";
-}
-
-echo "\n=== Все 3 яруса прошли ===\n";
-```
-
-NB: реальное имя property `queueId` / `reason` в `TierEscalatedException` — проверить в файле; если в коде они называются иначе — поправить шаблон.
-
-- [ ] **Step 5.4: Запустить live tinker (с queue worker + cloudflared up)**
-
-Pre-flight:
-
-```bash
-# Tunnel поднят, supplier API на портале указывает на текущий URL — verified в ЭТАЛОН.md §3
-# session валидна (verified в Step 4.1)
-```
-
-Run:
-
-```bash
-cd app && php artisan tinker storage/_smoke_failover_3tier.php 2>&1 | tee storage/logs/smoke-failover-2026-05-19.log
-```
-
-Expected output:
-
-```
-=== Прогон 1: Tier-1 live (AJAX) ===
-  Tier-1 OK, external_id=<N>
-  cleanup OK
-
-=== Прогон 2: force-fail tier-1 → tier-2 form live ===
-  Tier-2 OK, external_id=<N>
-  cleanup OK
-
-=== Прогон 3: force-fail tier-1+2 → tier-3 manual queue ===
-  Tier-3 OK, manual_queue_id=<N>, reason=form_save_error (или похожее)
-  row.platform=B1, payload.unique_key=failover-tier3-<HHMMSS>.example
-  cleanup queue row OK
-
-=== Все 3 яруса прошли ===
-```
-
-- [ ] **Step 5.5: Run full Supplier test suite — verify no regression**
-
-Run:
-
-```bash
-cd app && ./vendor/bin/pest --group=supplier --parallel
-# или если group'ы не используются:
-cd app && ./vendor/bin/pest tests/Feature/Supplier tests/Unit/Supplier tests/Feature/Integration --parallel
-```
-
-Expected: все PASS, 0 failed.
-
-Раскрыть конкретные числа в output: `Tests:  X passed, Y skipped`. Все failures — выписать file:line.
-
-- [ ] **Step 5.6: Cleanup временных скриптов**
-
-```bash
-rm app/storage/_smoke_form_channel.php app/storage/_smoke_failover_3tier.php
-# логи оставить — артефакты доказательства
-```
-
-- [ ] **Step 5.7: Commit Pest-тестов**
-
-```bash
-git add app/tests/Feature/Supplier/FailoverProjectChannelLiveSmokeTest.php
-git commit -m "test(supplier): cover FailoverProjectChannel tier-3 escalation + transient bypass"
-```
-
-- [ ] **Step 5.8: Финальная отметка в snapshot документе**
-
-Edit `docs/discovery/2026-05-19-rt-project-form-locators.md` — добавить:
-
-```markdown
-## 3-tier failover smoke 2026-05-19
-
-| Прогон | Результат | external_id / queue_id |
-|---|---|---|
-| Tier-1 live | OK | <N> (удалён) |
-| Tier-2 live (force-fail tier-1) | OK | <N> (удалён) |
-| Tier-3 manual queue (force-fail 1+2) | TierEscalatedException + queue row + alert mail | queue#<N> (удалён) |
-
-Лог: `app/storage/logs/smoke-failover-2026-05-19.log`.
-```
-
-Commit:
-
-```bash
-git add docs/discovery/2026-05-19-rt-project-form-locators.md
-git commit -m "docs(discovery): 3-tier failover live-smoke 2026-05-19 — all tiers green"
-```
-
----
-
-## Самопроверка плана
-
-**1. Spec coverage:** 5 задач из спецификации пользователя:
-
-- ✅ Task 1: HTTP-200 login detection + Pest
-- ✅ Task 2: 13 fields recon
-- ✅ Task 3: Rewrite manage-project.js + intercept rt-project-save
-- ✅ Task 4: Live create+delete form-канал
-- ✅ Task 5: Полный 3-tier прогон с DI-стабами
-
-**2. Placeholder scan:** Метки `<реальный селектор>`, `<селектор строк rt-таблицы>` в Task 2/3/5 — это **выходы Task 2 recon**, не plan-placeholders. План явно объявляет Task 2 как «вход для Task 3» в Architecture-секции. Code-блоки в Task 3 — шаблоны, адаптируемые под факт recon. NB на это сделано прямо в Step 3.4.
-
-**3. Type consistency:**
-
-- `SupplierProjectDto` — те же поля во всех тасках: platform/signalType/uniqueKey/limit/workdays/regions/regionsReverse/status.
-- `external_id` — string в JS-output `manage-project.js`, int в PHP DTO/DB.
-- `TierEscalatedException` — public properties `queueId` и `reason` (см. file `app/app/Services/Supplier/Channel/Exceptions/TierEscalatedException.php` — Task 5.3 NB просит проверить именно эти имена перед запуском).
-
-**4. Risk callouts:**
-
-- Task 2 невозможен без живой supplier-сессии; если refresh-session.js где-то не запустит логин — Task 2 заблокирован и весь план встанет. Mitigation: Step 4.1 pre-flight; если fail — fallback к ручному логину через Playwright MCP.
-- Task 3 фикстура — упрощённая копия Element UI DOM; live-портал может иметь дополнительные элементы (тосты, оверлеи), которые блокируют клики. Mitigation: Task 4 Live-smoke ловит это до Task 5.
-- Tier-2 cleanup в Task 4/5 — через Tier-1 AJAX delete; если AJAX delete на этих специфичных проектах падает — нужен ручной cleanup через UI. Mitigation: Step 5.4 NB про cleanup.
-- 3-tier smoke (Step 5.4) трогает live портал — оставляет временные `LIDERRA_*` теги. Mitigation: cleanup на каждом шаге; если падает — следующий шаг видит остаток в `listProjects` и не дублирует.
-
----
-
-## Execution Handoff
-
-**Plan complete and saved to `docs/superpowers/plans/2026-05-19-supplier-migration-followup.md`.**
-
-Два опции:
-
-**1. Subagent-Driven** — фрэш субагент на каждую Task, two-stage review между задачами. Подходит для Tasks 1, 3, 5 (mechanical TDD). Task 2, 4 — нужен Playwright MCP в текущей сессии, на субагента не делегируются.
-
-**2. Inline Execution** — выполнять Tasks подряд с checkpoints. Подходит для всех 5 (Tasks 2/4 требуют MCP, который доступен только в текущей сессии).
-
-**Рекомендация:** Inline для Task 2 (Playwright MCP recon) + Task 4 (Playwright MCP verify), subagent для Task 1/3/5 (чистый TDD).
diff --git a/docs/superpowers/plans/2026-05-19-supplier-project-channel-failover.md b/docs/superpowers/plans/2026-05-19-supplier-project-channel-failover.md
deleted file mode 100644
index ec63c12..0000000
--- a/docs/superpowers/plans/2026-05-19-supplier-project-channel-failover.md
+++ /dev/null
@@ -1,2746 +0,0 @@
-# Supplier Project Channel Failover — Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Резервировать единственный канал миграции проектов Лидерра → поставщик crm.bp-gr.ru тремя ярусами (AJAX → авто-браузер формы «Мои проекты» → operator worklist) — на случай слома контракта `rt-project-*` AJAX, поломки эмуляции сессии или сбоев портала.
-
-**Architecture:** `SupplierProjectChannel` interface с тремя имплементациями: `AjaxProjectChannel` (тонкий wrapper над существующим `SupplierPortalClient`), `FormProjectChannel` (Playwright водит UI «Мои проекты»), и оркестратор-декоратор `FailoverProjectChannel`, который пробует ярус 1 → классифицирует исход → ярус 2 / прыжок на ярус 3 (запись в новую SaaS-таблицу `supplier_manual_sync_queue` + алёрт). Оба job'а (`SyncSupplierProjectJob` singular, `SyncSupplierProjectsJob` plural) инжектят `FailoverProjectChannel` вместо `SupplierPortalClient`. Крон ночного sync переезжает 20:30 → 18:00 МСК (запас на эскалацию в рабочее время).
-
-**Tech Stack:** PHP 8.3 + Laravel 13 + Pest 4 + Playwright (Node) + Vue 3 + Vuetify 3 + PostgreSQL 16 + Redis (Memurai). Дизайн в [`docs/superpowers/specs/2026-05-19-supplier-project-channel-failover-design.md`](../specs/2026-05-19-supplier-project-channel-failover-design.md).
-
----
-
-## File Structure
-
-**Create:**
-
-- `app/app/Services/Supplier/Channel/SupplierProjectChannel.php` — interface (3 метода).
-- `app/app/Services/Supplier/Channel/AjaxProjectChannel.php` — Ярус 1 adapter, делегирует `SupplierPortalClient`.
-- `app/app/Services/Supplier/Channel/FormProjectChannel.php` — Ярус 2 PHP wrapper, дёргает `PlaywrightBridge` + Node-скрипт.
-- `app/app/Services/Supplier/Channel/FailoverProjectChannel.php` — декоратор-оркестратор; локальный + портальный dedup, классификация исключений, эскалация.
-- `app/app/Services/Supplier/Channel/Exceptions/WindowDeferredException.php` — защитная ветка временного окна.
-- `app/app/Services/Supplier/Channel/Exceptions/TierEscalatedException.php` — маркер эскалации на ярус 3.
-- `app/app/Models/SupplierManualSyncQueue.php` — Eloquent model для очереди яруса 3.
-- `app/database/migrations/2026_05_19_120000_create_supplier_manual_sync_queue.php` — миграция, raw SQL pattern (как `2026_05_18_140000_supplier_leads_vid_nullable.php`).
-- `app/playwright/manage-project.js` — Node-скрипт водит форму «Мои проекты»; stdin/stdout JSON по образцу `refresh-session.js`.
-- `app/tests/Feature/Supplier/Channel/AjaxProjectChannelTest.php` — Http::fake тесты адаптера.
-- `app/tests/Feature/Supplier/Channel/FailoverProjectChannelTest.php` — матрица эскалации (приоритет №1).
-- `app/tests/Feature/Supplier/Channel/FormProjectChannelTest.php` — bridge mock тесты.
-- `app/tests/Feature/Database/SupplierManualSyncQueueSchemaTest.php` — db smoke миграции.
-- `app/tests/Feature/Admin/SupplierManualQueueTest.php` — endpoints контроллера.
-- `app/tests/Feature/Schedule/SupplierScheduleTest.php` — проверка времени крона.
-- `app/tests/fixtures/supplier-portal/rt-add-project-form.html` — HTML-фикстура формы для Node-теста (из снапшота разведки `rt-add-project-form.yml`).
-- `app/playwright/manage-project.test.js` — Node-фикстурный тест.
-
-**Modify:**
-
-- `app/app/Services/Supplier/SupplierPortalClient.php` — после Task 1 (live discovery): возможны fixup'ы `rt-project-*` контракта; `ensureSupplierProject` оставляем здесь как утилиту.
-- `app/app/Jobs/SyncSupplierProjectJob.php` (singular) — инжектим `SupplierProjectChannel`, заменяем прямой вызов `$client->ensureSupplierProject(...)` на channel.
-- `app/app/Jobs/Supplier/SyncSupplierProjectsJob.php` (plural) — инжектим `SupplierProjectChannel` вместо `SupplierPortalClient`.
-- `app/app/Providers/AppServiceProvider.php` — bind `SupplierProjectChannel::class` → `FailoverProjectChannel` через DI.
-- `app/routes/console.php` — 20:30 → 18:00 для `SyncSupplierProjectsJob`; 20:15 → 17:45 для daily `RefreshSupplierSessionJob`.
-- `app/app/Http/Controllers/Api/AdminSupplierIntegrationController.php` — +`manualQueueIndex()`, +`manualQueueResolve($id)`.
-- `app/routes/api.php` — +2 роута.
-- `app/resources/js/views/admin/AdminSupplierIntegrationView.vue` — +секция «Ручная очередь».
-- Существующие тесты `SyncSupplierProjectsJobTest`, `SyncSupplierProjectJobTest` — обновить под mock channel'а.
-- `db/schema.sql` — добавить определение `supplier_manual_sync_queue`.
-- `db/CHANGELOG_schema.md` — запись новой версии.
-
-**Out of scope (см. spec §10):** `rt-project-delete` через ярусы, pull-листинг как фоновый sync, замена AJAX на browser primary.
-
----
-
-## Pre-flight (для исполнителя)
-
-- [ ] **Step 0.1: Изолированный worktree.**
-
-Если работаешь субагент-driven — `superpowers:using-git-worktrees` создаёт worktree автоматически. Если inline — рекомендуется:
-
-```bash
-cd "C:/моя/проекты/портал crm/Документация"
-git worktree add ../worktree-supplier-project-failover -b feat/supplier-project-failover
-cd ../worktree-supplier-project-failover
-```
-
-- [ ] **Step 0.2: Baseline Pest зелёный.**
-
-```bash
-cd app && composer test -- --parallel
-```
-
-Ожидаемо: ≥ 937/934 passed/0 failed (число от 19.05.2026 commit `59d3dd0`). Если RED — НЕ начинать.
-
----
-
-## Task 1: Live discovery and Tier 1 contract verification
-
-**Цель:** проверить и зафиксировать реальные `rt-project-*` endpoints на боевом портале (spec §1: «placeholder, не верифицирован»). Spec журнал решений запись 9.
-
-**Files:**
-
-- Modify: `app/app/Services/Supplier/SupplierPortalClient.php:24-28,103-121,346-358` (docblock + методы).
-- Create: `app/tests/Feature/Supplier/SupplierPortalClientRtProjectTest.php` — Http::fake тесты адаптированы под реальный контракт.
-
-- [ ] **Step 1.1: Live recon — открыть Playwright MCP и записать сеть на портале.**
-
-Через `mcp__playwright__browser_navigate` → `https://crm.bp-gr.ru/admin/visit/rt` → клик «Добавить проект» → заполнить минимальный тестовый проект (Тег: `_lidpotok_test`, Название: `LIDPOTOK_TEST_DELETE_ME`, B1+B2+B3, Источники сбора: Сайты, домен `lidpotok-test.local`, Лимит: 1, дни Пн–Вс) → нажать «Сохранить» → дождаться появления в таблице.
-
-Параллельно держать `mcp__playwright__browser_network_requests` фильтр `/admin/rt-` и записать:
-
-- URL (точный путь),
-- HTTP-метод,
-- `Content-Type` (form-urlencoded vs JSON),
-- Полный payload (имена полей, формат `workdays`/`regions`),
-- Тело ответа (где `id` — корень JSON или вложенный).
-
-- [ ] **Step 1.2: Cleanup тестового проекта на портале.**
-
-Найти `LIDPOTOK_TEST_DELETE_ME` в таблице → клик «Удалить» → подтвердить → убедиться, что строка ушла. Записать payload удаления (для будущей пометки `rt-project-delete`).
-
-- [ ] **Step 1.3: Зафиксировать наблюдения в комментариях `SupplierPortalClient.php`.**
-
-Заменить placeholder-докблок [SupplierPortalClient.php:24-28](../../../app/app/Services/Supplier/SupplierPortalClient.php#L24-L28):
-
-```php
-/**
- * HTTP-обёртка над rt-* AJAX endpoints supplier-портала crm.bp-gr.ru.
- *
- * Spec: docs/superpowers/specs/2026-05-10-supplier-integration-design.md §4.4
- *
- * Endpoints (verified live 2026-05-XX через Playwright MCP recon, Task 1):
- * - GET  /admin/<ACTUAL_PATH_FROM_RECON> — список проектов
- * - POST /admin/<ACTUAL_PATH_FROM_RECON> — создание (payload: <ACTUAL_FIELDS>)
- * - POST /admin/<ACTUAL_PATH_FROM_RECON> — обновление
- * - POST /admin/<ACTUAL_PATH_FROM_RECON> — удаление
- *
- * Авторизация: PHPSESSID cookie + X-CSRF-Token header (Redis cache 'supplier:session').
- * На 401/403 — single retry через dispatch_sync(RefreshSupplierSessionJob).
- */
-```
-
-Заменить `<ACTUAL_PATH_FROM_RECON>` и `<ACTUAL_FIELDS>` на реальные значения из Step 1.1.
-
-- [ ] **Step 1.4: Обновить `saveProject()`/`updateProject()`/`listProjects()`/`toPayload()` если контракт расходится.**
-
-Если recon показал, что endpoints/payload-shape ОТЛИЧАЕТСЯ от placeholder:
-
-- В `request()` вызовах ([SupplierPortalClient.php:105](../../../app/app/Services/Supplier/SupplierPortalClient.php#L105), [.php:112](../../../app/app/Services/Supplier/SupplierPortalClient.php#L112), [.php:120](../../../app/app/Services/Supplier/SupplierPortalClient.php#L120), [.php:98](../../../app/app/Services/Supplier/SupplierPortalClient.php#L98)) заменить пути на реальные.
-- В `toPayload()` ([.php:346-358](../../../app/app/Services/Supplier/SupplierPortalClient.php#L346-L358)) заменить ключи/формат полей на реальные.
-- Если ответ JSON структурно отличается (`id` не в корне) — поправить путь извлечения в `saveProject()` ([.php:107](../../../app/app/Services/Supplier/SupplierPortalClient.php#L107)).
-- Если запрос JSON, а не form-urlencoded — добавить `asJson` параметр (паттерн уже есть для `save-report`, [.php:237-262](../../../app/app/Services/Supplier/SupplierPortalClient.php#L237-L262)).
-
-Если контракт ИДЕНТИЧЕН placeholder — никаких правок кода, только убрать «placeholder» из докблока.
-
-- [ ] **Step 1.5: Test — adapter contract verified.**
-
-Создать `app/tests/Feature/Supplier/SupplierPortalClientRtProjectTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Services\Supplier\Dto\SupplierProjectDto;
-use App\Services\Supplier\SupplierPortalClient;
-use Illuminate\Http\Client\Request;
-use Illuminate\Support\Facades\Cache;
-use Illuminate\Support\Facades\Http;
-
-beforeEach(function (): void {
-    Cache::store('redis')->put('supplier:session', [
-        'phpsessid' => 'test', 'csrf' => 'test',
-    ], now()->addHour());
-    config(['services.supplier.portal_url' => 'https://crm.bp-gr.ru']);
-});
-
-it('saveProject hits the real-portal endpoint and returns id from response', function (): void {
-    // Заменить <ACTUAL_PATH> и форму ответа на верифицированные в Task 1 Step 1.1.
-    Http::fake([
-        'crm.bp-gr.ru/admin/<ACTUAL_PATH>' => Http::response(['id' => 700123], 200),
-    ]);
-
-    $dto = new SupplierProjectDto(
-        platform: 'B1',
-        signalType: 'site',
-        uniqueKey: 'example.com',
-        limit: 10,
-        workdays: [1, 2, 3, 4, 5, 6, 7],
-        regions: [],
-        regionsReverse: false,
-        status: 'active',
-    );
-
-    $externalId = app(SupplierPortalClient::class)->saveProject($dto);
-
-    expect($externalId)->toBe(700123);
-    Http::assertSent(fn (Request $r) => $r->url() === 'https://crm.bp-gr.ru/admin/<ACTUAL_PATH>');
-});
-
-it('updateProject sends id + payload to real-portal endpoint', function (): void {
-    Http::fake([
-        'crm.bp-gr.ru/admin/<ACTUAL_PATH>' => Http::response('', 200),
-    ]);
-
-    $dto = new SupplierProjectDto(
-        platform: 'B1', signalType: 'site', uniqueKey: 'example.com',
-        limit: 20, workdays: [1, 5], regions: [77], regionsReverse: false, status: 'active',
-    );
-    app(SupplierPortalClient::class)->updateProject(700123, $dto);
-
-    Http::assertSent(fn (Request $r) => $r['id'] === 700123);
-});
-
-it('listProjects returns array from real-portal endpoint', function (): void {
-    Http::fake([
-        'crm.bp-gr.ru/admin/<ACTUAL_PATH>' => Http::response([
-            ['id' => 700123, 'platform' => 'B1', 'unique_key' => 'example.com'],
-        ], 200),
-    ]);
-
-    $list = app(SupplierPortalClient::class)->listProjects();
-
-    expect($list)->toHaveCount(1);
-    expect($list[0]['id'])->toBe(700123);
-});
-```
-
-- [ ] **Step 1.6: Run tests.**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Supplier/SupplierPortalClientRtProjectTest.php
-```
-
-Expected: PASS (3 tests).
-
-- [ ] **Step 1.7: Commit.**
-
-```bash
-cd "C:/моя/проекты/портал crm/Документация"
-git add app/app/Services/Supplier/SupplierPortalClient.php \
-        app/tests/Feature/Supplier/SupplierPortalClientRtProjectTest.php
-git commit --only \
-  app/app/Services/Supplier/SupplierPortalClient.php \
-  app/tests/Feature/Supplier/SupplierPortalClientRtProjectTest.php \
-  -m "feat(supplier): verify rt-project-* contract live on crm.bp-gr.ru
-
-Discovery через Playwright MCP recon:
-- POST /admin/<ACTUAL> — saveProject, payload-shape подтверждён
-- POST /admin/<ACTUAL> — updateProject
-- GET  /admin/<ACTUAL> — listProjects
-- Тестовый проект LIDPOTOK_TEST_DELETE_ME создан и удалён вручную.
-
-Закрывает spec §1 honest-caveat «placeholder, не верифицирован»
-и журнал решений запись 9.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
----
-
-## Task 2: `SupplierProjectChannel` interface + `AjaxProjectChannel` adapter
-
-**Files:**
-
-- Create: `app/app/Services/Supplier/Channel/SupplierProjectChannel.php`
-- Create: `app/app/Services/Supplier/Channel/AjaxProjectChannel.php`
-- Create: `app/tests/Feature/Supplier/Channel/AjaxProjectChannelTest.php`
-
-- [ ] **Step 2.1: Write failing test.**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Services\Supplier\Channel\AjaxProjectChannel;
-use App\Services\Supplier\Channel\SupplierProjectChannel;
-use App\Services\Supplier\Dto\SupplierProjectDto;
-use Illuminate\Support\Facades\Cache;
-use Illuminate\Support\Facades\Http;
-
-beforeEach(function (): void {
-    Cache::store('redis')->put('supplier:session', [
-        'phpsessid' => 'test', 'csrf' => 'test',
-    ], now()->addHour());
-    config(['services.supplier.portal_url' => 'https://crm.bp-gr.ru']);
-});
-
-it('AjaxProjectChannel implements SupplierProjectChannel', function (): void {
-    expect(app(AjaxProjectChannel::class))->toBeInstanceOf(SupplierProjectChannel::class);
-});
-
-it('createProject delegates to SupplierPortalClient::saveProject and returns external id', function (): void {
-    Http::fake([
-        'crm.bp-gr.ru/admin/<ACTUAL_PATH>' => Http::response(['id' => 700777], 200),
-    ]);
-
-    $dto = new SupplierProjectDto(
-        platform: 'B1', signalType: 'site', uniqueKey: 'foo.com',
-        limit: 5, workdays: [1, 2, 3], regions: [], regionsReverse: false, status: 'active',
-    );
-
-    $id = app(AjaxProjectChannel::class)->createProject($dto);
-
-    expect($id)->toBe(700777);
-});
-
-it('updateProject delegates to SupplierPortalClient::updateProject', function (): void {
-    Http::fake(['crm.bp-gr.ru/admin/<ACTUAL_PATH>' => Http::response('', 200)]);
-    $dto = new SupplierProjectDto(
-        platform: 'B1', signalType: 'site', uniqueKey: 'foo.com',
-        limit: 10, workdays: [1], regions: [], regionsReverse: false, status: 'active',
-    );
-
-    app(AjaxProjectChannel::class)->updateProject(700777, $dto);
-
-    Http::assertSent(fn ($r) => $r['id'] === 700777);
-});
-
-it('listProjects delegates to SupplierPortalClient::listProjects', function (): void {
-    Http::fake([
-        'crm.bp-gr.ru/admin/<ACTUAL_PATH>' => Http::response([['id' => 1]], 200),
-    ]);
-
-    $list = app(AjaxProjectChannel::class)->listProjects();
-
-    expect($list)->toHaveCount(1);
-});
-```
-
-- [ ] **Step 2.2: Run test — FAIL.**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Supplier/Channel/AjaxProjectChannelTest.php
-```
-
-Expected: FAIL with `Class "App\Services\Supplier\Channel\AjaxProjectChannel" not found`.
-
-- [ ] **Step 2.3: Create interface.**
-
-`app/app/Services/Supplier/Channel/SupplierProjectChannel.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Supplier\Channel;
-
-use App\Services\Supplier\Dto\SupplierProjectDto;
-
-/**
- * Контракт миграции проекта Лидерра → поставщик crm.bp-gr.ru.
- *
- * Spec: docs/superpowers/specs/2026-05-19-supplier-project-channel-failover-design.md §4.1
- *
- * Реализации (ярусы резерва):
- *   - AjaxProjectChannel — rt-project-* HTTP (primary, быстрый).
- *   - FormProjectChannel — Playwright водит форму «Мои проекты» (fallback).
- *   - FailoverProjectChannel — декоратор-оркестратор (ярус 1 → ярус 2 → ярус 3 queue).
- */
-interface SupplierProjectChannel
-{
-    /**
-     * Создаёт проект на портале, возвращает supplier external_id.
-     */
-    public function createProject(SupplierProjectDto $dto): int;
-
-    /**
-     * Обновляет существующий проект (квота/дни/регионы).
-     */
-    public function updateProject(int $externalId, SupplierProjectDto $dto): void;
-
-    /**
-     * Список проектов с портала — для дедуп-сверки и закрытия яруса 3.
-     *
-     * @return array<int, array<string, mixed>>
-     */
-    public function listProjects(): array;
-}
-```
-
-- [ ] **Step 2.4: Create adapter.**
-
-`app/app/Services/Supplier/Channel/AjaxProjectChannel.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Supplier\Channel;
-
-use App\Services\Supplier\Dto\SupplierProjectDto;
-use App\Services\Supplier\SupplierPortalClient;
-
-/**
- * Ярус 1: тонкий адаптер над SupplierPortalClient (rt-project-* AJAX).
- *
- * Spec: docs/superpowers/specs/2026-05-19-supplier-project-channel-failover-design.md §4.2
- */
-final class AjaxProjectChannel implements SupplierProjectChannel
-{
-    public function __construct(
-        private readonly SupplierPortalClient $client,
-    ) {}
-
-    public function createProject(SupplierProjectDto $dto): int
-    {
-        return $this->client->saveProject($dto);
-    }
-
-    public function updateProject(int $externalId, SupplierProjectDto $dto): void
-    {
-        $this->client->updateProject($externalId, $dto);
-    }
-
-    public function listProjects(): array
-    {
-        return $this->client->listProjects();
-    }
-}
-```
-
-- [ ] **Step 2.5: Run test — PASS.**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Supplier/Channel/AjaxProjectChannelTest.php
-```
-
-Expected: PASS (4 tests).
-
-- [ ] **Step 2.6: Run regression on supplier suite.**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Supplier --parallel
-```
-
-Expected: всё, что было до Task 2, всё ещё PASS.
-
-- [ ] **Step 2.7: Commit.**
-
-```bash
-cd "C:/моя/проекты/портал crm/Документация"
-git add app/app/Services/Supplier/Channel/SupplierProjectChannel.php \
-        app/app/Services/Supplier/Channel/AjaxProjectChannel.php \
-        app/tests/Feature/Supplier/Channel/AjaxProjectChannelTest.php
-git commit --only \
-  app/app/Services/Supplier/Channel/SupplierProjectChannel.php \
-  app/app/Services/Supplier/Channel/AjaxProjectChannel.php \
-  app/tests/Feature/Supplier/Channel/AjaxProjectChannelTest.php \
-  -m "feat(supplier): SupplierProjectChannel interface + AjaxProjectChannel (Tier 1)
-
-Тонкий адаптер над SupplierPortalClient. Существующий клиент не меняется —
-он остаётся HTTP-плумбингом, адаптер реализует интерфейс контракта.
-
-Spec §4.1, §4.2.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
----
-
-## Task 3: `supplier_manual_sync_queue` table
-
-**Files:**
-
-- Create: `app/database/migrations/2026_05_19_120000_create_supplier_manual_sync_queue.php`
-- Create: `app/app/Models/SupplierManualSyncQueue.php`
-- Create: `app/tests/Feature/Database/SupplierManualSyncQueueSchemaTest.php`
-- Modify: `db/schema.sql` (добавить CREATE TABLE + индексы + CHECK).
-- Modify: `db/CHANGELOG_schema.md` (запись следующей версии).
-
-- [ ] **Step 3.1: Write failing test (db smoke).**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Project;
-use App\Models\SupplierManualSyncQueue;
-use App\Models\Tenant;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\DB;
-
-uses(DatabaseTransactions::class);
-
-it('table supplier_manual_sync_queue exists with required columns', function (): void {
-    $cols = collect(DB::select(
-        "SELECT column_name FROM information_schema.columns WHERE table_name = 'supplier_manual_sync_queue'"
-    ))->pluck('column_name')->all();
-
-    expect($cols)->toContain(
-        'id', 'project_id', 'platform', 'operation', 'external_id',
-        'payload_snapshot', 'failure_reason', 'status',
-        'resolved_by_user_id', 'created_at', 'resolved_at',
-    );
-});
-
-it('platform CHECK constraint rejects non-B1/B2/B3', function (): void {
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->for($tenant)->create();
-
-    expect(fn () => DB::table('supplier_manual_sync_queue')->insert([
-        'project_id' => $project->id,
-        'platform' => 'B9',
-        'operation' => 'create',
-        'payload_snapshot' => json_encode([]),
-        'failure_reason' => 'portal_unreachable',
-        'status' => 'pending',
-        'created_at' => now(),
-    ]))->toThrow(\Illuminate\Database\QueryException::class);
-});
-
-it('operation CHECK constraint rejects non-create/update', function (): void {
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->for($tenant)->create();
-
-    expect(fn () => DB::table('supplier_manual_sync_queue')->insert([
-        'project_id' => $project->id,
-        'platform' => 'B1',
-        'operation' => 'delete',
-        'payload_snapshot' => json_encode([]),
-        'failure_reason' => 'portal_unreachable',
-        'status' => 'pending',
-        'created_at' => now(),
-    ]))->toThrow(\Illuminate\Database\QueryException::class);
-});
-
-it('status CHECK constraint rejects non-pending/resolved/cancelled', function (): void {
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->for($tenant)->create();
-
-    expect(fn () => DB::table('supplier_manual_sync_queue')->insert([
-        'project_id' => $project->id,
-        'platform' => 'B1',
-        'operation' => 'create',
-        'payload_snapshot' => json_encode([]),
-        'failure_reason' => 'portal_unreachable',
-        'status' => 'archived',
-        'created_at' => now(),
-    ]))->toThrow(\Illuminate\Database\QueryException::class);
-});
-
-it('FK on project_id enforces referential integrity', function (): void {
-    expect(fn () => DB::table('supplier_manual_sync_queue')->insert([
-        'project_id' => 999_999_999,
-        'platform' => 'B1',
-        'operation' => 'create',
-        'payload_snapshot' => json_encode([]),
-        'failure_reason' => 'portal_unreachable',
-        'status' => 'pending',
-        'created_at' => now(),
-    ]))->toThrow(\Illuminate\Database\QueryException::class);
-});
-
-it('Eloquent model SupplierManualSyncQueue creates row and casts payload_snapshot to array', function (): void {
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->for($tenant)->create();
-
-    $row = SupplierManualSyncQueue::create([
-        'project_id' => $project->id,
-        'platform' => 'B1',
-        'operation' => 'create',
-        'payload_snapshot' => ['limit' => 10, 'workdays' => [1, 2, 3]],
-        'failure_reason' => 'contract_break',
-        'status' => 'pending',
-    ]);
-
-    expect($row->fresh()->payload_snapshot)->toBe(['limit' => 10, 'workdays' => [1, 2, 3]]);
-});
-```
-
-- [ ] **Step 3.2: Run test — FAIL.**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Database/SupplierManualSyncQueueSchemaTest.php
-```
-
-Expected: FAIL — таблица не существует.
-
-- [ ] **Step 3.3: Create migration.**
-
-`app/database/migrations/2026_05_19_120000_create_supplier_manual_sync_queue.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Database\Migrations\Migration;
-use Illuminate\Support\Facades\DB;
-
-/**
- * Создаёт SaaS-level очередь яруса 3 резерва канала миграции проектов.
- *
- * Spec: docs/superpowers/specs/2026-05-19-supplier-project-channel-failover-design.md §4.5
- *
- * Без tenant_id / RLS (как supplier_csv_reconcile_log) — доступ только SaaS-admin.
- */
-return new class extends Migration
-{
-    public function up(): void
-    {
-        // Guard: после migrate:fresh schema.sql даёт таблицу первой. Idempotent.
-        $exists = DB::selectOne(
-            "SELECT to_regclass('public.supplier_manual_sync_queue') AS r"
-        );
-        if ($exists !== null && $exists->r !== null) {
-            return;
-        }
-
-        DB::statement(<<<'SQL'
-            CREATE TABLE supplier_manual_sync_queue (
-                id BIGSERIAL PRIMARY KEY,
-                project_id BIGINT NOT NULL REFERENCES projects(id) ON DELETE CASCADE,
-                platform VARCHAR(8) NOT NULL,
-                operation VARCHAR(16) NOT NULL,
-                external_id VARCHAR(64),
-                payload_snapshot JSONB NOT NULL,
-                failure_reason VARCHAR(64) NOT NULL,
-                status VARCHAR(16) NOT NULL DEFAULT 'pending',
-                resolved_by_user_id BIGINT REFERENCES users(id) ON DELETE SET NULL,
-                created_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
-                resolved_at TIMESTAMPTZ,
-                CONSTRAINT chk_smsq_platform CHECK (platform IN ('B1', 'B2', 'B3')),
-                CONSTRAINT chk_smsq_operation CHECK (operation IN ('create', 'update')),
-                CONSTRAINT chk_smsq_status CHECK (status IN ('pending', 'resolved', 'cancelled'))
-            );
-
-            CREATE INDEX idx_smsq_status_created ON supplier_manual_sync_queue (status, created_at DESC);
-            CREATE INDEX idx_smsq_project ON supplier_manual_sync_queue (project_id);
-        SQL);
-    }
-
-    public function down(): void
-    {
-        DB::statement('DROP TABLE IF EXISTS supplier_manual_sync_queue');
-    }
-};
-```
-
-- [ ] **Step 3.4: Create Eloquent model.**
-
-`app/app/Models/SupplierManualSyncQueue.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Models;
-
-use Illuminate\Database\Eloquent\Factories\HasFactory;
-use Illuminate\Database\Eloquent\Model;
-use Illuminate\Database\Eloquent\Relations\BelongsTo;
-
-/**
- * Очередь яруса 3 резерва канала миграции проектов.
- *
- * Spec: docs/superpowers/specs/2026-05-19-supplier-project-channel-failover-design.md §4.5
- */
-class SupplierManualSyncQueue extends Model
-{
-    use HasFactory;
-
-    protected $table = 'supplier_manual_sync_queue';
-
-    public $timestamps = false;
-
-    protected $fillable = [
-        'project_id', 'platform', 'operation', 'external_id',
-        'payload_snapshot', 'failure_reason', 'status',
-        'resolved_by_user_id', 'created_at', 'resolved_at',
-    ];
-
-    protected $casts = [
-        'payload_snapshot' => 'array',
-        'created_at' => 'datetime',
-        'resolved_at' => 'datetime',
-    ];
-
-    public function project(): BelongsTo
-    {
-        return $this->belongsTo(Project::class);
-    }
-
-    public function resolver(): BelongsTo
-    {
-        return $this->belongsTo(User::class, 'resolved_by_user_id');
-    }
-}
-```
-
-- [ ] **Step 3.5: Update `db/schema.sql` — append CREATE TABLE.**
-
-Найти секцию `supplier_csv_reconcile_log` в `db/schema.sql` и добавить ниже идентичный по стилю блок для `supplier_manual_sync_queue` (см. SQL в Step 3.3). Header `db/schema.sql:4` bump до следующей версии (например v8.20).
-
-- [ ] **Step 3.6: Update `db/CHANGELOG_schema.md`.**
-
-Добавить запись наверх:
-
-```markdown
-## v8.20 от 2026-05-XX — supplier_manual_sync_queue
-
-**+1 таблица** SaaS-level (без tenant_id / RLS, как supplier_csv_reconcile_log):
-- `supplier_manual_sync_queue` — очередь яруса 3 резерва канала миграции проектов
-  (spec docs/superpowers/specs/2026-05-19-supplier-project-channel-failover-design.md §4.5).
-- **+3 CHECK:** chk_smsq_platform (B1/B2/B3), chk_smsq_operation (create/update),
-  chk_smsq_status (pending/resolved/cancelled).
-- **+2 индекса:** idx_smsq_status_created, idx_smsq_project.
-- **+2 FK:** project_id → projects ON DELETE CASCADE;
-  resolved_by_user_id → users ON DELETE SET NULL.
-```
-
-- [ ] **Step 3.7: Run migration + test.**
-
-```bash
-cd app && php artisan migrate
-./vendor/bin/pest tests/Feature/Database/SupplierManualSyncQueueSchemaTest.php
-```
-
-Expected: PASS (6 tests).
-
-- [ ] **Step 3.8: Verify migrate:fresh.**
-
-```bash
-cd app && php artisan migrate:fresh --env=testing 2>&1 | tail -20
-```
-
-Expected: миграция применяется без ошибок (idempotent guard срабатывает на schema.sql baseline).
-
-- [ ] **Step 3.9: Commit.**
-
-```bash
-cd "C:/моя/проекты/портал crm/Документация"
-git add app/database/migrations/2026_05_19_120000_create_supplier_manual_sync_queue.php \
-        app/app/Models/SupplierManualSyncQueue.php \
-        app/tests/Feature/Database/SupplierManualSyncQueueSchemaTest.php \
-        db/schema.sql db/CHANGELOG_schema.md
-git commit --only \
-  app/database/migrations/2026_05_19_120000_create_supplier_manual_sync_queue.php \
-  app/app/Models/SupplierManualSyncQueue.php \
-  app/tests/Feature/Database/SupplierManualSyncQueueSchemaTest.php \
-  db/schema.sql db/CHANGELOG_schema.md \
-  -m "feat(supplier): supplier_manual_sync_queue table (Tier 3 queue)
-
-SaaS-level (без tenant_id, без RLS, как supplier_csv_reconcile_log).
-+3 CHECK (platform/operation/status), +2 индекса, +2 FK.
-
-schema.sql bumped v8.19 → v8.20.
-
-Spec §4.5.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
----
-
-## Task 4: `FailoverProjectChannel` skeleton — Tier 1 + Tier 3 fallback
-
-Без яруса 2 — добавим в Task 7. Сейчас: при сбое яруса 1 (любого) → сразу очередь яруса 3 (либо ярус 2-плейсхолдер для контракт-сбоев).
-
-**Files:**
-
-- Create: `app/app/Services/Supplier/Channel/Exceptions/WindowDeferredException.php`
-- Create: `app/app/Services/Supplier/Channel/Exceptions/TierEscalatedException.php`
-- Create: `app/app/Services/Supplier/Channel/FailoverProjectChannel.php`
-- Create: `app/tests/Feature/Supplier/Channel/FailoverProjectChannelTest.php`
-
-- [ ] **Step 4.1: Write failing tests (escalation matrix).**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Exceptions\Supplier\SupplierAuthException;
-use App\Exceptions\Supplier\SupplierClientException;
-use App\Exceptions\Supplier\SupplierTransientException;
-use App\Mail\SupplierCriticalAlertMail;
-use App\Models\Project;
-use App\Models\SupplierManualSyncQueue;
-use App\Models\Tenant;
-use App\Services\Supplier\Channel\FailoverProjectChannel;
-use App\Services\Supplier\Channel\SupplierProjectChannel;
-use App\Services\Supplier\Dto\SupplierProjectDto;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\Mail;
-
-uses(DatabaseTransactions::class);
-
-function makeDto(): SupplierProjectDto
-{
-    return new SupplierProjectDto(
-        platform: 'B1', signalType: 'site', uniqueKey: 'foo.com',
-        limit: 10, workdays: [1, 2], regions: [], regionsReverse: false, status: 'active',
-    );
-}
-
-function makeFailover(SupplierProjectChannel $tier1, ?SupplierProjectChannel $tier2 = null): FailoverProjectChannel
-{
-    return new FailoverProjectChannel(
-        $tier1,
-        $tier2 ?? new class implements SupplierProjectChannel {
-            public function createProject(SupplierProjectDto $dto): int { throw new \RuntimeException('tier2 not configured'); }
-            public function updateProject(int $externalId, SupplierProjectDto $dto): void {}
-            public function listProjects(): array { return []; }
-        },
-        app(\Illuminate\Contracts\Mail\Mailer::class),
-    );
-}
-
-beforeEach(function (): void {
-    Mail::fake();
-});
-
-it('createProject — Tier 1 success: returns id, no queue, no alert', function (): void {
-    $tier1 = new class implements SupplierProjectChannel {
-        public function createProject(SupplierProjectDto $dto): int { return 700123; }
-        public function updateProject(int $externalId, SupplierProjectDto $dto): void {}
-        public function listProjects(): array { return []; }
-    };
-
-    $id = makeFailover($tier1)->createProject(makeDto());
-
-    expect($id)->toBe(700123);
-    expect(SupplierManualSyncQueue::count())->toBe(0);
-    Mail::assertNothingQueued();
-});
-
-it('createProject — Tier 1 transient-exhausted: skips Tier 2, jumps to Tier 3 with portal_unreachable', function (): void {
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->for($tenant)->create(['signal_type' => 'site', 'signal_identifier' => 'foo.com']);
-
-    $tier1 = new class implements SupplierProjectChannel {
-        public function createProject(SupplierProjectDto $dto): int {
-            throw new SupplierTransientException('5xx exhausted', httpStatus: 503);
-        }
-        public function updateProject(int $externalId, SupplierProjectDto $dto): void {}
-        public function listProjects(): array { return []; }
-    };
-    $tier2Called = false;
-    $tier2 = new class($tier2Called) implements SupplierProjectChannel {
-        public function __construct(public bool &$called) {}
-        public function createProject(SupplierProjectDto $dto): int { $this->called = true; return 0; }
-        public function updateProject(int $externalId, SupplierProjectDto $dto): void { $this->called = true; }
-        public function listProjects(): array { $this->called = true; return []; }
-    };
-
-    expect(fn () => makeFailover($tier1, $tier2)->createProjectForLiderra($project, makeDto()))
-        ->toThrow(\App\Services\Supplier\Channel\Exceptions\TierEscalatedException::class);
-
-    expect($tier2Called)->toBeFalse();
-    expect(SupplierManualSyncQueue::where('project_id', $project->id)->where('failure_reason', 'portal_unreachable')->count())->toBe(1);
-    Mail::assertQueued(SupplierCriticalAlertMail::class);
-});
-
-it('createProject — Tier 1 client-exc → Tier 2 success: no queue', function (): void {
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->for($tenant)->create();
-
-    $tier1 = new class implements SupplierProjectChannel {
-        public function createProject(SupplierProjectDto $dto): int {
-            throw new SupplierClientException('4xx contract break', httpStatus: 400);
-        }
-        public function updateProject(int $externalId, SupplierProjectDto $dto): void {}
-        public function listProjects(): array { return []; }
-    };
-    $tier2 = new class implements SupplierProjectChannel {
-        public function createProject(SupplierProjectDto $dto): int { return 800001; }
-        public function updateProject(int $externalId, SupplierProjectDto $dto): void {}
-        public function listProjects(): array { return []; }
-    };
-
-    $id = makeFailover($tier1, $tier2)->createProjectForLiderra($project, makeDto());
-
-    expect($id)->toBe(800001);
-    expect(SupplierManualSyncQueue::count())->toBe(0);
-    Mail::assertQueued(SupplierCriticalAlertMail::class); // failover_to_form alert
-});
-
-it('createProject — Tier 1 client-exc + Tier 2 fail: Tier 3 queue, manual_required alert', function (): void {
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->for($tenant)->create();
-
-    $tier1 = new class implements SupplierProjectChannel {
-        public function createProject(SupplierProjectDto $dto): int {
-            throw new SupplierClientException('4xx', httpStatus: 400);
-        }
-        public function updateProject(int $externalId, SupplierProjectDto $dto): void {}
-        public function listProjects(): array { return []; }
-    };
-    $tier2 = new class implements SupplierProjectChannel {
-        public function createProject(SupplierProjectDto $dto): int { throw new \RuntimeException('form_selector_break'); }
-        public function updateProject(int $externalId, SupplierProjectDto $dto): void {}
-        public function listProjects(): array { return []; }
-    };
-
-    expect(fn () => makeFailover($tier1, $tier2)->createProjectForLiderra($project, makeDto()))
-        ->toThrow(\App\Services\Supplier\Channel\Exceptions\TierEscalatedException::class);
-
-    expect(SupplierManualSyncQueue::where('project_id', $project->id)->where('status', 'pending')->count())->toBe(1);
-    Mail::assertQueued(SupplierCriticalAlertMail::class);
-});
-
-it('createProject — Tier 1 auth-exc → Tier 2 success', function (): void {
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->for($tenant)->create();
-
-    $tier1 = new class implements SupplierProjectChannel {
-        public function createProject(SupplierProjectDto $dto): int {
-            throw new SupplierAuthException('sticky 401', httpStatus: 401);
-        }
-        public function updateProject(int $externalId, SupplierProjectDto $dto): void {}
-        public function listProjects(): array { return []; }
-    };
-    $tier2 = new class implements SupplierProjectChannel {
-        public function createProject(SupplierProjectDto $dto): int { return 900042; }
-        public function updateProject(int $externalId, SupplierProjectDto $dto): void {}
-        public function listProjects(): array { return []; }
-    };
-
-    $id = makeFailover($tier1, $tier2)->createProjectForLiderra($project, makeDto());
-
-    expect($id)->toBe(900042);
-});
-
-it('createProject — WindowDeferred: no queue, no escalation, op rescheduled (re-throws WindowDeferred)', function (): void {
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->for($tenant)->create();
-
-    $tier1 = new class implements SupplierProjectChannel {
-        public function createProject(SupplierProjectDto $dto): int {
-            throw new \App\Services\Supplier\Channel\Exceptions\WindowDeferredException(
-                'portal returned 22:00-00:00 window-block'
-            );
-        }
-        public function updateProject(int $externalId, SupplierProjectDto $dto): void {}
-        public function listProjects(): array { return []; }
-    };
-
-    expect(fn () => makeFailover($tier1)->createProjectForLiderra($project, makeDto()))
-        ->toThrow(\App\Services\Supplier\Channel\Exceptions\WindowDeferredException::class);
-
-    expect(SupplierManualSyncQueue::count())->toBe(0);
-    Mail::assertNothingQueued();
-});
-```
-
-- [ ] **Step 4.2: Run test — FAIL.**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Supplier/Channel/FailoverProjectChannelTest.php
-```
-
-Expected: FAIL — classes not found.
-
-- [ ] **Step 4.3: Create `WindowDeferredException`.**
-
-`app/app/Services/Supplier/Channel/Exceptions/WindowDeferredException.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Supplier\Channel\Exceptions;
-
-/**
- * Маркер «портал отказал по причине окна редактирования» (22:00-00:00 МСК).
- *
- * НЕ сбой канала — операция переносится. FailoverProjectChannel пропускает
- * эскалацию ярусов и не пишет в supplier_manual_sync_queue. Job-уровень
- * получает исключение и помечает попытку как deferred.
- *
- * Spec §8.
- */
-final class WindowDeferredException extends \RuntimeException {}
-```
-
-- [ ] **Step 4.4: Create `TierEscalatedException`.**
-
-`app/app/Services/Supplier/Channel/Exceptions/TierEscalatedException.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Supplier\Channel\Exceptions;
-
-/**
- * Брошен FailoverProjectChannel когда операция эскалирована на ярус 3.
- *
- * Job-уровень ловит и помечает текущую попытку как отложенную к ручному вмешательству.
- *
- * Spec §4.4 ("manual_required").
- */
-final class TierEscalatedException extends \RuntimeException
-{
-    public function __construct(
-        public readonly int $queueRowId,
-        public readonly string $reason,
-        string $message = '',
-    ) {
-        parent::__construct($message ?: "Escalated to manual queue (row #{$queueRowId}, reason: {$reason})");
-    }
-}
-```
-
-- [ ] **Step 4.5: Create `FailoverProjectChannel` (skeleton, без портального dedup — добавим в Task 5).**
-
-`app/app/Services/Supplier/Channel/FailoverProjectChannel.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Supplier\Channel;
-
-use App\Exceptions\Supplier\SupplierAuthException;
-use App\Exceptions\Supplier\SupplierClientException;
-use App\Exceptions\Supplier\SupplierTransientException;
-use App\Mail\SupplierCriticalAlertMail;
-use App\Models\Project;
-use App\Models\SupplierManualSyncQueue;
-use App\Services\Supplier\Channel\Exceptions\TierEscalatedException;
-use App\Services\Supplier\Channel\Exceptions\WindowDeferredException;
-use App\Services\Supplier\Dto\SupplierProjectDto;
-use Illuminate\Contracts\Mail\Mailer;
-use Throwable;
-
-/**
- * Декоратор-оркестратор: ярус 1 (AJAX) → ярус 2 (form-driving) → ярус 3 (manual queue).
- *
- * Spec: docs/superpowers/specs/2026-05-19-supplier-project-channel-failover-design.md §4.4
- *
- * Bridge-методы createProjectForLiderra/updateProjectForLiderra принимают Project
- * (нужен для project_id в очереди яруса 3). Прямые createProject/updateProject
- * сохраняются для интерфейс-совместимости (без эскалации).
- */
-final class FailoverProjectChannel implements SupplierProjectChannel
-{
-    public function __construct(
-        private readonly SupplierProjectChannel $tier1,
-        private readonly SupplierProjectChannel $tier2,
-        private readonly Mailer $mailer,
-    ) {}
-
-    public function createProject(SupplierProjectDto $dto): int
-    {
-        return $this->tier1->createProject($dto);
-    }
-
-    public function updateProject(int $externalId, SupplierProjectDto $dto): void
-    {
-        $this->tier1->updateProject($externalId, $dto);
-    }
-
-    public function listProjects(): array
-    {
-        return $this->tier1->listProjects();
-    }
-
-    /**
-     * Create с эскалацией: использует Project для project_id в очереди яруса 3.
-     */
-    public function createProjectForLiderra(Project $project, SupplierProjectDto $dto): int
-    {
-        try {
-            return $this->tier1->createProject($dto);
-        } catch (WindowDeferredException $e) {
-            throw $e;
-        } catch (SupplierTransientException $e) {
-            $this->escalateToTier3($project, 'create', null, $dto, 'portal_unreachable', $e);
-        } catch (SupplierClientException|SupplierAuthException $e) {
-            try {
-                $id = $this->tier2->createProject($dto);
-                $this->alertFailoverToForm($project, 'create', $e);
-
-                return $id;
-            } catch (Throwable $tier2Error) {
-                $this->escalateToTier3(
-                    $project, 'create', null, $dto,
-                    $this->classifyTier2Failure($tier2Error), $tier2Error,
-                );
-            }
-        }
-
-        throw new \LogicException('Unreachable');
-    }
-
-    public function updateProjectForLiderra(Project $project, int $externalId, SupplierProjectDto $dto): void
-    {
-        try {
-            $this->tier1->updateProject($externalId, $dto);
-
-            return;
-        } catch (WindowDeferredException $e) {
-            throw $e;
-        } catch (SupplierTransientException $e) {
-            $this->escalateToTier3($project, 'update', $externalId, $dto, 'portal_unreachable', $e);
-        } catch (SupplierClientException|SupplierAuthException $e) {
-            try {
-                $this->tier2->updateProject($externalId, $dto);
-                $this->alertFailoverToForm($project, 'update', $e);
-
-                return;
-            } catch (Throwable $tier2Error) {
-                $this->escalateToTier3(
-                    $project, 'update', $externalId, $dto,
-                    $this->classifyTier2Failure($tier2Error), $tier2Error,
-                );
-            }
-        }
-    }
-
-    private function escalateToTier3(
-        Project $project,
-        string $operation,
-        ?int $externalId,
-        SupplierProjectDto $dto,
-        string $reason,
-        Throwable $cause,
-    ): never {
-        $row = SupplierManualSyncQueue::create([
-            'project_id' => $project->id,
-            'platform' => $dto->platform,
-            'operation' => $operation,
-            'external_id' => $externalId !== null ? (string) $externalId : null,
-            'payload_snapshot' => [
-                'signal_type' => $dto->signalType,
-                'unique_key' => $dto->uniqueKey,
-                'limit' => $dto->limit,
-                'workdays' => $dto->workdays,
-                'regions' => $dto->regions,
-                'regions_reverse' => $dto->regionsReverse,
-                'status' => $dto->status,
-            ],
-            'failure_reason' => $reason,
-            'status' => 'pending',
-            'created_at' => now(),
-        ]);
-
-        $this->mailer->to((string) config('services.supplier.alert_email'))
-            ->queue(new SupplierCriticalAlertMail(
-                alertType: 'manual_required',
-                details: "Project #{$project->id} ({$dto->platform}/{$dto->uniqueKey}) — {$operation} queued #{$row->id}, reason: {$reason}. Cause: ".mb_substr($cause->getMessage(), 0, 300),
-            ));
-
-        throw new TierEscalatedException($row->id, $reason);
-    }
-
-    private function alertFailoverToForm(Project $project, string $operation, Throwable $cause): void
-    {
-        $this->mailer->to((string) config('services.supplier.alert_email'))
-            ->queue(new SupplierCriticalAlertMail(
-                alertType: 'failover_to_form',
-                details: "Project #{$project->id} {$operation}: Tier 1 (AJAX) failed, Tier 2 (browser) succeeded. Cause: ".mb_substr($cause->getMessage(), 0, 300),
-            ));
-    }
-
-    private function classifyTier2Failure(Throwable $e): string
-    {
-        $msg = mb_strtolower($e->getMessage());
-        if (str_contains($msg, 'auth') || str_contains($msg, 'login')) {
-            return 'auth_failure';
-        }
-        if (str_contains($msg, 'selector') || str_contains($msg, 'form')) {
-            return 'form_selector_break';
-        }
-
-        return 'form_save_error';
-    }
-}
-```
-
-- [ ] **Step 4.6: Verify `SupplierCriticalAlertMail` принимает `alertType` + `details`.**
-
-```bash
-cd "C:/моя/проекты/портал crm/Документация"
-grep -n "alertType\|details" app/app/Mail/SupplierCriticalAlertMail.php
-```
-
-Expected: constructor берёт `alertType` и `details` (паттерн из [SyncSupplierProjectsJob.php:88-103](../../../app/app/Jobs/Supplier/SyncSupplierProjectsJob.php#L88-L103)). Если конструктор другой — адаптировать вызовы в Step 4.5.
-
-- [ ] **Step 4.7: Run test — PASS.**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Supplier/Channel/FailoverProjectChannelTest.php
-```
-
-Expected: PASS (6 tests).
-
-- [ ] **Step 4.8: Commit.**
-
-```bash
-cd "C:/моя/проекты/портал crm/Документация"
-git add app/app/Services/Supplier/Channel/Exceptions/WindowDeferredException.php \
-        app/app/Services/Supplier/Channel/Exceptions/TierEscalatedException.php \
-        app/app/Services/Supplier/Channel/FailoverProjectChannel.php \
-        app/tests/Feature/Supplier/Channel/FailoverProjectChannelTest.php
-git commit --only \
-  app/app/Services/Supplier/Channel/Exceptions/WindowDeferredException.php \
-  app/app/Services/Supplier/Channel/Exceptions/TierEscalatedException.php \
-  app/app/Services/Supplier/Channel/FailoverProjectChannel.php \
-  app/tests/Feature/Supplier/Channel/FailoverProjectChannelTest.php \
-  -m "feat(supplier): FailoverProjectChannel skeleton — escalation matrix without dedup
-
-Tier 1 → классификация исключения → ярус 2 (плейсхолдер) / ярус 3 (queue).
-Без портального dedup (см. Task 5). Без реального Tier 2 (см. Task 7).
-6 тестов матрицы эскалации зелёные.
-
-Spec §4.4, §6, §8.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
----
-
-## Task 5: `FailoverProjectChannel` — portal-side idempotency dedup
-
-Защищает от дубля при полу-успехе яруса 1.
-
-**Files:**
-
-- Modify: `app/app/Services/Supplier/Channel/FailoverProjectChannel.php`
-- Modify: `app/tests/Feature/Supplier/Channel/FailoverProjectChannelTest.php`
-
-- [ ] **Step 5.1: Write failing test.**
-
-Добавить в `FailoverProjectChannelTest.php`:
-
-```php
-it('createProject — portal already has project (listProjects match): adopts external_id, skips create', function (): void {
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->for($tenant)->create();
-
-    $tier1CreateCalled = false;
-    $tier1 = new class($tier1CreateCalled) implements SupplierProjectChannel {
-        public function __construct(public bool &$createCalled) {}
-        public function createProject(SupplierProjectDto $dto): int { $this->createCalled = true; return 0; }
-        public function updateProject(int $externalId, SupplierProjectDto $dto): void {}
-        public function listProjects(): array {
-            return [
-                ['id' => 555_555, 'platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'foo.com'],
-            ];
-        }
-    };
-
-    $id = makeFailover($tier1)->createProjectForLiderra($project, makeDto());
-
-    expect($id)->toBe(555_555);
-    expect($tier1CreateCalled)->toBeFalse();
-});
-```
-
-- [ ] **Step 5.2: Run test — FAIL.**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Supplier/Channel/FailoverProjectChannelTest.php
-```
-
-Expected: новый тест FAIL — `createProject` всё ещё дёргается.
-
-- [ ] **Step 5.3: Add dedup to `createProjectForLiderra`.**
-
-В начале `createProjectForLiderra` (перед `try` яруса 1) добавить:
-
-```php
-public function createProjectForLiderra(Project $project, SupplierProjectDto $dto): int
-{
-    // Spec §4.4 шаг 2: портальная сверка через listProjects() до любого create.
-    // Защита от дубля при полу-успехе яруса 1 в прошлом запуске.
-    try {
-        $existing = $this->findOnPortal($dto);
-        if ($existing !== null) {
-            return $existing;
-        }
-    } catch (Throwable) {
-        // listProjects недоступен — продолжаем, ярус-эскалация и так покроет.
-    }
-
-    try {
-        return $this->tier1->createProject($dto);
-    } catch (WindowDeferredException $e) {
-        throw $e;
-    } catch (SupplierTransientException $e) {
-        $this->escalateToTier3($project, 'create', null, $dto, 'portal_unreachable', $e);
-    } catch (SupplierClientException|SupplierAuthException $e) {
-        try {
-            $id = $this->tier2->createProject($dto);
-            $this->alertFailoverToForm($project, 'create', $e);
-
-            return $id;
-        } catch (Throwable $tier2Error) {
-            $this->escalateToTier3(
-                $project, 'create', null, $dto,
-                $this->classifyTier2Failure($tier2Error), $tier2Error,
-            );
-        }
-    }
-
-    throw new \LogicException('Unreachable');
-}
-
-private function findOnPortal(SupplierProjectDto $dto): ?int
-{
-    foreach ($this->tier1->listProjects() as $row) {
-        if (
-            ($row['platform'] ?? null) === $dto->platform
-            && ($row['signal_type'] ?? null) === $dto->signalType
-            && ($row['unique_key'] ?? null) === $dto->uniqueKey
-        ) {
-            return (int) ($row['id'] ?? 0) ?: null;
-        }
-    }
-
-    return null;
-}
-```
-
-- [ ] **Step 5.4: Run test — PASS.**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Supplier/Channel/FailoverProjectChannelTest.php
-```
-
-Expected: 7/7 PASS.
-
-- [ ] **Step 5.5: Commit.**
-
-```bash
-cd "C:/моя/проекты/портал crm/Документация"
-git add app/app/Services/Supplier/Channel/FailoverProjectChannel.php \
-        app/tests/Feature/Supplier/Channel/FailoverProjectChannelTest.php
-git commit --only \
-  app/app/Services/Supplier/Channel/FailoverProjectChannel.php \
-  app/tests/Feature/Supplier/Channel/FailoverProjectChannelTest.php \
-  -m "feat(supplier): FailoverProjectChannel portal-side dedup before create
-
-listProjects() матч по (platform, signal_type, unique_key) до create.
-Защита от дубля при полу-успехе яруса 1.
-
-Spec §4.4 шаг 2, §7.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
----
-
-## Task 6: `manage-project.js` Node script
-
-Водит форму «Мои проекты»: `listProjects`, `createProject`, `updateProject`.
-
-**Files:**
-
-- Create: `app/playwright/manage-project.js`
-- Create: `app/playwright/manage-project.test.js`
-- Create: `app/tests/fixtures/supplier-portal/rt-add-project-form.html` — статический фикстур.
-
-- [ ] **Step 6.1: Подготовить HTML-фикстуру формы.**
-
-Создать `app/tests/fixtures/supplier-portal/rt-add-project-form.html` — минимальный HTML с теми же селекторами полей, что в реальной форме (label-ы + input/textarea/select). Селекторы взяты из снапшота разведки `rt-add-project-form.yml` строки 107-272.
-
-Файл (упрощённый — без DOM-манипуляций через `innerHTML`, чтобы пройти security-guidance hook; имитирует поведение «новая строка появляется в таблице» через append с `appendChild` + `textContent`):
-
-```html
-<!DOCTYPE html>
-<html><head><meta charset="utf-8"><title>Test</title></head><body>
-  <div id="add-project-modal" data-testid="add-project-form">
-    <label><input type="checkbox" name="active" checked> Активный</label>
-    <label>Тег <input type="text" name="tag" id="tag-input"></label>
-    <fieldset>
-      <legend>Источник данных</legend>
-      <label><input type="checkbox" name="platform[]" value="B1" checked> B1</label>
-      <label><input type="checkbox" name="platform[]" value="B2" checked> B2</label>
-      <label><input type="checkbox" name="platform[]" value="B3" checked> B3</label>
-    </fieldset>
-    <label>Название проекта <input type="text" name="name" id="name-input" required></label>
-    <label>Источники сбора <select name="signal_type" id="signal-type"><option>Сайты</option><option>Звонки</option><option>СМС</option></select></label>
-    <fieldset>
-      <legend>Регион</legend>
-      <label><input type="radio" name="region_mode" value="include" checked> Включить</label>
-      <label><input type="radio" name="region_mode" value="exclude"> Исключить</label>
-      <input type="text" name="regions_filter" placeholder="Фильтр по регионам">
-    </fieldset>
-    <label>Список сайтов <textarea name="domains" id="domains-input"></textarea></label>
-    <label>Лимит в день <input type="number" name="limit" id="limit-input" value="10"></label>
-    <fieldset>
-      <legend>Дни получения номеров</legend>
-      <label><input type="checkbox" name="workdays[]" value="1" checked> Пн.</label>
-      <label><input type="checkbox" name="workdays[]" value="2" checked> Вт.</label>
-      <label><input type="checkbox" name="workdays[]" value="3" checked> Ср.</label>
-      <label><input type="checkbox" name="workdays[]" value="4" checked> Чт.</label>
-      <label><input type="checkbox" name="workdays[]" value="5" checked> Пт.</label>
-      <label><input type="checkbox" name="workdays[]" value="6" checked> Сб.</label>
-      <label><input type="checkbox" name="workdays[]" value="7" checked> Вс.</label>
-    </fieldset>
-    <button type="button" id="save-btn">Сохранить</button>
-    <button type="button" id="cancel-btn">Отмена</button>
-  </div>
-  <table id="projects-table"><tbody></tbody></table>
-  <script>
-    document.getElementById('save-btn').addEventListener('click', function() {
-      var tbody = document.querySelector('#projects-table tbody');
-      var row = document.createElement('tr');
-      row.dataset.id = String(Date.now());
-      var tdId = document.createElement('td');
-      tdId.textContent = row.dataset.id;
-      var tdName = document.createElement('td');
-      tdName.textContent = document.getElementById('name-input').value;
-      row.appendChild(tdId);
-      row.appendChild(tdName);
-      tbody.appendChild(row);
-      document.getElementById('add-project-modal').style.display = 'none';
-    });
-  </script>
-</body></html>
-```
-
-- [ ] **Step 6.2: Write failing Node test.**
-
-`app/playwright/manage-project.test.js`:
-
-```javascript
-const { test, expect } = require('@playwright/test');
-const { execFile } = require('child_process');
-const path = require('path');
-
-const SCRIPT = path.resolve(__dirname, 'manage-project.js');
-const FIXTURE_URL = 'file://' + path.resolve(__dirname, '../tests/fixtures/supplier-portal/rt-add-project-form.html');
-
-function runScript(input) {
-    return new Promise((resolve, reject) => {
-        const child = execFile('node', [SCRIPT], { timeout: 60000 }, (err, stdout, stderr) => {
-            if (err && err.code !== undefined) return reject({ code: err.code, stdout, stderr });
-            resolve({ stdout: stdout.toString(), stderr: stderr.toString() });
-        });
-        child.stdin.write(JSON.stringify(input));
-        child.stdin.end();
-    });
-}
-
-test('createProject fills form and returns row id', async () => {
-    const result = await runScript({
-        operation: 'create',
-        login: 'fixture-noop',
-        password: 'fixture-noop',
-        url: FIXTURE_URL,
-        skipLogin: true,
-        dto: {
-            tag: 'TEST',
-            name: 'Test Project',
-            platforms: ['B1', 'B2'],
-            signal_type: 'site',
-            limit: 25,
-            workdays: [1, 2, 3, 4, 5],
-            regions: [],
-            region_mode: 'include',
-            domains: ['example.com'],
-            active: true,
-        },
-    });
-
-    const out = JSON.parse(result.stdout);
-    expect(out.external_id).toBeTruthy();
-    expect(out.external_id).toMatch(/^\d+$/);
-});
-
-test('listProjects returns array', async () => {
-    const result = await runScript({
-        operation: 'list',
-        login: 'fixture-noop',
-        password: 'fixture-noop',
-        url: FIXTURE_URL,
-        skipLogin: true,
-    });
-
-    const out = JSON.parse(result.stdout);
-    expect(Array.isArray(out.projects)).toBe(true);
-});
-```
-
-- [ ] **Step 6.3: Run Node test — FAIL.**
-
-```bash
-cd app/playwright && npx playwright test manage-project.test.js 2>&1 | head -50
-```
-
-Expected: FAIL — `manage-project.js` not found.
-
-- [ ] **Step 6.4: Create `manage-project.js`.**
-
-`app/playwright/manage-project.js`:
-
-```javascript
-#!/usr/bin/env node
-/**
- * Headless Playwright водит UI «Мои проекты» supplier-портала crm.bp-gr.ru.
- *
- * Input (JSON через stdin):
- *   {operation: "create"|"update"|"list", login, password, url, skipLogin?, dto?, externalId?}
- *
- * Output (JSON через stdout):
- *   - create: {external_id: "12345"}
- *   - update: {ok: true}
- *   - list:   {projects: [...]}
- *
- * Exit codes:
- *   0 — success
- *   1 — auth failed
- *   2 — DOM/селектор не найден (контракт UI сменился — escalation cause)
- *   3 — timeout
- *   4 — invalid input или другая ошибка
- *
- * Spec §4.3.
- */
-const { chromium } = require('playwright');
-
-const TIMEOUT_MS = 90_000;
-
-async function login(page, args) {
-    if (args.skipLogin) return;
-    await page.goto(args.url, { waitUntil: 'load', timeout: TIMEOUT_MS });
-    await page.fill('#loginform-username', args.login);
-    await page.fill('#loginform-password', args.password);
-    await Promise.all([
-        page.waitForLoadState('networkidle', { timeout: TIMEOUT_MS }),
-        page.click('button[type=submit]'),
-    ]);
-}
-
-async function fillForm(page, dto) {
-    const activeChecked = await page.locator('input[name=active]').isChecked();
-    if (activeChecked !== !!dto.active) await page.locator('input[name=active]').click();
-
-    if (dto.tag) await page.fill('input[name=tag]', dto.tag);
-
-    for (const p of ['B1', 'B2', 'B3']) {
-        const wanted = (dto.platforms || []).includes(p);
-        const sel = `input[name="platform[]"][value="${p}"]`;
-        const checked = await page.locator(sel).isChecked();
-        if (checked !== wanted) await page.locator(sel).click();
-    }
-
-    await page.fill('input[name=name]', dto.name);
-
-    const signalLabel = { site: 'Сайты', call: 'Звонки', sms: 'СМС' }[dto.signal_type] || 'Сайты';
-    await page.selectOption('select[name=signal_type]', { label: signalLabel });
-
-    if (dto.region_mode === 'exclude') {
-        await page.locator('input[name=region_mode][value=exclude]').click();
-    }
-
-    if (dto.domains && dto.domains.length) {
-        await page.fill('textarea[name=domains]', dto.domains.join('\n'));
-    }
-
-    await page.fill('input[name=limit]', String(dto.limit));
-
-    for (let d = 1; d <= 7; d++) {
-        const wanted = (dto.workdays || [1, 2, 3, 4, 5, 6, 7]).includes(d);
-        const sel = `input[name="workdays[]"][value="${d}"]`;
-        const checked = await page.locator(sel).isChecked();
-        if (checked !== wanted) await page.locator(sel).click();
-    }
-}
-
-async function createOp(page, args) {
-    await login(page, args);
-
-    if (!args.skipLogin) {
-        await page.goto(args.url.replace(/\/$/, '') + '/admin/visit/rt', { waitUntil: 'load', timeout: TIMEOUT_MS });
-        await page.click('button:has-text("Добавить проект")');
-        await page.waitForSelector('#add-project-modal', { state: 'visible', timeout: TIMEOUT_MS });
-    }
-
-    await fillForm(page, args.dto);
-    const beforeRows = await page.locator('#projects-table tbody tr').count();
-    await page.click('#save-btn');
-    await page.waitForFunction(
-        (before) => document.querySelectorAll('#projects-table tbody tr').length > before,
-        beforeRows,
-        { timeout: TIMEOUT_MS },
-    );
-
-    const newRow = page.locator('#projects-table tbody tr').last();
-    const externalId = await newRow.getAttribute('data-id');
-
-    return { external_id: externalId };
-}
-
-async function updateOp(page, args) {
-    await login(page, args);
-    if (!args.skipLogin) {
-        await page.goto(args.url.replace(/\/$/, '') + '/admin/visit/rt', { waitUntil: 'load', timeout: TIMEOUT_MS });
-    }
-
-    const row = page.locator(`#projects-table tbody tr[data-id="${args.externalId}"]`);
-    await row.locator('button.edit').click();
-    await page.waitForSelector('#add-project-modal', { state: 'visible', timeout: TIMEOUT_MS });
-    await fillForm(page, args.dto);
-    await page.click('#save-btn');
-    await page.waitForSelector('#add-project-modal', { state: 'hidden', timeout: TIMEOUT_MS });
-
-    return { ok: true };
-}
-
-async function listOp(page, args) {
-    await login(page, args);
-    if (!args.skipLogin) {
-        await page.goto(args.url.replace(/\/$/, '') + '/admin/visit/rt', { waitUntil: 'load', timeout: TIMEOUT_MS });
-    }
-
-    const rows = await page.locator('#projects-table tbody tr').evaluateAll((nodes) =>
-        nodes.map((n) => ({
-            id: parseInt(n.dataset.id, 10),
-            name: n.querySelector('td:nth-child(2)') ? n.querySelector('td:nth-child(2)').textContent : null,
-        })),
-    );
-
-    return { projects: rows };
-}
-
-async function run(args) {
-    const browser = await chromium.launch({ headless: true });
-    try {
-        const ctx = await browser.newContext();
-        const page = await ctx.newPage();
-        let out;
-        switch (args.operation) {
-            case 'create': out = await createOp(page, args); break;
-            case 'update': out = await updateOp(page, args); break;
-            case 'list':   out = await listOp(page, args); break;
-            default: throw new Error('Unknown operation: ' + args.operation);
-        }
-        process.stdout.write(JSON.stringify(out));
-        process.exit(0);
-    } catch (err) {
-        process.stderr.write(JSON.stringify({ error: err.message }));
-        if (err.message.includes('Timeout')) process.exit(3);
-        if (err.message.toLowerCase().includes('selector') || err.message.toLowerCase().includes('locator')) process.exit(2);
-        if (err.message.toLowerCase().includes('login') || err.message.toLowerCase().includes('auth')) process.exit(1);
-        process.exit(4);
-    } finally {
-        await browser.close();
-    }
-}
-
-let input = '';
-process.stdin.on('data', (c) => { input += c; });
-process.stdin.on('end', () => {
-    let args;
-    try { args = JSON.parse(input); }
-    catch (e) { process.stderr.write(JSON.stringify({ error: 'invalid JSON on stdin' })); process.exit(4); }
-    if (!args.operation || !args.url) {
-        process.stderr.write(JSON.stringify({ error: 'missing required: operation, url' }));
-        process.exit(4);
-    }
-    run(args);
-});
-```
-
-- [ ] **Step 6.5: Run Node test — PASS.**
-
-```bash
-cd app/playwright && npx playwright test manage-project.test.js
-```
-
-Expected: 2/2 PASS.
-
-- [ ] **Step 6.6: Commit.**
-
-```bash
-cd "C:/моя/проекты/портал crm/Документация"
-git add app/playwright/manage-project.js \
-        app/playwright/manage-project.test.js \
-        app/tests/fixtures/supplier-portal/rt-add-project-form.html
-git commit --only \
-  app/playwright/manage-project.js \
-  app/playwright/manage-project.test.js \
-  app/tests/fixtures/supplier-portal/rt-add-project-form.html \
-  -m "feat(supplier): manage-project.js — Playwright drives «Мои проекты» form
-
-create/update/list через headless Chromium по образцу refresh-session.js.
-Селекторы зафиксированы из recon-снапшота rt-add-project-form.yml.
-Фикстурный тест против локального HTML — без живого портала.
-
-Spec §4.3.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
----
-
-## Task 7: `FormProjectChannel` PHP wrapper + wire into FailoverProjectChannel as Tier 2
-
-**Files:**
-
-- Create: `app/app/Services/Supplier/Channel/FormProjectChannel.php`
-- Create: `app/tests/Feature/Supplier/Channel/FormProjectChannelTest.php`
-- Modify: `app/app/Providers/AppServiceProvider.php`
-
-- [ ] **Step 7.1: Write failing test.**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Services\Supplier\Channel\FormProjectChannel;
-use App\Services\Supplier\Channel\SupplierProjectChannel;
-use App\Services\Supplier\Dto\SupplierProjectDto;
-use App\Services\Supplier\PlaywrightBridge;
-
-it('FormProjectChannel implements SupplierProjectChannel', function (): void {
-    expect(app(FormProjectChannel::class))->toBeInstanceOf(SupplierProjectChannel::class);
-});
-
-it('createProject calls PlaywrightBridge with operation=create and returns external_id', function (): void {
-    $bridgeStub = new class {
-        public ?array $lastArgs = null;
-        public function run(array $args): array { $this->lastArgs = $args; return ['external_id' => '12345']; }
-    };
-    app()->instance(PlaywrightBridge::class, $bridgeStub);
-
-    $dto = new SupplierProjectDto(
-        platform: 'B1', signalType: 'site', uniqueKey: 'foo.com',
-        limit: 10, workdays: [1, 2], regions: [], regionsReverse: false, status: 'active',
-    );
-
-    $id = app(FormProjectChannel::class)->createProject($dto);
-
-    expect($id)->toBe(12345);
-    expect($bridgeStub->lastArgs['operation'])->toBe('create');
-    expect($bridgeStub->lastArgs['dto']['name'])->toBe('foo.com');
-});
-
-it('updateProject calls bridge with operation=update and externalId', function (): void {
-    $bridgeStub = new class {
-        public ?array $lastArgs = null;
-        public function run(array $args): array { $this->lastArgs = $args; return ['ok' => true]; }
-    };
-    app()->instance(PlaywrightBridge::class, $bridgeStub);
-
-    $dto = new SupplierProjectDto(
-        platform: 'B1', signalType: 'site', uniqueKey: 'foo.com',
-        limit: 20, workdays: [1], regions: [], regionsReverse: false, status: 'active',
-    );
-    app(FormProjectChannel::class)->updateProject(700123, $dto);
-
-    expect($bridgeStub->lastArgs['operation'])->toBe('update');
-    expect($bridgeStub->lastArgs['externalId'])->toBe(700123);
-});
-
-it('listProjects calls bridge with operation=list and returns array', function (): void {
-    $bridgeStub = new class {
-        public function run(array $args): array {
-            return ['projects' => [['id' => 1, 'name' => 'A']]];
-        }
-    };
-    app()->instance(PlaywrightBridge::class, $bridgeStub);
-
-    $list = app(FormProjectChannel::class)->listProjects();
-
-    expect($list)->toBe([['id' => 1, 'name' => 'A']]);
-});
-```
-
-- [ ] **Step 7.2: Run test — FAIL.**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Supplier/Channel/FormProjectChannelTest.php
-```
-
-Expected: FAIL — class not found.
-
-- [ ] **Step 7.3: Create `FormProjectChannel`.**
-
-`app/app/Services/Supplier/Channel/FormProjectChannel.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Supplier\Channel;
-
-use App\Services\Supplier\Dto\SupplierProjectDto;
-use App\Services\Supplier\PlaywrightBridge;
-
-/**
- * Ярус 2: водит форму «Мои проекты» supplier-портала через manage-project.js.
- *
- * Spec: docs/superpowers/specs/2026-05-19-supplier-project-channel-failover-design.md §4.3
- */
-final class FormProjectChannel implements SupplierProjectChannel
-{
-    public function __construct(
-        private readonly PlaywrightBridge $bridge,
-    ) {}
-
-    public function createProject(SupplierProjectDto $dto): int
-    {
-        $out = $this->callBridge('create', null, $dto);
-        $id = (int) ($out['external_id'] ?? 0);
-        if ($id === 0) {
-            throw new \RuntimeException('FormProjectChannel: create returned empty external_id');
-        }
-
-        return $id;
-    }
-
-    public function updateProject(int $externalId, SupplierProjectDto $dto): void
-    {
-        $out = $this->callBridge('update', $externalId, $dto);
-        if (($out['ok'] ?? false) !== true) {
-            throw new \RuntimeException('FormProjectChannel: update did not return ok=true');
-        }
-    }
-
-    public function listProjects(): array
-    {
-        $out = $this->callBridge('list', null, null);
-
-        return (array) ($out['projects'] ?? []);
-    }
-
-    private function callBridge(string $operation, ?int $externalId, ?SupplierProjectDto $dto): array
-    {
-        return $this->bridge->run([
-            'script' => 'manage-project.js',
-            'operation' => $operation,
-            'externalId' => $externalId,
-            'dto' => $dto !== null ? $this->mapDto($dto) : null,
-            'login' => (string) config('services.supplier.login'),
-            'password' => (string) config('services.supplier.password'),
-            'url' => (string) config('services.supplier.portal_url'),
-        ]);
-    }
-
-    private function mapDto(SupplierProjectDto $dto): array
-    {
-        return [
-            'tag' => $dto->uniqueKey,
-            'name' => $dto->uniqueKey,
-            'platforms' => [$dto->platform],
-            'signal_type' => $dto->signalType,
-            'limit' => $dto->limit,
-            'workdays' => $dto->workdays,
-            'regions' => $dto->regions,
-            'region_mode' => $dto->regionsReverse ? 'exclude' : 'include',
-            'domains' => $dto->signalType === 'site' ? [$dto->uniqueKey] : [],
-            'active' => $dto->status === 'active',
-        ];
-    }
-}
-```
-
-- [ ] **Step 7.4: Verify `PlaywrightBridge::run()` сигнатура.**
-
-```bash
-cd "C:/моя/проекты/портал crm/Документация"
-grep -n "function run\|function refreshSession" app/app/Services/Supplier/PlaywrightBridge.php
-```
-
-Если метод называется не `run` или принимает не array — адаптировать `callBridge` соответственно. **Не верифицировал** сигнатуру `PlaywrightBridge` в этой сессии; при расхождении — поправить `FormProjectChannel::callBridge` или расширить bridge новым методом `runScript()`.
-
-- [ ] **Step 7.5: Wire in `AppServiceProvider`.**
-
-В `app/app/Providers/AppServiceProvider.php` добавить (в `register()`):
-
-```php
-$this->app->bind(
-    \App\Services\Supplier\Channel\SupplierProjectChannel::class,
-    function ($app) {
-        return new \App\Services\Supplier\Channel\FailoverProjectChannel(
-            $app->make(\App\Services\Supplier\Channel\AjaxProjectChannel::class),
-            $app->make(\App\Services\Supplier\Channel\FormProjectChannel::class),
-            $app->make(\Illuminate\Contracts\Mail\Mailer::class),
-        );
-    },
-);
-```
-
-- [ ] **Step 7.6: Run all channel tests.**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Supplier/Channel/
-```
-
-Expected: PASS (Ajax 4 + Failover 7 + Form 4 = 15 tests).
-
-- [ ] **Step 7.7: Commit.**
-
-```bash
-cd "C:/моя/проекты/портал crm/Документация"
-git add app/app/Services/Supplier/Channel/FormProjectChannel.php \
-        app/app/Providers/AppServiceProvider.php \
-        app/tests/Feature/Supplier/Channel/FormProjectChannelTest.php
-git commit --only \
-  app/app/Services/Supplier/Channel/FormProjectChannel.php \
-  app/app/Providers/AppServiceProvider.php \
-  app/tests/Feature/Supplier/Channel/FormProjectChannelTest.php \
-  -m "feat(supplier): FormProjectChannel (Tier 2) + DI binding
-
-PHP wrapper над manage-project.js через PlaywrightBridge.
-SupplierProjectChannel::class в DI резолвится в FailoverProjectChannel.
-
-Spec §4.3, §4.4.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
----
-
-## Task 8: Wire jobs to `FailoverProjectChannel`
-
-**Files:**
-
-- Modify: `app/app/Jobs/SyncSupplierProjectJob.php` (singular).
-- Modify: `app/app/Jobs/Supplier/SyncSupplierProjectsJob.php` (plural).
-- Modify: существующие тесты этих job'ов (точные пути верифицировать grep'ом).
-
-- [ ] **Step 8.1: Update `SyncSupplierProjectJob` (singular).**
-
-В `app/app/Jobs/SyncSupplierProjectJob.php` заменить `handle()`:
-
-Было ([SyncSupplierProjectJob.php:42-62](../../../app/app/Jobs/SyncSupplierProjectJob.php#L42-L62)):
-
-```php
-public function handle(SupplierPortalClient $client): void
-{
-    // ...
-    $supplierProjectId = $client->ensureSupplierProject($platform, $project->signal_type, $uniqueKey);
-```
-
-Стало:
-
-```php
-public function handle(\App\Services\Supplier\Channel\SupplierProjectChannel $channel): void
-{
-    $project = Project::find($this->projectId);
-    if ($project === null) {
-        Log::warning("SyncSupplierProjectJob: project {$this->projectId} not found — skipping");
-        return;
-    }
-
-    $platforms = $this->resolvePlatforms($project);
-
-    foreach ($platforms as $platform) {
-        $uniqueKey = $this->buildUniqueKey($project, $platform);
-        $dto = $this->buildDto($project, $platform, $uniqueKey);
-
-        try {
-            if ($channel instanceof \App\Services\Supplier\Channel\FailoverProjectChannel) {
-                $supplierProjectId = $channel->createProjectForLiderra($project, $dto);
-            } else {
-                $supplierProjectId = $channel->createProject($dto);
-            }
-            $column = 'supplier_'.strtolower($platform).'_project_id';
-            $project->{$column} = $supplierProjectId;
-        } catch (\App\Services\Supplier\Channel\Exceptions\TierEscalatedException $e) {
-            Log::info("SyncSupplierProjectJob: project {$project->id} {$platform} escalated to manual queue #{$e->queueRowId}");
-        } catch (\App\Services\Supplier\Channel\Exceptions\WindowDeferredException $e) {
-            Log::info("SyncSupplierProjectJob: project {$project->id} {$platform} deferred by portal window");
-        }
-    }
-
-    $project->save();
-}
-
-private function buildDto(Project $project, string $platform, string $uniqueKey): \App\Services\Supplier\Dto\SupplierProjectDto
-{
-    return new \App\Services\Supplier\Dto\SupplierProjectDto(
-        platform: $platform,
-        signalType: (string) $project->signal_type,
-        uniqueKey: $uniqueKey,
-        limit: 0, // удар 1: лимит 0 (квота приедет ночным sync)
-        workdays: [1, 2, 3, 4, 5, 6, 7],
-        regions: [],
-        regionsReverse: false,
-        status: 'active',
-    );
-}
-```
-
-- [ ] **Step 8.2: Update `SyncSupplierProjectsJob` (plural).**
-
-В `app/app/Jobs/Supplier/SyncSupplierProjectsJob.php` ([SyncSupplierProjectsJob.php:66](../../../app/app/Jobs/Supplier/SyncSupplierProjectsJob.php#L66)):
-
-Было:
-
-```php
-public function handle(?SupplierPortalClient $client = null): void
-{
-    $client ??= app(SupplierPortalClient::class);
-```
-
-Стало:
-
-```php
-public function handle(?\App\Services\Supplier\Channel\SupplierProjectChannel $channel = null): void
-{
-    $this->channel = $channel ?? app(\App\Services\Supplier\Channel\SupplierProjectChannel::class);
-```
-
-Добавить свойство `private \App\Services\Supplier\Channel\SupplierProjectChannel $channel;`.
-
-В `syncOne()` ([SyncSupplierProjectsJob.php:118-185](../../../app/app/Jobs/Supplier/SyncSupplierProjectsJob.php#L118-L185)) заменить прямые вызовы на channel:
-
-Было ([:159](../../../app/app/Jobs/Supplier/SyncSupplierProjectsJob.php#L159), [:169](../../../app/app/Jobs/Supplier/SyncSupplierProjectsJob.php#L169)):
-
-```php
-$externalId = $client->saveProject($allocation);
-// ...
-$client->updateProject((int) $sp->supplier_external_id, $allocation);
-```
-
-Стало:
-
-```php
-$contextProject = $liderraProjects->first();
-
-if ($isCreate) {
-    if ($this->channel instanceof \App\Services\Supplier\Channel\FailoverProjectChannel) {
-        $externalId = $this->channel->createProjectForLiderra($contextProject, $allocation);
-    } else {
-        $externalId = $this->channel->createProject($allocation);
-    }
-} else {
-    if ($this->channel instanceof \App\Services\Supplier\Channel\FailoverProjectChannel) {
-        $this->channel->updateProjectForLiderra($contextProject, (int) $sp->supplier_external_id, $allocation);
-    } else {
-        $this->channel->updateProject((int) $sp->supplier_external_id, $allocation);
-    }
-}
-```
-
-Добавить catch'и в основной цикл ([:87-114](../../../app/app/Jobs/Supplier/SyncSupplierProjectsJob.php#L87-L114)):
-
-```php
-catch (\App\Services\Supplier\Channel\Exceptions\TierEscalatedException $e) {
-    Log::info("SyncSupplierProjectsJob: sp #{$sp->id} escalated to manual queue #{$e->queueRowId}, reason: {$e->reason}");
-    continue;
-}
-catch (\App\Services\Supplier\Channel\Exceptions\WindowDeferredException $e) {
-    Log::info("SyncSupplierProjectsJob: sp #{$sp->id} deferred by portal window");
-    continue;
-}
-```
-
-- [ ] **Step 8.3: Update existing tests.**
-
-```bash
-cd "C:/моя/проекты/портал crm/Документация"
-ls app/tests/Feature/Supplier/ | grep -i sync
-```
-
-Найти существующие тесты `Sync*Job` и заменить mock `SupplierPortalClient` на mock `SupplierProjectChannel`. Тесты, проверявшие `saveProject`/`updateProject`, теперь дёргают channel-методы.
-
-- [ ] **Step 8.4: Run job tests.**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Supplier --parallel
-```
-
-Expected: все existing supplier-тесты + новые тесты эскалации зелёные.
-
-- [ ] **Step 8.5: Commit.**
-
-```bash
-cd "C:/моя/проекты/портал crm/Документация"
-git add app/app/Jobs/SyncSupplierProjectJob.php \
-        app/app/Jobs/Supplier/SyncSupplierProjectsJob.php \
-        app/tests/Feature/Supplier/
-git commit --only \
-  app/app/Jobs/SyncSupplierProjectJob.php \
-  app/app/Jobs/Supplier/SyncSupplierProjectsJob.php \
-  app/tests/Feature/Supplier/ \
-  -m "feat(supplier): wire jobs to FailoverProjectChannel
-
-Оба job'а (singular + plural) принимают SupplierProjectChannel через DI.
-Catch TierEscalatedException + WindowDeferredException добавлены.
-
-Spec §5.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
----
-
-## Task 9: Schedule retiming
-
-**Files:**
-
-- Modify: `app/routes/console.php` ([:45-50](../../../app/routes/console.php#L45-L50)).
-- Create: `app/tests/Feature/Schedule/SupplierScheduleTest.php`.
-
-- [ ] **Step 9.1: Write failing test.**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Jobs\Supplier\RefreshSupplierSessionJob;
-use App\Jobs\Supplier\SyncSupplierProjectsJob;
-use Illuminate\Console\Scheduling\Schedule;
-
-it('SyncSupplierProjectsJob is scheduled at 18:00 MSK', function (): void {
-    $schedule = app(Schedule::class);
-    $events = collect($schedule->events());
-
-    $sync = $events->first(fn ($e) =>
-        str_contains($e->description ?? '', SyncSupplierProjectsJob::class)
-        || str_contains((string) $e->command, 'SyncSupplierProjectsJob')
-    );
-
-    expect($sync)->not->toBeNull();
-    expect($sync->expression)->toBe('0 18 * * *');
-    expect($sync->timezone)->toBe('Europe/Moscow');
-});
-
-it('Daily RefreshSupplierSessionJob is scheduled at 17:45 MSK', function (): void {
-    $schedule = app(Schedule::class);
-    $events = collect($schedule->events());
-
-    $daily = $events->first(fn ($e) =>
-        (str_contains($e->description ?? '', RefreshSupplierSessionJob::class)
-         || str_contains((string) $e->command, 'RefreshSupplierSessionJob'))
-        && $e->expression === '45 17 * * *'
-    );
-
-    expect($daily)->not->toBeNull();
-    expect($daily->timezone)->toBe('Europe/Moscow');
-});
-```
-
-- [ ] **Step 9.2: Run test — FAIL.**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Schedule/SupplierScheduleTest.php
-```
-
-Expected: FAIL — текущее расписание 20:30 / 20:15.
-
-- [ ] **Step 9.3: Edit `app/routes/console.php`.**
-
-Заменить ([routes/console.php:45-50](../../../app/routes/console.php#L45-L50)):
-
-```php
-Schedule::job(new RefreshSupplierSessionJob)
-    ->dailyAt('20:15')
-    ->timezone('Europe/Moscow');
-Schedule::job(new SyncSupplierProjectsJob)
-    ->dailyAt('20:30')
-    ->timezone('Europe/Moscow');
-```
-
-На:
-
-```php
-// Spec docs/superpowers/specs/2026-05-19-supplier-project-channel-failover-design.md §4.7:
-// крон переехал с 20:30 на 18:00 МСК — даёт ~3 часа окно восстановления
-// (эскалация на медленный ярус 2 / ручной ярус 3) в рабочее время.
-// Session refresh — на 15 мин раньше sync (17:45).
-Schedule::job(new RefreshSupplierSessionJob)
-    ->dailyAt('17:45')
-    ->timezone('Europe/Moscow');
-Schedule::job(new SyncSupplierProjectsJob)
-    ->dailyAt('18:00')
-    ->timezone('Europe/Moscow');
-```
-
-- [ ] **Step 9.4: Run test — PASS.**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Schedule/SupplierScheduleTest.php
-```
-
-Expected: 2/2 PASS.
-
-- [ ] **Step 9.5: Commit.**
-
-```bash
-cd "C:/моя/проекты/портал crm/Документация"
-git add app/routes/console.php app/tests/Feature/Schedule/SupplierScheduleTest.php
-git commit --only \
-  app/routes/console.php app/tests/Feature/Schedule/SupplierScheduleTest.php \
-  -m "feat(supplier): retime supplier sync crons 20:30→18:00, 20:15→17:45
-
-Запас ~3 часа до портального дедлайна 21:00 — эскалация на ярус 2/3
-в рабочее время.
-
-Spec §4.7.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
----
-
-## Task 10: Admin backend — worklist endpoints
-
-**Files:**
-
-- Modify: `app/app/Http/Controllers/Api/AdminSupplierIntegrationController.php` (+2 methods).
-- Modify: `app/routes/api.php` (+2 routes).
-- Create: `app/tests/Feature/Admin/SupplierManualQueueTest.php`.
-
-- [ ] **Step 10.1: Write failing test.**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Project;
-use App\Models\SupplierManualSyncQueue;
-use App\Models\Tenant;
-use App\Models\User;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-
-uses(DatabaseTransactions::class);
-
-function authAdmin(): User
-{
-    $admin = User::factory()->create(['is_saas_admin' => true]);
-    test()->actingAs($admin);
-
-    return $admin;
-}
-
-it('GET /api/admin/supplier-integration/manual-queue returns pending rows', function (): void {
-    authAdmin();
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->for($tenant)->create();
-
-    SupplierManualSyncQueue::create([
-        'project_id' => $project->id,
-        'platform' => 'B1',
-        'operation' => 'create',
-        'payload_snapshot' => ['limit' => 10],
-        'failure_reason' => 'contract_break',
-        'status' => 'pending',
-    ]);
-
-    $r = test()->getJson('/api/admin/supplier-integration/manual-queue');
-
-    $r->assertOk()
-        ->assertJsonStructure(['queue' => [['id', 'project_id', 'platform', 'operation', 'payload_snapshot', 'failure_reason', 'created_at']]])
-        ->assertJsonCount(1, 'queue');
-});
-
-it('GET excludes resolved rows', function (): void {
-    authAdmin();
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->for($tenant)->create();
-    SupplierManualSyncQueue::create([
-        'project_id' => $project->id, 'platform' => 'B1', 'operation' => 'create',
-        'payload_snapshot' => [], 'failure_reason' => 'contract_break',
-        'status' => 'resolved', 'resolved_at' => now(),
-    ]);
-
-    test()->getJson('/api/admin/supplier-integration/manual-queue')
-        ->assertOk()->assertJsonCount(0, 'queue');
-});
-
-it('POST /resolve marks row resolved when listProjects matches', function (): void {
-    $admin = authAdmin();
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->for($tenant)->create();
-    $row = SupplierManualSyncQueue::create([
-        'project_id' => $project->id, 'platform' => 'B1', 'operation' => 'create',
-        'payload_snapshot' => ['signal_type' => 'site', 'unique_key' => 'foo.com'],
-        'failure_reason' => 'contract_break', 'status' => 'pending',
-    ]);
-
-    $channelMock = new class implements \App\Services\Supplier\Channel\SupplierProjectChannel {
-        public function createProject(\App\Services\Supplier\Dto\SupplierProjectDto $dto): int { return 0; }
-        public function updateProject(int $externalId, \App\Services\Supplier\Dto\SupplierProjectDto $dto): void {}
-        public function listProjects(): array {
-            return [['id' => 99_999, 'platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'foo.com']];
-        }
-    };
-    app()->instance(\App\Services\Supplier\Channel\SupplierProjectChannel::class, $channelMock);
-
-    test()->postJson("/api/admin/supplier-integration/manual-queue/{$row->id}/resolve")
-        ->assertOk();
-
-    expect($row->fresh()->status)->toBe('resolved');
-    expect($row->fresh()->resolved_by_user_id)->toBe($admin->id);
-    expect($project->fresh()->supplier_b1_project_id)->not->toBeNull();
-});
-
-it('POST /resolve returns 409 when listProjects does not match', function (): void {
-    authAdmin();
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->for($tenant)->create();
-    $row = SupplierManualSyncQueue::create([
-        'project_id' => $project->id, 'platform' => 'B1', 'operation' => 'create',
-        'payload_snapshot' => ['signal_type' => 'site', 'unique_key' => 'foo.com'],
-        'failure_reason' => 'contract_break', 'status' => 'pending',
-    ]);
-
-    $channelMock = new class implements \App\Services\Supplier\Channel\SupplierProjectChannel {
-        public function createProject(\App\Services\Supplier\Dto\SupplierProjectDto $dto): int { return 0; }
-        public function updateProject(int $externalId, \App\Services\Supplier\Dto\SupplierProjectDto $dto): void {}
-        public function listProjects(): array { return []; }
-    };
-    app()->instance(\App\Services\Supplier\Channel\SupplierProjectChannel::class, $channelMock);
-
-    test()->postJson("/api/admin/supplier-integration/manual-queue/{$row->id}/resolve")
-        ->assertStatus(409);
-
-    expect($row->fresh()->status)->toBe('pending');
-});
-```
-
-- [ ] **Step 10.2: Run test — FAIL.**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Admin/SupplierManualQueueTest.php
-```
-
-Expected: 404 route not found.
-
-- [ ] **Step 10.3: Add controller methods.**
-
-В `app/app/Http/Controllers/Api/AdminSupplierIntegrationController.php` добавить use'ы и методы:
-
-```php
-use App\Models\SupplierManualSyncQueue;
-use App\Services\Supplier\Channel\SupplierProjectChannel;
-use Illuminate\Http\Request;
-
-public function manualQueueIndex(): JsonResponse
-{
-    $rows = SupplierManualSyncQueue::where('status', 'pending')
-        ->orderByDesc('id')
-        ->limit(100)
-        ->get(['id', 'project_id', 'platform', 'operation', 'external_id', 'payload_snapshot', 'failure_reason', 'created_at']);
-
-    return response()->json(['queue' => $rows]);
-}
-
-public function manualQueueResolve(int $id, Request $request, SupplierProjectChannel $channel): JsonResponse
-{
-    $row = SupplierManualSyncQueue::findOrFail($id);
-    if ($row->status !== 'pending') {
-        return response()->json(['message' => 'already resolved or cancelled'], 409);
-    }
-
-    $payload = $row->payload_snapshot;
-    $signalType = (string) ($payload['signal_type'] ?? '');
-    $uniqueKey = (string) ($payload['unique_key'] ?? '');
-
-    $found = null;
-    foreach ($channel->listProjects() as $r) {
-        if (
-            ($r['platform'] ?? null) === $row->platform
-            && ($r['signal_type'] ?? null) === $signalType
-            && ($r['unique_key'] ?? null) === $uniqueKey
-        ) {
-            $found = (int) ($r['id'] ?? 0);
-            break;
-        }
-    }
-
-    if ($found === null) {
-        return response()->json([
-            'message' => 'Проект не найден на портале поставщика. Проверьте, что вы действительно его создали с теми же параметрами.',
-        ], 409);
-    }
-
-    \App\Models\Project::where('id', $row->project_id)->update([
-        'supplier_'.strtolower($row->platform).'_project_id' => $found,
-    ]);
-
-    $row->update([
-        'status' => 'resolved',
-        'resolved_by_user_id' => $request->user()->id,
-        'resolved_at' => now(),
-        'external_id' => (string) $found,
-    ]);
-
-    return response()->json(['resolved' => true, 'external_id' => $found]);
-}
-```
-
-- [ ] **Step 10.4: Add routes.**
-
-В `app/routes/api.php` — рядом с существующими supplier-admin роутами добавить:
-
-```php
-Route::middleware(['auth:sanctum', 'saas-admin'])->prefix('admin/supplier-integration')->group(function () {
-    // existing routes here...
-    Route::get('manual-queue', [AdminSupplierIntegrationController::class, 'manualQueueIndex']);
-    Route::post('manual-queue/{id}/resolve', [AdminSupplierIntegrationController::class, 'manualQueueResolve']);
-});
-```
-
-(точная цепочка middleware `saas-admin` — мирорить существующий supplier-integration блок; **не верифицировал** имя alias'а в этой сессии.)
-
-- [ ] **Step 10.5: Run test — PASS.**
-
-```bash
-cd app && ./vendor/bin/pest tests/Feature/Admin/SupplierManualQueueTest.php
-```
-
-Expected: 4/4 PASS.
-
-- [ ] **Step 10.6: Commit.**
-
-```bash
-cd "C:/моя/проекты/портал crm/Документация"
-git add app/app/Http/Controllers/Api/AdminSupplierIntegrationController.php \
-        app/routes/api.php \
-        app/tests/Feature/Admin/SupplierManualQueueTest.php
-git commit --only \
-  app/app/Http/Controllers/Api/AdminSupplierIntegrationController.php \
-  app/routes/api.php \
-  app/tests/Feature/Admin/SupplierManualQueueTest.php \
-  -m "feat(supplier): admin endpoints for Tier 3 manual queue
-
-GET /api/admin/supplier-integration/manual-queue — pending список.
-POST /manual-queue/{id}/resolve — reconcile через listProjects(),
-ставит FK на supplier_b{1,2,3}_project_id, помечает resolved.
-
-Spec §4.6.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
----
-
-## Task 11: Admin frontend — worklist section
-
-**Files:**
-
-- Modify: `app/resources/js/views/admin/AdminSupplierIntegrationView.vue`.
-- Create: `app/resources/js/views/admin/__tests__/AdminSupplierIntegrationView.manual-queue.spec.ts`.
-
-- [ ] **Step 11.1: Write failing Vitest spec.**
-
-`app/resources/js/views/admin/__tests__/AdminSupplierIntegrationView.manual-queue.spec.ts`:
-
-```typescript
-import { describe, it, expect, vi, beforeEach } from 'vitest';
-import { mount } from '@vue/test-utils';
-import { createVuetify } from 'vuetify';
-import AdminSupplierIntegrationView from '../AdminSupplierIntegrationView.vue';
-import axios from 'axios';
-
-vi.mock('axios');
-
-const vuetify = createVuetify();
-
-describe('AdminSupplierIntegrationView — manual queue section', () => {
-    beforeEach(() => {
-        vi.clearAllMocks();
-        (axios.get as any).mockImplementation((url: string) => {
-            if (url.endsWith('/manual-queue')) {
-                return Promise.resolve({ data: { queue: [
-                    { id: 1, project_id: 42, platform: 'B1', operation: 'create',
-                      payload_snapshot: { limit: 10, signal_type: 'site', unique_key: 'foo.com' },
-                      failure_reason: 'contract_break', created_at: '2026-05-19T10:00:00Z' },
-                ] } });
-            }
-            return Promise.resolve({ data: { health: null, history: [] } });
-        });
-    });
-
-    it('renders pending queue rows with payload + reason', async () => {
-        const wrapper = mount(AdminSupplierIntegrationView, { global: { plugins: [vuetify] } });
-        await new Promise((r) => setTimeout(r, 50));
-
-        const text = wrapper.text();
-        expect(text).toContain('foo.com');
-        expect(text).toContain('contract_break');
-        expect(text).toContain('B1');
-    });
-
-    it('clicking «Отметить выполнено» calls resolve endpoint', async () => {
-        (axios.post as any).mockResolvedValue({ data: { resolved: true, external_id: 700123 } });
-
-        const wrapper = mount(AdminSupplierIntegrationView, { global: { plugins: [vuetify] } });
-        await new Promise((r) => setTimeout(r, 50));
-
-        const btn = wrapper.find('[data-testid="resolve-1"]');
-        expect(btn.exists()).toBe(true);
-        await btn.trigger('click');
-
-        expect(axios.post).toHaveBeenCalledWith(
-            expect.stringContaining('/manual-queue/1/resolve'),
-        );
-    });
-});
-```
-
-- [ ] **Step 11.2: Run vitest — FAIL.**
-
-```bash
-cd app && npx vitest run resources/js/views/admin/__tests__/AdminSupplierIntegrationView.manual-queue.spec.ts
-```
-
-Expected: FAIL — text не содержит foo.com / no resolve button.
-
-- [ ] **Step 11.3: Extend `AdminSupplierIntegrationView.vue`.**
-
-Добавить в template (после существующих секций):
-
-```vue
-<v-card class="mt-4">
-  <v-card-title>
-    Ручная очередь
-    <v-chip v-if="manualQueue.length" color="warning" class="ml-2">
-      {{ manualQueue.length }}
-    </v-chip>
-  </v-card-title>
-  <v-card-text>
-    <v-alert v-if="manualQueueError" type="error">{{ manualQueueError }}</v-alert>
-    <p v-else-if="!manualQueue.length" class="text-medium-emphasis">
-      Очередь пуста — авто-фейловер не понадобился.
-    </p>
-    <v-table v-else density="compact">
-      <thead>
-        <tr>
-          <th>Project</th><th>Платформа</th><th>Операция</th>
-          <th>Параметры</th><th>Причина</th><th>Создано</th><th></th>
-        </tr>
-      </thead>
-      <tbody>
-        <tr v-for="row in manualQueue" :key="row.id">
-          <td>#{{ row.project_id }}</td>
-          <td>{{ row.platform }}</td>
-          <td>{{ row.operation }}</td>
-          <td><code>{{ row.payload_snapshot.unique_key }}</code> · limit {{ row.payload_snapshot.limit ?? '—' }}</td>
-          <td>{{ row.failure_reason }}</td>
-          <td>{{ formatDate(row.created_at) }}</td>
-          <td>
-            <v-btn size="small" color="primary"
-              :data-testid="`resolve-${row.id}`"
-              :loading="resolvingId === row.id"
-              @click="resolveRow(row.id)">
-              Отметить выполнено
-            </v-btn>
-          </td>
-        </tr>
-      </tbody>
-    </v-table>
-  </v-card-text>
-</v-card>
-```
-
-В `<script setup lang="ts">`:
-
-```typescript
-import { ref, onMounted } from 'vue';
-import axios from 'axios';
-
-interface ManualQueueRow {
-    id: number;
-    project_id: number;
-    platform: string;
-    operation: string;
-    external_id: string | null;
-    payload_snapshot: Record<string, any>;
-    failure_reason: string;
-    created_at: string;
-}
-
-const manualQueue = ref<ManualQueueRow[]>([]);
-const manualQueueError = ref<string | null>(null);
-const resolvingId = ref<number | null>(null);
-
-async function loadManualQueue() {
-    try {
-        const r = await axios.get('/api/admin/supplier-integration/manual-queue');
-        manualQueue.value = r.data.queue;
-    } catch (e: any) {
-        manualQueueError.value = e?.response?.data?.message || e.message || 'Failed to load queue';
-    }
-}
-
-async function resolveRow(id: number) {
-    if (!confirm('Подтверждаете, что внесли изменения в crm.bp-gr.ru?')) return;
-    resolvingId.value = id;
-    try {
-        await axios.post(`/api/admin/supplier-integration/manual-queue/${id}/resolve`);
-        await loadManualQueue();
-    } catch (e: any) {
-        alert(e?.response?.data?.message || 'Resolve failed');
-    } finally {
-        resolvingId.value = null;
-    }
-}
-
-function formatDate(s: string): string {
-    return new Date(s).toLocaleString('ru-RU');
-}
-
-onMounted(() => {
-    // existing onMounted logic stays
-    loadManualQueue();
-});
-```
-
-- [ ] **Step 11.4: Run vitest — PASS.**
-
-```bash
-cd app && npx vitest run resources/js/views/admin/__tests__/AdminSupplierIntegrationView.manual-queue.spec.ts
-```
-
-Expected: 2/2 PASS.
-
-- [ ] **Step 11.5: Build frontend.**
-
-```bash
-npm --prefix app run build
-```
-
-Expected: build success.
-
-- [ ] **Step 11.6: Commit.**
-
-```bash
-cd "C:/моя/проекты/портал crm/Документация"
-git add app/resources/js/views/admin/AdminSupplierIntegrationView.vue \
-        app/resources/js/views/admin/__tests__/AdminSupplierIntegrationView.manual-queue.spec.ts
-git commit --only \
-  app/resources/js/views/admin/AdminSupplierIntegrationView.vue \
-  app/resources/js/views/admin/__tests__/AdminSupplierIntegrationView.manual-queue.spec.ts \
-  -m "feat(supplier): manual queue section in AdminSupplierIntegrationView
-
-Таблица pending + кнопка «Отметить выполнено» с confirm-диалогом.
-Реюз существующего админ-экрана интеграции с поставщиком.
-
-Spec §4.6.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
----
-
-## Task 12: Live smoke + final regression
-
-**Files:** не правим код. Проверочный шаг.
-
-- [ ] **Step 12.1: Live smoke — happy path Tier 1.**
-
-Создать тестовый Лидерра-проект через UI Лидерры (admin@demo.local), убедиться, что `SyncSupplierProjectJob` отправил его на портал поставщика через Tier 1 (AJAX). Проверить в `/admin/visit/rt` на стороне поставщика: проект появился с реквизитами из Лидерры.
-
-Cleanup: удалить тестовый проект на обеих сторонах.
-
-- [ ] **Step 12.2: Live smoke — Tier 2 (форс fail Tier 1).**
-
-Временно сломать Tier 1 (через переопределение `AjaxProjectChannel` в DI на throwing-stub): заставить его бросить `SupplierClientException`. Создать новый тестовый проект → убедиться, что Tier 2 (browser) подхватил, проект на портале появился, FK у Лидерра-проекта проставлен.
-
-Cleanup: убрать override, удалить тестовый проект.
-
-- [ ] **Step 12.3: Live smoke — Tier 3 escalation.**
-
-Форс fail обоих ярусов (override обоих channel'ов на throwing-stub). Создать проект → убедиться, что строка появилась в `supplier_manual_sync_queue`, алёрт-письмо ушло (queued mailer), в UI админ-экрана видна pending-запись.
-
-Через UI «Отметить выполнено» (предварительно вручную создав проект на портале с теми же параметрами) — убедиться, что reconcile сработал, FK проставлен, статус `resolved`.
-
-Cleanup: убрать форс-фейлы, удалить тестовый проект и очередь.
-
-- [ ] **Step 12.4: Full regression.**
-
-```bash
-cd app && composer test -- --parallel 2>&1 | tail -30
-```
-
-Ожидаемо: ранее + ~27 новых тестов зелёные.
-
-```bash
-cd app && composer stan
-```
-
-Ожидаемо: 0 errors (или bump baseline если новый класс).
-
-```bash
-cd app && npx vitest run 2>&1 | tail -10
-```
-
-Ожидаемо: ранее + 2 новых specs.
-
-- [ ] **Step 12.5: Pre-push hooks.**
-
-```bash
-cd "C:/моя/проекты/портал crm/Документация"
-./bin/gitleaks.exe detect --redact -v
-npm --prefix app run lint:md && npm --prefix app run links
-```
-
-Ожидаемо: 0 leaks, 0 markdown errors, 0 broken links.
-
-- [ ] **Step 12.6: Финальный smoke schema.sql.**
-
-```bash
-cd app && php artisan migrate:fresh --env=testing 2>&1 | tail -10
-./vendor/bin/pest tests/Feature/Database/SupplierManualSyncQueueSchemaTest.php
-```
-
-Ожидаемо: миграция применяется чисто, schema-тесты PASS.
-
-- [ ] **Step 12.7: Финальный commit «closure marker».**
-
-```bash
-cd "C:/моя/проекты/портал crm/Документация"
-git status
-git commit --allow-empty -m "docs(supplier): closure — project channel failover epic
-
-Все 12 задач плана docs/superpowers/plans/2026-05-19-supplier-project-channel-failover.md
-выполнены. Регрессия зелёная: Pest + larastan 0 + Vitest + lefthook
-pre-push + lychee. Live smoke прошёл по всем трём ярусам.
-
-Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>"
-```
-
-- [ ] **Step 12.8: Push.**
-
-```bash
-git push origin feat/supplier-project-failover:main
-```
-
-Ожидаемо: lefthook pre-push (gitleaks-full + lychee) зелёный, push принят.
-
----
-
-## Self-Review
-
-**Spec coverage** — все секции §1-§11 покрыты:
-
-- §1 Цель → Goal + Task 1 verification.
-- §2 Граница и пределы → отражено в спеке-источнике, в плане не дублируется.
-- §3 Архитектура трёх ярусов → Tasks 2 (interface+Ajax), 6+7 (Form), 4+5 (Failover+dedup).
-- §4 Компоненты — все семь подпунктов: §4.1 interface (Task 2), §4.2 Ajax (Task 2), §4.3 Form (Task 6+7), §4.4 Failover (Task 4+5), §4.5 supplier_manual_sync_queue (Task 3), §4.6 Admin UI (Task 10+11), §4.7 Schedule (Task 9).
-- §5 Поток данных → Task 8 (job wiring).
-- §6 Обработка ошибок → Task 4 (escalation matrix).
-- §7 Идемпотентность → Task 5.
-- §8 Временное окно (WindowDeferred) → Task 4 (exception class + test).
-- §9 Тестирование → каждая task имеет тест-шаг.
-- §10 YAGNI → отражено как «Out of scope».
-- §11 Журнал решений → решения отражены в коде/комментариях соответствующих task'ов.
-
-**Placeholder-скан:** `<ACTUAL_PATH_FROM_RECON>` в Task 1 — намеренный шаблон, Step 1.3 заполняет фактическими значениями из живой разведки. Не plan-failure, а discovery-output.
-
-**Type consistency:** `SupplierProjectChannel` интерфейс с `createProject/updateProject/listProjects` единообразно используется во всех task'ах. `createProjectForLiderra/updateProjectForLiderra` (bridge-методы) определены в Task 4 и используются в Task 8 — имена согласованы. `SupplierManualSyncQueue` модель — Task 3, используется в Task 4 (escalateToTier3), Task 10, Task 11. `TierEscalatedException` и `WindowDeferredException` — Task 4, ловятся в Task 8 jobs.
-
----
-
-**Plan complete and saved to `docs/superpowers/plans/2026-05-19-supplier-project-channel-failover.md`.**
-
-Два варианта исполнения:
-
-**1. Subagent-Driven (recommended)** — свежий субагент на каждую задачу, двухстадийное ревью между задачами (spec compliance → code quality), быстрая итерация. Sonnet/Opus обязательны для git-задач (Pravila §15.1; см. memory `feedback_subagent_git_reliability.md`).
-
-**2. Inline Execution** — батч в этой сессии через `superpowers:executing-plans`, чекпоинты для ревью.
-
-Какой подход?
diff --git a/docs/superpowers/plans/2026-05-20-project-migration-redesign-plan-4-admin-lk.md b/docs/superpowers/plans/2026-05-20-project-migration-redesign-plan-4-admin-lk.md
deleted file mode 100644
index f3ef8a6..0000000
--- a/docs/superpowers/plans/2026-05-20-project-migration-redesign-plan-4-admin-lk.md
+++ /dev/null
@@ -1,465 +0,0 @@
-# Переделка миграции проектов — План 4: админка (тумблер + очистка) + ЛК
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Доделать UI эпика: глобальный тумблер режима экспорта (online/batch) в админке; ручной экран «Проекты у поставщика» (кто заказывал · дата последней поставки · bulk-удаление); в ЛК — обязательный выбор региона + явная опция «Вся РФ» с предупреждением и подтверждением.
-
-**Architecture:** Бэкенд — `AdminSupplierIntegrationController` +4 метода (getExportMode/setExportMode/projectsIndex/projectsDestroy), удаление на портале через `SupplierPortalClient::deleteProject` (pivot CASCADE снимает локальные связи). Фронт — тумблер в `AdminSupplierIntegrationView.vue` + новый `AdminSupplierProjectsView.vue` (таблица + bulk-delete) + роут/nav. ЛК — `NewProjectDialog.vue`: вернуть sentinel «Вся РФ» (code 0), взаимоисключение с субъектами, предупреждение-диалог + блок submit без выбора. «Require region» — UI-гейт (на бэке `regions=[]` = «Вся РФ» неотличим от «забыл»; backend-валидация `present|array` без изменений).
-
-**Tech Stack:** PHP 8.3 / Laravel 13 / Vue 3 + Vuetify 3 / Pest 4 / Vitest.
-
-**Spec:** [docs/superpowers/specs/2026-05-20-project-migration-redesign-design.md](../specs/2026-05-20-project-migration-redesign-design.md) §4.1 (тумблер), §4.7 (очистка), §4.8 (ЛК).
-
-**Prereq:** Планы 1+2+3 исполнены (pivot, subject_code, supplier_export_mode seed, SupplierExportMode резолвер, per-субъект supplier_projects).
-
----
-
-## Task 1: тумблер режима экспорта (бэкенд + UI)
-
-**Files:**
-
-- Modify: `app/app/Http/Controllers/Api/AdminSupplierIntegrationController.php` (+`getExportMode`, +`setExportMode`)
-- Modify: `app/routes/*` (роуты в admin-группе рядом с supplier-integration; найти по `AdminSupplierIntegrationController`)
-- Modify: `app/resources/js/views/admin/AdminSupplierIntegrationView.vue` (+тумблер)
-- Test: `app/tests/Feature/Admin/SupplierExportModeEndpointTest.php`
-
-- [ ] **Step 1: Написать падающий тест (бэкенд)**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\SaasAdminUser;
-use Illuminate\Support\Facades\DB;
-
-it('GET export-mode returns current; POST switches it', function (): void {
-    $admin = SaasAdminUser::factory()->create(); // адаптировать под фактическую admin-аутентификацию проекта
-    DB::table('system_settings')->where('key', 'supplier_export_mode')->update(['value' => 'batch']);
-
-    $this->actingAs($admin, 'saas_admin')
-        ->getJson('/api/admin/supplier-integration/export-mode')
-        ->assertOk()->assertJson(['mode' => 'batch']);
-
-    $this->actingAs($admin, 'saas_admin')
-        ->postJson('/api/admin/supplier-integration/export-mode', ['mode' => 'online'])
-        ->assertOk()->assertJson(['mode' => 'online']);
-
-    expect(DB::table('system_settings')->where('key', 'supplier_export_mode')->value('value'))->toBe('online');
-});
-
-it('POST export-mode rejects invalid value', function (): void {
-    $admin = SaasAdminUser::factory()->create();
-    $this->actingAs($admin, 'saas_admin')
-        ->postJson('/api/admin/supplier-integration/export-mode', ['mode' => 'turbo'])
-        ->assertStatus(422);
-});
-```
-
-(Admin-guard/factory — привести к фактическому паттерну из существующих `app/tests/Feature/Admin/*` тестов.)
-
-- [ ] **Step 2: Прогнать — падает**
-
-Run: `php artisan test --filter=SupplierExportModeEndpointTest`
-Expected: FAIL — методов/роутов нет.
-
-- [ ] **Step 3: Добавить методы в контроллер**
-
-В `AdminSupplierIntegrationController`:
-
-```php
-    public function getExportMode(): JsonResponse
-    {
-        return response()->json(['mode' => \App\Services\Supplier\SupplierExportMode::current()]);
-    }
-
-    public function setExportMode(Request $request): JsonResponse
-    {
-        $data = $request->validate([
-            'mode' => ['required', 'in:online,batch'],
-        ]);
-
-        DB::table('system_settings')->updateOrInsert(
-            ['key' => 'supplier_export_mode'],
-            ['value' => $data['mode'], 'type' => 'string', 'updated_at' => now()],
-        );
-
-        return response()->json(['mode' => $data['mode']]);
-    }
-```
-
-- [ ] **Step 4: Зарегистрировать роуты**
-
-Рядом с существующими роутами `AdminSupplierIntegrationController` (найти `supplier-integration` в `app/routes/`), в той же группе (auth:saas_admin / admin middleware):
-
-```php
-Route::get('admin/supplier-integration/export-mode', [AdminSupplierIntegrationController::class, 'getExportMode']);
-Route::post('admin/supplier-integration/export-mode', [AdminSupplierIntegrationController::class, 'setExportMode']);
-```
-
-- [ ] **Step 5: Прогнать тест — зелёный**
-
-Run: `php artisan test --filter=SupplierExportModeEndpointTest`
-Expected: PASS (2). Полный вывод.
-
-- [ ] **Step 6: UI-тумблер в `AdminSupplierIntegrationView.vue`**
-
-Добавить секцию «Режим экспорта проектов» с `<v-switch>` / `<v-btn-toggle>` (online|batch): на mount GET `/api/admin/supplier-integration/export-mode`, при смене POST. Подпись: «Онлайн — перенос сразу при правке; Пакетный — ночной 18:00». Vitest-стаб API.
-
-- [ ] **Step 7: Vitest для тумблера**
-
-`app/resources/js/views/admin/__tests__/AdminSupplierIntegrationView.export-mode.spec.ts` — mount, mock GET возвращает batch → переключение шлёт POST online. Run: `npm run test:vue -- AdminSupplierIntegrationView.export-mode`. Expected: PASS.
-
-- [ ] **Step 8: pint + larastan + Коммит**
-
-```bash
-composer pint; composer stan
-git add -- app/app/Http/Controllers/Api/AdminSupplierIntegrationController.php app/routes app/resources/js/views/admin/AdminSupplierIntegrationView.vue app/resources/js/views/admin/__tests__/AdminSupplierIntegrationView.export-mode.spec.ts app/tests/Feature/Admin/SupplierExportModeEndpointTest.php
-git commit -m "feat(admin): supplier export-mode toggle (online|batch) endpoint + UI" -- app/app/Http/Controllers/Api/AdminSupplierIntegrationController.php app/routes app/resources/js/views/admin/AdminSupplierIntegrationView.vue app/resources/js/views/admin/__tests__/AdminSupplierIntegrationView.export-mode.spec.ts app/tests/Feature/Admin/SupplierExportModeEndpointTest.php
-```
-
----
-
-## Task 2: экран «Проекты у поставщика» — бэкенд (список + bulk-delete)
-
-**Files:**
-
-- Modify: `app/app/Http/Controllers/Api/AdminSupplierIntegrationController.php` (+`projectsIndex`, +`projectsDestroy`)
-- Modify: `app/routes/*` (2 роута)
-- Test: `app/tests/Feature/Admin/SupplierProjectsAdminTest.php`
-
-- [ ] **Step 1: Написать падающий тест**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Project;
-use App\Models\SaasAdminUser;
-use App\Models\SupplierProject;
-use App\Models\Tenant;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Http;
-
-it('lists supplier projects with orderers and last delivery date', function (): void {
-    $admin = SaasAdminUser::factory()->create();
-    $tenant = Tenant::factory()->create(['name' => 'ООО Ромашка']);
-    $sp = SupplierProject::query()->create([
-        'platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'okna.ru',
-        'subject_code' => 82, 'current_limit' => 5, 'sync_status' => 'ok', 'supplier_external_id' => '777',
-    ]);
-    $project = Project::factory()->create(['tenant_id' => $tenant->id, 'is_active' => true]);
-    DB::table('project_supplier_links')->insert([
-        'project_id' => $project->id, 'supplier_project_id' => $sp->id, 'platform' => 'B1', 'subject_code' => 82,
-    ]);
-
-    $resp = $this->actingAs($admin, 'saas_admin')
-        ->getJson('/api/admin/supplier-integration/projects')->assertOk()->json();
-
-    $row = collect($resp['projects'])->firstWhere('id', $sp->id);
-    expect($row['unique_key'])->toBe('okna.ru')
-        ->and($row['subject_code'])->toBe(82)
-        ->and($row['orderers'])->toContain('ООО Ромашка');
-});
-
-it('bulk-deletes selected supplier projects on portal + locally (pivot cascades)', function (): void {
-    Http::fake(['*/admin/visit/rt-project-delete' => Http::response(['status' => 'OK'], 200)]);
-    $admin = SaasAdminUser::factory()->create();
-    $sp = SupplierProject::query()->create([
-        'platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'del.ru',
-        'subject_code' => 82, 'current_limit' => 0, 'sync_status' => 'ok', 'supplier_external_id' => '888',
-    ]);
-
-    $this->actingAs($admin, 'saas_admin')
-        ->postJson('/api/admin/supplier-integration/projects/delete', ['ids' => [$sp->id]])
-        ->assertOk()->assertJson(['deleted' => 1]);
-
-    expect(SupplierProject::find($sp->id))->toBeNull();
-    Http::assertSent(fn ($r) => str_contains($r->url(), 'rt-project-delete'));
-});
-```
-
-- [ ] **Step 2: Прогнать — падает**
-
-Run: `php artisan test --filter=SupplierProjectsAdminTest`
-Expected: FAIL — методов/роутов нет.
-
-- [ ] **Step 3: Добавить методы**
-
-В `AdminSupplierIntegrationController` (+ импорт `use App\Services\Supplier\SupplierPortalClient;`):
-
-```php
-    public function projectsIndex(): JsonResponse
-    {
-        $conn = DB::connection('pgsql_supplier');
-
-        $projects = $conn->table('supplier_projects as sp')
-            ->select('sp.id', 'sp.platform', 'sp.signal_type', 'sp.unique_key', 'sp.subject_code', 'sp.supplier_external_id', 'sp.current_limit', 'sp.inactive_since')
-            ->orderBy('sp.unique_key')->orderBy('sp.subject_code')->orderBy('sp.platform')
-            ->get()
-            ->map(function ($sp) use ($conn): array {
-                $orderers = $conn->table('project_supplier_links as psl')
-                    ->join('projects as p', 'p.id', '=', 'psl.project_id')
-                    ->join('tenants as t', 't.id', '=', 'p.tenant_id')
-                    ->where('psl.supplier_project_id', $sp->id)
-                    ->where('p.is_active', true)
-                    ->distinct()->pluck('t.name')->all();
-
-                $lastDelivery = $conn->table('supplier_leads')
-                    ->where('supplier_project_id', $sp->id)
-                    ->max('created_at');
-
-                return [
-                    'id' => $sp->id,
-                    'platform' => $sp->platform,
-                    'signal_type' => $sp->signal_type,
-                    'unique_key' => $sp->unique_key,
-                    'subject_code' => $sp->subject_code !== null ? (int) $sp->subject_code : null,
-                    'subject_name' => $sp->subject_code !== null
-                        ? (\App\Support\RussianRegions::CODE_TO_NAME[(int) $sp->subject_code] ?? null)
-                        : 'РФ',
-                    'current_limit' => (int) $sp->current_limit,
-                    'orderers' => $orderers,
-                    'last_delivery_at' => $lastDelivery,
-                ];
-            });
-
-        return response()->json(['projects' => $projects->all()]);
-    }
-
-    public function projectsDestroy(Request $request, SupplierPortalClient $client): JsonResponse
-    {
-        $data = $request->validate([
-            'ids' => ['required', 'array', 'min:1'],
-            'ids.*' => ['integer'],
-        ]);
-
-        $deleted = 0;
-        $failures = [];
-
-        foreach (SupplierProject::whereIn('id', $data['ids'])->get() as $sp) {
-            try {
-                if ($sp->supplier_external_id !== null) {
-                    $client->deleteProject((int) $sp->supplier_external_id);
-                }
-                $sp->delete(); // project_supplier_links снимутся CASCADE
-                $deleted++;
-            } catch (\Throwable $e) {
-                $failures[] = ['id' => $sp->id, 'error' => $e->getMessage()];
-            }
-        }
-
-        return response()->json(['deleted' => $deleted, 'failures' => $failures]);
-    }
-```
-
-- [ ] **Step 4: Роуты**
-
-```php
-Route::get('admin/supplier-integration/projects', [AdminSupplierIntegrationController::class, 'projectsIndex']);
-Route::post('admin/supplier-integration/projects/delete', [AdminSupplierIntegrationController::class, 'projectsDestroy']);
-```
-
-- [ ] **Step 5: Прогнать тест — зелёный**
-
-Run: `php artisan test --filter=SupplierProjectsAdminTest`
-Expected: PASS (2). Полный вывод; failed — file:line.
-
-- [ ] **Step 6: pint + larastan + Коммит**
-
-```bash
-composer pint; composer stan
-git add -- app/app/Http/Controllers/Api/AdminSupplierIntegrationController.php app/routes app/tests/Feature/Admin/SupplierProjectsAdminTest.php
-git commit -m "feat(admin): supplier projects list (orderers, last delivery) + bulk delete" -- app/app/Http/Controllers/Api/AdminSupplierIntegrationController.php app/routes app/tests/Feature/Admin/SupplierProjectsAdminTest.php
-```
-
----
-
-## Task 3: экран «Проекты у поставщика» — фронтенд
-
-**Files:**
-
-- Create: `app/resources/js/views/admin/AdminSupplierProjectsView.vue`
-- Modify: `app/resources/js/router/index.ts` (роут `/admin/supplier-projects`)
-- Modify: `app/resources/js/layouts/AdminLayout.vue` (nav-пункт)
-- Test: `app/resources/js/views/admin/__tests__/AdminSupplierProjectsView.spec.ts`
-
-- [ ] **Step 1: Написать падающий Vitest**
-
-```ts
-import { mount } from '@vue/test-utils';
-import { describe, it, expect, vi, beforeEach } from 'vitest';
-import { createVuetify } from 'vuetify';
-import AdminSupplierProjectsView from '../AdminSupplierProjectsView.vue';
-import { apiClient } from '../../../api/client';
-
-vi.mock('../../../api/client', () => ({ apiClient: { get: vi.fn(), post: vi.fn() }, ensureCsrfCookie: vi.fn() }));
-
-describe('AdminSupplierProjectsView', () => {
-    beforeEach(() => vi.clearAllMocks());
-
-    it('renders rows with orderers + last delivery and bulk-deletes selected', async () => {
-        (apiClient.get as any).mockResolvedValue({ data: { projects: [
-            { id: 1, platform: 'B1', unique_key: 'okna.ru', subject_name: 'Москва', current_limit: 5, orderers: ['ООО Ромашка'], last_delivery_at: '2026-05-19T10:00:00Z' },
-        ] } });
-        (apiClient.post as any).mockResolvedValue({ data: { deleted: 1, failures: [] } });
-
-        const wrapper = mount(AdminSupplierProjectsView, { global: { plugins: [createVuetify()] } });
-        await flushPromises();
-        expect(wrapper.text()).toContain('okna.ru');
-        expect(wrapper.text()).toContain('ООО Ромашка');
-
-        // выбрать строку + удалить
-        await wrapper.find('[data-testid="row-checkbox-1"]').setValue(true);
-        await wrapper.find('[data-testid="bulk-delete-btn"]').trigger('click');
-        // подтверждение → confirm
-        await wrapper.find('[data-testid="confirm-delete-btn"]').trigger('click');
-        await flushPromises();
-        expect(apiClient.post).toHaveBeenCalledWith('/api/admin/supplier-integration/projects/delete', { ids: [1] });
-    });
-});
-```
-
-(`flushPromises` — импортировать из `@vue/test-utils`; адаптировать селекторы под фактическую разметку компонента.)
-
-- [ ] **Step 2: Прогнать — падает**
-
-Run: `npm run test:vue -- AdminSupplierProjectsView`
-Expected: FAIL — компонента нет.
-
-- [ ] **Step 3: Создать `AdminSupplierProjectsView.vue`**
-
-Таблица `<v-data-table>` колонки: чекбокс · Источник (`unique_key`) · Платформа · Регион (`subject_name`) · Лимит · Кто заказывал (`orderers.join(', ')`) · Последняя поставка (`last_delivery_at` форматом даты, «—» если null). Над таблицей — `<v-btn data-testid="bulk-delete-btn" :disabled="selected.length===0">Удалить выбранные</v-btn>`. По клику — `<v-dialog>` подтверждения с `data-testid="confirm-delete-btn"` → POST `/api/admin/supplier-integration/projects/delete` `{ids: selected}` → refresh + snackbar (deleted/failures). Иконки — Lucide через IconSet (не mdi). Загрузка списка на mount GET `/api/admin/supplier-integration/projects`.
-
-- [ ] **Step 4: Роут + nav**
-
-- `router/index.ts`: `{ path: '/admin/supplier-projects', component: () => import('../views/admin/AdminSupplierProjectsView.vue'), meta: { layout: 'app', requiresAdmin: true } }` (адаптировать под фактический meta-паттерн admin-роутов).
-- `AdminLayout.vue`: nav-пункт «Проекты у поставщика» (Lucide-иконка).
-
-- [ ] **Step 5: Прогнать Vitest — зелёный**
-
-Run: `npm run test:vue -- AdminSupplierProjectsView`
-Expected: PASS. Полный вывод.
-
-- [ ] **Step 6: type-check + lint + Коммит**
-
-```bash
-npm run type-check; npm run lint:vue
-git add -- app/resources/js/views/admin/AdminSupplierProjectsView.vue app/resources/js/router/index.ts app/resources/js/layouts/AdminLayout.vue app/resources/js/views/admin/__tests__/AdminSupplierProjectsView.spec.ts
-git commit -m "feat(admin): supplier projects cleanup screen (list + bulk delete)" -- app/resources/js/views/admin/AdminSupplierProjectsView.vue app/resources/js/router/index.ts app/resources/js/layouts/AdminLayout.vue app/resources/js/views/admin/__tests__/AdminSupplierProjectsView.spec.ts
-```
-
----
-
-## Task 4: ЛК — обязательный регион + «Вся РФ» с предупреждением
-
-**Files:**
-
-- Modify: `app/resources/js/views/projects/NewProjectDialog.vue`
-- Test: `app/resources/js/views/projects/__tests__/NewProjectDialog.regions.spec.ts`
-
-- [ ] **Step 1: Написать падающий Vitest**
-
-```ts
-import { mount } from '@vue/test-utils';
-import { describe, it, expect, vi, beforeEach } from 'vitest';
-import { createVuetify } from 'vuetify';
-import NewProjectDialog from '../NewProjectDialog.vue';
-
-vi.mock('../../../api/client', () => ({ apiClient: { post: vi.fn().mockResolvedValue({}) }, ensureCsrfCookie: vi.fn(), extractErrorMessage: () => '' }));
-
-const mountDialog = () => mount(NewProjectDialog, {
-    props: { modelValue: true, mode: 'create' },
-    global: { plugins: [createVuetify()], stubs: { DevIndexBadge: true } },
-});
-
-describe('NewProjectDialog regions gate', () => {
-    beforeEach(() => vi.clearAllMocks());
-
-    it('blocks submit when no region chosen', async () => {
-        const w = mountDialog();
-        // заполнить остальные обязательные поля минимально...
-        await w.find('[data-testid="submit-btn"]').trigger('click');
-        const { apiClient } = await import('../../../api/client');
-        expect(apiClient.post).not.toHaveBeenCalled();
-        expect(w.text()).toContain('Выберите регион'); // ошибка-валидации
-    });
-
-    it('selecting «Вся РФ» shows warning and requires confirm before submit; sends regions=[]', async () => {
-        const w = mountDialog();
-        // выбрать «Вся РФ» (sentinel)
-        await w.vm.$nextTick();
-        (w.vm as any).chooseVsyaRf?.(); // или установить form.regions=[0] через UI
-        await w.vm.$nextTick();
-        expect(w.text()).toContain('всю Россию'); // предупреждение
-        await w.find('[data-testid="confirm-vsya-rf"]').trigger('click');
-        // заполнить прочие поля + submit
-        await w.find('[data-testid="submit-btn"]').trigger('click');
-        const { apiClient } = await import('../../../api/client');
-        const payload = (apiClient.post as any).mock.calls[0][1];
-        expect(payload.regions).toEqual([]);
-    });
-});
-```
-
-(Селекторы/хелперы — адаптировать под фактическую разметку; ключевые проверки: (1) пустой выбор → submit заблокирован + ошибка; (2) «Вся РФ» → предупреждение + подтверждение → `regions:[]`.)
-
-- [ ] **Step 2: Прогнать — падает**
-
-Run: `npm run test:vue -- NewProjectDialog.regions`
-Expected: FAIL — гейта/опции «Вся РФ»/предупреждения нет.
-
-- [ ] **Step 3: Доработать `NewProjectDialog.vue`**
-
-- Вернуть «Вся РФ» в опции: `selectableRegions` ([NewProjectDialog.vue:154](../../../app/resources/js/views/projects/NewProjectDialog.vue#L154)) — включить sentinel `code:0` (или отдельный чекбокс «Вся РФ»).
-- **Взаимоисключение:** выбор «Вся РФ» очищает конкретные субъекты и наоборот.
-- **Предупреждение:** при выборе «Вся РФ» — `<v-dialog>`/`<v-alert>` «Вы выбрали всю Россию — проект будет получать лиды по всем регионам» + кнопка `data-testid="confirm-vsya-rf"`; без подтверждения «Вся РФ» не считается выбранной.
-- **Гейт submit:** `submit()` блокируется (ошибка `errors.regions = ['Выберите регион']`), если не выбрано ни субъектов, ни подтверждённой «Вся РФ». Submit-кнопка `:disabled` либо ранний `return` в `submit()`.
-- **Маппинг на API:** «Вся РФ» → `form.regions = []` (sentinel 0 не отправлять); конкретные → коды субъектов как сейчас.
-- Подпись поля: «Источник» / регион — оставить «Регионы» (но убрать «(пусто = вся РФ)», т.к. пусто теперь = не выбрано / ошибка).
-
-- [ ] **Step 4: Прогнать Vitest — зелёный**
-
-Run: `npm run test:vue -- NewProjectDialog.regions`
-Expected: PASS. Полный вывод. Прогнать также существующие `NewProjectDialog` specs — не сломаны (если дефолт изменился — поправить старые ожидания «regions=[]»).
-
-- [ ] **Step 5: type-check + lint + Коммит**
-
-```bash
-npm run type-check; npm run lint:vue
-git add -- app/resources/js/views/projects/NewProjectDialog.vue app/resources/js/views/projects/__tests__/NewProjectDialog.regions.spec.ts
-git commit -m "feat(projects): require region + explicit «Вся РФ» with warning gate" -- app/resources/js/views/projects/NewProjectDialog.vue app/resources/js/views/projects/__tests__/NewProjectDialog.regions.spec.ts
-```
-
----
-
-## Task 5: Регрессия эпика (полная)
-
-**Files:** нет (проверка).
-
-- [ ] **Step 1: Backend full Supplier/Admin/Jobs**
-
-Run: `php artisan test app/tests/Feature/Supplier app/tests/Feature/Admin app/tests/Feature/Jobs app/tests/Feature/Schedule app/tests/Unit/Services`
-Expected: GREEN. passed/failed; failed — file:line.
-
-- [ ] **Step 2: Frontend Vitest**
-
-Run: `npm run test:vue`
-Expected: GREEN (или `--maxWorkers=2` при OOM — квирк 98).
-
-- [ ] **Step 3: Полный regression sweep**
-
-Run: `/regression full` (Pest --parallel + Larastan + Vitest + Vite build + lychee + gitleaks). Привести каноническую статус-строку + вердикт.
-
-- [ ] **Step 4 (verification-before-completion):** перед «План 4 / эпик готов» — invoke `superpowers:verification-before-completion`; фактический вывод, не «должно проходить».
-
----
-
-## Self-review (выполнен при написании плана)
-
-- **Покрытие spec §4.1/§4.7/§4.8:** тумблер режима endpoint+UI (T1); экран очистки — список (кто заказывал через pivot→projects→tenants, дата последней поставки = max supplier_leads.created_at) + bulk-delete через `deleteProject` + CASCADE pivot (T2 бэкенд, T3 фронт); ЛК require-region UI-гейт + «Вся РФ» предупреждение/подтверждение/взаимоисключение, regions=[] на API (T4).
-- **Без плейсхолдеров:** бэкенд-код полный (контроллер, тесты). Фронт — структура компонента + ключевая логика + Vitest с `data-testid`; точные селекторы помечены «адаптировать под разметку» (компонент создаётся в этом же таске — не внешняя неизвестность).
-- **Согласованность типов:** `mode` ∈ {online,batch} единообразно (резолвер План 3 + endpoint); `projectsIndex` отдаёт `subject_code:int|null` + `subject_name` (RussianRegions из Плана 2); `projectsDestroy` `{ids:int[]}` → `{deleted,failures}`; ЛК → `regions:int[]` (пусто=Вся РФ) совпадает с StoreProjectRequest `present|array`.
-- **Граница require-region:** на бэке `regions=[]` (Вся РФ) и «забыл» неотличимы → гейт намеренно UI-only (T4); backend-валидация `present|array` не меняется (P1: Вся РФ — валидный пустой массив).
-- **Риск:** admin-аутентификация в тестах (`saas_admin` guard / factory) — привести к фактическому паттерну существующих `app/tests/Feature/Admin/*`; роуты — в ту же группу, что текущие `AdminSupplierIntegrationController` методы.
diff --git a/docs/superpowers/plans/2026-05-22-supplier-projects-import-lkomega.md b/docs/superpowers/plans/2026-05-22-supplier-projects-import-lkomega.md
deleted file mode 100644
index d427448..0000000
--- a/docs/superpowers/plans/2026-05-22-supplier-projects-import-lkomega.md
+++ /dev/null
@@ -1,1396 +0,0 @@
-# Supplier Projects Import (lkomega → info@lkomega.ru) Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Одноразовая artisan-команда, которая усыновляет активные проекты поставщика crm.bp-gr.ru (аккаунт lkomega) как проекты Лидерры под тенантом info@lkomega.ru — по правилам Лидерры (B1/B2/B3 → один проект, лимит = сумма площадок), без записи на портал.
-
-**Architecture:** Чистый сервис `SupplierProjectImporter` (читает `listProjects`, группирует, реверс-маппит регионы, строит план) + статические pure-хелперы `SupplierImportMapper` + artisan-команда (dry-run по умолчанию, `--commit` пишет в БД через `pgsql_supplier` BYPASSRLS, портал не дёргается). Зеркалит create-ветку `SyncSupplierProjectsJob`, но external_id берёт из `listProjects` вместо `saveProjectMultiFlag`.
-
-**Tech Stack:** PHP 8.3, Laravel 13, Pest 4, PostgreSQL 16 (RLS + pgsql_supplier BYPASSRLS connection), Eloquent.
-
-**Spec:** `docs/superpowers/specs/2026-05-22-supplier-projects-import-lkomega-design.md`
-
-**Рабочая директория:** Laravel-приложение в `app/` (composer/artisan/pest запускаются из `app/`). Пути ниже — относительно `app/` если начинаются с `app/Services` и т.п.; путь спеки — от корня репо.
-
----
-
-## File Structure
-
-- Create: `app/app/Services/Supplier/Import/SupplierImportMapper.php` — pure static хелперы (src→platform, type→signal_type, парсинг ГИБДД-регионов, workdays→mask, парсинг sms-content).
-- Create: `app/app/Services/Supplier/Import/SupplierProjectImporter.php` — `buildPlan(int $tenantId): array` (read-only) + `commit(array $plan, int $tenantId): array` (запись).
-- Create: `app/app/Console/Commands/ImportSupplierProjectsCommand.php` — artisan `supplier:import-projects`.
-- Modify: `app/app/Support/SupplierRegions.php` — добавить `mapFromSupplier()` (инверсия `LIDERRA_TO_SUPPLIER`).
-- Test: `app/tests/Unit/Supplier/SupplierImportMapperTest.php`
-- Test: `app/tests/Unit/Supplier/SupplierRegionsTest.php` (существует — добавить кейсы `mapFromSupplier`)
-- Test: `app/tests/Feature/Supplier/SupplierProjectImporterTest.php`
-- Test: `app/tests/Feature/Supplier/ImportSupplierProjectsCommandTest.php`
-
-**Plan data shape** (массив, как в `SyncSupplierProjectsJob`):
-
-```
-planned item = [
-  'signal_type'        => 'site'|'call'|'sms',
-  'signal_identifier'  => string|null,   // content для site/call; null для sms
-  'sms_senders'        => list<string>,  // для sms (иначе [])
-  'sms_keyword'        => string|null,   // для sms B2 (иначе null)
-  'name'               => string,
-  'tag'                => string,        // кампания с портала
-  'regions'            => list<int>,     // Лидерра-коды (union, reverse), [] = вся РФ
-  'delivery_days_mask' => int,           // union по площадкам
-  'daily_limit_target' => int,           // СУММА lim активных площадок
-  'platforms'          => list<array{platform:string, external_id:int, lim:int}>,
-]
-skipped item = ['reason' => string, 'label' => string]  // label — маскируется при печати
-```
-
----
-
-## Task 1: SupplierRegions::mapFromSupplier (инверсия ГИБДД→Лидерра)
-
-**Files:**
-
-- Modify: `app/app/Support/SupplierRegions.php`
-- Test: `app/tests/Unit/Supplier/SupplierRegionsTest.php`
-
-- [ ] **Step 1: Write the failing test**
-
-Добавить в конец `app/tests/Unit/Supplier/SupplierRegionsTest.php` (файл уже использует `uses(TestCase::class)` — см. существующую шапку; если нет, добавить `uses(Tests\TestCase::class);` после `use`-блока, иначе `Log` facade упадёт):
-
-```php
-test('mapFromSupplier inverts LIDERRA_TO_SUPPLIER bijection', function (): void {
-    // ГИБДД 24 → Лидерра 29 (Красноярский); ГИБДД 77 → Лидерра 82 (Москва)
-    expect(\App\Support\SupplierRegions::mapFromSupplier([24]))->toBe([29]);
-    expect(\App\Support\SupplierRegions::mapFromSupplier([77]))->toBe([82]);
-});
-
-test('mapFromSupplier maps multiple codes, sorted ascending, deduped', function (): void {
-    // ГИБДД 77→82 (Москва), 78→83 (СПб), 24→29 (Красноярский)
-    expect(\App\Support\SupplierRegions::mapFromSupplier([78, 24, 77, 24]))->toBe([29, 82, 83]);
-});
-
-test('mapFromSupplier drops unknown supplier codes', function (): void {
-    // 999 нет в карте → отброшен; 24 → 29
-    expect(\App\Support\SupplierRegions::mapFromSupplier([999, 24]))->toBe([29]);
-});
-
-test('mapFromSupplier returns [] for empty input', function (): void {
-    expect(\App\Support\SupplierRegions::mapFromSupplier([]))->toBe([]);
-});
-```
-
-- [ ] **Step 2: Run test to verify it fails**
-
-Run: `cd app && ./vendor/bin/pest tests/Unit/Supplier/SupplierRegionsTest.php --filter=mapFromSupplier`
-Expected: FAIL — `Call to undefined method App\Support\SupplierRegions::mapFromSupplier()`
-
-- [ ] **Step 3: Write minimal implementation**
-
-Добавить метод в `app/app/Support/SupplierRegions.php` после `mapToSupplier()` (перед закрывающей `}` класса):
-
-```php
-    /**
-     * Инверсия {@see mapToSupplier}: коды поставщика (ГИБДД) → Лидерра-коды
-     * (конституционный порядок). Неизвестные коды поставщика отбрасываются
-     * с warning'ом. Результат — уникальные Лидерра-коды по возрастанию.
-     *
-     * @param  list<int>|array<int|string, int|string>  $supplierCodes
-     * @return list<int>
-     */
-    public static function mapFromSupplier(array $supplierCodes): array
-    {
-        /** @var array<int, int> $supplierToLiderra */
-        $supplierToLiderra = array_flip(self::LIDERRA_TO_SUPPLIER);
-
-        $out = [];
-        $dropped = [];
-
-        foreach ($supplierCodes as $code) {
-            $code = (int) $code;
-            if (isset($supplierToLiderra[$code])) {
-                $out[$supplierToLiderra[$code]] = true;
-            } else {
-                $dropped[] = $code;
-            }
-        }
-
-        if ($dropped !== []) {
-            Log::warning('supplier.regions.unmapped_reverse', [
-                'supplier_codes' => $dropped,
-                'note' => 'supplier code has no Liderra equivalent — dropped on import',
-            ]);
-        }
-
-        $codes = array_keys($out);
-        sort($codes);
-
-        return $codes;
-    }
-```
-
-- [ ] **Step 4: Run test to verify it passes**
-
-Run: `cd app && ./vendor/bin/pest tests/Unit/Supplier/SupplierRegionsTest.php --filter=mapFromSupplier`
-Expected: PASS (4 tests)
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/app/Support/SupplierRegions.php app/tests/Unit/Supplier/SupplierRegionsTest.php
-git commit -m "feat(supplier-import): SupplierRegions::mapFromSupplier — обратная карта ГИБДД→Лидерра"
-```
-
----
-
-## Task 2: SupplierImportMapper — pure хелперы
-
-**Files:**
-
-- Create: `app/app/Services/Supplier/Import/SupplierImportMapper.php`
-- Test: `app/tests/Unit/Supplier/SupplierImportMapperTest.php`
-
-- [ ] **Step 1: Write the failing test**
-
-Create `app/tests/Unit/Supplier/SupplierImportMapperTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Services\Supplier\Import\SupplierImportMapper;
-
-uses(Tests\TestCase::class);
-
-test('platformFromSrc maps rt/bl/mt to B1/B2/B3, others null', function (): void {
-    expect(SupplierImportMapper::platformFromSrc('rt'))->toBe('B1');
-    expect(SupplierImportMapper::platformFromSrc('bl'))->toBe('B2');
-    expect(SupplierImportMapper::platformFromSrc('mt'))->toBe('B3');
-    expect(SupplierImportMapper::platformFromSrc('dop2'))->toBeNull();
-    expect(SupplierImportMapper::platformFromSrc(''))->toBeNull();
-});
-
-test('signalTypeFromType maps calls/hosts/sms', function (): void {
-    expect(SupplierImportMapper::signalTypeFromType('calls'))->toBe('call');
-    expect(SupplierImportMapper::signalTypeFromType('hosts'))->toBe('site');
-    expect(SupplierImportMapper::signalTypeFromType('sms'))->toBe('sms');
-    expect(SupplierImportMapper::signalTypeFromType('unknown'))->toBeNull();
-});
-
-test('parseGibddRegions splits comma/space string of codes; empty → []', function (): void {
-    expect(SupplierImportMapper::parseGibddRegions('24'))->toBe([24]);
-    expect(SupplierImportMapper::parseGibddRegions('24,77'))->toBe([24, 77]);
-    expect(SupplierImportMapper::parseGibddRegions('24, 77 78'))->toBe([24, 77, 78]);
-    expect(SupplierImportMapper::parseGibddRegions(''))->toBe([]);
-    expect(SupplierImportMapper::parseGibddRegions(null))->toBe([]);
-});
-
-test('workdaysToMask converts string day list to bitmask (bit0=Mon)', function (): void {
-    // Пн-Пт = [1,2,3,4,5] → биты 0..4 = 1+2+4+8+16 = 31
-    expect(SupplierImportMapper::workdaysToMask(['1', '2', '3', '4', '5']))->toBe(31);
-    // Все 7 → 127
-    expect(SupplierImportMapper::workdaysToMask(['1', '2', '3', '4', '5', '6', '7']))->toBe(127);
-    // Пусто → 127 (по умолчанию все дни — портал-проект без явных дней работает всегда)
-    expect(SupplierImportMapper::workdaysToMask([]))->toBe(127);
-});
-
-test('parseSmsContent splits sender+keyword; sender-only when no plus', function (): void {
-    expect(SupplierImportMapper::parseSmsContent('79001234567+KVARTIRA'))
-        ->toBe(['sender' => '79001234567', 'keyword' => 'KVARTIRA']);
-    expect(SupplierImportMapper::parseSmsContent('79001234567'))
-        ->toBe(['sender' => '79001234567', 'keyword' => null]);
-    expect(SupplierImportMapper::parseSmsContent(''))
-        ->toBe(['sender' => '', 'keyword' => null]);
-});
-```
-
-- [ ] **Step 2: Run test to verify it fails**
-
-Run: `cd app && ./vendor/bin/pest tests/Unit/Supplier/SupplierImportMapperTest.php`
-Expected: FAIL — class `SupplierImportMapper` not found.
-
-- [ ] **Step 3: Write minimal implementation**
-
-Create `app/app/Services/Supplier/Import/SupplierImportMapper.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Supplier\Import;
-
-/**
- * Pure-хелперы перевода полей строки rt-проекта поставщика → поля Лидерры.
- * Без побочных эффектов и зависимостей — только статические функции.
- *
- * Spec: docs/superpowers/specs/2026-05-22-supplier-projects-import-lkomega-design.md §4
- */
-final class SupplierImportMapper
-{
-    private const SRC_TO_PLATFORM = ['rt' => 'B1', 'bl' => 'B2', 'mt' => 'B3'];
-
-    private const TYPE_TO_SIGNAL = ['calls' => 'call', 'hosts' => 'site', 'sms' => 'sms'];
-
-    public static function platformFromSrc(string $src): ?string
-    {
-        return self::SRC_TO_PLATFORM[$src] ?? null;
-    }
-
-    public static function signalTypeFromType(string $type): ?string
-    {
-        return self::TYPE_TO_SIGNAL[$type] ?? null;
-    }
-
-    /**
-     * Строку ГИБДД-кодов («24», «24,77», «24, 77 78») → list<int>.
-     * Пусто/null → [].
-     *
-     * @return list<int>
-     */
-    public static function parseGibddRegions(?string $regions): array
-    {
-        if ($regions === null) {
-            return [];
-        }
-        $parts = preg_split('/[,\s]+/', trim($regions), -1, PREG_SPLIT_NO_EMPTY);
-        if ($parts === false || $parts === []) {
-            return [];
-        }
-
-        return array_values(array_map(static fn (string $p): int => (int) $p, $parts));
-    }
-
-    /**
-     * Список дней-строк ["1".."7"] (1=Пн..7=Вс ISO) → битовая маска (bit0=Пн).
-     * Пусто → 127 (все дни).
-     *
-     * @param  list<int|string>  $workdays
-     */
-    public static function workdaysToMask(array $workdays): int
-    {
-        if ($workdays === []) {
-            return 127;
-        }
-        $mask = 0;
-        foreach ($workdays as $d) {
-            $day = (int) $d;
-            if ($day >= 1 && $day <= 7) {
-                $mask |= (1 << ($day - 1));
-            }
-        }
-
-        return $mask === 0 ? 127 : $mask;
-    }
-
-    /**
-     * sms-content: «sender+keyword» → ['sender'=>…, 'keyword'=>…];
-     * «sender» (без плюса) → ['sender'=>…, 'keyword'=>null].
-     *
-     * @return array{sender: string, keyword: string|null}
-     */
-    public static function parseSmsContent(string $content): array
-    {
-        $plus = strpos($content, '+');
-        if ($plus === false) {
-            return ['sender' => $content, 'keyword' => null];
-        }
-
-        return [
-            'sender' => substr($content, 0, $plus),
-            'keyword' => substr($content, $plus + 1),
-        ];
-    }
-}
-```
-
-- [ ] **Step 4: Run test to verify it passes**
-
-Run: `cd app && ./vendor/bin/pest tests/Unit/Supplier/SupplierImportMapperTest.php`
-Expected: PASS (5 tests)
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/app/Services/Supplier/Import/SupplierImportMapper.php app/tests/Unit/Supplier/SupplierImportMapperTest.php
-git commit -m "feat(supplier-import): SupplierImportMapper pure-хелперы (src/type/regions/workdays/sms)"
-```
-
----
-
-## Task 3: SupplierProjectImporter::buildPlan — site/call группировка + лимит-сумма
-
-**Files:**
-
-- Create: `app/app/Services/Supplier/Import/SupplierProjectImporter.php`
-- Test: `app/tests/Feature/Supplier/SupplierProjectImporterTest.php`
-
-Группировка site/call: ключ `(signal_type, content)`; платформа из `src`; лимит Лидерры = Σ `lim` активных площадок; регионы = union reverse-mapped; workdays = union; tag = первый непустой `tag` группы; идемпотентность по существующему Project — в Task 5.
-
-- [ ] **Step 1: Write the failing test**
-
-Create `app/tests/Feature/Supplier/SupplierProjectImporterTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Tenant;
-use App\Services\Supplier\Import\SupplierProjectImporter;
-use App\Services\Supplier\SupplierPortalClient;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Tests\Concerns\SharesSupplierPdo;
-
-uses(DatabaseTransactions::class);
-uses(SharesSupplierPdo::class);
-
-/**
- * Хелпер: importer с замоканным клиентом, отдающим заданные строки listProjects.
- *
- * @param  list<array<string, mixed>>  $rows
- */
-function importerWithRows(array $rows): SupplierProjectImporter
-{
-    $client = Mockery::mock(SupplierPortalClient::class);
-    $client->shouldReceive('listProjects')->andReturn($rows);
-
-    return new SupplierProjectImporter($client);
-}
-
-test('buildPlan groups B1/B2/B3 call rows into one planned project, limit = sum', function (): void {
-    $tenant = Tenant::factory()->create();
-
-    $plan = importerWithRows([
-        ['id' => '4001', 'src' => 'rt', 'type' => 'calls', 'content' => '79991112233', 'tag' => 'Каранга', 'lim' => '6', 'status' => true, 'regions' => '', 'workdays' => ['1', '2', '3', '4', '5']],
-        ['id' => '4002', 'src' => 'bl', 'type' => 'calls', 'content' => '79991112233', 'tag' => 'Каранга', 'lim' => '6', 'status' => true, 'regions' => '', 'workdays' => ['1', '2', '3', '4', '5']],
-        ['id' => '4003', 'src' => 'mt', 'type' => 'calls', 'content' => '79991112233', 'tag' => 'Каранга', 'lim' => '6', 'status' => true, 'regions' => '', 'workdays' => ['1', '2', '3', '4', '5']],
-    ])->buildPlan($tenant->id);
-
-    expect($plan['planned'])->toHaveCount(1);
-    $p = $plan['planned'][0];
-    expect($p['signal_type'])->toBe('call');
-    expect($p['signal_identifier'])->toBe('79991112233');
-    expect($p['daily_limit_target'])->toBe(18);              // 6+6+6
-    expect($p['delivery_days_mask'])->toBe(31);              // Пн-Пт
-    expect($p['tag'])->toBe('Каранга');
-    expect($p['regions'])->toBe([]);                          // вся РФ
-    expect(collect($p['platforms'])->pluck('platform')->sort()->values()->all())->toBe(['B1', 'B2', 'B3']);
-    expect(collect($p['platforms'])->firstWhere('platform', 'B1')['external_id'])->toBe(4001);
-});
-
-test('buildPlan skips inactive rows (status=false)', function (): void {
-    $tenant = Tenant::factory()->create();
-
-    $plan = importerWithRows([
-        ['id' => '5001', 'src' => 'rt', 'type' => 'calls', 'content' => '79995550000', 'tag' => 'X', 'lim' => '5', 'status' => false, 'regions' => '', 'workdays' => []],
-    ])->buildPlan($tenant->id);
-
-    expect($plan['planned'])->toHaveCount(0);
-});
-
-test('buildPlan skips dop2 (unsupported source) and reports it', function (): void {
-    $tenant = Tenant::factory()->create();
-
-    $plan = importerWithRows([
-        ['id' => '6001', 'src' => 'dop2', 'type' => 'calls', 'content' => '79996660000', 'tag' => 'X', 'lim' => '5', 'status' => true, 'regions' => '', 'workdays' => []],
-    ])->buildPlan($tenant->id);
-
-    expect($plan['planned'])->toHaveCount(0);
-    expect(collect($plan['skipped'])->pluck('reason'))->toContain('unsupported_source');
-});
-```
-
-- [ ] **Step 2: Run test to verify it fails**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/Supplier/SupplierProjectImporterTest.php`
-Expected: FAIL — class `SupplierProjectImporter` not found.
-
-- [ ] **Step 3: Write minimal implementation**
-
-Create `app/app/Services/Supplier/Import/SupplierProjectImporter.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Supplier\Import;
-
-use App\Services\Supplier\SupplierPortalClient;
-use App\Support\SupplierRegions;
-
-/**
- * Усыновление активных проектов поставщика (аккаунт lkomega) как проектов
- * Лидерры. Читает listProjects (read-only), группирует площадки B1/B2/B3 в один
- * проект, реверс-маппит регионы, считает лимит как сумму площадок.
- *
- * buildPlan() — без побочных эффектов записи (кроме чтения существующих Project
- * для идемпотентности). commit() — пишет (см. отдельную задачу плана).
- *
- * Spec: docs/superpowers/specs/2026-05-22-supplier-projects-import-lkomega-design.md
- */
-class SupplierProjectImporter
-{
-    public function __construct(
-        private readonly SupplierPortalClient $client,
-    ) {}
-
-    /**
-     * @return array{planned: list<array<string, mixed>>, skipped: list<array{reason: string, label: string}>}
-     */
-    public function buildPlan(int $tenantId): array
-    {
-        $rows = $this->client->listProjects();
-
-        /** @var list<array{reason: string, label: string}> $skipped */
-        $skipped = [];
-
-        // group key (signal_type|identifier) => accumulator
-        /** @var array<string, array<string, mixed>> $groups */
-        $groups = [];
-
-        foreach ($rows as $row) {
-            if (($row['status'] ?? false) !== true) {
-                continue; // только включённые
-            }
-
-            $platform = SupplierImportMapper::platformFromSrc((string) ($row['src'] ?? ''));
-            if ($platform === null) {
-                $skipped[] = ['reason' => 'unsupported_source', 'label' => (string) ($row['name'] ?? $row['content'] ?? '?')];
-
-                continue;
-            }
-
-            $signalType = SupplierImportMapper::signalTypeFromType((string) ($row['type'] ?? ''));
-            if ($signalType === null) {
-                $skipped[] = ['reason' => 'unsupported_type', 'label' => (string) ($row['name'] ?? '?')];
-
-                continue;
-            }
-
-            // sms обрабатывается в отдельной задаче; site/call здесь
-            if ($signalType === 'sms') {
-                continue;
-            }
-
-            $identifier = (string) ($row['content'] ?? '');
-            $key = $signalType.'|'.$identifier;
-
-            if (! isset($groups[$key])) {
-                $groups[$key] = [
-                    'signal_type' => $signalType,
-                    'signal_identifier' => $identifier,
-                    'sms_senders' => [],
-                    'sms_keyword' => null,
-                    'tag' => '',
-                    'regions' => [],
-                    'has_all_russia' => false,
-                    'workdays_mask' => 0,
-                    'daily_limit_target' => 0,
-                    'platforms' => [],
-                ];
-            }
-
-            $this->accumulateRow($groups[$key], $row, $platform);
-        }
-
-        $planned = [];
-        foreach ($groups as $g) {
-            unset($g['has_all_russia']);
-            $g['delivery_days_mask'] = $g['workdays_mask'] === 0 ? 127 : $g['workdays_mask'];
-            unset($g['workdays_mask']);
-            if ($g['tag'] === '') {
-                $g['tag'] = 'РФ';
-            }
-            $g['name'] = $this->deriveName($g);
-            $planned[] = $g;
-        }
-
-        return ['planned' => array_values($planned), 'skipped' => $skipped];
-    }
-
-    /**
-     * @param  array<string, mixed>  $group
-     * @param  array<string, mixed>  $row
-     */
-    private function accumulateRow(array &$group, array $row, string $platform): void
-    {
-        $lim = (int) ($row['lim'] ?? 0);
-        $group['daily_limit_target'] += $lim;
-        $group['platforms'][] = [
-            'platform' => $platform,
-            'external_id' => (int) ($row['id'] ?? 0),
-            'lim' => $lim,
-        ];
-
-        // tag: первый непустой и не «РФ» (кампания заказчика)
-        $rowTag = trim((string) ($row['tag'] ?? ''));
-        if ($group['tag'] === '' && $rowTag !== '' && $rowTag !== 'РФ') {
-            $group['tag'] = $rowTag;
-        }
-
-        // workdays union
-        $group['workdays_mask'] |= SupplierImportMapper::workdaysToMask((array) ($row['workdays'] ?? []));
-
-        // regions union (reverse-mapped); пустой regions у любой площадки → вся РФ
-        if (! $group['has_all_russia']) {
-            $gibdd = SupplierImportMapper::parseGibddRegions(
-                is_string($row['regions'] ?? null) ? $row['regions'] : ''
-            );
-            if ($gibdd === []) {
-                $group['has_all_russia'] = true;
-                $group['regions'] = [];
-            } else {
-                $liderra = SupplierRegions::mapFromSupplier($gibdd);
-                $group['regions'] = array_values(array_unique(array_merge($group['regions'], $liderra)));
-                sort($group['regions']);
-            }
-        }
-    }
-
-    /**
-     * @param  array<string, mixed>  $group
-     */
-    private function deriveName(array $group): string
-    {
-        $tag = (string) $group['tag'];
-        $base = ($tag !== '' && $tag !== 'РФ')
-            ? $tag
-            : (string) ($group['signal_identifier'] ?? 'проект');
-
-        return mb_substr($base, 0, 255);
-    }
-}
-```
-
-- [ ] **Step 4: Run test to verify it passes**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/Supplier/SupplierProjectImporterTest.php`
-Expected: PASS (3 tests)
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/app/Services/Supplier/Import/SupplierProjectImporter.php app/tests/Feature/Supplier/SupplierProjectImporterTest.php
-git commit -m "feat(supplier-import): buildPlan — site/call группировка B1/B2/B3, лимит=сумма"
-```
-
----
-
-## Task 4: buildPlan — регионы (reverse + union + вся РФ) и regions_reverse skip
-
-**Files:**
-
-- Modify: `app/app/Services/Supplier/Import/SupplierProjectImporter.php`
-- Test: `app/tests/Feature/Supplier/SupplierProjectImporterTest.php`
-
-- [ ] **Step 1: Write the failing test**
-
-Добавить в `SupplierProjectImporterTest.php`:
-
-```php
-test('buildPlan reverse-maps regions and unions across platforms', function (): void {
-    $tenant = Tenant::factory()->create();
-
-    // ГИБДД 24 (B1) + 77 (B2) → Лидерра 29 + 82, union; B3 тоже 24
-    $plan = importerWithRows([
-        ['id' => '7001', 'src' => 'rt', 'type' => 'hosts', 'content' => 'okna.ru', 'tag' => 'Окна', 'lim' => '3', 'status' => true, 'regions' => '24', 'workdays' => [], 'regions_reverse' => false],
-        ['id' => '7002', 'src' => 'bl', 'type' => 'hosts', 'content' => 'okna.ru', 'tag' => 'Окна', 'lim' => '3', 'status' => true, 'regions' => '77', 'workdays' => [], 'regions_reverse' => false],
-        ['id' => '7003', 'src' => 'mt', 'type' => 'hosts', 'content' => 'okna.ru', 'tag' => 'Окна', 'lim' => '3', 'status' => true, 'regions' => '24', 'workdays' => [], 'regions_reverse' => false],
-    ])->buildPlan($tenant->id);
-
-    expect($plan['planned'][0]['regions'])->toBe([29, 82]);
-});
-
-test('buildPlan treats any empty-regions platform as all-Russia', function (): void {
-    $tenant = Tenant::factory()->create();
-
-    $plan = importerWithRows([
-        ['id' => '7101', 'src' => 'rt', 'type' => 'hosts', 'content' => 'all.ru', 'tag' => 'A', 'lim' => '3', 'status' => true, 'regions' => '24', 'workdays' => [], 'regions_reverse' => false],
-        ['id' => '7102', 'src' => 'bl', 'type' => 'hosts', 'content' => 'all.ru', 'tag' => 'A', 'lim' => '3', 'status' => true, 'regions' => '', 'workdays' => [], 'regions_reverse' => false],
-    ])->buildPlan($tenant->id);
-
-    expect($plan['planned'][0]['regions'])->toBe([]);
-});
-
-test('buildPlan skips group when any active row has regions_reverse=true', function (): void {
-    $tenant = Tenant::factory()->create();
-
-    $plan = importerWithRows([
-        ['id' => '7201', 'src' => 'rt', 'type' => 'hosts', 'content' => 'excl.ru', 'tag' => 'A', 'lim' => '3', 'status' => true, 'regions' => '24', 'workdays' => [], 'regions_reverse' => true],
-        ['id' => '7202', 'src' => 'bl', 'type' => 'hosts', 'content' => 'excl.ru', 'tag' => 'A', 'lim' => '3', 'status' => true, 'regions' => '24', 'workdays' => [], 'regions_reverse' => false],
-    ])->buildPlan($tenant->id);
-
-    expect($plan['planned'])->toHaveCount(0);
-    expect(collect($plan['skipped'])->pluck('reason'))->toContain('regions_exclude');
-});
-```
-
-- [ ] **Step 2: Run test to verify it fails**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/Supplier/SupplierProjectImporterTest.php --filter="reverse-maps|all-Russia|regions_reverse"`
-Expected: первый тест (reverse-maps) уже PASS (логика была в Task 3); тест all-Russia PASS; тест `regions_reverse` FAIL (группа не пропускается, попадает в planned).
-
-- [ ] **Step 3: Write minimal implementation**
-
-В `buildPlan()`, в цикле по `$rows`, после блока с `$signalType === 'sms'` (т.е. для site/call) добавить проверку exclude ПЕРЕД накоплением. Заменить строку `$this->accumulateRow($groups[$key], $row, $platform);` на:
-
-```php
-            if (($row['regions_reverse'] ?? false) === true) {
-                $skipped[] = ['reason' => 'regions_exclude', 'label' => $identifier];
-                // пометить группу к удалению, чтобы частично накопленные площадки не остались
-                $groups[$key]['__excluded'] = true;
-            }
-
-            $this->accumulateRow($groups[$key], $row, $platform);
-```
-
-И в сборке `$planned` (цикл `foreach ($groups as $g)`) в начало тела добавить:
-
-```php
-            if (($g['__excluded'] ?? false) === true) {
-                continue;
-            }
-            unset($g['__excluded']);
-```
-
-(оставить существующие `unset($g['has_all_russia'])` и т.д. после этого).
-
-- [ ] **Step 4: Run test to verify it passes**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/Supplier/SupplierProjectImporterTest.php`
-Expected: PASS (все, включая 3 новых)
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/app/Services/Supplier/Import/SupplierProjectImporter.php app/tests/Feature/Supplier/SupplierProjectImporterTest.php
-git commit -m "feat(supplier-import): buildPlan — обратные регионы/union/вся РФ + skip regions_reverse"
-```
-
----
-
-## Task 5: buildPlan — sms группировка по sender (B2/B3)
-
-**Files:**
-
-- Modify: `app/app/Services/Supplier/Import/SupplierProjectImporter.php`
-- Test: `app/tests/Feature/Supplier/SupplierProjectImporterTest.php`
-
-- [ ] **Step 1: Write the failing test**
-
-Добавить в `SupplierProjectImporterTest.php`:
-
-```php
-test('buildPlan groups sms by sender: B2 (sender+keyword) and B3 (sender)', function (): void {
-    $tenant = Tenant::factory()->create();
-
-    $plan = importerWithRows([
-        ['id' => '8001', 'src' => 'bl', 'type' => 'sms', 'content' => '79001234567+KVARTIRA', 'tag' => 'СМС', 'lim' => '4', 'status' => true, 'regions' => '', 'workdays' => []],
-        ['id' => '8002', 'src' => 'mt', 'type' => 'sms', 'content' => '79001234567', 'tag' => 'СМС', 'lim' => '4', 'status' => true, 'regions' => '', 'workdays' => []],
-    ])->buildPlan($tenant->id);
-
-    expect($plan['planned'])->toHaveCount(1);
-    $p = $plan['planned'][0];
-    expect($p['signal_type'])->toBe('sms');
-    expect($p['signal_identifier'])->toBeNull();
-    expect($p['sms_senders'])->toBe(['79001234567']);
-    expect($p['sms_keyword'])->toBe('KVARTIRA');
-    expect($p['daily_limit_target'])->toBe(8);              // 4+4
-    expect(collect($p['platforms'])->pluck('platform')->sort()->values()->all())->toBe(['B2', 'B3']);
-});
-
-test('buildPlan handles sms B3-only (no keyword)', function (): void {
-    $tenant = Tenant::factory()->create();
-
-    $plan = importerWithRows([
-        ['id' => '8101', 'src' => 'mt', 'type' => 'sms', 'content' => '79009998877', 'tag' => 'СМС', 'lim' => '5', 'status' => true, 'regions' => '', 'workdays' => []],
-    ])->buildPlan($tenant->id);
-
-    expect($plan['planned'])->toHaveCount(1);
-    expect($plan['planned'][0]['sms_senders'])->toBe(['79009998877']);
-    expect($plan['planned'][0]['sms_keyword'])->toBeNull();
-    expect($plan['planned'][0]['platforms'][0]['platform'])->toBe('B3');
-});
-```
-
-- [ ] **Step 2: Run test to verify it fails**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/Supplier/SupplierProjectImporterTest.php --filter=sms`
-Expected: FAIL — sms rows сейчас `continue`-ятся (planned пуст).
-
-- [ ] **Step 3: Write minimal implementation**
-
-В `buildPlan()` заменить блок `if ($signalType === 'sms') { continue; }` на вызов sms-аккумулятора:
-
-```php
-            if ($signalType === 'sms') {
-                $parsed = SupplierImportMapper::parseSmsContent((string) ($row['content'] ?? ''));
-                $sender = $parsed['sender'];
-                if ($sender === '') {
-                    $skipped[] = ['reason' => 'sms_unparseable', 'label' => (string) ($row['name'] ?? '?')];
-
-                    continue;
-                }
-                $key = 'sms|'.$sender;
-                if (! isset($groups[$key])) {
-                    $groups[$key] = [
-                        'signal_type' => 'sms',
-                        'signal_identifier' => null,
-                        'sms_senders' => [$sender],
-                        'sms_keyword' => null,
-                        'tag' => '',
-                        'regions' => [],
-                        'has_all_russia' => false,
-                        'workdays_mask' => 0,
-                        'daily_limit_target' => 0,
-                        'platforms' => [],
-                    ];
-                }
-                if ($parsed['keyword'] !== null && $parsed['keyword'] !== '' && $groups[$key]['sms_keyword'] === null) {
-                    $groups[$key]['sms_keyword'] = $parsed['keyword'];
-                }
-                if (($row['regions_reverse'] ?? false) === true) {
-                    $skipped[] = ['reason' => 'regions_exclude', 'label' => $sender];
-                    $groups[$key]['__excluded'] = true;
-                }
-                $this->accumulateRow($groups[$key], $row, $platform);
-
-                continue;
-            }
-```
-
-(Существующий site/call-блок ниже не трогается.)
-
-- [ ] **Step 4: Run test to verify it passes**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/Supplier/SupplierProjectImporterTest.php`
-Expected: PASS (все)
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/app/Services/Supplier/Import/SupplierProjectImporter.php app/tests/Feature/Supplier/SupplierProjectImporterTest.php
-git commit -m "feat(supplier-import): buildPlan — sms-группировка по sender (B2/B3)"
-```
-
----
-
-## Task 6: buildPlan — идемпотентность (существующий Project → skipped)
-
-**Files:**
-
-- Modify: `app/app/Services/Supplier/Import/SupplierProjectImporter.php`
-- Test: `app/tests/Feature/Supplier/SupplierProjectImporterTest.php`
-
-- [ ] **Step 1: Write the failing test**
-
-Добавить в `SupplierProjectImporterTest.php` (вверху добавить `use App\Models\Project;`):
-
-```php
-test('buildPlan skips a group whose Project already exists for the tenant', function (): void {
-    $tenant = Tenant::factory()->create();
-
-    Project::factory()->create([
-        'tenant_id' => $tenant->id,
-        'signal_type' => 'call',
-        'signal_identifier' => '79993332211',
-    ]);
-
-    $plan = importerWithRows([
-        ['id' => '9001', 'src' => 'rt', 'type' => 'calls', 'content' => '79993332211', 'tag' => 'X', 'lim' => '6', 'status' => true, 'regions' => '', 'workdays' => []],
-    ])->buildPlan($tenant->id);
-
-    expect($plan['planned'])->toHaveCount(0);
-    expect(collect($plan['skipped'])->pluck('reason'))->toContain('already_exists');
-});
-```
-
-- [ ] **Step 2: Run test to verify it fails**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/Supplier/SupplierProjectImporterTest.php --filter=already_exists`
-Expected: FAIL — группа попадает в planned (идемпотентность не реализована).
-
-- [ ] **Step 3: Write minimal implementation**
-
-В `buildPlan()`, в финальном цикле сборки `$planned`, после `unset($g['__excluded'])`-блока и ПЕРЕД `$planned[] = $g;`, добавить проверку существования + сборку `name`/`tag`/`mask` сначала. Перенести `$planned[] = $g;` под проверку:
-
-```php
-            // (после расчёта name/tag/delivery_days_mask):
-            if ($this->projectExists($tenantId, $g)) {
-                $skipped[] = ['reason' => 'already_exists', 'label' => $this->groupLabel($g)];
-
-                continue;
-            }
-            $planned[] = $g;
-```
-
-Добавить методы в класс:
-
-```php
-    /**
-     * @param  array<string, mixed>  $group
-     */
-    private function projectExists(int $tenantId, array $group): bool
-    {
-        $query = \App\Models\Project::on('pgsql_supplier')
-            ->where('tenant_id', $tenantId)
-            ->where('signal_type', $group['signal_type']);
-
-        if ($group['signal_type'] === 'sms') {
-            $sender = $group['sms_senders'][0] ?? '';
-            $keyword = $group['sms_keyword'];
-
-            return $query
-                ->whereJsonContains('sms_senders', $sender)
-                ->where(fn ($q) => $keyword === null ? $q->whereNull('sms_keyword') : $q->where('sms_keyword', $keyword))
-                ->exists();
-        }
-
-        return $query->where('signal_identifier', $group['signal_identifier'])->exists();
-    }
-
-    /**
-     * @param  array<string, mixed>  $group
-     */
-    private function groupLabel(array $group): string
-    {
-        return $group['signal_type'] === 'sms'
-            ? (string) ($group['sms_senders'][0] ?? '?')
-            : (string) ($group['signal_identifier'] ?? '?');
-    }
-```
-
-NB: чтение `Project::on('pgsql_supplier')` (BYPASSRLS) обязательно — команда без tenant-контекста, дефолтное RLS-подключение упало бы (паттерн supplier-джобов).
-
-- [ ] **Step 4: Run test to verify it passes**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/Supplier/SupplierProjectImporterTest.php`
-Expected: PASS (все)
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/app/Services/Supplier/Import/SupplierProjectImporter.php app/tests/Feature/Supplier/SupplierProjectImporterTest.php
-git commit -m "feat(supplier-import): buildPlan идемпотентность — существующий Project пропускается"
-```
-
----
-
-## Task 7: SupplierProjectImporter::commit — запись Project + supplier_projects + pivot (портал не трогаем)
-
-**Files:**
-
-- Modify: `app/app/Services/Supplier/Import/SupplierProjectImporter.php`
-- Test: `app/tests/Feature/Supplier/SupplierProjectImporterTest.php`
-
-- [ ] **Step 1: Write the failing test**
-
-Добавить в `SupplierProjectImporterTest.php` (вверху добавить `use App\Models\SupplierProject;` и `use Illuminate\Support\Facades\DB;` и `use Illuminate\Support\Facades\Http;`):
-
-```php
-test('commit creates Project + supplier_projects (external_id from portal) + pivot, no portal write', function (): void {
-    Http::fake(); // ловушка: НИ один HTTP не должен уйти на портал
-    $tenant = Tenant::factory()->create();
-
-    $importer = importerWithRows([
-        ['id' => '4001', 'src' => 'rt', 'type' => 'calls', 'content' => '79991112233', 'tag' => 'Каранга', 'lim' => '6', 'status' => true, 'regions' => '24', 'workdays' => ['1', '2', '3', '4', '5']],
-        ['id' => '4002', 'src' => 'bl', 'type' => 'calls', 'content' => '79991112233', 'tag' => 'Каранга', 'lim' => '6', 'status' => true, 'regions' => '24', 'workdays' => ['1', '2', '3', '4', '5']],
-        ['id' => '4003', 'src' => 'mt', 'type' => 'calls', 'content' => '79991112233', 'tag' => 'Каранга', 'lim' => '6', 'status' => true, 'regions' => '24', 'workdays' => ['1', '2', '3', '4', '5']],
-    ]);
-
-    $plan = $importer->buildPlan($tenant->id);
-    $result = $importer->commit($plan, $tenant->id);
-
-    expect($result['created_projects'])->toBe(1);
-
-    $project = \App\Models\Project::on('pgsql_supplier')
-        ->where('tenant_id', $tenant->id)
-        ->where('signal_identifier', '79991112233')
-        ->first();
-    expect($project)->not->toBeNull();
-    expect($project->daily_limit_target)->toBe(18);
-    expect($project->is_active)->toBeTrue();
-    expect($project->regions)->toBe([29]);                  // ГИБДД 24 → Лидерра 29
-    expect($project->delivery_days_mask)->toBe(31);
-
-    $sps = SupplierProject::on('pgsql_supplier')->where('unique_key', '79991112233')->get();
-    expect($sps)->toHaveCount(3);
-    expect($sps->pluck('supplier_external_id')->sort()->values()->all())->toBe(['4001', '4002', '4003']);
-    expect($sps->pluck('sync_status')->unique()->all())->toBe(['ok']);
-    expect($sps->firstWhere('platform', 'B1')->current_limit)->toBe(6);
-
-    $pivot = DB::connection('pgsql_supplier')->table('project_supplier_links')
-        ->where('project_id', $project->id)->count();
-    expect($pivot)->toBe(3);
-
-    Http::assertNothingSent(); // портал не дёргался
-});
-```
-
-- [ ] **Step 2: Run test to verify it fails**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/Supplier/SupplierProjectImporterTest.php --filter="commit creates"`
-Expected: FAIL — `Call to undefined method ...::commit()`.
-
-- [ ] **Step 3: Write minimal implementation**
-
-Добавить в класс `SupplierProjectImporter` (вверху файла — `use` для моделей и фасадов):
-
-```php
-use App\Models\Project;
-use App\Models\SupplierProject;
-use App\Models\SupplierSyncLog;
-use App\Services\Supplier\SupplierProjectGrouping;
-use Illuminate\Support\Facades\DB;
-```
-
-Метод:
-
-```php
-    private const DB_CONNECTION = 'pgsql_supplier';
-
-    /**
-     * Пишет план в БД: Project + supplier_projects (external_id с портала) + pivot.
-     * НЕ обращается к порталу. Каждый проект — в своей транзакции (частичный сбой
-     * не откатывает уже импортированные).
-     *
-     * @param  array{planned: list<array<string, mixed>>, skipped: list<array{reason: string, label: string}>}  $plan
-     * @return array{created_projects: int, created_supplier_projects: int, created_links: int}
-     */
-    public function commit(array $plan, int $tenantId): array
-    {
-        $createdProjects = 0;
-        $createdSps = 0;
-        $createdLinks = 0;
-
-        foreach ($plan['planned'] as $item) {
-            DB::connection(self::DB_CONNECTION)->transaction(function () use ($item, $tenantId, &$createdProjects, &$createdSps, &$createdLinks): void {
-                /** @var Project $project */
-                $project = Project::on(self::DB_CONNECTION)->create([
-                    'tenant_id' => $tenantId,
-                    'name' => $item['name'],
-                    'tag' => $item['tag'],
-                    'is_active' => true,
-                    'signal_type' => $item['signal_type'],
-                    'signal_identifier' => $item['signal_identifier'],
-                    'sms_senders' => $item['sms_senders'] !== [] ? $item['sms_senders'] : null,
-                    'sms_keyword' => $item['sms_keyword'],
-                    'regions' => $item['regions'],
-                    'region_mode' => 'include',
-                    'delivery_days_mask' => $item['delivery_days_mask'],
-                    'daily_limit_target' => $item['daily_limit_target'],
-                ]);
-                $createdProjects++;
-
-                foreach ($item['platforms'] as $pl) {
-                    $platform = (string) $pl['platform'];
-                    $uniqueKey = SupplierProjectGrouping::buildUniqueKey($project, $platform);
-
-                    /** @var SupplierProject $sp */
-                    $sp = SupplierProject::on(self::DB_CONNECTION)->firstOrCreate(
-                        ['platform' => $platform, 'unique_key' => $uniqueKey, 'subject_code' => null],
-                        [
-                            'signal_type' => $item['signal_type'],
-                            'supplier_external_id' => (string) $pl['external_id'],
-                            'current_limit' => (int) $pl['lim'],
-                            'current_workdays' => $this->maskToList((int) $item['delivery_days_mask']),
-                            'current_regions' => $item['regions'],
-                            'sync_status' => 'ok',
-                            'last_synced_at' => now(),
-                        ],
-                    );
-                    if ($sp->wasRecentlyCreated) {
-                        $createdSps++;
-                        SupplierSyncLog::on(self::DB_CONNECTION)->create([
-                            'supplier_project_id' => $sp->id,
-                            'action' => 'create',
-                            'http_status' => 200,
-                            'created_at' => now(),
-                        ]);
-                    }
-
-                    $inserted = DB::connection(self::DB_CONNECTION)->table('project_supplier_links')->insertOrIgnore([
-                        'project_id' => $project->id,
-                        'supplier_project_id' => $sp->id,
-                        'platform' => $platform,
-                        'subject_code' => null,
-                    ]);
-                    $createdLinks += $inserted;
-                }
-            });
-        }
-
-        return [
-            'created_projects' => $createdProjects,
-            'created_supplier_projects' => $createdSps,
-            'created_links' => $createdLinks,
-        ];
-    }
-
-    /**
-     * Маска дней (bit0=Пн) → list<int> [1..7].
-     *
-     * @return list<int>
-     */
-    private function maskToList(int $mask): array
-    {
-        $out = [];
-        for ($i = 0; $i < 7; $i++) {
-            if (($mask & (1 << $i)) !== 0) {
-                $out[] = $i + 1;
-            }
-        }
-
-        return $out;
-    }
-```
-
-- [ ] **Step 4: Run test to verify it passes**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/Supplier/SupplierProjectImporterTest.php`
-Expected: PASS (все)
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/app/Services/Supplier/Import/SupplierProjectImporter.php app/tests/Feature/Supplier/SupplierProjectImporterTest.php
-git commit -m "feat(supplier-import): commit — Project+supplier_projects+pivot из external_id, без записи на портал"
-```
-
----
-
-## Task 8: commit — реюз существующего supplier_project (без дубля)
-
-**Files:**
-
-- Test: `app/tests/Feature/Supplier/SupplierProjectImporterTest.php`
-
-- [ ] **Step 1: Write the failing test**
-
-Добавить:
-
-```php
-test('commit reuses an existing supplier_project row instead of duplicating', function (): void {
-    Http::fake();
-    $tenant = Tenant::factory()->create();
-
-    // supplier_project уже есть (например, создан webhook resolveOrStub ранее)
-    SupplierProject::on('pgsql_supplier')->forceCreate([
-        'platform' => 'B1',
-        'signal_type' => 'call',
-        'unique_key' => '79994445566',
-        'subject_code' => null,
-        'supplier_external_id' => 'EXIST1',
-        'current_limit' => 6,
-        'current_workdays' => [1, 2, 3, 4, 5],
-        'current_regions' => [],
-        'sync_status' => 'ok',
-        'last_synced_at' => now(),
-    ]);
-
-    $importer = importerWithRows([
-        ['id' => '4500', 'src' => 'rt', 'type' => 'calls', 'content' => '79994445566', 'tag' => 'Y', 'lim' => '6', 'status' => true, 'regions' => '', 'workdays' => ['1', '2', '3', '4', '5']],
-    ]);
-    $plan = $importer->buildPlan($tenant->id);
-    $importer->commit($plan, $tenant->id);
-
-    // по-прежнему ровно 1 supplier_project с этим ключом+платформой (реюз, не дубль)
-    expect(SupplierProject::on('pgsql_supplier')
-        ->where('unique_key', '79994445566')->where('platform', 'B1')->count())->toBe(1);
-
-    // pivot привязал существующую строку к новому проекту
-    $project = \App\Models\Project::on('pgsql_supplier')->where('signal_identifier', '79994445566')->first();
-    $sp = SupplierProject::on('pgsql_supplier')->where('unique_key', '79994445566')->first();
-    expect(DB::connection('pgsql_supplier')->table('project_supplier_links')
-        ->where('project_id', $project->id)->where('supplier_project_id', $sp->id)->count())->toBe(1);
-});
-```
-
-- [ ] **Step 2: Run test to verify it fails or passes**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/Supplier/SupplierProjectImporterTest.php --filter="reuses an existing"`
-Expected: PASS (логика `firstOrCreate` по `(platform, unique_key, subject_code)` уже реюзит). Если FAIL — проверить, что `firstOrCreate`-атрибуты совпадают с unique-индексом `(platform, unique_key, subject_code NULLS NOT DISTINCT)`.
-
-- [ ] **Step 3: (если Step 2 PASS — пропустить implementation)**
-
-Если тест прошёл — реализация Task 7 уже корректна; шаг implementation не нужен.
-
-- [ ] **Step 4: Commit**
-
-```bash
-git add app/tests/Feature/Supplier/SupplierProjectImporterTest.php
-git commit -m "test(supplier-import): commit реюзит существующий supplier_project, не дублирует"
-```
-
----
-
-## Task 9: ImportSupplierProjectsCommand — artisan (dry-run по умолчанию, --commit)
-
-**Files:**
-
-- Create: `app/app/Console/Commands/ImportSupplierProjectsCommand.php`
-- Test: `app/tests/Feature/Supplier/ImportSupplierProjectsCommandTest.php`
-
-- [ ] **Step 1: Write the failing test**
-
-Create `app/tests/Feature/Supplier/ImportSupplierProjectsCommandTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Project;
-use App\Models\Tenant;
-use App\Models\User;
-use App\Services\Supplier\SupplierPortalClient;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\Http;
-use Tests\Concerns\SharesSupplierPdo;
-
-uses(DatabaseTransactions::class);
-uses(SharesSupplierPdo::class);
-
-beforeEach(function (): void {
-    $this->tenant = Tenant::factory()->create();
-    User::factory()->create(['tenant_id' => $this->tenant->id, 'email' => 'info@lkomega.ru']);
-
-    $client = Mockery::mock(SupplierPortalClient::class);
-    $client->shouldReceive('listProjects')->andReturn([
-        ['id' => '4001', 'src' => 'rt', 'type' => 'calls', 'content' => '79991112233', 'tag' => 'Каранга', 'lim' => '6', 'status' => true, 'regions' => '', 'workdays' => ['1', '2', '3', '4', '5']],
-        ['id' => '4002', 'src' => 'bl', 'type' => 'calls', 'content' => '79991112233', 'tag' => 'Каранга', 'lim' => '6', 'status' => true, 'regions' => '', 'workdays' => ['1', '2', '3', '4', '5']],
-        ['id' => '4003', 'src' => 'mt', 'type' => 'calls', 'content' => '79991112233', 'tag' => 'Каранга', 'lim' => '6', 'status' => true, 'regions' => '', 'workdays' => ['1', '2', '3', '4', '5']],
-    ]);
-    $this->app->instance(SupplierPortalClient::class, $client);
-});
-
-test('dry-run prints plan and writes nothing', function (): void {
-    Http::fake();
-
-    $this->artisan('supplier:import-projects', ['--tenant' => 'info@lkomega.ru'])
-        ->assertExitCode(0);
-
-    expect(Project::on('pgsql_supplier')->where('tenant_id', $this->tenant->id)->count())->toBe(0);
-    Http::assertNothingSent();
-});
-
-test('--commit writes projects', function (): void {
-    Http::fake();
-
-    $this->artisan('supplier:import-projects', ['--tenant' => 'info@lkomega.ru', '--commit' => true])
-        ->assertExitCode(0);
-
-    expect(Project::on('pgsql_supplier')
-        ->where('tenant_id', $this->tenant->id)
-        ->where('signal_identifier', '79991112233')->count())->toBe(1);
-    Http::assertNothingSent();
-});
-
-test('unknown tenant email → non-zero exit, no write', function (): void {
-    $this->artisan('supplier:import-projects', ['--tenant' => 'nobody@nowhere.ru', '--commit' => true])
-        ->assertExitCode(1);
-});
-```
-
-- [ ] **Step 2: Run test to verify it fails**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/Supplier/ImportSupplierProjectsCommandTest.php`
-Expected: FAIL — команда `supplier:import-projects` не существует.
-
-- [ ] **Step 3: Write minimal implementation**
-
-Create `app/app/Console/Commands/ImportSupplierProjectsCommand.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Console\Commands;
-
-use App\Models\User;
-use App\Services\Supplier\Import\SupplierProjectImporter;
-use Illuminate\Console\Command;
-
-/**
- * Разовый импорт активных проектов поставщика (аккаунт lkomega) как проектов
- * Лидерры под тенантом владельца. По умолчанию dry-run (печатает план, ничего
- * не пишет). С --commit пишет в БД через pgsql_supplier (BYPASSRLS), портал НЕ
- * трогает. Идемпотентна.
- *
- * Plan: docs/superpowers/plans/2026-05-22-supplier-projects-import-lkomega.md
- */
-class ImportSupplierProjectsCommand extends Command
-{
-    protected $signature = 'supplier:import-projects
-        {--tenant= : email пользователя тенанта (напр. info@lkomega.ru)}
-        {--commit : выполнить запись (без флага — только dry-run)}';
-
-    protected $description = 'Усыновить активные проекты поставщика как проекты Лидерры под тенантом (dry-run по умолчанию)';
-
-    public function handle(SupplierProjectImporter $importer): int
-    {
-        $email = (string) $this->option('tenant');
-        if ($email === '') {
-            $this->error('Укажите --tenant=<email>');
-
-            return self::FAILURE;
-        }
-
-        $tenantId = User::on('pgsql_supplier')->where('email', $email)->value('tenant_id');
-        if ($tenantId === null) {
-            $this->error("Тенант для email '{$email}' не найден.");
-
-            return self::FAILURE;
-        }
-
-        $plan = $importer->buildPlan((int) $tenantId);
-
-        $this->info(sprintf('Тенант %s (id=%d). К созданию: %d проектов. Пропущено строк/групп: %d.',
-            $email, $tenantId, count($plan['planned']), count($plan['skipped'])));
-
-        $this->table(
-            ['Тип', 'Идентификатор', 'Тег', 'Регионы', 'Лимит', 'Площадки (external_id)'],
-            array_map(fn (array $p): array => [
-                $p['signal_type'],
-                $this->mask($p['signal_identifier'] ?? ($p['sms_senders'][0] ?? '')),
-                mb_substr((string) $p['tag'], 0, 30),
-                $p['regions'] === [] ? 'вся РФ' : implode(',', $p['regions']),
-                (string) $p['daily_limit_target'],
-                collect($p['platforms'])->map(fn (array $pl): string => $pl['platform'].':'.$pl['external_id'])->implode(' '),
-            ], $plan['planned']),
-        );
-
-        if ($plan['skipped'] !== []) {
-            $this->warn('Пропуски:');
-            foreach ($plan['skipped'] as $s) {
-                $this->line(sprintf('  - [%s] %s', $s['reason'], $this->mask($s['label'])));
-            }
-        }
-
-        if (! $this->option('commit')) {
-            $this->comment('DRY-RUN: ничего не записано. Повторите с --commit для реальной записи.');
-
-            return self::SUCCESS;
-        }
-
-        $result = $importer->commit($plan, (int) $tenantId);
-        $this->info(sprintf('Создано: проектов=%d, supplier_projects=%d, связок=%d.',
-            $result['created_projects'], $result['created_supplier_projects'], $result['created_links']));
-
-        return self::SUCCESS;
-    }
-
-    /** Маскирует цифровые хвосты (телефоны) для вывода (152-ФЗ). */
-    private function mask(string $value): string
-    {
-        return (string) preg_replace('/\d{4,}/', fn (array $m): string => substr($m[0], 0, 2).str_repeat('*', max(0, strlen($m[0]) - 4)).substr($m[0], -2), $value);
-    }
-}
-```
-
-NB: Laravel 13 авто-регистрирует команды из `app/Console/Commands/` — отдельной регистрации не нужно.
-
-- [ ] **Step 4: Run test to verify it passes**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/Supplier/ImportSupplierProjectsCommandTest.php`
-Expected: PASS (3 теста)
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/app/Console/Commands/ImportSupplierProjectsCommand.php app/tests/Feature/Supplier/ImportSupplierProjectsCommandTest.php
-git commit -m "feat(supplier-import): artisan supplier:import-projects (dry-run / --commit, маскирование ПДн)"
-```
-
----
-
-## Task 10: Регрессия + Pint + Larastan + деплой-чеклист
-
-**Files:**
-
-- Create: `docs/deploy/supplier-import-lkomega-runbook.md`
-
-- [ ] **Step 1: Прогнать целевую регрессию**
-
-Run: `cd app && ./vendor/bin/pest tests/Unit/Supplier/SupplierImportMapperTest.php tests/Unit/Supplier/SupplierRegionsTest.php tests/Feature/Supplier/SupplierProjectImporterTest.php tests/Feature/Supplier/ImportSupplierProjectsCommandTest.php`
-Expected: все PASS, 0 failed. Выписать фактические числа.
-
-- [ ] **Step 2: Прогнать широкий supplier-suite (нет регрессий)**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/Supplier tests/Unit/Supplier`
-Expected: 0 новых падений против baseline.
-
-- [ ] **Step 3: Pint + Larastan**
-
-Run: `cd app && composer pint && composer stan`
-Expected: Pint clean; Larastan 0 ошибок выше baseline. Если новые baseline-записи нужны (Pest TestCall pattern / Mockery) — `composer stan -- --generate-baseline=phpstan-baseline.neon`, затем `composer stan` (квирк #25), и закоммитить baseline.
-
-- [ ] **Step 4: Написать runbook деплоя/прогона**
-
-Create `docs/deploy/supplier-import-lkomega-runbook.md` с содержанием:
-
-```markdown
-# Runbook: импорт проектов lkomega → info@lkomega.ru
-
-Разовая операция на боевом liderra.ru (111.88.246.137).
-
-## Деплой команды
-1. scp 4 файла на сервер в /var/www/liderra/app:
-   - app/Support/SupplierRegions.php
-   - app/Services/Supplier/Import/SupplierImportMapper.php
-   - app/Services/Supplier/Import/SupplierProjectImporter.php
-   - app/Console/Commands/ImportSupplierProjectsCommand.php
-   (бэкап заменяемого SupplierRegions.php: cp *.bak)
-2. `php artisan optimize:clear` (сброс кэша команд/конфига).
-
-## Dry-run (показать план)
-`php artisan supplier:import-projects --tenant=info@lkomega.ru`
-→ показать вывод заказчику (число проектов, лимиты, регионы, пропуски). Получить «ок».
-
-## Реальный прогон
-`php artisan supplier:import-projects --tenant=info@lkomega.ru --commit`
-
-## Пост-проверка
-- `php artisan tinker --execute="echo App\Models\Project::on('pgsql_supplier')->where('tenant_id', <ID>)->count();"`
-- Выборочно сверить 2-3 проекта (лимит = сумме площадок, регионы корректны).
-- Подтвердить, что на портале crm.bp-gr.ru НЕ появилось новых проектов (команда его не дёргает).
-
-## Откат (если нужно)
-Импортированные проекты под тенантом — soft-archive через ЛК или
-`Project::on('pgsql_supplier')->where(...)->update(['is_active'=>false,'archived_at'=>now()])`;
-supplier_projects/pivot можно оставить (они указывают на реальные портальные проекты).
-```
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add docs/deploy/supplier-import-lkomega-runbook.md app/phpstan-baseline.neon
-git commit -m "docs(supplier-import): runbook деплоя/прогона + larastan baseline"
-```
-
-(Если `phpstan-baseline.neon` не менялся — убрать из `git add`.)
-
----
-
-## Self-Review (выполнено автором плана)
-
-**Spec coverage:**
-
-- §4 маппинг (src/type/regions/workdays/sms) → Task 1+2. ✅
-- §4 группировка B1/B2/B3 + лимит-сумма → Task 3. ✅
-- §4 регионы reverse/union/вся РФ + regions_reverse skip → Task 4. ✅
-- §4 sms по sender → Task 5. ✅
-- §5 идемпотентность Project → Task 6; supplier_project реюз → Task 8. ✅
-- §7 запись Project+supplier_projects+pivot, без портала → Task 7. ✅
-- §6 команда dry-run/--commit + маскирование → Task 9. ✅
-- §8 безопасность (dry-run default, транзакция, портал не трогаем) → Task 7+9. ✅
-- §10 выполнение/деплой → Task 10. ✅
-- Охват «все активные (status + lim>0)»: status-фильтр в buildPlan; lim>0 — фактически у всех (recon), отдельного фильтра не требует. ✅
-
-**Type consistency:** plan-item shape единый во всех задачах; `commit` читает те же ключи, что пишет `buildPlan`; `platforms[].external_id` int везде; `SupplierProjectGrouping::buildUniqueKey($project, $platform)` существует (origin/main). ✅
-
-**Placeholder scan:** 0 TBD/«добавить обработку ошибок» — весь код приведён. ✅
-
-**Открытый момент планирования (из спеки §11):** группировка идёт по `(signal_type, identifier)` без тега (как ночной джоб) — реализовано в Task 3/5; тег = первый непустой не-«РФ» из группы. Финальное число проектов покажет dry-run на реальных данных (ожидаемо ~128, recon с тегом дал 128; без тега возможно меньше при коллизиях тег↔идентификатор).
diff --git a/docs/superpowers/plans/2026-05-23-admin-tenant-balance-edit.md b/docs/superpowers/plans/2026-05-23-admin-tenant-balance-edit.md
deleted file mode 100644
index 71f4fa9..0000000
--- a/docs/superpowers/plans/2026-05-23-admin-tenant-balance-edit.md
+++ /dev/null
@@ -1,912 +0,0 @@
-# Admin Tenant Balance Edit Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Дать SaaS-админу установить точный рублёвый баланс тенанта из админки (карточка тенанта + инлайн в таблице списка), с записью в ledger + audit-log.
-
-**Architecture:** Новый эндпоинт `PATCH /api/admin/tenants/{id}/balance` (метод `AdminTenantsController::updateBalance`) под `saas-admin` middleware. Семантика «установить точную сумму»: сервер считает знаковую дельту `target − current`, применяет под `lockForUpdate` через bcmath, пишет `balance_transactions(type='manual_adjustment')` + `saas_admin_audit_log`. Frontend — общий `TenantBalanceDialog.vue`, открывается из `TenantDetailHeader` (карточка «Баланс») и из строки `TenantsTable`.
-
-**Tech Stack:** PHP 8.3 / Laravel 13 / Pest 4 / Vue 3.5 / Vuetify 3.12 / Vitest 4 / bcmath / PostgreSQL 16.
-
-**Spec:** [../specs/2026-05-23-admin-tenant-balance-edit-design.md](../specs/2026-05-23-admin-tenant-balance-edit-design.md)
-
----
-
-## File Structure
-
-- **Modify** `app/app/Http/Controllers/Api/AdminTenantsController.php` — добавить `use` трейта/моделей + метод `updateBalance`.
-- **Modify** `app/routes/web.php` — 1 строка маршрута в группе `saas-admin` (рядом с tenants lookup).
-- **Create** `app/tests/Feature/Admin/AdminTenantBalanceUpdateTest.php` — Pest feature-тест.
-- **Modify** `app/resources/js/api/admin.ts` — функция `updateTenantBalance`.
-- **Create** `app/resources/js/components/admin/TenantBalanceDialog.vue` — общий диалог.
-- **Create** `app/tests/Frontend/TenantBalanceDialog.spec.ts` — Vitest.
-- **Modify** `app/resources/js/components/admin/tenant-detail/TenantDetailHeader.vue` — кнопка в карточке «Баланс» + emit.
-- **Modify** `app/resources/js/views/admin/AdminTenantDetailView.vue` — монтаж диалога + reload по `saved`.
-- **Modify** `app/resources/js/components/admin/tenants/TenantsTable.vue` — действие в строке + emit.
-- **Modify** `app/resources/js/views/admin/AdminTenantsView.vue` — монтаж диалога + обновление строки по `saved`.
-
----
-
-## Task 1: Backend `updateBalance` endpoint
-
-**Files:**
-
-- Modify: `app/app/Http/Controllers/Api/AdminTenantsController.php`
-- Modify: `app/routes/web.php` (~line 100, после tenants `show`)
-- Test: `app/tests/Feature/Admin/AdminTenantBalanceUpdateTest.php`
-
-- [ ] **Step 1: Write the failing test**
-
-Create `app/tests/Feature/Admin/AdminTenantBalanceUpdateTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\BalanceTransaction;
-use App\Models\Tenant;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-
-uses(DatabaseTransactions::class);
-
-function makeBalanceTenant(string $balanceRub): Tenant
-{
-    return Tenant::factory()->create(['balance_rub' => $balanceRub]);
-}
-
-it('sets exact balance and records signed manual_adjustment delta', function () {
-    $tenant = makeBalanceTenant('1000.00');
-
-    $resp = $this->patchJson("/api/admin/tenants/{$tenant->id}/balance", [
-        'balance_rub' => '2500.00',
-        'reason' => 'Коррекция тестового баланса',
-    ]);
-
-    $resp->assertOk()
-        ->assertJsonPath('balance_rub', '2500.00')
-        ->assertJsonPath('delta', '1500.00');
-
-    $tenant->refresh();
-    expect((string) $tenant->balance_rub)->toBe('2500.00');
-
-    $tx = BalanceTransaction::where('tenant_id', $tenant->id)
-        ->where('type', BalanceTransaction::TYPE_MANUAL_ADJUSTMENT)
-        ->latest('id')->first();
-    expect($tx)->not->toBeNull();
-    expect((string) $tx->amount_rub)->toBe('1500.00');
-    expect((string) $tx->balance_rub_after)->toBe('2500.00');
-    expect($tx->amount_leads)->toBeNull();
-    expect($tx->description)->toBe('Коррекция тестового баланса');
-});
-
-it('records negative delta when lowering balance', function () {
-    $tenant = makeBalanceTenant('1000.00');
-
-    $resp = $this->patchJson("/api/admin/tenants/{$tenant->id}/balance", [
-        'balance_rub' => '300.00',
-    ]);
-
-    $resp->assertOk()->assertJsonPath('delta', '-700.00');
-
-    $tx = BalanceTransaction::where('tenant_id', $tenant->id)
-        ->where('type', BalanceTransaction::TYPE_MANUAL_ADJUSTMENT)
-        ->latest('id')->first();
-    expect((string) $tx->amount_rub)->toBe('-700.00');
-    // Default description когда reason не передан.
-    expect($tx->description)->toBe('Ручная корректировка баланса (админ)');
-});
-
-it('accepts negative target balance (debt correction)', function () {
-    $tenant = makeBalanceTenant('0.00');
-
-    $this->patchJson("/api/admin/tenants/{$tenant->id}/balance", [
-        'balance_rub' => '-500.00',
-    ])->assertOk()->assertJsonPath('balance_rub', '-500.00');
-
-    expect((string) $tenant->fresh()->balance_rub)->toBe('-500.00');
-});
-
-it('rejects no-op (target equals current) with 422', function () {
-    $tenant = makeBalanceTenant('1000.00');
-
-    $this->patchJson("/api/admin/tenants/{$tenant->id}/balance", [
-        'balance_rub' => '1000.00',
-    ])->assertStatus(422);
-});
-
-it('rejects malformed balance_rub with 422', function () {
-    $tenant = makeBalanceTenant('1000.00');
-
-    $this->patchJson("/api/admin/tenants/{$tenant->id}/balance", [
-        'balance_rub' => '10.123',
-    ])->assertStatus(422);
-
-    $this->patchJson("/api/admin/tenants/{$tenant->id}/balance", [
-        'balance_rub' => 'abc',
-    ])->assertStatus(422);
-});
-
-it('returns 404 for missing or soft-deleted tenant', function () {
-    $this->patchJson('/api/admin/tenants/99999999/balance', [
-        'balance_rub' => '100.00',
-    ])->assertStatus(404);
-
-    $tenant = makeBalanceTenant('100.00');
-    $tenant->delete();
-    $this->patchJson("/api/admin/tenants/{$tenant->id}/balance", [
-        'balance_rub' => '200.00',
-    ])->assertStatus(404);
-});
-```
-
-- [ ] **Step 2: Run test to verify it fails**
-
-Run from `app/`: `./vendor/bin/pest tests/Feature/Admin/AdminTenantBalanceUpdateTest.php`
-Expected: FAIL — route `PATCH /api/admin/tenants/{id}/balance` does not exist (404 on all, or method-not-allowed).
-
-If the testing DB lacks the `manual_adjustment` value in `balance_transactions_type_check` or the May-2026 partition — note from prior Billing v2 work: run `php artisan migrate --env=testing` and `php artisan partitions:create-months` if a CHECK/partition error appears. `manual_adjustment` is an existing CHECK value (predates this work), so it should already be valid.
-
-- [ ] **Step 3: Add imports + trait to the controller**
-
-In `app/app/Http/Controllers/Api/AdminTenantsController.php`, the current `use` block is:
-
-```php
-use App\Http\Controllers\Controller;
-use App\Models\Tenant;
-use Carbon\CarbonImmutable;
-use Illuminate\Http\JsonResponse;
-use Illuminate\Http\Request;
-use Illuminate\Support\Facades\DB;
-```
-
-Add these imports (alphabetical placement):
-
-```php
-use App\Http\Controllers\Concerns\ResolvesAdminUserId;
-use App\Models\BalanceTransaction;
-use App\Models\SaasAdminAuditLog;
-```
-
-Add the trait inside the class (right after the class opening brace):
-
-```php
-class AdminTenantsController extends Controller
-{
-    use ResolvesAdminUserId;
-```
-
-- [ ] **Step 4: Add the `updateBalance` method**
-
-Append this method to `AdminTenantsController` (after `show()`, before the private helpers):
-
-```php
-    /**
-     * PATCH /api/admin/tenants/{id}/balance — установить точный ₽-баланс тенанта.
-     *
-     * Семантика «set absolute»: админ передаёт целевой balance_rub, сервер
-     * считает знаковую дельту (target − current) и пишет её append-only строкой
-     * balance_transactions(type='manual_adjustment') + saas_admin_audit_log.
-     *
-     * SaaS-уровневый: НЕ tenant-aware. Money — bcmath, lockForUpdate (конвенция
-     * LedgerService / AdminBillingController::refund). balance_leads не трогаем
-     * (Billing v2 Spec A — лиды vestigial, удаляются в Phase B).
-     */
-    public function updateBalance(Request $request, int $id): JsonResponse
-    {
-        $validated = $request->validate([
-            'balance_rub' => ['required', 'string', 'regex:/^-?\d+(\.\d{1,2})?$/'],
-            'reason' => ['nullable', 'string', 'max:500'],
-        ]);
-
-        $target = bcadd((string) $validated['balance_rub'], '0', 2); // нормализуем scale 2
-        $reason = isset($validated['reason']) && trim((string) $validated['reason']) !== ''
-            ? trim((string) $validated['reason'])
-            : 'Ручная корректировка баланса (админ)';
-        $adminUserId = $this->resolveAdminUserId($request, 'system-balance@liderra.local', 'System Balance Bot');
-
-        /** @var array{balance_rub:string, delta:string, transaction_id:int} $result */
-        $result = DB::transaction(function () use ($id, $target, $reason, $adminUserId, $request): array {
-            DB::statement('SET LOCAL app.current_tenant_id = '.$id);
-
-            $tenant = DB::table('tenants')->where('id', $id)->whereNull('deleted_at')
-                ->lockForUpdate()->first();
-            if ($tenant === null) {
-                abort(404, 'tenant not found');
-            }
-
-            $current = (string) $tenant->balance_rub;
-            $delta = bcsub($target, $current, 2);
-            if (bccomp($delta, '0', 2) === 0) {
-                abort(422, 'balance unchanged');
-            }
-
-            DB::table('tenants')->where('id', $id)->update([
-                'balance_rub' => $target,
-                'updated_at' => now(),
-            ]);
-
-            $tx = BalanceTransaction::create([
-                'tenant_id' => $id,
-                'type' => BalanceTransaction::TYPE_MANUAL_ADJUSTMENT,
-                'amount_rub' => $delta,
-                'amount_leads' => null,
-                'balance_rub_after' => $target,
-                'balance_leads_after' => null,
-                'description' => $reason,
-                'admin_user_id' => $adminUserId,
-                'created_at' => now(),
-            ]);
-
-            SaasAdminAuditLog::create([
-                'admin_user_id' => $adminUserId,
-                'action' => 'tenant.balance_adjusted',
-                'target_type' => 'tenant',
-                'target_id' => $id,
-                'target_tenant_id' => $id,
-                'payload_before' => ['balance_rub' => $current],
-                'payload_after' => ['balance_rub' => $target, 'delta' => $delta, 'transaction_id' => $tx->id],
-                'reason' => $reason,
-                'ip_address' => $request->ip() ?? '127.0.0.1',
-                'user_agent' => $request->userAgent(),
-            ]);
-
-            return ['balance_rub' => $target, 'delta' => $delta, 'transaction_id' => (int) $tx->id];
-        });
-
-        return response()->json([
-            'id' => $id,
-            'balance_rub' => $result['balance_rub'],
-            'delta' => $result['delta'],
-            'transaction_id' => $result['transaction_id'],
-        ]);
-    }
-```
-
-Verify `BalanceTransaction::TYPE_MANUAL_ADJUSTMENT` constant exists (it does — `= 'manual_adjustment'`, seen in the model). If the constant name differs, grep `app/app/Models/BalanceTransaction.php` for `MANUAL_ADJUSTMENT` and use the actual name.
-
-- [ ] **Step 5: Add the route**
-
-In `app/routes/web.php`, inside the `Route::middleware('saas-admin')->group(...)` block, right after the tenants `show` route (line ~100):
-
-```php
-    Route::patch('/api/admin/tenants/{id}/balance', 'App\Http\Controllers\Api\AdminTenantsController@updateBalance')
-        ->where('id', '[0-9]+');
-```
-
-- [ ] **Step 6: Run test to verify it passes**
-
-Run: `./vendor/bin/pest tests/Feature/Admin/AdminTenantBalanceUpdateTest.php`
-Expected: PASS (6 tests).
-
-If `saas_admin_audit_log` insert fails on a missing partition for the current month — create it (`php artisan partitions:create-months`) and re-run; this is the known testing-DB partition quirk, not a code bug.
-
-- [ ] **Step 7: Run adjacent admin suite for regressions**
-
-Run: `./vendor/bin/pest tests/Feature/Admin`
-Expected: no NEW failures (pre-existing partition-gap failures, if any, are unrelated).
-
-- [ ] **Step 8: Commit**
-
-```bash
-cd "/c/моя/проекты/портал crm/Документация/.claude/worktrees/admin-tenant-balance-edit"
-git add app/app/Http/Controllers/Api/AdminTenantsController.php \
-        app/routes/web.php \
-        app/tests/Feature/Admin/AdminTenantBalanceUpdateTest.php
-git commit -m "feat(admin): PATCH tenants/{id}/balance — set exact rub balance + ledger + audit"
-```
-
-Use `LEFTHOOK=0 git commit ...` if pre-commit fails on missing worktree binaries (gitleaks.exe/squawk.exe) — known worktree quirk.
-
----
-
-## Task 2: Frontend API client `updateTenantBalance`
-
-**Files:**
-
-- Modify: `app/resources/js/api/admin.ts`
-
-- [ ] **Step 1: Add the function**
-
-In `app/resources/js/api/admin.ts`, after the `refundTenant` function (~line 372), add:
-
-```typescript
-export async function updateTenantBalance(
-    id: number,
-    payload: { balance_rub: string; reason?: string },
-): Promise<{ id: number; balance_rub: string; delta: string; transaction_id: number }> {
-    await ensureCsrfCookie();
-    const { data } = await apiClient.patch<{
-        id: number;
-        balance_rub: string;
-        delta: string;
-        transaction_id: number;
-    }>(`/api/admin/tenants/${id}/balance`, payload);
-    return data;
-}
-```
-
-- [ ] **Step 2: Type-check**
-
-Run from `app/`: `npm run type-check 2>&1 | grep -E "admin.ts" | head`
-Expected: no errors on `admin.ts`.
-
-- [ ] **Step 3: No commit yet** — rides with Task 3 (its first consumer, the dialog).
-
----
-
-## Task 3: `TenantBalanceDialog.vue` + Vitest
-
-**Files:**
-
-- Create: `app/resources/js/components/admin/TenantBalanceDialog.vue`
-- Create: `app/tests/Frontend/TenantBalanceDialog.spec.ts`
-
-- [ ] **Step 1: Write the Vitest spec (TDD)**
-
-Create `app/tests/Frontend/TenantBalanceDialog.spec.ts`:
-
-```typescript
-import { mount } from '@vue/test-utils';
-import { beforeEach, describe, expect, it, vi } from 'vitest';
-import { createVuetify } from 'vuetify';
-
-import TenantBalanceDialog from '../../resources/js/components/admin/TenantBalanceDialog.vue';
-import * as adminApi from '../../resources/js/api/admin';
-
-const vuetify = createVuetify();
-
-function mountDialog(props: Record<string, unknown> = {}) {
-    return mount(TenantBalanceDialog, {
-        props: {
-            modelValue: true,
-            tenantId: 42,
-            tenantName: 'Окна Москва ООО',
-            currentBalanceRub: 1000,
-            ...props,
-        },
-        global: { plugins: [vuetify] },
-        attachTo: document.body,
-    });
-}
-
-describe('TenantBalanceDialog', () => {
-    beforeEach(() => {
-        vi.restoreAllMocks();
-    });
-
-    it('previews signed delta when new balance entered', async () => {
-        const w = mountDialog();
-        const vm = w.vm as unknown as { newBalance: string; delta: string };
-        vm.newBalance = '2500';
-        await w.vm.$nextTick();
-        // delta = 2500 − 1000 = +1500
-        expect((w.vm as unknown as { delta: string }).delta).toBe('1500.00');
-    });
-
-    it('disables save when balance empty or unchanged', async () => {
-        const w = mountDialog();
-        const vm = w.vm as unknown as { newBalance: string; canSave: boolean };
-        vm.newBalance = '';
-        await w.vm.$nextTick();
-        expect((w.vm as unknown as { canSave: boolean }).canSave).toBe(false);
-        vm.newBalance = '1000'; // равно текущему
-        await w.vm.$nextTick();
-        expect((w.vm as unknown as { canSave: boolean }).canSave).toBe(false);
-        vm.newBalance = '1500';
-        await w.vm.$nextTick();
-        expect((w.vm as unknown as { canSave: boolean }).canSave).toBe(true);
-    });
-
-    it('calls updateTenantBalance with normalized payload and emits saved', async () => {
-        const spy = vi.spyOn(adminApi, 'updateTenantBalance').mockResolvedValue({
-            id: 42,
-            balance_rub: '2500.00',
-            delta: '1500.00',
-            transaction_id: 7,
-        });
-        const w = mountDialog();
-        const vm = w.vm as unknown as { newBalance: string; reason: string; submit: () => Promise<void> };
-        vm.newBalance = '2500';
-        vm.reason = 'тест';
-        await vm.submit();
-
-        expect(spy).toHaveBeenCalledWith(42, { balance_rub: '2500.00', reason: 'тест' });
-        expect(w.emitted('saved')).toBeTruthy();
-        expect(w.emitted('saved')![0][0]).toMatchObject({ balance_rub: '2500.00' });
-    });
-});
-```
-
-- [ ] **Step 2: Run test to verify it fails**
-
-Run from `app/`: `npm run test:vue -- TenantBalanceDialog.spec.ts 2>&1 | tail -20`
-Expected: FAIL — component does not exist.
-
-- [ ] **Step 3: Create the component**
-
-Create `app/resources/js/components/admin/TenantBalanceDialog.vue`:
-
-```vue
-<script setup lang="ts">
-/**
- * Диалог установки точного ₽-баланса тенанта (SaaS-admin).
- * Используется из карточки тенанта (TenantDetailHeader) и из строки таблицы
- * списка (TenantsTable). Семантика «установить точную сумму» — сервер сам
- * считает знаковую дельту и пишет manual_adjustment + audit.
- */
-import { computed, ref, watch } from 'vue';
-import { updateTenantBalance } from '../../api/admin';
-import { extractErrorMessage } from '../../api/client';
-
-const props = defineProps<{
-    modelValue: boolean;
-    tenantId: number;
-    tenantName: string;
-    currentBalanceRub: number;
-}>();
-
-const emit = defineEmits<{
-    'update:modelValue': [value: boolean];
-    saved: [payload: { balance_rub: string; delta: string; transaction_id: number }];
-}>();
-
-const newBalance = ref('');
-const reason = ref('');
-const submitting = ref(false);
-const errorMsg = ref<string | null>(null);
-
-// Нормализованная целевая сумма (scale 2) — '' если ввод невалиден.
-const targetNormalized = computed(() => {
-    const raw = newBalance.value.trim().replace(',', '.');
-    if (!/^-?\d+(\.\d{1,2})?$/.test(raw)) return '';
-    return Number(raw).toFixed(2);
-});
-
-const delta = computed(() => {
-    if (targetNormalized.value === '') return '';
-    return (Number(targetNormalized.value) - props.currentBalanceRub).toFixed(2);
-});
-
-const canSave = computed(
-    () => !submitting.value && targetNormalized.value !== '' && delta.value !== '' && Number(delta.value) !== 0,
-);
-
-watch(
-    () => props.modelValue,
-    (open) => {
-        if (open) {
-            newBalance.value = '';
-            reason.value = '';
-            errorMsg.value = null;
-        }
-    },
-);
-
-async function submit(): Promise<void> {
-    if (!canSave.value) return;
-    submitting.value = true;
-    errorMsg.value = null;
-    try {
-        const payload: { balance_rub: string; reason?: string } = { balance_rub: targetNormalized.value };
-        if (reason.value.trim() !== '') payload.reason = reason.value.trim();
-        const result = await updateTenantBalance(props.tenantId, payload);
-        emit('saved', { balance_rub: result.balance_rub, delta: result.delta, transaction_id: result.transaction_id });
-        emit('update:modelValue', false);
-    } catch (e) {
-        errorMsg.value = extractErrorMessage(e, 'Не удалось изменить баланс.');
-    } finally {
-        submitting.value = false;
-    }
-}
-
-function close(): void {
-    emit('update:modelValue', false);
-}
-</script>
-
-<template>
-    <v-dialog
-        :model-value="modelValue"
-        max-width="460"
-        @update:model-value="emit('update:modelValue', $event)"
-    >
-        <v-card>
-            <v-card-title class="text-h6">Изменить баланс</v-card-title>
-            <v-card-subtitle>{{ tenantName }}</v-card-subtitle>
-            <v-card-text>
-                <div class="text-body-2 text-medium-emphasis mb-3">
-                    Текущий баланс: <strong class="num">{{ currentBalanceRub.toFixed(2) }} ₽</strong>
-                </div>
-
-                <v-text-field
-                    v-model="newBalance"
-                    label="Новый баланс, ₽"
-                    type="text"
-                    inputmode="decimal"
-                    density="comfortable"
-                    data-testid="balance-input"
-                    :hint="targetNormalized === '' && newBalance !== '' ? 'Формат: 1234.56' : ''"
-                    persistent-hint
-                />
-
-                <v-text-field
-                    v-model="reason"
-                    label="Причина (необязательно)"
-                    type="text"
-                    density="comfortable"
-                    maxlength="500"
-                    class="mt-2"
-                    data-testid="reason-input"
-                />
-
-                <div v-if="delta !== ''" class="preview mt-3 text-body-2">
-                    было <span class="num">{{ currentBalanceRub.toFixed(2) }} ₽</span>
-                    → станет <span class="num">{{ targetNormalized }} ₽</span>
-                    (<span class="num" :class="Number(delta) < 0 ? 'text-error' : 'text-success'">
-                        {{ Number(delta) > 0 ? '+' : '' }}{{ delta }} ₽
-                    </span>)
-                </div>
-
-                <v-alert v-if="errorMsg" type="error" variant="tonal" density="compact" class="mt-3">
-                    {{ errorMsg }}
-                </v-alert>
-            </v-card-text>
-            <v-card-actions>
-                <v-spacer />
-                <v-btn variant="text" :disabled="submitting" @click="close">Отмена</v-btn>
-                <v-btn
-                    color="primary"
-                    variant="flat"
-                    :loading="submitting"
-                    :disabled="!canSave"
-                    data-testid="balance-save"
-                    @click="submit"
-                >
-                    Сохранить
-                </v-btn>
-            </v-card-actions>
-        </v-card>
-    </v-dialog>
-</template>
-
-<style scoped>
-.num {
-    font-family: 'JetBrains Mono', ui-monospace, monospace;
-    font-feature-settings: 'tnum';
-}
-</style>
-```
-
-- [ ] **Step 4: Run Vitest**
-
-Run from `app/`: `npm run test:vue -- TenantBalanceDialog.spec.ts 2>&1 | tail -20`
-Expected: PASS (3 tests). If `extractErrorMessage` signature differs (e.g. single-arg), check `app/resources/js/api/client.ts` and adapt the call.
-
-- [ ] **Step 5: vue-tsc**
-
-Run: `npm run type-check 2>&1 | grep -E "TenantBalanceDialog|admin.ts" | head`
-Expected: 0 errors.
-
-- [ ] **Step 6: Commit (Task 2 api + Task 3 dialog together)**
-
-```bash
-git add app/resources/js/api/admin.ts \
-        app/resources/js/components/admin/TenantBalanceDialog.vue \
-        app/tests/Frontend/TenantBalanceDialog.spec.ts
-git commit -m "feat(admin): TenantBalanceDialog + updateTenantBalance api client"
-```
-
----
-
-## Task 4: Wire dialog into tenant detail card
-
-**Files:**
-
-- Modify: `app/resources/js/components/admin/tenant-detail/TenantDetailHeader.vue`
-- Modify: `app/resources/js/views/admin/AdminTenantDetailView.vue`
-
-- [ ] **Step 1: Add «Изменить баланс» button to the balance KPI card**
-
-In `TenantDetailHeader.vue`, the `defineEmits` is currently:
-
-```typescript
-const emit = defineEmits<{
-    back: [];
-    impersonate: [];
-}>();
-```
-
-Change to add `editBalance`:
-
-```typescript
-const emit = defineEmits<{
-    back: [];
-    impersonate: [];
-    editBalance: [];
-}>();
-```
-
-In the template, the balance KPI card is:
-
-```vue
-<v-card variant="outlined" class="kpi-card pa-4" data-testid="kpi-balance">
-    <div class="kpi-label text-caption text-medium-emphasis">Баланс</div>
-    <div class="kpi-value num" :class="{ 'text-error': tenant.balanceRub < 0 }">
-        {{ formatRub(tenant.balanceRub) }}
-    </div>
-    <div class="kpi-sub text-caption text-medium-emphasis">runway ~{{ tenant.runwayDays }} дн</div>
-</v-card>
-```
-
-Add an «Изменить» button after the `kpi-sub` div, inside the card:
-
-```vue
-<v-card variant="outlined" class="kpi-card pa-4" data-testid="kpi-balance">
-    <div class="kpi-label text-caption text-medium-emphasis">Баланс</div>
-    <div class="kpi-value num" :class="{ 'text-error': tenant.balanceRub < 0 }">
-        {{ formatRub(tenant.balanceRub) }}
-    </div>
-    <div class="kpi-sub text-caption text-medium-emphasis">runway ~{{ tenant.runwayDays }} дн</div>
-    <v-btn
-        variant="text"
-        size="small"
-        density="comfortable"
-        prepend-icon="mdi-pencil"
-        class="mt-1 px-0"
-        data-testid="edit-balance-btn"
-        @click="emit('editBalance')"
-    >
-        Изменить
-    </v-btn>
-</v-card>
-```
-
-- [ ] **Step 2: Mount the dialog in the detail view**
-
-In `AdminTenantDetailView.vue`:
-
-Add import after the existing component imports (~line 24):
-
-```typescript
-import TenantBalanceDialog from '../../components/admin/TenantBalanceDialog.vue';
-```
-
-Add state near `impersonationOpen` (~line 66):
-
-```typescript
-const balanceDialogOpen = ref(false);
-```
-
-In the template, inside the `v-container v-if="tenant"` block, after `<ImpersonationDialog ... />`, add:
-
-```vue
-<TenantBalanceDialog
-    v-model="balanceDialogOpen"
-    :tenant-id="tenant.id"
-    :tenant-name="tenant.name"
-    :current-balance-rub="tenant.balanceRub"
-    @saved="onBalanceSaved"
-/>
-```
-
-Wire the header emit on the `<TenantDetailHeader>` element:
-
-```vue
-<TenantDetailHeader
-    :tenant="tenant"
-    @back="goBack"
-    @impersonate="impersonationOpen = true"
-    @edit-balance="balanceDialogOpen = true"
-/>
-```
-
-Add the `onBalanceSaved` handler (after `goBack`):
-
-```typescript
-async function onBalanceSaved(): Promise<void> {
-    await loadTenant();
-}
-```
-
-Add `balanceDialogOpen` to `defineExpose` so Vitest can drive it:
-
-```typescript
-defineExpose({ tenant, activeTab, impersonationOpen, balanceDialogOpen, loadTenant });
-```
-
-Confirm `AdminTenantDetail` mock type has a numeric `id` field (it does — `mockTenantDetail.ts:11 id: number`) and `balanceRub: number` (used by header). If `tenant.id` is absent on the mapped type, check `adminTenantDetailMapper.ts` maps `tenant.id` from the API response and add it.
-
-- [ ] **Step 3: Run frontend checks**
-
-Run from `app/`:
-
-```bash
-npm run test:vue -- AdminTenantDetailView 2>&1 | tail -20
-npm run type-check 2>&1 | grep -E "AdminTenantDetailView|TenantDetailHeader" | head
-```
-
-Expected: existing detail-view tests still pass; vue-tsc clean. If an existing test mounts `TenantDetailHeader` and asserts emitted events, it remains valid (we only added an emit).
-
-- [ ] **Step 4: Commit**
-
-```bash
-git add app/resources/js/components/admin/tenant-detail/TenantDetailHeader.vue \
-        app/resources/js/views/admin/AdminTenantDetailView.vue
-git commit -m "feat(admin): wire balance dialog into tenant detail card"
-```
-
----
-
-## Task 5: Wire dialog into tenant list table
-
-**Files:**
-
-- Modify: `app/resources/js/components/admin/tenants/TenantsTable.vue`
-- Modify: `app/resources/js/views/admin/AdminTenantsView.vue`
-
-- [ ] **Step 1: Add row action + emit in TenantsTable**
-
-In `TenantsTable.vue`, `defineEmits` is:
-
-```typescript
-const emit = defineEmits<{
-    rowClick: [tenant: AdminTenant];
-    impersonate: [tenant: AdminTenant];
-}>();
-```
-
-Add `editBalance`:
-
-```typescript
-const emit = defineEmits<{
-    rowClick: [tenant: AdminTenant];
-    impersonate: [tenant: AdminTenant];
-    editBalance: [tenant: AdminTenant];
-}>();
-```
-
-In the `#[`item.actions`]` slot, add a balance-edit icon button before the impersonate tooltip (inside the same slot):
-
-```vue
-<template #[`item.actions`]="{ item }: { item: AdminTenant }">
-    <v-tooltip text="Изменить баланс" location="top" aria-label="Изменить баланс">
-        <template #activator="{ props: tipProps }">
-            <v-btn
-                v-bind="tipProps"
-                icon="mdi-cash-edit"
-                variant="text"
-                size="small"
-                density="comfortable"
-                :aria-label="`Изменить баланс для ${item.name}`"
-                :data-testid="`edit-balance-btn-${item.id}`"
-                @click.stop="emit('editBalance', item)"
-            />
-        </template>
-    </v-tooltip>
-    <v-tooltip
-        text="Войти как клиент (impersonation)"
-        location="top"
-        aria-label="Войти как клиент (impersonation)"
-    >
-        <template #activator="{ props: tipProps }">
-            <v-btn
-                v-bind="tipProps"
-                icon="mdi-account-switch"
-                variant="text"
-                size="small"
-                density="comfortable"
-                :aria-label="`Войти как клиент (impersonation) для ${item.name}`"
-                :disabled="item.status === 'suspended'"
-                :data-testid="`impersonate-btn-${item.id}`"
-                @click.stop="emit('impersonate', item)"
-            />
-        </template>
-    </v-tooltip>
-</template>
-```
-
-Widen the actions column so two icons fit — change the `actions` header `width: 56` to `width: 96` in the `:headers` array.
-
-- [ ] **Step 2: Mount the dialog in the list view**
-
-Read `app/resources/js/views/admin/AdminTenantsView.vue` first to see how it consumes `TenantsTable` and where it keeps state / how it reloads the list (look for the `listAdminTenants` call and the mapped tenants ref).
-
-Then:
-
-- Import `TenantBalanceDialog` and (if not already) ensure tenants list is in a reactive ref with a reload function.
-- Add state: `const balanceDialogOpen = ref(false);` and `const balanceTarget = ref<AdminTenant | null>(null);`.
-- Wire `<TenantsTable ... @edit-balance="openBalanceDialog" />`.
-- Add handler:
-
-  ```typescript
-  function openBalanceDialog(t: AdminTenant): void {
-      balanceTarget.value = t;
-      balanceDialogOpen.value = true;
-  }
-  async function onBalanceSaved(): Promise<void> {
-      // перезагрузить список, чтобы строка показала новый баланс
-      await loadTenants(); // имя реальной функции загрузки — взять из файла
-  }
-  ```
-
-  (Use the actual list-loader function name found in the file.)
-- Mount the dialog (guarded by `balanceTarget`):
-
-  ```vue
-  <TenantBalanceDialog
-      v-if="balanceTarget"
-      v-model="balanceDialogOpen"
-      :tenant-id="balanceTarget.id"
-      :tenant-name="balanceTarget.name"
-      :current-balance-rub="balanceTarget.balanceRub"
-      @saved="onBalanceSaved"
-  />
-  ```
-
-- [ ] **Step 3: Run frontend checks**
-
-Run from `app/`:
-
-```bash
-npm run test:vue -- AdminTenantsView 2>&1 | tail -20
-npm run type-check 2>&1 | grep -E "AdminTenantsView|TenantsTable" | head
-```
-
-Expected: existing list-view tests pass; vue-tsc clean.
-
-- [ ] **Step 4: Commit**
-
-```bash
-git add app/resources/js/components/admin/tenants/TenantsTable.vue \
-        app/resources/js/views/admin/AdminTenantsView.vue
-git commit -m "feat(admin): wire balance dialog into tenant list table"
-```
-
----
-
-## Task 6: Full frontend + backend regression
-
-**Files:** none directly; fix wherever it breaks.
-
-- [ ] **Step 1: Run targeted suites**
-
-```bash
-cd app
-./vendor/bin/pest tests/Feature/Admin/AdminTenantBalanceUpdateTest.php
-npm run test:vue -- TenantBalanceDialog 2>&1 | tail -10
-npm run type-check 2>&1 | tail -20
-npm run lint:vue 2>&1 | tail -20
-npm run build 2>&1 | tail -5
-```
-
-Expected: all green (pre-existing unrelated failures excluded).
-
-- [ ] **Step 2: Fix any breaks, commit incrementally**
-
-Each fix = own commit: `fix(admin): <what>`.
-
----
-
-## Spec Coverage Check (self-review)
-
-| Spec requirement | Task | Status |
-|---|---|---|
-| Set-absolute semantics, server computes delta | Task 1 | ✓ |
-| `manual_adjustment` ledger row, signed amount | Task 1 | ✓ |
-| `saas_admin_audit_log` `tenant.balance_adjusted` | Task 1 | ✓ |
-| bcmath + lockForUpdate, SaaS connection / SET LOCAL | Task 1 | ✓ |
-| Validation: decimal regex, negative allowed, reason optional, no-op 422, 404 | Task 1 | ✓ |
-| Route under `saas-admin`, id-constrained | Task 1 | ✓ |
-| API client `updateTenantBalance` | Task 2 | ✓ |
-| Shared `TenantBalanceDialog` with live delta preview | Task 3 | ✓ |
-| Edit from tenant detail card | Task 4 | ✓ |
-| Edit inline from list table | Task 5 | ✓ |
-| balance_leads NOT edited | Task 1 (amount_leads null, no leads field) | ✓ |
-| Tests: Pest + Vitest | Tasks 1, 3 | ✓ |
-
----
-
-## Plan complete
-
-**Deployment after merge:** копир-паттерном на боевой `liderra.ru` (3 PHP-файла + frontend `public/build`); DDL не требуется. После выкатки заказчик выставляет реальные балансы тестовым тенантам через UI.
diff --git a/docs/superpowers/plans/2026-05-23-billing-v2-spec-a-balance-rub-plan.md b/docs/superpowers/plans/2026-05-23-billing-v2-spec-a-balance-rub-plan.md
deleted file mode 100644
index 1c93204..0000000
--- a/docs/superpowers/plans/2026-05-23-billing-v2-spec-a-balance-rub-plan.md
+++ /dev/null
@@ -1,2361 +0,0 @@
-# Billing v2 Spec A Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
->
-> **Subagent model constraint (Pravila §15.1):** Sonnet or Opus only — NOT Haiku — for any task that includes a git commit step. Naïve Haiku subagents have hijacked parallel-session branches in past sprints.
-
-**Goal:** Реализовать Спек A серии «Биллинг v2»: убрать `tenants.balance_leads`, упразднить ценовые колонки в `tariff_plans`, добавить pure-сервис `BalanceToLeadsConverter` (точный расчёт ₽→лиды по ступеням), закрыть 15 находок аудита Биллинга в коде и UI.
-
-**Architecture:** Двухфазный релиз. Phase A (PR #1) — все code-side изменения + идемпотентная artisan-команда миграции данных, колонки остаются в БД как страховка. Phase B (PR #2, через ≥72ч в проде) — `ALTER TABLE ... DROP COLUMN`. Все мутации денег — через bcmath, без PHP float. Новый pure-сервис `BalanceToLeadsConverter` — единственный движок «₽ → лиды» (используется в `wallet`, `runwayDays`, новом UI-блоке «Цены за лид»).
-
-**Tech Stack:** PHP 8.3 / Laravel 13 / Pest 4 / Vue 3.5 / Vuetify 3.12 / Vitest 4 / Histoire / PostgreSQL 16 / bcmath / Memurai.
-
-**Spec:** [docs/superpowers/specs/2026-05-23-billing-v2-spec-a-balance-rub-design.md](../specs/2026-05-23-billing-v2-spec-a-balance-rub-design.md)
-
----
-
-## Phase 0: Setup & branching
-
-### Task 0.1: Create isolated worktree from origin/main
-
-**Files:**
-
-- N/A (git operation)
-
-- [ ] **Step 1: Verify clean baseline of working repo**
-
-Run: `git status --short && git rev-parse --abbrev-ref HEAD`
-Expected: any branch — note current branch and uncommitted state.
-
-- [ ] **Step 2: Fetch origin**
-
-Run: `git fetch origin`
-Expected: fetch completes, `origin/main` updated.
-
-- [ ] **Step 3: Create worktree from origin/main**
-
-Run: `git worktree add -B feat/billing-v2-spec-a ../worktree-billing-v2-spec-a origin/main`
-Expected: new worktree created at `../worktree-billing-v2-spec-a` checked out on branch `feat/billing-v2-spec-a` from latest `origin/main`.
-
-- [ ] **Step 4: Verify worktree is clean and up-to-date**
-
-Run from worktree dir:
-
-```
-cd ../worktree-billing-v2-spec-a
-git status --short
-git log -1 --oneline
-```
-
-Expected: empty status; HEAD matches latest `origin/main` commit.
-
-- [ ] **Step 5: Copy gitignored runtime files into worktree**
-
-Worktree dir doesn't have `.env`, `storage/`, `bin/lychee.exe`, etc. Copy from main checkout:
-
-```
-cp ../<main-checkout>/app/.env app/.env
-cp -r ../<main-checkout>/app/storage app/storage
-cp ../<main-checkout>/bin/* bin/
-```
-
-(Quirk from memory: Sprint 4 / project_sprint4_progress — fresh worktree needs gitignored files copied.)
-
-- [ ] **Step 6: Sanity-check worktree dev stack**
-
-Run from worktree dir:
-
-```
-cd app && php artisan migrate:status | head -20
-```
-
-Expected: prints existing migrations status — confirms DB connection works.
-
-No commit in this task — worktree is a setup operation.
-
----
-
-## Phase A: Code + Data Migration
-
-### Task A.1: Add `TYPE_MIGRATION` constant + extend CHECK constraint
-
-**Files:**
-
-- Modify: `app/app/Models/BalanceTransaction.php` (around line 29-33)
-- Create: `app/database/migrations/2026_05_23_100001_extend_balance_transactions_type_for_migration.php`
-- Test: `app/tests/Unit/Models/BalanceTransactionMigrationTypeTest.php`
-
-- [ ] **Step 1: Write the failing test**
-
-Create `app/tests/Unit/Models/BalanceTransactionMigrationTypeTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\BalanceTransaction;
-use App\Models\Tenant;
-
-it('accepts type=migration after CHECK constraint extension', function () {
-    /** @var Tenant $tenant */
-    $tenant = Tenant::factory()->create(['balance_rub' => '1000.00']);
-
-    $tx = BalanceTransaction::create([
-        'tenant_id' => $tenant->id,
-        'type' => BalanceTransaction::TYPE_MIGRATION,
-        'amount_leads' => -5,
-        'amount_rub' => '600.00',
-        'balance_leads_after' => 0,
-        'balance_rub_after' => '1600.00',
-        'description' => 'test migration',
-    ]);
-
-    expect($tx->type)->toBe('migration');
-});
-
-it('exposes TYPE_MIGRATION constant', function () {
-    expect(BalanceTransaction::TYPE_MIGRATION)->toBe('migration');
-});
-```
-
-- [ ] **Step 2: Run test to verify it fails**
-
-Run from `app/`: `./vendor/bin/pest tests/Unit/Models/BalanceTransactionMigrationTypeTest.php`
-Expected: FAIL — either `BalanceTransaction::TYPE_MIGRATION` undefined or PostgreSQL rejects `type='migration'` (CHECK violation).
-
-- [ ] **Step 3: Add the constant to the model**
-
-In `app/app/Models/BalanceTransaction.php`, after `TYPE_REFUND`:
-
-```php
-public const TYPE_REFUND = 'refund';
-public const TYPE_MIGRATION = 'migration';
-```
-
-- [ ] **Step 4: Create migration to extend CHECK constraint**
-
-Create `app/database/migrations/2026_05_23_100001_extend_balance_transactions_type_for_migration.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Database\Migrations\Migration;
-use Illuminate\Support\Facades\DB;
-
-return new class extends Migration
-{
-    public function up(): void
-    {
-        DB::statement(<<<'SQL'
-            ALTER TABLE balance_transactions
-            DROP CONSTRAINT IF EXISTS balance_transactions_type_check;
-            ALTER TABLE balance_transactions
-            ADD CONSTRAINT balance_transactions_type_check
-            CHECK (type IN (
-                'trial_bonus','topup','lead_charge','refund',
-                'manual_adjustment','historical_import',
-                'chargeback_writedown','chargeback_repayment',
-                'migration'
-            ));
-        SQL);
-    }
-
-    public function down(): void
-    {
-        DB::statement(<<<'SQL'
-            ALTER TABLE balance_transactions
-            DROP CONSTRAINT IF EXISTS balance_transactions_type_check;
-            ALTER TABLE balance_transactions
-            ADD CONSTRAINT balance_transactions_type_check
-            CHECK (type IN (
-                'trial_bonus','topup','lead_charge','refund',
-                'manual_adjustment','historical_import',
-                'chargeback_writedown','chargeback_repayment'
-            ));
-        SQL);
-    }
-};
-```
-
-- [ ] **Step 5: Run migration**
-
-Run from `app/`: `php artisan migrate`
-Expected: migration applies, no errors.
-
-- [ ] **Step 6: Run test to verify it passes**
-
-Run: `./vendor/bin/pest tests/Unit/Models/BalanceTransactionMigrationTypeTest.php`
-Expected: PASS (2 assertions).
-
-- [ ] **Step 7: Update `db/schema.sql` baseline**
-
-Edit `db/schema.sql` lines 2326-2331 — replace the `CHECK (type IN (...))` clause to include `'migration'`. Update header version (line 7-19 area) — add `v8.NN (23.05.2026 — Billing v2 Spec A Task A.1: balance_transactions.type +migration)`.
-
-- [ ] **Step 8: Add CHANGELOG entry**
-
-In `db/CHANGELOG_schema.md` — add entry under «23.05.2026»: `+CHECK constraint balance_transactions_type extended with 'migration'`.
-
-- [ ] **Step 9: Commit**
-
-```
-git add app/app/Models/BalanceTransaction.php \
-        app/database/migrations/2026_05_23_100001_extend_balance_transactions_type_for_migration.php \
-        app/tests/Unit/Models/BalanceTransactionMigrationTypeTest.php \
-        db/schema.sql db/CHANGELOG_schema.md
-git commit -m "feat(billing-v2): add BalanceTransaction::TYPE_MIGRATION + extend CHECK"
-```
-
----
-
-### Task A.2: New pure service `BalanceToLeadsConverter`
-
-**Files:**
-
-- Create: `app/app/Services/Billing/BalanceToLeadsConverter.php`
-- Create: `app/tests/Unit/Services/Billing/BalanceToLeadsConverterTest.php`
-
-- [ ] **Step 1: Write the failing test (8 cases)**
-
-Create `app/tests/Unit/Services/Billing/BalanceToLeadsConverterTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\PricingTier;
-use App\Services\Billing\BalanceToLeadsConverter;
-use Illuminate\Database\Eloquent\Collection;
-
-function buildTier(int $no, ?int $cap, int $priceKopecks): PricingTier
-{
-    $t = new PricingTier();
-    $t->tier_no = $no;
-    $t->leads_in_tier = $cap;
-    $t->price_per_lead_kopecks = $priceKopecks;
-    $t->is_active = true;
-    return $t;
-}
-
-beforeEach(function () {
-    $this->tiers = new Collection([
-        buildTier(1,  50,  12000),
-        buildTier(2, 100,  10000),
-        buildTier(3, 200,   8000),
-        buildTier(7, null,  6000),
-    ]);
-});
-
-it('returns 0 leads when balance is zero', function () {
-    $result = (new BalanceToLeadsConverter())->convert('0.00', 0, $this->tiers);
-    expect($result['leads'])->toBe(0);
-});
-
-it('takes only tier 1 when balance covers only first tier', function () {
-    $result = (new BalanceToLeadsConverter())->convert('1200.00', 0, $this->tiers);
-    expect($result['leads'])->toBe(10);
-    expect($result['breakdown'])->toHaveCount(1);
-    expect($result['breakdown'][0]['tier_no'])->toBe(1);
-    expect($result['breakdown'][0]['leads'])->toBe(10);
-});
-
-it('crosses tier 1 → tier 2 with deliveredInMonth=30', function () {
-    // 30 already delivered, 5000 ₽ remaining
-    // tier 1 has 20 slots × 120₽ = 2400 ₽ → 20 leads, balance = 2600 ₽
-    // tier 2 has 100 slots, 2600/100 = 26 leads → 26 leads
-    // total = 46
-    $result = (new BalanceToLeadsConverter())->convert('5000.00', 30, $this->tiers);
-    expect($result['leads'])->toBe(46);
-    expect($result['breakdown'])->toHaveCount(2);
-    expect($result['breakdown'][0])->toMatchArray(['tier_no' => 1, 'leads' => 20]);
-    expect($result['breakdown'][1])->toMatchArray(['tier_no' => 2, 'leads' => 26]);
-    expect($result['current_tier']['no'])->toBe(1);
-    expect($result['current_tier']['leads_left_in_tier'])->toBe(20);
-    expect($result['next_tier']['no'])->toBe(2);
-});
-
-it('skips already-exhausted tier 1 when deliveredInMonth=50', function () {
-    $result = (new BalanceToLeadsConverter())->convert('1000.00', 50, $this->tiers);
-    // tier 1 exhausted; on tier 2: 1000/100 = 10 leads
-    expect($result['leads'])->toBe(10);
-    expect($result['current_tier']['no'])->toBe(2);
-});
-
-it('uses last tier with leads_in_tier=NULL as catch-all', function () {
-    $result = (new BalanceToLeadsConverter())->convert('600.00', 350, $this->tiers);
-    // tier 1+2+3 exhausted (350 = 50+100+200). Tier 7: 600/60 = 10 leads.
-    expect($result['leads'])->toBe(10);
-    expect($result['current_tier']['no'])->toBe(7);
-});
-
-it('handles exact-kopeck balance precisely (no float drift)', function () {
-    $result = (new BalanceToLeadsConverter())->convert('120.00', 0, $this->tiers);
-    expect($result['leads'])->toBe(1);
-});
-
-it('returns 0 when balance is less than tier 1 price', function () {
-    $result = (new BalanceToLeadsConverter())->convert('119.99', 0, $this->tiers);
-    expect($result['leads'])->toBe(0);
-});
-
-it('ignores inactive tiers', function () {
-    $inactive = buildTier(2, 100, 1);
-    $inactive->is_active = false;
-    $tiers = new Collection([buildTier(1, 50, 12000), $inactive, buildTier(7, null, 6000)]);
-    $result = (new BalanceToLeadsConverter())->convert('5000.00', 50, $tiers);
-    // tier 1 exhausted, tier 2 inactive (skipped), tier 7: 5000/60 = 83 leads
-    expect($result['leads'])->toBe(83);
-});
-```
-
-- [ ] **Step 2: Run test to verify it fails**
-
-Run: `./vendor/bin/pest tests/Unit/Services/Billing/BalanceToLeadsConverterTest.php`
-Expected: FAIL — class `BalanceToLeadsConverter` does not exist.
-
-- [ ] **Step 3: Implement the converter**
-
-Create `app/app/Services/Billing/BalanceToLeadsConverter.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Billing;
-
-use App\Models\PricingTier;
-use Illuminate\Database\Eloquent\Collection;
-
-/**
- * Pure: «при балансе ₽ и доставленных в этом месяце N — сколько лидов клиент
- * получит, проходя ступени pricing_tiers».
- *
- * Все мутации денег — bcmath (string-int копейки), без PHP float.
- *
- * Spec: docs/superpowers/specs/2026-05-23-billing-v2-spec-a-balance-rub-design.md §3.3.1
- */
-final class BalanceToLeadsConverter
-{
-    /**
-     * @return array{
-     *   leads: int,
-     *   breakdown: list<array{tier_no:int, leads:int, price_rub:string}>,
-     *   current_tier: array{no:int, price_rub:string, leads_left_in_tier:int}|null,
-     *   next_tier: array{no:int, price_rub:string, leads_in_tier:int}|null
-     * }
-     */
-    public function convert(string $balanceRub, int $deliveredInMonth, Collection $tiers): array
-    {
-        $balanceKopecks = bcmul($balanceRub, '100', 0);
-        $sorted = $tiers
-            ->filter(fn (PricingTier $t) => (bool) $t->is_active)
-            ->sortBy('tier_no')
-            ->values();
-
-        $totalLeads = 0;
-        $breakdown = [];
-        $cumulative = 0;
-        $currentTier = null;
-        $stopped = false;
-
-        foreach ($sorted as $tier) {
-            $tierCap = $tier->leads_in_tier === null ? PHP_INT_MAX : (int) $tier->leads_in_tier;
-            $tierStart = $cumulative + 1;
-            $tierEnd = $cumulative + $tierCap;
-
-            // «Текущая ступень» — первая, в которую попадает (deliveredInMonth + 1).
-            if ($currentTier === null && $deliveredInMonth < $tierEnd) {
-                $slotsLeft = max(0, $tierEnd - max($tierStart - 1, $deliveredInMonth));
-                $currentTier = [
-                    'no' => (int) $tier->tier_no,
-                    'price_rub' => self::kopecksToRub((int) $tier->price_per_lead_kopecks),
-                    'leads_left_in_tier' => $tier->leads_in_tier === null ? PHP_INT_MAX : $slotsLeft,
-                ];
-            }
-
-            $slotsLeftInTier = max(0, $tierEnd - max($tierStart - 1, $deliveredInMonth));
-            if ($slotsLeftInTier <= 0) {
-                $cumulative = $tierEnd;
-                continue;
-            }
-
-            $priceKopecks = (int) $tier->price_per_lead_kopecks;
-            if ($priceKopecks <= 0) {
-                $totalLeads += $slotsLeftInTier;
-                $breakdown[] = [
-                    'tier_no' => (int) $tier->tier_no,
-                    'leads' => $slotsLeftInTier,
-                    'price_rub' => '0.00',
-                ];
-                $cumulative = $tierEnd;
-                continue;
-            }
-
-            $affordableInTier = (int) bcdiv($balanceKopecks, (string) $priceKopecks, 0);
-            $take = min($slotsLeftInTier, $affordableInTier);
-
-            if ($take > 0) {
-                $totalLeads += $take;
-                $breakdown[] = [
-                    'tier_no' => (int) $tier->tier_no,
-                    'leads' => $take,
-                    'price_rub' => self::kopecksToRub($priceKopecks),
-                ];
-                $balanceKopecks = bcsub(
-                    $balanceKopecks,
-                    bcmul((string) $priceKopecks, (string) $take, 0),
-                    0
-                );
-            }
-
-            if ($take < $slotsLeftInTier) {
-                $stopped = true;
-                break;
-            }
-            if ($tier->leads_in_tier === null) {
-                break;
-            }
-            $cumulative = $tierEnd;
-        }
-
-        $nextTier = null;
-        if ($currentTier !== null && ! $stopped) {
-            foreach ($sorted as $tier) {
-                if ((int) $tier->tier_no > $currentTier['no']) {
-                    $nextTier = [
-                        'no' => (int) $tier->tier_no,
-                        'price_rub' => self::kopecksToRub((int) $tier->price_per_lead_kopecks),
-                        'leads_in_tier' => $tier->leads_in_tier === null ? 0 : (int) $tier->leads_in_tier,
-                    ];
-                    break;
-                }
-            }
-        }
-
-        return [
-            'leads' => $totalLeads,
-            'breakdown' => $breakdown,
-            'current_tier' => $currentTier,
-            'next_tier' => $nextTier,
-        ];
-    }
-
-    private static function kopecksToRub(int $kopecks): string
-    {
-        return bcdiv((string) $kopecks, '100', 2);
-    }
-}
-```
-
-- [ ] **Step 4: Run tests to verify they pass**
-
-Run: `./vendor/bin/pest tests/Unit/Services/Billing/BalanceToLeadsConverterTest.php`
-Expected: PASS (8 tests).
-
-- [ ] **Step 5: Commit**
-
-```
-git add app/app/Services/Billing/BalanceToLeadsConverter.php \
-        app/tests/Unit/Services/Billing/BalanceToLeadsConverterTest.php
-git commit -m "feat(billing-v2): add BalanceToLeadsConverter (pure ₽→лиды по ступеням)"
-```
-
----
-
-### Task A.3: Simplify `InsufficientBalanceException` (drop `balanceLeads` param)
-
-**Files:**
-
-- Modify: `app/app/Exceptions/Billing/InsufficientBalanceException.php`
-- Search for callers: `app/app/Services/Billing/LedgerService.php`, `app/app/Jobs/RouteSupplierLeadJob.php` (logging)
-
-- [ ] **Step 1: Read the exception file**
-
-Read `app/app/Exceptions/Billing/InsufficientBalanceException.php` and identify the constructor signature.
-
-- [ ] **Step 2: Update test for the simplified exception**
-
-In `app/tests/Unit/Exceptions/InsufficientBalanceExceptionTest.php` (create if missing):
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Exceptions\Billing\InsufficientBalanceException;
-
-it('exposes priceKopecks and balanceRub but no balanceLeads', function () {
-    $e = new InsufficientBalanceException(
-        priceKopecks: 12000,
-        balanceRub: '50.00',
-    );
-
-    expect($e->priceKopecks)->toBe(12000);
-    expect($e->balanceRub)->toBe('50.00');
-    expect(property_exists($e, 'balanceLeads'))->toBeFalse();
-});
-```
-
-- [ ] **Step 3: Run test to verify fail (likely fails — balanceLeads still exists)**
-
-Run: `./vendor/bin/pest tests/Unit/Exceptions/InsufficientBalanceExceptionTest.php`
-Expected: FAIL.
-
-- [ ] **Step 4: Update the exception class**
-
-Edit `InsufficientBalanceException.php` constructor: remove `int $balanceLeads` parameter and property.
-
-Resulting class (approx):
-
-```php
-final class InsufficientBalanceException extends \RuntimeException
-{
-    public function __construct(
-        public readonly int $priceKopecks,
-        public readonly string $balanceRub,
-    ) {
-        parent::__construct(
-            sprintf('Insufficient balance: %d kopecks needed, %s ₽ available', $priceKopecks, $balanceRub)
-        );
-    }
-}
-```
-
-- [ ] **Step 5: Update callers (logging in RouteSupplierLeadJob)**
-
-In `app/app/Jobs/RouteSupplierLeadJob.php::handleInsufficientBalance` — remove the `'balance_leads' => $e->balanceLeads` key from the Log::warning context array.
-
-- [ ] **Step 6: Run tests to verify pass**
-
-Run: `./vendor/bin/pest tests/Unit/Exceptions/InsufficientBalanceExceptionTest.php`
-Expected: PASS.
-
-- [ ] **Step 7: Run full LedgerService + RouteSupplierLeadJob tests**
-
-Run: `./vendor/bin/pest tests/Feature/Billing tests/Feature/Supplier --filter=Ledger`
-Expected: PASS (or document any failure for Task A.5/A.6 follow-up).
-
-- [ ] **Step 8: Commit**
-
-```
-git add app/app/Exceptions/Billing/InsufficientBalanceException.php \
-        app/app/Jobs/RouteSupplierLeadJob.php \
-        app/tests/Unit/Exceptions/InsufficientBalanceExceptionTest.php
-git commit -m "refactor(billing-v2): drop balanceLeads from InsufficientBalanceException"
-```
-
----
-
-### Task A.4: Simplify `ChargeResult` DTO
-
-**Files:**
-
-- Modify: `app/app/Services/Billing/ChargeResult.php`
-
-- [ ] **Step 1: Read current ChargeResult**
-
-Read the file. It currently has 3 readonly properties: `$source`, `$tier`, `$priceKopecks`.
-
-- [ ] **Step 2: Decision**
-
-Keep `$source` but make it always `'rub'` (for backward log compatibility), or drop entirely. Per spec §3.3.2 — drop. Update DTO to 2 properties.
-
-- [ ] **Step 3: Update ChargeResult class**
-
-```php
-final readonly class ChargeResult
-{
-    public function __construct(
-        public PricingTier $tier,
-        public int $priceKopecks,
-    ) {}
-}
-```
-
-- [ ] **Step 4: Update callers (LedgerService::chargeForDelivery return; tests reading ->source)**
-
-Grep: `grep -rn '->source' app/app/Services/Billing app/tests` — replace any `->source` assertion with `->priceKopecks > 0 ? 'rub' : 'free'` equivalent OR drop the source assertion entirely.
-
-- [ ] **Step 5: Commit**
-
-```
-git add app/app/Services/Billing/ChargeResult.php
-git commit -m "refactor(billing-v2): drop ChargeResult::source (always rub now)"
-```
-
----
-
-### Task A.5: Simplify `LedgerService::chargeForDelivery` (drop prepaid branch)
-
-**Files:**
-
-- Modify: `app/app/Services/Billing/LedgerService.php`
-- Test: `app/tests/Feature/Billing/LedgerServiceTest.php` (existing)
-
-- [ ] **Step 1: Update the existing test — remove prepaid cases, keep only rub**
-
-In `LedgerServiceTest.php` (read first), find and DELETE:
-
-- Any `it('charges from balance_leads first when available', ...)` test.
-- Any test asserting `'charge_source' => 'prepaid'`.
-- Any test asserting `balance_leads` was decremented.
-
-KEEP and ADJUST:
-
-- `it('throws InsufficientBalanceException when balance_rub × 100 < priceKopecks', ...)` — make sure it doesn't set `balance_leads` in arrange step.
-- `it('charges balance_rub by tier price', ...)` — confirm asserts `charge_source='rub'` and `balance_rub` decremented exactly by tier price.
-
-Add new test:
-
-```php
-it('always uses charge_source=rub regardless of historic balance_leads value', function () {
-    /** @var Tenant $tenant */
-    $tenant = Tenant::factory()->create([
-        'balance_rub' => '1000.00',
-        'balance_leads' => 5,  // historical leftover — must be ignored
-    ]);
-    // ... rest similar to existing rub test, but assert charge_source='rub'
-    // and balance_leads UNCHANGED (still 5 — we don't touch the column).
-});
-```
-
-- [ ] **Step 2: Run test to verify fail (current code still decrements balance_leads)**
-
-Run: `./vendor/bin/pest tests/Feature/Billing/LedgerServiceTest.php`
-Expected: FAIL on the new test (current code decrements balance_leads if it's >= 1).
-
-- [ ] **Step 3: Rewrite `chargeForDelivery` per spec §4.2**
-
-Replace the body of `LedgerService::chargeForDelivery` (lines 46-115 currently) with the simplified version per spec:
-
-```php
-public function chargeForDelivery(
-    Tenant $lockedTenant,
-    Deal $deal,
-    ?SupplierLead $lead = null,
-): ChargeResult {
-    $activeTiers = $this->tiers->activeAt(Carbon::now('Europe/Moscow'));
-    $tier = $this->resolver->resolveForCount(
-        $activeTiers,
-        ($lockedTenant->delivered_in_month ?? 0) + 1
-    );
-    $priceKopecks = (int) $tier->price_per_lead_kopecks;
-
-    // bcmath: balance_rub × 100 >= priceKopecks
-    $balanceKopecks = bcmul((string) $lockedTenant->balance_rub, '100', 0);
-    if (bccomp($balanceKopecks, (string) $priceKopecks, 0) < 0) {
-        throw new InsufficientBalanceException(
-            priceKopecks: $priceKopecks,
-            balanceRub: (string) $lockedTenant->balance_rub,
-        );
-    }
-
-    $amountRub = bcdiv((string) $priceKopecks, '100', 2);
-    $newBalanceRub = bcsub((string) $lockedTenant->balance_rub, $amountRub, 2);
-    DB::table('tenants')
-        ->where('id', $lockedTenant->id)
-        ->update(['balance_rub' => $newBalanceRub]);
-
-    $lockedTenant->increment('delivered_in_month', 1);
-    $lockedTenant->refresh();
-
-    LeadCharge::create([
-        'tenant_id' => $lockedTenant->id,
-        'deal_id' => $deal->id,
-        'deal_received_at' => $deal->received_at,
-        'tier_no' => $tier->tier_no,
-        'price_per_lead_kopecks' => $priceKopecks,
-        'charge_source' => 'rub',
-        'charged_at' => now(),
-        'created_at' => now(),
-    ]);
-
-    BalanceTransaction::create([
-        'tenant_id' => $lockedTenant->id,
-        'type' => BalanceTransaction::TYPE_LEAD_CHARGE,
-        'amount_leads' => null,
-        'amount_rub' => '-' . $amountRub,
-        'balance_leads_after' => null,
-        'balance_rub_after' => (string) $lockedTenant->balance_rub,
-        'related_type' => Deal::class,
-        'related_id' => $deal->id,
-        'created_at' => now(),
-    ]);
-
-    if ($lead !== null) {
-        $supplierId = $this->resolveSupplierId($lead);
-        if ($supplierId !== null) {
-            /** @var Supplier $supplier */
-            $supplier = Supplier::findOrFail($supplierId);
-            DB::table('supplier_lead_costs')->insert([
-                'deal_id' => $deal->id,
-                'received_at' => $deal->received_at,
-                'supplier_id' => $supplierId,
-                'cost_rub' => $supplier->cost_rub,
-                'created_at' => now(),
-            ]);
-        }
-    }
-
-    return new ChargeResult($tier, $priceKopecks);
-}
-```
-
-Delete the now-unused private method `decideSource()`.
-
-- [ ] **Step 4: Run tests to verify pass**
-
-Run: `./vendor/bin/pest tests/Feature/Billing/LedgerServiceTest.php`
-Expected: PASS (all green, including the «balance_leads untouched» new test).
-
-- [ ] **Step 5: Run downstream RouteSupplierLeadJob tests**
-
-Run: `./vendor/bin/pest tests/Feature/Supplier/RouteSupplierLeadJobTest.php`
-Expected: PASS (auto-pause flow still works since `InsufficientBalanceException` shape stayed compatible).
-
-- [ ] **Step 6: Commit**
-
-```
-git add app/app/Services/Billing/LedgerService.php \
-        app/tests/Feature/Billing/LedgerServiceTest.php
-git commit -m "refactor(billing-v2): LedgerService — drop prepaid branch, always rub"
-```
-
----
-
-### Task A.6: Update `BillingController::wallet` response shape
-
-**Files:**
-
-- Modify: `app/app/Http/Controllers/Api/BillingController.php`
-- Test: `app/tests/Feature/Api/BillingControllerWalletTest.php` (existing or new)
-
-- [ ] **Step 1: Write/update the wallet test**
-
-Update `BillingControllerWalletTest.php` to assert the new shape:
-
-```php
-it('returns affordable_leads, current_tier, next_tier, tiers_preview', function () {
-    $tenant = Tenant::factory()->create([
-        'balance_rub' => '5000.00',
-        'delivered_in_month' => 30,
-    ]);
-    // seed pricing_tiers: 1=50/120₽, 2=100/100₽, ..., 7=NULL/60₽
-    seedDefaultTiers();
-    $user = User::factory()->for($tenant)->create();
-
-    $resp = $this->actingAs($user)->getJson('/api/billing/wallet');
-
-    $resp->assertOk()->assertJsonStructure([
-        'balance_rub',
-        'affordable_leads',
-        'current_tier' => ['no', 'price_rub', 'leads_left_in_tier'],
-        'next_tier' => ['no', 'price_rub', 'leads_in_tier'],
-        'delivered_in_month',
-        'runway_days',
-        'tiers_preview' => [['tier_no', 'leads_in_tier', 'price_rub']],
-        'tariff',
-    ]);
-    expect($resp->json('affordable_leads'))->toBe(46);
-    expect($resp->json('current_tier.no'))->toBe(1);
-    expect($resp->json('current_tier.leads_left_in_tier'))->toBe(20);
-});
-
-it('does NOT expose price_monthly or billing_model in tariff (Spec A unification)', function () {
-    // ... act
-    expect($resp->json('tariff'))->not->toHaveKey('price_monthly');
-    expect($resp->json('tariff'))->not->toHaveKey('billing_model');
-});
-```
-
-- [ ] **Step 2: Run test to verify fail**
-
-Run: `./vendor/bin/pest tests/Feature/Api/BillingControllerWalletTest.php`
-Expected: FAIL — `affordable_leads` and `current_tier` don't exist yet.
-
-- [ ] **Step 3: Update `BillingController::wallet`**
-
-Replace the method body:
-
-```php
-public function wallet(Request $request): JsonResponse
-{
-    /** @var User $user */
-    $user = $request->user();
-    /** @var Tenant $tenant */
-    $tenant = Tenant::query()->with('tariff')->findOrFail((int) $user->tenant_id);
-
-    $activeTiers = app(PricingTierRepository::class)->activeAt(Carbon::now('Europe/Moscow'));
-    $conversion = app(BalanceToLeadsConverter::class)
-        ->convert((string) $tenant->balance_rub, (int) ($tenant->delivered_in_month ?? 0), $activeTiers);
-
-    $tiersPreview = $activeTiers
-        ->sortBy('tier_no')
-        ->values()
-        ->map(fn ($t) => [
-            'tier_no' => (int) $t->tier_no,
-            'leads_in_tier' => $t->leads_in_tier === null ? null : (int) $t->leads_in_tier,
-            'price_rub' => bcdiv((string) $t->price_per_lead_kopecks, '100', 2),
-        ])
-        ->all();
-
-    return response()->json([
-        'balance_rub' => $tenant->balance_rub,
-        'affordable_leads' => $conversion['leads'],
-        'current_tier' => $conversion['current_tier'],
-        'next_tier' => $conversion['next_tier'],
-        'delivered_in_month' => (int) ($tenant->delivered_in_month ?? 0),
-        'runway_days' => $this->runwayDays($tenant, $conversion['leads']),
-        'tiers_preview' => $tiersPreview,
-        'tariff' => $tenant->tariff === null ? null : [
-            'code' => $tenant->tariff->code,
-            'name' => $tenant->tariff->name,
-            'features' => $tenant->tariff->features ?? [],
-        ],
-    ]);
-}
-```
-
-Note: signature of `runwayDays` changes — see Task A.7.
-
-- [ ] **Step 4: Add imports to BillingController**
-
-```php
-use App\Services\Billing\BalanceToLeadsConverter;
-use App\Repositories\PricingTierRepository;
-use Illuminate\Support\Carbon;
-```
-
-- [ ] **Step 5: Run test to verify pass**
-
-Run: `./vendor/bin/pest tests/Feature/Api/BillingControllerWalletTest.php`
-Expected: PASS.
-
-- [ ] **Step 6: Commit**
-
-```
-git add app/app/Http/Controllers/Api/BillingController.php \
-        app/tests/Feature/Api/BillingControllerWalletTest.php
-git commit -m "feat(billing-v2): wallet API — affordable_leads + current_tier + tiers_preview"
-```
-
----
-
-### Task A.7: Rewire `BillingController::runwayDays` to use converter
-
-**Files:**
-
-- Modify: `app/app/Http/Controllers/Api/BillingController.php` (runwayDays method)
-- Test: extends `BillingControllerWalletTest.php`
-
-- [ ] **Step 1: Add test case**
-
-```php
-it('returns runway_days based on affordable_leads / avg_per_day', function () {
-    $tenant = Tenant::factory()->create(['balance_rub' => '5000.00', 'delivered_in_month' => 30]);
-    seedDefaultTiers();
-    // seed 30 lead_charges over last 30 days → avg 1/day
-    LeadCharge::factory()->count(30)->for($tenant)->create([
-        'charged_at' => now()->subDays(rand(1, 30)),
-    ]);
-    $user = User::factory()->for($tenant)->create();
-
-    $resp = $this->actingAs($user)->getJson('/api/billing/wallet');
-    // affordable_leads=46, avg_per_day=1 → runway ≈ 46 days
-    expect($resp->json('runway_days'))->toBe(46);
-});
-
-it('returns null runway_days when no charges in last 30 days', function () {
-    $tenant = Tenant::factory()->create(['balance_rub' => '5000.00']);
-    seedDefaultTiers();
-    $user = User::factory()->for($tenant)->create();
-
-    $resp = $this->actingAs($user)->getJson('/api/billing/wallet');
-    expect($resp->json('runway_days'))->toBeNull();
-});
-```
-
-- [ ] **Step 2: Run test to verify fail**
-
-Expected: FAIL — current runwayDays formula gives different number (it averages amount_rub from balance_transactions, not leads from lead_charges).
-
-- [ ] **Step 3: Rewrite `runwayDays` method**
-
-Replace existing `runwayDays` private method:
-
-```php
-private function runwayDays(Tenant $tenant, int $affordableLeads): ?int
-{
-    if ($affordableLeads <= 0) {
-        return 0;
-    }
-
-    $leadsLast30Days = (int) DB::table('lead_charges')
-        ->where('tenant_id', $tenant->id)
-        ->where('charged_at', '>=', now()->subDays(30))
-        ->count();
-
-    if ($leadsLast30Days <= 0) {
-        return null;
-    }
-
-    $avgPerDay = $leadsLast30Days / 30.0;
-    return max(0, (int) floor($affordableLeads / $avgPerDay));
-}
-```
-
-- [ ] **Step 4: Run tests to verify pass**
-
-Run: `./vendor/bin/pest tests/Feature/Api/BillingControllerWalletTest.php`
-Expected: PASS.
-
-- [ ] **Step 5: Commit**
-
-```
-git add app/app/Http/Controllers/Api/BillingController.php \
-        app/tests/Feature/Api/BillingControllerWalletTest.php
-git commit -m "refactor(billing-v2): runwayDays = affordable_leads ÷ avg-leads-per-day"
-```
-
----
-
-### Task A.8: `BillingController::transactions` — remove `refund` filter + add `display_amount_rub`
-
-**Files:**
-
-- Modify: `app/app/Http/Controllers/Api/BillingController.php` (transactions method)
-- Test: `app/tests/Feature/Api/BillingControllerTransactionsTest.php` (existing or new)
-
-- [ ] **Step 1: Update test — assert refund filter rejected, display_amount_rub present**
-
-```php
-it('rejects ?type=refund filter (Spec A removed refunds)', function () {
-    $user = User::factory()->create();
-    $resp = $this->actingAs($user)->getJson('/api/billing/transactions?type=refund');
-    // Filter silently ignored; or 422 if we tighten validation. Choose silent ignore per spec.
-    $resp->assertOk();
-    // refund-type rows would not be in DB anyway since we never create them.
-});
-
-it('serves display_amount_rub for historic prepaid lead_charge rows', function () {
-    $tenant = Tenant::factory()->create();
-    BalanceTransaction::create([
-        'tenant_id' => $tenant->id,
-        'type' => BalanceTransaction::TYPE_LEAD_CHARGE,
-        'amount_rub' => '0.00',          // historic prepaid → 0 ₽ on transaction
-        'amount_leads' => -1,
-        'balance_rub_after' => '100.00',
-        'balance_leads_after' => 4,
-    ]);
-    $user = User::factory()->for($tenant)->create();
-
-    $resp = $this->actingAs($user)->getJson('/api/billing/transactions');
-    expect($resp->json('data.0.display_amount_rub'))->toBe('0.00');
-});
-
-it('serves display_amount_rub = amount_rub for new lead_charge rows', function () {
-    $tenant = Tenant::factory()->create();
-    BalanceTransaction::create([
-        'tenant_id' => $tenant->id,
-        'type' => BalanceTransaction::TYPE_LEAD_CHARGE,
-        'amount_rub' => '-120.00',
-        'amount_leads' => null,
-        'balance_rub_after' => '880.00',
-    ]);
-    $user = User::factory()->for($tenant)->create();
-
-    $resp = $this->actingAs($user)->getJson('/api/billing/transactions');
-    expect($resp->json('data.0.display_amount_rub'))->toBe('-120.00');
-});
-```
-
-- [ ] **Step 2: Run to verify fail**
-
-Expected: FAIL — `display_amount_rub` not in response.
-
-- [ ] **Step 3: Update `transactions` method**
-
-In `BillingController.php::transactions`:
-
-Replace filter line:
-
-```diff
--if (is_string($type) && in_array($type, ['topup', 'lead_charge', 'refund'], true)) {
-+if (is_string($type) && in_array($type, ['topup', 'lead_charge', 'migration'], true)) {
-     $query->where('type', $type);
- }
-```
-
-Replace data shaping:
-
-```php
-return response()->json([
-    'data' => array_map(static function (BalanceTransaction $tx): array {
-        $displayAmountRub = $tx->amount_rub;
-        // Historic prepaid: type=lead_charge AND amount_rub == 0 (was decremented in leads).
-        if ($tx->type === BalanceTransaction::TYPE_LEAD_CHARGE && bccomp((string) $tx->amount_rub, '0', 2) === 0) {
-            $displayAmountRub = '0.00';
-        }
-
-        return [
-            'id' => $tx->id,
-            'code' => 'TX-' . $tx->id,
-            'type' => $tx->type,
-            'description' => $tx->description,
-            'amount_rub' => $tx->amount_rub,
-            'amount_leads' => $tx->amount_leads,
-            'balance_rub_after' => $tx->balance_rub_after,
-            'display_amount_rub' => $displayAmountRub,
-            'created_at' => $tx->created_at,
-        ];
-    }, $page->items()),
-    'meta' => [...]   // unchanged
-]);
-```
-
-- [ ] **Step 4: Run tests**
-
-Expected: PASS.
-
-- [ ] **Step 5: Commit**
-
-```
-git add app/app/Http/Controllers/Api/BillingController.php \
-        app/tests/Feature/Api/BillingControllerTransactionsTest.php
-git commit -m "feat(billing-v2): transactions API — drop refund filter, add display_amount_rub"
-```
-
----
-
-### Task A.9: `AdminPricingTiersController::store` — bcmul + decimal validation
-
-**Files:**
-
-- Modify: `app/app/Http/Controllers/Api/AdminPricingTiersController.php` (lines ~66-104)
-- Test: `app/tests/Feature/Api/AdminPricingTiersControllerTest.php`
-
-- [ ] **Step 1: Write the failing test for bcmath precision**
-
-```php
-it('stores price 10.10 ₽ as exactly 1010 kopecks (no float drift)', function () {
-    $tiers = [];
-    for ($i = 1; $i <= 6; $i++) {
-        $tiers[] = ['tier_no' => $i, 'leads_in_tier' => 50, 'price_rub' => '10.10'];
-    }
-    $tiers[] = ['tier_no' => 7, 'leads_in_tier' => null, 'price_rub' => '10.10'];
-
-    $resp = $this->postJson('/api/admin/pricing-tiers', ['tiers' => $tiers]);
-    $resp->assertCreated();
-
-    foreach (PricingTier::all() as $row) {
-        expect($row->price_per_lead_kopecks)->toBe(1010);
-    }
-});
-
-it('rejects malformed price_rub (e.g. "10.123" — too many decimals)', function () {
-    $tiers = [['tier_no' => 1, 'leads_in_tier' => 50, 'price_rub' => '10.123']];
-    // ... pad to 7
-    $resp = $this->postJson('/api/admin/pricing-tiers', ['tiers' => $tiers]);
-    $resp->assertStatus(422);
-});
-```
-
-- [ ] **Step 2: Run to verify fail**
-
-Expected: PASS on price 10.10 with current code if PHP float happens to round nicely; or FAIL if float drifts. Goal: enforce determinism — make this test pass via bcmath.
-
-- [ ] **Step 3: Update validation + computation**
-
-In `AdminPricingTiersController::store`:
-
-```diff
-- 'tiers.*.price_rub' => ['required', 'numeric', 'min:0'],
-+ 'tiers.*.price_rub' => ['required', 'string', 'regex:/^\d+(\.\d{1,2})?$/'],
-```
-
-And in the INSERT loop:
-
-```diff
-- 'price_per_lead_kopecks' => (int) round(((float) $tier['price_rub']) * 100),
-+ 'price_per_lead_kopecks' => (int) bcmul((string) $tier['price_rub'], '100', 0),
-```
-
-- [ ] **Step 4: Run tests**
-
-Expected: PASS.
-
-- [ ] **Step 5: Commit**
-
-```
-git add app/app/Http/Controllers/Api/AdminPricingTiersController.php \
-        app/tests/Feature/Api/AdminPricingTiersControllerTest.php
-git commit -m "fix(billing-v2): AdminPricingTiers — bcmul + decimal regex (no float in money)"
-```
-
----
-
-### Task A.10: `TenantChargesController::export` — fill `balance_rub_after` via JOIN
-
-**Files:**
-
-- Modify: `app/app/Http/Controllers/Api/TenantChargesController.php` (lines ~95-109)
-- Test: `app/tests/Feature/Api/TenantChargesExportTest.php`
-
-- [ ] **Step 1: Write/update the test**
-
-```php
-it('fills balance_rub_after in CSV export from balance_transactions JOIN', function () {
-    $tenant = Tenant::factory()->create();
-    $deal = Deal::factory()->for($tenant)->create();
-    LeadCharge::create([
-        'tenant_id' => $tenant->id, 'deal_id' => $deal->id, /* ... */
-        'price_per_lead_kopecks' => 12000, 'charged_at' => now(), 'tier_no' => 1,
-    ]);
-    BalanceTransaction::create([
-        'tenant_id' => $tenant->id, 'type' => 'lead_charge',
-        'amount_rub' => '-120.00', 'balance_rub_after' => '4880.00',
-        'related_type' => Deal::class, 'related_id' => $deal->id,
-    ]);
-    $user = User::factory()->for($tenant)->create();
-
-    $resp = $this->actingAs($user)->post('/api/billing/charges/export');
-    $csv = $resp->streamedContent();
-    expect($csv)->toContain('4880.00');   // balance_rub_after filled
-});
-```
-
-- [ ] **Step 2: Run to verify fail (column is empty)**
-
-Expected: FAIL.
-
-- [ ] **Step 3: Rewrite the chunkById section to JOIN balance_transactions**
-
-In `TenantChargesController::export`, replace the query to use a join (raw SQL since chunkById gets messy with joins):
-
-```php
-$query = DB::table('lead_charges as lc')
-    ->select([
-        'lc.charged_at', 'lc.deal_id', 'lc.tier_no',
-        'lc.charge_source', 'lc.price_per_lead_kopecks',
-        'bt.balance_rub_after',
-    ])
-    ->leftJoin('balance_transactions as bt', function ($j) {
-        $j->on('bt.related_id', '=', 'lc.deal_id')
-          ->where('bt.related_type', '=', 'App\\Models\\Deal')
-          ->where('bt.type', '=', 'lead_charge')
-          ->whereColumn('bt.tenant_id', 'lc.tenant_id');
-    })
-    ->where('lc.tenant_id', $tenantId)
-    ->orderBy('lc.charged_at', 'desc');
-
-// ... apply period + source filters as before but with 'lc.' prefix
-// ... chunkById replaced by chunk(500) since we're on DB query builder
-$query->orderBy('lc.id')->chunk(500, function ($rows) use ($out) {
-    foreach ($rows as $r) {
-        fputcsv($out, [
-            $r->charged_at,
-            (string) $r->deal_id,
-            (string) $r->tier_no,
-            (string) $r->charge_source,
-            number_format($r->price_per_lead_kopecks / 100, 2, '.', ''),
-            $r->balance_rub_after ?? '',
-        ]);
-    }
-});
-```
-
-- [ ] **Step 4: Run tests**
-
-Expected: PASS.
-
-- [ ] **Step 5: Commit**
-
-```
-git add app/app/Http/Controllers/Api/TenantChargesController.php \
-        app/tests/Feature/Api/TenantChargesExportTest.php
-git commit -m "fix(billing-v2): charges CSV export — fill balance_rub_after via JOIN"
-```
-
----
-
-### Task A.11: New artisan command `billing:migrate-leads-to-rub`
-
-**Files:**
-
-- Create: `app/app/Console/Commands/BillingMigrateLeadsToRubCommand.php`
-- Create: `app/tests/Feature/Console/BillingMigrateLeadsToRubTest.php`
-
-- [ ] **Step 1: Write the failing test**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\BalanceTransaction;
-use App\Models\PricingTier;
-use App\Models\Tenant;
-
-beforeEach(function () {
-    PricingTier::create([
-        'tier_no' => 1, 'leads_in_tier' => 50,
-        'price_per_lead_kopecks' => 12000, 'is_active' => true,
-        'effective_from' => now()->subDay()->toDateString(),
-    ]);
-});
-
-it('migrates balance_leads to balance_rub at tier 1 price', function () {
-    $tenant = Tenant::factory()->create(['balance_leads' => 5, 'balance_rub' => '100.00']);
-
-    $this->artisan('billing:migrate-leads-to-rub')->assertOk();
-
-    $tenant->refresh();
-    expect($tenant->balance_leads)->toBe(0);
-    expect($tenant->balance_rub)->toBe('700.00');   // 100 + 5×120 = 700
-
-    $tx = BalanceTransaction::where('tenant_id', $tenant->id)
-        ->where('type', BalanceTransaction::TYPE_MIGRATION)->first();
-    expect($tx)->not->toBeNull();
-    expect($tx->amount_leads)->toBe(-5);
-    expect($tx->amount_rub)->toBe('600.00');
-    expect($tx->balance_rub_after)->toBe('700.00');
-});
-
-it('is idempotent — second run is no-op', function () {
-    $tenant = Tenant::factory()->create(['balance_leads' => 5, 'balance_rub' => '100.00']);
-    $this->artisan('billing:migrate-leads-to-rub')->assertOk();
-    $balanceAfterFirst = $tenant->fresh()->balance_rub;
-
-    $this->artisan('billing:migrate-leads-to-rub')->assertOk();
-    expect($tenant->fresh()->balance_rub)->toBe($balanceAfterFirst);
-    expect(BalanceTransaction::where('type', 'migration')->count())->toBe(1);
-});
-
-it('skips tenants with balance_leads = 0', function () {
-    Tenant::factory()->create(['balance_leads' => 0, 'balance_rub' => '500.00']);
-    $this->artisan('billing:migrate-leads-to-rub')->assertOk();
-    expect(BalanceTransaction::where('type', 'migration')->count())->toBe(0);
-});
-
-it('aborts if no active tier 1 configured', function () {
-    PricingTier::query()->update(['is_active' => false]);
-    Tenant::factory()->create(['balance_leads' => 5]);
-    $this->artisan('billing:migrate-leads-to-rub')->assertFailed();
-});
-```
-
-- [ ] **Step 2: Run to verify fail (command doesn't exist)**
-
-Run: `cd app && ./vendor/bin/pest tests/Feature/Console/BillingMigrateLeadsToRubTest.php`
-Expected: FAIL.
-
-- [ ] **Step 3: Create the command**
-
-`app/app/Console/Commands/BillingMigrateLeadsToRubCommand.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Console\Commands;
-
-use App\Models\BalanceTransaction;
-use App\Models\PricingTier;
-use App\Models\Tenant;
-use Illuminate\Console\Command;
-use Illuminate\Support\Carbon;
-use Illuminate\Support\Facades\DB;
-
-/**
- * Идемпотентная миграция: balance_leads → balance_rub по цене ступени 1.
- *
- * Spec: docs/superpowers/specs/2026-05-23-billing-v2-spec-a-balance-rub-design.md §4.4
- * Запускается ОДИН РАЗ в проде в составе Phase A. Повторный запуск — no-op.
- */
-final class BillingMigrateLeadsToRubCommand extends Command
-{
-    protected $signature = 'billing:migrate-leads-to-rub';
-    protected $description = 'Convert legacy balance_leads to balance_rub at tier 1 price (idempotent)';
-
-    public function handle(): int
-    {
-        $tier1 = PricingTier::query()
-            ->where('is_active', true)
-            ->where('tier_no', 1)
-            ->where('effective_from', '<=', Carbon::now('Europe/Moscow')->toDateString())
-            ->orderBy('effective_from', 'desc')
-            ->first();
-
-        if ($tier1 === null) {
-            $this->error('No active tier 1 found. Aborting.');
-            return self::FAILURE;
-        }
-
-        $count = 0;
-        Tenant::query()
-            ->where('balance_leads', '>', 0)
-            ->chunkById(100, function ($tenants) use ($tier1, &$count) {
-                foreach ($tenants as $tenant) {
-                    DB::transaction(function () use ($tenant, $tier1, &$count) {
-                        /** @var Tenant $locked */
-                        $locked = Tenant::query()->whereKey($tenant->id)->lockForUpdate()->first();
-                        if ($locked === null || $locked->balance_leads <= 0) {
-                            return;   // idempotency
-                        }
-                        $migratedKopecks = (int) $locked->balance_leads * (int) $tier1->price_per_lead_kopecks;
-                        $migratedRub = bcdiv((string) $migratedKopecks, '100', 2);
-                        $newBalanceRub = bcadd((string) $locked->balance_rub, $migratedRub, 2);
-
-                        DB::table('tenants')
-                            ->where('id', $locked->id)
-                            ->update([
-                                'balance_rub' => $newBalanceRub,
-                                'balance_leads' => 0,
-                            ]);
-
-                        BalanceTransaction::create([
-                            'tenant_id' => $locked->id,
-                            'type' => BalanceTransaction::TYPE_MIGRATION,
-                            'amount_leads' => -(int) $locked->balance_leads,
-                            'amount_rub' => $migratedRub,
-                            'balance_leads_after' => 0,
-                            'balance_rub_after' => $newBalanceRub,
-                            'description' => 'Конвертация предоплаченных лидов в ₽ (миграция модели биллинга)',
-                            'created_at' => now(),
-                        ]);
-                        $count++;
-                    });
-                }
-            });
-
-        $this->info("Migrated {$count} tenant(s).");
-        return self::SUCCESS;
-    }
-}
-```
-
-- [ ] **Step 4: Register the command**
-
-Laravel 13 with package auto-discovery should pick it up automatically since it's in `app/app/Console/Commands/`. Verify via `php artisan list | grep migrate-leads-to-rub`.
-
-- [ ] **Step 5: Run tests**
-
-Expected: PASS (4 tests).
-
-- [ ] **Step 6: Commit**
-
-```
-git add app/app/Console/Commands/BillingMigrateLeadsToRubCommand.php \
-        app/tests/Feature/Console/BillingMigrateLeadsToRubTest.php
-git commit -m "feat(billing-v2): artisan billing:migrate-leads-to-rub (idempotent)"
-```
-
----
-
-### Task A.12: Clean `Tenant` model references to `balance_leads`
-
-**Files:**
-
-- Modify: `app/app/Models/Tenant.php`
-- Verify: PHPDoc, `$casts`, `$fillable`, factories, IDE-helper stubs.
-
-- [ ] **Step 1: Grep for references**
-
-Run: `grep -n 'balance_leads' app/app/Models/Tenant.php app/database/factories/TenantFactory.php app/_ide_helper_models.php 2>/dev/null || true`
-
-- [ ] **Step 2: Decision matrix**
-
-- `$fillable` — KEEP (migration command still uses it via Eloquent `lockForUpdate`).
-- `$casts` — KEEP (BalanceTransaction.balance_leads_after still reads it).
-- PHPDoc `@property int $balance_leads` — KEEP for Phase A; will remove in Phase B together with column.
-- Factory default — KEEP at 0 (no behavior change).
-
-**Conclusion:** No code changes in Tenant.php during Phase A. The column stays usable through code; only at Phase B we drop it everywhere.
-
-- [ ] **Step 3: No commit (this is a verification task)**
-
-Document in a one-line note (skip if not needed).
-
----
-
-### Task A.13: Seeders cleanup — remove `trial_bonus_leads`/`included_leads`/`billing_model` references
-
-**Files:**
-
-- Modify: `app/database/seeders/DemoSeeder.php`, `app/database/seeders/TenantSeeder.php`, and any other seeders that reference removed `tariff_plans` columns.
-
-- [ ] **Step 1: Grep for references**
-
-Run: `grep -rn 'trial_bonus_leads\|included_leads\|billing_model\|price_per_lead[^_]\|price_monthly' app/database/seeders app/database/factories`
-
-Expected: list of files with references.
-
-- [ ] **Step 2: For each found reference**
-
-Replace by removing the field from `Model::create([...])` call. If a seeder uses `'trial_bonus_leads' => 100` to give bonus leads to a new tenant — replace with a `BalanceTransaction::create` line that credits the rouble equivalent (`100 × tier_1_price`).
-
-Example for `DemoSeeder`:
-
-```diff
-- Tenant::create([..., 'balance_leads' => 50, ...]);
-+ $tenant = Tenant::create([..., 'balance_rub' => '6000.00', ...]);  // 50 × 120₽
-+ BalanceTransaction::create([
-+     'tenant_id' => $tenant->id,
-+     'type' => BalanceTransaction::TYPE_TOPUP,
-+     'amount_rub' => '6000.00',
-+     'balance_rub_after' => '6000.00',
-+     'description' => 'Демо-баланс (seeder)',
-+ ]);
-```
-
-- [ ] **Step 3: Run seeder tests + `migrate:fresh --seed` on testing env**
-
-Run: `cd app && php artisan migrate:fresh --env=testing --seed`
-Expected: completes without errors.
-
-- [ ] **Step 4: Run full Pest suite**
-
-Run: `cd app && ./vendor/bin/pest --parallel`
-Expected: PASS (no factories/seeders broken).
-
-- [ ] **Step 5: Commit**
-
-```
-git add app/database/seeders app/database/factories
-git commit -m "refactor(billing-v2): seeders — replace prepaid-lead concepts with ₽ topups"
-```
-
----
-
-### Task A.14: Frontend types — update `Wallet` and `BillingTransaction` interfaces
-
-**Files:**
-
-- Modify: `app/resources/js/api/billing.ts`
-
-- [ ] **Step 1: Update Wallet interface**
-
-```typescript
-export interface Wallet {
-  balance_rub: string;
-  affordable_leads: number;
-  current_tier: { no: number; price_rub: string; leads_left_in_tier: number } | null;
-  next_tier: { no: number; price_rub: string; leads_in_tier: number } | null;
-  delivered_in_month: number;
-  runway_days: number | null;
-  tiers_preview: Array<{ tier_no: number; leads_in_tier: number | null; price_rub: string }>;
-  tariff: { code: string; name: string; features: string[] } | null;
-}
-
-export interface BillingTransaction {
-  id: number;
-  code: string;
-  type: 'topup' | 'lead_charge' | 'migration' | 'trial_bonus' | 'manual_adjustment' | 'historical_import' | 'chargeback_writedown' | 'chargeback_repayment';
-  description: string | null;
-  amount_rub: string;
-  amount_leads: number | null;
-  balance_rub_after: string;
-  display_amount_rub: string;
-  created_at: string;
-}
-```
-
-Remove: `balance_leads` from Wallet, `price_monthly` and `billing_model` from `tariff`, `'refund'` from `BillingTransaction.type` union.
-
-- [ ] **Step 2: Run vue-tsc to find broken consumers**
-
-Run: `cd app && npm run type-check`
-Expected: list of compile errors in files referencing removed fields (BalanceCard.vue, BillingView.vue, TransactionsTable.vue, etc) — these are addressed in subsequent tasks.
-
-- [ ] **Step 3: No commit yet** — frontend types ride along with their first consumer commit (Task A.15).
-
----
-
-### Task A.15: `BalanceCard.vue` — new layout, drop «(ГЦК)», switch to `affordable_leads`
-
-**Files:**
-
-- Modify: `app/resources/js/components/billing/BalanceCard.vue`
-- Test: `app/resources/js/components/billing/BalanceCard.spec.ts`
-
-- [ ] **Step 1: Update the Vitest spec**
-
-```typescript
-import { mount } from '@vue/test-utils';
-import BalanceCard from './BalanceCard.vue';
-
-describe('BalanceCard (Billing v2)', () => {
-  const baseProps = {
-    walletRub: 5000,
-    affordableLeads: 46,
-    currentTierPriceRub: '120.00',
-    tariffName: 'Стартовый',
-    tariffFeatures: ['UTM', 'Webhook'],
-  };
-
-  it('shows wallet ₽ and «≈ N лидов»', () => {
-    const w = mount(BalanceCard, { props: baseProps });
-    expect(w.text()).toContain('5 000');
-    expect(w.text()).toContain('≈ 46');
-    expect(w.text()).toContain('лидов');
-  });
-
-  it('does NOT contain «(ГЦК)»', () => {
-    const w = mount(BalanceCard, { props: baseProps });
-    expect(w.text()).not.toContain('ГЦК');
-  });
-
-  it('does NOT contain «округление вниз ₽→лиды»', () => {
-    const w = mount(BalanceCard, { props: baseProps });
-    expect(w.text()).not.toContain('округление вниз');
-  });
-
-  it('tariff card shows name + features but NO «₽/мес»', () => {
-    const w = mount(BalanceCard, { props: baseProps });
-    expect(w.text()).toContain('Стартовый');
-    expect(w.text()).not.toContain('₽/мес');
-  });
-
-  it('renders «сейчас по X ₽/лид» subline', () => {
-    const w = mount(BalanceCard, { props: baseProps });
-    expect(w.text()).toContain('120.00 ₽/лид');
-  });
-});
-```
-
-- [ ] **Step 2: Run to verify fail**
-
-Run: `cd app && npm run test:vue -- BalanceCard.spec.ts`
-Expected: FAIL.
-
-- [ ] **Step 3: Rewrite BalanceCard.vue**
-
-Replace `<script setup>` props block:
-
-```typescript
-const props = defineProps<{
-  walletRub: number;
-  affordableLeads: number;
-  currentTierPriceRub: string;
-  tariffName: string | null;
-  tariffFeatures: string[];
-}>();
-
-defineEmits<{ topup: [] }>();
-
-const walletText = computed(() => new Intl.NumberFormat('ru-RU').format(props.walletRub));
-```
-
-Replace template middle card:
-
-```vue
-<v-col cols="12" md="4">
-  <v-card variant="outlined" class="wallet-card pa-4">
-    <div class="wallet-h"><span class="wallet-label">≈ Лиды</span></div>
-    <div class="wallet-amount mt-2">
-      <span class="num">≈ {{ affordableLeads }}</span>
-      <span class="ru-text">&nbsp;лидов</span>
-    </div>
-    <div class="wallet-foot mt-2">сейчас по {{ currentTierPriceRub }} ₽/лид</div>
-    <v-tooltip text="Точный расчёт по текущим ценам. Меняется при переходе ступеней.">
-      <template #activator="{ props: tipProps }">
-        <v-icon v-bind="tipProps" size="14" class="ml-1">mdi-information-outline</v-icon>
-      </template>
-    </v-tooltip>
-  </v-card>
-</v-col>
-```
-
-Replace first card foot text:
-
-```diff
--<div class="wallet-foot mt-3">мин. пополнение <strong>100 ₽</strong> · округление вниз ₽→лиды</div>
-+<div class="wallet-foot mt-3">мин. пополнение <strong>100 ₽</strong></div>
-```
-
-Replace tariff card to drop `tariff_price`:
-
-```diff
--<div class="tariff-name mt-1">
--  {{ tariffName }}
--  <span class="tariff-price">· {{ tariffPriceText }}</span>
--</div>
-+<div class="tariff-name mt-1">{{ tariffName }}</div>
-```
-
-Delete `tariffPriceText` computed and `tariffPrice` prop.
-
-- [ ] **Step 4: Run Vitest**
-
-Expected: PASS.
-
-- [ ] **Step 5: Update Histoire story (if exists)**
-
-Edit `app/resources/js/components/billing/BalanceCard.story.vue` to use new props.
-
-- [ ] **Step 6: Commit**
-
-```
-git add app/resources/js/api/billing.ts \
-        app/resources/js/components/billing/BalanceCard.vue \
-        app/resources/js/components/billing/BalanceCard.spec.ts \
-        app/resources/js/components/billing/BalanceCard.story.vue
-git commit -m "feat(billing-v2): BalanceCard — ≈ N лидов via affordable_leads, drop (ГЦК)"
-```
-
----
-
-### Task A.16: `BillingView.vue` — remove «N лидов запас» from `page-stats`
-
-**Files:**
-
-- Modify: `app/resources/js/views/BillingView.vue`
-- Test: `app/resources/js/views/BillingView.spec.ts`
-
-- [ ] **Step 1: Update spec**
-
-```typescript
-it('page-stats does NOT show «N лидов запас»', async () => {
-  // ... mount with wallet fixture
-  expect(w.text()).not.toContain('лидов запас');
-});
-```
-
-- [ ] **Step 2: Run to verify fail**
-
-Expected: FAIL — current text contains «лидов запас».
-
-- [ ] **Step 3: Edit BillingView.vue**
-
-Remove lines `78-79` (`<span>...лидов запас</span> <span class="sep">·</span>`).
-
-Also drop `leadsBalance` computed and the `:leads-balance` prop on `<BalanceCard>` (already not in BalanceCard props after Task A.15 — vue-tsc will catch). Replace with the new props:
-
-```vue
-<BalanceCard
-  :wallet-rub="walletRub"
-  :affordable-leads="affordableLeads"
-  :current-tier-price-rub="currentTierPriceRub"
-  :tariff-name="tariffName"
-  :tariff-features="tariffFeatures"
-  @topup="topupOpen = true"
-/>
-```
-
-Add computed:
-
-```typescript
-const affordableLeads = computed(() => wallet.value?.affordable_leads ?? 0);
-const currentTierPriceRub = computed(() => wallet.value?.current_tier?.price_rub ?? '0.00');
-```
-
-Remove `leadsBalance` and `tariffPrice` computed.
-
-- [ ] **Step 4: Run Vitest + vue-tsc**
-
-Run: `npm run test:vue -- BillingView.spec.ts && npm run type-check`
-Expected: PASS.
-
-- [ ] **Step 5: Commit**
-
-```
-git add app/resources/js/views/BillingView.vue \
-        app/resources/js/views/BillingView.spec.ts
-git commit -m "fix(billing-v2): BillingView — drop «лидов запас», wire new BalanceCard props"
-```
-
----
-
-### Task A.17: New `TierPricesPanel.vue` + spec + story
-
-**Files:**
-
-- Create: `app/resources/js/components/billing/TierPricesPanel.vue`
-- Create: `app/resources/js/components/billing/TierPricesPanel.spec.ts`
-- Create: `app/resources/js/components/billing/TierPricesPanel.story.vue`
-
-- [ ] **Step 1: Write spec**
-
-```typescript
-import { mount } from '@vue/test-utils';
-import TierPricesPanel from './TierPricesPanel.vue';
-
-const tiers = [
-  { tier_no: 1, leads_in_tier: 50,   price_rub: '120.00' },
-  { tier_no: 2, leads_in_tier: 100,  price_rub: '100.00' },
-  { tier_no: 3, leads_in_tier: 200,  price_rub: '80.00'  },
-  { tier_no: 4, leads_in_tier: 300,  price_rub: '70.00'  },
-  { tier_no: 5, leads_in_tier: 400,  price_rub: '65.00'  },
-  { tier_no: 6, leads_in_tier: 500,  price_rub: '62.00'  },
-  { tier_no: 7, leads_in_tier: null, price_rub: '60.00'  },
-];
-
-describe('TierPricesPanel', () => {
-  it('renders all 7 tiers', () => {
-    const w = mount(TierPricesPanel, { props: { tiers, currentTierNo: 1 } });
-    expect(w.findAll('[data-test="tier-row"]')).toHaveLength(7);
-  });
-
-  it('highlights current tier with «вы здесь» chip', () => {
-    const w = mount(TierPricesPanel, { props: { tiers, currentTierNo: 3 } });
-    const currentRow = w.find('[data-test="tier-row-3"]');
-    expect(currentRow.text()).toContain('вы здесь');
-  });
-
-  it('renders «1501+» range for tier with leads_in_tier=null', () => {
-    const w = mount(TierPricesPanel, { props: { tiers, currentTierNo: 1 } });
-    expect(w.find('[data-test="tier-row-7"]').text()).toMatch(/1501\+/);
-  });
-
-  it('is collapsed by default', () => {
-    const w = mount(TierPricesPanel, { props: { tiers, currentTierNo: 1 } });
-    // v-expansion-panel value not set → no .v-expansion-panel--active
-    expect(w.find('.v-expansion-panel--active').exists()).toBe(false);
-  });
-});
-```
-
-- [ ] **Step 2: Run to verify fail**
-
-Expected: FAIL — component does not exist.
-
-- [ ] **Step 3: Create component**
-
-```vue
-<script setup lang="ts">
-interface TierPreview {
-  tier_no: number;
-  leads_in_tier: number | null;
-  price_rub: string;
-}
-
-const props = defineProps<{
-  tiers: TierPreview[];
-  currentTierNo: number | null;
-}>();
-
-function rangeText(idx: number): string {
-  let start = 1;
-  for (let i = 0; i < idx; i++) {
-    if (props.tiers[i].leads_in_tier !== null) start += props.tiers[i].leads_in_tier!;
-  }
-  const cap = props.tiers[idx].leads_in_tier;
-  if (cap === null) return `${start}+`;
-  return `${start}–${start + cap - 1}`;
-}
-</script>
-
-<template>
-  <v-expansion-panels class="mt-4 tier-prices">
-    <v-expansion-panel title="Цены за лид (7 ступеней)">
-      <template #text>
-        <ul class="tier-list">
-          <li
-            v-for="(t, i) in tiers"
-            :key="t.tier_no"
-            :data-test="`tier-row tier-row-${t.tier_no}`"
-            class="tier-row"
-            :class="{ 'tier-row--current': t.tier_no === currentTierNo }"
-          >
-            <span class="tier-no num">№{{ t.tier_no }}</span>
-            <span class="tier-range">{{ rangeText(i) }} лидов</span>
-            <span class="tier-price num">{{ t.price_rub }} ₽</span>
-            <v-chip
-              v-if="t.tier_no === currentTierNo"
-              size="x-small"
-              color="primary"
-              variant="elevated"
-            >вы здесь</v-chip>
-          </li>
-        </ul>
-      </template>
-    </v-expansion-panel>
-  </v-expansion-panels>
-</template>
-
-<style scoped>
-.tier-list { list-style: none; padding: 0; margin: 0; }
-.tier-row { display: grid; grid-template-columns: 60px 1fr auto auto; gap: 12px; align-items: center; padding: 8px 12px; }
-.tier-row--current { background: rgba(15, 110, 86, 0.07); border-left: 3px solid #0F6E56; }
-.num { font-family: 'JetBrains Mono', ui-monospace, monospace; font-feature-settings: 'tnum'; }
-</style>
-```
-
-- [ ] **Step 4: Run Vitest**
-
-Expected: PASS.
-
-- [ ] **Step 5: Create Histoire story**
-
-`TierPricesPanel.story.vue`:
-
-```vue
-<script setup lang="ts">
-import TierPricesPanel from './TierPricesPanel.vue';
-const tiers = [/* same 7-tier fixture as spec */];
-</script>
-
-<template>
-  <Story title="Billing/TierPricesPanel">
-    <Variant title="Текущая ступень: 1"><TierPricesPanel :tiers="tiers" :current-tier-no="1" /></Variant>
-    <Variant title="Текущая ступень: 3"><TierPricesPanel :tiers="tiers" :current-tier-no="3" /></Variant>
-    <Variant title="Текущая ступень: 7 (всё свыше)"><TierPricesPanel :tiers="tiers" :current-tier-no="7" /></Variant>
-  </Story>
-</template>
-```
-
-- [ ] **Step 6: Commit**
-
-```
-git add app/resources/js/components/billing/TierPricesPanel.vue \
-        app/resources/js/components/billing/TierPricesPanel.spec.ts \
-        app/resources/js/components/billing/TierPricesPanel.story.vue
-git commit -m "feat(billing-v2): TierPricesPanel — 7-tier collapsed panel + current highlight"
-```
-
----
-
-### Task A.18: Embed `TierPricesPanel` into `BillingView`
-
-**Files:**
-
-- Modify: `app/resources/js/views/BillingView.vue`
-
-- [ ] **Step 1: Import and use**
-
-In BillingView.vue, add:
-
-```typescript
-import TierPricesPanel from '../components/billing/TierPricesPanel.vue';
-const tiersPreview = computed(() => wallet.value?.tiers_preview ?? []);
-const currentTierNo = computed(() => wallet.value?.current_tier?.no ?? null);
-```
-
-In template, between `<BalanceCard ... />` and `<TransactionsTable .../>`:
-
-```vue
-<TierPricesPanel :tiers="tiersPreview" :current-tier-no="currentTierNo" />
-```
-
-- [ ] **Step 2: Update BillingView.spec.ts**
-
-Add: `it('renders TierPricesPanel collapsed by default', ...)`
-
-- [ ] **Step 3: Run Vitest**
-
-Expected: PASS.
-
-- [ ] **Step 4: Commit**
-
-```
-git add app/resources/js/views/BillingView.vue \
-        app/resources/js/views/BillingView.spec.ts
-git commit -m "feat(billing-v2): BillingView — embed TierPricesPanel"
-```
-
----
-
-### Task A.19: `TransactionsTable.vue` — drop refund tab, use `display_amount_rub`, add year
-
-**Files:**
-
-- Modify: `app/resources/js/components/billing/TransactionsTable.vue`
-- Test: `app/resources/js/components/billing/TransactionsTable.spec.ts`
-
-- [ ] **Step 1: Update spec**
-
-```typescript
-it('does NOT render «Возвраты» tab', () => {
-  const w = mount(TransactionsTable);
-  expect(w.text()).not.toContain('Возвраты');
-});
-
-it('uses display_amount_rub for amount column', async () => {
-  vi.mocked(getTransactions).mockResolvedValue({
-    data: [{
-      id: 1, code: 'TX-1', type: 'lead_charge',
-      amount_rub: '0.00', amount_leads: -1,
-      display_amount_rub: '0.00',
-      balance_rub_after: '500.00',
-      description: 'historic prepaid', created_at: '2026-05-23T10:00:00Z',
-    }],
-    meta: { current_page: 1, last_page: 1, total: 1, per_page: 20 },
-  });
-  const w = mount(TransactionsTable);
-  await nextTick();
-  expect(w.text()).toContain('0');  // shows 0 ₽, not «− 1 лид.»
-  expect(w.text()).not.toContain('лид.');
-});
-
-it('formats date with year', () => {
-  const w = mount(TransactionsTable);
-  // hard to assert directly; check that formatWhen output matches /\d{2}\.\d{2}\.\d{2}/
-});
-```
-
-- [ ] **Step 2: Run to verify fail**
-
-Expected: FAIL.
-
-- [ ] **Step 3: Edit TransactionsTable.vue**
-
-Remove `{ id: 'refund', ... }` from TABS array.
-
-Rewrite `txAmountText`:
-
-```typescript
-function txAmountText(tx: BillingTransaction): string {
-  return formatCost(Number(tx.display_amount_rub));
-}
-function txAmountValue(tx: BillingTransaction): number {
-  return Number(tx.display_amount_rub);
-}
-```
-
-Update `formatWhen`:
-
-```typescript
-function formatWhen(iso: string): string {
-  return new Date(iso).toLocaleString('ru-RU', {
-    timeZone: 'Europe/Moscow',
-    year: '2-digit', day: '2-digit', month: '2-digit',
-    hour: '2-digit', minute: '2-digit',
-  });
-}
-```
-
-- [ ] **Step 4: Run Vitest**
-
-Expected: PASS.
-
-- [ ] **Step 5: Commit**
-
-```
-git add app/resources/js/components/billing/TransactionsTable.vue \
-        app/resources/js/components/billing/TransactionsTable.spec.ts
-git commit -m "fix(billing-v2): TransactionsTable — drop refund tab, display_amount_rub, year in date"
-```
-
----
-
-### Task A.20: `InvoicesTable.vue` — add ₽ suffix
-
-**Files:**
-
-- Modify: `app/resources/js/components/billing/InvoicesTable.vue`
-- Test: `app/resources/js/components/billing/InvoicesTable.spec.ts`
-
-- [ ] **Step 1: Update spec**
-
-```typescript
-it('renders amount_total with ₽ suffix', async () => {
-  vi.mocked(getInvoices).mockResolvedValue({
-    data: [{ id: 1, invoice_number: 'INV-1', amount_total: '1234.00', status: 'paid', issued_at: '2026-05-23', has_pdf: true }],
-  });
-  const w = mount(InvoicesTable);
-  await nextTick();
-  expect(w.text()).toMatch(/1[\s ]234[\s ]?₽/);
-});
-```
-
-- [ ] **Step 2: Run to verify fail**
-
-Expected: FAIL.
-
-- [ ] **Step 3: Edit InvoicesTable.vue**
-
-```diff
--<span class="inv-amount num">{{ formatPlain(Number(inv.amount_total)) }}</span>
-+<span class="inv-amount num">{{ formatPlain(Number(inv.amount_total)) }} ₽</span>
-```
-
-- [ ] **Step 4: Run Vitest**
-
-Expected: PASS.
-
-- [ ] **Step 5: Commit**
-
-```
-git add app/resources/js/components/billing/InvoicesTable.vue \
-        app/resources/js/components/billing/InvoicesTable.spec.ts
-git commit -m "fix(billing-v2): InvoicesTable — append ₽ to amount_total"
-```
-
----
-
-### Task A.21: `ChargesTab.vue` — remove «Источник» filter + column
-
-**Files:**
-
-- Modify: `app/resources/js/views/billing/ChargesTab.vue`
-- Test: `app/resources/js/views/billing/ChargesTab.spec.ts`
-
-- [ ] **Step 1: Update spec**
-
-```typescript
-it('does NOT render «Источник» filter', () => {
-  const w = mount(ChargesTab);
-  expect(w.text()).not.toContain('Источник');
-});
-
-it('does NOT render «Источник» column in table', () => {
-  // assert headers array doesn't include charge_source
-});
-
-it('renders «0 ₽ (из бесплатного)» tooltip for historic prepaid rows', async () => {
-  // mock /api/billing/charges to return row with price_per_lead_kopecks=0 + charge_source='prepaid'
-  // assert tooltip wrapper exists
-});
-```
-
-- [ ] **Step 2: Run to verify fail**
-
-Expected: FAIL — current code has «Источник».
-
-- [ ] **Step 3: Edit ChargesTab.vue**
-
-Remove:
-
-- `source` ref, `sources` array.
-- The `<v-select>` for «Источник».
-- `if (source.value) params.charge_source = source.value;` lines (in `load` and `exportCsv`).
-- The «Источник» column from `headers` array.
-- The `<template #[item.charge_source]>` slot.
-
-Update «Цена» slot to handle the historic-prepaid case:
-
-```vue
-<template #[`item.price_rub`]="{ item }">
-  <span v-if="item.price_per_lead_kopecks === 0" class="text-medium-emphasis">
-    0 ₽
-    <v-tooltip activator="parent" text="До перехода на новую модель эти лиды списывались из бесплатного остатка." />
-    <span class="text-caption ml-1">(из бесплатного)</span>
-  </span>
-  <span v-else>{{ (item.price_per_lead_kopecks / 100).toFixed(2) }} ₽</span>
-</template>
-```
-
-- [ ] **Step 4: Run Vitest**
-
-Expected: PASS.
-
-- [ ] **Step 5: Commit**
-
-```
-git add app/resources/js/views/billing/ChargesTab.vue \
-        app/resources/js/views/billing/ChargesTab.spec.ts
-git commit -m "fix(billing-v2): ChargesTab — drop «Источник» filter/column, prepaid tooltip for history"
-```
-
----
-
-### Task A.22: Run `/regression full` — fix any breaks
-
-**Files:** none directly; fix wherever regression points.
-
-- [ ] **Step 1: Run regression**
-
-Run from worktree dir: `/regression full` (via Skill tool)
-
-OR equivalent:
-
-```
-cd app && ./vendor/bin/pest --parallel
-cd app && composer stan
-cd app && composer pint -- --test
-npm run test:vue
-npm run type-check
-npm run lint:vue
-npm run build
-npm run story:build
-npm run a11y    # Pa11y /billing
-npm run links
-./bin/gitleaks.exe detect --staged
-```
-
-- [ ] **Step 2: For each failing check**
-
-- If Pest fails: read test name, fix code or test per spec intent.
-- If Larastan complains about `Tenant::balance_leads` access: add `@phpstan-ignore-next-line` with comment «Phase B drops column», or rewrite.
-- If type-check fails on a consumer not yet updated: update the consumer.
-- If Pa11y reports new violations: fix at the violation site.
-
-- [ ] **Step 3: Iterate until all green**
-
-- [ ] **Step 4: Commit any fixes incrementally**
-
-Each fix = its own commit (`fix(billing-v2): regression — <what>`).
-
----
-
-### Task A.23: Manual smoke — Playwright on `/billing`
-
-**Files:** none (manual verification).
-
-- [ ] **Step 1: Boot the app**
-
-Run: `cd app && php artisan serve` (in one tab) + `npm run dev` (in another).
-
-- [ ] **Step 2: Playwright MCP — drive /billing**
-
-Through Playwright MCP:
-
-1. Login as `admin@demo.local` / `password`.
-2. Navigate to `/billing`.
-3. Screenshot the page.
-4. Verify visible:
-   - Card 1: «Кошелёк ₽» with balance, «мин. пополнение 100 ₽» (no «округление»).
-   - Card 2: «≈ N лидов» with tooltip on hover.
-   - Card 3: «Что входит» (tariff name + features, no «₽/мес»).
-   - «Цены за лид» panel — click to expand, see 7 tiers, current highlighted.
-   - History tabs: «Все», «Пополнения», «Списания» — but NOT «Возвраты».
-   - Page-stats: «X ₽ кошелёк · хватит на Y дн.» (no «N лидов запас»).
-5. Click «Пополнить баланс» → submit 1000 ₽ → see snackbar «Баланс пополнен» + updated balance.
-6. Switch to «Списания» tab → see ChargesTab without «Источник» filter.
-
-- [ ] **Step 3: Save screenshots in `docs/superpowers/audits/2026-05-XX-billing-v2-spec-a-smoke/`**
-
-- [ ] **Step 4: If any visual issue → fix + commit**
-
-- [ ] **Step 5: No commit unless code changed**
-
----
-
-### Task A.24: Push branch + open PR
-
-- [ ] **Step 1: Verify branch is clean**
-
-Run: `git status` → empty.
-
-- [ ] **Step 2: Rebase on latest origin/main**
-
-```
-git fetch origin
-git rebase origin/main
-```
-
-If conflicts: resolve, `git rebase --continue`.
-
-- [ ] **Step 3: Push branch**
-
-```
-git push origin feat/billing-v2-spec-a
-```
-
-- [ ] **Step 4: Open PR**
-
-Through GitHub MCP or `gh pr create`:
-
-- Title: `feat(billing-v2): Spec A — единый ₽-баланс + унификация tariff_plans`
-- Body: link to spec + plan, list closed audit findings (P0=5/P1=6/P2=4), note Phase B follow-up PR in 72h after Phase A in prod.
-
-- [ ] **Step 5: PHASE A PAUSE**
-
-⛔ **Stop here.** Wait for:
-
-- Code review approval.
-- Merge to main.
-- Deploy to prod.
-- Run `php artisan billing:migrate-leads-to-rub` in prod (manual operator step).
-- 72h observation of `balance_transactions(type='migration')` audit + smoke metrics.
-
-Only then proceed to Phase B.
-
----
-
-## Phase B: Schema cleanup (separate PR, ≥72h after Phase A in prod)
-
-### Task B.1: Create migration to DROP columns
-
-**Files:**
-
-- Create: `app/database/migrations/2026_05_XX_100002_drop_balance_leads_and_tariff_columns.php`
-
-- [ ] **Step 1: Verify code-side has no references**
-
-Run: `grep -rn 'balance_leads\|price_per_lead[^_]\|price_monthly\|included_leads\|trial_bonus_leads\|billing_model' app/ --include='*.php' --include='*.vue' --include='*.ts'`
-
-Expected: 0 references (excluding `lead_charges.price_per_lead_kopecks` — different column).
-
-If references found → STOP. Fix code first, then proceed.
-
-- [ ] **Step 2: Create the migration**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Database\Migrations\Migration;
-use Illuminate\Support\Facades\DB;
-
-return new class extends Migration
-{
-    public function up(): void
-    {
-        DB::statement('ALTER TABLE tenants DROP COLUMN IF EXISTS balance_leads');
-
-        foreach (['price_per_lead','price_monthly','included_leads','trial_bonus_leads','billing_model'] as $col) {
-            DB::statement("ALTER TABLE tariff_plans DROP COLUMN IF EXISTS {$col}");
-        }
-    }
-
-    public function down(): void
-    {
-        DB::statement('ALTER TABLE tenants ADD COLUMN balance_leads INT NOT NULL DEFAULT 0');
-        DB::statement('ALTER TABLE tariff_plans ADD COLUMN price_per_lead DECIMAL(10,2)');
-        DB::statement('ALTER TABLE tariff_plans ADD COLUMN price_monthly DECIMAL(10,2)');
-        DB::statement('ALTER TABLE tariff_plans ADD COLUMN included_leads INT');
-        DB::statement('ALTER TABLE tariff_plans ADD COLUMN trial_bonus_leads INT');
-        DB::statement("ALTER TABLE tariff_plans ADD COLUMN billing_model VARCHAR(50) DEFAULT 'per_lead'");
-    }
-};
-```
-
-- [ ] **Step 3: Run migration locally**
-
-Run: `cd app && php artisan migrate`
-Expected: completes without error.
-
-- [ ] **Step 4: Verify columns gone**
-
-Run: `php artisan tinker --execute='dump(DB::select("SELECT column_name FROM information_schema.columns WHERE table_name=\"tenants\" AND column_name=\"balance_leads\""));'`
-Expected: empty result.
-
-- [ ] **Step 5: Run full Pest + Vitest**
-
-Run: `cd app && ./vendor/bin/pest --parallel && cd .. && npm run test:vue`
-Expected: PASS.
-
-- [ ] **Step 6: Update Tenant model to remove `@property int $balance_leads`**
-
-Edit `app/app/Models/Tenant.php` — remove the PHPDoc `@property` line for balance_leads.
-
-Also clean `$casts` and `$fillable` if balance_leads is still listed.
-
-Regenerate IDE helper:
-
-```
-php artisan ide-helper:generate
-php artisan ide-helper:models -W -M -N
-```
-
-- [ ] **Step 7: Commit**
-
-```
-git add app/database/migrations/2026_05_XX_100002_*.php \
-        app/app/Models/Tenant.php \
-        app/_ide_helper*.php
-git commit -m "feat(billing-v2): Phase B — DROP balance_leads + 5 tariff_plans columns"
-```
-
----
-
-### Task B.2: Update `db/schema.sql` baseline + CHANGELOG
-
-**Files:**
-
-- Modify: `db/schema.sql`
-- Modify: `db/CHANGELOG_schema.md`
-
-- [ ] **Step 1: Edit schema.sql**
-
-- Remove the `balance_leads` column from CREATE TABLE tenants.
-- Remove the 5 columns from CREATE TABLE tariff_plans.
-- Update header version line + add `-- v8.NN (DD.05.2026 — Billing v2 Spec A Phase B: DROP balance_leads + 5 tariff_plans cols)`.
-
-- [ ] **Step 2: Edit CHANGELOG_schema.md**
-
-Add:
-
-```markdown
-## v8.NN (DD.05.2026) — Billing v2 Phase B
-- DROP COLUMN tenants.balance_leads
-- DROP COLUMN tariff_plans.{price_per_lead, price_monthly, included_leads, trial_bonus_leads, billing_model}
-```
-
-- [ ] **Step 3: Verify migrate:fresh works on testing DB**
-
-Run: `cd app && php artisan migrate:fresh --env=testing`
-Expected: completes; new schema matches `db/schema.sql`.
-
-- [ ] **Step 4: Commit**
-
-```
-git add db/schema.sql db/CHANGELOG_schema.md
-git commit -m "docs(schema): Phase B — sync schema.sql + CHANGELOG"
-```
-
----
-
-### Task B.3: `/regression full` + PR
-
-- [ ] **Step 1: Run regression**
-
-Same as Task A.22.
-
-- [ ] **Step 2: Push + PR**
-
-```
-git push origin feat/billing-v2-spec-a   # Phase B commits append to same branch OR open new branch
-```
-
-If using separate branch:
-
-```
-git checkout -B feat/billing-v2-phase-b
-git push origin feat/billing-v2-phase-b
-```
-
-- [ ] **Step 3: Open PR** — title `feat(billing-v2): Phase B — schema cleanup (DROP columns)`.
-
----
-
-## Spec Coverage Check (self-review)
-
-| Spec requirement | Task | Status |
-|---|---|---|
-| §2.1.1 `balance_leads` уходит | A.11 (migration) + B.1 (DROP) | ✓ |
-| §2.1.2 BalanceToLeadsConverter | A.2 | ✓ |
-| §2.1.3 tariff_plans обрезка | B.1 + A.13 (seeders) | ✓ |
-| §2.1.4 без возвратов | A.8 + A.19 | ✓ |
-| §3.2.3 TYPE_MIGRATION | A.1 | ✓ |
-| §3.3.1 BalanceToLeadsConverter | A.2 | ✓ |
-| §3.3.2 chargeForDelivery упрощение | A.3, A.4, A.5 | ✓ |
-| §3.3.3 wallet API response shape | A.6 | ✓ |
-| §3.3.4 transactions filter cleanup | A.8 | ✓ |
-| §3.3.5 AdminPricingTiers bcmul | A.9 | ✓ |
-| §3.3.6 charges export JOIN | A.10 | ✓ |
-| §3.3.7 seeders cleanup | A.13 | ✓ |
-| §3.4.1 types update | A.14 | ✓ |
-| §3.4.2 BillingView shape | A.16, A.18 | ✓ |
-| §3.4.3 BalanceCard rewrite | A.15 | ✓ |
-| §3.4.4 TransactionsTable | A.19 | ✓ |
-| §3.4.5 InvoicesTable | A.20 | ✓ |
-| §3.4.6 ChargesTab | A.21 | ✓ |
-| §3.4.7 TopupDialog | — (intentionally not touched; spec C) | ✓ |
-| §3.4.8 TierPricesPanel | A.17, A.18 | ✓ |
-| §3.5 tests | woven throughout TDD | ✓ |
-| §4.1 двухфазный релиз | Phase A pause + Phase B | ✓ |
-| §4.2 регрессионные критерии | A.22, B.3 | ✓ |
-
-All 19 findings from §6 reestr → mapped to tasks via spec sections above.
-
----
-
-## Plan complete
-
-**Сохранено в:** `docs/superpowers/plans/2026-05-23-billing-v2-spec-a-balance-rub-plan.md`
-
-**Две опции выполнения:**
-
-1. **Subagent-Driven (рекомендую)** — я диспатчу свежего субагента (Sonnet или Opus, не Haiku) на каждую задачу, ревьюю между задачами, быстрая итерация. Каждая задача — отдельный коммит.
-
-2. **Inline Execution** — выполняю задачи в этой сессии через executing-plans, пакетное исполнение с чекпоинтами на ревью.
-
-**Какой подход?**
diff --git a/docs/superpowers/plans/2026-05-23-billing-v2-spec-b-duplicates-plan.md b/docs/superpowers/plans/2026-05-23-billing-v2-spec-b-duplicates-plan.md
deleted file mode 100644
index 0057eb1..0000000
--- a/docs/superpowers/plans/2026-05-23-billing-v2-spec-b-duplicates-plan.md
+++ /dev/null
@@ -1,807 +0,0 @@
-# Биллинг v2 Спек B — политика дублей: план реализации
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Убрать наш телефонный антифрод-фильтр дублей (доверяем дедупу поставщика), но гарантировать на уровне БД, что одна поставка одному клиенту тарифицируется ровно один раз; лимит шеринга — 3 разных клиента.
-
-**Architecture:** Удаляем `DuplicateDetector` из обоих job-путей. В шеринг-пути (`RouteSupplierLeadJob`) раздача переводится с лимита-по-проектам на лимит-по-клиентам (один проект на клиента — DISTINCT ON по `tenant_id`, выбор проекта с макс. остатком дневного лимита; cap=3 клиента). Новая таблица-замок `supplier_lead_deliveries` (PK `supplier_lead_id`+`tenant_id`) + `insertOrIgnore` внутри транзакции создания сделки гарантирует «одна поставка → один оплаченный лид на клиента» даже при гонках/перезапусках/CSV-восстановлении.
-
-**Tech Stack:** Laravel 13, PostgreSQL 16 (партиционированная `deals`, RLS по `app.current_tenant_id`, 5 ролей), Pest 4 (`--parallel`), bcmath/`LedgerService`. Worktree `.claude/worktrees/billing-v2-spec-b/`, ветка `feat/billing-v2-spec-b` (база origin/main `ff2ee59e`, Спек A уже влит).
-
-**Спека:** `docs/superpowers/specs/2026-05-23-billing-v2-spec-b-duplicates-design.md`
-
----
-
-## ⚠️ Важный контекст базы (прочитать до старта)
-
-1. **Спек A влит в origin/main.** `App\Services\Billing\LedgerService::chargeForDelivery` — always-rub: списывает `balance_rub` (bcmath), пишет `LeadCharge(charge_source='rub')` + `BalanceTransaction` + `supplier_lead_costs`; `balance_leads` НЕ трогает. Возвращает `ChargeResult`.
-2. **Тест-долг Спека A.** Часть существующих тестов (`app/tests/Feature/Jobs/RouteSupplierLeadJobTest.php` ассертит `balance_leads → 99`; `RouteSupplierLeadJobBillingTest.php` имеет кейс `charge_source='prepaid'`) противоречит always-rub `LedgerService` и, вероятно, **уже красная на этой базе**. Это НЕ наша регрессия. Task 1 устанавливает фактический baseline. Новые тесты Спека B заякорены на **model-agnostic** ассерты (число `Deal` / `LeadCharge` на клиента + строки таблицы-замка) и сетап через хелпер `prepareSharingFlow` с достаточным `balance_rub`, чтобы не зависеть от prepaid/rub.
-3. **Два job-пути.** `ProcessWebhookJob` (прямой вебхук, `WebhookReceiveController`) — идемпотентность по `vid` через `webhook_dedup_keys (tenant_id, source_crm_id)`; замок там НЕ нужен. `RouteSupplierLeadJob` (шеринг, `SupplierWebhookController` + `CsvReconcileJob`) — замок нужен здесь.
-4. **Гранты — blanket.** `db/02_grants.sql` выдаёт `GRANT ... ON ALL TABLES` + `ALTER DEFAULT PRIVILEGES`. Новая tenant-таблица грантов отдельно не требует. На dev — `postgres` superuser.
-5. **`duplicate_detected` в origin/main отсутствует** (ни в `db/schema.sql`, ни во фронте, ни в backend) — чистить нечего, только verify-grep. Колонка `deals.duplicate_of_id` (schema.sql:1626) + индекс (schema.sql:1688) — есть.
-
----
-
-## File Structure
-
-| Файл | Действие | Ответственность |
-|---|---|---|
-| `db/migrations/2026_05_23_200_supplier_lead_deliveries.sql` | Create | DDL таблицы-замка (RLS + PK + FK) |
-| `app/database/migrations/2026_05_23_200000_create_supplier_lead_deliveries.php` | Create | парная Laravel-миграция (idempotency guard) |
-| `db/migrations/2026_05_23_201_drop_deals_duplicate_of_id_index.sql` | Create | DROP лишнего индекса |
-| `app/database/migrations/2026_05_23_201000_drop_deals_duplicate_of_id_index.php` | Create | парная Laravel-миграция |
-| `db/schema.sql` | Modify | +CREATE TABLE supplier_lead_deliveries; −CREATE INDEX deals(duplicate_of_id); header v8.32→v8.33 |
-| `db/CHANGELOG_schema.md` | Modify | +запись v8.33 |
-| `app/app/Models/SupplierLeadDelivery.php` | Create | Eloquent-модель замка |
-| `app/app/Services/DuplicateDetector.php` | Delete | сервис телефонного фильтра |
-| `app/app/Jobs/ProcessWebhookJob.php` | Modify | убрать findMaster + markAsDuplicate, всегда charge |
-| `app/app/Jobs/RouteSupplierLeadJob.php` | Modify | убрать DuplicateDetector из сигнатур; +замок insertOrIgnore; раздача по клиентам |
-| `app/app/Services/LeadRouter.php` | Modify | DISTINCT ON (tenant_id) — один проект на клиента (макс. остаток лимита) |
-| `app/tests/Feature/Supplier/SupplierLeadDeliveryGuardTest.php` | Create | тесты замка + раздачи по клиентам |
-| `app/tests/Feature/Jobs/RouteSupplierLeadJobTest.php` | Modify | убрать DuplicateDetector из `runRouteJob`; удалить/переписать дубль-тесты |
-| `app/tests/Feature/ProcessWebhookJobTest.php` | Modify | убрать дубль-тесты; +тест «два vid, один телефон → оба charge» |
-| прочие тесты с `DuplicateDetector`/`runRouteJob` | Modify | привести сигнатуры к 6-арговому handle() |
-
----
-
-## Task 1: Baseline — зафиксировать фактическое состояние
-
-**Files:** нет правок (только прогон).
-
-- [ ] **Step 1: Подготовить тестовую БД worktree**
-
-Run:
-
-```bash
-cd .claude/worktrees/billing-v2-spec-b/app
-php artisan migrate:fresh --env=testing
-php artisan partitions:create-months --env=testing
-```
-
-Expected: миграции проходят; партиции `deals_*`, `balance_transactions_*`, `supplier_lead_costs_*` за текущий/смежные месяцы созданы. (Квирк Спека A: при нехватке партиций тесты падают с partition-ошибкой — пересоздать.)
-
-- [ ] **Step 2: Прогнать затронутые сюиты, записать baseline**
-
-Run:
-
-```bash
-php artisan test tests/Feature/Jobs/RouteSupplierLeadJobTest.php tests/Feature/Supplier/RouteSupplierLeadJobBillingTest.php tests/Feature/ProcessWebhookJobTest.php tests/Feature/Integration/SupplierLeadFlowTest.php tests/Feature/Supplier/AutoPauseFlowTest.php tests/Feature/Supplier/CsvReconcileJobTest.php tests/Feature/Pd/DealCreatePdLogTest.php
-```
-
-Expected: записать в заметку, какие тесты GREEN, какие RED. Ожидаемо красные (тест-долг Спека A, НЕ наша задача): `RouteSupplierLeadJobTest` (balance_leads ассерты), prepaid-кейс в `RouteSupplierLeadJobBillingTest`. Всё остальное должно быть GREEN.
-
-- [ ] **Step 3: Подтвердить модель списания**
-
-Run:
-
-```bash
-grep -n "charge_source\|balance_rub\|balance_leads" app/Services/Billing/LedgerService.php
-```
-
-Expected: `charge_source` = `'rub'` хардкод, списывается `balance_rub`. Зафиксировать: новые тесты используют `balance_rub` и `LeadCharge::count()`.
-
-- [ ] **Step 4: Коммит заметки baseline (опционально)**
-
-Если ведёте журнал — зафиксируйте baseline-вывод в описании задачи. Кода-коммита нет.
-
----
-
-## Task 2: Таблица-замок `supplier_lead_deliveries`
-
-**Files:**
-
-- Create: `db/migrations/2026_05_23_200_supplier_lead_deliveries.sql`
-- Create: `app/database/migrations/2026_05_23_200000_create_supplier_lead_deliveries.php`
-- Modify: `db/schema.sql` (вставить CREATE TABLE; header v8.32→v8.33)
-- Modify: `db/CHANGELOG_schema.md`
-- Create: `app/app/Models/SupplierLeadDelivery.php`
-- Test: `app/tests/Feature/Supplier/SupplierLeadDeliveryGuardTest.php` (schema-часть)
-
-- [ ] **Step 1: Написать падающий schema-тест**
-
-Создать `app/tests/Feature/Supplier/SupplierLeadDeliveryGuardTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\DB;
-
-uses(DatabaseTransactions::class);
-
-it('supplier_lead_deliveries table exists with PK (supplier_lead_id, tenant_id) and RLS', function (): void {
-    $cols = collect(DB::select(
-        "SELECT column_name FROM information_schema.columns WHERE table_name = 'supplier_lead_deliveries'"
-    ))->pluck('column_name')->all();
-
-    expect($cols)->toContain('supplier_lead_id')
-        ->toContain('tenant_id')
-        ->toContain('deal_id')
-        ->toContain('created_at');
-
-    $pk = collect(DB::select(
-        "SELECT a.attname FROM pg_index i
-         JOIN pg_attribute a ON a.attrelid = i.indrelid AND a.attnum = ANY(i.indkey)
-         WHERE i.indrelid = 'supplier_lead_deliveries'::regclass AND i.indisprimary"
-    ))->pluck('attname')->sort()->values()->all();
-    expect($pk)->toBe(['supplier_lead_id', 'tenant_id']);
-
-    $rls = DB::selectOne(
-        "SELECT relrowsecurity FROM pg_class WHERE relname = 'supplier_lead_deliveries'"
-    );
-    expect($rls->relrowsecurity)->toBeTrue();
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `php artisan test tests/Feature/Supplier/SupplierLeadDeliveryGuardTest.php`
-Expected: FAIL (таблицы нет).
-
-- [ ] **Step 3: Написать DDL-файл миграции**
-
-Создать `db/migrations/2026_05_23_200_supplier_lead_deliveries.sql`:
-
-```sql
--- =============================================================================
--- supplier_lead_deliveries — замок «одна поставка одному клиенту = один раз»
--- (Billing v2 Spec B). Ключ по поставке (supplier_lead_id), НЕ по телефону —
--- разные поставки с одним телефоном остаются отдельными платными лидами.
--- Защищает шеринг-путь (RouteSupplierLeadJob) от наших собственных дублей
--- при гонках / перезапусках задачи / CSV-восстановлении.
--- =============================================================================
-CREATE TABLE supplier_lead_deliveries (
-    supplier_lead_id BIGINT NOT NULL REFERENCES supplier_leads(id) ON DELETE CASCADE,
-    tenant_id        BIGINT NOT NULL REFERENCES tenants(id) ON DELETE CASCADE,
-    deal_id          BIGINT,            -- созданная сделка; без FK (deals партиционирована)
-    created_at       TIMESTAMPTZ NOT NULL DEFAULT NOW(),
-    PRIMARY KEY (supplier_lead_id, tenant_id)
-);
-
-ALTER TABLE supplier_lead_deliveries ENABLE ROW LEVEL SECURITY;
-CREATE POLICY tenant_isolation ON supplier_lead_deliveries
-    USING (tenant_id = current_setting('app.current_tenant_id')::bigint);
-```
-
-- [ ] **Step 4: Написать парную Laravel-миграцию**
-
-Создать `app/database/migrations/2026_05_23_200000_create_supplier_lead_deliveries.php`:
-
-```php
-<?php
-
-use Illuminate\Database\Migrations\Migration;
-use Illuminate\Support\Facades\DB;
-
-return new class extends Migration
-{
-    public function up(): void
-    {
-        // Idempotency: если schema.sql уже загружен (migrate:fresh), таблица есть — пропускаем.
-        if (DB::selectOne('SELECT 1 AS ok FROM pg_class WHERE relname = ?', ['supplier_lead_deliveries']) !== null) {
-            return;
-        }
-
-        $sql = file_get_contents(base_path('../db/migrations/2026_05_23_200_supplier_lead_deliveries.sql'));
-        if ($sql === false) {
-            throw new RuntimeException('Migration SQL file not found.');
-        }
-        DB::unprepared($sql);
-    }
-
-    public function down(): void
-    {
-        DB::unprepared('DROP TABLE IF EXISTS supplier_lead_deliveries CASCADE;');
-    }
-};
-```
-
-- [ ] **Step 5: Вставить CREATE TABLE в `db/schema.sql`**
-
-Вставить блок из Step 3 (без комментария-шапки повторно — достаточно одного) в `db/schema.sql` сразу ПОСЛЕ блока `CREATE TABLE webhook_dedup_keys (...)` с его индексами/RLS (найти `grep -n "CREATE TABLE webhook_dedup_keys" db/schema.sql`). Обновить header-строку версии:
-
-```
--- Версия: v8.33 (23.05.2026 — Billing v2 Spec B: +supplier_lead_deliveries замок поставка↔клиент; −индекс deals(duplicate_of_id))
-```
-
-- [ ] **Step 6: Запись в `db/CHANGELOG_schema.md`**
-
-Добавить сверху списка изменений:
-
-```markdown
-## v8.33 (2026-05-23) — Billing v2 Spec B: политика дублей
-
-- **+таблица `supplier_lead_deliveries`** (PK `supplier_lead_id`+`tenant_id`, FK на `supplier_leads` ON DELETE CASCADE, `deal_id` без FK, RLS `tenant_isolation`). Замок «одна поставка одному клиенту = один оплаченный лид» для шеринг-пути.
-- **−индекс `deals (duplicate_of_id) WHERE duplicate_of_id IS NOT NULL`** — концепция телефонного дедупа удалена (DuplicateDetector); колонка `deals.duplicate_of_id` оставлена спящей.
-- Метрики: +1 таблица, −1 индекс. (Сверять с header schema.sql.)
-```
-
-- [ ] **Step 7: Создать Eloquent-модель**
-
-Создать `app/app/Models/SupplierLeadDelivery.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Models;
-
-use Illuminate\Database\Eloquent\Model;
-
-/**
- * Замок «поставка ↔ клиент» (Billing v2 Spec B). Композитный PK без автоинкремента.
- * Пишется в шеринг-пути (RouteSupplierLeadJob) через insertOrIgnore под RLS-контекстом.
- */
-class SupplierLeadDelivery extends Model
-{
-    public $incrementing = false;
-
-    public $timestamps = false;
-
-    protected $primaryKey = null;
-
-    protected $fillable = ['supplier_lead_id', 'tenant_id', 'deal_id', 'created_at'];
-}
-```
-
-- [ ] **Step 8: Пересоздать тестовую БД и прогнать schema-тест**
-
-Run:
-
-```bash
-php artisan migrate:fresh --env=testing && php artisan partitions:create-months --env=testing
-php artisan test tests/Feature/Supplier/SupplierLeadDeliveryGuardTest.php
-```
-
-Expected: PASS.
-
-- [ ] **Step 9: Коммит**
-
-```bash
-git add db/migrations/2026_05_23_200_supplier_lead_deliveries.sql \
-        app/database/migrations/2026_05_23_200000_create_supplier_lead_deliveries.php \
-        db/schema.sql db/CHANGELOG_schema.md \
-        app/app/Models/SupplierLeadDelivery.php \
-        app/tests/Feature/Supplier/SupplierLeadDeliveryGuardTest.php
-git commit -m "feat(billing-v2): supplier_lead_deliveries lock table (Spec B)"
-```
-
----
-
-## Task 3: Раздача по клиентам (LeadRouter — один проект на клиента)
-
-**Files:**
-
-- Modify: `app/app/Services/LeadRouter.php`
-- Test: `app/tests/Feature/Supplier/SupplierLeadDeliveryGuardTest.php` (добавить кейс)
-
-- [ ] **Step 1: Написать падающий тест «один клиент, 2 проекта → 1 сделка»**
-
-Добавить в `SupplierLeadDeliveryGuardTest.php` (хелперы `prepareSharingFlow` / `linkProjectToSupplier` — из `tests/Pest.php`; сверить сигнатуру по `RouteSupplierLeadJobBillingTest.php`):
-
-```php
-use App\Jobs\RouteSupplierLeadJob;
-use App\Models\Deal;
-use App\Models\LeadCharge;
-use App\Models\Project;
-use App\Models\SupplierLead;
-use App\Models\SupplierProject;
-use App\Models\Tenant;
-use Database\Seeders\PricingTierSeeder;
-
-it('one delivery to a tenant with 2 eligible projects → exactly 1 deal + 1 charge', function (): void {
-    $this->seed(PricingTierSeeder::class);
-
-    $sp = SupplierProject::factory()->create([
-        'platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'twoproj.ru',
-    ]);
-    $tenant = Tenant::factory()->create(['balance_leads' => 0, 'balance_rub' => '100000.00']);
-
-    // Два подходящих проекта одного клиента, разный остаток лимита.
-    $pLow = Project::factory()->create([
-        'tenant_id' => $tenant->id, 'is_active' => true,
-        'daily_limit_target' => 10, 'delivered_today' => 9, 'delivery_days_mask' => 127,
-    ]);
-    $pHigh = Project::factory()->create([
-        'tenant_id' => $tenant->id, 'is_active' => true,
-        'daily_limit_target' => 10, 'delivered_today' => 0, 'delivery_days_mask' => 127,
-    ]);
-    linkProjectToSupplier($pLow, $sp);
-    linkProjectToSupplier($pHigh, $sp);
-
-    $vid = 600001;
-    $lead = SupplierLead::factory()->create([
-        'supplier_project_id' => null, 'platform' => 'B1', 'vid' => $vid,
-        'phone' => '79991234567',
-        'raw_payload' => ['vid' => $vid, 'project' => 'B1_twoproj.ru', 'phone' => '79991234567', 'time' => now()->getTimestamp()],
-    ]);
-
-    runRouteJob($lead->id);
-
-    DB::statement("SET LOCAL app.current_tenant_id = '{$tenant->id}'");
-    expect(Deal::query()->where('source_crm_id', $vid)->count())->toBe(1);
-    expect(LeadCharge::query()->where('tenant_id', $tenant->id)->count())->toBe(1);
-    // Выбран проект с наибольшим остатком лимита.
-    expect($pHigh->fresh()->delivered_today)->toBe(1);
-    expect($pLow->fresh()->delivered_today)->toBe(9);
-});
-```
-
-NB: `runRouteJob` уже определён в `RouteSupplierLeadJobTest.php`, но это другой файл. Определить локальный хелпер в этом файле (после Task 4 он будет 6-арговым — см. ниже), либо вызвать job напрямую. Чтобы не зависеть от Task 4, в этом тесте вызвать job через `app()`-резолв 6 аргументов ПОСЛЕ Task 4. Поэтому: написать тело теста, но запускать его в Step 3 уже после правки LeadRouter, а полную зелёность по job — в Task 6.
-
-- [ ] **Step 2: Переписать `LeadRouter::matchEligibleProjects` на DISTINCT ON (tenant_id)**
-
-Заменить тело `matchEligibleProjects` в `app/app/Services/LeadRouter.php` — добавить `DISTINCT ON (projects.tenant_id)` с выбором проекта максимального остатка лимита:
-
-```php
-        /** @var Collection<int, Project> $candidates */
-        $candidates = Project::on('pgsql_supplier')
-            ->select('projects.*')
-            ->selectRaw('DISTINCT ON (projects.tenant_id) projects.id AS __distinct_marker')
-            ->whereExists(function ($q) use ($supplierProject): void {
-                $q->selectRaw('1')
-                    ->from('project_supplier_links')
-                    ->whereColumn('project_supplier_links.project_id', 'projects.id')
-                    ->where('project_supplier_links.supplier_project_id', $supplierProject->id);
-            })
-            ->where('is_active', true)
-            ->whereRaw('(delivery_days_mask & ?) <> 0', [$todayBit])
-            ->whereRaw('delivered_today < COALESCE(effective_daily_limit_today, daily_limit_target)')
-            ->whereExists(function ($q): void {
-                $q->selectRaw('1')
-                    ->from('tenants')
-                    ->whereColumn('tenants.id', 'projects.tenant_id')
-                    ->where(function ($qq): void {
-                        $qq->where('tenants.balance_leads', '>', 0)
-                            ->orWhere('tenants.balance_rub', '>', 0);
-                    });
-            })
-            ->orderBy('projects.tenant_id')
-            ->orderByRaw('COALESCE(projects.effective_daily_limit_today, projects.daily_limit_target) - projects.delivered_today DESC')
-            ->orderBy('projects.created_at')
-            ->orderBy('projects.id')
-            ->get();
-
-        return $candidates->values();
-```
-
-NB: смешение `DISTINCT ON` + Eloquent `select('projects.*')` хрупко. **Предпочтительный вариант** — сырой select без маркера:
-
-```php
-        $candidates = Project::on('pgsql_supplier')
-            ->fromRaw('projects')
-            ->whereExists(/* project_supplier_links ... */)
-            ->where('is_active', true)
-            ->whereRaw('(delivery_days_mask & ?) <> 0', [$todayBit])
-            ->whereRaw('delivered_today < COALESCE(effective_daily_limit_today, daily_limit_target)')
-            ->whereExists(/* tenants balance ... */)
-            ->orderByRaw('projects.tenant_id, COALESCE(projects.effective_daily_limit_today, projects.daily_limit_target) - projects.delivered_today DESC, projects.created_at, projects.id')
-            ->selectRaw('DISTINCT ON (projects.tenant_id) projects.*')
-            ->get();
-```
-
-Реализатор выбирает рабочий из двух (проверить SQL прогоном). Семантика обязательна: **ровно один Project на tenant_id, с максимальным остатком `COALESCE(effective_daily_limit_today, daily_limit_target) - delivered_today`; тай-брейк `created_at, id`**.
-
-- [ ] **Step 3: Прогон существующих router-зависимых тестов**
-
-Run: `php artisan test tests/Feature/Jobs/RouteSupplierLeadJobTest.php --filter="caps deal creation at 3"`
-Expected: тест cap=3 (5 клиентов по 1 проекту) остаётся GREEN (DISTINCT ON не меняет результат при одном проекте на клиента). Если упал из-за DuplicateDetector-аргумента — это чинится в Task 4; здесь убедиться, что SQL DISTINCT ON валиден (нет SQL-ошибки).
-
-- [ ] **Step 4: Коммит**
-
-```bash
-git add app/app/Services/LeadRouter.php app/tests/Feature/Supplier/SupplierLeadDeliveryGuardTest.php
-git commit -m "feat(billing-v2): LeadRouter — one project per tenant (max remaining limit)"
-```
-
----
-
-## Task 4: Удалить `DuplicateDetector` из `RouteSupplierLeadJob`
-
-**Files:**
-
-- Modify: `app/app/Jobs/RouteSupplierLeadJob.php`
-- Modify: `app/tests/Feature/Jobs/RouteSupplierLeadJobTest.php` (сигнатура `runRouteJob`, удалить дубль-тесты)
-
-- [ ] **Step 1: Убрать DuplicateDetector из `handle()` и `createDealCopyForProject()`**
-
-В `app/app/Jobs/RouteSupplierLeadJob.php`:
-
-- Удалить `use App\Services\DuplicateDetector;`.
-- Из сигнатуры `handle(...)` убрать параметр `DuplicateDetector $duplicateDetector,`.
-- Из вызова `$this->createDealCopyForProject($lead, $project, $duplicateDetector, $notifier, $ledger, $subjectCode)` убрать `$duplicateDetector`.
-- Из сигнатуры `createDealCopyForProject(...)` убрать параметр `DuplicateDetector $duplicateDetector,`.
-- Удалить блок поиска master + ветку дубля (строки ~274–306: `$master = $duplicateDetector->findMaster(...)` ... `if ($master !== null && $master->id !== $deal->id) { ... return false; }`). Сделка всегда идёт на `chargeForDelivery`.
-- Обновить doc-комментарии (убрать упоминания DuplicateDetector/Биз-19/duplicate_of_id).
-
-- [ ] **Step 2: Обновить тест-хелпер и удалить дубль-тесты**
-
-В `app/tests/Feature/Jobs/RouteSupplierLeadJobTest.php`:
-
-- Убрать `use App\Services\DuplicateDetector;`.
-- В `runRouteJob()` и в инлайн-вызове теста «caps deal creation at 3» убрать аргумент `app(DuplicateDetector::class),` (handle() теперь 6-арговый).
-- Удалить тест `it('marks duplicate via DuplicateDetector — no charge ...')` (строки ~158–204) — концепция удалена.
-- Переписать тест `it('handles mixed routing: 3 projects, 1 with pre-existing master (dup), 2 clean')` → новое имя/поведение: pre-existing deal с тем же телефоном (другой `vid`) НЕ подавляет списание; ожидать `deals_created_count = 3`, все три баланса/счётчики списаны. (См. также Task 7 — там добавляются model-agnostic тесты; здесь достаточно убрать `duplicate_of_id`-ассерты и привести ожидание к «3 charged».)
-
-- [ ] **Step 3: Прогон**
-
-Run: `php artisan test tests/Feature/Jobs/RouteSupplierLeadJobTest.php`
-Expected: тесты, не завязанные на `balance_leads`-долг, GREEN; компиляция (6-арговый handle) проходит. Красные строго из-за `balance_leads`-ассертов (тест-долг Спека A) — допустимо; если задача включает их починку, мигрировать на `balance_rub` (см. Task 7 Step 4).
-
-- [ ] **Step 4: Коммит**
-
-```bash
-git add app/app/Jobs/RouteSupplierLeadJob.php app/tests/Feature/Jobs/RouteSupplierLeadJobTest.php
-git commit -m "refactor(billing-v2): drop DuplicateDetector from RouteSupplierLeadJob (Spec B)"
-```
-
----
-
-## Task 5: Удалить `DuplicateDetector` из `ProcessWebhookJob` + сам сервис
-
-**Files:**
-
-- Modify: `app/app/Jobs/ProcessWebhookJob.php`
-- Delete: `app/app/Services/DuplicateDetector.php`
-- Modify: `app/tests/Feature/ProcessWebhookJobTest.php`
-
-- [ ] **Step 1: Написать падающий тест «два vid, один телефон → оба charge»**
-
-В `app/tests/Feature/ProcessWebhookJobTest.php` добавить (сверить сетап с существующими тестами файла — tenant с балансом, dispatch `ProcessWebhookJob`):
-
-```php
-it('charges both leads with same phone but different vid (no phone dedup)', function (): void {
-    // Сетап tenant + project как в соседних тестах файла.
-    // Прогнать ProcessWebhookJob дважды: тот же phone, разные vid.
-    // Ожидать: 2 Deal, баланс списан дважды, ни у одной нет duplicate_of_id.
-    // (точный сетап — по образцу существующих тестов ProcessWebhookJobTest)
-})->todo();
-```
-
-Затем заменить `->todo()` на полноценный тест по образцу существующего «новая сделка списывает баланс» из этого же файла (взять его сетап tenant/project/payload, продублировать вызов с двумя разными `vid`, одинаковым `phone`; ассертить 2 сделки + двойное списание).
-
-- [ ] **Step 2: Запустить — убедиться, что падает (или показывает старое поведение)**
-
-Run: `php artisan test tests/Feature/ProcessWebhookJobTest.php --filter="same phone but different vid"`
-Expected: при наличии DuplicateDetector второй лид помечается дублем (FAIL: ожидаем 2 charge, получаем 1).
-
-- [ ] **Step 3: Убрать DuplicateDetector из `ProcessWebhookJob`**
-
-В `app/app/Jobs/ProcessWebhookJob.php`:
-
-- Удалить `use App\Services\DuplicateDetector;`.
-- Удалить `$duplicateDetector = app(DuplicateDetector::class);` и его передачу в `DB::transaction`.
-- Удалить блок поиска master + ветку (строки ~119–133: `$master = $duplicateDetector->findMaster(...)` ... `if ($master !== null && ...) { $this->markAsDuplicate(...); return; }`). После проверки `wasRecentlyCreated` сразу `$this->chargeNewLead(...)`.
-- Удалить приватный метод `markAsDuplicate(...)` (строки ~144–165).
-- Обновить doc-комментарии (убрать абзац про Биз-19/DuplicateDetector).
-
-- [ ] **Step 4: Удалить сервис и дубль-тесты**
-
-```bash
-rm app/app/Services/DuplicateDetector.php
-```
-
-В `app/tests/Feature/ProcessWebhookJobTest.php` удалить тесты телефонного дедупа (master в 24ч → дубль / master старше 24ч / ActivityLog duplicate_of). Оставить/адаптировать только релевантные (vid-идемпотентность, zero-balance).
-
-- [ ] **Step 5: Прогон**
-
-Run: `php artisan test tests/Feature/ProcessWebhookJobTest.php`
-Expected: GREEN (включая новый тест из Step 1).
-
-- [ ] **Step 6: Verify — нет висячих ссылок на DuplicateDetector**
-
-Run: `grep -rn "DuplicateDetector\|findMaster\|markAsDuplicate" app/`
-Expected: 0 совпадений.
-
-- [ ] **Step 7: Коммит**
-
-```bash
-git add app/app/Jobs/ProcessWebhookJob.php app/tests/Feature/ProcessWebhookJobTest.php
-git rm app/app/Services/DuplicateDetector.php
-git commit -m "refactor(billing-v2): remove DuplicateDetector + phone dedup from ProcessWebhookJob (Spec B)"
-```
-
----
-
-## Task 6: Замок в `RouteSupplierLeadJob::createDealCopyForProject`
-
-**Files:**
-
-- Modify: `app/app/Jobs/RouteSupplierLeadJob.php`
-- Test: `app/tests/Feature/Supplier/SupplierLeadDeliveryGuardTest.php`
-
-- [ ] **Step 1: Написать падающий тест замка (повторная выдача той же поставки клиенту)**
-
-Добавить в `SupplierLeadDeliveryGuardTest.php` (определить локальный 6-арговый `runRouteJob`-хелпер в этом файле, без `DuplicateDetector`):
-
-```php
-use App\Services\LeadRouter;
-use App\Services\LeadDistributor;
-use App\Services\NotificationService;
-use App\Services\RegionTagResolver;
-use App\Services\Billing\LedgerService;
-use App\Services\SupplierProjects\SupplierProjectResolver;
-use Illuminate\Support\Facades\DB;
-
-function runRouteJobB(int $id): void
-{
-    (new RouteSupplierLeadJob($id))->handle(
-        app(LeadRouter::class),
-        app(SupplierProjectResolver::class),
-        app(NotificationService::class),
-        app(LedgerService::class),
-        app(LeadDistributor::class),
-        app(RegionTagResolver::class),
-    );
-}
-
-it('lock: re-running same delivery to same tenant does not double-charge', function (): void {
-    $this->seed(PricingTierSeeder::class);
-
-    $sp = SupplierProject::factory()->create([
-        'platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'lock.ru',
-    ]);
-    $tenant = Tenant::factory()->create(['balance_leads' => 0, 'balance_rub' => '100000.00']);
-    $p = Project::factory()->create([
-        'tenant_id' => $tenant->id, 'is_active' => true,
-        'daily_limit_target' => 10, 'delivered_today' => 0, 'delivery_days_mask' => 127,
-    ]);
-    linkProjectToSupplier($p, $sp);
-
-    $vid = 610001;
-    $lead = SupplierLead::factory()->create([
-        'supplier_project_id' => null, 'platform' => 'B1', 'vid' => $vid,
-        'phone' => '79991234567',
-        'raw_payload' => ['vid' => $vid, 'project' => 'B1_lock.ru', 'phone' => '79991234567', 'time' => now()->getTimestamp()],
-    ]);
-
-    runRouteJobB($lead->id);
-
-    // Сбросить processed_at, чтобы пройти мимо idempotency-guard и проверить ИМЕННО замок БД.
-    $lead->update(['processed_at' => null]);
-    runRouteJobB($lead->id);
-
-    DB::statement("SET LOCAL app.current_tenant_id = '{$tenant->id}'");
-    expect(Deal::query()->where('source_crm_id', $vid)->count())->toBe(1);
-    expect(LeadCharge::query()->where('tenant_id', $tenant->id)->count())->toBe(1);
-    expect(DB::table('supplier_lead_deliveries')
-        ->where('supplier_lead_id', $lead->id)->where('tenant_id', $tenant->id)->count())->toBe(1);
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `php artisan test tests/Feature/Supplier/SupplierLeadDeliveryGuardTest.php --filter="re-running same delivery"`
-Expected: FAIL (без замка второй прогон создаёт вторую сделку + второй charge).
-
-- [ ] **Step 3: Вставить замок в `createDealCopyForProject`**
-
-В `app/app/Jobs/RouteSupplierLeadJob.php`, внутри `DB::transaction` в `createDealCopyForProject`, ПОСЛЕ `SET LOCAL app.current_tenant_id`, lock'а tenant и recheck'а лимита проекта, но ДО `Deal::create`:
-
-```php
-                // Spec B: замок «одна поставка одному клиенту = один раз».
-                // insertOrIgnore вернёт 0, если строка (supplier_lead_id, tenant_id) уже есть —
-                // эта поставка уже выдавалась этому клиенту (гонка / перезапуск / CSV). Без charge.
-                $locked = DB::table('supplier_lead_deliveries')->insertOrIgnore([
-                    'supplier_lead_id' => $lead->id,
-                    'tenant_id' => $tenant->id,
-                    'created_at' => now(),
-                ]);
-                if ($locked === 0) {
-                    Log::info('supplier_lead.delivery_already_locked', [
-                        'supplier_lead_id' => $lead->id,
-                        'tenant_id' => $tenant->id,
-                    ]);
-
-                    return false;
-                }
-```
-
-После `Deal::create([...])` добавить проставление `deal_id` в замок:
-
-```php
-                DB::table('supplier_lead_deliveries')
-                    ->where('supplier_lead_id', $lead->id)
-                    ->where('tenant_id', $tenant->id)
-                    ->update(['deal_id' => $deal->id]);
-```
-
-NB: `insertOrIgnore` под RLS-политикой `tenant_isolation` — `app.current_tenant_id` уже выставлен в этой транзакции, WITH CHECK (= USING) пройдёт.
-
-- [ ] **Step 4: Прогон**
-
-Run: `php artisan test tests/Feature/Supplier/SupplierLeadDeliveryGuardTest.php`
-Expected: PASS (все кейсы файла, включая Task 3 «2 проекта → 1 сделка»).
-
-- [ ] **Step 5: Коммит**
-
-```bash
-git add app/app/Jobs/RouteSupplierLeadJob.php app/tests/Feature/Supplier/SupplierLeadDeliveryGuardTest.php
-git commit -m "feat(billing-v2): per-(delivery,tenant) lock guard in RouteSupplierLeadJob (Spec B)"
-```
-
----
-
-## Task 7: Тесты политики дублей (model-agnostic) + reconcile прочих сюит
-
-**Files:**
-
-- Modify: `app/tests/Feature/Supplier/SupplierLeadDeliveryGuardTest.php`
-- Modify: затронутые тесты с `DuplicateDetector`/`runRouteJob` / `balance_leads`-долгом
-
-- [ ] **Step 1: Тест «два разных vid, один телефон, один клиент → оба charge»**
-
-Добавить в `SupplierLeadDeliveryGuardTest.php`:
-
-```php
-it('same phone, two different deliveries to one tenant → both charged', function (): void {
-    $this->seed(PricingTierSeeder::class);
-
-    $sp = SupplierProject::factory()->create([
-        'platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'twohit.ru',
-    ]);
-    $tenant = Tenant::factory()->create(['balance_leads' => 0, 'balance_rub' => '100000.00']);
-    $p = Project::factory()->create([
-        'tenant_id' => $tenant->id, 'is_active' => true,
-        'daily_limit_target' => 10, 'delivered_today' => 0, 'delivery_days_mask' => 127,
-    ]);
-    linkProjectToSupplier($p, $sp);
-
-    foreach ([700001, 700002] as $vid) {
-        $lead = SupplierLead::factory()->create([
-            'supplier_project_id' => null, 'platform' => 'B1', 'vid' => $vid,
-            'phone' => '79991234567',
-            'raw_payload' => ['vid' => $vid, 'project' => 'B1_twohit.ru', 'phone' => '79991234567', 'time' => now()->getTimestamp()],
-        ]);
-        runRouteJobB($lead->id);
-    }
-
-    DB::statement("SET LOCAL app.current_tenant_id = '{$tenant->id}'");
-    expect(Deal::query()->where('tenant_id', $tenant->id)->whereIn('source_crm_id', [700001, 700002])->count())->toBe(2);
-    expect(LeadCharge::query()->where('tenant_id', $tenant->id)->count())->toBe(2);
-});
-```
-
-- [ ] **Step 2: Тест «5 клиентов под источник → ровно 3 списания у 3 клиентов»**
-
-Добавить (сидируемый distributor для детерминизма, как в существующем cap-тесте):
-
-```php
-use Random\Engine\Mt19937;
-use Random\Randomizer;
-
-it('cap = 3 distinct tenants: 5 eligible tenants → exactly 3 charged', function (): void {
-    $this->seed(PricingTierSeeder::class);
-    app()->bind(LeadDistributor::class, fn () => new LeadDistributor(new Randomizer(new Mt19937(7))));
-
-    $sp = SupplierProject::factory()->create([
-        'platform' => 'B1', 'signal_type' => 'site', 'unique_key' => 'cap3.ru',
-    ]);
-    foreach (range(1, 5) as $i) {
-        $t = Tenant::factory()->create(['balance_leads' => 0, 'balance_rub' => '100000.00']);
-        $p = Project::factory()->create([
-            'tenant_id' => $t->id, 'is_active' => true,
-            'daily_limit_target' => 10, 'delivered_today' => 0, 'delivery_days_mask' => 127,
-        ]);
-        linkProjectToSupplier($p, $sp);
-    }
-
-    $vid = 710001;
-    $lead = SupplierLead::factory()->create([
-        'supplier_project_id' => null, 'platform' => 'B1', 'vid' => $vid,
-        'phone' => '79991234567',
-        'raw_payload' => ['vid' => $vid, 'project' => 'B1_cap3.ru', 'phone' => '79991234567', 'time' => now()->getTimestamp()],
-    ]);
-
-    runRouteJobB($lead->id);
-
-    $lead->refresh();
-    expect($lead->deals_created_count)->toBe(3);
-    expect(LeadCharge::query()->where('tier_no', '>=', 0)->count())->toBe(3);
-    // 3 разных клиента в замке.
-    expect(DB::table('supplier_lead_deliveries')->where('supplier_lead_id', $lead->id)->count())->toBe(3);
-    expect(DB::table('supplier_lead_deliveries')->where('supplier_lead_id', $lead->id)->distinct()->count('tenant_id'))->toBe(3);
-});
-```
-
-- [ ] **Step 3: Прогон файла**
-
-Run: `php artisan test tests/Feature/Supplier/SupplierLeadDeliveryGuardTest.php`
-Expected: PASS все кейсы.
-
-- [ ] **Step 4: Reconcile прочих сюит, ломающихся сигнатурой/моделью**
-
-Найти все вызовы 7-арговой `handle()` и ссылки на DuplicateDetector:
-
-```bash
-grep -rln "DuplicateDetector\|app(DuplicateDetector" app/tests
-```
-
-В каждом файле (`RouteSupplierLeadJobBillingTest.php`, `Integration/SupplierLeadFlowTest.php`, `AutoPauseFlowTest.php`, `Pd/DealCreatePdLogTest.php`, и т.п.):
-
-- убрать `app(DuplicateDetector::class),` из вызовов `handle()` (→ 6 аргументов);
-- убрать `use App\Services\DuplicateDetector;`;
-- удалить/переписать кейсы, проверявшие телефонный дедуп.
-Если эти тесты используют `balance_leads`-ассерты, несовместимые с always-rub (тест-долг Спека A) и попадают в зону правки — мигрировать на `balance_rub`/`LeadCharge` по образцу `RouteSupplierLeadJobBillingTest` rub-кейса. Тесты, которые мы не трогаем и которые были красны до Task 1, оставить как есть (вне scope Спека B; зафиксировать в отчёте).
-
-- [ ] **Step 5: Прогон затронутых сюит**
-
-Run:
-
-```bash
-php artisan test tests/Feature/Jobs/RouteSupplierLeadJobTest.php tests/Feature/Supplier/RouteSupplierLeadJobBillingTest.php tests/Feature/Integration/SupplierLeadFlowTest.php tests/Feature/Supplier/AutoPauseFlowTest.php tests/Feature/Pd/DealCreatePdLogTest.php tests/Feature/Supplier/CsvReconcileJobTest.php
-```
-
-Expected: GREEN (кроме явно задокументированного pre-existing `balance_leads`-долга, если решено его не трогать).
-
-- [ ] **Step 6: Коммит**
-
-```bash
-git add app/tests
-git commit -m "test(billing-v2): dup-policy tests (no phone dedup, per-client cap, lock) + signature reconcile"
-```
-
----
-
-## Task 8: Финальная регрессия + чистка
-
-**Files:** нет новых правок (verify).
-
-- [ ] **Step 1: Verify — нет `duplicate_detected` / `duplicate_of_id`-записи**
-
-Run:
-
-```bash
-grep -rn "duplicate_detected" app/ db/    # ожидать 0
-grep -rn "duplicate_of_id" app/app        # ожидать 0 (колонка спящая, код не пишет)
-```
-
-Expected: 0 совпадений в коде (комментарии/CHANGELOG допустимы).
-
-- [ ] **Step 2: DROP лишнего индекса (миграция + schema уже правлены в Task 2 Step 5)**
-
-Создать `db/migrations/2026_05_23_201_drop_deals_duplicate_of_id_index.sql`:
-
-```sql
--- Индекс по deals(duplicate_of_id) больше не нужен — телефонный дедуп удалён (Spec B).
-DROP INDEX IF EXISTS deals_duplicate_of_id_idx;
-```
-
-NB: имя индекса автоген — уточнить: `grep -n "duplicate_of_id" db/schema.sql` + на dev `\di deals*` / `SELECT indexname FROM pg_indexes WHERE tablename='deals' AND indexdef ILIKE '%duplicate_of_id%'`. Подставить фактическое имя.
-Создать парную `app/database/migrations/2026_05_23_201000_drop_deals_duplicate_of_id_index.php` (паттерн как Task 2 Step 4, idempotent через `DROP INDEX IF EXISTS`; `up()` грузит .sql, `down()` — пусто или воссоздаёт индекс). Убедиться, что `CREATE INDEX ... deals (duplicate_of_id)` уже убран из `db/schema.sql` (Task 2 Step 5).
-
-- [ ] **Step 3: Линт/статика**
-
-Run:
-
-```bash
-composer pint
-composer stan
-```
-
-Expected: Pint clean; Larastan 0 новых ошибок (для baseline в worktree скопировать `_ide_helper*.php` из основного чекаута — квирк A1-tooling).
-
-- [ ] **Step 4: Полная backend-регрессия**
-
-Run: `php artisan test --parallel`
-Expected: GREEN; кроме явно задокументированного pre-existing `balance_leads`-тест-долга Спека A, если он не входил в scope правок. Зафиксировать итог в отчёте.
-
-- [ ] **Step 5: Финальный коммит миграции индекса**
-
-```bash
-git add db/migrations/2026_05_23_201_drop_deals_duplicate_of_id_index.sql \
-        app/database/migrations/2026_05_23_201000_drop_deals_duplicate_of_id_index.php
-git commit -m "chore(billing-v2): drop unused deals(duplicate_of_id) index (Spec B)"
-```
-
----
-
-## Self-Review (выполнено автором плана)
-
-- **Покрытие спека:** §3.1 убрать фильтр → Tasks 4,5; §3.2 раздача по клиентам → Task 3; §3.3 замок БД → Tasks 2,6; §3.4 чистка следов → Tasks 2 (индекс), 8 (verify; `duplicate_detected` отсутствует в base — подтверждено); §3.5 не трогаем (vid-идемпотентность/CSV-дедуп) → не затрагиваются; §4 крайние случаи → тесты Tasks 6,7; §5 тесты → Tasks 5,6,7; §6 выкатка одна-фазная + CHANGELOG → Task 2.
-- **Плейсхолдеры:** код приведён для всех правок; имя индекса в Task 8 — единственное «уточнить прогоном» (автоген PG-имя, нельзя знать без БД — дана точная команда выяснения).
-- **Согласованность типов:** `runRouteJobB` (6 арг, без DuplicateDetector) — единый хелпер новых тестов; `insertOrIgnore` возвращает int (кол-во вставленных); `LedgerService::chargeForDelivery` сигнатура неизменна; таблица `supplier_lead_deliveries` колонки совпадают между DDL, моделью и тестами.
-- **Scope:** один связный план; pre-existing `balance_leads`-тест-долг Спека A явно вынесен как «вне scope, по решению — мигрировать только затронутое».
diff --git a/docs/superpowers/plans/2026-05-24-billing-v2-spec-c-preflight-vtb.md b/docs/superpowers/plans/2026-05-24-billing-v2-spec-c-preflight-vtb.md
deleted file mode 100644
index a34251d..0000000
--- a/docs/superpowers/plans/2026-05-24-billing-v2-spec-c-preflight-vtb.md
+++ /dev/null
@@ -1,2669 +0,0 @@
-# Биллинг v2 Спек C — Преfflight баланса + VTB-эквайринг — План реализации
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking. **Pravila §15.1** — git-коммит задачи только Sonnet/Opus субагентами (не Haiku); контроллер верифицирует `git rev-parse HEAD` после каждого субагента.
-
-**Goal:** Защитить портал от заказа лидов у поставщика на клиентов без баланса (преfflight) + дать реальное пополнение баланса через безнал (PDF-счёт + сверка) с архитектурой под СБП/карты VTB.
-
-**Architecture:** Преfflight — фильтр eligible-проектов до формулы `computeOrder` (формула не меняется) + флаги заморозки на tenant/project + ежедневный cron 18:00 MSK. VTB — интерфейс `TopupGatewayInterface` + 3 реализации (безнал полный, СБП/карты dev-заглушки) + журнал `topup_sessions`.
-
-**Tech Stack:** PHP 8.3 / Laravel 13, PostgreSQL 16 (RLS), Pest 4, Vue 3 + Vuetify 3, Vitest, barryvdh/laravel-dompdf (новый).
-
-**Спек:** [docs/superpowers/specs/2026-05-24-billing-v2-spec-c-preflight-vtb-design.md](../specs/2026-05-24-billing-v2-spec-c-preflight-vtb-design.md)
-
----
-
-## Контекст для исполнителя (прочитать до начала)
-
-**Что уже есть на `origin/main` (зависимости):**
-
-- `App\Services\Billing\BalanceToLeadsConverter::convert(string $balanceRub, int $deliveredInMonth, Collection $tiers): array` — возвращает `['leads' => int, 'breakdown' => [...], 'current_tier' => ..., 'next_tier' => ...]`. Pure, bcmath. Используется в преfflight для «сколько лидов даёт баланс».
-- `App\Services\Billing\PricingTierResolver` — резолвер ступени по порядковому номеру лида.
-- `App\Services\Billing\LedgerService` — списания (не трогаем).
-- `App\Services\Billing\BillingTopupService::topup(int $tenantId, string $amountRub, ?int $userId)` — MVP-stub пополнения (рефакторим).
-- `App\Models\Tenant` — `balance_rub` (decimal:2), `delivered_in_month` (integer), оба в `$fillable`/`$casts`.
-- `App\Models\BalanceTransaction` — константы `TYPE_TOPUP`, `TYPE_MANUAL_ADJUSTMENT` и др.; append-only через триггер `audit_block_mutation`; hash-chain через `audit_chain_hash`.
-- `App\Services\Supplier\SupplierQuotaAllocator::allocate(...)` + `computeOrder(array $dailyLimits): int` — формула заказа. **Не меняем** — только фильтруем вход в caller'е.
-- `App\Jobs\Supplier\SyncSupplierProjectsJob` — daily-пересчёт заказа поставщику. Caller allocator'а.
-- Schedule живёт в `app/routes/console.php` с обёрткой `SchedulerHeartbeatTracker::recordRunResult(name, ok, err, ms)` (heartbeat hole #6) — все cron-задачи регистрируются через `->before()/->onSuccess()/->onFailure()` хуки.
-- БД-роли: миграции с `CREATE TABLE` запускать через `DB::connection('pgsql_supplier')` + явные `GRANT` в DO-блоке для 4 ролей (см. [project_billing_v2 memory] урок Спека B; default privileges от postgres-superuser НЕ наследуются на чужие creator-роли).
-
-**Деньги:** все операции через `bcadd`/`bcsub`/`bcmul`/`bcdiv` со строками, scale=2 для рублей, никогда PHP float. Списания/мутации баланса — `Tenant::lockForUpdate()` внутри транзакции.
-
-**Время:** cut-off 18:00 MSK = `Europe/Moscow` timezone в Schedule. Тесты времени — `Carbon::setTestNow()` (см. урок Sprint 2 — без него evening-clock баги).
-
-**Тесты:** Pest. Feature в `app/tests/Feature/Billing/` и `app/tests/Feature/Supplier/`; Unit в `app/tests/Unit/Billing/`. Запуск: `cd app && php artisan test --filter=...` или `composer test`.
-
----
-
-## Phase 0 — Подготовка рабочего пространства
-
-### Task 0.1: Создать worktree от свежего origin/main
-
-**Files:** нет (git-операция)
-
-- [ ] **Step 1: Обновить origin и создать worktree**
-
-REQUIRED SUB-SKILL: `superpowers:using-git-worktrees` для изоляции.
-
-```bash
-git fetch origin
-git worktree add -b feat/billing-v2-spec-c .claude/worktrees/billing-v2-spec-c origin/main
-```
-
-- [ ] **Step 2: Скопировать gitignored-файлы в worktree** (урок Sprint 4 — свежий worktree без `.env`, `storage`, бинарей)
-
-```bash
-# из основного checkout'а
-cp app/.env .claude/worktrees/billing-v2-spec-c/app/.env
-cp -r app/storage/framework .claude/worktrees/billing-v2-spec-c/app/storage/
-cp app/_ide_helper.php .claude/worktrees/billing-v2-spec-c/app/ 2>/dev/null || true
-cp bin/lychee.exe .claude/worktrees/billing-v2-spec-c/bin/ 2>/dev/null || true
-```
-
-- [ ] **Step 3: Проверить, что зависимости установлены**
-
-Run: `cd .claude/worktrees/billing-v2-spec-c/app && composer install --no-interaction && npm ci`
-Expected: установка без ошибок; `vendor/` и `node_modules/` на месте.
-
-- [ ] **Step 4: Smoke миграции на тестовой БД**
-
-Run: `cd .claude/worktrees/billing-v2-spec-c/app && php artisan migrate:fresh --env=testing && php artisan test --filter=BalanceToLeadsConverter`
-Expected: миграции прошли, converter-тесты GREEN (зависимость Спека A на месте).
-
----
-
-## Phase 1 — Преfflight баланса
-
-### Task 1.1: Миграция БД — флаги заморозки + журнал
-
-**Files:**
-- Create: `app/database/migrations/2026_05_24_100000_add_balance_freeze_to_tenants_and_projects.php`
-- Create: `db/migrations/2026_05_24_balance_freeze_log.sql` (для prod-синка вручную, как в Спеке B)
-- Modify: `db/schema.sql` (добавить колонки + таблицу + запись в `db/CHANGELOG_schema.md`)
-
-- [ ] **Step 1: Написать миграцию (флаги + журнальная таблица)**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Database\Migrations\Migration;
-use Illuminate\Support\Facades\DB;
-
-return new class extends Migration
-{
-    public function up(): void
-    {
-        // Флаги заморозки. tenant-level — пассивный износ; project-level — точечная перегрузка.
-        DB::statement('ALTER TABLE tenants ADD COLUMN IF NOT EXISTS frozen_by_balance_at TIMESTAMP NULL');
-        DB::statement('ALTER TABLE projects ADD COLUMN IF NOT EXISTS preflight_blocked_at TIMESTAMP NULL');
-
-        DB::statement('CREATE INDEX IF NOT EXISTS tenants_frozen_by_balance_idx ON tenants (frozen_by_balance_at) WHERE frozen_by_balance_at IS NOT NULL');
-        DB::statement('CREATE INDEX IF NOT EXISTS projects_preflight_blocked_idx ON projects (preflight_blocked_at) WHERE preflight_blocked_at IS NOT NULL');
-
-        // Журнал заморозок/разморозок. Создаём через pgsql_supplier (урок Спека B — prod-роли).
-        $supplier = DB::connection('pgsql_supplier');
-        $supplier->statement(<<<'SQL'
-            CREATE TABLE IF NOT EXISTS balance_freeze_log (
-                id BIGSERIAL PRIMARY KEY,
-                tenant_id BIGINT NOT NULL REFERENCES tenants(id),
-                event_type VARCHAR(30) NOT NULL,
-                triggered_by VARCHAR(30) NOT NULL,
-                balance_rub_at_event DECIMAL(12,2) NOT NULL,
-                required_leads INTEGER NOT NULL,
-                capacity_leads INTEGER NOT NULL,
-                total_daily_limit INTEGER NOT NULL,
-                details JSONB,
-                created_at TIMESTAMP NOT NULL DEFAULT now()
-            )
-        SQL);
-        $supplier->statement('ALTER TABLE balance_freeze_log ENABLE ROW LEVEL SECURITY');
-        $supplier->statement(<<<'SQL'
-            CREATE POLICY tenant_isolation ON balance_freeze_log
-            USING (tenant_id = current_setting('app.current_tenant_id', true)::bigint)
-        SQL);
-        $supplier->statement('CREATE INDEX IF NOT EXISTS balance_freeze_log_tenant_idx ON balance_freeze_log (tenant_id, created_at DESC)');
-
-        // Гранты для 4 ролей (mirror webhook_dedup_keys / supplier_lead_deliveries).
-        foreach (['crm_app_user', 'crm_supplier_worker', 'crm_migrator', 'crm_app_admin'] as $role) {
-            $supplier->statement(<<<SQL
-                DO \$\$
-                BEGIN
-                    IF EXISTS (SELECT 1 FROM pg_roles WHERE rolname = '{$role}') THEN
-                        GRANT SELECT, INSERT ON balance_freeze_log TO {$role};
-                        GRANT USAGE, SELECT ON SEQUENCE balance_freeze_log_id_seq TO {$role};
-                    END IF;
-                END
-                \$\$
-            SQL);
-        }
-    }
-
-    public function down(): void
-    {
-        DB::connection('pgsql_supplier')->statement('DROP TABLE IF EXISTS balance_freeze_log');
-        DB::statement('ALTER TABLE projects DROP COLUMN IF EXISTS preflight_blocked_at');
-        DB::statement('ALTER TABLE tenants DROP COLUMN IF EXISTS frozen_by_balance_at');
-    }
-};
-```
-
-- [ ] **Step 2: Прогнать миграцию на testing**
-
-Run: `cd app && php artisan migrate --env=testing`
-Expected: `2026_05_24_100000_add_balance_freeze... DONE`. Без ошибок прав.
-
-- [ ] **Step 3: Проверить, что append-only НЕ нужен журналу** (в отличие от balance_transactions — журнал заморозок не финансовый, UPDATE не предполагается, но INSERT-only по дизайну). Зафиксировать решение комментарием в миграции.
-
-- [ ] **Step 4: Синхронизировать `db/schema.sql` + CHANGELOG**
-
-Добавить в `db/schema.sql` определения колонок и таблицы (вручную, по факту миграции). Записать в `db/CHANGELOG_schema.md` строку «v8.34 → v8.35: +balance_freeze_log, +tenants.frozen_by_balance_at, +projects.preflight_blocked_at».
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/database/migrations/2026_05_24_100000_*.php db/migrations/2026_05_24_balance_freeze_log.sql db/schema.sql db/CHANGELOG_schema.md
-git commit -m "feat(billing-v2-c): миграция — флаги заморозки баланса + balance_freeze_log"
-```
-
----
-
-### Task 1.2: `BalancePreflightService` — pure-проверка платёжеспособности
-
-**Files:**
-- Create: `app/app/Services/Billing/BalancePreflightService.php`
-- Create: `app/app/Services/Billing/PreflightResult.php`
-- Test: `app/tests/Unit/Billing/BalancePreflightServiceTest.php`
-
-- [ ] **Step 1: Написать failing-тест**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\PricingTier;
-use App\Services\Billing\BalancePreflightService;
-use Illuminate\Database\Eloquent\Collection;
-
-function makeTiers(): Collection
-{
-    // 1 ступень: цена 50₽/лид (5000 копеек), безлимитная.
-    return new Collection([
-        new PricingTier(['tier_no' => 1, 'leads_in_tier' => null, 'price_per_lead_kopecks' => 5000, 'is_active' => true]),
-    ]);
-}
-
-it('passes when balance covers full daily limit', function () {
-    $service = new BalancePreflightService();
-    // 2000₽ / 50₽ = 40 лидов capacity; нужно 30 → проходит.
-    $result = $service->evaluate(
-        balanceRub: '2000.00',
-        deliveredInMonth: 0,
-        requiredLeads: 30,
-        tiers: makeTiers(),
-    );
-
-    expect($result->passes)->toBeTrue();
-    expect($result->capacityLeads)->toBe(40);
-    expect($result->requiredLeads)->toBe(30);
-    expect($result->deficitLeads)->toBe(0);
-});
-
-it('fails when balance below full daily limit', function () {
-    $service = new BalancePreflightService();
-    // 1000₽ / 50₽ = 20 лидов capacity; нужно 30 → не проходит, дефицит 10.
-    $result = $service->evaluate(
-        balanceRub: '1000.00',
-        deliveredInMonth: 0,
-        requiredLeads: 30,
-        tiers: makeTiers(),
-    );
-
-    expect($result->passes)->toBeFalse();
-    expect($result->capacityLeads)->toBe(20);
-    expect($result->deficitLeads)->toBe(10);
-});
-
-it('passes trivially when requiredLeads is zero', function () {
-    $service = new BalancePreflightService();
-    $result = $service->evaluate('0.00', 0, 0, makeTiers());
-    expect($result->passes)->toBeTrue();
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `cd app && php artisan test --filter=BalancePreflightServiceTest`
-Expected: FAIL — «Class BalancePreflightService not found».
-
-- [ ] **Step 3: Реализовать PreflightResult (DTO)**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Billing;
-
-final class PreflightResult
-{
-    public function __construct(
-        public readonly bool $passes,
-        public readonly int $requiredLeads,
-        public readonly int $capacityLeads,
-        public readonly int $deficitLeads,
-    ) {}
-}
-```
-
-- [ ] **Step 4: Реализовать BalancePreflightService**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Billing;
-
-use Illuminate\Database\Eloquent\Collection;
-
-/**
- * Pure: проходит ли клиент преfflight — хватает ли баланса на ПОЛНЫЙ дневной
- * лимит всех его eligible-проектов по текущему тарифу.
- *
- * Сравнение в ЛИДАХ (capacity vs required), не в рублях — переиспользует
- * BalanceToLeadsConverter::convert, который учитывает 7 ступеней и накопленный
- * месячный объём (deliveredInMonth).
- *
- * Spec: docs/superpowers/specs/2026-05-24-billing-v2-spec-c-preflight-vtb-design.md §3.3
- */
-final class BalancePreflightService
-{
-    public function __construct(
-        private readonly BalanceToLeadsConverter $converter = new BalanceToLeadsConverter(),
-    ) {}
-
-    /**
-     * @param  Collection<int, \App\Models\PricingTier>  $tiers
-     */
-    public function evaluate(
-        string $balanceRub,
-        int $deliveredInMonth,
-        int $requiredLeads,
-        Collection $tiers,
-    ): PreflightResult {
-        if ($requiredLeads <= 0) {
-            return new PreflightResult(true, 0, 0, 0);
-        }
-
-        $capacity = (int) $this->converter->convert($balanceRub, $deliveredInMonth, $tiers)['leads'];
-        $passes = $capacity >= $requiredLeads;
-
-        return new PreflightResult(
-            passes: $passes,
-            requiredLeads: $requiredLeads,
-            capacityLeads: $capacity,
-            deficitLeads: $passes ? 0 : ($requiredLeads - $capacity),
-        );
-    }
-}
-```
-
-- [ ] **Step 5: Запустить — убедиться, что проходит**
-
-Run: `cd app && php artisan test --filter=BalancePreflightServiceTest`
-Expected: PASS (3 теста).
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/app/Services/Billing/BalancePreflightService.php app/app/Services/Billing/PreflightResult.php app/tests/Unit/Billing/BalancePreflightServiceTest.php
-git commit -m "feat(billing-v2-c): BalancePreflightService — pure-проверка платёжеспособности"
-```
-
----
-
-### Task 1.3: Tenant/Project — хелперы платёжеспособности + резолвер eligible-лимита
-
-**Files:**
-- Modify: `app/app/Models/Tenant.php` (метод `requiredLeadsForTomorrow()`, scope, casts флага)
-- Modify: `app/app/Models/Project.php` (cast `preflight_blocked_at`)
-- Test: `app/tests/Feature/Billing/TenantPreflightTest.php`
-
-- [ ] **Step 1: Написать failing-тест**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Project;
-use App\Models\Tenant;
-
-it('sums daily_limit of active eligible projects for required leads', function () {
-    $tenant = Tenant::factory()->create(['balance_rub' => '1000.00']);
-    Project::factory()->for($tenant)->create(['status' => 'active', 'daily_limit' => 10]);
-    Project::factory()->for($tenant)->create(['status' => 'active', 'daily_limit' => 15]);
-    Project::factory()->for($tenant)->create(['status' => 'paused', 'daily_limit' => 100]); // не считается
-
-    expect($tenant->requiredLeadsForTomorrow())->toBe(25);
-});
-
-it('casts frozen_by_balance_at to datetime', function () {
-    $tenant = Tenant::factory()->create(['frozen_by_balance_at' => now()]);
-    expect($tenant->frozen_by_balance_at)->toBeInstanceOf(\Illuminate\Support\Carbon::class);
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `cd app && php artisan test --filter=TenantPreflightTest`
-Expected: FAIL — метод `requiredLeadsForTomorrow` не существует.
-
-- [ ] **Step 3: Реализовать в Tenant**
-
-Добавить в `$casts`: `'frozen_by_balance_at' => 'datetime'`. Добавить в `$fillable`: `'frozen_by_balance_at'`. Метод:
-
-```php
-/**
- * Сумма daily_limit активных проектов — «сколько лидов клиент хочет в день».
- * Используется преfflight'ом как requiredLeads.
- */
-public function requiredLeadsForTomorrow(): int
-{
-    return (int) $this->projects()
-        ->where('status', 'active')
-        ->sum('daily_limit');
-}
-```
-
-В `Project` — `$casts`: `'preflight_blocked_at' => 'datetime'`, `$fillable` += `'preflight_blocked_at'`.
-
-- [ ] **Step 4: Запустить — убедиться, что проходит**
-
-Run: `cd app && php artisan test --filter=TenantPreflightTest`
-Expected: PASS.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/app/Models/Tenant.php app/app/Models/Project.php app/tests/Feature/Billing/TenantPreflightTest.php
-git commit -m "feat(billing-v2-c): Tenant::requiredLeadsForTomorrow + cast флагов заморозки"
-```
-
----
-
-### Task 1.4: `BalancePreflightSweepJob` — ежедневный пересчёт заморозок
-
-**Files:**
-- Create: `app/app/Jobs/Billing/BalancePreflightSweepJob.php`
-- Create: `app/app/Console/Commands/BillingPreflightSweepCommand.php`
-- Modify: `app/routes/console.php` (Schedule @18:00 MSK + heartbeat)
-- Test: `app/tests/Feature/Billing/BalancePreflightSweepJobTest.php`
-
-- [ ] **Step 1: Написать failing-тест**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Jobs\Billing\BalancePreflightSweepJob;
-use App\Models\PricingTier;
-use App\Models\Project;
-use App\Models\Tenant;
-use Illuminate\Support\Facades\Mail;
-use App\Mail\BalanceFrozenMail;
-
-beforeEach(function () {
-    PricingTier::factory()->create(['tier_no' => 1, 'leads_in_tier' => null, 'price_per_lead_kopecks' => 5000, 'is_active' => true]);
-});
-
-it('freezes tenant whose balance no longer covers daily limit', function () {
-    Mail::fake();
-    // 500₽ / 50₽ = 10 лидов; проекты хотят 25 → заморозка.
-    $tenant = Tenant::factory()->create(['balance_rub' => '500.00', 'frozen_by_balance_at' => null]);
-    Project::factory()->for($tenant)->create(['status' => 'active', 'daily_limit' => 25]);
-
-    (new BalancePreflightSweepJob())->handle();
-
-    expect($tenant->fresh()->frozen_by_balance_at)->not->toBeNull();
-    Mail::assertQueued(BalanceFrozenMail::class);
-});
-
-it('unfreezes tenant whose balance now covers daily limit', function () {
-    Mail::fake();
-    // 2000₽ / 50₽ = 40 лидов; хотят 25 → разморозка.
-    $tenant = Tenant::factory()->create(['balance_rub' => '2000.00', 'frozen_by_balance_at' => now()->subDay()]);
-    Project::factory()->for($tenant)->create(['status' => 'active', 'daily_limit' => 25]);
-
-    (new BalancePreflightSweepJob())->handle();
-
-    expect($tenant->fresh()->frozen_by_balance_at)->toBeNull();
-});
-
-it('is idempotent — does not re-freeze already frozen tenant', function () {
-    Mail::fake();
-    $frozenAt = now()->subDay();
-    $tenant = Tenant::factory()->create(['balance_rub' => '0.00', 'frozen_by_balance_at' => $frozenAt]);
-    Project::factory()->for($tenant)->create(['status' => 'active', 'daily_limit' => 25]);
-
-    (new BalancePreflightSweepJob())->handle();
-
-    // Дата заморозки не перезаписана, повторного письма нет.
-    expect($tenant->fresh()->frozen_by_balance_at->timestamp)->toBe($frozenAt->timestamp);
-    Mail::assertNotQueued(BalanceFrozenMail::class);
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `cd app && php artisan test --filter=BalancePreflightSweepJobTest`
-Expected: FAIL — класс не найден.
-
-- [ ] **Step 3: Реализовать Job**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Jobs\Billing;
-
-use App\Mail\BalanceFrozenMail;
-use App\Mail\BalanceUnfrozenMail;
-use App\Models\PricingTier;
-use App\Models\Tenant;
-use App\Services\Billing\BalancePreflightService;
-use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Foundation\Bus\Dispatchable;
-use Illuminate\Queue\InteractsWithQueue;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Mail;
-
-/**
- * Ежедневный преfflight всех тенантов перед формированием заказа поставщику.
- * Запускается cron @18:00 MSK (routes/console.php). См. спек §3.5, §5.2.
- *
- * NB: crm_supplier_worker / системный контекст — джоб бегает без tenant-RLS;
- * запросы к projects/tenants явные по tenant_id (урок Спека B).
- */
-final class BalancePreflightSweepJob implements ShouldQueue
-{
-    use Dispatchable, InteractsWithQueue, Queueable;
-
-    public function handle(): void
-    {
-        $service = new BalancePreflightService();
-        $tiers = PricingTier::query()->where('is_active', true)->get();
-
-        Tenant::query()->whereNull('deleted_at')->chunkById(200, function ($tenants) use ($service, $tiers): void {
-            foreach ($tenants as $tenant) {
-                $this->evaluateTenant($tenant, $service, $tiers);
-            }
-        });
-    }
-
-    private function evaluateTenant(Tenant $tenant, BalancePreflightService $service, $tiers): void
-    {
-        $required = $tenant->requiredLeadsForTomorrow();
-        $result = $service->evaluate(
-            balanceRub: (string) $tenant->balance_rub,
-            deliveredInMonth: (int) $tenant->delivered_in_month,
-            requiredLeads: $required,
-            tiers: $tiers,
-        );
-
-        $isFrozen = $tenant->frozen_by_balance_at !== null;
-
-        // Переход active → frozen
-        if (! $result->passes && ! $isFrozen) {
-            $tenant->frozen_by_balance_at = now();
-            $tenant->save();
-            $this->logEvent($tenant, 'frozen', 'cutoff_18msk', $result);
-            Mail::to($tenant->email)->queue(new BalanceFrozenMail($tenant, $result));
-
-            return;
-        }
-
-        // Переход frozen → active
-        if ($result->passes && $isFrozen) {
-            $tenant->frozen_by_balance_at = null;
-            $tenant->save();
-            $this->logEvent($tenant, 'unfrozen', 'cutoff_18msk', $result);
-            Mail::to($tenant->email)->queue(new BalanceUnfrozenMail($tenant, $result));
-
-            return;
-        }
-        // Иначе состояние не изменилось — ничего не делаем (идемпотентность).
-    }
-
-    private function logEvent(Tenant $tenant, string $event, string $trigger, $result): void
-    {
-        DB::connection('pgsql_supplier')->table('balance_freeze_log')->insert([
-            'tenant_id' => $tenant->id,
-            'event_type' => $event,
-            'triggered_by' => $trigger,
-            'balance_rub_at_event' => $tenant->balance_rub,
-            'required_leads' => $result->requiredLeads,
-            'capacity_leads' => $result->capacityLeads,
-            'total_daily_limit' => $result->requiredLeads,
-            'details' => json_encode(['deficit_leads' => $result->deficitLeads]),
-            'created_at' => now(),
-        ]);
-    }
-}
-```
-
-- [ ] **Step 4: Реализовать Console-команду**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Console\Commands;
-
-use App\Jobs\Billing\BalancePreflightSweepJob;
-use Illuminate\Console\Command;
-
-final class BillingPreflightSweepCommand extends Command
-{
-    protected $signature = 'billing:preflight-sweep';
-
-    protected $description = 'Ежедневный преfflight баланса — заморозка/разморозка тенантов (cut-off 18:00 MSK)';
-
-    public function handle(): int
-    {
-        (new BalancePreflightSweepJob())->handle();
-        $this->info('Преfflight sweep завершён.');
-
-        return self::SUCCESS;
-    }
-}
-```
-
-- [ ] **Step 5: Зарегистрировать в Schedule (routes/console.php)**
-
-Добавить после существующих задач (с heartbeat-обёрткой по образцу `projects:reset-delivered-today`):
-
-```php
-// Спек C §3.2: преfflight баланса в 18:00 MSK — формирование заказа поставщику без «бедных» клиентов.
-Schedule::command('billing:preflight-sweep')
-    ->dailyAt('18:00')
-    ->timezone('Europe/Moscow')
-    ->before(fn () => $startTimes['billing:preflight-sweep'] = microtime(true))
-    ->onSuccess(function () use ($hb, &$startTimes): void {
-        $name = 'billing:preflight-sweep';
-        $ms = isset($startTimes[$name]) ? (int) ((microtime(true) - $startTimes[$name]) * 1000) : null;
-        $hb->recordRunResult($name, true, null, $ms);
-    })
-    ->onFailure(function () use ($hb): void {
-        $hb->recordRunResult('billing:preflight-sweep', false, 'Command failed', null);
-    });
-```
-
-**ВАЖНО:** `billing:preflight-sweep` @18:00 должен идти **до** `SyncSupplierProjectsJob` (если тот в расписании). Проверить порядок и при необходимости сдвинуть Sync на 18:05.
-
-- [ ] **Step 6: Запустить — убедиться, что проходит**
-
-Run: `cd app && php artisan test --filter=BalancePreflightSweepJobTest`
-Expected: PASS (3 теста).
-
-- [ ] **Step 7: Commit**
-
-```bash
-git add app/app/Jobs/Billing/BalancePreflightSweepJob.php app/app/Console/Commands/BillingPreflightSweepCommand.php app/routes/console.php app/tests/Feature/Billing/BalancePreflightSweepJobTest.php
-git commit -m "feat(billing-v2-c): BalancePreflightSweepJob + cron 18:00 MSK"
-```
-
----
-
-### Task 1.5: Mailable — 4 письма заморозки/разморозки
-
-**Files:**
-- Create: `app/app/Mail/BalanceFrozenMail.php` + `app/app/Mail/BalanceFrozenReminderMail.php` + `app/app/Mail/BalanceFrozenFinalMail.php` + `app/app/Mail/BalanceUnfrozenMail.php`
-- Create: 4 blade-шаблона в `app/resources/views/emails/billing/`
-- Test: `app/tests/Feature/Billing/BalanceFreezeMailTest.php`
-
-- [ ] **Step 1: Написать failing-тест**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Mail\BalanceFrozenMail;
-use App\Models\Tenant;
-use App\Services\Billing\PreflightResult;
-
-it('renders frozen mail with deficit', function () {
-    $tenant = Tenant::factory()->create(['name' => 'ООО Альфа']);
-    $result = new PreflightResult(false, 30, 20, 10);
-
-    $mail = new BalanceFrozenMail($tenant, $result);
-    $rendered = $mail->render();
-
-    expect($rendered)->toContain('приостановлен');
-    expect($rendered)->toContain('10'); // дефицит лидов
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `cd app && php artisan test --filter=BalanceFreezeMailTest`
-Expected: FAIL — класс не найден.
-
-- [ ] **Step 3: Реализовать BalanceFrozenMail** (остальные 3 — по образцу, см. ниже)
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Mail;
-
-use App\Models\Tenant;
-use App\Services\Billing\PreflightResult;
-use Illuminate\Bus\Queueable;
-use Illuminate\Mail\Mailable;
-use Illuminate\Mail\Mailables\Content;
-use Illuminate\Mail\Mailables\Envelope;
-use Illuminate\Queue\SerializesModels;
-
-final class BalanceFrozenMail extends Mailable
-{
-    use Queueable, SerializesModels;
-
-    public function __construct(
-        public readonly Tenant $tenant,
-        public readonly PreflightResult $result,
-    ) {}
-
-    public function envelope(): Envelope
-    {
-        return new Envelope(subject: 'Приём лидов приостановлен — недостаточно баланса');
-    }
-
-    public function content(): Content
-    {
-        return new Content(markdown: 'emails.billing.frozen', with: [
-            'tenantName' => $this->tenant->name,
-            'deficitLeads' => $this->result->deficitLeads,
-            'capacityLeads' => $this->result->capacityLeads,
-            'requiredLeads' => $this->result->requiredLeads,
-        ]);
-    }
-}
-```
-
-- [ ] **Step 4: Реализовать 3 остальных Mailable** по тому же образцу:
-  - `BalanceFrozenReminderMail` — subject «Приём лидов всё ещё приостановлен», шаблон `emails.billing.frozen-reminder`.
-  - `BalanceFrozenFinalMail` — subject «Приём приостановлен 3 дня», шаблон `emails.billing.frozen-final`.
-  - `BalanceUnfrozenMail` — subject «Приём лидов возобновлён», шаблон `emails.billing.unfrozen` (принимает `Tenant` + `PreflightResult`).
-
-- [ ] **Step 5: Создать 4 markdown-шаблона** в `app/resources/views/emails/billing/`. Пример `frozen.blade.php`:
-
-```blade
-<x-mail::message>
-# Приём лидов приостановлен
-
-Здравствуйте, {{ $tenantName }}.
-
-На вашем счёте не хватает баланса на дневной заказ лидов.
-
-- Доступно по балансу: **{{ $capacityLeads }}** лидов
-- Заказано проектами: **{{ $requiredLeads }}** лидов
-- Не хватает: **{{ $deficitLeads }}** лидов
-
-Чтобы возобновить приём — пополните баланс или сократите лимиты проектов до 18:00 МСК.
-
-<x-mail::button :url="config('app.url').'/billing'">
-Перейти в кабинет
-</x-mail::button>
-
-С уважением, Лидерра.
-</x-mail::message>
-```
-
-- [ ] **Step 6: Запустить — убедиться, что проходит**
-
-Run: `cd app && php artisan test --filter=BalanceFreezeMailTest`
-Expected: PASS.
-
-- [ ] **Step 7: Commit**
-
-```bash
-git add app/app/Mail/Balance*.php app/resources/views/emails/billing/ app/tests/Feature/Billing/BalanceFreezeMailTest.php
-git commit -m "feat(billing-v2-c): 4 Mailable заморозки/разморозки баланса"
-```
-
----
-
-### Task 1.6: Повторные письма — reminder через 1 день + final через 3 дня
-
-**Files:**
-- Create: `app/app/Jobs/Billing/BalanceFrozenReminderJob.php`
-- Modify: `app/routes/console.php` (Schedule daily + heartbeat)
-- Test: `app/tests/Feature/Billing/BalanceFrozenReminderJobTest.php`
-
-- [ ] **Step 1: Написать failing-тест**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Jobs\Billing\BalanceFrozenReminderJob;
-use App\Mail\BalanceFrozenFinalMail;
-use App\Mail\BalanceFrozenReminderMail;
-use App\Models\Tenant;
-use Illuminate\Support\Facades\Mail;
-
-it('sends reminder ~1 day after freeze', function () {
-    Mail::fake();
-    Tenant::factory()->create(['frozen_by_balance_at' => now()->subHours(25)]);
-
-    (new BalanceFrozenReminderJob())->handle();
-
-    Mail::assertQueued(BalanceFrozenReminderMail::class);
-});
-
-it('sends final ~3 days after freeze', function () {
-    Mail::fake();
-    Tenant::factory()->create(['frozen_by_balance_at' => now()->subHours(73)]);
-
-    (new BalanceFrozenReminderJob())->handle();
-
-    Mail::assertQueued(BalanceFrozenFinalMail::class);
-});
-
-it('sends nothing for freshly frozen tenant', function () {
-    Mail::fake();
-    Tenant::factory()->create(['frozen_by_balance_at' => now()->subHours(2)]);
-
-    (new BalanceFrozenReminderJob())->handle();
-
-    Mail::assertNotQueued(BalanceFrozenReminderMail::class);
-    Mail::assertNotQueued(BalanceFrozenFinalMail::class);
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `cd app && php artisan test --filter=BalanceFrozenReminderJobTest`
-Expected: FAIL.
-
-- [ ] **Step 3: Реализовать Job** (throttle через колонки-маркеры или `mail_log`; для простоты — окно по `frozen_by_balance_at` + проверка ещё-не-слано через `balance_freeze_log` details)
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Jobs\Billing;
-
-use App\Mail\BalanceFrozenFinalMail;
-use App\Mail\BalanceFrozenReminderMail;
-use App\Models\Tenant;
-use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Foundation\Bus\Dispatchable;
-use Illuminate\Queue\InteractsWithQueue;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Mail;
-
-/**
- * Повторные письма заморозки: reminder в окне 24-48ч, final в окне 72-96ч.
- * Throttle через balance_freeze_log (event_type 'reminder_sent' / 'final_sent').
- * Запускается раз в сутки (routes/console.php). Спек §3.7.
- */
-final class BalanceFrozenReminderJob implements ShouldQueue
-{
-    use Dispatchable, InteractsWithQueue, Queueable;
-
-    public function handle(): void
-    {
-        Tenant::query()
-            ->whereNotNull('frozen_by_balance_at')
-            ->chunkById(200, function ($tenants): void {
-                foreach ($tenants as $tenant) {
-                    $hours = now()->diffInHours($tenant->frozen_by_balance_at);
-
-                    if ($hours >= 24 && $hours < 48 && ! $this->alreadySent($tenant->id, 'reminder_sent')) {
-                        Mail::to($tenant->email)->queue(new BalanceFrozenReminderMail($tenant));
-                        $this->mark($tenant->id, 'reminder_sent');
-                    } elseif ($hours >= 72 && $hours < 96 && ! $this->alreadySent($tenant->id, 'final_sent')) {
-                        Mail::to($tenant->email)->queue(new BalanceFrozenFinalMail($tenant));
-                        $this->mark($tenant->id, 'final_sent');
-                    }
-                }
-            });
-    }
-
-    private function alreadySent(int $tenantId, string $marker): bool
-    {
-        return DB::connection('pgsql_supplier')->table('balance_freeze_log')
-            ->where('tenant_id', $tenantId)
-            ->where('event_type', $marker)
-            ->where('created_at', '>=', now()->subDays(5))
-            ->exists();
-    }
-
-    private function mark(int $tenantId, string $marker): void
-    {
-        DB::connection('pgsql_supplier')->table('balance_freeze_log')->insert([
-            'tenant_id' => $tenantId,
-            'event_type' => $marker,
-            'triggered_by' => 'reminder_cron',
-            'balance_rub_at_event' => 0,
-            'required_leads' => 0,
-            'capacity_leads' => 0,
-            'total_daily_limit' => 0,
-            'details' => null,
-            'created_at' => now(),
-        ]);
-    }
-}
-```
-
-**NB:** `BalanceFrozenReminderMail`/`BalanceFrozenFinalMail` конструкторы из Task 1.5 принимают только `Tenant` (без PreflightResult) — согласовать сигнатуру. Если в Task 1.5 они приняли `PreflightResult` — здесь пересчитать или упростить конструктор до `Tenant`. **Решение: эти два письма принимают только `Tenant`** (reminder/final не несут свежий дефицит).
-
-- [ ] **Step 4: Зарегистрировать в Schedule** (daily @ 18:30 MSK, после основного sweep + heartbeat-обёртка по образцу Task 1.4 Step 5).
-
-- [ ] **Step 5: Запустить — убедиться, что проходит**
-
-Run: `cd app && php artisan test --filter=BalanceFrozenReminderJobTest`
-Expected: PASS (3 теста).
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/app/Jobs/Billing/BalanceFrozenReminderJob.php app/routes/console.php app/tests/Feature/Billing/BalanceFrozenReminderJobTest.php
-git commit -m "feat(billing-v2-c): повторные письма заморозки (reminder +1д, final +3д)"
-```
-
----
-
-### Task 1.7: `ProjectController` — преfflight при создании/правке проекта
-
-**Files:**
-- Modify: `app/app/Http/Controllers/Api/ProjectController.php` (store + update — 409 при перегрузке)
-- Test: `app/tests/Feature/Project/ProjectPreflightTest.php`
-
-- [ ] **Step 1: Написать failing-тест**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\PricingTier;
-use App\Models\Project;
-use App\Models\Tenant;
-use App\Models\User;
-
-beforeEach(function () {
-    PricingTier::factory()->create(['tier_no' => 1, 'leads_in_tier' => null, 'price_per_lead_kopecks' => 5000, 'is_active' => true]);
-});
-
-it('returns 409 when new project overloads balance', function () {
-    $tenant = Tenant::factory()->create(['balance_rub' => '1000.00']); // = 20 лидов
-    $user = User::factory()->for($tenant)->create();
-
-    $resp = $this->actingAs($user)->postJson('/api/projects', [
-        'name' => 'Тест',
-        'daily_limit' => 30, // > 20 capacity
-        // ... прочие обязательные поля проекта
-    ]);
-
-    $resp->assertStatus(409);
-    $resp->assertJsonPath('error', 'balance_insufficient');
-    $resp->assertJsonPath('deficit_leads', 10);
-});
-
-it('creates blocked project when force_save_blocked=true', function () {
-    $tenant = Tenant::factory()->create(['balance_rub' => '1000.00']);
-    $user = User::factory()->for($tenant)->create();
-
-    $resp = $this->actingAs($user)->postJson('/api/projects', [
-        'name' => 'Тест',
-        'daily_limit' => 30,
-        'force_save_blocked' => true,
-    ]);
-
-    $resp->assertStatus(201);
-    expect(Project::first()->preflight_blocked_at)->not->toBeNull();
-});
-
-it('creates normally when within balance', function () {
-    $tenant = Tenant::factory()->create(['balance_rub' => '2000.00']); // = 40 лидов
-    $user = User::factory()->for($tenant)->create();
-
-    $resp = $this->actingAs($user)->postJson('/api/projects', [
-        'name' => 'Тест',
-        'daily_limit' => 30,
-    ]);
-
-    $resp->assertStatus(201);
-    expect(Project::first()->preflight_blocked_at)->toBeNull();
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `cd app && php artisan test --filter=ProjectPreflightTest`
-Expected: FAIL — 409 не возвращается (создаёт нормально).
-
-- [ ] **Step 3: Реализовать преfflight-проверку в `ProjectController::store`** (и аналогично `update`)
-
-Вставить ПОСЛЕ валидации, ДО создания проекта:
-
-```php
-// Спек C §3.4: преfflight при создании — если сумма лимитов перевешивает баланс.
-$tenant = $request->user()->tenant;
-$tiers = \App\Models\PricingTier::query()->where('is_active', true)->get();
-$service = new \App\Services\Billing\BalancePreflightService();
-
-$existingLimit = (int) $tenant->projects()->where('status', 'active')->sum('daily_limit');
-$wouldBeRequired = $existingLimit + (int) $validated['daily_limit'];
-
-$result = $service->evaluate(
-    balanceRub: (string) $tenant->balance_rub,
-    deliveredInMonth: (int) $tenant->delivered_in_month,
-    requiredLeads: $wouldBeRequired,
-    tiers: $tiers,
-);
-
-$forceSaveBlocked = (bool) ($validated['force_save_blocked'] ?? false);
-
-if (! $result->passes && ! $forceSaveBlocked) {
-    return response()->json([
-        'error' => 'balance_insufficient',
-        'current_balance_rub' => (string) $tenant->balance_rub,
-        'current_capacity_leads' => $result->capacityLeads,
-        'would_be_required_leads' => $wouldBeRequired,
-        'deficit_leads' => $result->deficitLeads,
-    ], 409);
-}
-
-// в массив создания проекта:
-// 'preflight_blocked_at' => (! $result->passes && $forceSaveBlocked) ? now() : null,
-```
-
-Добавить `force_save_blocked` в валидацию как `nullable|boolean`.
-
-- [ ] **Step 4: Запустить — убедиться, что проходит**
-
-Run: `cd app && php artisan test --filter=ProjectPreflightTest`
-Expected: PASS (3 теста).
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/app/Http/Controllers/Api/ProjectController.php app/tests/Feature/Project/ProjectPreflightTest.php
-git commit -m "feat(billing-v2-c): ProjectController преfflight — 409 при перегрузке баланса"
-```
-
----
-
-### Task 1.8: Фильтр frozen-проектов в `SyncSupplierProjectsJob`
-
-**Files:**
-- Modify: `app/app/Jobs/Supplier/SyncSupplierProjectsJob.php` (исключить frozen перед allocator)
-- Test: `app/tests/Feature/Supplier/SyncSupplierPreflightFilterTest.php`
-
-- [ ] **Step 1: Написать failing-тест**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Project;
-use App\Models\Tenant;
-
-it('excludes projects of frozen tenants from supplier order', function () {
-    // Тенант заморожен — его проекты не должны попасть в eligible-набор allocator'а.
-    $frozenTenant = Tenant::factory()->create(['frozen_by_balance_at' => now()]);
-    Project::factory()->for($frozenTenant)->create(['status' => 'active', 'daily_limit' => 50]);
-
-    $activeTenant = Tenant::factory()->create(['frozen_by_balance_at' => null]);
-    Project::factory()->for($activeTenant)->create(['status' => 'active', 'daily_limit' => 30]);
-
-    // Вызвать метод сбора eligible-проектов и проверить, что frozen исключён.
-    // (точная точка интеграции зависит от структуры Job — см. реализацию)
-    $eligible = app(\App\Jobs\Supplier\SyncSupplierProjectsJob::class)->collectEligibleProjects(now());
-
-    $tenantIds = $eligible->pluck('tenant_id')->unique()->all();
-    expect($tenantIds)->not->toContain($frozenTenant->id);
-    expect($tenantIds)->toContain($activeTenant->id);
-});
-
-it('excludes individually preflight-blocked projects', function () {
-    $tenant = Tenant::factory()->create(['frozen_by_balance_at' => null]);
-    Project::factory()->for($tenant)->create(['status' => 'active', 'daily_limit' => 30, 'preflight_blocked_at' => null]);
-    $blocked = Project::factory()->for($tenant)->create(['status' => 'active', 'daily_limit' => 20, 'preflight_blocked_at' => now()]);
-
-    $eligible = app(\App\Jobs\Supplier\SyncSupplierProjectsJob::class)->collectEligibleProjects(now());
-
-    expect($eligible->pluck('id')->all())->not->toContain($blocked->id);
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `cd app && php artisan test --filter=SyncSupplierPreflightFilterTest`
-Expected: FAIL — frozen-проекты попадают в набор.
-
-- [ ] **Step 3: Реализовать фильтр**
-
-Найти в `SyncSupplierProjectsJob` место, где собираются eligible-проекты (метод `collectEligibleProjects` или inline-запрос). Добавить два условия:
-
-```php
-->whereNull('preflight_blocked_at')           // точечная перегрузка проекта
-->whereHas('tenant', function ($q) {           // пассивная заморозка тенанта
-    $q->whereNull('frozen_by_balance_at');
-})
-```
-
-Если в Job нет выделенного метода `collectEligibleProjects` — выделить его рефакторингом (для тестируемости) и вызвать из `handle()`.
-
-- [ ] **Step 4: Запустить — убедиться, что проходит**
-
-Run: `cd app && php artisan test --filter=SyncSupplierPreflightFilterTest`
-Expected: PASS (2 теста).
-
-- [ ] **Step 5: Прогнать существующие supplier-тесты на регресс**
-
-Run: `cd app && php artisan test --filter=SyncSupplier`
-Expected: всё GREEN — формула не изменилась, только вход отфильтрован.
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/app/Jobs/Supplier/SyncSupplierProjectsJob.php app/tests/Feature/Supplier/SyncSupplierPreflightFilterTest.php
-git commit -m "feat(billing-v2-c): SyncSupplierProjectsJob исключает frozen-проекты из заказа"
-```
-
----
-
-### Task 1.9: One-time команда `billing:preflight-initial-sweep`
-
-**Files:**
-- Create: `app/app/Console/Commands/BillingPreflightInitialSweepCommand.php`
-- Test: `app/tests/Feature/Billing/BillingPreflightInitialSweepTest.php`
-
-- [ ] **Step 1: Написать failing-тест**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\PricingTier;
-use App\Models\Project;
-use App\Models\Tenant;
-use Illuminate\Support\Facades\Mail;
-
-it('freezes pre-existing underfunded tenants on first run', function () {
-    Mail::fake();
-    PricingTier::factory()->create(['tier_no' => 1, 'leads_in_tier' => null, 'price_per_lead_kopecks' => 5000, 'is_active' => true]);
-
-    $tenant = Tenant::factory()->create(['balance_rub' => '0.00', 'frozen_by_balance_at' => null]);
-    Project::factory()->for($tenant)->create(['status' => 'active', 'daily_limit' => 25]);
-
-    $this->artisan('billing:preflight-initial-sweep')->assertSuccessful();
-
-    expect($tenant->fresh()->frozen_by_balance_at)->not->toBeNull();
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `cd app && php artisan test --filter=BillingPreflightInitialSweepTest`
-Expected: FAIL — команда не существует.
-
-- [ ] **Step 3: Реализовать команду** (переиспользует `BalancePreflightSweepJob`, отличается стартовым письмом-пояснением — для MVP можно вызвать тот же sweep)
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Console\Commands;
-
-use App\Jobs\Billing\BalancePreflightSweepJob;
-use Illuminate\Console\Command;
-
-/**
- * One-time: при выкатке преfflight прогнать всех тенантов и заморозить
- * недофинансированных. Запускается ОДИН раз вручную после миграции. Спек §3.9.
- */
-final class BillingPreflightInitialSweepCommand extends Command
-{
-    protected $signature = 'billing:preflight-initial-sweep';
-
-    protected $description = 'Разовый преfflight при внедрении — заморозить недофинансированных тенантов';
-
-    public function handle(): int
-    {
-        $this->warn('Разовый преfflight всех тенантов. Запускать ОДИН раз после выкатки.');
-        (new BalancePreflightSweepJob())->handle();
-        $this->info('Initial sweep завершён.');
-
-        return self::SUCCESS;
-    }
-}
-```
-
-- [ ] **Step 4: Запустить — убедиться, что проходит**
-
-Run: `cd app && php artisan test --filter=BillingPreflightInitialSweepTest`
-Expected: PASS.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/app/Console/Commands/BillingPreflightInitialSweepCommand.php app/tests/Feature/Billing/BillingPreflightInitialSweepTest.php
-git commit -m "feat(billing-v2-c): one-time billing:preflight-initial-sweep"
-```
-
----
-
-### Task 1.10: Frontend — баннер заморозки + индикатор ёмкости + диалог перегрузки
-
-**Files:**
-- Create: `app/resources/js/components/billing/BalanceFrozenBanner.vue`
-- Create: `app/resources/js/components/billing/BalanceCapacityIndicator.vue`
-- Create: `app/resources/js/components/projects/ProjectLimitOverloadDialog.vue`
-- Modify: `app/resources/js/layouts/AppLayout.vue` (вставить баннер)
-- Modify: проектную форму (где создаётся/правится проект) — перехват 409
-- Test: `app/resources/js/components/billing/__tests__/BalanceCapacityIndicator.spec.ts` + `ProjectLimitOverloadDialog.spec.ts`
-
-- [ ] **Step 1: Написать failing Vitest на индикатор**
-
-```ts
-import { mount } from '@vue/test-utils'
-import { describe, it, expect } from 'vitest'
-import BalanceCapacityIndicator from '../BalanceCapacityIndicator.vue'
-
-describe('BalanceCapacityIndicator', () => {
-  it('shows green when capacity exceeds required by 3+ days', () => {
-    const w = mount(BalanceCapacityIndicator, {
-      props: { balanceRub: '3000.00', capacityLeads: 90, requiredLeadsPerDay: 25 },
-    })
-    expect(w.text()).toContain('90')
-    expect(w.classes()).toContain('capacity-ok')
-  })
-
-  it('shows red when capacity below required', () => {
-    const w = mount(BalanceCapacityIndicator, {
-      props: { balanceRub: '500.00', capacityLeads: 10, requiredLeadsPerDay: 25 },
-    })
-    expect(w.classes()).toContain('capacity-insufficient')
-  })
-})
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `cd app && npm run test:vue -- BalanceCapacityIndicator`
-Expected: FAIL — компонент не существует.
-
-- [ ] **Step 3: Реализовать `BalanceCapacityIndicator.vue`**
-
-```vue
-<script setup lang="ts">
-import { computed } from 'vue'
-
-const props = defineProps<{
-  balanceRub: string
-  capacityLeads: number
-  requiredLeadsPerDay: number
-}>()
-
-const daysLeft = computed(() =>
-  props.requiredLeadsPerDay > 0 ? props.capacityLeads / props.requiredLeadsPerDay : Infinity,
-)
-
-const statusClass = computed(() => {
-  if (props.capacityLeads < props.requiredLeadsPerDay) return 'capacity-insufficient'
-  if (daysLeft.value < 3) return 'capacity-warning'
-  return 'capacity-ok'
-})
-</script>
-
-<template>
-  <div class="balance-capacity" :class="statusClass">
-    <span>Баланс: {{ balanceRub }}₽ = до {{ capacityLeads }} лидов по тарифу</span>
-    <span>Проекты заказывают: {{ requiredLeadsPerDay }} лидов в день</span>
-    <span v-if="statusClass === 'capacity-insufficient'">⚠️ Не хватает — пополните счёт</span>
-    <span v-else-if="statusClass === 'capacity-warning'">Хватит на ~{{ daysLeft.toFixed(1) }} дн. — скоро потребуется пополнение</span>
-    <span v-else>✅ Хватит на ~{{ daysLeft.toFixed(1) }} дн.</span>
-  </div>
-</template>
-
-<style scoped>
-.capacity-ok { color: rgb(var(--v-theme-success)); }
-.capacity-warning { color: rgb(var(--v-theme-warning)); }
-.capacity-insufficient { color: rgb(var(--v-theme-error)); }
-</style>
-```
-
-- [ ] **Step 4: Реализовать `BalanceFrozenBanner.vue`** (красный баннер, показывается когда `tenant.frozen_by_balance_at !== null`, читает из tenantStore; две кнопки «Пополнить счёт» / «Перейти к проектам»).
-
-- [ ] **Step 5: Реализовать `ProjectLimitOverloadDialog.vue`** (модалка, принимает 409-payload, 3 кнопки: «Сохранить и приостановить» → emit с `force_save_blocked=true`; «Поставить лимит 0» → emit с `daily_limit=0`; «Отмена» → close).
-
-- [ ] **Step 6: Написать Vitest на диалог** (рендер payload, эмит правильных событий по кнопкам).
-
-- [ ] **Step 7: Встроить баннер в `AppLayout.vue`** + перехват 409 в проектной форме (открыть диалог).
-
-- [ ] **Step 8: Запустить Vitest**
-
-Run: `cd app && npm run test:vue -- BalanceCapacityIndicator ProjectLimitOverloadDialog`
-Expected: PASS.
-
-- [ ] **Step 9: Commit**
-
-```bash
-git add app/resources/js/components/billing/ app/resources/js/components/projects/ProjectLimitOverloadDialog.vue app/resources/js/layouts/AppLayout.vue
-git commit -m "feat(billing-v2-c): UI преfflight — баннер, индикатор ёмкости, диалог перегрузки"
-```
-
----
-
-## Phase 2 — Безнал (PDF-счёт) + админка пополнений
-
-### Task 2.1: Миграция БД — реквизиты тенанта + topup_sessions
-
-**Files:**
-- Create: `app/database/migrations/2026_05_24_110000_add_legal_entity_and_topup_sessions.php`
-- Create: `db/migrations/2026_05_24_topup_sessions.sql` (prod-синк)
-- Modify: `db/schema.sql` + `db/CHANGELOG_schema.md`
-
-- [ ] **Step 1: Написать миграцию**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Database\Migrations\Migration;
-use Illuminate\Support\Facades\DB;
-
-return new class extends Migration
-{
-    public function up(): void
-    {
-        // Реквизиты юр.лица тенанта (для счёта-фактуры).
-        DB::statement("ALTER TABLE tenants ADD COLUMN IF NOT EXISTS legal_entity_name VARCHAR(255)");
-        DB::statement("ALTER TABLE tenants ADD COLUMN IF NOT EXISTS legal_entity_inn VARCHAR(12)");
-        DB::statement("ALTER TABLE tenants ADD COLUMN IF NOT EXISTS legal_entity_kpp VARCHAR(9)");
-        DB::statement("ALTER TABLE tenants ADD COLUMN IF NOT EXISTS legal_entity_address TEXT");
-        DB::statement("ALTER TABLE tenants ADD COLUMN IF NOT EXISTS legal_entity_form VARCHAR(20)");
-
-        // Журнал платёжных сессий — создаём через pgsql_supplier (prod-роли).
-        $supplier = DB::connection('pgsql_supplier');
-        $supplier->statement(<<<'SQL'
-            CREATE TABLE IF NOT EXISTS topup_sessions (
-                id BIGSERIAL PRIMARY KEY,
-                tenant_id BIGINT NOT NULL REFERENCES tenants(id),
-                user_id BIGINT REFERENCES users(id),
-                method VARCHAR(20) NOT NULL,
-                amount_rub DECIMAL(12,2) NOT NULL,
-                provider_ref VARCHAR(100),
-                status VARCHAR(20) NOT NULL DEFAULT 'pending',
-                matched_at TIMESTAMP,
-                confirmed_at TIMESTAMP,
-                confirmed_by BIGINT REFERENCES users(id),
-                failed_reason VARCHAR(500),
-                metadata JSONB,
-                created_at TIMESTAMP NOT NULL DEFAULT now(),
-                updated_at TIMESTAMP NOT NULL DEFAULT now()
-            )
-        SQL);
-        $supplier->statement('ALTER TABLE topup_sessions ENABLE ROW LEVEL SECURITY');
-        $supplier->statement(<<<'SQL'
-            CREATE POLICY tenant_isolation ON topup_sessions
-            USING (tenant_id = current_setting('app.current_tenant_id', true)::bigint)
-        SQL);
-        $supplier->statement('CREATE UNIQUE INDEX IF NOT EXISTS topup_sessions_provider_ref_uidx ON topup_sessions (provider_ref) WHERE provider_ref IS NOT NULL');
-        $supplier->statement('CREATE INDEX IF NOT EXISTS topup_sessions_status_idx ON topup_sessions (status, created_at DESC)');
-
-        foreach (['crm_app_user', 'crm_supplier_worker', 'crm_migrator', 'crm_app_admin'] as $role) {
-            $supplier->statement(<<<SQL
-                DO \$\$
-                BEGIN
-                    IF EXISTS (SELECT 1 FROM pg_roles WHERE rolname = '{$role}') THEN
-                        GRANT SELECT, INSERT, UPDATE ON topup_sessions TO {$role};
-                        GRANT USAGE, SELECT ON SEQUENCE topup_sessions_id_seq TO {$role};
-                    END IF;
-                END
-                \$\$
-            SQL);
-        }
-    }
-
-    public function down(): void
-    {
-        DB::connection('pgsql_supplier')->statement('DROP TABLE IF EXISTS topup_sessions');
-        foreach (['legal_entity_name', 'legal_entity_inn', 'legal_entity_kpp', 'legal_entity_address', 'legal_entity_form'] as $col) {
-            DB::statement("ALTER TABLE tenants DROP COLUMN IF EXISTS {$col}");
-        }
-    }
-};
-```
-
-- [ ] **Step 2: Прогнать миграцию**
-
-Run: `cd app && php artisan migrate --env=testing`
-Expected: DONE без ошибок прав.
-
-- [ ] **Step 3: Синхронизировать `db/schema.sql` + CHANGELOG** (v8.35 → v8.36).
-
-- [ ] **Step 4: Commit**
-
-```bash
-git add app/database/migrations/2026_05_24_110000_*.php db/migrations/2026_05_24_topup_sessions.sql db/schema.sql db/CHANGELOG_schema.md
-git commit -m "feat(billing-v2-c): миграция — реквизиты юр.лица + topup_sessions"
-```
-
----
-
-### Task 2.2: Установить PDF-генератор
-
-**Files:**
-- Modify: `app/composer.json` (+ `barryvdh/laravel-dompdf`)
-
-- [ ] **Step 1: Установить пакет**
-
-Run: `cd app && composer require barryvdh/laravel-dompdf`
-Expected: установлен `barryvdh/laravel-dompdf` (DomPDF-обёртка для Laravel). Auto-discovery подхватит провайдер.
-
-- [ ] **Step 2: Smoke — фасад доступен**
-
-Run: `cd app && php artisan tinker --execute="echo class_exists(\Barryvdh\DomPDF\Facade\Pdf::class) ? 'OK' : 'MISSING';"`
-Expected: `OK`.
-
-- [ ] **Step 3: Commit**
-
-```bash
-git add app/composer.json app/composer.lock
-git commit -m "chore(billing-v2-c): + barryvdh/laravel-dompdf для счетов"
-```
-
----
-
-### Task 2.3: Модель TopupSession + `TopupGatewayInterface` + `BankTransferGateway`
-
-**Files:**
-- Create: `app/app/Models/TopupSession.php`
-- Create: `app/app/Services/Billing/Gateway/TopupGatewayInterface.php`
-- Create: `app/app/Services/Billing/Gateway/TopupSessionResult.php`
-- Create: `app/app/Services/Billing/Gateway/BankTransferGateway.php`
-- Test: `app/tests/Feature/Billing/BankTransferGatewayTest.php`
-
-- [ ] **Step 1: Написать failing-тест**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Tenant;
-use App\Models\TopupSession;
-use App\Models\User;
-use App\Services\Billing\Gateway\BankTransferGateway;
-
-it('creates pending session with unique invoice number', function () {
-    $tenant = Tenant::factory()->create(['legal_entity_name' => 'ООО Альфа', 'legal_entity_inn' => '7700000000']);
-    $user = User::factory()->for($tenant)->create();
-
-    $gateway = new BankTransferGateway();
-    $result = $gateway->createSession($tenant->id, '100000.00', $user->id);
-
-    $session = TopupSession::find($result->sessionId);
-    expect($session->status)->toBe('pending');
-    expect($session->method)->toBe('bank_transfer');
-    expect($session->provider_ref)->toStartWith('SCH-');
-    expect($result->invoiceUrl)->toContain((string) $result->sessionId);
-});
-
-it('rejects bank transfer when legal entity requisites are missing', function () {
-    $tenant = Tenant::factory()->create(['legal_entity_name' => null]);
-    $user = User::factory()->for($tenant)->create();
-
-    $gateway = new BankTransferGateway();
-
-    expect(fn () => $gateway->createSession($tenant->id, '100000.00', $user->id))
-        ->toThrow(\App\Services\Billing\Gateway\MissingRequisitesException::class);
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `cd app && php artisan test --filter=BankTransferGatewayTest`
-Expected: FAIL — классы не найдены.
-
-- [ ] **Step 3: Реализовать модель TopupSession**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Models;
-
-use Illuminate\Database\Eloquent\Model;
-use Illuminate\Database\Eloquent\Relations\BelongsTo;
-
-final class TopupSession extends Model
-{
-    public const STATUS_PENDING = 'pending';
-    public const STATUS_MATCHED = 'matched';
-    public const STATUS_CONFIRMED = 'confirmed';
-    public const STATUS_FAILED = 'failed';
-    public const STATUS_EXPIRED = 'expired';
-
-    public const METHOD_BANK_TRANSFER = 'bank_transfer';
-    public const METHOD_SBP = 'sbp';
-    public const METHOD_CARD = 'card';
-
-    protected $fillable = [
-        'tenant_id', 'user_id', 'method', 'amount_rub', 'provider_ref',
-        'status', 'matched_at', 'confirmed_at', 'confirmed_by', 'failed_reason', 'metadata',
-    ];
-
-    protected $casts = [
-        'amount_rub' => 'decimal:2',
-        'matched_at' => 'datetime',
-        'confirmed_at' => 'datetime',
-        'metadata' => 'array',
-    ];
-
-    public function tenant(): BelongsTo
-    {
-        return $this->belongsTo(Tenant::class);
-    }
-}
-```
-
-- [ ] **Step 4: Реализовать интерфейс + DTO + исключение**
-
-```php
-<?php
-// TopupSessionResult.php
-declare(strict_types=1);
-
-namespace App\Services\Billing\Gateway;
-
-final class TopupSessionResult
-{
-    public function __construct(
-        public readonly int $sessionId,
-        public readonly string $status,
-        public readonly ?string $invoiceUrl = null,
-        public readonly ?string $qrCodeData = null,
-        public readonly ?string $redirectUrl = null,
-    ) {}
-}
-```
-
-```php
-<?php
-// TopupGatewayInterface.php
-declare(strict_types=1);
-
-namespace App\Services\Billing\Gateway;
-
-interface TopupGatewayInterface
-{
-    public function createSession(int $tenantId, string $amountRub, int $userId): TopupSessionResult;
-}
-```
-
-```php
-<?php
-// MissingRequisitesException.php
-declare(strict_types=1);
-
-namespace App\Services\Billing\Gateway;
-
-final class MissingRequisitesException extends \RuntimeException {}
-```
-
-- [ ] **Step 5: Реализовать BankTransferGateway**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Billing\Gateway;
-
-use App\Models\Tenant;
-use App\Models\TopupSession;
-
-/**
- * Безнал — генерация платёжной сессии под счёт PDF. Спек §4.3.
- * Номер счёта SCH-{YYYY}-{tenant_id}-{seq} уникален через (tenant_id, seq).
- */
-final class BankTransferGateway implements TopupGatewayInterface
-{
-    public function createSession(int $tenantId, string $amountRub, int $userId): TopupSessionResult
-    {
-        $tenant = Tenant::findOrFail($tenantId);
-
-        if (empty($tenant->legal_entity_name) || empty($tenant->legal_entity_inn)) {
-            throw new MissingRequisitesException(
-                'Заполните реквизиты юр.лица перед формированием счёта.'
-            );
-        }
-
-        $seq = TopupSession::where('tenant_id', $tenantId)
-            ->where('method', TopupSession::METHOD_BANK_TRANSFER)
-            ->count() + 1;
-        $providerRef = sprintf('SCH-%s-%d-%03d', now()->year, $tenantId, $seq);
-
-        $session = TopupSession::create([
-            'tenant_id' => $tenantId,
-            'user_id' => $userId,
-            'method' => TopupSession::METHOD_BANK_TRANSFER,
-            'amount_rub' => $amountRub,
-            'provider_ref' => $providerRef,
-            'status' => TopupSession::STATUS_PENDING,
-        ]);
-
-        return new TopupSessionResult(
-            sessionId: $session->id,
-            status: $session->status,
-            invoiceUrl: "/api/billing/topup-sessions/{$session->id}/invoice.pdf",
-        );
-    }
-}
-```
-
-- [ ] **Step 6: Запустить — убедиться, что проходит**
-
-Run: `cd app && php artisan test --filter=BankTransferGatewayTest`
-Expected: PASS (2 теста).
-
-- [ ] **Step 7: Commit**
-
-```bash
-git add app/app/Models/TopupSession.php app/app/Services/Billing/Gateway/ app/tests/Feature/Billing/BankTransferGatewayTest.php
-git commit -m "feat(billing-v2-c): TopupSession + TopupGatewayInterface + BankTransferGateway"
-```
-
----
-
-### Task 2.4: PDF-счёт (Blade-шаблон + endpoint)
-
-**Files:**
-- Create: `app/resources/views/pdf/invoice.blade.php`
-- Modify: `app/app/Http/Controllers/Api/BillingController.php` (+ `invoicePdf`)
-- Modify: `app/routes/web.php` (route)
-- Test: `app/tests/Feature/Billing/InvoicePdfTest.php`
-
-- [ ] **Step 1: Написать failing-тест**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Tenant;
-use App\Models\TopupSession;
-use App\Models\User;
-
-it('returns PDF invoice for own session', function () {
-    $tenant = Tenant::factory()->create([
-        'legal_entity_name' => 'ООО Альфа',
-        'legal_entity_inn' => '7700000000',
-    ]);
-    $user = User::factory()->for($tenant)->create();
-    $session = TopupSession::create([
-        'tenant_id' => $tenant->id, 'user_id' => $user->id,
-        'method' => 'bank_transfer', 'amount_rub' => '100000.00',
-        'provider_ref' => 'SCH-2026-1-001', 'status' => 'pending',
-    ]);
-
-    $resp = $this->actingAs($user)->get("/api/billing/topup-sessions/{$session->id}/invoice.pdf");
-
-    $resp->assertOk();
-    expect($resp->headers->get('content-type'))->toContain('application/pdf');
-});
-
-it('forbids access to another tenant session', function () {
-    $tenantA = Tenant::factory()->create(['legal_entity_name' => 'A', 'legal_entity_inn' => '1']);
-    $tenantB = Tenant::factory()->create();
-    $userB = User::factory()->for($tenantB)->create();
-    $session = TopupSession::create([
-        'tenant_id' => $tenantA->id, 'method' => 'bank_transfer',
-        'amount_rub' => '100.00', 'provider_ref' => 'SCH-2026-1-001', 'status' => 'pending',
-    ]);
-
-    $this->actingAs($userB)->get("/api/billing/topup-sessions/{$session->id}/invoice.pdf")
-        ->assertForbidden();
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `cd app && php artisan test --filter=InvoicePdfTest`
-Expected: FAIL — route 404.
-
-- [ ] **Step 3: Создать Blade-шаблон `invoice.blade.php`** (шапка реквизитов Лидерры из config, реквизиты плательщика из tenant, назначение платежа с номером счёта, сумма, срок 5 дней). Минимальный валидный HTML для DomPDF.
-
-- [ ] **Step 4: Реализовать `BillingController::invoicePdf`**
-
-```php
-public function invoicePdf(int $sessionId)
-{
-    $session = \App\Models\TopupSession::findOrFail($sessionId);
-
-    abort_unless($session->tenant_id === auth()->user()->tenant_id, 403);
-
-    $tenant = $session->tenant;
-    $pdf = \Barryvdh\DomPDF\Facade\Pdf::loadView('pdf.invoice', [
-        'session' => $session,
-        'tenant' => $tenant,
-        'liderra' => config('billing.requisites'),
-    ]);
-
-    return $pdf->download("invoice-{$session->provider_ref}.pdf");
-}
-```
-
-Добавить route в `web.php` под auth:sanctum: `Route::get('/api/billing/topup-sessions/{id}/invoice.pdf', [BillingController::class, 'invoicePdf'])`. Добавить `config/billing.php` с `requisites` (название ООО, ИНН, КПП, р/с — placeholder до Б-1).
-
-- [ ] **Step 5: Запустить — убедиться, что проходит**
-
-Run: `cd app && php artisan test --filter=InvoicePdfTest`
-Expected: PASS (2 теста).
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/resources/views/pdf/invoice.blade.php app/app/Http/Controllers/Api/BillingController.php app/routes/web.php app/config/billing.php app/tests/Feature/Billing/InvoicePdfTest.php
-git commit -m "feat(billing-v2-c): PDF-счёт на пополнение + RLS-проверка доступа"
-```
-
----
-
-### Task 2.5: Рефакторинг `BillingTopupService` под gateway + `confirmPayment`
-
-**Files:**
-- Modify: `app/app/Services/Billing/BillingTopupService.php`
-- Test: `app/tests/Feature/Billing/BillingTopupConfirmTest.php`
-
-- [ ] **Step 1: Написать failing-тест**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\BalanceTransaction;
-use App\Models\Tenant;
-use App\Models\TopupSession;
-use App\Models\User;
-use App\Services\Billing\BillingTopupService;
-
-it('confirms matched session and credits balance', function () {
-    $tenant = Tenant::factory()->create(['balance_rub' => '500.00']);
-    $admin = User::factory()->create();
-    $session = TopupSession::create([
-        'tenant_id' => $tenant->id, 'method' => 'bank_transfer',
-        'amount_rub' => '100000.00', 'provider_ref' => 'SCH-2026-1-001', 'status' => 'matched',
-    ]);
-
-    $service = new BillingTopupService();
-    $service->confirmPayment('SCH-2026-1-001', $admin->id);
-
-    expect($tenant->fresh()->balance_rub)->toBe('100500.00');
-    expect($session->fresh()->status)->toBe('confirmed');
-    expect($session->fresh()->confirmed_by)->toBe($admin->id);
-    expect(BalanceTransaction::where('tenant_id', $tenant->id)->where('type', 'topup')->count())->toBe(1);
-});
-
-it('is idempotent — double confirm does not double-credit', function () {
-    $tenant = Tenant::factory()->create(['balance_rub' => '0.00']);
-    $admin = User::factory()->create();
-    TopupSession::create([
-        'tenant_id' => $tenant->id, 'method' => 'bank_transfer',
-        'amount_rub' => '1000.00', 'provider_ref' => 'SCH-2026-1-002', 'status' => 'matched',
-    ]);
-
-    $service = new BillingTopupService();
-    $service->confirmPayment('SCH-2026-1-002', $admin->id);
-    $service->confirmPayment('SCH-2026-1-002', $admin->id); // повтор
-
-    expect($tenant->fresh()->balance_rub)->toBe('1000.00'); // не задвоилось
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `cd app && php artisan test --filter=BillingTopupConfirmTest`
-Expected: FAIL — метод `confirmPayment` не существует.
-
-- [ ] **Step 3: Реализовать `confirmPayment`** (lockForUpdate на tenant + session, idempotent guard на `status !== 'confirmed'`, bcadd, BalanceTransaction с `topup_session_id` в metadata)
-
-```php
-public function confirmPayment(string $providerRef, ?int $adminUserId): ?BalanceTransaction
-{
-    return DB::transaction(function () use ($providerRef, $adminUserId) {
-        $session = TopupSession::where('provider_ref', $providerRef)->lockForUpdate()->firstOrFail();
-
-        if ($session->status === TopupSession::STATUS_CONFIRMED) {
-            return null; // идемпотентность
-        }
-
-        /** @var Tenant $tenant */
-        $tenant = Tenant::lockForUpdate()->findOrFail($session->tenant_id);
-        $newBalance = bcadd((string) $tenant->balance_rub, (string) $session->amount_rub, 2);
-        $tenant->balance_rub = $newBalance;
-        $tenant->save();
-
-        $session->status = TopupSession::STATUS_CONFIRMED;
-        $session->confirmed_at = now();
-        $session->confirmed_by = $adminUserId;
-        $session->save();
-
-        return BalanceTransaction::create([
-            'tenant_id' => $tenant->id,
-            'type' => BalanceTransaction::TYPE_TOPUP,
-            'amount_rub' => $session->amount_rub,
-            'amount_leads' => 0,
-            'balance_rub_after' => $newBalance,
-            'balance_leads_after' => 0,
-            'description' => "Пополнение по счёту {$providerRef}",
-            'user_id' => $adminUserId,
-            'created_at' => now(),
-        ]);
-    });
-}
-```
-
-Сохранить старый метод `topup()` для обратной совместимости (admin adjustBalance его использует) либо переключить на новый flow.
-
-- [ ] **Step 4: Запустить — убедиться, что проходит**
-
-Run: `cd app && php artisan test --filter=BillingTopupConfirmTest`
-Expected: PASS (2 теста).
-
-- [ ] **Step 5: Связка с преfflight — после confirm перепроверить заморозку**
-
-Добавить в конце `confirmPayment` (после коммита транзакции, или внутри): если `tenant.frozen_by_balance_at !== null` — прогнать `BalancePreflightService::evaluate`, и если теперь проходит — снять заморозку + `BalanceUnfrozenMail` + лог. Написать доп. тест `it('unfreezes tenant on topup confirm')`.
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/app/Services/Billing/BillingTopupService.php app/tests/Feature/Billing/BillingTopupConfirmTest.php
-git commit -m "feat(billing-v2-c): BillingTopupService::confirmPayment + авто-разморозка"
-```
-
----
-
-### Task 2.6: `VtbStatementSyncJob` (авто-поиск) + dev-симулятор
-
-**Files:**
-- Create: `app/app/Jobs/Billing/VtbStatementSyncJob.php`
-- Create: `app/app/Console/Commands/VtbStatementSimulateCommand.php` (dev only)
-- Create: `app/app/Services/Billing/VtbBusinessClient.php` (интерфейс + null/dev реализация)
-- Test: `app/tests/Feature/Billing/VtbStatementSyncTest.php`
-
-- [ ] **Step 1: Написать failing-тест**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Tenant;
-use App\Models\TopupSession;
-
-it('matches incoming payment by invoice number in purpose', function () {
-    $tenant = Tenant::factory()->create();
-    $session = TopupSession::create([
-        'tenant_id' => $tenant->id, 'method' => 'bank_transfer',
-        'amount_rub' => '100000.00', 'provider_ref' => 'SCH-2026-1-001', 'status' => 'pending',
-    ]);
-
-    // Симуляция входящей транзакции через dev-команду
-    $this->artisan('billing:vtb-statement-simulate', [
-        'session' => $session->id,
-        '--amount' => '100000.00',
-    ])->assertSuccessful();
-
-    expect($session->fresh()->status)->toBe('matched');
-    expect($session->fresh()->matched_at)->not->toBeNull();
-});
-
-it('does not match when amount differs', function () {
-    $tenant = Tenant::factory()->create();
-    $session = TopupSession::create([
-        'tenant_id' => $tenant->id, 'method' => 'bank_transfer',
-        'amount_rub' => '100000.00', 'provider_ref' => 'SCH-2026-1-002', 'status' => 'pending',
-    ]);
-
-    $this->artisan('billing:vtb-statement-simulate', [
-        'session' => $session->id,
-        '--amount' => '50000.00', // не совпадает
-    ])->assertFailed();
-
-    expect($session->fresh()->status)->toBe('pending');
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `cd app && php artisan test --filter=VtbStatementSyncTest`
-Expected: FAIL — команда не существует.
-
-- [ ] **Step 3: Реализовать `VtbBusinessClient`** — интерфейс `fetchStatement(Carbon $since): array` + `DevVtbBusinessClient` (возвращает пусто; реальная интеграция — после Б-1). Привязать в ServiceProvider по `app()->environment()`.
-
-- [ ] **Step 4: Реализовать матчинг-логику** в `VtbStatementSyncJob::matchTransaction(string $purpose, string $amount)`: парсит `SCH-\d{4}-\d+-\d{3}` из назначения, находит сессию, проверяет совпадение суммы → `status='matched'`, `matched_at=now()`. Если admin-setting `auto_confirm=true` → сразу `BillingTopupService::confirmPayment`.
-
-- [ ] **Step 5: Реализовать dev-команду `billing:vtb-statement-simulate {session} --amount=`** — формирует фейковую транзакцию с `purpose = session.provider_ref` и зовёт тот же матчинг.
-
-- [ ] **Step 6: Зарегистрировать `VtbStatementSyncJob` в Schedule** — каждые 15 минут (`->everyFifteenMinutes()`), но только не-dev (в dev — manual через симулятор). Heartbeat-обёртка.
-
-- [ ] **Step 7: Запустить — убедиться, что проходит**
-
-Run: `cd app && php artisan test --filter=VtbStatementSyncTest`
-Expected: PASS (2 теста).
-
-- [ ] **Step 8: Commit**
-
-```bash
-git add app/app/Jobs/Billing/VtbStatementSyncJob.php app/app/Console/Commands/VtbStatementSimulateCommand.php app/app/Services/Billing/VtbBusinessClient.php app/routes/console.php app/tests/Feature/Billing/VtbStatementSyncTest.php
-git commit -m "feat(billing-v2-c): VtbStatementSyncJob авто-поиск платежа + dev-симулятор"
-```
-
----
-
-### Task 2.7: Админка — журнал ожидающих платежей + подтверждение + настройка режима
-
-**Files:**
-- Create: `app/app/Http/Controllers/Api/Admin/PendingTopupsController.php`
-- Create: `app/app/Http/Controllers/Api/Admin/BillingSettingsController.php`
-- Modify: `app/routes/web.php` (admin routes)
-- Test: `app/tests/Feature/Admin/PendingTopupsTest.php`
-
-- [ ] **Step 1: Написать failing-тест**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Tenant;
-use App\Models\TopupSession;
-use App\Models\User;
-
-it('lists matched and pending sessions for admin', function () {
-    $admin = User::factory()->create(['is_saas_admin' => true]);
-    $tenant = Tenant::factory()->create();
-    TopupSession::create(['tenant_id' => $tenant->id, 'method' => 'bank_transfer', 'amount_rub' => '100.00', 'provider_ref' => 'SCH-1', 'status' => 'matched']);
-    TopupSession::create(['tenant_id' => $tenant->id, 'method' => 'bank_transfer', 'amount_rub' => '200.00', 'provider_ref' => 'SCH-2', 'status' => 'confirmed']);
-
-    $resp = $this->actingAs($admin)->getJson('/api/admin/topup-sessions/pending');
-
-    $resp->assertOk();
-    $resp->assertJsonCount(1, 'data'); // только matched/pending, не confirmed
-});
-
-it('admin confirms a matched payment', function () {
-    $admin = User::factory()->create(['is_saas_admin' => true]);
-    $tenant = Tenant::factory()->create(['balance_rub' => '0.00']);
-    $session = TopupSession::create(['tenant_id' => $tenant->id, 'method' => 'bank_transfer', 'amount_rub' => '5000.00', 'provider_ref' => 'SCH-3', 'status' => 'matched']);
-
-    $this->actingAs($admin)->postJson("/api/admin/topup-sessions/{$session->id}/confirm")->assertOk();
-
-    expect($tenant->fresh()->balance_rub)->toBe('5000.00');
-    expect($session->fresh()->status)->toBe('confirmed');
-});
-
-it('non-admin cannot access pending list', function () {
-    $user = User::factory()->create(['is_saas_admin' => false]);
-    $this->actingAs($user)->getJson('/api/admin/topup-sessions/pending')->assertForbidden();
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `cd app && php artisan test --filter=PendingTopupsTest`
-Expected: FAIL — routes 404.
-
-- [ ] **Step 3: Реализовать `PendingTopupsController`** (`index` — фильтр status in [pending, matched]; `confirm` — зовёт `BillingTopupService::confirmPayment($session->provider_ref, $admin->id)`; `reject` — status=failed). Маршруты под `saas-admin` middleware.
-
-- [ ] **Step 4: Реализовать `BillingSettingsController`** (GET/PUT `auto_confirm` флага в `SystemSetting` модели — ключ `billing.topup_auto_confirm`, default false).
-
-- [ ] **Step 5: Зарегистрировать routes** в `web.php` под `saas-admin` middleware.
-
-- [ ] **Step 6: Запустить — убедиться, что проходит**
-
-Run: `cd app && php artisan test --filter=PendingTopupsTest`
-Expected: PASS (3 теста).
-
-- [ ] **Step 7: Commit**
-
-```bash
-git add app/app/Http/Controllers/Api/Admin/PendingTopupsController.php app/app/Http/Controllers/Api/Admin/BillingSettingsController.php app/routes/web.php app/tests/Feature/Admin/PendingTopupsTest.php
-git commit -m "feat(billing-v2-c): админка ожидающих платежей + подтверждение + режим auto/manual"
-```
-
----
-
-### Task 2.8: `NotifyPendingConfirmationsJob` — часовой алерт админу
-
-**Files:**
-- Create: `app/app/Jobs/Billing/NotifyPendingConfirmationsJob.php`
-- Create: `app/app/Mail/PendingConfirmationsAdminMail.php` + шаблон
-- Modify: `app/routes/console.php` (hourly + heartbeat)
-- Test: `app/tests/Feature/Billing/NotifyPendingConfirmationsTest.php`
-
-- [ ] **Step 1: Написать failing-тест**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Jobs\Billing\NotifyPendingConfirmationsJob;
-use App\Mail\PendingConfirmationsAdminMail;
-use App\Models\SystemSetting;
-use App\Models\Tenant;
-use App\Models\TopupSession;
-use Illuminate\Support\Facades\Mail;
-
-it('alerts admin when matched payments await confirmation in manual mode', function () {
-    Mail::fake();
-    SystemSetting::set('billing.topup_auto_confirm', false);
-    $tenant = Tenant::factory()->create();
-    TopupSession::create(['tenant_id' => $tenant->id, 'method' => 'bank_transfer', 'amount_rub' => '100.00', 'provider_ref' => 'SCH-1', 'status' => 'matched']);
-
-    (new NotifyPendingConfirmationsJob())->handle();
-
-    Mail::assertQueued(PendingConfirmationsAdminMail::class);
-});
-
-it('sends nothing in auto mode', function () {
-    Mail::fake();
-    SystemSetting::set('billing.topup_auto_confirm', true);
-    $tenant = Tenant::factory()->create();
-    TopupSession::create(['tenant_id' => $tenant->id, 'method' => 'bank_transfer', 'amount_rub' => '100.00', 'provider_ref' => 'SCH-2', 'status' => 'matched']);
-
-    (new NotifyPendingConfirmationsJob())->handle();
-
-    Mail::assertNotQueued(PendingConfirmationsAdminMail::class);
-});
-```
-
-- [ ] **Step 2: Запустить — убедиться, что падает**
-
-Run: `cd app && php artisan test --filter=NotifyPendingConfirmationsTest`
-Expected: FAIL.
-
-- [ ] **Step 3: Реализовать Job** (проверяет `SystemSetting::get('billing.topup_auto_confirm')` — если false и есть `matched`-сессии → `PendingConfirmationsAdminMail` на `config('billing.admin_email')`).
-
-- [ ] **Step 4: Реализовать Mailable + шаблон** (count непровер. + ссылка на админку).
-
-- [ ] **Step 5: Зарегистрировать в Schedule** — `->hourly()` + heartbeat.
-
-- [ ] **Step 6: Запустить — убедиться, что проходит**
-
-Run: `cd app && php artisan test --filter=NotifyPendingConfirmationsTest`
-Expected: PASS (2 теста).
-
-- [ ] **Step 7: Commit**
-
-```bash
-git add app/app/Jobs/Billing/NotifyPendingConfirmationsJob.php app/app/Mail/PendingConfirmationsAdminMail.php app/resources/views/emails/billing/ app/routes/console.php app/tests/Feature/Billing/NotifyPendingConfirmationsTest.php
-git commit -m "feat(billing-v2-c): часовой алерт админу о непровер. платежах"
-```
-
----
-
-### Task 2.9: Frontend — пополнение (выбор метода + безнал) + реквизиты + админка
-
-**Files:**
-- Create: `app/resources/js/views/billing/TopupView.vue`
-- Create: `app/resources/js/components/billing/TopupMethodPicker.vue`
-- Create: `app/resources/js/components/billing/BankTransferInvoiceView.vue`
-- Create: `app/resources/js/components/settings/LegalEntityForm.vue`
-- Create: `app/resources/js/views/admin/PendingPaymentsAdminView.vue`
-- Create: `app/resources/js/views/admin/BillingSettingsAdminView.vue`
-- Modify: router (новые маршруты `/billing/topup`, `/admin/pending-payments`)
-- Test: `app/resources/js/views/billing/__tests__/TopupView.spec.ts` + `LegalEntityForm.spec.ts`
-
-- [ ] **Step 1: Написать failing Vitest на LegalEntityForm** (валидация ИНН 10/12 цифр, КПП 9, форма юрлица).
-
-- [ ] **Step 2: Запустить — FAIL.**
-
-Run: `cd app && npm run test:vue -- LegalEntityForm`
-
-- [ ] **Step 3: Реализовать `LegalEntityForm.vue`** (поля: название, ИНН, КПП, адрес, форма; клиентская валидация ИНН/КПП; PATCH в API настроек тенанта).
-
-- [ ] **Step 4: Реализовать `TopupMethodPicker.vue`** (3 таба: Безнал / СБП / Карта; для каждого — ввод суммы с min/max из config).
-
-- [ ] **Step 5: Реализовать `BankTransferInvoiceView.vue`** (после createSession — кнопка «Скачать счёт PDF» + инструкция «оплати → жди до 1 раб. дня → подтвердим»).
-
-- [ ] **Step 6: Реализовать `TopupView.vue`** (обёртка picker → метод-специфичный компонент).
-
-- [ ] **Step 7: Реализовать `PendingPaymentsAdminView.vue`** (таблица matched/pending + кнопки «Подтвердить»/«Отклонить»).
-
-- [ ] **Step 8: Реализовать `BillingSettingsAdminView.vue`** (переключатель auto/manual).
-
-- [ ] **Step 9: Зарегистрировать маршруты** + вставить `LegalEntityForm` в Настройки клиента.
-
-- [ ] **Step 10: Написать Vitest на TopupView** (рендер picker, переключение методов).
-
-- [ ] **Step 11: Запустить Vitest**
-
-Run: `cd app && npm run test:vue -- TopupView LegalEntityForm`
-Expected: PASS.
-
-- [ ] **Step 12: Commit**
-
-```bash
-git add app/resources/js/views/billing/ app/resources/js/components/billing/ app/resources/js/components/settings/LegalEntityForm.vue app/resources/js/views/admin/PendingPaymentsAdminView.vue app/resources/js/views/admin/BillingSettingsAdminView.vue app/resources/js/router/
-git commit -m "feat(billing-v2-c): UI пополнения (безнал) + реквизиты юр.лица + админка платежей"
-```
-
----
-
-## Phase 3 — СБП и Карты (dev-заглушки) + 54-ФЗ архитектура
-
-### Task 3.1: `SbpGateway` (dev-режим) + фоновое авто-подтверждение
-
-**Files:**
-- Create: `app/app/Services/Billing/Gateway/SbpGateway.php`
-- Create: `app/app/Jobs/Billing/DevAutoConfirmSessionJob.php`
-- Test: `app/tests/Feature/Billing/SbpGatewayTest.php`
-
-- [ ] **Step 1: Написать failing-тест**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Tenant;
-use App\Models\TopupSession;
-use App\Models\User;
-use App\Services\Billing\Gateway\SbpGateway;
-
-it('creates SBP session with QR code data in dev mode', function () {
-    $tenant = Tenant::factory()->create();
-    $user = User::factory()->for($tenant)->create();
-
-    $gateway = new SbpGateway();
-    $result = $gateway->createSession($tenant->id, '5000.00', $user->id);
-
-    $session = TopupSession::find($result->sessionId);
-    expect($session->method)->toBe('sbp');
-    expect($session->status)->toBe('pending');
-    expect($result->qrCodeData)->toStartWith('data:image/'); // фейковый QR в dev
-});
-```
-
-- [ ] **Step 2: Запустить — FAIL.**
-
-Run: `cd app && php artisan test --filter=SbpGatewayTest`
-
-- [ ] **Step 3: Реализовать `SbpGateway`**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Services\Billing\Gateway;
-
-use App\Jobs\Billing\DevAutoConfirmSessionJob;
-use App\Models\TopupSession;
-
-/**
- * СБП через VTB. Спек §4.4.
- * Dev/test: фейковый QR + авто-подтверждение через 5 сек (DevAutoConfirmSessionJob).
- * Prod (после Б-1): реальный VTB SBP API + callback /api/billing/vtb-sbp/callback.
- */
-final class SbpGateway implements TopupGatewayInterface
-{
-    public function createSession(int $tenantId, string $amountRub, int $userId): TopupSessionResult
-    {
-        $session = TopupSession::create([
-            'tenant_id' => $tenantId,
-            'user_id' => $userId,
-            'method' => TopupSession::METHOD_SBP,
-            'amount_rub' => $amountRub,
-            'provider_ref' => 'SBP-'.now()->timestamp.'-'.$tenantId,
-            'status' => TopupSession::STATUS_PENDING,
-        ]);
-
-        if (app()->environment(['local', 'testing'])) {
-            // 1x1 прозрачный PNG как заглушка QR.
-            $fakeQr = 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mNk+M8AAAMBAQDJ/pLvAAAAAElFTkSuQmCC';
-            DevAutoConfirmSessionJob::dispatch($session->id)->delay(now()->addSeconds(5));
-
-            return new TopupSessionResult(
-                sessionId: $session->id,
-                status: $session->status,
-                qrCodeData: $fakeQr,
-            );
-        }
-
-        // prod: TODO после Б-1 — VTB SBP API
-        throw new \RuntimeException('VTB SBP not configured (pending Б-1)');
-    }
-}
-```
-
-- [ ] **Step 4: Реализовать `DevAutoConfirmSessionJob`** (в dev/test переводит сессию matched → confirmed через `BillingTopupService::confirmPayment`; gate `app()->environment(['local','testing'])`).
-
-- [ ] **Step 5: Запустить — PASS.**
-
-Run: `cd app && php artisan test --filter=SbpGatewayTest`
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/app/Services/Billing/Gateway/SbpGateway.php app/app/Jobs/Billing/DevAutoConfirmSessionJob.php app/tests/Feature/Billing/SbpGatewayTest.php
-git commit -m "feat(billing-v2-c): SbpGateway dev-заглушка + авто-подтверждение"
-```
-
----
-
-### Task 3.2: `CardGateway` (dev-режим) + dev-mock страница эквайринга
-
-**Files:**
-- Create: `app/app/Services/Billing/Gateway/CardGateway.php`
-- Create: `app/resources/js/views/dev/DevMockAcquiringView.vue` (только dev)
-- Modify: router (dev-only route `/dev-mock-vtb-acquiring/:sessionId`)
-- Test: `app/tests/Feature/Billing/CardGatewayTest.php`
-
-- [ ] **Step 1: Написать failing-тест**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Tenant;
-use App\Models\TopupSession;
-use App\Models\User;
-use App\Services\Billing\Gateway\CardGateway;
-
-it('creates card session with dev redirect url', function () {
-    $tenant = Tenant::factory()->create();
-    $user = User::factory()->for($tenant)->create();
-
-    $gateway = new CardGateway();
-    $result = $gateway->createSession($tenant->id, '3000.00', $user->id);
-
-    $session = TopupSession::find($result->sessionId);
-    expect($session->method)->toBe('card');
-    expect($result->redirectUrl)->toContain('dev-mock-vtb-acquiring');
-    expect($result->redirectUrl)->toContain((string) $result->sessionId);
-});
-```
-
-- [ ] **Step 2: Запустить — FAIL.**
-
-Run: `cd app && php artisan test --filter=CardGatewayTest`
-
-- [ ] **Step 3: Реализовать `CardGateway`** (dev — redirect на `/dev-mock-vtb-acquiring/{id}`; prod — throw pending Б-1).
-
-- [ ] **Step 4: Реализовать `DevMockAcquiringView.vue`** (две кнопки «Симулировать успех» / «Симулировать ошибку» → POST на dev-endpoint, который переводит сессию confirmed/failed). Endpoint в `BillingController::devMockAcquiringResult` под gate `app()->environment(['local'])`.
-
-- [ ] **Step 5: Зарегистрировать dev-route** (router + backend, gated на local).
-
-- [ ] **Step 6: Запустить — PASS.**
-
-Run: `cd app && php artisan test --filter=CardGatewayTest`
-
-- [ ] **Step 7: Commit**
-
-```bash
-git add app/app/Services/Billing/Gateway/CardGateway.php app/resources/js/views/dev/DevMockAcquiringView.vue app/app/Http/Controllers/Api/BillingController.php app/routes/ app/tests/Feature/Billing/CardGatewayTest.php
-git commit -m "feat(billing-v2-c): CardGateway dev-заглушка + mock-страница эквайринга"
-```
-
----
-
-### Task 3.3: `FiscalReceiptProvider` — архитектура 54-ФЗ
-
-**Files:**
-- Create: `app/app/Services/Billing/Fiscal/FiscalReceiptProvider.php` (interface)
-- Create: `app/app/Services/Billing/Fiscal/NoOpFiscalProvider.php`
-- Create: `app/app/Services/Billing/Fiscal/DevMockFiscalProvider.php`
-- Create: `app/app/Services/Billing/Fiscal/AtolOnlineFiscalProvider.php` (stub — throw pending Б-1)
-- Create: `app/app/Services/Billing/Fiscal/FiscalReceipt.php` (DTO)
-- Modify: `app/app/Providers/AppServiceProvider.php` (биндинг провайдера по методу/env)
-- Test: `app/tests/Unit/Billing/FiscalReceiptProviderTest.php`
-
-- [ ] **Step 1: Написать failing-тест**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\TopupSession;
-use App\Services\Billing\Fiscal\DevMockFiscalProvider;
-use App\Services\Billing\Fiscal\NoOpFiscalProvider;
-
-it('NoOp returns "not required" for bank transfer', function () {
-    $session = new TopupSession(['method' => 'bank_transfer', 'amount_rub' => '100.00']);
-    $receipt = (new NoOpFiscalProvider())->issueReceipt($session);
-    expect($receipt->required)->toBeFalse();
-});
-
-it('DevMock returns fake receipt id for SBP', function () {
-    $session = new TopupSession(['method' => 'sbp', 'amount_rub' => '100.00']);
-    $receipt = (new DevMockFiscalProvider())->issueReceipt($session);
-    expect($receipt->required)->toBeTrue();
-    expect($receipt->receiptId)->toStartWith('DEV-RECEIPT-');
-});
-```
-
-- [ ] **Step 2: Запустить — FAIL.**
-
-Run: `cd app && php artisan test --filter=FiscalReceiptProviderTest`
-
-- [ ] **Step 3: Реализовать DTO + interface + 3 реализации**
-
-```php
-<?php
-// FiscalReceipt.php
-declare(strict_types=1);
-
-namespace App\Services\Billing\Fiscal;
-
-final class FiscalReceipt
-{
-    public function __construct(
-        public readonly bool $required,
-        public readonly ?string $receiptId = null,
-        public readonly ?string $note = null,
-    ) {}
-}
-```
-
-```php
-<?php
-// FiscalReceiptProvider.php
-declare(strict_types=1);
-
-namespace App\Services\Billing\Fiscal;
-
-use App\Models\TopupSession;
-
-interface FiscalReceiptProvider
-{
-    public function issueReceipt(TopupSession $session): FiscalReceipt;
-}
-```
-
-`NoOpFiscalProvider` → `new FiscalReceipt(false, null, 'Чек не требуется по 54-ФЗ (B2B безнал)')`.
-`DevMockFiscalProvider` → `new FiscalReceipt(true, 'DEV-RECEIPT-'.uniqid())`.
-`AtolOnlineFiscalProvider` → `throw new \RuntimeException('ОФД-Атол not configured (pending Б-1)')`.
-
-- [ ] **Step 4: Биндинг в `AppServiceProvider`** — резолвер «по методу платежа»: bank_transfer → NoOp; sbp/card → (dev: DevMock, prod: AtolOnline). Это можно сделать фабрикой `FiscalProviderFactory::forMethod(string $method)`.
-
-- [ ] **Step 5: Запустить — PASS.**
-
-Run: `cd app && php artisan test --filter=FiscalReceiptProviderTest`
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/app/Services/Billing/Fiscal/ app/app/Providers/AppServiceProvider.php app/tests/Unit/Billing/FiscalReceiptProviderTest.php
-git commit -m "feat(billing-v2-c): архитектура 54-ФЗ — FiscalReceiptProvider + 3 реализации"
-```
-
----
-
-### Task 3.4: Подключить выбор gateway + fiscal в `BillingTopupService::initiateTopup`
-
-**Files:**
-- Modify: `app/app/Services/Billing/BillingTopupService.php` (resolveGateway + initiateTopup)
-- Modify: `app/app/Http/Controllers/Api/BillingController.php` (+ `initiateTopup` endpoint)
-- Modify: `app/routes/web.php`
-- Test: `app/tests/Feature/Billing/InitiateTopupTest.php`
-
-- [ ] **Step 1: Написать failing-тест**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Tenant;
-use App\Models\User;
-
-it('initiates bank transfer topup via endpoint', function () {
-    $tenant = Tenant::factory()->create(['legal_entity_name' => 'ООО Альфа', 'legal_entity_inn' => '7700000000']);
-    $user = User::factory()->for($tenant)->create();
-
-    $resp = $this->actingAs($user)->postJson('/api/billing/topup/initiate', [
-        'method' => 'bank_transfer',
-        'amount_rub' => '100000.00',
-    ]);
-
-    $resp->assertOk();
-    $resp->assertJsonStructure(['session_id', 'status', 'invoice_url']);
-});
-
-it('rejects amount below minimum', function () {
-    $tenant = Tenant::factory()->create();
-    $user = User::factory()->for($tenant)->create();
-
-    $this->actingAs($user)->postJson('/api/billing/topup/initiate', [
-        'method' => 'sbp',
-        'amount_rub' => '10.00', // < min 100
-    ])->assertStatus(422);
-});
-```
-
-- [ ] **Step 2: Запустить — FAIL.**
-
-Run: `cd app && php artisan test --filter=InitiateTopupTest`
-
-- [ ] **Step 3: Реализовать `BillingTopupService::initiateTopup`** (resolveGateway по `method` → bank_transfer/sbp/card; вернуть `TopupSessionResult`) + `resolveGateway(string): TopupGatewayInterface`.
-
-- [ ] **Step 4: Реализовать `BillingController::initiateTopup`** (валидация method enum + amount min/max из `config/billing.php` per-method; зов сервиса; JSON-ответ session_id/status/invoice_url/qr_code_data/redirect_url по методу).
-
-- [ ] **Step 5: Зарегистрировать route** `POST /api/billing/topup/initiate` под auth:sanctum + tenant.
-
-- [ ] **Step 6: Запустить — PASS.**
-
-Run: `cd app && php artisan test --filter=InitiateTopupTest`
-
-- [ ] **Step 7: Commit**
-
-```bash
-git add app/app/Services/Billing/BillingTopupService.php app/app/Http/Controllers/Api/BillingController.php app/routes/web.php app/tests/Feature/Billing/InitiateTopupTest.php
-git commit -m "feat(billing-v2-c): initiateTopup — единый вход для 3 методов оплаты"
-```
-
----
-
-## Phase 4 — End-to-end сценарии + регрессия
-
-### Task 4.1: Pest E2E — преfflight (заморозка → пополнение → разморозка)
-
-**Files:**
-- Create: `app/tests/Feature/Billing/PreflightE2ETest.php`
-
-- [ ] **Step 1: Написать E2E-тест полного цикла**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Jobs\Billing\BalancePreflightSweepJob;
-use App\Models\PricingTier;
-use App\Models\Project;
-use App\Models\Tenant;
-use App\Models\User;
-use App\Services\Billing\BillingTopupService;
-use Illuminate\Support\Facades\Mail;
-
-beforeEach(function () {
-    PricingTier::factory()->create(['tier_no' => 1, 'leads_in_tier' => null, 'price_per_lead_kopecks' => 5000, 'is_active' => true]);
-});
-
-it('full cycle: sufficient → drained → frozen → topup → unfrozen', function () {
-    Mail::fake();
-
-    // 1. Клиент с балансом на 25 лидов, заказывает 25.
-    $tenant = Tenant::factory()->create(['balance_rub' => '1250.00']); // 1250/50 = 25
-    Project::factory()->for($tenant)->create(['status' => 'active', 'daily_limit' => 25]);
-
-    // Преfflight cut-off — проходит.
-    (new BalancePreflightSweepJob())->handle();
-    expect($tenant->fresh()->frozen_by_balance_at)->toBeNull();
-
-    // 2. Баланс истощился за день (симулируем списанием в ноль).
-    $tenant->update(['balance_rub' => '0.00']);
-
-    // 3. Следующий cut-off — заморозка.
-    (new BalancePreflightSweepJob())->handle();
-    expect($tenant->fresh()->frozen_by_balance_at)->not->toBeNull();
-
-    // 4. Клиент пополняет — авто-разморозка через confirmPayment.
-    $session = \App\Models\TopupSession::create([
-        'tenant_id' => $tenant->id, 'method' => 'bank_transfer',
-        'amount_rub' => '2000.00', 'provider_ref' => 'SCH-E2E-1', 'status' => 'matched',
-    ]);
-    (new BillingTopupService())->confirmPayment('SCH-E2E-1', null);
-
-    // 5. Разморожен.
-    expect($tenant->fresh()->frozen_by_balance_at)->toBeNull();
-    expect($tenant->fresh()->balance_rub)->toBe('2000.00');
-});
-```
-
-- [ ] **Step 2: Запустить — должен пройти на готовой реализации Phase 1+2**
-
-Run: `cd app && php artisan test --filter=PreflightE2ETest`
-Expected: PASS. (Если FAIL — починить связку confirmPayment → unfreeze из Task 2.5 Step 5.)
-
-- [ ] **Step 3: Commit**
-
-```bash
-git add app/tests/Feature/Billing/PreflightE2ETest.php
-git commit -m "test(billing-v2-c): E2E преfflight — полный цикл заморозки/разморозки"
-```
-
----
-
-### Task 4.2: Pest E2E — безнал (счёт → выписка → подтверждение)
-
-**Files:**
-- Create: `app/tests/Feature/Billing/BankTransferE2ETest.php`
-
-- [ ] **Step 1: Написать E2E-тест**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\BalanceTransaction;
-use App\Models\Tenant;
-use App\Models\TopupSession;
-use App\Models\User;
-
-it('full cycle: initiate → invoice → statement match → admin confirm → balance credited', function () {
-    $tenant = Tenant::factory()->create([
-        'balance_rub' => '0.00',
-        'legal_entity_name' => 'ООО Альфа', 'legal_entity_inn' => '7700000000',
-    ]);
-    $user = User::factory()->for($tenant)->create();
-    $admin = User::factory()->create(['is_saas_admin' => true]);
-
-    // 1. Клиент инициирует безнал.
-    $init = $this->actingAs($user)->postJson('/api/billing/topup/initiate', [
-        'method' => 'bank_transfer', 'amount_rub' => '100000.00',
-    ])->assertOk();
-    $sessionId = $init->json('session_id');
-    $providerRef = TopupSession::find($sessionId)->provider_ref;
-
-    // 2. Клиент скачивает PDF.
-    $this->actingAs($user)->get("/api/billing/topup-sessions/{$sessionId}/invoice.pdf")->assertOk();
-
-    // 3. Выписка нашла платёж (dev-симулятор).
-    $this->artisan('billing:vtb-statement-simulate', ['session' => $sessionId, '--amount' => '100000.00'])
-        ->assertSuccessful();
-    expect(TopupSession::find($sessionId)->status)->toBe('matched');
-
-    // 4. Админ подтверждает.
-    $this->actingAs($admin)->postJson("/api/admin/topup-sessions/{$sessionId}/confirm")->assertOk();
-
-    // 5. Баланс зачислен.
-    expect($tenant->fresh()->balance_rub)->toBe('100000.00');
-    expect(BalanceTransaction::where('tenant_id', $tenant->id)->where('type', 'topup')->count())->toBe(1);
-});
-```
-
-- [ ] **Step 2: Запустить — PASS.**
-
-Run: `cd app && php artisan test --filter=BankTransferE2ETest`
-
-- [ ] **Step 3: Commit**
-
-```bash
-git add app/tests/Feature/Billing/BankTransferE2ETest.php
-git commit -m "test(billing-v2-c): E2E безнал — счёт → выписка → подтверждение"
-```
-
----
-
-### Task 4.3: Полная регрессия
-
-**Files:** нет (прогон)
-
-- [ ] **Step 1: Pest --parallel**
-
-REQUIRED SUB-SKILL: `regression` (skill `/regression full`).
-
-Run: `cd app && php artisan test --parallel`
-Expected: всё GREEN, 0 regressions. Особо проверить `SyncSupplier*`, `Billing*`, `Project*`.
-
-- [ ] **Step 2: Larastan**
-
-Run: `cd app && composer stan`
-Expected: 0 новых ошибок (baseline machine-specific — см. project_qa_checklist; не регенерировать baseline зря).
-
-- [ ] **Step 3: Pint**
-
-Run: `cd app && composer pint`
-Expected: все файлы отформатированы.
-
-- [ ] **Step 4: Vitest**
-
-Run: `cd app && npm run test:vue`
-Expected: всё GREEN включая новые компоненты.
-
-- [ ] **Step 5: Vite build**
-
-Run: `cd app && npm run build`
-Expected: сборка без ошибок.
-
-- [ ] **Step 6: gitleaks + lychee**
-
-Run: `./bin/gitleaks.exe detect` + `npm run links`
-Expected: 0 leaks, 0 broken links.
-
-- [ ] **Step 7: Зафиксировать статус-строку регрессии** (Pest N/N, Vitest N/N, build OK, gitleaks 0) в финальный отчёт.
-
----
-
-## Phase 5 — Документация + ADR + push
-
-### Task 5.1: ADR-016 — архитектура преfflight + VTB
-
-**Files:**
-- Create: `docs/adr/016-preflight-vtb-architecture.md`
-
-- [ ] **Step 1: Написать ADR** (Context — переплата поставщику + нет реального пополнения; Decision — преfflight как фильтр eligible до формулы + gateway-pattern для 3 методов + dev-заглушки до Б-1; Consequences — границы PF1..PFN; Status — Accepted). REQUIRED SUB-SKILL: `adr-kit:adr`.
-
-- [ ] **Step 2: Commit**
-
-```bash
-git add docs/adr/016-preflight-vtb-architecture.md
-git commit -m "docs(adr): ADR-016 — преfflight баланса + VTB gateway-архитектура"
-```
-
----
-
-### Task 5.2: Обновить memory + нормативку (по необходимости)
-
-**Files:**
-- Modify: `memory/project_billing_v2.md` (Спек C: статус, артефакты, что выкачено)
-- Modify: `memory/MEMORY.md` (одна строка-указатель, если меняется)
-
-- [ ] **Step 1: Обновить `project_billing_v2.md`** — раздел «Спек C» из PENDING brainstorm → IMPLEMENTED (worktree, ветка, фазы, что dev-заглушки до Б-1, что pending). Через Write tool (это memory, не код).
-
-- [ ] **Step 2: CLAUDE.md / Pravila / Tooling** — **проверить**, нужны ли правки. Преfflight/VTB — это фича портала, не новый инструмент тулчейна → **скорее всего нормативка не меняется**. Если нужно — через `/claude-md-management:claude-md-improver` (НЕ прямой Edit CLAUDE.md, кроме worktree-эксцепшна §5 п.10).
-
-- [ ] **Step 3: Commit (если были правки)**
-
-```bash
-git add docs/
-git commit -m "docs(billing-v2-c): обновление контекста после Спека C"
-```
-
----
-
-### Task 5.3: Финиш ветки — PR / merge
-
-**Files:** нет (git)
-
-- [ ] **Step 1: Финальная регрессия** (повтор Task 4.3 целиком на чистом дереве).
-
-- [ ] **Step 2: Решить способ интеграции**
-
-REQUIRED SUB-SKILL: `superpowers:finishing-a-development-branch`.
-
-Варианты: PR в main (через `gh`) ИЛИ FF-merge в main (паттерн Спека B `git push origin feat/billing-v2-spec-c:main` через worktree). **Только после явного «выкатываем» от заказчика** (Pravila §2.2 — не закрывать без подтверждения).
-
-- [ ] **Step 3: НЕ выкатывать на прод автоматически.** Боевой деплой VTB-части невозможен до Б-1 (нет реквизитов). Преfflight-часть можно выкатить — но **только по явному решению заказчика** + ручной прогон `billing:preflight-initial-sweep` на проде с предупреждением клиентам.
-
-- [ ] **Step 4: Обновить `ПИЛОТ.md`** (если/когда выкачено на боевой liderra.ru).
-
----
-
-## Карта файлов (сводка)
-
-**Создаются:**
-
-- БД: 2 миграции + 2 prod-sql.
-- Бэк-сервисы: `BalancePreflightService`, `PreflightResult`, `Gateway/{TopupGatewayInterface, TopupSessionResult, BankTransferGateway, SbpGateway, CardGateway, MissingRequisitesException}`, `Fiscal/{FiscalReceiptProvider, FiscalReceipt, NoOpFiscalProvider, DevMockFiscalProvider, AtolOnlineFiscalProvider}`, `VtbBusinessClient`.
-- Бэк-модели: `TopupSession`.
-- Бэк-джобы: `BalancePreflightSweepJob`, `BalanceFrozenReminderJob`, `VtbStatementSyncJob`, `NotifyPendingConfirmationsJob`, `DevAutoConfirmSessionJob`.
-- Бэк-команды: `BillingPreflightSweepCommand`, `BillingPreflightInitialSweepCommand`, `VtbStatementSimulateCommand`.
-- Бэк-контроллеры: `Admin/PendingTopupsController`, `Admin/BillingSettingsController`.
-- Бэк-Mail: `BalanceFrozenMail`, `BalanceFrozenReminderMail`, `BalanceFrozenFinalMail`, `BalanceUnfrozenMail`, `PendingConfirmationsAdminMail`.
-- Blade: `pdf/invoice.blade.php` + 5 email-шаблонов.
-- Конфиг: `config/billing.php`.
-- Фронт: `BalanceFrozenBanner`, `BalanceCapacityIndicator`, `ProjectLimitOverloadDialog`, `TopupView`, `TopupMethodPicker`, `BankTransferInvoiceView`, `LegalEntityForm`, `PendingPaymentsAdminView`, `BillingSettingsAdminView`, `DevMockAcquiringView`.
-- Docs: `docs/adr/016-preflight-vtb-architecture.md`.
-
-**Модифицируются:**
-
-- `Models/Tenant.php`, `Models/Project.php`, `BillingTopupService.php`, `BillingController.php`, `ProjectController.php`, `SyncSupplierProjectsJob.php`, `routes/console.php`, `routes/web.php`, `AppServiceProvider.php`, `db/schema.sql`, `db/CHANGELOG_schema.md`, `composer.json`, router фронта, `AppLayout.vue`, проектная форма.
-
-**НЕ трогаются** (важно): `SupplierQuotaAllocator.php` (формула неизменна), `LedgerService.php`, `BalanceToLeadsConverter.php`, `PricingTierResolver.php`.
-
----
-
-## Заметки для исполнителя
-
-**По §3.9 спека (граничные случаи):** главный инвариант «баланс не уходит в минус» держится `LedgerService` (он уже защищён от списания ниже нуля) + ежедневным преfflight. Поэтому отдельное «предупреждение админа при ретро-операциях» (CSV-импорт исторических лидов / ручная правка баланса между cut-off и началом дня) — **опциональная UX-полировка**, не блокер. Если делать — добавить confirm-диалог в `ImportController` и в `AdminTenantsController::adjustBalance` UI с текстом «эта операция может вывести клиента в заморозку на следующем cut-off». Минимально — можно вынести в отдельную мелкую задачу или Спек D. Преfflight отработает корректно в любом случае.
-
-**По UI-задачам (1.10, 2.9, 3.2):** для критичных компонентов (`BalanceCapacityIndicator`) дан полный код. Для остальных Vue-компонентов дан контракт (props / emit / поведение) — исполнитель пишет разметку по образцу первого компонента и существующих паттернов проекта (Vuetify 3, Composition API, `<script setup lang="ts">`). Это сознательное решение: расписывать 10 Vue-компонентов построчно раздуло бы план без пользы. Каждый UI-компонент имеет Vitest-тест с явными ожиданиями — они и фиксируют контракт.
-
-**Порядок cron (важно):** `billing:preflight-sweep` @18:00 MSK должен отработать **до** `SyncSupplierProjectsJob`. Проверить текущее расписание Sync и при пересечении сдвинуть Sync на 18:05+ (Task 1.4 Step 5).
-
----
-
-## Out of scope (отдельные планы после Б-1)
-
-- Боевая интеграция VTB Acquiring (карты, 3DS, chargeback).
-- Боевая интеграция VTB SBP API (callbacks).
-- Боевая интеграция VTB Бизнес API (авто-сверка выписки).
-- Боевая интеграция ОФД-Атол (фискализация).
-- Боевые секреты в YC Lockbox (SEC-5).
-- Спек D: «отдать разморозившемуся клиенту лиды через шеринг» + «приоритет шеринга по платёжеспособности».
-
diff --git a/docs/superpowers/plans/2026-05-24-legacy-direct-webhook-removal.md b/docs/superpowers/plans/2026-05-24-legacy-direct-webhook-removal.md
deleted file mode 100644
index 80b877c..0000000
--- a/docs/superpowers/plans/2026-05-24-legacy-direct-webhook-removal.md
+++ /dev/null
@@ -1,1173 +0,0 @@
-# Legacy Direct Webhook Removal — План реализации
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) или superpowers:executing-plans для исполнения task-by-task. Шаги в формате checkbox (`- [ ]`). **Pravila §15.1** — git-коммит задачи только Sonnet/Opus субагентами (не Haiku); контроллер верифицирует `git rev-parse HEAD` после каждого субагента.
-
-**Goal:** Удалить legacy-кусок `ProcessWebhookJob` + всю его обвязку (контроллер, роут, модель `WebhookDedupKey`, тесты, таблицы БД, колонки `tenants.webhook_token*`), потому что он не часть актуальной архитектуры каналов (основной webhook + резервный CSV — оба уже на always-rub).
-
-**Architecture:** Cleanup-задача, не feature work. Одна последовательность: discovery (impact-checks) → удаление кода/тестов файл-за-файлом с регрессией между шагами → одна DROP-миграция → финальная регрессия → деплой одним PR.
-
-**Tech Stack:** PHP 8.3 / Laravel 13, PostgreSQL 16 (RLS, партиционирование таблиц), Pest 4.
-
-**Спек:** [docs/superpowers/specs/2026-05-24-legacy-direct-webhook-removal-design.md](../specs/2026-05-24-legacy-direct-webhook-removal-design.md)
-
----
-
-## Контекст для исполнителя (прочитать до начала)
-
-**Что нужно знать про проект:**
-
-- БД-роли: миграции с `DROP TABLE` / `DROP COLUMN` запускать через `DB::connection('pgsql_supplier')` (BYPASSRLS-роль `crm_supplier_worker`), потому что под обычной `crm_app_user` без `app.current_tenant_id` GUC не пройдёт. Этот паттерн закреплён в Спеке B Phase 1 (`546ca30a`).
-- Партиционированная таблица (`webhook_log` — 13 партиций) удаляется одной командой `DROP TABLE webhook_log` — Postgres сам каскадит партиции.
-- Тесты Pest: `cd app && composer test` или `php artisan test --filter=...`. Параллельный режим `--parallel` — учитывать quirk 72 (Redis `supplier:session` race в subdir, не наш случай — мы удаляем, не добавляем).
-- Pre-commit hooks (`lefthook.yml`): gitleaks + markdownlint + cspell + ESLint + Pint + Larastan + squawk (если миграция). Все должны быть зелёные.
-- `db/schema.sql` — baseline схемы; после миграции **обязательно** обновляется + запись в `db/CHANGELOG_schema.md`.
-
-**Что говорит спек:**
-
-- §2.1 «Что удаляем» — основной список (включая conditional на impact-check).
-- §2.2 «Что НЕ трогаем» — границы (failed_webhook_jobs, SupplierLeadCost, MonthlyPartitionManager — оставляем).
-- §3 «Impact-checks» — обязательная discovery перед удалением каждой conditional-сущности.
-- §6 «Выкатка» — деплой одним PR.
-
-**Стиль работы:**
-
-- TDD-цикл «red→green» не очень применим — это удаление, не создание. Вместо этого: «удалить → запустить регрессию → ожидаемо GREEN (т.к. удалён только мёртвый код)». Если регрессия RED — расследовать (значит код не мёртвый, нужно лечить иначе).
-- Между удалениями — частые мелкие коммиты, чтобы легко делать `git bisect` если что.
-
----
-
-## Phase 0 — Подготовка рабочего пространства
-
-### Task 0.1: Создать worktree от свежего origin/main
-
-**Files:** нет (git-операция)
-
-- [ ] **Step 1: Pre-flight sync (Pravila §15.2)**
-
-Перед созданием worktree — `git fetch && git log HEAD..origin/main --oneline` обязателен (если параллельная сессия что-то залила в main, надо знать).
-
-Run:
-
-```bash
-git fetch origin
-git log HEAD..origin/main --oneline
-```
-
-Expected: пусто или несколько коммитов — зафиксировать что новое; если ничего критичного — продолжаем.
-
-- [ ] **Step 2: Создать worktree**
-
-REQUIRED SUB-SKILL: `superpowers:using-git-worktrees`.
-
-Run:
-
-```bash
-git worktree add -b feat/legacy-webhook-removal .claude/worktrees/legacy-webhook-removal origin/main
-```
-
-Expected: создаётся директория `.claude/worktrees/legacy-webhook-removal/` с чек-аутом ветки `feat/legacy-webhook-removal` от `origin/main`.
-
-- [ ] **Step 3: Скопировать gitignored runtime-файлы в worktree** (урок Sprint 4 — свежий worktree без `.env`, `storage/`, бинарей)
-
-Run (из основного чек-аута):
-
-```bash
-cp app/.env .claude/worktrees/legacy-webhook-removal/app/.env
-cp -r app/storage/framework .claude/worktrees/legacy-webhook-removal/app/storage/
-cp app/_ide_helper.php app/_ide_helper_models.php .claude/worktrees/legacy-webhook-removal/app/ 2>/dev/null || true
-```
-
-Expected: файлы скопированы; `_ide_helper*.php` опциональны (если есть на dev — нужны для phpstan baseline).
-
-NB для Windows: junction для `app/node_modules/` (`New-Item -ItemType Junction -Path .claude/worktrees/legacy-webhook-removal/app/node_modules -Target $(pwd)/app/node_modules`) — quirk #108 (cmd-link через `cmd /c` ломается на кириллических путях, нужен PowerShell `New-Item`).
-
-- [ ] **Step 4: Smoke composer + migrate на тестовой БД worktree**
-
-Run в worktree:
-
-```bash
-cd .claude/worktrees/legacy-webhook-removal/app
-composer install --no-interaction
-php artisan migrate:fresh --env=testing
-php artisan test --filter=Smoke --stop-on-failure
-```
-
-Expected: composer ничего не доустанавливает (lock не менялся), `migrate:fresh` проходит за <2с, smoke-тест GREEN. Если RED — worktree не готов, исправить **до** начала Task 1.1.
-
----
-
-## Phase 1 — Impact-checks (discovery, без правок кода)
-
-**Цель:** для каждой conditional-сущности из спека §3 получить финальный ответ «удалять или оставить». Результаты фиксируются inline в комментариях задач плана (отмечать ✅ удаляем / ⚠️ оставить — есть use в [имя_файла:строка]).
-
-### Task 1.1: Impact-check `WebhookReceiveController`
-
-**Files:** нет (только grep)
-
-- [ ] **Step 1: Найти все use'ы класса**
-
-Run в worktree:
-
-```bash
-grep -rn "WebhookReceiveController" app/ docs/
-```
-
-Expected: записать список файлов. Ожидается:
-
-- `app/routes/web.php` — регистрация роута (это удаляем).
-- `app/tests/Feature/WebhookReceiveTest.php` — тест (удаляем целиком).
-- никаких других use'ов.
-
-- [ ] **Step 2: Зафиксировать решение**
-
-Если найдены только роут + тест — отметить ✅ **удаляем целиком** в Task 3.1.
-Если найдены use вне роута/теста — отметить ⚠️ **оставить класс, удалить только метод `receive`**.
-
-### Task 1.2: Impact-check `NotificationService::notifyLowBalance` / `notifyZeroBalance`
-
-**Files:** нет (только grep)
-
-- [ ] **Step 1: Найти caller'ы `notifyLowBalance`**
-
-Run:
-
-```bash
-grep -rn "notifyLowBalance\b" app/
-```
-
-NB: word boundary `\b` опционален (имя уникальное).
-
-Expected: список caller'ов. Ожидается только `app/app/Jobs/ProcessWebhookJob.php:217` (single call site).
-
-- [ ] **Step 2: Найти caller'ы `notifyZeroBalance` (без `Paused`)**
-
-Run:
-
-```bash
-grep -rn "notifyZeroBalance\b" app/ | grep -v "notifyZeroBalancePaused"
-```
-
-Expected: список caller'ов **БЕЗ** `notifyZeroBalancePaused` (это другой метод, его НЕ трогаем — он живой через шеринг).
-
-Ожидается только `app/app/Jobs/ProcessWebhookJob.php:142` (single call site).
-
-- [ ] **Step 3: Зафиксировать решение**
-
-Если каждый метод имеет ровно одного caller'а (`ProcessWebhookJob`) — отметить ✅ **удаляем оба метода** в Task 3.5.
-Если есть другие caller'ы — отметить ⚠️ **оставить методы**, в Task 3.5 не трогать.
-
-### Task 1.3: Impact-check `LowBalanceNotification`, `ZeroBalanceNotification` (Mailable)
-
-**Files:** нет (только grep)
-
-- [ ] **Step 1: Найти use'ы классов**
-
-Run:
-
-```bash
-grep -rn "LowBalanceNotification\|ZeroBalanceNotification" app/ | grep -v "ZeroBalancePaused"
-```
-
-Expected: список use'ов. Ожидается:
-
-- `app/app/Services/NotificationService.php` — внутри методов `notifyLowBalance`/`notifyZeroBalance` (если они удаляются в Task 1.2 — то и mailable удаляются вместе).
-- `app/tests/Feature/Notifications/BalanceNotificationsTest.php` — assertions в тестах (удаляются вместе с тестом).
-
-- [ ] **Step 2: Зафиксировать решение**
-
-Если use'ы только в удаляемых методах NotificationService + тестах — отметить ✅ **удаляем оба Mailable файла** в Task 3.6.
-Если есть use в живом коде — отметить ⚠️ **оставить**.
-
-### Task 1.4: Impact-check `RejectedDealsLog`
-
-**Files:** нет (только grep)
-
-- [ ] **Step 1: Найти все use'ы**
-
-Run:
-
-```bash
-grep -rn "RejectedDealsLog\|rejected_deals_log" app/ docs/
-```
-
-Expected: список. Ожидается:
-
-- `app/app/Models/RejectedDealsLog.php` — сама модель (если есть).
-- `app/app/Jobs/ProcessWebhookJob.php:117` — `RejectedDealsLog::create([...])` (удаляется с job'ом).
-- Возможно админ-UI / API чтения журнала отказов (если есть).
-
-- [ ] **Step 2: Зафиксировать решение**
-
-Если writers только `ProcessWebhookJob` И reader'ов в UI/API нет — отметить ✅ **удаляем модель + DROP TABLE** в Task 3.7 и Task 4.1.
-Если есть reader в UI/API — отметить ⚠️ **оставить таблицу+модель** (после удаления writer'а таблица перестанет расти, но журнал старых записей доступен).
-
-### Task 1.5: Impact-check `webhook_dedup_keys`
-
-**Files:** нет (только grep)
-
-- [ ] **Step 1: Найти все use'ы**
-
-Run:
-
-```bash
-grep -rn "webhook_dedup_keys\|WebhookDedupKey" app/ docs/
-```
-
-Expected: список. Ожидается только `ProcessWebhookJob` + `app/app/Models/WebhookDedupKey.php` (модель).
-
-- [ ] **Step 2: Зафиксировать решение**
-
-Если использований только в `ProcessWebhookJob` + модель — отметить ✅ **удаляем модель + DROP TABLE** в Task 3.8 и Task 4.1.
-Иначе — RED FLAG, расследовать.
-
-### Task 1.6: Impact-check `tenants.webhook_token` / `webhook_token_rotated_at`
-
-**Files:** нет (grep — самая важная проверка, эти колонки могут быть в UI)
-
-- [ ] **Step 1: Найти use'ы в PHP**
-
-Run:
-
-```bash
-grep -rn "webhook_token" app/app/ app/database/ app/routes/ app/tests/
-```
-
-Expected: список. Ожидается:
-
-- `app/app/Models/Tenant.php` — `$fillable`/`$casts` (удалить из этих массивов).
-- `app/app/Http/Controllers/Api/WebhookReceiveController.php` — резолв тенанта по токену (удаляется с контроллером).
-- `app/database/factories/TenantFactory.php` — генерация токена (удалить если только тут).
-- `app/database/seeders/*Seeder.php` — возможно есть seed (удалить).
-- `app/database/migrations/*.php` — старая миграция создания колонок (не трогаем, история).
-- `app/tests/Feature/WebhookReceiveTest.php` — токен в тестах (удаляется с тестом).
-
-- [ ] **Step 2: Найти use'ы во frontend**
-
-Run:
-
-```bash
-grep -rn "webhook_token\|webhookToken" app/resources/js/
-```
-
-Expected: либо ничего (колонки нет в UI) — отметить ✅, либо есть UI «личный кабинет → твой webhook URL» — RED FLAG.
-
-- [ ] **Step 3: Найти use'ы в API resources / OpenAPI**
-
-Run:
-
-```bash
-grep -rn "webhook_token" app/app/Http/Resources/ docs/api/ 2>/dev/null
-```
-
-Expected: пусто (нет API-ресурса с этим полем) — отметить ✅.
-
-- [ ] **Step 4: Зафиксировать решение**
-
-Если все use'ы — только во `ProcessWebhookJob` + `WebhookReceiveController` + фабрика + сидер + тесты — отметить ✅ **удаляем колонки** в Task 4.1.
-Если есть UI/API consumer — отметить ⚠️ **оставить колонки**, добавить TODO «отдельная задача на удаление UI».
-
-### Task 1.7: Impact-check `low_balance_threshold_leads` (system_settings)
-
-**Files:** нет (grep)
-
-- [ ] **Step 1: Найти use'ы**
-
-Run:
-
-```bash
-grep -rn "low_balance_threshold_leads" app/ docs/ db/
-```
-
-Expected: список. Ожидается:
-
-- `app/app/Jobs/ProcessWebhookJob.php:227-228` — чтение (удаляется с job'ом).
-- `db/schema.sql` — возможно seed строки для `system_settings` (удалить).
-- `app/database/seeders/*Seeder.php` — возможно seed (удалить).
-
-- [ ] **Step 2: Зафиксировать решение**
-
-Если caller только `ProcessWebhookJob` — отметить ✅ **удаляем seed-строку** в Task 4.1 (если она существует).
-Иначе — оставить.
-
-### Task 1.8: Финальный список удаления (заполнено после Phase 1, 2026-05-24)
-
-**Финальный список после impact-checks Phase 1 (2026-05-24, субагент grep):**
-
-| Сущность | Решение | Причина | Куда в плане |
-|---|---|---|---|
-| `ProcessWebhookJob.php` | ✅ удаляем | Рудимент, нет caller'ов из живого кода | Task 2.1 |
-| `ProcessWebhookJobTest.php` | ✅ удаляем | Тест удаляемого job'а | Task 2.1 |
-| `WebhookReceiveController.php` | ✅ удаляем целиком | Только use в роуте; в `SupplierWebhookController` и `DealController` — только комментарии | Task 3.1 |
-| `WebhookReceiveTest.php` | ✅ удаляем | Тест удаляемого контроллера | Task 3.1 |
-| Роут `POST /api/webhook/{token}` | ✅ удаляем | Регистрация удаляемого контроллера | Task 3.2 |
-| `WebhookDedupKey.php` (model) | ⚠️ **ОСТАВИТЬ** | **RED FLAG:** `HistoricalImportService` (CSV-канал) активно использует `webhook_dedup_keys` для идемпотентности | — (Task 3.3 ОТМЕНЯЕТСЯ) |
-| `NotificationService::notifyLowBalance` | ✅ удаляем | Единственный caller — `ProcessWebhookJob` | Task 3.5 |
-| `NotificationService::notifyZeroBalance` | ✅ удаляем | Единственный caller — `ProcessWebhookJob` (не путать с `notifyZeroBalancePaused` — оставляем) | Task 3.5 |
-| `LowBalanceNotification` (Mailable) | ✅ удаляем | Используется только в удаляемом `notifyLowBalance` | Task 3.6 |
-| `ZeroBalanceNotification` (Mailable) | ✅ удаляем | Используется только в удаляемом `notifyZeroBalance` (не путать с `ZeroBalancePausedMail` — оставляем) | Task 3.6 |
-| `RejectedDealsLog` (model + table) | ✅ удаляем | Writer только `ProcessWebhookJob`, reader'ов в UI/API нет | Task 3.7 + Task 4.1 |
-| `webhook_log` (partitioned table, 13 партиций) | ✅ DROP | Источник записей — только `ProcessWebhookJob` (0 строк на проде) | Task 4.1 |
-| `webhook_dedup_keys` (table) | ⚠️ **НЕ ДРОПАТЬ** | **RED FLAG:** см. `WebhookDedupKey` выше — таблица жива через `HistoricalImportService` | — (Task 4.1 пропускает) |
-| `tenants.webhook_token` + `webhook_token_rotated_at` | ✅ удаляем | Нет в UI/API, нет в API resources. **NB:** требуется чистка 7+ тестовых файлов (см. Task 3.0 ниже) | Task 3.0 + Task 4.1 |
-| `system_settings.low_balance_threshold_leads` (seed) | ✅ удаляем | Единственный caller — `ProcessWebhookJob` | Task 4.1 |
-
-**Дополнительные правки (открыты impact-check'ом Task 1.6, добавлены в план как Task 3.0):**
-
-`tenants.webhook_token` используется в 7+ тест-файлах вне `WebhookReceiveTest` (через TenantFactory или прямые create-массивы). Перед DROP COLUMN нужно почистить:
-
-- `app/database/factories/TenantFactory.php:25` — `'webhook_token' => Str::random(64)` (убрать из фабрики)
-- `app/app/Models/Tenant.php:34,35,64` — `$fillable` и `$casts` (убрать)
-- `app/tests/Feature/RlsSmokeTest.php:48,55` — create tenant массивы
-- `app/tests/Feature/AdminIncidentShowTest.php:67` — create tenant
-- `app/tests/Feature/AdminBillingActionsTest.php:17` — create tenant
-- `app/tests/Feature/Admin/AdminPdSubjectRequestsControllerTest.php:167` — create tenant
-- `app/tests/Feature/PartitionsCreateMonthsTest.php:103` — create tenant
-- `app/tests/Feature/Console/VerifyAuditChainsTest.php:72` — create tenant
-- `app/tests/Feature/Plan4/Schema/SchemaDeltaTest.php:22` — прямой `INSERT INTO tenants ... webhook_token` (потребует ручной правки SQL)
-- `app/storage/_demo_split_tenants.php:80` — demo-скрипт (не критично, но удалить)
-
-- [ ] **Step 1: Commit обновлённого плана (с финальной таблицей + новой Task 3.0)**
-
-Run в worktree:
-
-```bash
-git add docs/superpowers/plans/2026-05-24-legacy-direct-webhook-removal.md
-git commit -m "docs(billing): план — заполнены impact-checks, найден RED FLAG webhook_dedup_keys"
-```
-
-Expected: коммит проходит, lefthook GREEN.
-
----
-
-## Phase 2 — Удаление core: ProcessWebhookJob + тест
-
-### Task 2.1: Удалить `ProcessWebhookJob` и `ProcessWebhookJobTest`
-
-**Files:**
-
-- Delete: `app/app/Jobs/ProcessWebhookJob.php`
-- Delete: `app/tests/Feature/ProcessWebhookJobTest.php`
-
-- [ ] **Step 1: Зафиксировать baseline регрессии до удаления**
-
-Run в worktree:
-
-```bash
-cd .claude/worktrees/legacy-webhook-removal/app
-php artisan test --parallel 2>&1 | tail -3
-```
-
-Expected: запомнить количество tests / passed / failed. Должно быть ≥1 failed (если есть pre-existing red — задокументировать, не наша проблема).
-
-- [ ] **Step 2: Удалить файлы**
-
-Run:
-
-```bash
-rm app/app/Jobs/ProcessWebhookJob.php
-rm app/tests/Feature/ProcessWebhookJobTest.php
-```
-
-- [ ] **Step 3: Прогнать регрессию — ожидаемо упадут другие тесты**
-
-Run:
-
-```bash
-php artisan test --parallel 2>&1 | tail -20
-```
-
-Expected: упадут тесты, использующие `App\Jobs\ProcessWebhookJob` (class not found). Список — это test-debt от рудимента, который мы лечим в Task 2.2.
-
-- [ ] **Step 4: Зафиксировать список упавших тестов**
-
-Run:
-
-```bash
-php artisan test --parallel 2>&1 | grep -E "FAIL|FAILED" | head -20
-```
-
-Expected: список файлов. Это карта работ для Task 2.2 (а также проверка completeness списка из §2.1 спека).
-
-NB: НЕ коммитим в этом шаге — коммит после Task 2.2 (полное удаление + тесты-каскады в одном коммите).
-
-### Task 2.2: Удалить упоминания `ProcessWebhookJob` из остальных тестов
-
-**Files:**
-
-- Modify: `app/tests/Feature/Pd/DealCreatePdLogTest.php`
-- Modify: `app/tests/Feature/Notifications/BalanceNotificationsTest.php`
-- Modify: `app/tests/Feature/Notifications/NewLeadNotificationTest.php`
-- Modify: `app/tests/Feature/Notifications/InAppNotificationTest.php`
-
-NB: список из §2.1 спека (test-debt частичный); если в Task 2.1 Step 4 нашли ещё файлы — добавить сюда.
-
-- [ ] **Step 1: Открыть каждый файл по очереди, найти тесты с `ProcessWebhookJob`**
-
-Run для первого:
-
-```bash
-grep -n "ProcessWebhookJob" app/tests/Feature/Pd/DealCreatePdLogTest.php
-```
-
-- [ ] **Step 2: В каждом файле — удалить только кейсы (`it('...', ...)`), использующие `ProcessWebhookJob`**
-
-Edit вручную. Если после удаления файл стал пустым (только `<?php` + `use` импорты) — удалить файл целиком.
-
-NB: НЕ удалять кейсы, использующие `RouteSupplierLeadJob` (это шеринг-канал, живой). Кейс может проверять обе модели — оставить часть с шерингом, убрать ассерты по old-prepaid списанию.
-
-Пример (BalanceNotificationsTest.php):
-
-- Кейс «webhook rejection при balance_leads=0» — удалить целиком.
-- Кейс «low_balance threshold-cross trigger через ProcessWebhookJob» — удалить целиком.
-- Кейс «zero_balance_paused при шеринг + балансе 0» — **оставить** (это `RouteSupplierLeadJob`-флоу, живое поведение).
-
-- [ ] **Step 3: Прогнать суиту**
-
-Run:
-
-```bash
-php artisan test --parallel 2>&1 | tail -5
-```
-
-Expected: GREEN (нет class-not-found ошибок).
-
-- [ ] **Step 4: Commit (атомарно Task 2.1 + Task 2.2 — иначе bisect ломается)**
-
-Run:
-
-```bash
-git add -A
-git commit -m "refactor(billing): remove legacy ProcessWebhookJob + cascade test cleanup
-
-Удалён рудимент pre-sharing эпохи: job + 1 dedicated test файл +
-кейсы в 4 файлах NotificationService/PdLog тестов.
-
-Закрытие первой части спека docs/superpowers/specs/2026-05-24-legacy-direct-webhook-removal-design.md"
-```
-
-Expected: lefthook GREEN, коммит проходит.
-
----
-
-## Phase 3 — Удаление обвязки
-
-### Task 3.0: Чистка `webhook_token` из живых тестов и фабрики (добавлено после Phase 1 impact-check)
-
-**Files:**
-
-- Modify: `app/database/factories/TenantFactory.php`
-- Modify: `app/app/Models/Tenant.php`
-- Modify: `app/tests/Feature/RlsSmokeTest.php`
-- Modify: `app/tests/Feature/AdminIncidentShowTest.php`
-- Modify: `app/tests/Feature/AdminBillingActionsTest.php`
-- Modify: `app/tests/Feature/Admin/AdminPdSubjectRequestsControllerTest.php`
-- Modify: `app/tests/Feature/PartitionsCreateMonthsTest.php`
-- Modify: `app/tests/Feature/Console/VerifyAuditChainsTest.php`
-- Modify: `app/tests/Feature/Plan4/Schema/SchemaDeltaTest.php`
-- Modify (opt): `app/storage/_demo_split_tenants.php`
-
-**Контекст:** колонки `tenants.webhook_token` и `webhook_token_rotated_at` исчезнут в Task 4.1. Перед DROP COLUMN все живые тесты/фабрики, явно передающие эти поля, должны прекратить их передавать (иначе после миграции INSERT упадёт на «column does not exist»).
-
-- [ ] **Step 1: Убрать `webhook_token` из `Tenant.php` `$fillable` и `$casts`**
-
-Открыть `app/app/Models/Tenant.php`. Найти строки `34, 35, 64` (по результатам impact-check) — удалить `'webhook_token'` и `'webhook_token_rotated_at'` из массивов `$fillable` и `$casts`.
-
-- [ ] **Step 2: Убрать `webhook_token` из `TenantFactory`**
-
-Открыть `app/database/factories/TenantFactory.php:25`. Удалить строку:
-
-```php
-'webhook_token' => Str::random(64),
-```
-
-(если есть и `webhook_token_rotated_at` в фабрике — тоже удалить).
-
-- [ ] **Step 3: Почистить 7 тест-файлов**
-
-Для каждого файла:
-
-```bash
-grep -n "webhook_token" app/tests/Feature/RlsSmokeTest.php
-```
-
-Удалить строки `'webhook_token' => ...` и `'webhook_token_rotated_at' => ...` из create-массивов в каждом из 7 файлов. Поскольку фабрика тоже почищена (Step 2), тесты использующие `Tenant::factory()->create()` без явных полей сами начнут работать.
-
-Особый случай — `app/tests/Feature/Plan4/Schema/SchemaDeltaTest.php:22`: там прямой SQL `INSERT INTO tenants (..., webhook_token, ...) VALUES (...)`. Удалить из INSERT и колонку, и соответствующее значение.
-
-- [ ] **Step 4: Опционально — почистить demo-скрипт**
-
-`app/storage/_demo_split_tenants.php:80` — это dev-скрипт для split-теста, не продакшен. Если решено его не трогать (один лишний failure при запуске после Phase 4) — пропустить. Иначе удалить строку `'webhook_token' => Str::random(64)`.
-
-- [ ] **Step 5: Прогнать тесты + verify**
-
-```bash
-php artisan test --parallel 2>&1 | tail -5
-grep -rn "webhook_token" app/tests/ app/database/factories/ app/app/Models/Tenant.php | head -10
-```
-
-Expected: тесты GREEN. Grep — 0 матчей (либо только в комментариях).
-
-NB: тесты пройдут с **существующими** колонками `webhook_token` в БД (мы их пока не дропали — это Task 4.1). После Task 4.1 они продолжат проходить, потому что больше не используют эти поля.
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add -A
-git commit -m "refactor(billing): cleanup tenants.webhook_token from factories + 7 tests (pre-DROP)"
-```
-
-### Task 3.1: Удалить `WebhookReceiveController` (если impact-check ✅) + тест
-
-**Files:**
-
-- Delete (conditional): `app/app/Http/Controllers/Api/WebhookReceiveController.php` (только если Task 1.1 → ✅)
-- Delete: `app/tests/Feature/WebhookReceiveTest.php`
-
-- [ ] **Step 1: Удалить файлы**
-
-Run:
-
-```bash
-rm app/tests/Feature/WebhookReceiveTest.php
-# Только если Task 1.1 → ✅:
-rm app/app/Http/Controllers/Api/WebhookReceiveController.php
-```
-
-- [ ] **Step 2: Прогнать тесты**
-
-```bash
-php artisan test --parallel 2>&1 | tail -5
-```
-
-Expected: GREEN. Если RED по `WebhookReceiveController` not found — значит роут ещё ссылается (это нормально, удалим в Task 3.2).
-
-- [ ] **Step 3: Commit (вместе с Task 3.2 — иначе ломается роут на класс)**
-
-Не коммитим, продолжаем в Task 3.2.
-
-### Task 3.2: Удалить роут `POST /api/webhook/{token}`
-
-**Files:**
-
-- Modify: `app/routes/web.php`
-
-- [ ] **Step 1: Открыть `app/routes/web.php` около строки 273-277**
-
-- [ ] **Step 2: Удалить 4 строки**
-
-Удалить блок:
-
-```php
-// Receive endpoint для входящих webhook'ов (narrative §5.5).
-// Auth — по `tenants.webhook_token` в URL (без middleware, проверка внутри controller).
-Route::post('/api/webhook/{token}', 'App\Http\Controllers\Api\WebhookReceiveController@receive')
-    ...;
-```
-
-NB: оставить новый supplier-роут `POST /api/webhook/supplier/{secret}` (строки 279-283) — это другой канал.
-
-- [ ] **Step 3: Прогнать тесты + Larastan**
-
-```bash
-php artisan test --parallel 2>&1 | tail -5
-cd app && composer stan 2>&1 | tail -5
-```
-
-Expected: GREEN. Если Larastan baseline дрейфит из-за удаления класса — обновить baseline:
-
-```bash
-cd app && php vendor/bin/phpstan analyse --generate-baseline phpstan-baseline.neon
-```
-
-- [ ] **Step 4: Verify — `route:list` не показывает legacy роут**
-
-```bash
-cd app && php artisan route:list 2>&1 | grep webhook
-```
-
-Expected: только `POST api/webhook/supplier/{secret}` (новый канал), `POST api/webhooks/test` (исходящий webhook test). НЕ должно быть `POST api/webhook/{token}`.
-
-- [ ] **Step 5: Commit (Task 3.1 + 3.2 атомарно)**
-
-```bash
-git add -A
-git commit -m "refactor(billing): remove legacy WebhookReceiveController + POST /api/webhook/{token} route
-
-Закрытие публичного эндпоинта прямого приёма (использовался ProcessWebhookJob,
-который уже удалён). Шеринг-канал /api/webhook/supplier/{secret} не затронут."
-```
-
-### Task 3.3: ~~Удалить модель WebhookDedupKey~~ — **ОТМЕНЕНА** (Phase 1 RED FLAG)
-
-**Решение Phase 1 (impact-check Task 1.5):** оставить `WebhookDedupKey.php` и таблицу `webhook_dedup_keys` — они **активно используются** `App\Services\Import\HistoricalImportService` для идемпотентности CSV-импорта (резервный канал, явно out of scope по §2.2 спека).
-
-После удаления `ProcessWebhookJob` в Task 2.1, у `WebhookDedupKey` останется один caller — `HistoricalImportService`. Это нормально. Никаких правок не требуется.
-
-Перейти к Task 3.4.
-
-### Task 3.4: Удалить `RejectedDealsLog` модель (conditional)
-
-**Files:**
-
-- Delete (conditional): `app/app/Models/RejectedDealsLog.php` (только если Task 1.4 → ✅)
-
-- [ ] **Step 1: Если Task 1.4 → ✅, удалить файл**
-
-```bash
-rm app/app/Models/RejectedDealsLog.php
-```
-
-Если Task 1.4 → ⚠️ — пропустить эту задачу.
-
-- [ ] **Step 2: Verify нет orphan ссылок**
-
-```bash
-grep -rn "RejectedDealsLog" app/
-```
-
-Expected: пусто.
-
-- [ ] **Step 3: Прогнать тесты**
-
-```bash
-php artisan test --parallel 2>&1 | tail -5
-```
-
-Expected: GREEN.
-
-- [ ] **Step 4: Commit (только если что-то удаляли)**
-
-```bash
-git add -A
-git commit -m "refactor(billing): remove RejectedDealsLog model (legacy, no readers)"
-```
-
-### Task 3.5: Удалить методы `notifyLowBalance` / `notifyZeroBalance` (conditional)
-
-**Files:**
-
-- Modify (conditional): `app/app/Services/NotificationService.php` (только если Task 1.2 → ✅)
-
-- [ ] **Step 1: Если Task 1.2 → ✅, удалить методы**
-
-Открыть `NotificationService.php`, удалить методы `notifyLowBalance` и `notifyZeroBalance` целиком (НЕ путать с `notifyZeroBalancePaused` — оставить).
-
-Если есть `use App\Mail\LowBalanceNotification` / `use App\Mail\ZeroBalanceNotification` — удалить эти `use`-импорты (если методы удалены).
-
-- [ ] **Step 2: Verify нет orphan ссылок**
-
-```bash
-grep -rn "notifyLowBalance\b\|notifyZeroBalance\b" app/ | grep -v "Paused"
-```
-
-Expected: пусто.
-
-- [ ] **Step 3: Прогнать тесты + Larastan**
-
-```bash
-php artisan test --parallel 2>&1 | tail -5
-cd app && composer stan 2>&1 | tail -5
-```
-
-Expected: GREEN.
-
-- [ ] **Step 4: Commit**
-
-```bash
-git add -A
-git commit -m "refactor(billing): remove NotificationService::notifyLowBalance/notifyZeroBalance (legacy)"
-```
-
-### Task 3.6: Удалить Mailable классы `LowBalanceNotification` / `ZeroBalanceNotification` (conditional)
-
-**Files:**
-
-- Delete (conditional): `app/app/Mail/LowBalanceNotification.php` (только если Task 1.3 → ✅)
-- Delete (conditional): `app/app/Mail/ZeroBalanceNotification.php` (только если Task 1.3 → ✅)
-
-- [ ] **Step 1: Если Task 1.3 → ✅, удалить файлы**
-
-```bash
-rm app/app/Mail/LowBalanceNotification.php
-rm app/app/Mail/ZeroBalanceNotification.php
-```
-
-NB: `ZeroBalancePausedMail.php` НЕ удаляем (это другой класс, используется шеринг-флоу).
-
-- [ ] **Step 2: Удалить blade-шаблоны (если есть)**
-
-```bash
-ls app/resources/views/emails/billing/ 2>&1 | grep -iE "low.balance|zero.balance"
-```
-
-Если найдены `low_balance*.blade.php` / `zero_balance*.blade.php` (без `paused`) — удалить.
-
-- [ ] **Step 3: Verify**
-
-```bash
-grep -rn "LowBalanceNotification\|ZeroBalanceNotification" app/ | grep -v "Paused"
-```
-
-Expected: пусто.
-
-- [ ] **Step 4: Прогнать тесты**
-
-```bash
-php artisan test --parallel 2>&1 | tail -5
-```
-
-Expected: GREEN.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add -A
-git commit -m "refactor(billing): remove LowBalanceNotification/ZeroBalanceNotification mailables (legacy)"
-```
-
-### Task 3.7: Финальная регрессия Phase 3
-
-**Files:** нет
-
-- [ ] **Step 1: Полная регрессия (Pest + Larastan + Pint)**
-
-```bash
-cd .claude/worktrees/legacy-webhook-removal/app
-php artisan test --parallel 2>&1 | tail -5
-composer stan 2>&1 | tail -5
-composer pint -- --test 2>&1 | tail -5
-```
-
-Expected: всё GREEN. Если Larastan ругается — обновить baseline (см. Task 3.2 Step 3).
-
-- [ ] **Step 2: Verify нет orphan ссылок на legacy**
-
-```bash
-grep -rn "ProcessWebhookJob\|WebhookReceiveController" app/
-```
-
-Expected: пусто.
-
-**NB:** `WebhookDedupKey` ИЗ grep-команды исключён — он остаётся живым (Task 1.5 RED FLAG, использует CSV-канал). Проверять отдельно:
-
-```bash
-grep -rn "WebhookDedupKey\|webhook_dedup_keys" app/ | grep -v Import
-```
-
-Expected: пусто (все use вне CSV-импорта удалены). Если что-то осталось — добавить inline-задачу.
-
-- [ ] **Step 3: Без коммита (он был в каждом step'е), переходим к Phase 4**
-
----
-
-## Phase 4 — Миграция БД (одна атомарная)
-
-### Task 4.1: Написать DROP-миграцию
-
-**Files:**
-
-- Create: `app/database/migrations/2026_05_24_140000_drop_legacy_webhook_artefacts.php`
-
-- [ ] **Step 1: Создать файл миграции**
-
-Содержимое (адаптировать `down()` и conditional блоки под результаты impact-checks):
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Database\Migrations\Migration;
-use Illuminate\Database\Schema\Blueprint;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Schema;
-
-return new class extends Migration
-{
-    /**
-     * Удаление legacy-артефактов прямого webhook-канала.
-     *
-     * Spec: docs/superpowers/specs/2026-05-24-legacy-direct-webhook-removal-design.md
-     *
-     * Что удаляем (финальный список по результатам Phase 1 impact-checks):
-     *   - webhook_log (partitioned, 13 партиций) — пустая на проде, источник = только удалённый ProcessWebhookJob
-     *   - rejected_deals_log — writer только ProcessWebhookJob, нет readers
-     *   - tenants.webhook_token + tenants.webhook_token_rotated_at — нет в UI/API, тесты почищены в Task 3.0
-     *   - system_settings.low_balance_threshold_leads (seed) — только legacy
-     *
-     * Что НЕ удаляем (Phase 1 RED FLAG):
-     *   - webhook_dedup_keys — таблица АКТИВНО используется HistoricalImportService (CSV-канал)
-     *     для идемпотентности повторных импортов. Дропать = сломать резервный канал.
-     *
-     * pgsql_supplier connection — BYPASSRLS-роль crm_supplier_worker (паттерн Спека B):
-     * под обычной crm_app_user DROP/ALTER без app.current_tenant_id GUC не пройдёт.
-     */
-    public function up(): void
-    {
-        $conn = DB::connection('pgsql_supplier');
-
-        // Partitioned table — DROP TABLE каскадит партиции.
-        $conn->statement('DROP TABLE IF EXISTS webhook_log CASCADE');
-
-        // NB: webhook_dedup_keys НЕ дропаем — Phase 1 RED FLAG, живой через HistoricalImportService.
-
-        // RejectedDealsLog (Task 1.4 → ✅ — нет readers):
-        $conn->statement('DROP TABLE IF EXISTS rejected_deals_log CASCADE');
-
-        // tenants.webhook_token + webhook_token_rotated_at (Task 1.6 → ✅ — нет UI; тесты почищены в Task 3.0):
-        $conn->statement('ALTER TABLE tenants DROP COLUMN IF EXISTS webhook_token, DROP COLUMN IF EXISTS webhook_token_rotated_at');
-
-        // system_settings.low_balance_threshold_leads (Task 1.7 → ✅ — только legacy seed):
-        $conn->statement("DELETE FROM system_settings WHERE key = 'low_balance_threshold_leads'");
-    }
-
-    /**
-     * Откат — пересоздать структуру (бессмысленно для прод-restore: данные восстанавливаются из pg_dump backup).
-     * Этот метод нужен только для dev migrate:rollback, чтобы не падать.
-     */
-    public function down(): void
-    {
-        $conn = DB::connection('pgsql_supplier');
-
-        // НЕ восстанавливаем структуру — пустая заглушка, чтобы rollback не падал.
-        // Прод-restore — из pg_dump backup (см. runbook docs/deploy/test-server-runbook.md).
-    }
-};
-```
-
-- [ ] **Step 2: Применить в worktree (testing БД)**
-
-```bash
-cd .claude/worktrees/legacy-webhook-removal/app
-php artisan migrate --env=testing
-```
-
-Expected: миграция применилась, нет ошибок. Если падает с `permission denied` — проверить, что используется `pgsql_supplier` connection.
-
-- [ ] **Step 3: Verify в БД**
-
-```bash
-psql $DATABASE_URL -c "\dt webhook_log* rejected_deals_log" 2>&1
-psql $DATABASE_URL -c "\dt webhook_dedup_keys" 2>&1  # должна ОСТАТЬСЯ (RED FLAG)
-psql $DATABASE_URL -c "\d tenants" 2>&1 | grep webhook
-psql $DATABASE_URL -c "SELECT * FROM system_settings WHERE key LIKE 'low_balance%'" 2>&1
-```
-
-Expected:
-
-- `\dt webhook_log*` → empty (нет таблицы и партиций).
-- `\dt webhook_dedup_keys` → 1 row (таблица ЖИВА, RED FLAG из Phase 1 — оставлена для CSV-канала).
-- `\dt rejected_deals_log` → empty (если Task 1.4 → ✅).
-- `\d tenants | grep webhook` → пусто (если Task 1.6 → ✅).
-- `low_balance_threshold_leads` → 0 rows (если Task 1.7 → ✅).
-
-- [ ] **Step 4: Прогнать ВСЕ тесты на свежей миграции**
-
-```bash
-php artisan migrate:fresh --env=testing
-php artisan test --parallel 2>&1 | tail -5
-```
-
-Expected: GREEN. Если падает — значит какой-то живой тест ссылается на удалённую таблицу/колонку → расследовать.
-
-- [ ] **Step 5: Commit миграции**
-
-```bash
-git add app/database/migrations/2026_05_24_140000_drop_legacy_webhook_artefacts.php
-git commit -m "db(billing): миграция — DROP legacy webhook артефактов"
-```
-
-### Task 4.2: Обновить `db/schema.sql` baseline
-
-**Files:**
-
-- Modify: `db/schema.sql`
-
-- [ ] **Step 1: Найти удаляемые блоки**
-
-Открыть `db/schema.sql`. Найти и удалить:
-
-- `CREATE TABLE webhook_log` (партиционированная) + все 13 `CREATE TABLE webhook_log_yYYYY_mMM` + их индексы.
-- `CREATE TABLE webhook_dedup_keys` + индексы — **НЕ удалять из baseline** (таблица живая, RED FLAG из Phase 1).
-- `CREATE TABLE rejected_deals_log` (если Task 1.4 → ✅) + индексы.
-- Из `CREATE TABLE tenants` — удалить колонки `webhook_token` и `webhook_token_rotated_at` (если Task 1.6 → ✅).
-- Из seed `INSERT INTO system_settings` — удалить строку `low_balance_threshold_leads` (если Task 1.7 → ✅).
-- Из `CREATE POLICY` / `CREATE INDEX` — удалить упоминания удалённых таблиц.
-
-- [ ] **Step 2: Verify schema.sql применяется в чистую БД**
-
-```bash
-# Создать пустую БД, применить schema.sql, прогнать миграции pending
-createdb test_schema_baseline
-psql test_schema_baseline < db/schema.sql
-cd app && DATABASE_URL=postgres://...test_schema_baseline php artisan migrate --pretend
-dropdb test_schema_baseline
-```
-
-Expected: `pretend` показывает что pending миграций нет (schema.sql полностью покрывает текущее состояние). Если есть pending — что-то в schema.sql упущено, поправить.
-
-- [ ] **Step 3: Обновить header `db/schema.sql`**
-
-Открыть `db/schema.sql:1-10`, обновить счётчики (минус 2 таблицы основные + 13 партиций + 1 conditional, минус 2 колонки в tenants). Точные числа — после Step 1.
-
-- [ ] **Step 4: Запись в `db/CHANGELOG_schema.md`**
-
-Добавить запись:
-
-```markdown
-## v8.XX от 2026-05-24 — Legacy webhook removal
-
-- **DROP**: `webhook_log` (partitioned, 13 партиций), `rejected_deals_log`. **NB:** `webhook_dedup_keys` НЕ удаляется — Phase 1 RED FLAG.
-- **ALTER**: `tenants` — DROP COLUMN `webhook_token`, `webhook_token_rotated_at` (conditional).
-- **DELETE seed**: `system_settings.low_balance_threshold_leads` (conditional).
-
-См. spec: `docs/superpowers/specs/2026-05-24-legacy-direct-webhook-removal-design.md`.
-Миграция: `2026_05_24_140000_drop_legacy_webhook_artefacts.php`.
-```
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add db/schema.sql db/CHANGELOG_schema.md
-git commit -m "db(schema): sync baseline — drop legacy webhook tables/columns"
-```
-
----
-
-## Phase 5 — Финальная регрессия + Code Review
-
-### Task 5.1: Полная регрессия
-
-**Files:** нет
-
-- [ ] **Step 1: Полный прогон — Pest + Larastan + Pint + Vitest + Vite build + lefthook checks**
-
-В worktree:
-
-```bash
-cd .claude/worktrees/legacy-webhook-removal/app
-
-# Backend
-php artisan test --parallel 2>&1 | tail -5
-composer stan 2>&1 | tail -5
-composer pint -- --test 2>&1 | tail -5
-
-# Frontend (если задеваем — не должно)
-npm run test:vue 2>&1 | tail -5
-npm run build 2>&1 | tail -5
-
-cd ..
-# Корневые проверки
-npm run lint:md 2>&1 | tail -5
-npm run links 2>&1 | tail -5
-```
-
-Expected: всё GREEN. Любой RED — расследовать, не оставлять.
-
-- [ ] **Step 2: Verify deptrac (architecture fitness)**
-
-```bash
-cd .claude/worktrees/legacy-webhook-removal/app
-composer deptrac 2>&1 | tail -10
-```
-
-Expected: 0 нарушений.
-
-- [ ] **Step 3: Запустить regression skill**
-
-REQUIRED SUB-SKILL: `regression` (full mode).
-
-Run: `/regression full`
-
-Expected: вердикт **GREEN**.
-
-### Task 5.2: Запросить subagent code-review
-
-**Files:** нет
-
-- [ ] **Step 1: REQUIRED SUB-SKILL: `superpowers:requesting-code-review`**
-
-Дать ревьюеру:
-
-- Diff с main: `git diff origin/main..feat/legacy-webhook-removal`
-- Спек: `docs/superpowers/specs/2026-05-24-legacy-direct-webhook-removal-design.md`
-- План: `docs/superpowers/plans/2026-05-24-legacy-direct-webhook-removal.md`
-
-Фокус ревью:
-
-1. Нет ли удалений, ломающих живой код (шеринг-канал / CSV reconcile / админка)?
-2. Все ли impact-checks выполнены и зафиксированы (Phase 1)?
-3. Atomic-коммиты — каждый отдельно собирается и тесты GREEN?
-4. Миграция — есть ли `IF EXISTS` для идемпотентности?
-
-- [ ] **Step 2: Исправить замечания, если есть**
-
-Каждое замечание — отдельный мелкий fixup-коммит.
-
----
-
-## Phase 6 — Merge в main + деплой на боевой
-
-### Task 6.1: Merge feat/legacy-webhook-removal → main
-
-**Files:** нет
-
-- [ ] **Step 1: Pre-flight sync (Pravila §15.2)**
-
-В worktree:
-
-```bash
-git fetch origin
-git log feat/legacy-webhook-removal..origin/main --oneline
-```
-
-Expected: пусто (main не ушёл вперёд). Если что-то есть — rebase на свежий main, ре-регрессия.
-
-- [ ] **Step 2: Push ветки**
-
-```bash
-git push -u origin feat/legacy-webhook-removal
-```
-
-- [ ] **Step 3: FF-merge в main (без PR на GitHub, прямой push)**
-
-```bash
-git checkout main
-git pull origin main
-git merge --ff-only feat/legacy-webhook-removal
-git push origin main
-```
-
-Expected: FF без конфликтов.
-
-### Task 6.2: Деплой на боевой liderra.ru
-
-**Files:** нет (SSH-операция)
-
-REQUIRED REFERENCE: `docs/deploy/test-server-runbook.md` + memory `ПИЛОТ.md`.
-
-- [ ] **Step 1: Бэкап перед миграцией**
-
-```bash
-ssh -i ~/.ssh/liderra_deploy ubuntu@111.88.246.137 \
-  'sudo -u postgres pg_dump liderra > /home/ubuntu/deploy-backups/liderra-schema-pre-legacy-webhook-removal-$(date +%Y%m%d-%H%M%S).sql'
-```
-
-Expected: файл создан в `/home/ubuntu/deploy-backups/`.
-
-- [ ] **Step 2: Деплой кода (scp + tar + redeploy.sh)**
-
-```bash
-# Из локального main (после merge):
-git archive feat/legacy-webhook-removal | ssh -i ~/.ssh/liderra_deploy ubuntu@111.88.246.137 \
-  'cd /var/www/liderra && sudo tar -xf - && sudo bash redeploy.sh'
-```
-
-Expected: composer install no-op, migrate применяет одну миграцию (legacy DROP), cache rebuild, php-fpm reload.
-
-- [ ] **Step 3: Smoke на проде**
-
-```bash
-ssh -i ~/.ssh/liderra_deploy ubuntu@111.88.246.137 'sudo -u postgres psql -d liderra <<EOF
-SELECT table_name FROM information_schema.tables WHERE table_name IN ('webhook_log', 'rejected_deals_log');
--- ожидается: 0 rows (webhook_dedup_keys НЕ проверяем — она ОСТАЛАСЬ для CSV-канала)
-SELECT column_name FROM information_schema.columns WHERE table_name='tenants' AND column_name LIKE 'webhook_%';
-EOF'
-
-curl -X POST https://liderra.ru/api/webhook/test-token -d '{}' -i 2>&1 | head -3
-curl -X POST https://liderra.ru/api/webhook/supplier/test -d '{}' -i 2>&1 | head -3
-```
-
-Expected:
-
-- SQL: 0 строк в обоих запросах (всё удалено).
-- `/api/webhook/{token}` → **404**.
-- `/api/webhook/supplier/{secret}` → **403/401** (auth fail на тестовом secret, но роут существует) — это OK, шеринг-канал жив.
-
-- [ ] **Step 4: Обновить ПИЛОТ.md**
-
-Добавить entry в ПИЛОТ.md (через `revise-claude-md` или прямой Edit — следуя Pravila §5.10 worktree-эксцепшну).
-
-- [ ] **Step 5: Commit ПИЛОТ.md**
-
-```bash
-git add ПИЛОТ.md
-git commit -m "docs(pilot): legacy webhook removal — выкачено на боевой $(date +%Y-%m-%d)"
-git push origin main
-```
-
-### Task 6.3: 7-дневное наблюдение
-
-**Files:** нет
-
-- [ ] **Step 1: Сразу после деплоя — мониторинг 1 час**
-
-Проверять каждые 15 минут:
-
-```bash
-ssh -i ~/.ssh/liderra_deploy ubuntu@111.88.246.137 \
-  'sudo journalctl -u liderra-queue --since "15 min ago" --no-pager | tail -20'
-```
-
-Expected: 0 errors, обычная активность шеринг-канала.
-
-- [ ] **Step 2: 1 день — проверить nginx access log**
-
-```bash
-ssh -i ~/.ssh/liderra_deploy ubuntu@111.88.246.137 \
-  'sudo grep "POST /api/webhook/" /var/log/nginx/access.log | grep -v "supplier" | head -20'
-```
-
-Expected: пусто или единичные 404 от случайных сканеров. Если кто-то реально начнёт долбиться (что маловероятно: 0 за всю историю) — это сигнал к ретроспективе, но не блокер.
-
-- [ ] **Step 3: 7 дней — обновить memory project_billing_v2.md**
-
-После 7-дневного наблюдения без инцидентов — добавить запись в `memory/project_billing_v2.md` о закрытии legacy webhook removal. **Снять блокер для Спека A Phase B** — пометить, что окно открыто.
-
-### Task 6.4: Cleanup worktree
-
-**Files:** нет
-
-- [ ] **Step 1: После наблюдения — удалить worktree**
-
-```bash
-git worktree remove .claude/worktrees/legacy-webhook-removal
-git branch -D feat/legacy-webhook-removal  # local
-git push origin --delete feat/legacy-webhook-removal  # remote
-```
-
-Expected: worktree удалён, ветки нет.
-
----
-
-## Self-Review (заполнено перед commit плана)
-
-**Spec coverage (sweep по §-секциям спека):**
-
-- §1 контекст → объяснён в «Контекст для исполнителя» + Phase 0.
-- §2.1 что удаляем → Tasks 2.1, 3.1-3.6, 4.1.
-- §2.2 что НЕ трогаем → явные NB в Tasks 2.2 (notifyZeroBalancePaused), 3.6 (ZeroBalancePausedMail), 4.1 (failed_webhook_jobs/SupplierLeadCost/MonthlyPartitionManager не упоминаются).
-- §3 impact-checks → Phase 1 целиком (Tasks 1.1-1.8).
-- §4.1 главный инвариант → Task 5.1.
-- §4.2 что меняется в публичном API → Task 6.2 smoke (404).
-- §4.3 откатываемость → Task 6.2 backup + Task 4.1 down() заглушка.
-- §4.4 совместимость со Спеком A/B/C → Task 6.3 (снять блокер Phase B).
-- §5 тестирование → Phase 5 + Phase 6 smoke.
-- §6 выкатка → Phase 6.
-
-**Placeholder scan:** проверено, нет TBD/TODO/«similar to», все шаги конкретные.
-
-**Type consistency:** имена классов (`ProcessWebhookJob`, `WebhookReceiveController`, `WebhookDedupKey`, `RejectedDealsLog`, `LowBalanceNotification`, `ZeroBalanceNotification`, `ZeroBalancePausedMail`) единообразны между задачами.
-
-**Conditional consistency:** все conditional-задачи ссылаются на правильные impact-checks (Task 1.X), решение фиксируется в Task 1.8.
-
----
-
-## Связано
-
-- Спек: [docs/superpowers/specs/2026-05-24-legacy-direct-webhook-removal-design.md](../specs/2026-05-24-legacy-direct-webhook-removal-design.md)
-- Спек A (Phase B blocked by this plan): [docs/superpowers/specs/2026-05-23-billing-v2-spec-a-balance-rub-design.md](../specs/2026-05-23-billing-v2-spec-a-balance-rub-design.md)
-- Memory: `project_billing_v2.md` (обновить после Task 6.3).
-- Memory: `ПИЛОТ.md` (обновить в Task 6.2 Step 4).
-- Runbook: `docs/deploy/test-server-runbook.md` (бэкап + redeploy).
-- Pravila §15.1 (subagent git safety) / §15.2 (pre-flight sync).
diff --git a/docs/superpowers/plans/2026-05-25-supplier-webhook-phase-1-json-422.md b/docs/superpowers/plans/2026-05-25-supplier-webhook-phase-1-json-422.md
deleted file mode 100644
index e0f2686..0000000
--- a/docs/superpowers/plans/2026-05-25-supplier-webhook-phase-1-json-422.md
+++ /dev/null
@@ -1,355 +0,0 @@
-# Phase 1: Always JSON 422 for webhook validation errors
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Webhook `/api/webhook/supplier/*` ВСЕГДА возвращает JSON 422 на ValidationException, никогда не редиректит на `/`. Закрывает ~76 потерянных лидов сутки в логах nginx.
-
-**Architecture:** Один `withExceptions()` render-callback в `bootstrap/app.php`: для запросов матчащих `api/webhook/supplier/*` отдаём `response()->json(['message','errors'], 422)`. Для остальных — `return null` (дефолт). Существующие тесты остаются valid, добавляется один новый тест с `Accept: text/html` (имитация реального поставщика).
-
-**Tech Stack:** Laravel 13 / Pest 4 / PHP 8.3
-
-**Spec:** `docs/superpowers/specs/2026-05-25-supplier-webhook-reliability-design.md` §3 Phase 1
-**Ветка:** `feat/supplier-webhook-fixes` (создана)
-
----
-
-## File Structure
-
-**Создать:**
-- `app/tests/Feature/Http/Webhook/SupplierWebhookValidationFormatTest.php` — единственный новый тест, фиксирующий формат ответа для не-JSON Accept
-
-**Изменить:**
-- `app/bootstrap/app.php` — добавить `$exceptions->render(...)` для ValidationException
-
-**Не трогать:**
-- `SupplierWebhookController.php` — логика валидации не меняется
-- Существующие `SupplierWebhookTest.php` — все `postJson()` тесты продолжают работать
-
----
-
-## Task 1: Failing test — webhook returns 422 JSON for non-JSON-Accept clients
-
-**Files:**
-- Create: `app/tests/Feature/Http/Webhook/SupplierWebhookValidationFormatTest.php`
-
-- [ ] **Step 1: Write the failing test**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\SystemSetting;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-
-uses(DatabaseTransactions::class);
-
-beforeEach(function () {
-    SystemSetting::query()
-        ->where('key', 'supplier_webhook_secret')
-        ->update(['value' => 'test-secret-32chars-aaaaaaaaaaaaaa']);
-    SystemSetting::query()
-        ->where('key', 'supplier_ip_allowlist')
-        ->update(['value' => '[]']);
-});
-
-it('returns 422 JSON when supplier posts invalid payload WITHOUT Accept: application/json header', function () {
-    // Воспроизводит реальное поведение crm.bp-gr.ru: POST без Accept-JSON.
-    // До фикса (302→422) Laravel редиректил на / с Set-Cookie, поставщик
-    // терял тело запроса. После фикса всегда JSON.
-    $response = $this->call(
-        'POST',
-        '/api/webhook/supplier/test-secret-32chars-aaaaaaaaaaaaaa',
-        [], // params
-        [], // cookies
-        [], // files
-        ['HTTP_CONTENT_TYPE' => 'application/x-www-form-urlencoded'], // server: НЕТ Accept JSON
-        http_build_query([
-            'vid' => 1,
-            'project' => 'invalid_no_b_prefix',
-            'phone' => '79991234567',
-            'time' => time(),
-        ])
-    );
-
-    $response->assertStatus(422);
-    expect($response->headers->get('Content-Type'))->toContain('application/json');
-    $response->assertJsonStructure(['message', 'errors' => ['project']]);
-});
-
-it('still works correctly for postJson clients (regression)', function () {
-    $response = $this->postJson('/api/webhook/supplier/test-secret-32chars-aaaaaaaaaaaaaa', [
-        'vid' => 1,
-        'project' => 'invalid_no_b_prefix',
-        'phone' => '79991234567',
-        'time' => time(),
-    ]);
-
-    $response->assertStatus(422)->assertJsonValidationErrors('project');
-});
-
-it('non-webhook routes still use default render (no JSON forced)', function () {
-    // Регрессионный тест: дефолтный render остальных routes не сломан
-    // (например /login — должен возвращать redirect, а не JSON).
-    $response = $this->call(
-        'POST',
-        '/login',
-        ['email' => 'bad', 'password' => ''],
-        [], [], [],
-    );
-    // Любой не-200 кроме 422-JSON допустим — главное чтобы наш fix не перехватил
-    expect($response->headers->get('Content-Type'))->not->toContain('application/json');
-});
-```
-
-- [ ] **Step 2: Run test to verify it fails**
-
-```
-cd app && ./vendor/bin/pest tests/Feature/Http/Webhook/SupplierWebhookValidationFormatTest.php
-```
-
-Expected: тест #1 (non-JSON Accept) FAIL с status=302 (или Content-Type=text/html), потому что ValidationException рендерится через redirect.
-
-- [ ] **Step 3: Commit failing test**
-
-```bash
-git add app/tests/Feature/Http/Webhook/SupplierWebhookValidationFormatTest.php
-git commit -m "test(supplier-webhook): assert JSON 422 for non-JSON Accept clients (failing)
-
-Reproduces 302-redirect bug observed on prod 2026-05-25 — when supplier
-crm.bp-gr.ru POSTs without Accept: application/json, Laravel renders
-ValidationException as redirect to /, losing body. Test calls webhook
-without Accept header and asserts JSON 422 response. Will fail until
-bootstrap/app.php has render(ValidationException) for api/webhook/supplier/*."
-```
-
----
-
-## Task 2: Implement bootstrap render — force JSON 422 for webhook routes
-
-**Files:**
-- Modify: `app/bootstrap/app.php` (lines 35-48 — withExceptions block)
-
-- [ ] **Step 1: Add ValidationException render in bootstrap/app.php**
-
-В `withExceptions` callback (после существующего `QueryException` render) добавить новый render для `ValidationException`:
-
-```php
-->withExceptions(function (Exceptions $exceptions): void {
-    $exceptions->render(function (QueryException $e, Request $request) {
-        // ... existing code, не менять ...
-    });
-
-    // Supplier webhook always returns JSON, even when client omits Accept header.
-    // Without this render, Laravel's default ValidationException handler returns
-    // 302 redirect to /, which strips POST body — losing supplier leads.
-    // Confirmed 2026-05-25: 76 of 234 webhook hits today got 302 instead of 422.
-    $exceptions->render(function (\Illuminate\Validation\ValidationException $e, Request $request) {
-        if ($request->is('api/webhook/supplier/*')) {
-            return response()->json([
-                'message' => 'Validation failed',
-                'errors' => $e->errors(),
-            ], 422);
-        }
-        return null; // default render for other routes
-    });
-});
-```
-
-NB: `use Illuminate\Validation\ValidationException;` — не нужен, используем FQN inline чтобы не трогать existing imports section.
-
-- [ ] **Step 2: Run new test to verify it passes**
-
-```
-cd app && ./vendor/bin/pest tests/Feature/Http/Webhook/SupplierWebhookValidationFormatTest.php
-```
-
-Expected: все 3 теста PASS.
-
-- [ ] **Step 3: Run full webhook test suite (regression)**
-
-```
-cd app && ./vendor/bin/pest tests/Feature/Http/Webhook/SupplierWebhookTest.php tests/Feature/Http/Webhook/SupplierWebhookValidationFormatTest.php
-```
-
-Expected: все тесты (≥14 в обоих файлах) PASS. Особенно проверить что `'rejects invalid project format (no B[123]_ prefix) with 422'` (line 95 в SupplierWebhookTest.php) продолжает PASS — он использует `postJson()`, поэтому новый render для него не сработает (default handler уже даёт 422 для JSON Accept), но мы не должны его сломать.
-
-- [ ] **Step 4: Commit implementation**
-
-```bash
-git add app/bootstrap/app.php
-git commit -m "fix(supplier-webhook): always return JSON 422 on ValidationException
-
-Adds withExceptions render callback for ValidationException that forces
-JSON 422 response when request matches api/webhook/supplier/* — regardless
-of Accept header. Default Laravel behavior is 302 redirect for non-JSON
-clients, which strips POST body.
-
-Observed on prod 2026-05-25: 76 of 234 supplier webhook hits got 302 (Location: /),
-mostly for non-B-prefix projects (client.carmoney.ru, cabinet.caranga.ru,
-cashmotor.ru). Supplier doesn't follow 302 redirects on POST, so the
-lead body is lost. This fix ensures supplier always sees a meaningful
-422 with errors[] instead of a redirect.
-
-Other routes unaffected (render returns null for non-webhook URLs)."
-```
-
----
-
-## Task 3: Reproduce on staging-clone or local — manual smoke
-
-**Files:**
-- Test: manual curl (no file)
-
-- [ ] **Step 1: Run dev server locally (if available) or skip to Task 4**
-
-Если на машине поднят `php artisan serve --port=8000`:
-```bash
-cd app && php artisan serve --port=8000 &
-sleep 2
-```
-
-- [ ] **Step 2: POST without Accept header — assert 422 JSON**
-
-```bash
-curl -sk -X POST \
-  -H "Content-Type: application/x-www-form-urlencoded" \
-  -d 'vid=1&project=invalid_no_b_prefix&phone=79991234567&time='$(date +%s) \
-  http://localhost:8000/api/webhook/supplier/test-secret-32chars-aaaaaaaaaaaaaa \
-  -w "\nSTATUS: %{http_code}\nCT: %{content_type}\n"
-```
-
-Expected: `STATUS: 422`, `CT: application/json`, тело содержит `"errors":{"project":...}`.
-
-- [ ] **Step 3: POST with Accept: application/json — same result (regression)**
-
-```bash
-curl -sk -X POST \
-  -H "Accept: application/json" -H "Content-Type: application/json" \
-  -d '{"vid":1,"project":"invalid_no_b_prefix","phone":"79991234567","time":'$(date +%s)'}' \
-  http://localhost:8000/api/webhook/supplier/test-secret-32chars-aaaaaaaaaaaaaa \
-  -w "\nSTATUS: %{http_code}\n"
-```
-
-Expected: `STATUS: 422`, JSON body.
-
-- [ ] **Step 4: Stop server (если запускал)**
-
-```bash
-pkill -f 'artisan serve' || true
-```
-
-Если dev-сервер не поднимается на этой машине — пропустить Task 3, прод-smoke в Task 5 покроет.
-
----
-
-## Task 4: Regression — quick mode
-
-**Files:**
-- None
-
-- [ ] **Step 1: Run /regression quick**
-
-```
-/regression quick
-```
-
-Expected: GREEN — lint, format, type-check ОК. Если pre-commit hook падает (memory `feedback_environment.md` #111 — gitleaks висит на heavy diff), использовать `LEFTHOOK=0` при коммите.
-
-- [ ] **Step 2: If quick GREEN, proceed to /regression full**
-
-```
-/regression full
-```
-
-Expected: Pest 742+ pass / 0 fail, Vitest 736+ pass, Vite build OK, lychee 0 broken, gitleaks 0. Допустимы pre-existing skipped.
-
-Если найдены регрессии — НЕ переходить к деплою. Зафиксировать в отдельном fixup-commit либо вернуться к Task 2.
-
----
-
-## Task 5: Deploy to liderra.ru (prod)
-
-**Files:**
-- None — деплой через ssh + redeploy.sh
-
-- [ ] **Step 1: Pre-deploy validation via prod-deploy-validator agent**
-
-Через Task tool:
-```
-subagent_type: prod-deploy-validator
-prompt: проверь готовность боевого liderra.ru к выкату ветки feat/supplier-webhook-fixes на коммит после Phase 1 (bootstrap/app.php изменён). Что меняется: webhook /api/webhook/supplier/* теперь всегда отвечает JSON 422 на validation errors. Миграций БД нет. Очередь queue:restart нужен? проверь 8 pre-flight.
-```
-
-Expected: вердикт GO. Если NO-GO — устранить причину (квирки 104-108) и повторить.
-
-- [ ] **Step 2: Merge feature branch fixup to main**
-
-После одобрения Phase 1 changes:
-```bash
-cd "c:/моя/проекты/портал crm/Документация"
-git checkout main
-git merge --ff-only feat/supplier-webhook-fixes
-git push origin main
-```
-
-NB: ОДНОВРЕМЕННО другие phases ещё не закоммичены, поэтому FF-merge содержит только Phase 1.
-
-- [ ] **Step 3: Run redeploy.sh on prod**
-
-```bash
-ssh liderra "cd /var/www/liderra/app && sudo -u www-data ./redeploy.sh 2>&1 | tail -50"
-```
-
-Expected: успешный pull + composer install + `optimize:clear` + `optimize` + queue:restart. Errors → revert (git revert + redeploy).
-
-- [ ] **Step 4: Prod smoke — webhook returns 422 not 302**
-
-```bash
-ssh liderra 'curl -sk -X POST \
-  -H "Content-Type: application/x-www-form-urlencoded" \
-  -d "vid=1&project=invalid&phone=79991234567&time="$(date +%s) \
-  https://liderra.ru/api/webhook/supplier/8c1c07ddb0768763661b357198e0625832f74ad0915d91b1 \
-  -w "\nSTATUS: %{http_code}\nCT: %{content_type}\n"'
-```
-
-Expected: `STATUS: 422`, `CT: application/json`. **Если 302 — деплой не применился, откатывать.**
-
-- [ ] **Step 5: Wait 30 min, check nginx access.log**
-
-```bash
-ssh liderra "sudo grep '/api/webhook/supplier' /var/log/nginx/access.log | tail -50 | awk '{print \$9}' | sort | uniq -c"
-```
-
-Expected: только 202, 422, 429, 404. **0 × 302, 0 × 301** для запросов на webhook URL.
-
-- [ ] **Step 6: Update ПИЛОТ.md + memory**
-
-Через прямой Edit, отметка «Phase 1 deployed 25.05.2026 HH:MM МСК, webhook always JSON». Memory update — `project_billing_v2.md` или новый `project_supplier_webhook_fixes.md`.
-
-```bash
-# Update ПИЛОТ.md as needed manually
-git add ПИЛОТ.md
-git commit -m "docs(пилот): Phase 1 supplier webhook JSON-422 deployed"
-git push origin main
-```
-
----
-
-## Done criteria для Phase 1
-
-- [ ] Все тесты в `SupplierWebhookTest.php` + `SupplierWebhookValidationFormatTest.php` PASS
-- [ ] /regression full GREEN
-- [ ] Прод-smoke: curl без Accept → 422 JSON
-- [ ] За 30 мин после деплоя в nginx access.log — 0 × 302 на webhook URL
-- [ ] Phase 2 plan starts only after Phase 1 deployed AND observed clean for ≥30 min
-
----
-
-## Откат (если что-то пошло не так)
-
-```bash
-ssh liderra "cd /var/www/liderra/app && git revert --no-edit HEAD && sudo -u www-data ./redeploy.sh 2>&1 | tail -20"
-```
-
-Изменение касается только обработки исключений — откат без миграций, мгновенный.
diff --git a/docs/superpowers/plans/2026-05-25-supplier-webhook-phase-2-dedup.md b/docs/superpowers/plans/2026-05-25-supplier-webhook-phase-2-dedup.md
deleted file mode 100644
index e237f18..0000000
--- a/docs/superpowers/plans/2026-05-25-supplier-webhook-phase-2-dedup.md
+++ /dev/null
@@ -1,475 +0,0 @@
-# Phase 2: Idempotent dedup webhook ↔ CSV-recovered
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Webhook, поступивший после CSV-recovered deal по `(tenant_id, phone, project_id)` в окне 24h, **обновляет** существующий deal (`source_crm_id`, `received_at`), не создаёт второй. Без двойного списания биллингом. Закрывает 37 дублей сутки.
-
-**Architecture:** В `RouteSupplierLeadJob::createDealCopyForProject` под уже существующей `DB::transaction + lockForUpdate(Tenant)+lockForUpdate(Project)` добавляется проверка «есть ли csv-recovered deal по `(tenant_id, phone, project_id, received_at ≥ now()-24h, source_crm_id IS NULL)`». Если есть — `UPDATE existing.source_crm_id = lead.vid` + `INSERT supplier_lead_deliveries` (привязка webhook к existing deal), **БЕЗ** `chargeForDelivery`. Возврат специального статуса `MERGED` (не считается в `$createdCount`, не failure).
-
-**Tech Stack:** Laravel 13 / Pest 4 / PHP 8.3 / PostgreSQL 16 / bcmath / RLS
-
-**Spec:** `docs/superpowers/specs/2026-05-25-supplier-webhook-reliability-design.md` §3 Phase 2
-**Предусловие:** Phase 1 deployed и наблюдаем clean ≥30 мин.
-**Ветка:** `feat/supplier-webhook-fixes` (продолжение)
-
----
-
-## Открытый вопрос (OQ-1 из спеки) — резолвится в Task 1
-
-`LedgerService::chargeForDelivery` (app/app/Services/Billing/LedgerService.php:47-117) — **НЕ идемпотентен**: каждый вызов делает INSERT LeadCharge, BalanceTransaction, supplier_lead_costs + decrement balance_rub. Поэтому критично НЕ вызывать его второй раз для merged deal.
-
----
-
-## File Structure
-
-**Создать:**
-- `app/tests/Feature/Supplier/CsvWebhookRaceTest.php` — TDD-тесты для merge сценария
-
-**Изменить:**
-- `app/app/Jobs/RouteSupplierLeadJob.php` — добавить блок поиска csv-recovered deal в `createDealCopyForProject`
-
-**Не трогать:**
-- `LedgerService.php` — не меняем, идемпотентность достигается через ранний return ДО его вызова
-- `supplier_lead_deliveries` schema — не меняем (текущая `(supplier_lead_id, tenant_id)` UNIQUE остаётся; добавляем дополнительный row для merge case)
-- `CsvReconcileJob.php` — не меняем (он создаёт SupplierLead с vid=NULL, как и было)
-
----
-
-## Task 1: Verify LedgerService is NOT idempotent (read-only confirmation)
-
-**Files:**
-- Read: `app/app/Services/Billing/LedgerService.php`
-
-- [ ] **Step 1: Confirm there is NO check for existing lead_charges with same deal_id**
-
-Открыть [app/app/Services/Billing/LedgerService.php:47-117](../../../app/app/Services/Billing/LedgerService.php#L47-L117). Подтвердить:
-- Нет `LeadCharge::where('deal_id', $deal->id)->exists()` guard.
-- Нет SELECT перед INSERT.
-- Метод просто делает INSERT, increment, INSERT, INSERT.
-
-Если идемпотентность ЕСТЬ — пересмотреть план Phase 2 (может быть проще, без MERGED статуса). Если НЕТ (ожидаемо) — продолжаем по плану.
-
-- [ ] **Step 2: Document in commit message**
-
-Зафиксировать наблюдение в первом коммите Task 2. Никакой правки в LedgerService не делаем — guard добавляется в caller (RouteSupplierLeadJob).
-
----
-
-## Task 2: Failing test — webhook after CSV-recovered merges, doesn't duplicate or double-charge
-
-**Files:**
-- Create: `app/tests/Feature/Supplier/CsvWebhookRaceTest.php`
-
-- [ ] **Step 1: Write failing tests**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Jobs\RouteSupplierLeadJob;
-use App\Models\Deal;
-use App\Models\LeadCharge;
-use App\Models\Project;
-use App\Models\SupplierLead;
-use App\Models\Tenant;
-use App\Models\User;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-use Illuminate\Support\Facades\DB;
-
-uses(DatabaseTransactions::class);
-
-/**
- * Phase 2 — webhook ↔ CSV-recovered idempotency.
- *
- * Сценарий (наблюдался на prod 2026-05-25):
- *   1. Поставщик шлёт webhook → 302 (теряется тело) — Phase 1 уже починила.
- *   2. CsvReconcileJob через 30 мин видит лид в CSV, не находит supplier_lead
- *      по (phone, project) → создаёт recovered SupplierLead (vid=NULL,
- *      source='csv_recovery') → RouteSupplierLeadJob → Deal с source_crm_id=NULL.
- *   3. Поставщик ретраит webhook (ещё 15 мин) → новый SupplierLead с vid=<int>
- *      → RouteSupplierLeadJob → создаёт второй Deal с тем же phone+project
- *      → биллинг списывает второй раз.
- *
- * Phase 2 fix: шаг 3 находит существующий CSV-recovered deal, обновляет
- * source_crm_id, привязывает webhook supplier_lead к существующему deal через
- * supplier_lead_deliveries, НЕ создаёт второй Deal, НЕ списывает повторно.
- */
-
-beforeEach(function () {
-    $this->tenant = Tenant::factory()->create([
-        'balance_rub' => '1000.00',
-        'delivered_in_month' => 0,
-    ]);
-    $this->project = Project::factory()->create([
-        'tenant_id' => $this->tenant->id,
-        'signal_type' => 'site',
-        'signal_identifier' => 'krk-finance.ru',
-        'is_active' => true,
-        'daily_limit_target' => 100,
-        'delivered_today' => 0,
-    ]);
-    // ... настроить supplier_projects + project_supplier_links для платформы B1
-    //     identifier krk-finance.ru — детали зависят от фабрик
-});
-
-it('webhook after CSV-recovered merges into existing deal (no duplicate, no double-charge)', function () {
-    // Step 1: simulate CSV-recovered SupplierLead (vid=null)
-    $csvLead = SupplierLead::create([
-        'platform' => 'B1',
-        'phone' => '79991234567',
-        'vid' => null,
-        'raw_payload' => ['project' => 'B1_krk-finance.ru', 'phone' => '79991234567', 'time' => time()],
-        'received_at' => now()->subHour(),
-        'recovered_from_csv_at' => now()->subHour(),
-        'source' => 'csv_recovery',
-    ]);
-    (new RouteSupplierLeadJob($csvLead->id))->handle(
-        app(\App\Services\LeadRouter::class),
-        app(\App\Services\SupplierProjects\SupplierProjectResolver::class),
-        app(\App\Services\NotificationService::class),
-        app(\App\Services\Billing\LedgerService::class),
-        app(\App\Services\LeadDistributor::class),
-        app(\App\Services\RegionTagResolver::class),
-    );
-
-    $csvDeal = Deal::where('phone', '79991234567')->first();
-    expect($csvDeal)->not->toBeNull();
-    expect($csvDeal->source_crm_id)->toBeNull();
-    $chargesAfterCsv = LeadCharge::where('deal_id', $csvDeal->id)->count();
-    expect($chargesAfterCsv)->toBe(1); // одна charge от CSV-recovered
-
-    $balanceAfterCsv = (string) $this->tenant->fresh()->balance_rub;
-
-    // Step 2: simulate webhook arriving 15 min later with real vid
-    $webhookLead = SupplierLead::create([
-        'platform' => 'B1',
-        'phone' => '79991234567',
-        'vid' => 1672819986,
-        'raw_payload' => ['project' => 'B1_krk-finance.ru', 'phone' => '79991234567', 'time' => time()],
-        'received_at' => now()->subMinutes(15),
-        'source' => 'webhook',
-    ]);
-    (new RouteSupplierLeadJob($webhookLead->id))->handle(
-        app(\App\Services\LeadRouter::class),
-        app(\App\Services\SupplierProjects\SupplierProjectResolver::class),
-        app(\App\Services\NotificationService::class),
-        app(\App\Services\Billing\LedgerService::class),
-        app(\App\Services\LeadDistributor::class),
-        app(\App\Services\RegionTagResolver::class),
-    );
-
-    // Assertion 1: still ONE deal, but source_crm_id теперь заполнен
-    $deals = Deal::where('phone', '79991234567')->get();
-    expect($deals)->toHaveCount(1);
-    expect($deals->first()->source_crm_id)->toBe(1672819986);
-
-    // Assertion 2: НЕТ второго LeadCharge (idempotency биллинга)
-    $chargesAfterWebhook = LeadCharge::where('deal_id', $csvDeal->id)->count();
-    expect($chargesAfterWebhook)->toBe(1); // всё ещё ОДИН charge
-
-    // Assertion 3: balance НЕ списан второй раз
-    $balanceAfterWebhook = (string) $this->tenant->fresh()->balance_rub;
-    expect($balanceAfterWebhook)->toBe($balanceAfterCsv);
-
-    // Assertion 4: supplier_lead_deliveries содержит ОБА supplier_lead_id,
-    //   привязанные к ОДНОМУ deal.id
-    $deliveries = DB::table('supplier_lead_deliveries')
-        ->where('deal_id', $csvDeal->id)
-        ->get();
-    expect($deliveries)->toHaveCount(2);
-    expect($deliveries->pluck('supplier_lead_id')->all())
-        ->toContain($csvLead->id, $webhookLead->id);
-});
-
-it('two webhooks with DIFFERENT vids both create deals (Spec B — за повторы поставщика берём)', function () {
-    // Регрессионный тест: если поставщик намеренно шлёт два webhook'а с РАЗНЫМИ
-    // vid'ами на тот же phone+project — это два разных лида, оба должны быть
-    // приняты. Спек B Phase 1 (commit ccfecd5e) специально снял DD для этого
-    // кейса. Наш Phase 2 fix НЕ должен этому препятствовать.
-    $lead1 = SupplierLead::create([
-        'platform' => 'B1', 'phone' => '79991234567', 'vid' => 100,
-        'raw_payload' => ['project' => 'B1_krk-finance.ru', 'phone' => '79991234567', 'time' => time()],
-        'received_at' => now()->subHour(), 'source' => 'webhook',
-    ]);
-    (new RouteSupplierLeadJob($lead1->id))->handle(/* ... */);
-
-    $lead2 = SupplierLead::create([
-        'platform' => 'B1', 'phone' => '79991234567', 'vid' => 200,
-        'raw_payload' => ['project' => 'B1_krk-finance.ru', 'phone' => '79991234567', 'time' => time()],
-        'received_at' => now()->subMinutes(30), 'source' => 'webhook',
-    ]);
-    (new RouteSupplierLeadJob($lead2->id))->handle(/* ... */);
-
-    // Assertion: ОБА webhook'а имеют source_crm_id (не NULL), поэтому merge
-    // не происходит — это два разных лида у поставщика, два разных deal.
-    $deals = Deal::where('phone', '79991234567')->get();
-    expect($deals)->toHaveCount(2);
-    expect($deals->pluck('source_crm_id')->all())->toContain(100, 200);
-    expect(LeadCharge::whereIn('deal_id', $deals->pluck('id'))->count())->toBe(2);
-});
-
-it('csv-recovered deal older than 24h is NOT merged with new webhook', function () {
-    // Окно merge — 24h. Если CSV-recovered deal старше — не считается duplicate.
-    $csvLead = SupplierLead::create([
-        'platform' => 'B1', 'phone' => '79991234567', 'vid' => null,
-        'raw_payload' => ['project' => 'B1_krk-finance.ru', 'phone' => '79991234567', 'time' => now()->subDays(2)->getTimestamp()],
-        'received_at' => now()->subDays(2),
-        'recovered_from_csv_at' => now()->subDays(2),
-        'source' => 'csv_recovery',
-    ]);
-    (new RouteSupplierLeadJob($csvLead->id))->handle(/* ... */);
-
-    $webhookLead = SupplierLead::create([
-        'platform' => 'B1', 'phone' => '79991234567', 'vid' => 999,
-        'raw_payload' => ['project' => 'B1_krk-finance.ru', 'phone' => '79991234567', 'time' => time()],
-        'received_at' => now(), 'source' => 'webhook',
-    ]);
-    (new RouteSupplierLeadJob($webhookLead->id))->handle(/* ... */);
-
-    // Assertion: TWO deals (старый CSV-recovered + новый webhook), не merge
-    $deals = Deal::where('phone', '79991234567')->get();
-    expect($deals)->toHaveCount(2);
-});
-```
-
-NB: код тестов написан как **набросок**. При имплементации:
-- Заменить `(new RouteSupplierLeadJob(...))->handle(/* ... */)` на правильную диспатч-схему (Bus::dispatchSync или вручную с DI). Посмотреть в [app/tests/Feature/Supplier/RouteSupplierLeadJobBillingTest.php](../../../app/tests/Feature/Supplier/RouteSupplierLeadJobBillingTest.php) для примера.
-- Настроить supplier_projects + project_supplier_links фабрики правильно. Посмотреть в существующих тестах.
-
-- [ ] **Step 2: Run tests, expect FAIL**
-
-```
-cd app && ./vendor/bin/pest tests/Feature/Supplier/CsvWebhookRaceTest.php
-```
-
-Expected: тест #1 FAIL (deals.count == 2 а не 1; charges.count == 2 а не 1). Это подтверждает баг.
-
-- [ ] **Step 3: Commit failing tests**
-
-```bash
-git add app/tests/Feature/Supplier/CsvWebhookRaceTest.php
-git commit -m "test(supplier): assert webhook-after-csv-recovered merges into existing deal (failing)
-
-Reproduces 37 duplicate deals observed on prod 2026-05-25 for tenant client1.
-After Spec B Phase 1 (commit ccfecd5e) removed DuplicateDetector, the race
-between CsvReconcileJob (creates SupplierLead vid=null) and later webhook
-retry (vid=int) results in two separate Deals because supplier_lead_deliveries
-locks on supplier_lead_id (which differs between csv-recovery and webhook),
-not on (phone, project_id).
-
-Failing now — implementation comes in next commit."
-```
-
----
-
-## Task 3: Implement merge logic in RouteSupplierLeadJob::createDealCopyForProject
-
-**Files:**
-- Modify: `app/app/Jobs/RouteSupplierLeadJob.php:207-330`
-
-- [ ] **Step 1: Add early merge check ДО supplier_lead_deliveries insertOrIgnore**
-
-В `createDealCopyForProject`, **после** `$lockedProject = ... lockForUpdate(); ... if (delivered_today >= limit) return false;`, **до** `$locked = DB::table('supplier_lead_deliveries')->insertOrIgnore(...)`:
-
-```php
-// Phase 2 fix: merge с CSV-recovered deal если webhook догоняет.
-// Идемпотентность race condition между CsvReconcileJob (vid=NULL, recovered
-// from CSV) и webhook (vid=int, реальный supplier-id). До этой проверки они
-// создавали 2 deal'a (DD снят Spec B Phase 1). Merge выполняется только если:
-//   - webhook ЕСТЬ настоящий vid (lead.vid !== null) — без vid merge'ить нечего;
-//   - csv-recovered deal существует за последние 24h, тот же phone+project+tenant;
-//   - csv-recovered deal БЕЗ source_crm_id (т.е. он именно CSV-recovered, не другой webhook).
-// При merge: UPDATE existing.source_crm_id, INSERT supplier_lead_deliveries,
-// БЕЗ chargeForDelivery (LeadCharge уже есть с момента CSV recovery).
-$existingMergeable = null;
-if ($lead->vid !== null) {
-    $existingMergeable = Deal::query()
-        ->where('tenant_id', $tenant->id)
-        ->where('phone', (string) $lead->phone)
-        ->where('project_id', $project->id)
-        ->whereNull('source_crm_id')
-        ->where('received_at', '>=', now()->subDay())
-        ->lockForUpdate()
-        ->first();
-}
-if ($existingMergeable !== null) {
-    // Заполняем supplier_lead.id у обоих SupplierLead → одному Deal
-    DB::table('supplier_lead_deliveries')->insert([
-        'supplier_lead_id' => $lead->id,
-        'tenant_id' => $tenant->id,
-        'deal_id' => $existingMergeable->id,
-        'created_at' => now(),
-    ]);
-    $existingMergeable->source_crm_id = $lead->vid;
-    if ($lead->received_at !== null && $lead->received_at->gt($existingMergeable->received_at)) {
-        $existingMergeable->received_at = $lead->received_at;
-    }
-    $existingMergeable->save();
-
-    Log::info('supplier_lead.merged_into_csv_recovered', [
-        'supplier_lead_id' => $lead->id,
-        'merged_into_deal_id' => $existingMergeable->id,
-        'tenant_id' => $tenant->id,
-    ]);
-
-    return true; // считаем «доставленным», но без второго списания
-}
-
-// Spec B: per-(supplier_lead, tenant) lock — existing code ниже без изменений
-$locked = DB::table('supplier_lead_deliveries')->insertOrIgnore([
-    // ... existing ...
-]);
-```
-
-NB:
-- `lockForUpdate()` на existingMergeable защищает от двойного merge при параллельных queue workers.
-- Условие `whereNull('source_crm_id')` — критично: оно отличает CSV-recovered (vid=NULL → source_crm_id=NULL) от настоящих webhook deals (source_crm_id=vid). Без этого условия мы бы мерджили на любой повтор поставщика, что **сломало бы Spec B**.
-- Insert в `supplier_lead_deliveries` — простой `->insert()`, не `->insertOrIgnore()`. Потому что `(supplier_lead_id, tenant_id)` уникален, и для webhook-after-csv это новая комбинация (другой supplier_lead_id чем у csv-recovered).
-
-- [ ] **Step 2: Run tests, expect PASS**
-
-```
-cd app && ./vendor/bin/pest tests/Feature/Supplier/CsvWebhookRaceTest.php
-```
-
-Expected: все 3 теста PASS.
-
-- [ ] **Step 3: Run full supplier test suite (regression)**
-
-```
-cd app && ./vendor/bin/pest tests/Feature/Supplier/ tests/Feature/Jobs/RouteSupplierLeadJobTest.php
-```
-
-Expected: все existing тесты PASS. Особенно:
-- `SupplierLeadDeliveryGuardTest` (текущий lock-механизм)
-- `RouteSupplierLeadJobBillingTest` (биллинг)
-- `RouteSupplierLeadJobTest`
-- `CsvReconcileJobTest`
-
-Если что-то сломалось — это знак что existingMergeable условие слишком широкое. Сузить и повторить.
-
-- [ ] **Step 4: Commit implementation**
-
-```bash
-git add app/app/Jobs/RouteSupplierLeadJob.php
-git commit -m "fix(supplier): merge webhook into csv-recovered deal, no double-charge
-
-Adds early merge check in RouteSupplierLeadJob::createDealCopyForProject:
-when lead.vid IS NOT NULL and an existing deal with NULL source_crm_id
-exists for (tenant, phone, project_id) within last 24h, UPDATE that
-deal's source_crm_id instead of creating a second Deal. INSERT into
-supplier_lead_deliveries links the new supplier_lead.id to the existing
-deal.id. LedgerService::chargeForDelivery is NOT called — the original
-charge happened when the csv-recovery created the deal.
-
-Closes 37 duplicate deals observed on prod for tenant client1 25.05.2026.
-Spec B Phase 1 (commit ccfecd5e) removed DuplicateDetector — this fix
-restores idempotency for the specific webhook-after-csv-recovered case
-WITHOUT re-blocking intentional supplier repeats with different vids.
-
-Guard: only merges where source_crm_id IS NULL (the CSV-recovered marker).
-Two webhooks with different vids on same phone+project still create two
-deals — by-design per Spec B."
-```
-
----
-
-## Task 4: Regression and prod data probe
-
-**Files:**
-- None
-
-- [ ] **Step 1: /regression full**
-
-```
-/regression full
-```
-
-Expected: GREEN. Особенно фокус на Pest --parallel (race conditions).
-
-- [ ] **Step 2: Prod data probe — current state of duplicates**
-
-ДО деплоя:
-```bash
-ssh liderra "sudo -u postgres psql -d liderra -P pager=off -c \"SELECT phone, project_id, COUNT(*) AS cnt FROM deals WHERE tenant_id=2 AND created_at::date = CURRENT_DATE GROUP BY phone, project_id HAVING COUNT(*) > 1 ORDER BY cnt DESC LIMIT 10\""
-```
-
-Зафиксировать список (это будут текущие 37 пар). После деплоя — повторить ту же команду через 2 часа: новые пары не должны появляться.
-
----
-
-## Task 5: Deploy to liderra.ru
-
-**Files:**
-- None
-
-- [ ] **Step 1: prod-deploy-validator agent**
-
-```
-subagent_type: prod-deploy-validator
-prompt: проверь готовность боевого liderra.ru к Phase 2 деплою. Меняется только RouteSupplierLeadJob.php (добавлен merge-check для CSV-recovered deals). Миграций БД нет. Очередь — queue:restart обязателен, потому что job изменился. Phase 1 уже на проде ≥30 мин.
-```
-
-- [ ] **Step 2: Merge to main + push**
-
-```bash
-git checkout main
-git merge --ff-only feat/supplier-webhook-fixes
-git push origin main
-```
-
-- [ ] **Step 3: redeploy on prod**
-
-```bash
-ssh liderra "cd /var/www/liderra/app && sudo -u www-data ./redeploy.sh 2>&1 | tail -50"
-```
-
-Expected: успешно. Особенно проверить что `php artisan queue:restart` отработал (см. в выводе redeploy.sh).
-
-- [ ] **Step 4: Prod smoke — нет новых дублей за 2 часа**
-
-Подождать 2 часа, потом:
-```bash
-ssh liderra "sudo -u postgres psql -d liderra -P pager=off -c \"SELECT phone, project_id, COUNT(*) FROM deals WHERE tenant_id=2 AND created_at >= NOW() - interval '2 hours' GROUP BY phone, project_id HAVING COUNT(*) > 1\""
-```
-
-Expected: **0 rows** (нет новых дублей за 2 часа после деплоя).
-
-- [ ] **Step 5: Check merge logs**
-
-```bash
-ssh liderra "sudo grep 'merged_into_csv_recovered' /var/www/liderra/app/storage/logs/laravel.log | tail -20"
-```
-
-Expected: есть записи (показывает что merge сработал). Каждая запись — закрытый дубль.
-
-- [ ] **Step 6: Update ПИЛОТ.md + memory**
-
-```bash
-# Edit ПИЛОТ.md mentioning Phase 2 deployed + merge stats
-git add ПИЛОТ.md
-git commit -m "docs(пилот): Phase 2 supplier dedup deployed, $N merges in 2h window"
-git push origin main
-```
-
----
-
-## Done criteria для Phase 2
-
-- [ ] Все тесты в `CsvWebhookRaceTest.php` PASS
-- [ ] Все существующие `tests/Feature/Supplier/` PASS (regression)
-- [ ] /regression full GREEN
-- [ ] За 2 часа после деплоя — 0 новых пар дубликатов на проде
-- [ ] Существуют `merged_into_csv_recovered` записи в логе (показывает что merge работает)
-- [ ] Phase 3 plan starts only after Phase 2 observed clean ≥2h
-
----
-
-## Откат
-
-```bash
-ssh liderra "cd /var/www/liderra/app && git revert --no-edit HEAD && sudo -u www-data ./redeploy.sh 2>&1 | tail -20"
-```
-
-Миграций нет → откат мгновенный. Дубли начнут возникать снова, но эти 2-3 часа потерь покрываются CsvReconcileJob.
diff --git a/docs/superpowers/plans/2026-05-25-supplier-webhook-phase-3-direct-platform.md b/docs/superpowers/plans/2026-05-25-supplier-webhook-phase-3-direct-platform.md
deleted file mode 100644
index 293866a..0000000
--- a/docs/superpowers/plans/2026-05-25-supplier-webhook-phase-3-direct-platform.md
+++ /dev/null
@@ -1,899 +0,0 @@
-# Phase 3: DIRECT platform for non-B prefix projects
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Webhook на проекты без `B[123]_` префикса (`client.carmoney.ru`, `cashmotor.ru`, числовые) принимается, проходит routing, создаёт Deal под новой платформой `DIRECT`. Закрывает оставшиеся ~67 потерь сутки.
-
-**Architecture:** Расширить `platform` enum в `supplier_projects` и `project_supplier_links` до `(B1, B2, B3, DIRECT)` через миграцию. Снять regex в webhook controller. `parsePlatform`/`parseProjectField`/`extractPlatform` возвращают `'DIRECT'` для не-B. `SupplierProjectResolver` принимает DIRECT. `LeadRouter` для DIRECT использует **прямой матч signal_identifier** (потому что DIRECT-supplier_projects ещё не привязаны к Лидерра-проектам через `project_supplier_links`). `LedgerService.resolveSupplierId` — fallback для DIRECT.
-
-**Tech Stack:** Laravel 13 / PostgreSQL 16 / Pest 4 / PHP 8.3
-
-**Spec:** `docs/superpowers/specs/2026-05-25-supplier-webhook-reliability-design.md` §3 Phase 3
-**Предусловие:** Phase 2 deployed и наблюдаем clean ≥2 часов.
-**Ветка:** `feat/supplier-webhook-fixes` (продолжение)
-**Риск:** ВЫСОКИЙ — миграция БД + 5 файлов кода + бизнес-семантика биллинга
-
----
-
-## Открытые вопросы
-
-- **OQ-2.** `chk_supplier_projects_b1_not_for_sms` constraint — мешает ли DIRECT? **Ответ:** не мешает — это `CHECK (NOT (platform='B1' AND signal_type='sms'))`. DIRECT+SMS пропускается.
-- **OQ-3.** Биллинг для DIRECT-платформы — какой Supplier (`suppliers.code`) использовать? **Ответ:** добавим `supplier code='direct'` в seed; в [LedgerService.resolveSupplierId](../../../app/app/Services/Billing/LedgerService.php#L127) добавим case `if platform=='DIRECT' return Supplier::where('code', 'direct')`.
-- **OQ-4.** Как DIRECT-supplier_project привязывается к Лидерра-проекту, если `project_supplier_links` для DIRECT supplier_projects ещё нет? **Ответ:** добавляем fallback в `LeadRouter::matchEligibleProjects` для DIRECT supplier_projects — матчинг по `signal_type + signal_identifier` напрямую с `projects.signal_type + projects.signal_identifier`, без обязательного `project_supplier_links`.
-
----
-
-## File Structure
-
-**Создать:**
-- `database/migrations/2026_05_25_120000_add_direct_platform_to_supplier_projects.php` — расширение CHECK constraints
-- `database/migrations/2026_05_25_120100_seed_direct_supplier.php` — seed строки `suppliers.code='direct'` (cost_rub из существующего шаблона)
-- `app/tests/Feature/Supplier/DirectPlatformTest.php` — end-to-end тесты для DIRECT flow
-
-**Изменить:**
-- `app/app/Http/Controllers/Api/SupplierWebhookController.php`:
-  - line 86: снять `regex:/^B[123]_.+$/'`
-  - lines 183-188: `parsePlatform` возвращает `'DIRECT'` для не-B
-- `app/app/Jobs/RouteSupplierLeadJob.php`:
-  - lines 172-200: `parseProjectField` добавить DIRECT branch
-- `app/app/Jobs/Supplier/CsvReconcileJob.php`:
-  - lines 237-244: `extractPlatform` возвращает 'DIRECT' (а не `null`) для парсящихся как domain/call/sms строк; `null` оставить только для реального мусора (numeric-only без структуры)
-- `app/app/Services/SupplierProjects/SupplierProjectResolver.php`:
-  - line 24: `ALLOWED_PLATFORMS = ['B1','B2','B3','DIRECT']`
-- `app/app/Services/LeadRouter.php`:
-  - lines 50-71: для DIRECT — расширить eligibility SQL с fallback на signal_type+identifier
-- `app/app/Services/Billing/LedgerService.php`:
-  - lines 127-148: `resolveSupplierId` — добавить case `platform='DIRECT'`
-- `app/tests/Feature/Http/Webhook/SupplierWebhookTest.php`:
-  - line 95: переписать тест — теперь `invalid_no_b_prefix` → 202 (принимается, platform=DIRECT)
-- `db/schema.sql` — отразить новый constraint
-- `db/CHANGELOG_schema.md` — запись v8.X
-
-**Не трогать:**
-- `LeadDistributor` — cap=3 работает на Collection, platform-agnostic
-- `supplier_lead_deliveries` — уже Phase 2 покрывает идемпотентность
-
----
-
-## Task 1: Read all touched files + verify b1-not-for-sms constraint
-
-**Files:**
-- Read: `db/schema.sql` § supplier_projects + project_supplier_links
-- Read: `app/database/migrations/` для последней supplier_projects-related migration
-
-- [ ] **Step 1: Find current CHECK constraints**
-
-```bash
-grep -n 'chk_supplier_projects_platform\|chk_psl_platform\|chk_supplier_projects_b1' \
-  "c:/моя/проекты/портал crm/Документация/db/schema.sql"
-```
-
-Зафиксировать exact text constraints для миграции (DROP + ADD).
-
-- [ ] **Step 2: Find last migration touching supplier_projects.platform**
-
-```bash
-ls "c:/моя/проекты/портал crm/Документация/app/database/migrations/" | grep -i supplier_project
-```
-
-Документировать в комментарии новой миграции.
-
-- [ ] **Step 3: Verify b1-not-for-sms doesn't conflict with DIRECT**
-
-`chk_supplier_projects_b1_not_for_sms` — это `CHECK (NOT (platform='B1' AND signal_type='sms'))`. DIRECT+SMS — не B1, так что пропускается. Не нужно трогать.
-
----
-
-## Task 2: Migration — extend platform CHECK to include DIRECT
-
-**Files:**
-- Create: `app/database/migrations/2026_05_25_120000_add_direct_platform_to_supplier_projects.php`
-
-- [ ] **Step 1: Write migration**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Database\Migrations\Migration;
-use Illuminate\Support\Facades\DB;
-
-/**
- * Phase 3 supplier webhook reliability — расширяет platform enum в
- * supplier_projects и project_supplier_links до (B1,B2,B3,DIRECT).
- *
- * DIRECT — это «прямая» платформа поставщика без B-префикса в имени
- * проекта (e.g. `client.carmoney.ru`, `cashmotor.ru`, числовые телефоны).
- * До Phase 3 такие webhook'и отвергались с 302-редиректом и терялись.
- *
- * Spec: docs/superpowers/specs/2026-05-25-supplier-webhook-reliability-design.md §3 Phase 3
- *
- * NB: chk_supplier_projects_b1_not_for_sms (B1+SMS deny) НЕ трогаем —
- * DIRECT+SMS этим constraint'ом не блокируется.
- */
-return new class extends Migration
-{
-    public function up(): void
-    {
-        DB::statement('ALTER TABLE supplier_projects DROP CONSTRAINT chk_supplier_projects_platform');
-        DB::statement("ALTER TABLE supplier_projects ADD CONSTRAINT chk_supplier_projects_platform CHECK (platform IN ('B1','B2','B3','DIRECT'))");
-
-        DB::statement('ALTER TABLE project_supplier_links DROP CONSTRAINT chk_psl_platform');
-        DB::statement("ALTER TABLE project_supplier_links ADD CONSTRAINT chk_psl_platform CHECK (platform IN ('B1','B2','B3','DIRECT'))");
-    }
-
-    public function down(): void
-    {
-        // Перед откатом — убедиться что в БД нет rows с platform='DIRECT',
-        // иначе constraint провалится при ADD. Это ответственность того, кто
-        // запускает migrate:rollback. На prod — отдельный cleanup SQL до отката.
-        DB::statement('ALTER TABLE supplier_projects DROP CONSTRAINT chk_supplier_projects_platform');
-        DB::statement("ALTER TABLE supplier_projects ADD CONSTRAINT chk_supplier_projects_platform CHECK (platform IN ('B1','B2','B3'))");
-
-        DB::statement('ALTER TABLE project_supplier_links DROP CONSTRAINT chk_psl_platform');
-        DB::statement("ALTER TABLE project_supplier_links ADD CONSTRAINT chk_psl_platform CHECK (platform IN ('B1','B2','B3'))");
-    }
-};
-```
-
-- [ ] **Step 2: Test migration locally**
-
-```
-cd app && php artisan migrate --pretend
-```
-
-Expected: видим что DROP/ADD CONSTRAINT statements корректны, без ошибок.
-
-```
-cd app && php artisan migrate
-```
-
-Expected: migration applied. Проверка:
-```
-cd app && php artisan tinker --execute='echo DB::selectOne("SELECT pg_get_constraintdef(oid) AS def FROM pg_constraint WHERE conname=\"chk_supplier_projects_platform\"")->def;'
-```
-
-Должно содержать `'DIRECT'`.
-
-- [ ] **Step 3: Commit migration**
-
-```bash
-git add app/database/migrations/2026_05_25_120000_add_direct_platform_to_supplier_projects.php
-git commit -m "feat(db): extend supplier_projects.platform CHECK to include DIRECT
-
-Adds DIRECT value to chk_supplier_projects_platform and chk_psl_platform
-constraints. DIRECT represents supplier projects without B[123]_ prefix
-(e.g. client.carmoney.ru, cashmotor.ru, numeric phone IDs) — currently
-67 leads/day lost to 302 redirects from webhook validation.
-
-Schema-only change; no code yet uses DIRECT — code changes follow in
-subsequent commits. Migration is forward-compatible: old code continues
-to work with B1/B2/B3 rows."
-```
-
----
-
-## Task 3: Seed Supplier row with code='direct'
-
-**Files:**
-- Create: `app/database/migrations/2026_05_25_120100_seed_direct_supplier.php`
-
-- [ ] **Step 1: Inspect existing suppliers rows**
-
-```
-cd app && php artisan tinker --execute='print_r(DB::table("suppliers")->get()->toArray());'
-```
-
-Найти существующий `cost_rub` для одной из B-платформ. Использовать тот же (DIRECT — same supplier, разная платформа).
-
-- [ ] **Step 2: Write seed migration**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Database\Migrations\Migration;
-use Illuminate\Support\Facades\DB;
-
-/**
- * Phase 3 — DIRECT supplier row (used by LedgerService::resolveSupplierId
- * fallback for platform='DIRECT'). cost_rub matches B1 (same supplier,
- * different routing).
- */
-return new class extends Migration
-{
-    public function up(): void
-    {
-        $b1 = DB::table('suppliers')->where('code', 'b1')->first();
-        if ($b1 === null) {
-            // Если B1 нет — significant prod drift, не должно произойти.
-            return;
-        }
-
-        DB::table('suppliers')->updateOrInsert(
-            ['code' => 'direct'],
-            [
-                'name' => 'BP-GR Direct',
-                'cost_rub' => $b1->cost_rub,
-                'created_at' => now(),
-                'updated_at' => now(),
-            ]
-        );
-    }
-
-    public function down(): void
-    {
-        DB::table('suppliers')->where('code', 'direct')->delete();
-    }
-};
-```
-
-- [ ] **Step 3: Run migration**
-
-```
-cd app && php artisan migrate
-```
-
-- [ ] **Step 4: Verify**
-
-```
-cd app && php artisan tinker --execute='echo DB::table("suppliers")->where("code","direct")->first()->name;'
-```
-
-Expected: `BP-GR Direct`.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/database/migrations/2026_05_25_120100_seed_direct_supplier.php
-git commit -m "feat(db): seed suppliers.code='direct' for DIRECT platform billing"
-```
-
----
-
-## Task 4: Failing test — DirectPlatformTest end-to-end
-
-**Files:**
-- Create: `app/tests/Feature/Supplier/DirectPlatformTest.php`
-
-- [ ] **Step 1: Write end-to-end test**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Jobs\RouteSupplierLeadJob;
-use App\Models\Deal;
-use App\Models\Project;
-use App\Models\SupplierLead;
-use App\Models\SupplierProject;
-use App\Models\SystemSetting;
-use App\Models\Tenant;
-use Illuminate\Foundation\Testing\DatabaseTransactions;
-
-uses(DatabaseTransactions::class);
-
-beforeEach(function () {
-    SystemSetting::query()
-        ->where('key', 'supplier_webhook_secret')
-        ->update(['value' => 'test-secret-32chars-aaaaaaaaaaaaaa']);
-    SystemSetting::query()
-        ->where('key', 'supplier_ip_allowlist')
-        ->update(['value' => '[]']);
-
-    $this->tenant = Tenant::factory()->create([
-        'balance_rub' => '1000.00',
-        'delivered_in_month' => 0,
-    ]);
-    $this->project = Project::factory()->create([
-        'tenant_id' => $this->tenant->id,
-        'signal_type' => 'site',
-        'signal_identifier' => 'client.carmoney.ru',
-        'is_active' => true,
-        'daily_limit_target' => 100,
-        'delivered_today' => 0,
-    ]);
-});
-
-it('webhook with non-B-prefix project is accepted (202) and platform=DIRECT', function () {
-    $response = $this->postJson('/api/webhook/supplier/test-secret-32chars-aaaaaaaaaaaaaa', [
-        'vid' => 9999001,
-        'project' => 'client.carmoney.ru',
-        'phone' => '79991234567',
-        'time' => time(),
-    ]);
-    $response->assertStatus(202);
-    expect(SupplierLead::where('vid', 9999001)->exists())->toBeTrue();
-    expect(SupplierLead::where('vid', 9999001)->first()->platform)->toBe('DIRECT');
-});
-
-it('SupplierProjectResolver creates DIRECT supplier_project for non-B project', function () {
-    $resolver = app(\App\Services\SupplierProjects\SupplierProjectResolver::class);
-    $sp = $resolver->resolveOrStub('DIRECT', 'site', 'client.carmoney.ru');
-    expect($sp->platform)->toBe('DIRECT');
-    expect($sp->unique_key)->toBe('client.carmoney.ru');
-    expect($sp->signal_type)->toBe('site');
-});
-
-it('RouteSupplierLeadJob delivers DIRECT lead to matching Liderra project via signal_identifier fallback', function () {
-    $lead = SupplierLead::create([
-        'platform' => 'DIRECT',
-        'phone' => '79991234567',
-        'vid' => 9999002,
-        'raw_payload' => ['project' => 'client.carmoney.ru', 'phone' => '79991234567', 'time' => time()],
-        'received_at' => now(),
-        'source' => 'webhook',
-    ]);
-    (new RouteSupplierLeadJob($lead->id))->handle(
-        app(\App\Services\LeadRouter::class),
-        app(\App\Services\SupplierProjects\SupplierProjectResolver::class),
-        app(\App\Services\NotificationService::class),
-        app(\App\Services\Billing\LedgerService::class),
-        app(\App\Services\LeadDistributor::class),
-        app(\App\Services\RegionTagResolver::class),
-    );
-
-    $deal = Deal::where('tenant_id', $this->tenant->id)->where('phone', '79991234567')->first();
-    expect($deal)->not->toBeNull();
-    expect($deal->project_id)->toBe($this->project->id);
-    expect($deal->source_crm_id)->toBe(9999002);
-});
-
-it('numeric-only project (e.g. 79135191264) accepted as DIRECT', function () {
-    // Поставщик иногда шлёт project=телефонный номер (callback-проекты).
-    $response = $this->postJson('/api/webhook/supplier/test-secret-32chars-aaaaaaaaaaaaaa', [
-        'vid' => 9999003,
-        'project' => '79135191264',
-        'phone' => '79991234567',
-        'time' => time(),
-    ]);
-    $response->assertStatus(202);
-});
-
-it('existing B1/B2/B3 webhooks still work (regression)', function () {
-    $response = $this->postJson('/api/webhook/supplier/test-secret-32chars-aaaaaaaaaaaaaa', [
-        'vid' => 9999004,
-        'project' => 'B1_krk-finance.ru',
-        'phone' => '79991234567',
-        'time' => time(),
-    ]);
-    $response->assertStatus(202);
-    expect(SupplierLead::where('vid', 9999004)->first()->platform)->toBe('B1');
-});
-```
-
-- [ ] **Step 2: Run tests, expect FAIL on most**
-
-```
-cd app && ./vendor/bin/pest tests/Feature/Supplier/DirectPlatformTest.php
-```
-
-Expected: тесты #1, #2, #3, #4 FAIL (regex rejects non-B, resolver throws, job throws). Тест #5 PASS (B1 already works).
-
-- [ ] **Step 3: Commit failing tests**
-
-```bash
-git add app/tests/Feature/Supplier/DirectPlatformTest.php
-git commit -m "test(supplier): end-to-end DIRECT platform tests (failing)"
-```
-
----
-
-## Task 5: Implement — webhook controller accepts non-B + parsePlatform returns DIRECT
-
-**Files:**
-- Modify: `app/app/Http/Controllers/Api/SupplierWebhookController.php`
-
-- [ ] **Step 1: Remove regex constraint on project field (line 86)**
-
-```php
-'project' => ['required', 'string', 'max:255'], // снят regex /^B[123]_.+$/
-```
-
-- [ ] **Step 2: Update parsePlatform (lines 183-188) to return 'DIRECT' for non-B**
-
-```php
-private function parsePlatform(string $project): string
-{
-    if (preg_match('/^(B[123])_/', $project, $m) === 1) {
-        return $m[1];
-    }
-    return 'DIRECT';
-}
-```
-
-- [ ] **Step 3: Run tests — DirectPlatformTest #1 should now PASS**
-
-```
-cd app && ./vendor/bin/pest tests/Feature/Supplier/DirectPlatformTest.php --filter='accepted (202) and platform=DIRECT'
-```
-
-Expected: PASS. Также:
-```
-cd app && ./vendor/bin/pest tests/Feature/Http/Webhook/SupplierWebhookTest.php --filter='rejects invalid project format'
-```
-
-Тест ('rejects invalid project format ... with 422') теперь будет **FAIL** — потому что мы изменили поведение. Это ожидаемое — переписываем тест в следующем step.
-
-- [ ] **Step 4: Rewrite the obsolete test in SupplierWebhookTest.php line 95**
-
-Перепиcать:
-```php
-it('accepts project without B[123]_ prefix as platform=DIRECT (Phase 3)', function () {
-    Bus::fake();
-    $response = $this->postJson('/api/webhook/supplier/test-secret-32chars-aaaaaaaaaaaaaa', [
-        'vid' => 1, 'project' => 'client.carmoney.ru', 'phone' => '79991234567', 'time' => time(),
-    ]);
-    $response->assertStatus(202);
-});
-```
-
-- [ ] **Step 5: Run full SupplierWebhookTest + DirectPlatformTest**
-
-```
-cd app && ./vendor/bin/pest tests/Feature/Http/Webhook/SupplierWebhookTest.php tests/Feature/Supplier/DirectPlatformTest.php
-```
-
-Expected: тесты #1 в DirectPlatformTest PASS, остальные новые — пока FAIL (resolver/job не готовы).
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/app/Http/Controllers/Api/SupplierWebhookController.php app/tests/Feature/Http/Webhook/SupplierWebhookTest.php
-git commit -m "feat(supplier-webhook): accept non-B-prefix projects as platform=DIRECT
-
-Drops regex /^B[123]_.+\$/ from project field validation; parsePlatform()
-returns 'DIRECT' for projects without B-prefix. SupplierLead created
-with platform='DIRECT' for these. Rewrites obsolete test that asserted
-invalid_format → 422 — now invalid_format → 202 with platform=DIRECT."
-```
-
----
-
-## Task 6: Implement — SupplierProjectResolver accepts DIRECT
-
-**Files:**
-- Modify: `app/app/Services/SupplierProjects/SupplierProjectResolver.php`
-
-- [ ] **Step 1: Extend ALLOWED_PLATFORMS**
-
-```php
-private const ALLOWED_PLATFORMS = ['B1', 'B2', 'B3', 'DIRECT'];
-```
-
-- [ ] **Step 2: Run DirectPlatformTest #2**
-
-```
-cd app && ./vendor/bin/pest tests/Feature/Supplier/DirectPlatformTest.php --filter='creates DIRECT supplier_project'
-```
-
-Expected: PASS.
-
-- [ ] **Step 3: Commit**
-
-```bash
-git add app/app/Services/SupplierProjects/SupplierProjectResolver.php
-git commit -m "feat(supplier): SupplierProjectResolver accepts platform=DIRECT"
-```
-
----
-
-## Task 7: Implement — RouteSupplierLeadJob.parseProjectField + LeadRouter fallback for DIRECT
-
-**Files:**
-- Modify: `app/app/Jobs/RouteSupplierLeadJob.php:172-200`
-- Modify: `app/app/Services/LeadRouter.php:45-76`
-
-- [ ] **Step 1: parseProjectField — добавить DIRECT branch**
-
-В RouteSupplierLeadJob, `parseProjectField` (lines 172-200), заменить начало с:
-
-```php
-private function parseProjectField(string $project): array
-{
-    if (preg_match('/^(B[123])_(.+)$/', $project, $m) === 1) {
-        $platform = $m[1];
-        $rest = $m[2];
-    } else {
-        // Phase 3: проекты без B-префикса попадают в DIRECT.
-        // Весь project считается identifier-частью; signal_type определяется
-        // тем же regex'ом, что для $rest у B-префиксных.
-        $platform = 'DIRECT';
-        $rest = $project;
-    }
-
-    // далее существующий код — определение signal_type/identifier на $rest
-    // (call / site / sms по regex'ам), без изменений
-    $domainRe = '/(?<![a-z0-9.\-])([a-z0-9][a-z0-9\-]*(?:\.[a-z0-9][a-z0-9\-]*)*\.[a-z]{2,})/i';
-    // ... existing logic ...
-}
-```
-
-- [ ] **Step 2: LeadRouter — добавить DIRECT fallback**
-
-В LeadRouter::matchEligibleProjects, расширить SQL: для DIRECT supplier_projects использовать fallback по signal_type+signal_identifier matchу с Лидерра-проектами (если нет project_supplier_links для DIRECT).
-
-```php
-public function matchEligibleProjects(SupplierProject $supplierProject): Collection
-{
-    $todayBit = 1 << (Carbon::now('Europe/Moscow')->isoWeekday() - 1);
-
-    // Phase 3: для DIRECT-supplier_project — fallback на signal_type+signal_identifier
-    // match с Лидерра-проектами, потому что project_supplier_links для DIRECT-row'ов
-    // ещё не настроены (это автоматический матчинг по сигналу). Для B1/B2/B3
-    // продолжаем использовать explicit psl-link.
-    if ($supplierProject->platform === 'DIRECT') {
-        $sql = <<<'SQL'
-            SELECT DISTINCT ON (projects.tenant_id) projects.*
-            FROM projects
-            WHERE projects.signal_type = ?
-              AND LOWER(projects.signal_identifier) = LOWER(?)
-              AND projects.is_active = true
-              AND (projects.delivery_days_mask & ?) <> 0
-              AND projects.delivered_today < COALESCE(projects.effective_daily_limit_today, projects.daily_limit_target)
-              AND EXISTS (
-                  SELECT 1 FROM tenants
-                  WHERE tenants.id = projects.tenant_id
-                    AND (tenants.balance_leads > 0 OR tenants.balance_rub > 0)
-              )
-            ORDER BY
-                projects.tenant_id,
-                (COALESCE(projects.effective_daily_limit_today, projects.daily_limit_target) - projects.delivered_today) DESC,
-                projects.created_at,
-                projects.id
-        SQL;
-        $rows = DB::connection('pgsql_supplier')->select(
-            $sql,
-            [$supplierProject->signal_type, $supplierProject->unique_key, $todayBit]
-        );
-
-        return Project::hydrate($rows)->values();
-    }
-
-    // Existing B1/B2/B3 path — explicit psl link
-    $sql = <<<'SQL'
-        SELECT DISTINCT ON (projects.tenant_id) projects.*
-        FROM projects
-        WHERE EXISTS (
-            SELECT 1 FROM project_supplier_links psl
-            WHERE psl.project_id = projects.id
-              AND psl.supplier_project_id = ?
-        )
-        AND projects.is_active = true
-        AND (projects.delivery_days_mask & ?) <> 0
-        AND projects.delivered_today < COALESCE(projects.effective_daily_limit_today, projects.daily_limit_target)
-        AND EXISTS (
-            SELECT 1 FROM tenants
-            WHERE tenants.id = projects.tenant_id
-              AND (tenants.balance_leads > 0 OR tenants.balance_rub > 0)
-        )
-        ORDER BY
-            projects.tenant_id,
-            (COALESCE(projects.effective_daily_limit_today, projects.daily_limit_target) - projects.delivered_today) DESC,
-            projects.created_at,
-            projects.id
-    SQL;
-    $rows = DB::connection('pgsql_supplier')->select($sql, [$supplierProject->id, $todayBit]);
-
-    return Project::hydrate($rows)->values();
-}
-```
-
-- [ ] **Step 3: Run DirectPlatformTest #3 — end-to-end DIRECT routing**
-
-```
-cd app && ./vendor/bin/pest tests/Feature/Supplier/DirectPlatformTest.php --filter='delivers DIRECT lead'
-```
-
-Expected: PASS. Deal создан, project_id matched.
-
-- [ ] **Step 4: Run full supplier regression**
-
-```
-cd app && ./vendor/bin/pest tests/Feature/Supplier/ tests/Feature/Jobs/RouteSupplierLeadJobTest.php tests/Feature/Http/Webhook/
-```
-
-Expected: все тесты PASS. Особенно регрессия B1/B2/B3 — proxy через `else` branch.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/app/Jobs/RouteSupplierLeadJob.php app/app/Services/LeadRouter.php
-git commit -m "feat(supplier): RouteSupplierLeadJob + LeadRouter handle DIRECT platform
-
-parseProjectField() returns ('DIRECT', signal_type, identifier) when project
-has no B-prefix; identifier-detection (call/site/sms regex) runs on full
-project string. LeadRouter::matchEligibleProjects has a DIRECT fast-path
-that matches Liderra projects by (signal_type, signal_identifier) directly
-without requiring project_supplier_links pivot — because DIRECT
-supplier_projects are auto-created on first webhook and don't have manual
-psl links.
-
-B1/B2/B3 path unchanged (psl-based)."
-```
-
----
-
-## Task 8: Implement — LedgerService.resolveSupplierId fallback for DIRECT + CsvReconcileJob extractPlatform
-
-**Files:**
-- Modify: `app/app/Services/Billing/LedgerService.php:127-148`
-- Modify: `app/app/Jobs/Supplier/CsvReconcileJob.php:237-244`
-
-- [ ] **Step 1: Extend LedgerService.resolveSupplierId**
-
-```php
-private function resolveSupplierId(SupplierLead $lead): ?int
-{
-    if ($lead->supplier_project_id !== null) {
-        $sp = DB::table('supplier_projects')->where('id', $lead->supplier_project_id)->first();
-        if ($sp !== null) {
-            if (in_array($sp->platform, ['B1', 'B2', 'B3'], true)) {
-                $supplier = Supplier::where('code', strtolower($sp->platform))->first();
-                if ($supplier !== null) {
-                    return (int) $supplier->id;
-                }
-            }
-            if ($sp->platform === 'DIRECT') {
-                $supplier = Supplier::where('code', 'direct')->first();
-                return $supplier?->id;
-            }
-        }
-    }
-    // Fallback: parse platform from raw_payload['project']
-    $project = trim((string) ($lead->raw_payload['project'] ?? ''));
-    if (preg_match('/^(B[123])_/', $project, $m) === 1) {
-        $code = strtolower($m[1]);
-        $supplier = Supplier::where('code', $code)->first();
-        return $supplier?->id;
-    }
-    // Phase 3: project без B-префикса — DIRECT
-    if ($project !== '') {
-        $supplier = Supplier::where('code', 'direct')->first();
-        return $supplier?->id;
-    }
-    return null;
-}
-```
-
-- [ ] **Step 2: Update CsvReconcileJob.extractPlatform**
-
-Сейчас extractPlatform возвращает null для не-B → строка увеличивает `unparseable_count` (правильный для МУСОРА типа phone/URL в поле project, но НЕ для DIRECT-проектов как `client.carmoney.ru`). Различение:
-
-```php
-private function extractPlatform(string $project): ?string
-{
-    if (preg_match('/^(B[123])_/', $project, $m) === 1) {
-        return $m[1];
-    }
-    // Phase 3: пытаемся распарсить как DIRECT (валидный domain/call/sms identifier).
-    // Только если строка содержит хотя бы одну букву или dot (= вероятно
-    // domain/название), а не чистый-числовой (= скорее всего телефон в роли проекта).
-    if (preg_match('/[a-zA-Zа-яА-Я.]/u', $project) === 1) {
-        return 'DIRECT';
-    }
-    // Чисто цифры или мусор — оставляем как unparseable (как было).
-    return null;
-}
-```
-
-NB: чисто-числовые проекты ('79135191264') у поставщика — это **callback-проекты**, они валидны и должны быть DIRECT. Уточняем regex:
-
-```php
-private function extractPlatform(string $project): ?string
-{
-    if (preg_match('/^(B[123])_/', $project, $m) === 1) {
-        return $m[1];
-    }
-    // Phase 3: всё что выглядит как разумный identifier (домен / телефон / SMS-sender) → DIRECT.
-    // unparseable_count теперь только для откровенного мусора (пустые / только спец-символы).
-    $trimmed = trim($project);
-    if ($trimmed !== '' && preg_match('/^[\w\-.а-яА-Я0-9\/() +]+$/u', $trimmed) === 1) {
-        return 'DIRECT';
-    }
-    return null;
-}
-```
-
-- [ ] **Step 3: Run regression — CsvReconcileJobTest + RouteSupplierLeadJobBillingTest**
-
-```
-cd app && ./vendor/bin/pest tests/Feature/Supplier/CsvReconcileJobTest.php tests/Feature/Supplier/RouteSupplierLeadJobBillingTest.php tests/Feature/Supplier/DirectPlatformTest.php
-```
-
-Expected: все PASS.
-
-- [ ] **Step 4: Commit**
-
-```bash
-git add app/app/Services/Billing/LedgerService.php app/app/Jobs/Supplier/CsvReconcileJob.php
-git commit -m "feat(supplier): LedgerService + CsvReconcileJob recognise DIRECT platform
-
-LedgerService::resolveSupplierId returns suppliers.code='direct' row for
-DIRECT-platform supplier_projects (and for parsed-from-payload non-B
-projects). CsvReconcileJob::extractPlatform now classifies most non-empty,
-non-junk project strings as DIRECT (instead of dumping them into
-unparseable_count) — this allows CSV recovery to also create DIRECT
-supplier_leads, mirroring the webhook path."
-```
-
----
-
-## Task 9: Sync db/schema.sql + CHANGELOG_schema.md
-
-**Files:**
-- Modify: `db/schema.sql` — поправить constraint definitions
-- Modify: `db/CHANGELOG_schema.md`
-
-- [ ] **Step 1: Update db/schema.sql constraint definitions**
-
-В двух местах `chk_supplier_projects_platform` и `chk_psl_platform` — заменить `IN ('B1','B2','B3')` на `IN ('B1','B2','B3','DIRECT')`.
-
-- [ ] **Step 2: Add CHANGELOG_schema.md entry**
-
-```markdown
-## v8.X — 2026-05-25 — DIRECT platform support
-
-- Extended `chk_supplier_projects_platform` to include `'DIRECT'`
-- Extended `chk_psl_platform` to include `'DIRECT'`
-- Seeded `suppliers.code='direct'` row (BP-GR Direct, cost_rub = same as B1)
-- Spec: docs/superpowers/specs/2026-05-25-supplier-webhook-reliability-design.md
-```
-
-- [ ] **Step 3: Commit**
-
-```bash
-git add db/schema.sql db/CHANGELOG_schema.md
-git commit -m "docs(schema): sync DIRECT platform CHECK constraints to db/schema.sql"
-```
-
----
-
-## Task 10: Regression + prod-readiness
-
-**Files:**
-- None
-
-- [ ] **Step 1: /regression full**
-
-```
-/regression full
-```
-
-Expected: GREEN. Pest --parallel 700+ tests pass.
-
-- [ ] **Step 2: Larastan**
-
-```
-cd app && composer stan
-```
-
-Expected: 0 errors над baseline.
-
-- [ ] **Step 3: Manual webhook smoke на dev**
-
-(если dev-сервер работает)
-```bash
-cd app && php artisan serve --port=8000 &
-sleep 2
-curl -X POST http://localhost:8000/api/webhook/supplier/<dev-secret> \
-  -H 'Content-Type: application/json' \
-  -d '{"vid":99999,"project":"client.carmoney.ru","phone":"79991234567","time":'$(date +%s)'}'
-pkill -f 'artisan serve' || true
-```
-
-Expected: `{"status":"accepted","supplier_lead_id":...}` 202.
-
----
-
-## Task 11: Deploy to liderra.ru
-
-**Files:**
-- None
-
-- [ ] **Step 1: prod-deploy-validator agent**
-
-```
-subagent_type: prod-deploy-validator
-prompt: проверь готовность liderra.ru к Phase 3 деплою. Меняется: миграция БД (2 CHECK constraints), seed (suppliers.code='direct'), 5 PHP-файлов (SupplierWebhookController/RouteSupplierLeadJob/CsvReconcileJob/SupplierProjectResolver/LeadRouter/LedgerService), сменён тест.
-
-Особое внимание:
-1. Миграция ALTER CONSTRAINT не блокирует таблицу долго (DROP+ADD на 2 таблицах в одной транзакции).
-2. После миграции — обязательный queue:restart (RouteSupplierLeadJob memory-cached в воркерах).
-3. redeploy.sh должен сначала migrate потом optimize — проверь порядок.
-
-Phase 1 + Phase 2 уже стоят ≥2h. 8 pre-flight + GO/NO-GO.
-```
-
-- [ ] **Step 2: Merge feature branch → main**
-
-```bash
-git checkout main
-git merge --ff-only feat/supplier-webhook-fixes
-git push origin main
-```
-
-- [ ] **Step 3: redeploy.sh**
-
-```bash
-ssh liderra "cd /var/www/liderra/app && sudo -u www-data ./redeploy.sh 2>&1 | tail -80"
-```
-
-Expected: migration ran successfully, queue:restart fired, deploy complete.
-
-- [ ] **Step 4: Prod smoke — webhook with non-B project**
-
-```bash
-ssh liderra 'curl -sk -X POST \
-  -H "Content-Type: application/json" \
-  -d "{\"vid\":99999001,\"project\":\"client.carmoney.ru\",\"phone\":\"79991234567\",\"time\":'$(date +%s)'}" \
-  https://liderra.ru/api/webhook/supplier/8c1c07ddb0768763661b357198e0625832f74ad0915d91b1'
-```
-
-Expected: `{"status":"accepted","supplier_lead_id":...}` или `{"status":"already_processed",...}` если повтор. Status 202 / 200.
-
-- [ ] **Step 5: Check supplier_projects has new DIRECT row**
-
-```bash
-ssh liderra "sudo -u postgres psql -d liderra -c \"SELECT id, platform, signal_type, unique_key, created_at FROM supplier_projects WHERE platform='DIRECT' ORDER BY id DESC LIMIT 5\""
-```
-
-Expected: видим только что созданную (или существующую) DIRECT-row с unique_key='client.carmoney.ru' (test smoke).
-
-- [ ] **Step 6: Wait 6 hours, observe**
-
-Через 6 часов:
-```bash
-ssh liderra "sudo grep '/api/webhook/supplier' /var/log/nginx/access.log | grep '$(date +%d/%b)' | awk '{print \$9}' | sort | uniq -c"
-ssh liderra "sudo -u postgres psql -d liderra -c \"SELECT platform, COUNT(*) FROM supplier_leads WHERE received_at > NOW() - interval '6 hours' GROUP BY platform\""
-ssh liderra "sudo -u postgres psql -d liderra -c \"SELECT COUNT(*) FILTER (WHERE source_crm_id IS NULL) AS no_crm_id, COUNT(*) FILTER (WHERE source_crm_id IS NOT NULL) AS with_crm_id, COUNT(*) AS total FROM deals WHERE tenant_id=2 AND created_at > NOW() - interval '6 hours'\""
-```
-
-Expected:
-- nginx: 0 × 302 на webhook (все принимаются)
-- supplier_leads: видим записи с platform='DIRECT' (~ 67/24 = 2-3 в час)
-- deals: 0 unmerged duplicates (Phase 2 покрывает)
-
-- [ ] **Step 7: Update ПИЛОТ.md + memory**
-
-```bash
-# Update ПИЛОТ.md, memory entries
-git add ПИЛОТ.md
-git commit -m "docs(пилот): Phase 3 supplier DIRECT platform deployed, $X DIRECT leads in 6h"
-git push origin main
-```
-
----
-
-## Done criteria для Phase 3
-
-- [ ] Все тесты в DirectPlatformTest.php + регрессия supplier/* + webhook/* PASS
-- [ ] /regression full GREEN
-- [ ] Larastan baseline clean
-- [ ] migration up/down работают на dev
-- [ ] Прод-smoke: webhook `project: "client.carmoney.ru"` → 202
-- [ ] 6 часов наблюдения: webhook 302 ушли в 0, новые DIRECT leads принимаются, нет дублей
-
----
-
-## Откат
-
-Сложнее остальных — есть миграция БД.
-
-```bash
-# 1. Cleanup: убрать DIRECT-rows если они появились на проде
-ssh liderra "sudo -u postgres psql -d liderra -c \"DELETE FROM project_supplier_links WHERE platform='DIRECT'; DELETE FROM supplier_projects WHERE platform='DIRECT'\""
-
-# 2. Migration down
-ssh liderra "cd /var/www/liderra/app && sudo -u www-data php artisan migrate:rollback --step=2"
-
-# 3. Revert code
-ssh liderra "cd /var/www/liderra/app && git revert --no-edit HEAD~N..HEAD && sudo -u www-data ./redeploy.sh"
-```
-
-Лиды с platform=DIRECT, уже превратившиеся в deals, остаются (deal.project_id указывает на валидный Лидерра-проект); supplier_lead.platform='B1' fallback не применится для уже сохранённых, но и не нужен — они уже обработаны.
-
-Если откат нужен экстренно — можно ограничиться **revert кода без migration:rollback**: миграция оставляет DIRECT в enum, старый код просто никогда не создаст такую row. БД не сломается.
diff --git a/docs/superpowers/plans/2026-05-26-slepok-routing-protection.md b/docs/superpowers/plans/2026-05-26-slepok-routing-protection.md
deleted file mode 100644
index e900639..0000000
--- a/docs/superpowers/plans/2026-05-26-slepok-routing-protection.md
+++ /dev/null
@@ -1,2334 +0,0 @@
-# Slepok Routing Protection — Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Заменить live-чтение `projects.*` в `LeadRouter` на ежедневный snapshot, чтобы вчерашний заказ клиента действовал сегодня — закрыть 19 рисков (R-01..R-19), выявленных в аудите сессии `135a4adf`.
-
-**Architecture:** Создаём таблицу `project_routing_snapshots` с зафиксированным состоянием каждого активного проекта на каждый рабочий день. Cron в 18:02 МСК (после `BalancePreflightSweepJob`, до `SyncSupplierProjectsJob`) создаёт slepok №NЛ для дня N+1. `LeadRouter` читает из snapshot для eligibility-полей (is_active/limit/days/regions); баланс остаётся live (защита auto-pause). Изменения настроек применяются со следующего slepok'а — UI явно отображает `applies_date` через расширенный `SupplierSnapshotGuard::appliesFrom()`.
-
-**Tech Stack:**
-
-- Backend: PHP 8.3 + Laravel 13.
-- БД: PostgreSQL 16 + RLS + partitioning (`PARTITION BY RANGE (snapshot_date)`).
-- Тесты: Pest 4 (`composer test --parallel`).
-- DB connections: `pgsql` (RLS, default) + `pgsql_supplier` (BYPASSRLS-роль `crm_supplier_worker`).
-- Queue/cache: Memurai Redis (Windows-аналог Redis 7).
-- Cron: Laravel Scheduler в `app/routes/console.php` (heartbeat через `SchedulerHeartbeatTracker`).
-- bcmath для денежных операций (`LedgerService`).
-
-**Спек:** [`docs/superpowers/specs/2026-05-26-slepok-routing-protection-design.md`](../specs/2026-05-26-slepok-routing-protection-design.md) v0.4.
-
-**Memory:** [`project_slepok_protection.md`](memory) + [`project_billing_v2.md`](memory) (online/batch policy).
-
-**Контекст состояния веток (на момент старта плана):**
-
-- main HEAD `52158423`.
-- `feat/billing-v2-spec-c` HEAD `f0269534` — отстаёт от main на 50+ коммитов (Snapshot Guard + Phase 2 FK `0da72778` + enforce-hooks). Spec C forward = 14 коммитов.
-- На проде scp-патчи Spec C поверх main `0902de96` — Этап 1 это рассинхронизирует.
-
----
-
-## Структура файлов (что создаём и меняем)
-
-**Новые файлы (Этап 2):**
-
-- `app/database/migrations/2026_05_27_120000_create_project_routing_snapshots_table.php` — миграция таблицы + RLS + партиционирование.
-- `app/app/Jobs/SnapshotProjectRoutingJob.php` — cron 18:02 МСК.
-- `app/app/Console/Commands/SnapshotBackfillCommand.php` — `php artisan snapshot:backfill --date=YYYY-MM-DD`.
-- `app/app/Console/Commands/SnapshotRebuildCommand.php` — recovery `php artisan snapshot:rebuild --date=YYYY-MM-DD`.
-
-**Новые файлы (Этап 4):**
-
-- `app/app/Console/Commands/SupplierRekeyOrphansCommand.php` — миграция R-17 orphan SMS-rows.
-
-**Изменяемые файлы:**
-
-| Файл | Этап | Что |
-|---|---|---|
-| `app/app/Services/LeadRouter.php` | 1.2, 2.5, 3.1 | DROP balance_leads, JOIN snapshot, frozen filter |
-| `app/app/Jobs/RouteSupplierLeadJob.php` | 2.6 | snapshot recheck + is_active recheck |
-| `app/app/Services/Project/SupplierSnapshotGuard.php` | 2.7 | новое API `appliesFrom()` |
-| `app/app/Services/Project/ProjectService.php` | 2.8 | вызов `appliesFrom` для slepok-полей |
-| `app/app/Jobs/Supplier/SyncSupplierProjectsJob.php` | 2.9 | чтение из snapshot вместо live |
-| `app/app/Jobs/Billing/BalancePreflightSweepJob.php` | 3.2 | sync `paused_at` при freeze/unfreeze |
-| `app/app/Services/Billing/LedgerService.php` | 3.1 | reject frozen |
-| `app/app/Jobs/Supplier/CleanupInactiveSupplierProjectsJob.php` | 1.4 | subquery через pivot |
-| `app/app/Services/Supplier/SupplierProjectGrouping.php` | 4.1 | удалить `buildUniqueKey($p, $platform)` |
-| `app/app/Jobs/SyncSupplierProjectJob.php` | 4.3 | fixed target_date |
-| `app/app/Models/Tenant.php` | 4.4 | share-aware `requiredLeadsForTomorrow` |
-| `app/app/Jobs/Supplier/CsvReconcileJob.php` | 4.5 | business-drift проверка |
-| `app/routes/console.php` | 2.4 | `SnapshotProjectRoutingJob` + recovery cmd |
-| `app/resources/js/components/project/ProjectFormDialog.vue` (или similar) | 2.11 | сообщение `applies_date` |
-
----
-
-# Этап 1 — Стабилизация прод-state (0.5–1 рабочий день)
-
-Закрывает R-12, R-14, R-16. Готовит почву под Этап 2 (rebase, drop column, cleanup-fix).
-
-## Task 1.1: Rebase `feat/billing-v2-spec-c` на `origin/main`
-
-**Files:**
-
-- Modify: вся ветка `feat/billing-v2-spec-c`.
-- Особое внимание при резолве: `app/app/Services/LeadRouter.php`, `app/app/Jobs/RouteSupplierLeadJob.php`, `app/app/Models/Project.php`, `app/app/Models/Tenant.php`, `app/app/Services/Project/ProjectService.php`.
-
-- [ ] **Step 1: `git fetch --all` и оценка диффа**
-
-```bash
-cd c:/моя/проекты/портал\ crm/Документация
-git fetch --all
-echo "=== spec-c forward ==="
-git log origin/main..origin/feat/billing-v2-spec-c --oneline | wc -l
-echo "=== main forward (которые нужно подтянуть) ==="
-git log origin/feat/billing-v2-spec-c..origin/main --oneline | wc -l
-```
-
-Expected: spec-c forward ~14, main forward 50+. Если main forward сильно вырос с момента 26.05 — повторно сверить с состоянием на момент начала.
-
-- [ ] **Step 2: Создать локальную ветку rebase**
-
-```bash
-git checkout feat/billing-v2-spec-c
-git checkout -b rebase/spec-c-on-main
-git rebase origin/main
-```
-
-Expected: rebase начинается, конфликты в файлах списка `Files` выше.
-
-- [ ] **Step 3: Резолв конфликтов — `LeadRouter.php`**
-
-Сохранить из main: DIRECT-path (lines 54-80 main) — он добавлен в main после Plan 3 supplier-platform-prefix. Сохранить из spec-c: ничего (spec-c не трогает LeadRouter в этой части).
-
-Финальный файл должен иметь:
-
-- DIRECT-path из main (для `supplier_project->platform === 'DIRECT'`).
-- B1/B2/B3 path из main.
-- Никаких snapshot-правок (это Task 2.5 потом).
-
-- [ ] **Step 4: Резолв конфликтов — `RouteSupplierLeadJob.php`**
-
-Сохранить из main:
-
-- `parseProjectField` с DIRECT fallback (lines 172-205 main).
-- Phase 2 CSV-merge `$existingMergeable` блок (lines 253-302 main).
-- `handleInsufficientBalance` (lines 399-426 main).
-- **КРИТИЧНО:** `received_at` НЕ обновлять на merge — это Phase 2 FK fix `0da72778`. Cмотри inline-комментарии lines 282-289 main про partition-key + FK ON UPDATE NO ACTION. Этот фикс не теряем.
-
-Сохранить из spec-c: ничего (spec-c не изменял этот файл независимо).
-
-- [ ] **Step 5: Резолв конфликтов — `Project.php`**
-
-Сохранить из main: `paused_at` в `$fillable` + cast как `datetime` (lines 43, 70 main).
-
-В spec-c этого поля нет — он его удалил. После rebase оно должно быть.
-
-- [ ] **Step 6: Резолв конфликтов — `Tenant.php`**
-
-Сохранить из spec-c: `frozen_by_balance_at` в `$fillable` + cast + метод `requiredLeadsForTomorrow()`.
-
-Сохранить из main: всё остальное.
-
-- [ ] **Step 7: Резолв конфликтов — `ProjectService.php`**
-
-Сохранить из main: вызовы `SupplierSnapshotGuard::assertCanMutateSource` в `update()` (line 40) и `delete()` (line 165) + `bulkPauseResume` запись `paused_at` (line 284) + `bulkDelete` reason `supplier_snapshot_locked` (lines 318-322).
-
-Сохранить из spec-c: ничего (spec-c не изменял ProjectService).
-
-- [ ] **Step 8: Завершить rebase**
-
-```bash
-git add app/
-git rebase --continue
-# Повторить для каждого commit'а с конфликтом
-```
-
-Expected: rebase успешно завершён, локальный HEAD ветки `rebase/spec-c-on-main` — поверх `origin/main`.
-
-- [ ] **Step 9: Полный регресс**
-
-```bash
-cd app
-composer test --parallel
-```
-
-Expected: все Pest зелёные. Особенно проверить:
-
-- `tests/Feature/Billing/BalancePreflightSweepJobTest.php` — frozen flow.
-- `tests/Feature/Supplier/SyncSupplierPreflightFilterTest.php` — фильтр frozen в push'е.
-- `tests/Feature/Supplier/SupplierWebhookReceiveTest.php` — DIRECT path.
-- Любые supplier-snapshot-guard тесты на main.
-
-Если красные — резолв конфликтов был неправильный, вернуться к step 3.
-
-- [ ] **Step 10: Force-push на origin (вы overwrите старую ветку)**
-
-```bash
-git push origin rebase/spec-c-on-main:feat/billing-v2-spec-c --force-with-lease
-```
-
-Expected: ветка `feat/billing-v2-spec-c` обновлена.
-
-- [ ] **Step 11: Создать PR и merge через FF**
-
-```bash
-gh pr create --base main --head feat/billing-v2-spec-c --title "feat(billing-v2-c): merge Spec C into main (Phase 1+Spec C extensions)" --body "Merge spec-c branch (14 commits) into main after rebase. Includes BalancePreflightSweepJob, BalancePreflightService, SupplierExportMode, ProjectController preflight, balance_freeze migration. Closes scp-drift between repo and prod."
-gh pr merge --auto --merge
-```
-
-Expected: PR создан, после прохождения CI — авто-merge.
-
-- [ ] **Step 12: Обновить `ПИЛОТ.md` + memory**
-
-В `ПИЛОТ.md` сверху добавить: «{date} — spec-c влит в main через rebase + FF merge, scp-патчи больше не нужны для следующего деплоя».
-
-В memory `project_billing_v2.md` пометить «Spec C merged into main HEAD `<новый-sha>`».
-
-- [ ] **Step 13: Commit memory + ПИЛОТ.md**
-
-```bash
-git add ПИЛОТ.md
-git add C:/Users/Administrator/.claude/projects/c---------------------crm-------------/memory/project_billing_v2.md
-git commit -m "docs: spec-c merged into main, scp-drift closed"
-```
-
-NB: `redeploy.sh` НЕ запускать на этом шаге — это будет после Task 1.4.
-
----
-
-## Task 1.2: R-12 — `LeadRouter` готов к DROP `balance_leads`
-
-**Files:**
-
-- Modify: `app/app/Services/LeadRouter.php:65-66, 95-97` — удалить `OR tenants.balance_leads > 0`.
-- Test: `app/tests/Feature/LeadRouter/BalanceFilterTest.php` (новый).
-
-- [ ] **Step 1: Создать failing test**
-
-`app/tests/Feature/LeadRouter/BalanceFilterTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Project;
-use App\Models\SupplierProject;
-use App\Models\Tenant;
-use App\Services\LeadRouter;
-
-it('does not match project for tenant with only balance_leads (no balance_rub)', function () {
-    $tenant = Tenant::factory()->create([
-        'balance_rub' => '0.00',
-        'balance_leads' => 999, // legacy — должно игнорироваться после фикса
-    ]);
-    $project = Project::factory()->for($tenant)->create([
-        'is_active' => true,
-        'delivery_days_mask' => 127,
-        'daily_limit_target' => 10,
-        'delivered_today' => 0,
-    ]);
-    $sp = SupplierProject::factory()->create();
-    \DB::table('project_supplier_links')->insert([
-        'project_id' => $project->id,
-        'supplier_project_id' => $sp->id,
-        'platform' => $sp->platform,
-        'subject_code' => null,
-    ]);
-
-    $matched = app(LeadRouter::class)->matchEligibleProjects($sp);
-
-    expect($matched)->toHaveCount(0); // balance_rub=0 → не eligible
-});
-
-it('matches project for tenant with balance_rub > 0 (balance_leads ignored)', function () {
-    $tenant = Tenant::factory()->create([
-        'balance_rub' => '500.00',
-        'balance_leads' => 0,
-    ]);
-    $project = Project::factory()->for($tenant)->create([
-        'is_active' => true,
-        'delivery_days_mask' => 127,
-        'daily_limit_target' => 10,
-        'delivered_today' => 0,
-    ]);
-    $sp = SupplierProject::factory()->create();
-    \DB::table('project_supplier_links')->insert([
-        'project_id' => $project->id,
-        'supplier_project_id' => $sp->id,
-        'platform' => $sp->platform,
-        'subject_code' => null,
-    ]);
-
-    $matched = app(LeadRouter::class)->matchEligibleProjects($sp);
-
-    expect($matched)->toHaveCount(1);
-});
-```
-
-- [ ] **Step 2: Запустить тест — должен упасть**
-
-```bash
-cd app && composer test -- --filter=BalanceFilterTest
-```
-
-Expected: первый тест FAIL (текущий код матчит при balance_leads>0); второй PASS.
-
-- [ ] **Step 3: Применить фикс**
-
-`app/app/Services/LeadRouter.php` lines 63-67 (DIRECT path) и lines 94-98 (B1/B2/B3 path) — заменить:
-
-```php
-AND EXISTS (
-    SELECT 1 FROM tenants
-    WHERE tenants.id = projects.tenant_id
-      AND (tenants.balance_leads > 0 OR tenants.balance_rub > 0)
-)
-```
-
-на:
-
-```php
-AND EXISTS (
-    SELECT 1 FROM tenants
-    WHERE tenants.id = projects.tenant_id
-      AND tenants.balance_rub > 0
-)
-```
-
-- [ ] **Step 4: Запустить тест — должен пройти**
-
-```bash
-composer test -- --filter=BalanceFilterTest
-```
-
-Expected: оба теста PASS.
-
-- [ ] **Step 5: Полный регресс**
-
-```bash
-composer test --parallel
-```
-
-Expected: все Pest зелёные. Если что-то red — проверить не использует ли LedgerService legacy `balance_leads` для charge.
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/app/Services/LeadRouter.php app/tests/Feature/LeadRouter/BalanceFilterTest.php
-git commit -m "fix(lead-router): R-12 — remove balance_leads from eligibility filter
-
-balance_rub is the only balance used after Spec A Phase A.
-LeadRouter SQL still referenced legacy balance_leads in OR clause —
-would crash on Spec B Phase B DROP COLUMN. Filter now only checks balance_rub."
-```
-
----
-
-## Task 1.3: R-14 — Проверить и зафиксировать прод-версию `RouteSupplierLeadJob`
-
-**Files:**
-
-- Reference: `app/app/Jobs/RouteSupplierLeadJob.php` (после rebase в Task 1.1 должен быть main-версия с DIRECT path).
-- Smoke target: `https://liderra.ru/api/webhook/supplier/<secret>` (после merge в main).
-
-- [ ] **Step 1: SSH на прод, проверить файл**
-
-```bash
-ssh ubuntu@liderra.ru "head -210 /var/www/liderra/app/app/Jobs/RouteSupplierLeadJob.php | grep -A2 'parseProjectField'"
-```
-
-Expected: должна быть main-версия — `if (preg_match('/^(B[123])_(.+)$/', $project, $m) === 1) { $platform = $m[1]; ... } else { $platform = 'DIRECT'; ... }`.
-
-Если присутствует `throw new RuntimeException("Cannot parse...")` — это устаревшая spec-c версия, scp-drift не закрыт. Перейти к Step 2.
-
-Если main-версия — Task 1.3 закрыт, переходить к Task 1.4.
-
-- [ ] **Step 2: Деплой (только если шаг 1 показал spec-c версию)**
-
-```bash
-ssh ubuntu@liderra.ru "cd /var/www/liderra && sudo -u www-data bash redeploy.sh"
-```
-
-Expected: `git pull` подтягивает main HEAD после merge Task 1.1. Сервисы перезапущены.
-
-- [ ] **Step 3: Smoke-test DIRECT path вживую**
-
-В UI создать тестовый webhook через test-form или curl:
-
-```bash
-curl -X POST "https://liderra.ru/api/webhook/supplier/<secret>" \
-  -H "Content-Type: application/json" \
-  -d '{"vid": 999999, "project": "lkomega.ru", "phone": "79000000001", "time": '$(date +%s)'}'
-```
-
-Expected: HTTP 202 с `supplier_lead_id`. Через 30 сек проверить:
-
-```bash
-ssh ubuntu@liderra.ru "sudo -u postgres psql -d liderra -c \"SELECT id, vid, platform, processed_at, error FROM supplier_leads WHERE vid=999999\""
-```
-
-Expected: row существует, `platform='DIRECT'`, `processed_at` NOT NULL, `error` NULL.
-
-- [ ] **Step 4: Cleanup тестового лида**
-
-```bash
-ssh ubuntu@liderra.ru "sudo -u postgres psql -d liderra -c \"DELETE FROM deals WHERE source_crm_id=999999; DELETE FROM supplier_leads WHERE vid=999999\""
-```
-
-- [ ] **Step 5: Commit отметки в ПИЛОТ.md**
-
-В `ПИЛОТ.md` строкой сверху: «{date} — R-14 закрыт, prod RouteSupplierLeadJob = main-версия с DIRECT path, smoke на `lkomega.ru` ✅».
-
-```bash
-git add ПИЛОТ.md && git commit -m "docs(pilot): R-14 closed, DIRECT path verified live"
-```
-
----
-
-## Task 1.4: R-16 — `CleanupInactiveSupplierProjectsJob` через pivot
-
-**Files:**
-
-- Modify: `app/app/Jobs/Supplier/CleanupInactiveSupplierProjectsJob.php:62-78` (`$activeIdsSubquery`).
-- Test: `app/tests/Feature/Supplier/CleanupInactiveOnPivotTest.php` (новый).
-
-- [ ] **Step 1: Создать failing test**
-
-`app/tests/Feature/Supplier/CleanupInactiveOnPivotTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Jobs\Supplier\CleanupInactiveSupplierProjectsJob;
-use App\Models\Project;
-use App\Models\SupplierProject;
-use App\Models\Tenant;
-
-it('does not mark inactive supplier_project that has pivot link to active project', function () {
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->for($tenant)->create([
-        'is_active' => true,
-        // легаси FK НЕ заполнены (Plan 3+ архитектура):
-        'supplier_b1_project_id' => null,
-        'supplier_b2_project_id' => null,
-        'supplier_b3_project_id' => null,
-    ]);
-    $sp = SupplierProject::factory()->create([
-        'inactive_since' => null,
-    ]);
-    \DB::table('project_supplier_links')->insert([
-        'project_id' => $project->id,
-        'supplier_project_id' => $sp->id,
-        'platform' => $sp->platform,
-        'subject_code' => null,
-    ]);
-
-    (new CleanupInactiveSupplierProjectsJob)->handle(app(\App\Services\Supplier\SupplierPortalClient::class));
-
-    expect($sp->fresh()->inactive_since)->toBeNull();
-});
-
-it('marks supplier_project inactive when no pivot link exists', function () {
-    $sp = SupplierProject::factory()->create(['inactive_since' => null]);
-    // нет project_supplier_links
-
-    (new CleanupInactiveSupplierProjectsJob)->handle(app(\App\Services\Supplier\SupplierPortalClient::class));
-
-    expect($sp->fresh()->inactive_since)->not->toBeNull();
-});
-```
-
-- [ ] **Step 2: Запустить тест — должен упасть**
-
-```bash
-composer test -- --filter=CleanupInactiveOnPivotTest
-```
-
-Expected: первый тест FAIL (legacy FK NULL → subquery не находит → проект помечается inactive).
-
-- [ ] **Step 3: Заменить subquery в `handle()`**
-
-`app/app/Jobs/Supplier/CleanupInactiveSupplierProjectsJob.php:62-78`:
-
-```php
-// Было:
-$activeIdsSubquery = <<<'SQL'
-    SELECT DISTINCT id FROM (
-        SELECT supplier_b1_project_id AS id FROM projects WHERE is_active=true AND supplier_b1_project_id IS NOT NULL
-        UNION SELECT supplier_b2_project_id FROM projects WHERE is_active=true AND supplier_b2_project_id IS NOT NULL
-        UNION SELECT supplier_b3_project_id FROM projects WHERE is_active=true AND supplier_b3_project_id IS NOT NULL
-    ) AS active_supplier_ids
-SQL;
-
-// Стало:
-$activeIdsSubquery = <<<'SQL'
-    SELECT DISTINCT psl.supplier_project_id AS id
-    FROM project_supplier_links psl
-    INNER JOIN projects p ON p.id = psl.project_id
-    WHERE p.is_active = true
-SQL;
-```
-
-Inline-комментарий выше subquery дополнить: «Источник истинности активности — `project_supplier_links` pivot (Plan 3+). Legacy FK `supplier_b{1,2,3}_project_id` оставлены для read-compat, но не определяют активность».
-
-- [ ] **Step 4: Запустить тест — должен пройти**
-
-```bash
-composer test -- --filter=CleanupInactiveOnPivotTest
-```
-
-Expected: оба теста PASS.
-
-- [ ] **Step 5: Полный регресс**
-
-```bash
-composer test --parallel
-```
-
-Expected: все Pest зелёные.
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/app/Jobs/Supplier/CleanupInactiveSupplierProjectsJob.php app/tests/Feature/Supplier/CleanupInactiveOnPivotTest.php
-git commit -m "fix(supplier): R-16 — cleanup uses pivot, not legacy FK
-
-CleanupInactiveSupplierProjectsJob Phase A/B/C subquery determined
-active supplier_projects through legacy supplier_b{1,2,3}_project_id FKs,
-which are NULL for Plan 3+ projects (using project_supplier_links pivot).
-After 180d TTL these supplier_projects would be deleted from supplier,
-breaking real lead flow. Subquery now uses pivot."
-```
-
-- [ ] **Step 7: Деплой Этапа 1**
-
-```bash
-ssh ubuntu@liderra.ru "cd /var/www/liderra && sudo -u www-data bash redeploy.sh"
-```
-
-Expected: после `redeploy.sh` прод-код = main HEAD с патчами R-12 + R-14 (если нужен был) + R-16.
-
-- [ ] **Step 8: Smoke на проде**
-
-```bash
-ssh ubuntu@liderra.ru "sudo -u postgres psql -d liderra -c \"SELECT COUNT(*) AS sp_total, COUNT(*) FILTER (WHERE inactive_since IS NULL) AS active, COUNT(*) FILTER (WHERE inactive_since IS NOT NULL) AS marked FROM supplier_projects\""
-```
-
-Записать цифры — baseline ДО следующего запуска cleanup-cron в 02:00 МСК. После 02:00 МСК следующих суток — сверить (числа не должны драматически измениться).
-
-- [ ] **Step 9: Этап 1 Acceptance check**
-
-В `ПИЛОТ.md` зафиксировать: «Этап 1 закрыт {date}: R-12 (balance_leads filter) + R-14 (DIRECT path verified) + R-16 (cleanup on pivot). Прод-код = main HEAD `<sha>`».
-
----
-
-# Этап 2 — Собственный slepok (3–5 рабочих дней)
-
-Главная архитектурная работа. Закрывает R-01, R-02, R-04, R-06, R-07, R-08, R-09, R-10, R-15.
-
-## Task 2.1: Миграция `project_routing_snapshots`
-
-**Files:**
-
-- Create: `app/database/migrations/2026_05_27_120000_create_project_routing_snapshots_table.php`.
-- Test: `app/tests/Feature/Migrations/ProjectRoutingSnapshotsTableTest.php` (новый).
-
-- [ ] **Step 1: Создать failing test**
-
-`app/tests/Feature/Migrations/ProjectRoutingSnapshotsTableTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Support\Facades\Schema;
-
-it('has project_routing_snapshots table with composite PK', function () {
-    expect(Schema::hasTable('project_routing_snapshots'))->toBeTrue();
-    expect(Schema::hasColumns('project_routing_snapshots', [
-        'snapshot_date', 'project_id', 'tenant_id',
-        'daily_limit', 'delivery_days_mask', 'regions',
-        'signal_type', 'signal_identifier', 'sms_senders', 'sms_keyword',
-        'expected_volume', 'delivered_count', 'created_at',
-    ]))->toBeTrue();
-});
-
-it('rejects negative daily_limit / expected_volume / delivered_count', function () {
-    \DB::table('project_routing_snapshots')->insert([
-        'snapshot_date' => '2026-05-28',
-        'project_id' => 1,
-        'tenant_id' => 1,
-        'daily_limit' => -1, // CHECK violation
-        'delivery_days_mask' => 0,
-        'regions' => '{}',
-        'signal_type' => 'call',
-        'expected_volume' => 0,
-        'delivered_count' => 0,
-        'created_at' => now(),
-    ]);
-})->throws(\Illuminate\Database\QueryException::class);
-
-it('enforces composite PK (snapshot_date, project_id)', function () {
-    $tenant = \App\Models\Tenant::factory()->create();
-    $project = \App\Models\Project::factory()->for($tenant)->create();
-    \DB::table('project_routing_snapshots')->insert([
-        'snapshot_date' => '2026-05-28', 'project_id' => $project->id, 'tenant_id' => $tenant->id,
-        'daily_limit' => 10, 'delivery_days_mask' => 127, 'regions' => '{}',
-        'signal_type' => 'call', 'expected_volume' => 10, 'delivered_count' => 0,
-        'created_at' => now(),
-    ]);
-    // Дубль — должен упасть на PK violation
-    expect(fn () => \DB::table('project_routing_snapshots')->insert([
-        'snapshot_date' => '2026-05-28', 'project_id' => $project->id, 'tenant_id' => $tenant->id,
-        'daily_limit' => 20, 'delivery_days_mask' => 127, 'regions' => '{}',
-        'signal_type' => 'call', 'expected_volume' => 20, 'delivered_count' => 0,
-        'created_at' => now(),
-    ]))->toThrow(\Illuminate\Database\QueryException::class);
-});
-```
-
-- [ ] **Step 2: Запустить тесты — должны упасть**
-
-```bash
-composer test -- --filter=ProjectRoutingSnapshotsTableTest
-```
-
-Expected: все три FAIL (таблицы нет).
-
-- [ ] **Step 3: Создать миграцию**
-
-`app/database/migrations/2026_05_27_120000_create_project_routing_snapshots_table.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use Illuminate\Database\Migrations\Migration;
-use Illuminate\Support\Facades\DB;
-
-return new class extends Migration {
-    public function up(): void
-    {
-        DB::statement('SET ROLE crm_migrator');
-
-        DB::unprepared(<<<'SQL'
-            CREATE TABLE project_routing_snapshots (
-                snapshot_date      DATE        NOT NULL,
-                project_id         BIGINT      NOT NULL,
-                tenant_id          BIGINT      NOT NULL,
-                daily_limit        INT         NOT NULL CHECK (daily_limit >= 0),
-                delivery_days_mask INT         NOT NULL CHECK (delivery_days_mask BETWEEN 0 AND 127),
-                regions            INT[]       NOT NULL DEFAULT '{}',
-                signal_type        TEXT        NOT NULL CHECK (signal_type IN ('call','site','sms')),
-                signal_identifier  TEXT,
-                sms_senders        JSONB,
-                sms_keyword        TEXT,
-                expected_volume    INT         NOT NULL CHECK (expected_volume >= 0),
-                delivered_count    INT         NOT NULL DEFAULT 0 CHECK (delivered_count >= 0),
-                created_at         TIMESTAMP   NOT NULL DEFAULT NOW(),
-                PRIMARY KEY (snapshot_date, project_id),
-                FOREIGN KEY (tenant_id) REFERENCES tenants(id) ON DELETE CASCADE
-                -- NB: НЕ ссылаемся на projects(id) — проект может быть удалён,
-                --     а snapshot должен пережить (хвост слепка ещё летит).
-            ) PARTITION BY RANGE (snapshot_date);
-
-            CREATE INDEX project_routing_snapshots_tenant_date_idx
-                ON project_routing_snapshots (tenant_id, snapshot_date);
-            CREATE INDEX project_routing_snapshots_signal_idx
-                ON project_routing_snapshots (snapshot_date, signal_type, lower(signal_identifier));
-
-            ALTER TABLE project_routing_snapshots ENABLE ROW LEVEL SECURITY;
-            CREATE POLICY project_routing_snapshots_tenant_isolation
-                ON project_routing_snapshots
-                USING (tenant_id = current_setting('app.current_tenant_id', true)::bigint);
-
-            GRANT SELECT, INSERT, UPDATE ON project_routing_snapshots TO crm_app_user;
-            GRANT SELECT, INSERT, UPDATE, DELETE ON project_routing_snapshots TO crm_supplier_worker;
-
-            -- Партиция для текущего месяца (создаётся также через partitions:create-months).
-            CREATE TABLE project_routing_snapshots_y2026_m05
-                PARTITION OF project_routing_snapshots
-                FOR VALUES FROM ('2026-05-01') TO ('2026-06-01');
-            CREATE TABLE project_routing_snapshots_y2026_m06
-                PARTITION OF project_routing_snapshots
-                FOR VALUES FROM ('2026-06-01') TO ('2026-07-01');
-        SQL);
-
-        // Регистрация в retention (system_settings).
-        DB::table('system_settings')->insertOrIgnore([
-            'key' => 'partition_retention_months_project_routing_snapshots',
-            'value' => '3',
-            'description' => 'Retention в месяцах для project_routing_snapshots (90 дней)',
-            'created_at' => now(),
-            'updated_at' => now(),
-        ]);
-    }
-
-    public function down(): void
-    {
-        DB::statement('SET ROLE crm_migrator');
-        DB::statement('DROP TABLE IF EXISTS project_routing_snapshots CASCADE');
-        DB::table('system_settings')->where('key', 'partition_retention_months_project_routing_snapshots')->delete();
-    }
-};
-```
-
-- [ ] **Step 4: Запустить миграцию + тесты**
-
-```bash
-cd app
-php artisan migrate --env=testing
-composer test -- --filter=ProjectRoutingSnapshotsTableTest
-```
-
-Expected: миграция OK, тесты PASS.
-
-- [ ] **Step 5: Обновить `partitions:create-months` для новой партиционированной таблицы**
-
-`app/app/Services/MonthlyPartitionManager.php` — добавить `project_routing_snapshots` в массив `PARTITIONED_TABLES` (по аналогии с существующими `deals`, `supplier_lead_costs`).
-
-```php
-public const PARTITIONED_TABLES = [
-    'deals' => 'received_at',
-    'supplier_lead_costs' => 'received_at',
-    'project_routing_snapshots' => 'snapshot_date', // ← новое
-];
-```
-
-Smoke:
-
-```bash
-php artisan partitions:create-months --ahead=3 --env=testing
-```
-
-Expected: создаются партиции `project_routing_snapshots_y2026_m07/m08/m09`.
-
-- [ ] **Step 6: Обновить `db/schema.sql` header**
-
-Header `db/schema.sql:1-10` пометить новый baseline (одна новая таблица):
-
-```sql
--- v8.39 от 2026-05-27 — +1 partitioned table project_routing_snapshots
-```
-
-Записать в `db/CHANGELOG_schema.md` запись о новой таблице.
-
-- [ ] **Step 7: Commit**
-
-```bash
-git add app/database/migrations/2026_05_27_120000_create_project_routing_snapshots_table.php
-git add app/app/Services/MonthlyPartitionManager.php
-git add app/tests/Feature/Migrations/ProjectRoutingSnapshotsTableTest.php
-git add db/schema.sql db/CHANGELOG_schema.md
-git commit -m "feat(slepok): R-01..R-04 — project_routing_snapshots table + RLS + partitioning
-
-New partitioned table to fix snapshot routing per spec
-2026-05-26-slepok-routing-protection-design.md §4.2.1. Composite PK
-(snapshot_date, project_id) for idempotency. RLS tenant-isolation,
-GRANT crm_app_user + crm_supplier_worker. Retention 90 days via
-partition_retention_months. Partitioning by snapshot_date (RANGE per month)."
-```
-
----
-
-## Task 2.2: `SnapshotProjectRoutingJob`
-
-**Files:**
-
-- Create: `app/app/Jobs/SnapshotProjectRoutingJob.php`.
-- Test: `app/tests/Feature/Jobs/SnapshotProjectRoutingJobTest.php` (новый).
-
-- [ ] **Step 1: Создать failing test**
-
-`app/tests/Feature/Jobs/SnapshotProjectRoutingJobTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Jobs\SnapshotProjectRoutingJob;
-use App\Models\Project;
-use App\Models\Tenant;
-use Carbon\Carbon;
-
-beforeEach(function () {
-    Carbon::setTestNow('2026-05-27 18:02:00', 'Europe/Moscow');
-});
-
-afterEach(function () {
-    Carbon::setTestNow();
-});
-
-it('creates snapshot for tomorrow with active projects only', function () {
-    $tenant = Tenant::factory()->create(['frozen_by_balance_at' => null]);
-    $active = Project::factory()->for($tenant)->create([
-        'is_active' => true,
-        'delivery_days_mask' => 127,
-        'daily_limit_target' => 10,
-        'preflight_blocked_at' => null,
-    ]);
-    $inactive = Project::factory()->for($tenant)->create([
-        'is_active' => false,
-        'delivery_days_mask' => 127,
-    ]);
-
-    (new SnapshotProjectRoutingJob)->handle();
-
-    $rows = \DB::table('project_routing_snapshots')
-        ->where('snapshot_date', '2026-05-28')->get();
-    expect($rows)->toHaveCount(1);
-    expect($rows->first()->project_id)->toBe($active->id);
-});
-
-it('excludes frozen tenants', function () {
-    $tenant = Tenant::factory()->create(['frozen_by_balance_at' => now()]);
-    Project::factory()->for($tenant)->create([
-        'is_active' => true, 'delivery_days_mask' => 127, 'daily_limit_target' => 10,
-    ]);
-
-    (new SnapshotProjectRoutingJob)->handle();
-
-    expect(\DB::table('project_routing_snapshots')->count())->toBe(0);
-});
-
-it('excludes preflight_blocked projects', function () {
-    $tenant = Tenant::factory()->create(['frozen_by_balance_at' => null]);
-    Project::factory()->for($tenant)->create([
-        'is_active' => true, 'delivery_days_mask' => 127, 'daily_limit_target' => 10,
-        'preflight_blocked_at' => now(),
-    ]);
-
-    (new SnapshotProjectRoutingJob)->handle();
-
-    expect(\DB::table('project_routing_snapshots')->count())->toBe(0);
-});
-
-it('excludes projects whose days_mask does not match tomorrow', function () {
-    // 2026-05-28 — четверг (isoWeekday=4 → bit 1<<3 = 8). Тест: mask=4 (только среда).
-    $tenant = Tenant::factory()->create(['frozen_by_balance_at' => null]);
-    Project::factory()->for($tenant)->create([
-        'is_active' => true,
-        'delivery_days_mask' => 4, // только среда
-        'daily_limit_target' => 10,
-    ]);
-
-    (new SnapshotProjectRoutingJob)->handle();
-
-    expect(\DB::table('project_routing_snapshots')->count())->toBe(0);
-});
-
-it('uses effective_daily_limit_today as daily_limit when set (R-11/OPEN-5 vatiant A)', function () {
-    $tenant = Tenant::factory()->create(['frozen_by_balance_at' => null]);
-    Project::factory()->for($tenant)->create([
-        'is_active' => true, 'delivery_days_mask' => 127,
-        'daily_limit_target' => 10,
-        'effective_daily_limit_today' => 3, // override
-    ]);
-
-    (new SnapshotProjectRoutingJob)->handle();
-
-    $row = \DB::table('project_routing_snapshots')->first();
-    expect($row->daily_limit)->toBe(3);
-});
-
-it('is idempotent — second run does not duplicate', function () {
-    $tenant = Tenant::factory()->create(['frozen_by_balance_at' => null]);
-    Project::factory()->for($tenant)->create([
-        'is_active' => true, 'delivery_days_mask' => 127, 'daily_limit_target' => 10,
-    ]);
-
-    (new SnapshotProjectRoutingJob)->handle();
-    (new SnapshotProjectRoutingJob)->handle();
-
-    expect(\DB::table('project_routing_snapshots')->count())->toBe(1);
-});
-```
-
-- [ ] **Step 2: Запустить — должны упасть**
-
-```bash
-composer test -- --filter=SnapshotProjectRoutingJobTest
-```
-
-Expected: все FAIL — класса нет.
-
-- [ ] **Step 3: Создать класс**
-
-`app/app/Jobs/SnapshotProjectRoutingJob.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Jobs;
-
-use Carbon\Carbon;
-use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Foundation\Bus\Dispatchable;
-use Illuminate\Queue\InteractsWithQueue;
-use Illuminate\Queue\SerializesModels;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Log;
-
-/**
- * Daily 18:02 МСК snapshot — фиксирует состояние всех eligible Лидерра-проектов
- * на завтрашний день (slepok №NЛ по канону спека §0).
- *
- * Запускается ПОСЛЕ billing:preflight-sweep (18:00) чтобы подхватить актуальный
- * tenants.frozen_by_balance_at, и ДО SyncSupplierProjectsJob (18:05) чтобы тот
- * пушил поставщику ровно этот snapshot.
- *
- * Идемпотентность: PK (snapshot_date, project_id) + ON CONFLICT DO NOTHING.
- *
- * Spec: docs/superpowers/specs/2026-05-26-slepok-routing-protection-design.md §4.2.2.
- */
-final class SnapshotProjectRoutingJob implements ShouldQueue
-{
-    use Dispatchable, Queueable, InteractsWithQueue, SerializesModels;
-
-    public const DB_CONNECTION = 'pgsql_supplier'; // BYPASSRLS
-
-    public function handle(): void
-    {
-        $snapshotDate = Carbon::tomorrow('Europe/Moscow')->toDateString();
-        $weekdayBit = 1 << (Carbon::tomorrow('Europe/Moscow')->isoWeekday() - 1);
-
-        DB::connection(self::DB_CONNECTION)->transaction(function () use ($snapshotDate, $weekdayBit) {
-            $exists = DB::connection(self::DB_CONNECTION)
-                ->table('project_routing_snapshots')
-                ->where('snapshot_date', $snapshotDate)
-                ->exists();
-            if ($exists) {
-                Log::info('snapshot.already_exists', ['date' => $snapshotDate]);
-                return;
-            }
-
-            $count = DB::connection(self::DB_CONNECTION)->insert(<<<SQL
-                INSERT INTO project_routing_snapshots (
-                    snapshot_date, project_id, tenant_id,
-                    daily_limit, delivery_days_mask, regions,
-                    signal_type, signal_identifier, sms_senders, sms_keyword,
-                    expected_volume
-                )
-                SELECT
-                    ?::date,
-                    p.id, p.tenant_id,
-                    COALESCE(p.effective_daily_limit_today, p.daily_limit_target),
-                    p.delivery_days_mask,
-                    p.regions,
-                    p.signal_type, p.signal_identifier, p.sms_senders, p.sms_keyword,
-                    COALESCE(p.effective_daily_limit_today, p.daily_limit_target)
-                FROM projects p
-                INNER JOIN tenants t ON t.id = p.tenant_id
-                WHERE p.is_active = true
-                  AND (p.delivery_days_mask & ?::int) <> 0
-                  AND p.preflight_blocked_at IS NULL
-                  AND t.frozen_by_balance_at IS NULL
-                  AND t.deleted_at IS NULL
-                ON CONFLICT (snapshot_date, project_id) DO NOTHING
-            SQL, [$snapshotDate, $weekdayBit]);
-
-            Log::info('snapshot.created', ['date' => $snapshotDate, 'rows' => $count]);
-        });
-    }
-}
-```
-
-- [ ] **Step 4: Запустить тесты — должны пройти**
-
-```bash
-composer test -- --filter=SnapshotProjectRoutingJobTest
-```
-
-Expected: все 6 PASS.
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/app/Jobs/SnapshotProjectRoutingJob.php app/tests/Feature/Jobs/SnapshotProjectRoutingJobTest.php
-git commit -m "feat(slepok): SnapshotProjectRoutingJob — daily 18:02 MSK snapshot
-
-Captures is_active + days_mask + regions + daily_limit (with override) into
-project_routing_snapshots for tomorrow's date. Filters frozen tenants and
-preflight_blocked projects. Idempotent via ON CONFLICT DO NOTHING.
-Spec §4.2.2. R-11/OPEN-5 closed: effective_daily_limit_today carried into snapshot."
-```
-
----
-
-## Task 2.3: `SnapshotBackfillCommand`
-
-**Files:**
-
-- Create: `app/app/Console/Commands/SnapshotBackfillCommand.php`.
-- Test: `app/tests/Feature/Console/SnapshotBackfillCommandTest.php` (новый).
-
-- [ ] **Step 1: Failing test**
-
-`app/tests/Feature/Console/SnapshotBackfillCommandTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Project;
-use App\Models\Tenant;
-use Carbon\Carbon;
-
-it('creates snapshot for given date from current live state', function () {
-    Carbon::setTestNow('2026-05-27 14:00:00', 'Europe/Moscow');
-    $tenant = Tenant::factory()->create(['frozen_by_balance_at' => null]);
-    Project::factory()->for($tenant)->create([
-        'is_active' => true, 'delivery_days_mask' => 127, 'daily_limit_target' => 10,
-    ]);
-
-    $this->artisan('snapshot:backfill', ['--date' => '2026-05-27'])
-        ->assertSuccessful();
-
-    expect(\DB::table('project_routing_snapshots')->where('snapshot_date', '2026-05-27')->count())->toBe(1);
-    Carbon::setTestNow();
-});
-
-it('is idempotent — does not duplicate on re-run', function () {
-    Carbon::setTestNow('2026-05-27 14:00:00', 'Europe/Moscow');
-    $tenant = Tenant::factory()->create(['frozen_by_balance_at' => null]);
-    Project::factory()->for($tenant)->create([
-        'is_active' => true, 'delivery_days_mask' => 127, 'daily_limit_target' => 10,
-    ]);
-
-    $this->artisan('snapshot:backfill', ['--date' => '2026-05-27'])->assertSuccessful();
-    $this->artisan('snapshot:backfill', ['--date' => '2026-05-27'])->assertSuccessful();
-
-    expect(\DB::table('project_routing_snapshots')->count())->toBe(1);
-    Carbon::setTestNow();
-});
-```
-
-- [ ] **Step 2: Запустить — FAIL**
-
-```bash
-composer test -- --filter=SnapshotBackfillCommandTest
-```
-
-- [ ] **Step 3: Реализация**
-
-`app/app/Console/Commands/SnapshotBackfillCommand.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace App\Console\Commands;
-
-use Carbon\Carbon;
-use Illuminate\Console\Command;
-use Illuminate\Support\Facades\DB;
-use Illuminate\Support\Facades\Log;
-
-/**
- * Создаёт project_routing_snapshots за указанную дату из текущего live-состояния.
- * Используется один раз при выкатке Этапа 2 + для ручного recovery после падения cron'а.
- *
- * Spec §4.2.6.
- */
-final class SnapshotBackfillCommand extends Command
-{
-    protected $signature = 'snapshot:backfill {--date= : YYYY-MM-DD, по умолчанию сегодня}';
-
-    protected $description = 'Заполнить project_routing_snapshots за указанную дату из live projects';
-
-    public function handle(): int
-    {
-        $dateStr = (string) ($this->option('date') ?? Carbon::today('Europe/Moscow')->toDateString());
-        $date = Carbon::parse($dateStr, 'Europe/Moscow');
-        $weekdayBit = 1 << ($date->isoWeekday() - 1);
-
-        $count = DB::connection('pgsql_supplier')->transaction(function () use ($dateStr, $weekdayBit) {
-            return DB::connection('pgsql_supplier')->insert(<<<SQL
-                INSERT INTO project_routing_snapshots (
-                    snapshot_date, project_id, tenant_id,
-                    daily_limit, delivery_days_mask, regions,
-                    signal_type, signal_identifier, sms_senders, sms_keyword,
-                    expected_volume
-                )
-                SELECT
-                    ?::date,
-                    p.id, p.tenant_id,
-                    COALESCE(p.effective_daily_limit_today, p.daily_limit_target),
-                    p.delivery_days_mask, p.regions,
-                    p.signal_type, p.signal_identifier, p.sms_senders, p.sms_keyword,
-                    COALESCE(p.effective_daily_limit_today, p.daily_limit_target)
-                FROM projects p
-                INNER JOIN tenants t ON t.id = p.tenant_id
-                WHERE p.is_active = true
-                  AND (p.delivery_days_mask & ?::int) <> 0
-                  AND p.preflight_blocked_at IS NULL
-                  AND t.frozen_by_balance_at IS NULL
-                  AND t.deleted_at IS NULL
-                ON CONFLICT (snapshot_date, project_id) DO NOTHING
-            SQL, [$dateStr, $weekdayBit]);
-        });
-
-        $this->info("Snapshot backfilled for {$dateStr}: {$count} rows.");
-        Log::info('snapshot.backfill', ['date' => $dateStr, 'rows' => $count]);
-        return self::SUCCESS;
-    }
-}
-```
-
-- [ ] **Step 4: Зарегистрировать команду**
-
-Laravel auto-discovery её подхватит из `app/app/Console/Commands/`. Проверить:
-
-```bash
-php artisan list | grep snapshot
-```
-
-Expected: видим `snapshot:backfill`.
-
-- [ ] **Step 5: Тесты PASS**
-
-```bash
-composer test -- --filter=SnapshotBackfillCommandTest
-```
-
-Expected: оба PASS.
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/app/Console/Commands/SnapshotBackfillCommand.php app/tests/Feature/Console/SnapshotBackfillCommandTest.php
-git commit -m "feat(slepok): snapshot:backfill artisan command
-
-One-time use at Stage 2 deploy + manual recovery if cron fails.
-Idempotent via ON CONFLICT DO NOTHING. Spec §4.2.6."
-```
-
----
-
-## Task 2.4: Cron в `routes/console.php`
-
-**Files:**
-
-- Modify: `app/routes/console.php` — добавить Schedule entry.
-
-- [ ] **Step 1: Добавить Schedule entry**
-
-После строки 65 (после `partitions:drop-expired`) и до Plan 3 Task 8 (line 67) — добавить:
-
-```php
-// Spec 2026-05-26-slepok-routing-protection §4.2.2:
-// SnapshotProjectRoutingJob создаёт slepok №NЛ для дня N+1 в 18:02 МСК.
-// Запускается ПОСЛЕ billing:preflight-sweep (18:00) и ДО SyncSupplierProjectsJob (18:05).
-Schedule::job(new \App\Jobs\SnapshotProjectRoutingJob)
-    ->dailyAt('18:02')
-    ->timezone('Europe/Moscow')
-    ->before(fn () => $startTimes['SnapshotProjectRoutingJob'] = microtime(true))
-    ->onSuccess(function () use ($hb, &$startTimes): void {
-        $name = 'SnapshotProjectRoutingJob';
-        $ms = isset($startTimes[$name]) ? (int) ((microtime(true) - $startTimes[$name]) * 1000) : null;
-        $hb->recordRunResult($name, true, null, $ms);
-    })
-    ->onFailure(fn () => $hb->recordRunResult('SnapshotProjectRoutingJob', false, 'Job failed', null));
-```
-
-- [ ] **Step 2: Smoke test — schedule:list**
-
-```bash
-php artisan schedule:list
-```
-
-Expected: видим `SnapshotProjectRoutingJob` запланированным на 18:02 МСК ежедневно.
-
-- [ ] **Step 3: Commit**
-
-```bash
-git add app/routes/console.php
-git commit -m "feat(slepok): register SnapshotProjectRoutingJob cron @ 18:02 MSK
-
-Between billing:preflight-sweep (18:00) and SyncSupplierProjectsJob (18:05).
-Heartbeat through SchedulerHeartbeatTracker. Spec §4.2.2."
-```
-
----
-
-## Task 2.5: `LeadRouter` SQL переключение на snapshot
-
-**Files:**
-
-- Modify: `app/app/Services/LeadRouter.php` — переписать SQL (B1/B2/B3 + DIRECT paths).
-- Test: `app/tests/Feature/LeadRouter/SnapshotRoutingTest.php` (новый).
-
-- [ ] **Step 1: Failing test**
-
-`app/tests/Feature/LeadRouter/SnapshotRoutingTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Project;
-use App\Models\SupplierProject;
-use App\Models\Tenant;
-use App\Services\LeadRouter;
-use Carbon\Carbon;
-
-it('uses snapshot before 21:00 MSK, snapshot_date = today', function () {
-    Carbon::setTestNow('2026-05-28 12:00:00', 'Europe/Moscow');
-
-    $tenant = Tenant::factory()->create(['balance_rub' => '500.00', 'frozen_by_balance_at' => null]);
-    $project = Project::factory()->for($tenant)->create([
-        'is_active' => false, // ЖИВОЕ состояние — paused
-        'delivery_days_mask' => 127,
-        'daily_limit_target' => 100,
-        'delivered_today' => 0,
-    ]);
-    $sp = SupplierProject::factory()->create();
-    \DB::table('project_supplier_links')->insert([
-        'project_id' => $project->id, 'supplier_project_id' => $sp->id,
-        'platform' => $sp->platform, 'subject_code' => null,
-    ]);
-    // SNAPSHOT за сегодня имеет проект → роутер должен вернуть, несмотря на is_active=false
-    \DB::table('project_routing_snapshots')->insert([
-        'snapshot_date' => '2026-05-28', 'project_id' => $project->id, 'tenant_id' => $tenant->id,
-        'daily_limit' => 10, 'delivery_days_mask' => 127, 'regions' => '{}',
-        'signal_type' => 'call', 'expected_volume' => 10, 'delivered_count' => 0,
-        'created_at' => now(),
-    ]);
-
-    $matched = app(LeadRouter::class)->matchEligibleProjects($sp);
-
-    expect($matched)->toHaveCount(1); // ← это R-01 closure
-    Carbon::setTestNow();
-});
-
-it('uses snapshot after 21:00 MSK, snapshot_date = tomorrow', function () {
-    Carbon::setTestNow('2026-05-28 22:00:00', 'Europe/Moscow');
-
-    $tenant = Tenant::factory()->create(['balance_rub' => '500.00', 'frozen_by_balance_at' => null]);
-    $project = Project::factory()->for($tenant)->create([
-        'is_active' => true, 'delivery_days_mask' => 127,
-        'daily_limit_target' => 100, 'delivered_today' => 0,
-    ]);
-    $sp = SupplierProject::factory()->create();
-    \DB::table('project_supplier_links')->insert([
-        'project_id' => $project->id, 'supplier_project_id' => $sp->id,
-        'platform' => $sp->platform, 'subject_code' => null,
-    ]);
-    // Snapshot за СЕГОДНЯ (2026-05-28) НЕТ.
-    // Snapshot за ЗАВТРА (2026-05-29) есть.
-    \DB::table('project_routing_snapshots')->insert([
-        'snapshot_date' => '2026-05-29', 'project_id' => $project->id, 'tenant_id' => $tenant->id,
-        'daily_limit' => 10, 'delivery_days_mask' => 127, 'regions' => '{}',
-        'signal_type' => 'call', 'expected_volume' => 10, 'delivered_count' => 0,
-        'created_at' => now(),
-    ]);
-
-    $matched = app(LeadRouter::class)->matchEligibleProjects($sp);
-
-    expect($matched)->toHaveCount(1); // после 21:00 МСК активен завтрашний snapshot
-    Carbon::setTestNow();
-});
-
-it('returns 0 if no snapshot exists for active date', function () {
-    Carbon::setTestNow('2026-05-28 12:00:00', 'Europe/Moscow');
-
-    $tenant = Tenant::factory()->create(['balance_rub' => '500.00']);
-    $project = Project::factory()->for($tenant)->create([
-        'is_active' => true, 'delivery_days_mask' => 127, 'daily_limit_target' => 10,
-    ]);
-    $sp = SupplierProject::factory()->create();
-    \DB::table('project_supplier_links')->insert([
-        'project_id' => $project->id, 'supplier_project_id' => $sp->id,
-        'platform' => $sp->platform, 'subject_code' => null,
-    ]);
-    // НЕТ snapshot за 2026-05-28.
-
-    $matched = app(LeadRouter::class)->matchEligibleProjects($sp);
-
-    expect($matched)->toHaveCount(0); // fail-loud, не fallback на live
-    Carbon::setTestNow();
-});
-
-it('limit comes from snapshot, not live projects.daily_limit_target', function () {
-    Carbon::setTestNow('2026-05-28 12:00:00', 'Europe/Moscow');
-
-    $tenant = Tenant::factory()->create(['balance_rub' => '500.00']);
-    $project = Project::factory()->for($tenant)->create([
-        'is_active' => true, 'delivery_days_mask' => 127,
-        'daily_limit_target' => 100, // живой лимит
-        'delivered_today' => 7,
-    ]);
-    $sp = SupplierProject::factory()->create();
-    \DB::table('project_supplier_links')->insert([
-        'project_id' => $project->id, 'supplier_project_id' => $sp->id,
-        'platform' => $sp->platform, 'subject_code' => null,
-    ]);
-    \DB::table('project_routing_snapshots')->insert([
-        'snapshot_date' => '2026-05-28', 'project_id' => $project->id, 'tenant_id' => $tenant->id,
-        'daily_limit' => 5, // ← snapshot лимит МЕНЬШЕ чем delivered_today=7
-        'delivery_days_mask' => 127, 'regions' => '{}',
-        'signal_type' => 'call', 'expected_volume' => 5, 'delivered_count' => 0,
-        'created_at' => now(),
-    ]);
-
-    $matched = app(LeadRouter::class)->matchEligibleProjects($sp);
-
-    expect($matched)->toHaveCount(0); // delivered_today=7 >= snapshot.daily_limit=5
-    Carbon::setTestNow();
-});
-```
-
-- [ ] **Step 2: Запустить — должны упасть**
-
-```bash
-composer test -- --filter=SnapshotRoutingTest
-```
-
-Expected: FAIL (LeadRouter ещё читает live).
-
-- [ ] **Step 3: Переписать SQL B1/B2/B3 path**
-
-`app/app/Services/LeadRouter.php` — заменить SQL внутри `matchEligibleProjects` (lines 83-104 для B-platforms):
-
-```php
-$sql = <<<'SQL'
-    WITH active_slepok_date AS (
-        SELECT
-            CASE
-                WHEN EXTRACT(HOUR FROM (NOW() AT TIME ZONE 'Europe/Moscow')) >= 21
-                    THEN ((NOW() AT TIME ZONE 'Europe/Moscow')::date + INTERVAL '1 day')::date
-                ELSE (NOW() AT TIME ZONE 'Europe/Moscow')::date
-            END AS d
-    )
-    SELECT DISTINCT ON (snap.tenant_id)
-        projects.*,
-        snap.daily_limit AS snapshot_daily_limit
-    FROM project_routing_snapshots snap
-    INNER JOIN projects ON projects.id = snap.project_id
-    WHERE snap.snapshot_date = (SELECT d FROM active_slepok_date)
-      AND EXISTS (
-          SELECT 1 FROM project_supplier_links psl
-          WHERE psl.project_id = snap.project_id
-            AND psl.supplier_project_id = ?
-      )
-      AND projects.delivered_today < snap.daily_limit
-      AND EXISTS (
-          SELECT 1 FROM tenants
-          WHERE tenants.id = snap.tenant_id
-            AND tenants.balance_rub > 0
-      )
-    ORDER BY snap.tenant_id,
-             (snap.daily_limit - projects.delivered_today) DESC,
-             projects.created_at,
-             projects.id
-SQL;
-$rows = DB::connection('pgsql_supplier')->select($sql, [$supplierProject->id]);
-
-// Fail-loud если snapshot за активную дату отсутствует:
-if ($rows === [] && DB::connection('pgsql_supplier')
-        ->table('project_routing_snapshots')
-        ->where('snapshot_date', $this->activeSnapshotDate())
-        ->doesntExist()) {
-    Log::error('lead_router.no_snapshot_for_active_date', [
-        'active_date' => $this->activeSnapshotDate(),
-        'supplier_project_id' => $supplierProject->id,
-    ]);
-}
-return Project::hydrate($rows)->values();
-```
-
-И обновить DIRECT-path аналогично (заменить `$directSql` lines 55-77).
-
-Добавить приватный метод:
-
-```php
-private function activeSnapshotDate(): string
-{
-    $msk = Carbon::now('Europe/Moscow');
-    return $msk->hour >= 21
-        ? $msk->copy()->addDay()->toDateString()
-        : $msk->toDateString();
-}
-```
-
-Убрать `Carbon::now('Europe/Moscow')->isoWeekday()` мёртвую переменную `$todayBit` (она больше не нужна — workday-фильтр через snapshot).
-
-- [ ] **Step 4: Запустить — PASS**
-
-```bash
-composer test -- --filter=SnapshotRoutingTest
-```
-
-Expected: 4 теста PASS.
-
-- [ ] **Step 5: Полный регресс**
-
-```bash
-composer test --parallel
-```
-
-Expected: все Pest зелёные. **NB:** некоторые feature-тесты могут оказаться сломаны, если они полагались на live-routing. Каждый такой тест надо пройти и добавить вызов `php artisan snapshot:backfill --date={today}` в `beforeEach()` (или factory-helper создающий snapshot).
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/app/Services/LeadRouter.php app/tests/Feature/LeadRouter/SnapshotRoutingTest.php
-git commit -m "feat(slepok): R-01..R-04+R-06..R-10+R-15 — LeadRouter reads from snapshot
-
-LeadRouter SQL переписан на JOIN с project_routing_snapshots по active_slepok_date
-(до 21:00 МСК = today, после 21:00 МСК = today+1). is_active / delivery_days_mask /
-daily_limit / regions берутся из snapshot. Баланс остаётся live (auto-pause defence).
-Fail-loud: Log::error если snapshot отсутствует за активную дату.
-Spec §4.2.3. Closes R-01, R-04, R-06, R-07, R-08, R-15. Partial: R-02 (через шеринг),
-R-09 (race), R-10 (editable identifier) — закрываются последующими тасками."
-```
-
----
-
-## Task 2.6: `RouteSupplierLeadJob` — snapshot recheck + is_active recheck
-
-**Files:**
-
-- Modify: `app/app/Jobs/RouteSupplierLeadJob.php:212-386` — `createDealCopyForProject`.
-- Test: `app/tests/Feature/Jobs/RouteSupplierLeadJobSnapshotTest.php` (новый).
-
-- [ ] **Step 1: Failing test**
-
-`app/tests/Feature/Jobs/RouteSupplierLeadJobSnapshotTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Jobs\RouteSupplierLeadJob;
-use App\Models\Project;
-use App\Models\SupplierLead;
-use App\Models\SupplierProject;
-use App\Models\Tenant;
-use Carbon\Carbon;
-
-it('uses snapshot limit not live daily_limit_target', function () {
-    Carbon::setTestNow('2026-05-28 12:00:00', 'Europe/Moscow');
-    $tenant = Tenant::factory()->create(['balance_rub' => '500.00']);
-    $project = Project::factory()->for($tenant)->create([
-        'is_active' => true, 'delivery_days_mask' => 127,
-        'daily_limit_target' => 100, 'delivered_today' => 4,
-    ]);
-    $sp = SupplierProject::factory()->create();
-    \DB::table('project_supplier_links')->insert([
-        'project_id' => $project->id, 'supplier_project_id' => $sp->id,
-        'platform' => $sp->platform, 'subject_code' => null,
-    ]);
-    \DB::table('project_routing_snapshots')->insert([
-        'snapshot_date' => '2026-05-28', 'project_id' => $project->id, 'tenant_id' => $tenant->id,
-        'daily_limit' => 5, // ← маленький snapshot лимит, осталось 1
-        'delivery_days_mask' => 127, 'regions' => '{}', 'signal_type' => 'call',
-        'expected_volume' => 5, 'delivered_count' => 4, 'created_at' => now(),
-    ]);
-
-    $lead = SupplierLead::factory()->create([
-        'supplier_project_id' => $sp->id,
-        'raw_payload' => ['project' => 'B1_79161234567'],
-        'phone' => '79161234567', 'vid' => 1,
-    ]);
-
-    (new RouteSupplierLeadJob($lead->id))->handle(...);
-
-    expect(\DB::table('deals')->count())->toBe(1); // 1 deal, осталось 0 quota
-    expect(\DB::table('project_routing_snapshots')->where('project_id', $project->id)->first()->delivered_count)->toBe(5);
-    Carbon::setTestNow();
-});
-
-it('rejects lead when is_active becomes false under lock (R-09)', function () {
-    // Реальный race трудно воспроизвести в unit; имитируем через прямой UPDATE между matchEligible и handle.
-    Carbon::setTestNow('2026-05-28 12:00:00', 'Europe/Moscow');
-    $tenant = Tenant::factory()->create(['balance_rub' => '500.00']);
-    $project = Project::factory()->for($tenant)->create([
-        'is_active' => false, // ← paused вживую
-        'delivery_days_mask' => 127, 'daily_limit_target' => 10,
-    ]);
-    $sp = SupplierProject::factory()->create();
-    \DB::table('project_supplier_links')->insert([
-        'project_id' => $project->id, 'supplier_project_id' => $sp->id,
-        'platform' => $sp->platform, 'subject_code' => null,
-    ]);
-    \DB::table('project_routing_snapshots')->insert([
-        'snapshot_date' => '2026-05-28', 'project_id' => $project->id, 'tenant_id' => $tenant->id,
-        'daily_limit' => 10, 'delivery_days_mask' => 127, 'regions' => '{}',
-        'signal_type' => 'call', 'expected_volume' => 10, 'delivered_count' => 0,
-        'created_at' => now(),
-    ]);
-    $lead = SupplierLead::factory()->create([
-        'supplier_project_id' => $sp->id,
-        'raw_payload' => ['project' => 'B1_79161234567'],
-        'phone' => '79161234567', 'vid' => 2,
-    ]);
-
-    (new RouteSupplierLeadJob($lead->id))->handle(...);
-
-    // Snapshot говорит «доставлять», но проект live-paused — НЕ доставляем под lock.
-    expect(\DB::table('deals')->count())->toBe(0);
-    Carbon::setTestNow();
-});
-```
-
-NB: `handle(...)` — full DI signature, см. RouteSupplierLeadJob.php:83-90. В тесте mock или fake'нуть нужно по существующей конвенции.
-
-- [ ] **Step 2: FAIL**
-
-```bash
-composer test -- --filter=RouteSupplierLeadJobSnapshotTest
-```
-
-- [ ] **Step 3: Применить правки в `createDealCopyForProject`**
-
-`app/app/Jobs/RouteSupplierLeadJob.php` — после `lockForUpdate(Project)` (line 235):
-
-```php
-$lockedProject = Project::query()
-    ->whereKey($project->id)
-    ->lockForUpdate()
-    ->firstOrFail();
-
-// R-09: recheck is_active под lock'ом — между matchEligibleProjects и здесь
-// клиент мог нажать «пауза» (live state, не slepok).
-if (!$lockedProject->is_active) {
-    Log::info('supplier_lead.project_paused_under_lock', [
-        'supplier_lead_id' => $lead->id,
-        'project_id' => $lockedProject->id,
-    ]);
-    return false;
-}
-
-// R-04 + R-06: лимит из snapshot, не live (slepok-инвариант).
-$msk = Carbon::now('Europe/Moscow');
-$activeDate = $msk->hour >= 21 ? $msk->copy()->addDay()->toDateString() : $msk->toDateString();
-$snapshot = DB::connection('pgsql_supplier')
-    ->table('project_routing_snapshots')
-    ->where('snapshot_date', $activeDate)
-    ->where('project_id', $lockedProject->id)
-    ->lockForUpdate()
-    ->first();
-if ($snapshot === null) {
-    Log::info('supplier_lead.no_snapshot_skipped', [
-        'supplier_lead_id' => $lead->id,
-        'project_id' => $lockedProject->id,
-        'active_date' => $activeDate,
-    ]);
-    return false;
-}
-$effectiveLimit = (int) $snapshot->daily_limit;
-
-if ($lockedProject->delivered_today >= $effectiveLimit) {
-    Log::info('supplier_lead.project_at_limit_skipped', [
-        'supplier_lead_id' => $lead->id,
-        'project_id' => $lockedProject->id,
-        'tenant_id' => $tenant->id,
-        'delivered_today' => $lockedProject->delivered_today,
-        'effective_limit' => $effectiveLimit,
-    ]);
-    return false;
-}
-$project = $lockedProject;
-```
-
-И после успешного `$project->increment('delivered_today')` (line 350) — добавить инкремент snapshot:
-
-```php
-$project->increment('delivered_today');
-$project->increment('delivered_in_month');
-
-// Инкремент в snapshot — атомарный, lockForUpdate не нужен (UPDATE col = col + 1).
-DB::connection('pgsql_supplier')
-    ->table('project_routing_snapshots')
-    ->where('snapshot_date', $activeDate)
-    ->where('project_id', $project->id)
-    ->increment('delivered_count');
-```
-
-- [ ] **Step 4: PASS**
-
-```bash
-composer test -- --filter=RouteSupplierLeadJobSnapshotTest
-```
-
-- [ ] **Step 5: Полный регресс**
-
-```bash
-composer test --parallel
-```
-
-- [ ] **Step 6: Commit**
-
-```bash
-git add app/app/Jobs/RouteSupplierLeadJob.php app/tests/Feature/Jobs/RouteSupplierLeadJobSnapshotTest.php
-git commit -m "feat(slepok): RouteSupplierLeadJob — snapshot lock + is_active recheck
-
-R-04 closure: limit from snapshot.daily_limit (not live).
-R-09 closure: is_active recheck under lockForUpdate(Project).
-+ atomic increment of snapshot.delivered_count for CSV business-drift reconcile.
-Spec §4.2.4."
-```
-
----
-
-## Task 2.7: `SupplierSnapshotGuard::appliesFrom()`
-
-**Files:**
-
-- Modify: `app/app/Services/Project/SupplierSnapshotGuard.php`.
-- Test: `app/tests/Unit/Services/Project/SupplierSnapshotGuardAppliesFromTest.php` (новый).
-
-- [ ] **Step 1: Failing test**
-
-`app/tests/Unit/Services/Project/SupplierSnapshotGuardAppliesFromTest.php`:
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Project;
-use App\Services\Project\SupplierSnapshotGuard;
-use Carbon\CarbonImmutable;
-
-it('returns N.21:00 MSK for edit before 18:00 MSK', function () {
-    \Carbon\Carbon::setTestNow('2026-05-28 14:00:00', 'Europe/Moscow');
-    $project = Project::factory()->make();
-    \DB::table('project_supplier_links')->insert([
-        'project_id' => $project->id ?? 1,
-        'supplier_project_id' => 1, 'platform' => 'B1', 'subject_code' => null,
-    ]);
-    $applies = (new SupplierSnapshotGuard)->appliesFrom($project, 'daily_limit_target');
-    expect($applies->format('Y-m-d H:i'))->toBe('2026-05-28 21:00');
-    \Carbon\Carbon::setTestNow();
-});
-
-it('returns (N+1).21:00 MSK for edit after 18:00 MSK', function () {
-    \Carbon\Carbon::setTestNow('2026-05-28 19:00:00', 'Europe/Moscow');
-    $project = Project::factory()->make();
-    \DB::table('project_supplier_links')->insert([
-        'project_id' => $project->id ?? 1, 'supplier_project_id' => 1, 'platform' => 'B1', 'subject_code' => null,
-    ]);
-    $applies = (new SupplierSnapshotGuard)->appliesFrom($project, 'daily_limit_target');
-    expect($applies->format('Y-m-d H:i'))->toBe('2026-05-29 21:00');
-    \Carbon\Carbon::setTestNow();
-});
-
-it('returns null for non-slepok field (e.g. name)', function () {
-    $project = Project::factory()->make();
-    $applies = (new SupplierSnapshotGuard)->appliesFrom($project, 'name');
-    expect($applies)->toBeNull();
-});
-
-it('returns null when project has no pivot links', function () {
-    $project = Project::factory()->make();
-    // нет project_supplier_links для этого проекта
-    $applies = (new SupplierSnapshotGuard)->appliesFrom($project, 'daily_limit_target');
-    expect($applies)->toBeNull();
-});
-```
-
-- [ ] **Step 2: FAIL**
-
-```bash
-composer test -- --filter=SupplierSnapshotGuardAppliesFromTest
-```
-
-- [ ] **Step 3: Расширить `SupplierSnapshotGuard.php`**
-
-Добавить метод после `assertCanMutateSource`:
-
-```php
-/**
- * Возвращает момент, с которого правка указанного slepok-sensitive поля
- * вступит в силу (по канону §0 спека: правка до 18:00 МСК → сегодня 21:00 МСК,
- * после 18:00 МСК → завтра 21:00 МСК). NULL = немедленно (поле не slepok-sensitive
- * или нет pivot links к поставщику).
- */
-public function appliesFrom(Project $project, string $field): ?CarbonImmutable
-{
-    $isSlepokSensitive = in_array($field, [
-        'is_active', 'daily_limit_target', 'delivery_days_mask', 'regions',
-        'signal_identifier', 'sms_senders', 'sms_keyword',
-    ], true);
-    if (!$isSlepokSensitive) {
-        return null;
-    }
-
-    $hasLinks = DB::table('project_supplier_links')
-        ->where('project_id', $project->id)
-        ->exists();
-    if (!$hasLinks) {
-        return null;
-    }
-
-    $nowMsk = CarbonImmutable::now('Europe/Moscow');
-    $todayCutoff = $nowMsk->setTime(18, 0, 0);
-    if ($nowMsk->gte($todayCutoff)) {
-        return $nowMsk->addDay()->setTime(21, 0, 0);
-    }
-    return $nowMsk->setTime(21, 0, 0);
-}
-```
-
-- [ ] **Step 4: PASS**
-
-```bash
-composer test -- --filter=SupplierSnapshotGuardAppliesFromTest
-```
-
-- [ ] **Step 5: Commit**
-
-```bash
-git add app/app/Services/Project/SupplierSnapshotGuard.php app/tests/Unit/Services/Project/SupplierSnapshotGuardAppliesFromTest.php
-git commit -m "feat(snapshot-guard): appliesFrom() API for UI date display
-
-Returns CarbonImmutable when edit will take effect (slepok start, 21:00 MSK).
-Used by ProjectService to attach applies_at to UI response.
-6 slepok-sensitive fields. Spec §4.2.5."
-```
-
----
-
-## Task 2.8: `ProjectService` интеграция с `appliesFrom`
-
-**Files:**
-
-- Modify: `app/app/Services/Project/ProjectService.php` — после `update()` и `bulkPauseResume()` возвращать `applies_from`.
-- Test: `app/tests/Feature/Services/Project/ProjectServiceAppliesFromTest.php` (новый).
-
-- [ ] **Step 1: Failing test**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-use App\Models\Project;
-use App\Models\Tenant;
-use App\Services\Project\ProjectService;
-
-it('returns applies_from when changing daily_limit_target', function () {
-    \Carbon\Carbon::setTestNow('2026-05-28 14:00:00', 'Europe/Moscow');
-    $tenant = Tenant::factory()->create();
-    $project = Project::factory()->for($tenant)->create();
-    \DB::table('project_supplier_links')->insert([
-        'project_id' => $project->id, 'supplier_project_id' => \App\Models\SupplierProject::factory()->create()->id,
-        'platform' => 'B1', 'subject_code' => null,
-    ]);
-
-    $result = app(ProjectService::class)->update($project, ['daily_limit_target' => 5]);
-
-    expect($result->applies_from)->toBeInstanceOf(\Carbon\CarbonImmutable::class);
-    expect($result->applies_from->format('Y-m-d H:i'))->toBe('2026-05-28 21:00');
-    \Carbon\Carbon::setTestNow();
-});
-```
-
-- [ ] **Step 2: FAIL → Step 3: Реализовать**
-
-В `ProjectService::update()` после `$project->update($data)` (line 84) — для каждого изменённого slepok-sensitive поля вычислить максимальный `applies_from`:
-
-```php
-$slepokSensitive = ['is_active', 'daily_limit_target', 'delivery_days_mask', 'regions',
-                    'signal_identifier', 'sms_senders', 'sms_keyword'];
-$appliesFrom = null;
-foreach ($slepokSensitive as $field) {
-    if (array_key_exists($field, $data)) {
-        $candidate = $this->snapshotGuard->appliesFrom($project, $field);
-        if ($candidate !== null && ($appliesFrom === null || $candidate->gt($appliesFrom))) {
-            $appliesFrom = $candidate;
-        }
-    }
-}
-$fresh = $project->fresh();
-$fresh->applies_from = $appliesFrom; // dynamic attribute, не в БД
-return $fresh;
-```
-
-- [ ] **Step 4: PASS** → **Step 5: Commit**
-
-```bash
-git commit -m "feat(project-service): expose applies_from after slepok-sensitive update
-
-ProjectService::update() сейчас возвращает Project с dynamic applies_from atribute,
-который API resource подхватит для UI ('изменения вступят в силу с DD.MM 21:00')."
-```
-
----
-
-## Task 2.9: `SyncSupplierProjectsJob` читает snapshot
-
-**Files:**
-
-- Modify: `app/app/Jobs/Supplier/SyncSupplierProjectsJob.php:83-91` — `handle()` берёт проекты из snapshot.
-- Test: `app/tests/Feature/Jobs/Supplier/SyncSupplierProjectsJobSnapshotTest.php` (новый).
-
-- [ ] **Step 1: Failing test** — snapshot для tomorrow содержит проект, live `projects` его уже не имеет (клиент paus'нул между 18:02 и 18:05) → push идёт по snapshot, не по live.
-
-```php
-it('reads from snapshot for tomorrow, not live projects (race 18:02→18:05)', function () {
-    \Carbon\Carbon::setTestNow('2026-05-27 18:04:00', 'Europe/Moscow');
-    $tenant = Tenant::factory()->create(['frozen_by_balance_at' => null]);
-    $project = Project::factory()->for($tenant)->create([
-        'is_active' => false, // ← клиент paus'нул МЕЖДУ snapshot и sync
-        'daily_limit_target' => 10, 'delivery_days_mask' => 127,
-        'signal_type' => 'call', 'signal_identifier' => '79161234567',
-    ]);
-    // Snapshot создан до paus'a:
-    \DB::table('project_routing_snapshots')->insert([
-        'snapshot_date' => '2026-05-28', 'project_id' => $project->id, 'tenant_id' => $tenant->id,
-        'daily_limit' => 10, 'delivery_days_mask' => 127, 'regions' => '{}',
-        'signal_type' => 'call', 'signal_identifier' => '79161234567',
-        'expected_volume' => 10, 'delivered_count' => 0, 'created_at' => now(),
-    ]);
-    // Mock channel
-    $channel = $this->mock(...);
-    $channel->shouldReceive('saveProjectMultiFlag')->once(); // ← должен быть вызван 1 раз
-    (new SyncSupplierProjectsJob)->handle($channel);
-    \Carbon\Carbon::setTestNow();
-});
-```
-
-- [ ] **Step 2-5: TDD как обычно**
-
-В `handle()` line 87 заменить:
-
-```php
-$projects = Project::on(self::DB_CONNECTION)
-    ->where('is_active', true)
-    ->orderBy('id')
-    ->get();
-```
-
-на:
-
-```php
-$tomorrow = Carbon::tomorrow('Europe/Moscow')->toDateString();
-$rows = DB::connection(self::DB_CONNECTION)
-    ->table('project_routing_snapshots AS snap')
-    ->join('projects', 'projects.id', '=', 'snap.project_id')
-    ->where('snap.snapshot_date', $tomorrow)
-    ->select('projects.*',
-             'snap.daily_limit AS snapshot_daily_limit',
-             'snap.regions AS snapshot_regions',
-             'snap.delivery_days_mask AS snapshot_days_mask')
-    ->orderBy('projects.id')
-    ->get();
-$projects = $rows->map(fn ($r) => tap(Project::hydrate([(array) $r])->first(), function ($p) use ($r) {
-    $p->setRawAttributes((array) $r, true);
-}));
-```
-
-В `syncGroup()` ниже: использовать `$p->snapshot_daily_limit` вместо `$p->daily_limit_target`, `$p->snapshot_days_mask` вместо `$p->delivery_days_mask`, `$p->snapshot_regions` вместо `$p->regions`.
-
-- [ ] **Step 6: Commit**
-
-```bash
-git commit -m "feat(slepok): SyncSupplierProjectsJob reads from snapshot (race-safe with 18:02 cron)
-
-After Stage 2, 18:05 sync reads project_routing_snapshots for tomorrow date,
-not live projects.is_active. Closes race 18:02→18:05 (client edit between
-snapshot creation and supplier push). Spec §4.2.4b."
-```
-
----
-
-## Task 2.10: Fail-loud механизм
-
-**Files:**
-
-- Modify: `app/app/Services/LeadRouter.php` — Log::error при отсутствии snapshot (уже сделано в Task 2.5 step 3).
-- Modify: `app/app/Console/Commands/IncidentsWatchFailures.php` — расширить порог сканирования на лог-источник `lead_router.no_snapshot_for_active_date`.
-- Create: `app/app/Console/Commands/SnapshotRebuildCommand.php`.
-
-- [ ] **Step 1: Failing test для `SnapshotRebuildCommand`**
-
-```php
-it('rebuilds snapshot for given date from current live', function () {
-    \Carbon\Carbon::setTestNow('2026-05-29 09:00:00', 'Europe/Moscow');
-    $tenant = Tenant::factory()->create(['frozen_by_balance_at' => null]);
-    Project::factory()->for($tenant)->create([
-        'is_active' => true, 'delivery_days_mask' => 127, 'daily_limit_target' => 10,
-    ]);
-    // 2026-05-29 snapshot отсутствует — cron 28.05 18:02 упал.
-    $this->artisan('snapshot:rebuild', ['--date' => '2026-05-29'])->assertSuccessful();
-    expect(\DB::table('project_routing_snapshots')->where('snapshot_date', '2026-05-29')->count())->toBe(1);
-});
-```
-
-- [ ] **Step 2-5: TDD; команда практически копия `SnapshotBackfillCommand`, но без идемпотентного skip — каждый запуск пересоздаёт.**
-
-`app/app/Console/Commands/SnapshotRebuildCommand.php` — копия Backfill с сигнатурой `snapshot:rebuild` и предварительным `DELETE FROM project_routing_snapshots WHERE snapshot_date=?` перед INSERT.
-
-- [ ] **Step 6: Commit**
-
-```bash
-git commit -m "feat(slepok): snapshot:rebuild for manual recovery after cron failure
-
-Fail-loud strategy per spec §4.2.2:
-1. Heartbeat alarm via SchedulerHeartbeatTracker (already wired in Task 2.4).
-2. LeadRouter Log::error on missing snapshot (Task 2.5).
-3. Manual recovery: snapshot:rebuild --date=YYYY-MM-DD.
-NO fallback to live projects — explicit downtime + alert is safer than silent regression."
-```
-
----
-
-## Task 2.11: UI сообщение «применится с DD.MM.YYYY HH:MM»
-
-**Files:**
-
-- Modify: `app/resources/js/composables/useProjectFormSubmit.ts` (или похожий — конкретный путь найти `grep -r 'projectStore.update' app/resources/js`).
-- Modify: `app/app/Http/Resources/ProjectResource.php` — включить `applies_from`.
-- Test: `app/tests/Feature/Resources/ProjectResourceTest.php` + `app/tests/Vitest`.
-
-- [ ] **Step 1: Failing test PHP**
-
-```php
-it('ProjectResource includes applies_from when set', function () {
-    $project = Project::factory()->make();
-    $project->applies_from = \Carbon\CarbonImmutable::parse('2026-05-29 21:00:00', 'Europe/Moscow');
-    $resource = (new \App\Http\Resources\ProjectResource($project))->toArray(request());
-    expect($resource['applies_from'])->toBe('2026-05-29T21:00:00+03:00');
-});
-```
-
-- [ ] **Step 2-4: TDD**, в `ProjectResource.php` после остальных полей:
-
-```php
-'applies_from' => $this->applies_from?->toIso8601String(),
-```
-
-- [ ] **Step 5: UI**
-
-В Vue-компоненте (`useProjectFormSubmit.ts` или место обработки save-response):
-
-```typescript
-async function onSaveSuccess(response: ProjectResponse) {
-    if (response.data.applies_from) {
-        const dt = new Date(response.data.applies_from);
-        notify.success(`Сохранено. Изменения вступят в силу ${formatDate(dt)} в 21:00 МСК.`);
-    } else {
-        notify.success('Сохранено.');
-    }
-}
-```
-
-- [ ] **Step 6: Vitest для UI**
-
-```typescript
-// resources/js/composables/__tests__/useProjectFormSubmit.spec.ts
-it('shows applies_from message when API returns applies_from', () => {
-    const { onSaveSuccess } = useProjectFormSubmit();
-    onSaveSuccess({ data: { applies_from: '2026-05-29T21:00:00+03:00' } });
-    expect(mockNotify.success).toHaveBeenCalledWith(expect.stringContaining('21:00'));
-});
-```
-
-- [ ] **Step 7: Commit**
-
-```bash
-git commit -m "feat(ui): show applies_from message after project edit
-
-R-15 + R-06..R-08 UX closure: client sees 'changes take effect at DD.MM 21:00 MSK'
-after editing slepok-sensitive fields. Backend serializes Project::applies_from
-via ProjectResource. Spec §4.2.5 UX block."
-```
-
----
-
-## Task 2.12: Деплой Этапа 2 + 24h мониторинг
-
-- [ ] **Step 1: Pre-deploy validator**
-
-```bash
-ssh ubuntu@liderra.ru "/var/www/liderra/redeploy.sh --dry-run"
-```
-
-Expected: NO-GO список пуст или явные блокеры разобраны.
-
-- [ ] **Step 2: Деплой**
-
-```bash
-ssh ubuntu@liderra.ru "cd /var/www/liderra && sudo -u www-data bash redeploy.sh"
-```
-
-Expected: миграция `2026_05_27_120000_create_project_routing_snapshots_table` отрабатывает.
-
-- [ ] **Step 3: Сразу после deploy — backfill за сегодня**
-
-```bash
-ssh ubuntu@liderra.ru "cd /var/www/liderra/app && sudo -u www-data php artisan snapshot:backfill --date=$(date +%Y-%m-%d)"
-```
-
-Expected: `Snapshot backfilled for YYYY-MM-DD: N rows.` где N = число active+eligible проектов.
-
-- [ ] **Step 4: 24h мониторинг**
-
-```bash
-# через 24h после deploy
-ssh ubuntu@liderra.ru "sudo -u postgres psql -d liderra -c \"
-SELECT snapshot_date, COUNT(*) AS rows, SUM(delivered_count) AS delivered, SUM(expected_volume) AS expected
-FROM project_routing_snapshots GROUP BY 1 ORDER BY 1 DESC LIMIT 5
-\""
-```
-
-Expected: записи за вчера + сегодня + завтра (cron 18:02 МСК отработал). delivered ≤ expected.
-
-- [ ] **Step 5: Heartbeat check**
-
-```bash
-ssh ubuntu@liderra.ru "sudo -u postgres psql -d liderra -c \"
-SELECT job_name, last_run_at, last_status FROM scheduler_heartbeats WHERE job_name='SnapshotProjectRoutingJob'
-\""
-```
-
-Expected: `last_run_at` свежий (за последние 24h), `last_status` = `true`.
-
-- [ ] **Step 6: Pilot/ПИЛОТ обновление**
-
-```bash
-git add ПИЛОТ.md
-git commit -m "docs(pilot): Stage 2 deployed, 24h monitoring green"
-```
-
----
-
-# Этап 3 — Frozen filter + paused_at sync (1 рабочий день)
-
-## Task 3.1: `LedgerService` reject frozen
-
-**Files:**
-
-- Modify: `app/app/Services/Billing/LedgerService.php:51-70`.
-- Test: `app/tests/Feature/Billing/LedgerServiceFrozenRejectTest.php`.
-
-- [ ] **Step 1: Failing test**
-
-```php
-it('throws InsufficientBalanceException when tenant is frozen', function () {
-    $tenant = Tenant::factory()->create([
-        'balance_rub' => '500.00',
-        'frozen_by_balance_at' => now(),
-    ]);
-    $deal = Deal::factory()->for($tenant)->create();
-    expect(fn () => app(LedgerService::class)->chargeForDelivery($tenant, $deal))
-        ->toThrow(\App\Exceptions\Billing\InsufficientBalanceException::class);
-});
-```
-
-- [ ] **Step 2-4: TDD; в `chargeForDelivery` перед `$balanceKopecks = bcmul(...)` добавить**:
-
-```php
-if ($lockedTenant->frozen_by_balance_at !== null) {
-    throw new InsufficientBalanceException(
-        priceKopecks: $priceKopecks,
-        balanceRub: (string) $lockedTenant->balance_rub,
-    );
-}
-```
-
-- [ ] **Step 5: Commit**
-
-```bash
-git commit -m "feat(billing): R-03 — LedgerService rejects frozen tenants
-
-Even if balance_rub > 0, a frozen tenant must not receive new charges.
-Triggers same auto-pause flow as InsufficientBalance — project goes is_active=false
-and ZeroBalancePausedMail (rate-limited). Spec §4.3.1."
-```
-
----
-
-## Task 3.2: `BalancePreflightSweepJob` sync `paused_at`
-
-**Files:**
-
-- Modify: `app/app/Jobs/Billing/BalancePreflightSweepJob.php` — оба transition блока.
-
-- [ ] **Step 1: Failing test**
-
-```php
-it('sets paused_at on all tenant projects when freezing', function () {
-    $tenant = Tenant::factory()->create(['frozen_by_balance_at' => null, 'balance_rub' => '0.00']);
-    $project = Project::factory()->for($tenant)->create(['paused_at' => null]);
-    // PricingTier'ы такие, что preflight fail'ит
-    (new BalancePreflightSweepJob)->handle();
-    expect($project->fresh()->paused_at)->not->toBeNull();
-});
-
-it('clears paused_at on tenant projects when unfreezing (only those paused by us)', function () {
-    $tenant = Tenant::factory()->create([
-        'frozen_by_balance_at' => now()->subDay(),
-        'balance_rub' => '10000.00', // достаточно для unfreeze
-    ]);
-    // 2 проекта:
-    $autoPaused = Project::factory()->for($tenant)->create(['paused_at' => now()->subHours(20)]);  // авто-pause при freeze
-    $manualPaused = Project::factory()->for($tenant)->create(['paused_at' => now()->subDays(2)]); // вручную paused клиентом ДО freeze
-
-    (new BalancePreflightSweepJob)->handle();
-
-    expect($autoPaused->fresh()->paused_at)->toBeNull();
-    expect($manualPaused->fresh()->paused_at)->not->toBeNull();
-});
-```
-
-- [ ] **Step 2-4: TDD; в `evaluateTenant` добавить логику паузы при freeze и снятия при unfreeze (см. спек §4.3.2)**
-
-- [ ] **Step 5: Commit**
-
-```bash
-git commit -m "feat(billing): R-13 — sync paused_at on freeze/unfreeze transitions
-
-When freezing tenant: also set paused_at=NOW() on all projects without one.
-When unfreezing: clear paused_at only on projects whose paused_at <= frozen_at_was
-(to preserve manual client pauses). Closes Snapshot Guard blindspot on frozen tenants.
-Spec §4.3.2."
-```
-
----
-
-## Task 3.3: Деплой Этапа 3
-
-Аналогично 2.12.
-
----
-
-# Этап 4 — Корректные расчёты (2 рабочих дня)
-
-## Task 4.1: Унификация `buildUniqueKey`
-
-**Files:**
-
-- Modify: `app/app/Services/Supplier/SupplierProjectGrouping.php` — удалить `buildUniqueKey($project, $platform)`.
-- Найти всех callers через grep и заменить на `buildUniqueKeyAgnostic`.
-
-- [ ] **Step 1: Найти callers**
-
-```bash
-cd app && grep -rn "buildUniqueKey(" app/ tests/
-```
-
-Expected: ~3-5 мест в `SyncSupplierProjectJob.php` (handleOnline) + tests.
-
-- [ ] **Step 2-5: Заменить каждое на `buildUniqueKeyAgnostic($project)`** (без второго аргумента). Тесты прогнать.
-
-- [ ] **Step 6: Удалить platform-specific метод**
-
-```php
-// УДАЛИТЬ buildUniqueKey(Project $project, string $platform): string
-```
-
-- [ ] **Step 7: Commit**
-
-```bash
-git commit -m "refactor(supplier-grouping): R-17 — unify on buildUniqueKeyAgnostic
-
-platform-specific buildUniqueKey diverged from agnostic for SMS+keyword projects
-(B3 used 'sender' without keyword, B2 used 'sender+keyword'), creating orphan
-rows in batch flow. Now always 'sender+keyword' for SMS with keyword. Spec §4.4.1."
-```
-
----
-
-## Task 4.2: Migration команда `supplier:rekey-orphans`
-
-**Files:**
-
-- Create: `app/app/Console/Commands/SupplierRekeyOrphansCommand.php`.
-
-- [ ] **Step 1-5: TDD** — найти orphans (SMS B3 с unique_key без `+`), либо UPDATE их `unique_key=sender+keyword` если такой ещё нет, либо пометить как dead и пустить через `DeleteSupplierProjectJob`.
-
-- [ ] **Step 6: Commit + run on prod (после деплоя)**
-
-```bash
-ssh ubuntu@liderra.ru "cd /var/www/liderra/app && sudo -u www-data php artisan supplier:rekey-orphans --dry-run"
-# проверить вывод, потом без --dry-run
-```
-
----
-
-## Task 4.3: R-18 fixed target_date
-
-**Files:**
-
-- Modify: `app/app/Jobs/SyncSupplierProjectJob.php:141` — заменить `Carbon::tomorrow` на условную логику.
-
-- [ ] **Step 1: Failing test**
-
-```php
-it('uses tomorrow at 23:59 MSK', function () {
-    Carbon::setTestNow('2026-05-28 23:59:59', 'Europe/Moscow');
-    $job = new SyncSupplierProjectJob(1);
-    // assert targetWeekday = Tuesday (29-th)
-    Carbon::setTestNow();
-});
-it('uses tomorrow at 00:01 MSK (NO flicker to Wednesday)', function () {
-    Carbon::setTestNow('2026-05-29 00:01:00', 'Europe/Moscow');
-    // assert targetWeekday = STILL Tuesday (29-th — same target)
-});
-it('uses day-after-tomorrow at 21:01 MSK', function () {
-    Carbon::setTestNow('2026-05-29 21:01:00', 'Europe/Moscow');
-    // assert targetWeekday = Wednesday (30-th)
-});
-```
-
-- [ ] **Step 2-5: TDD**, в `handleOnline`:
-
-```php
-$msk = CarbonImmutable::now('Europe/Moscow');
-$targetDate = $msk->hour >= 21 ? $msk->copy()->addDays(2)->startOfDay() : $msk->copy()->addDay()->startOfDay();
-$targetWeekday = $targetDate->isoWeekday();
-```
-
-- [ ] **Step 6: Commit**
-
----
-
-## Task 4.4: R-19 share-aware `requiredLeadsForTomorrow`
-
-**Files:**
-
-- Modify: `app/app/Models/Tenant.php`.
-
-- [ ] **Step 1: Failing test**
-
-```php
-it('returns full limit when no sharing', function () {
-    $tenant = Tenant::factory()->create();
-    Project::factory()->for($tenant)->create(['is_active' => true, 'daily_limit_target' => 10]);
-    expect($tenant->fresh()->requiredLeadsForTomorrow())->toBe(10);
-});
-
-it('returns proportional share when 3 tenants share source', function () {
-    // 3 tenants, same call source 79161234567, each daily_limit_target=10
-    // group_order = max(10, ceil(30/3)) = 10
-    // share per tenant = ceil(10 * 10/30) = 4
-    $tenant1 = Tenant::factory()->create();
-    $tenant2 = Tenant::factory()->create();
-    $tenant3 = Tenant::factory()->create();
-    foreach ([$tenant1, $tenant2, $tenant3] as $t) {
-        Project::factory()->for($t)->create([
-            'is_active' => true, 'signal_type' => 'call',
-            'signal_identifier' => '79161234567', 'daily_limit_target' => 10,
-        ]);
-    }
-    expect($tenant1->requiredLeadsForTomorrow())->toBe(4);
-});
-```
-
-- [ ] **Step 2-5: TDD** — реализация по §4.4.3.
-
-- [ ] **Step 6: Commit**
-
----
-
-## Task 4.5: `CsvReconcileJob` business-drift
-
-**Files:**
-
-- Modify: `app/app/Jobs/Supplier/CsvReconcileJob.php` — добавить второй проход.
-
-- [ ] **Step 1: Failing test** — snapshot за вчера имеет expected=10, delivered=2 → shortfall=80% → второй email-алёрт.
-
-- [ ] **Step 2-5: TDD** — добавить SQL запрос (см. спек §4.4.4) после существующего drift расчёта; новый email `TenantBusinessDriftAlertMail` (отдельный от существующего `CsvDriftAlertMail`).
-
-- [ ] **Step 6: Commit**
-
----
-
-# Этап 5 — Переключение online → batch (1 час + неделя наблюдения)
-
-## Task 5.1: UPDATE `supplier_export_mode`
-
-После Этапов 1-4 в production стабильно работали ≥1 недели без P0:
-
-- [ ] **Step 1: Прод-SQL**
-
-```bash
-ssh ubuntu@liderra.ru "sudo -u postgres psql -d liderra -c \"
-UPDATE system_settings SET value='batch' WHERE key='supplier_export_mode';
-SELECT value FROM system_settings WHERE key='supplier_export_mode';
-\""
-```
-
-Expected: `value='batch'` подтверждено.
-
-- [ ] **Step 2: Smoke в течение часа**
-
-Создать/изменить тестовый проект через UI на dev/staging. Убедиться что:
-
-- `SyncSupplierProjectJob` (single) НЕ пушит сразу (handleBatch вместо handleOnline).
-- Изменения уезжают ночью через `SyncSupplierProjectsJob` (множественный).
-
-- [ ] **Step 3: Memory update**
-
-`memory/project_billing_v2.md` — обновить «целевой режим достигнут (batch)».
-`memory/project_slepok_protection.md` — пометить «Этап 5 закрыт, online режим архивирован».
-
-- [ ] **Step 4: 7-дневный мониторинг**
-
-Каждый день: `scheduler_heartbeats`, error rate, business-drift alerts. Если 7 дней зелёные — этап закрыт.
-
-- [ ] **Step 5: Commit memory + ПИЛОТ**
-
-```bash
-git commit -m "docs: Stage 5 closed — batch mode live, slepok protection end-to-end"
-```
-
----
-
-# Self-review
-
-**Spec coverage:**
-
-- R-01 — Task 2.5 (snapshot routing) ✅
-- R-02 — Task 2.5 + 2.9 (slepok согласован между нами и поставщиком) ✅
-- R-03 — Task 2.5 (фильтр frozen в SQL) + Task 3.1 (LedgerService reject) ✅
-- R-04 — Task 2.5 + 2.6 (snapshot defines today; auto-pause через is_active) ✅
-- R-05 — Task 4.5 (business-drift) ✅
-- R-06..R-08 — Task 2.5 (snapshot read), Task 2.7 (appliesFrom) ✅
-- R-09 — Task 2.6 (is_active recheck под lock) ✅
-- R-10 — Task 2.7 (appliesFrom расширен на signal_identifier/sms_*) ✅
-- R-11 — Task 2.2 step 3 (snapshot подхватывает effective_daily_limit_today) ✅
-- R-12 — Task 1.2 ✅
-- R-13 — Task 3.2 (paused_at sync) ✅
-- R-14 — Task 1.3 ✅
-- R-15 — Task 2.5 + 2.11 (UI message) ✅
-- R-16 — Task 1.4 ✅
-- R-17 — Task 4.1 + 4.2 ✅
-- R-18 — Task 4.3 ✅
-- R-19 — Task 4.4 ✅
-
-Все 19 рисков покрыты задачами.
-
-**Placeholder scan:** в плане нет «TBD/TODO/implement later». Все шаги имеют конкретный код или конкретную команду.
-
-**Type consistency:** `applies_from` (snake_case PHP attribute) vs `appliesFrom` (camelCase method) — это разные сущности, OK. `snapshot_daily_limit` используется консистентно в Task 2.5 и 2.9. `delivered_count` vs `delivered_today` — разные поля, разные таблицы, OK.
-
----
-
-**Plan complete and saved to `docs/superpowers/plans/2026-05-26-slepok-routing-protection.md`.**
-
-Два варианта исполнения:
-
-1. **Subagent-Driven (рекомендуется)** — диспатчу свежего субагента на каждую task, делаю review между task'ами, быстрая итерация. Скил `superpowers:subagent-driven-development`.
-
-2. **Inline Execution** — исполняю task'и в этой сессии через `superpowers:executing-plans`, батч исполнение с checkpoint'ами для review.
-
-Какой подход?
diff --git a/docs/superpowers/plans/2026-05-29-lead-region-resolution.md b/docs/superpowers/plans/2026-05-29-lead-region-resolution.md
deleted file mode 100644
index 5cf1e76..0000000
--- a/docs/superpowers/plans/2026-05-29-lead-region-resolution.md
+++ /dev/null
@@ -1,641 +0,0 @@
-# Lead Region Resolution — Master Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use `superpowers:subagent-driven-development` (recommended) or `superpowers:executing-plans` to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
->
-> **This is a MASTER plan split into 6 sessions.** Each session is a self-contained, testable deliverable. Execute sessions **in order** (later sessions depend on earlier ones). Each session = one subagent-driven-development run with its own review checkpoints. Before starting a session, re-read this header + the session's "Preconditions".
-
-**Goal:** Резолвить настоящий регион лида по телефону (DaData → Россвязь → tag-fallback) и переключить `LeadRouter` на каскадную маршрутизацию по региону, чтобы клиенты, делящие один источник с разными regions, получали только лиды своего региона.
-
-**Architecture:** Новый сервис `LeadRegionResolver` вызывается в `RouteSupplierLeadJob::handle()` ДО транзакционного цикла, резолвит `subject_code` + оператора по телефону, персистит в `supplier_leads` + `lead_region_resolution_log`. `LeadRouter::matchEligibleProjects` получает новый параметр `?int $resolvedSubjectCode` и фильтрует кандидатов в 3 фазы (точное совпадение региона → «вся РФ» → запасной канал с подменой). Локальный реестр Россвязи (`phone_ranges`) — fallback когда DaData недоступна/неуверена.
-
-**Tech Stack:** PHP 8.3, Laravel 13, PostgreSQL 16 (партиции, RLS, `INT[]`), Pest 4, Redis (кэш + token-bucket), DaData REST API (`cleaner.dadata.ru/api/v1/clean/phone`).
-
-**Source spec:** [docs/superpowers/specs/2026-05-29-lead-region-resolution-design.md](../specs/2026-05-29-lead-region-resolution-design.md) v0.5. Прочитать целиком перед стартом — этот план не дублирует §3-§12 спеки, а превращает их в исполнимые шаги.
-
----
-
-## ⚠️ КРИТИЧЕСКИЕ ПОПРАВКИ К СПЕКЕ (читать ДО любого кода)
-
-Эти расхождения спеки с фактическим кодом обнаружены прямым code-walking 30.05.2026. Implementer ОБЯЗАН следовать факту, а не цифрам/именам из спеки.
-
-1. **Коды субъектов — НЕ автомобильные.** Спека §3.4.1 пишет «77 Москва, 50 МО, 78 СПб, 47 ЛО» — это НЕВЕРНО. Источник истины — [`app/app/Support/RussianRegions.php`](../../../app/app/Support/RussianRegions.php) `CODE_TO_NAME` (конституционный порядок ст. 65, 1..89):
-   - **Москва = 82**, **Санкт-Петербург = 83**, **Московская область = 56**, **Ленинградская область = 53**.
-   - Севастополь = 84, Республика Крым = 13.
-   - Везде в коде/тестах/маппингах использовать ЭТИ коды.
-
-2. **`RussianRegions` НЕ имеет `codeToName()`-метода.** Есть только `public const CODE_TO_NAME` (массив) и `public static function nameToCode(): array` (через `array_flip`). Если нужен code→name — читать константу `RussianRegions::CODE_TO_NAME[$code]`.
-
-3. **`LeadRouter::matchEligibleProjects` имеет ДВА SQL-пути** — `DIRECT` (по `signal_type` + `unique_key`) и `B1/B2/B3` (через `project_supplier_links` pivot). Каскад (§3.9) спека показывает только для pivot-пути — **реализовать каскад для ОБОИХ путей**.
-
-4. **`project_routing_snapshots` УЖЕ содержит `regions INT[] NOT NULL DEFAULT '{}'`** (миграция `2026_05_27_120000`). Колонку добавлять НЕ нужно — каскадный WHERE ложится на готовую колонку через `?::int = ANY(snap.regions)` и `snap.regions = '{}'::int[]`.
-
-5. **`LeadDistributor::selectRecipients` сейчас берёт cap=3 СЛУЧАЙНО.** Каскад спеки требует упорядоченный отбор (точное → РФ → запасной, сортировка по остатку лимита DESC) внутри роутера. Реконсиляция: роутер сам обрезает до 3 упорядоченно → `LeadDistributor` при `count ≤ CAP` возвращает коллекцию как есть (без шаффла, строка 36-38). Это **смена поведения** (random → детерминированный по остатку лимита). Зафиксировано как сознательное решение — см. §«Открытый вопрос D1» ниже. НЕ менять `LeadDistributor`; роутер просто отдаёт ≤3.
-
-6. **`subject_code` пишется в `deals` уже сейчас** (Job строка 405-406, через `?int $subjectCode` из `RegionTagResolver`). Интеграция — заменить источник, не добавить колонку. `deals.subject_code` уже существует (миграция `2026_05_20_102000`).
-
-7. **Команда запуска тестов:** из каталога `app/`. Один файл: `cd app && ./vendor/bin/pest tests/Unit/Services/LeadRegionResolverTest.php`. Фильтр по имени: `cd app && ./vendor/bin/pest --filter="dadata qc 0"`. Полный прогон сервиса перед коммитом сессии. **NB Bash cwd persists** — всегда префиксить `cd app &&` или использовать subshell.
-
----
-
-## Открытые вопросы для заказчика (решить ДО Session 5-6)
-
-- **D1 (поведение распределения):** Сейчас при >3 кандидатах лид раздаётся 3 СЛУЧАЙНЫМ клиентам. Новый каскад раздаёт 3 клиентам с НАИБОЛЬШИМ остатком дневного лимита (детерминированно). Это значит: клиент с большим остатком лимита систематически получает больше лидов, чем клиент с малым. Спека §3.9 явно выбрала «сортировка по остатку DESC». **Подтвердить, что random-распределение можно убрать.** (Если заказчик хочет сохранить случайность внутри региона — это +1 задача: random-shuffle внутри каждой фазы перед cap.)
-- **D2 (ambiguous-list staging):** Список «объединённых» регионов DaData (`'Санкт-Петербург и область'`, `'Москва и область'`) расширяется только по реальным наблюдениям на staging (спека §3.4.1). На старте — ровно эти 2 строки. Подтверждается smoke-прогоном (Session 6).
-
----
-
-## Общие конвенции (применять во ВСЕХ сессиях)
-
-### Тестовый сетап (Pest 4)
-
-- **Unit-тесты** (`app/tests/Unit/...`): чистые, без БД где возможно; `Http::fake()` для DaData; `Cache::fake()`/`Cache::store('array')` для кэша.
-- **Feature-тесты** (`app/tests/Feature/...`): `uses(DatabaseTransactions::class)` + `uses(Tests\Concerns\SharesSupplierPdo::class)`. Tenant-контекст: `DB::statement("SELECT set_config('app.current_tenant_id', '0', true)")` в `beforeEach` (как [`LeadRouterTest.php`](../../../app/tests/Feature/Services/LeadRouterTest.php)).
-- Фабрики: `Tenant::factory()`, `Project::factory()`, `SupplierProject::factory()`/`::query()->create([...])`, `SupplierLead::factory()`.
-- Хелперы (в [`app/tests/Pest.php`](../../../app/tests/Pest.php)): `linkProjectToSupplier($project, $supplier)`, `createRoutingSnapshotFromProject($project, ...)` — **последний расширяется в Session 5** (добавить `string $regions = '{}'` параметр).
-- Pest-стиль: `it('...', function () { ... })`, `expect($x)->toBe(...)`. Никакого PHPUnit class-стиля в новых тестах.
-
-### Паттерн миграции (raw SQL, образец — `2026_05_27_120000_create_project_routing_snapshots_table.php`)
-
-```php
-<?php
-declare(strict_types=1);
-use Illuminate\Database\Migrations\Migration;
-use Illuminate\Support\Facades\DB;
-
-return new class extends Migration {
-    public function up(): void
-    {
-        // SET ROLE crm_migrator на проде; на dev/testing — fallback postgres superuser.
-        try {
-            DB::statement('SET ROLE crm_migrator');
-            $canCreate = DB::selectOne("SELECT has_schema_privilege('crm_migrator', 'public', 'CREATE') AS ok");
-            if (!$canCreate || !$canCreate->ok) { DB::statement('RESET ROLE'); }
-        } catch (\Throwable) { /* окружение без роли — продолжаем как superuser */ }
-
-        DB::unprepared(<<<'SQL'
-            -- DDL здесь
-        SQL);
-    }
-    public function down(): void
-    {
-        try {
-            DB::statement('SET ROLE crm_migrator');
-            $canCreate = DB::selectOne("SELECT has_schema_privilege('crm_migrator', 'public', 'CREATE') AS ok");
-            if (!$canCreate || !$canCreate->ok) { DB::statement('RESET ROLE'); }
-        } catch (\Throwable) {}
-        DB::statement('DROP TABLE IF EXISTS <table> CASCADE');
-    }
-};
-```
-
-- GRANT'ы: SaaS-level read-таблицы → `crm_readonly` + `crm_supplier_worker` SELECT; запись через `crm_migrator`. Tenant-таблицы → RLS policy + GRANT `crm_app_user`/`crm_supplier_worker` (образец snapshot-миграции строки 49-55).
-- Партиционированные таблицы: явный `CREATE TABLE ..._y2026_m05 PARTITION OF ...` для текущего+следующего месяца + регистрация retention в `system_settings` (образец строки 57-78).
-- **`db/schema.sql` + `db/CHANGELOG_schema.md`** обновлять при каждой схемной правке (правило §4.2 / §5 п.8 CLAUDE.md). Bump версии schema в header.
-
-### Git / коммиты
-
-- Ветка: `feat/lead-region-resolution` (создаётся в Session 1, см. Preconditions).
-- Частые атомарные коммиты (per task). Conventional commits: `feat(region):`, `test(region):`, `chore(region):`.
-- Каждая сессия завершается зелёной регрессией затронутого слоя + push.
-
----
-
-## SESSION 1 — Схема БД + регистрация партиций
-
-**Deliverable:** Все таблицы и колонки фичи существуют, миграция up/down работает, партиции регистрируются. Никакой бизнес-логики.
-**Preconditions:** Чистый `main` (или согласованная база). Создать ветку: `git switch -c feat/lead-region-resolution`. Закоммитить spec (untracked) первым коммитом.
-**Files:**
-
-- Create: `app/database/migrations/2026_05_31_100000_create_phone_ranges_and_resolution_log.php`
-- Modify: `app/app/Services/MonthlyPartitionManager.php:48-62` (PARTITIONED_TABLES map)
-- Modify: `db/schema.sql` (новые таблицы + ALTER, bump версии) + `db/CHANGELOG_schema.md`
-- Test: `app/tests/Feature/Migrations/PhoneRangesMigrationTest.php`
-
-### Task 1.1 — Failing test: миграция создаёт таблицы и колонки
-
-- [ ] **Step 1: Написать падающий тест**
-
-`app/tests/Feature/Migrations/PhoneRangesMigrationTest.php`:
-
-```php
-<?php
-declare(strict_types=1);
-use Illuminate\Support\Facades\DB;
-use Tests\Concerns\SharesSupplierPdo;
-
-uses(SharesSupplierPdo::class);
-
-it('creates phone_ranges with lookup index', function (): void {
-    expect(DB::selectOne("SELECT to_regclass('public.phone_ranges') AS t")->t)->not->toBeNull();
-    $cols = collect(DB::select("SELECT column_name FROM information_schema.columns WHERE table_name='phone_ranges'"))
-        ->pluck('column_name')->all();
-    expect($cols)->toContain('def_code', 'from_num', 'to_num', 'operator', 'region', 'subject_code', 'import_id');
-});
-
-it('creates lead_region_resolution_log as partitioned table', function (): void {
-    $p = DB::selectOne("SELECT partattrs FROM pg_partitioned_table pt JOIN pg_class c ON c.oid=pt.partrelid WHERE c.relname='lead_region_resolution_log'");
-    expect($p)->not->toBeNull();
-});
-
-it('adds resolution columns to supplier_leads and deals', function (): void {
-    $sl = collect(DB::select("SELECT column_name FROM information_schema.columns WHERE table_name='supplier_leads'"))->pluck('column_name')->all();
-    expect($sl)->toContain('resolved_subject_code', 'region_source', 'dadata_qc', 'phone_operator');
-    $d = collect(DB::select("SELECT column_name FROM information_schema.columns WHERE table_name='deals'"))->pluck('column_name')->all();
-    expect($d)->toContain('phone_operator', 'region_substituted');
-});
-```
-
-- [ ] **Step 2: Прогнать — убедиться что падает** (`cd app && ./vendor/bin/pest tests/Feature/Migrations/PhoneRangesMigrationTest.php` → FAIL: relation does not exist)
-
-- [ ] **Step 3: Написать миграцию.** DDL по спеке §4.1-§4.6 с поправками. Полный DDL (вставить в `DB::unprepared`):
-
-```sql
--- 1. phone_ranges_imports (журнал импортов — создаём ПЕРВЫМ, на него FK)
-CREATE TABLE phone_ranges_imports (
-    id              BIGSERIAL PRIMARY KEY,
-    imported_at     TIMESTAMPTZ NOT NULL DEFAULT NOW(),
-    source_url      TEXT NOT NULL,
-    rows_inserted   INTEGER NOT NULL DEFAULT 0,
-    rows_updated    INTEGER NOT NULL DEFAULT 0,
-    checksum_sha256 TEXT NOT NULL,
-    status          TEXT NOT NULL DEFAULT 'in_progress'
-        CHECK (status IN ('in_progress','completed','failed','rolled_back')),
-    error           TEXT,
-    completed_at    TIMESTAMPTZ
-);
-
--- 2. phone_ranges (реестр Россвязи, SaaS-level без RLS)
-CREATE TABLE phone_ranges (
-    id              BIGSERIAL PRIMARY KEY,
-    def_code        SMALLINT NOT NULL,
-    from_num        BIGINT NOT NULL,
-    to_num          BIGINT NOT NULL,
-    operator        TEXT NOT NULL,
-    region          TEXT NOT NULL,
-    region_normalized TEXT,
-    subject_code    SMALLINT,
-    imported_at     TIMESTAMPTZ NOT NULL,
-    import_id       BIGINT NOT NULL REFERENCES phone_ranges_imports(id),
-    CONSTRAINT chk_phone_ranges_def_code CHECK (def_code BETWEEN 300 AND 999),
-    CONSTRAINT chk_phone_ranges_subject_code CHECK (subject_code IS NULL OR subject_code BETWEEN 1 AND 89),
-    CONSTRAINT chk_phone_ranges_range_valid CHECK (from_num <= to_num)
-);
-CREATE INDEX idx_phone_ranges_lookup ON phone_ranges (def_code, from_num, to_num);
-GRANT SELECT ON phone_ranges, phone_ranges_imports TO crm_readonly, crm_supplier_worker;
-
--- 3. lead_region_resolution_log (SaaS-level, партиционирован по received_at)
-CREATE TABLE lead_region_resolution_log (
-    id                      BIGSERIAL,
-    supplier_lead_id        BIGINT NOT NULL,
-    received_at             TIMESTAMPTZ NOT NULL,
-    phone_masked            TEXT NOT NULL,
-    subject_code_resolved   SMALLINT,
-    subject_code_from_tag   SMALLINT,
-    region_source           TEXT NOT NULL CHECK (region_source IN ('dadata','rossvyaz','tag','unknown')),
-    dadata_qc               SMALLINT,
-    dadata_provider         TEXT,
-    dadata_type             TEXT,
-    dadata_response_masked  JSONB,
-    rossvyaz_matched        BOOLEAN NOT NULL DEFAULT FALSE,
-    actual_subject_code     SMALLINT CHECK (actual_subject_code IS NULL OR actual_subject_code BETWEEN 1 AND 89),
-    substituted_subject_code SMALLINT CHECK (substituted_subject_code IS NULL OR substituted_subject_code BETWEEN 1 AND 89),
-    routing_step            SMALLINT CHECK (routing_step IS NULL OR routing_step BETWEEN 1 AND 3),
-    phone_operator          TEXT,
-    cache_hit               BOOLEAN NOT NULL DEFAULT FALSE,
-    duration_ms             INTEGER,
-    resolved_at             TIMESTAMPTZ NOT NULL DEFAULT NOW(),
-    PRIMARY KEY (id, received_at)
-) PARTITION BY RANGE (received_at);
-CREATE INDEX idx_lrrl_lead_id ON lead_region_resolution_log (supplier_lead_id);
-CREATE INDEX idx_lrrl_source ON lead_region_resolution_log (region_source, received_at);
-GRANT SELECT, INSERT ON lead_region_resolution_log TO crm_supplier_worker;
-GRANT SELECT ON lead_region_resolution_log TO crm_readonly;
-CREATE TABLE lead_region_resolution_log_y2026_m05 PARTITION OF lead_region_resolution_log
-    FOR VALUES FROM ('2026-05-01') TO ('2026-06-01');
-CREATE TABLE lead_region_resolution_log_y2026_m06 PARTITION OF lead_region_resolution_log
-    FOR VALUES FROM ('2026-06-01') TO ('2026-07-01');
-
--- 4. supplier_leads +4 колонки (persistent idempotency + denormalized display)
-ALTER TABLE supplier_leads
-    ADD COLUMN resolved_subject_code SMALLINT CHECK (resolved_subject_code IS NULL OR resolved_subject_code BETWEEN 1 AND 89),
-    ADD COLUMN region_source TEXT CHECK (region_source IN ('dadata','rossvyaz','tag','unknown')),
-    ADD COLUMN dadata_qc SMALLINT,
-    ADD COLUMN phone_operator TEXT;
-
--- 5. deals +2 колонки
-ALTER TABLE deals
-    ADD COLUMN phone_operator TEXT,
-    ADD COLUMN region_substituted BOOLEAN NOT NULL DEFAULT FALSE;
-```
-
-В том же `up()` после `DB::unprepared`: зарегистрировать retention `lead_region_resolution_log` в `system_settings` (паттерн snapshot-миграции строки 67-78, `value => '12'`, 365 дней). `down()`: `DROP TABLE IF EXISTS lead_region_resolution_log, phone_ranges, phone_ranges_imports CASCADE` + `ALTER TABLE ... DROP COLUMN IF EXISTS ...` для supplier_leads/deals + удалить system_settings ключ.
-
-> **Гайд по партициям:** новый партиционированный `lead_region_resolution_log` имеет ключ `received_at` (как `deals`). Партиции `deals` создаются помесячно — наши партиции на старте только m05/m06, дальше их подхватит `partitions:create-months` ПОСЛЕ регистрации в Task 1.2.
-
-- [ ] **Step 4: Прогнать тест — PASS** (`cd app && ./vendor/bin/pest tests/Feature/Migrations/PhoneRangesMigrationTest.php`)
-
-- [ ] **Step 5: Коммит** `git add -A && git commit -m "feat(region): schema — phone_ranges, resolution_log, supplier_leads/deals columns"`
-
-### Task 1.2 — Регистрация новой партиц-таблицы в MonthlyPartitionManager
-
-- [ ] **Step 1: Падающий тест** `app/tests/Unit/Services/MonthlyPartitionManagerRegionLogTest.php`:
-
-```php
-<?php
-declare(strict_types=1);
-use App\Services\MonthlyPartitionManager;
-it('knows lead_region_resolution_log partition key', function (): void {
-    expect(MonthlyPartitionManager::PARTITIONED_TABLES)->toHaveKey('lead_region_resolution_log');
-    expect(MonthlyPartitionManager::PARTITIONED_TABLES['lead_region_resolution_log'])->toBe('received_at');
-});
-```
-
-- [ ] **Step 2: Прогнать — FAIL.**
-- [ ] **Step 3: Добавить** в `MonthlyPartitionManager::PARTITIONED_TABLES` (после строки 61) `'lead_region_resolution_log' => 'received_at',`.
-- [ ] **Step 4: Прогнать — PASS.**
-- [ ] **Step 5: Коммит** `chore(region): register lead_region_resolution_log in MonthlyPartitionManager`.
-
-### Task 1.3 — Синхронизация db/schema.sql + CHANGELOG
-
-- [ ] **Step 1:** Добавить новые `CREATE TABLE`/`ALTER` в `db/schema.sql` (зеркало миграции), bump версии в header.
-- [ ] **Step 2:** Запись в `db/CHANGELOG_schema.md` (новая версия, перечень изменений).
-- [ ] **Step 3:** Коммит `chore(region): sync db/schema.sql + CHANGELOG for region resolution`.
-
-**Session 1 завершение:** прогон `cd app && ./vendor/bin/pest tests/Feature/Migrations tests/Unit/Services/MonthlyPartitionManagerRegionLogTest.php` → GREEN. Push.
-
----
-
-## SESSION 2 — Россвязь: реестр + lookup
-
-**Deliverable:** `RossvyazPrefixLookup` находит регион+оператора по телефону через `phone_ranges`; `phone-ranges:import` команда импортирует реестр.
-**Preconditions:** Session 1 смержена/на ветке. Таблицы `phone_ranges*` существуют.
-**Files:**
-
-- Create: `app/app/Services/RossvyazPrefixLookup.php`, `app/app/Services/Dto/RossvyazRecord.php`
-- Create: `app/app/Console/Commands/PhoneRangesImportCommand.php`
-- Test: `app/tests/Unit/Services/RossvyazPrefixLookupTest.php`, `app/tests/Feature/Console/PhoneRangesImportCommandTest.php`
-
-### Task 2.1 — RossvyazRecord DTO + Lookup (TDD)
-
-- [ ] **Step 1: Падающие тесты** `RossvyazPrefixLookupTest.php` (Feature, нужна БД — `uses(DatabaseTransactions::class, SharesSupplierPdo::class)`; сидируем `phone_ranges` напрямую через `DB::table`):
-
-```php
-it('mobile prefix returns correct region and operator', function (): void {
-    DB::table('phone_ranges')->insert([
-        'def_code'=>921,'from_num'=>5550000,'to_num'=>5559999,'operator'=>'МегаФон',
-        'region'=>'Санкт-Петербург','subject_code'=>83,'imported_at'=>now(),'import_id'=>seedImport(),
-    ]);
-    $rec = app(App\Services\RossvyazPrefixLookup::class)->find('7921555XXXX');
-    expect($rec)->not->toBeNull()->and($rec->subjectCode)->toBe(83)->and($rec->region)->toBe('Санкт-Петербург');
-});
-it('prefers narrower range when two ranges overlap', function (): void { /* два диапазона, узкий выигрывает (ORDER BY to_num-from_num ASC) */ });
-it('returns null for unknown prefix', function (): void {
-    expect(app(App\Services\RossvyazPrefixLookup::class)->find('7999XXXXXXX'))->toBeNull();
-});
-```
-
-(`seedImport()` — локальный хелпер в тесте: вставляет строку `phone_ranges_imports` и возвращает id.)
-
-- [ ] **Step 2: FAIL.**
-- [ ] **Step 3: Реализация.** `RossvyazRecord` — readonly DTO (`subjectCode: ?int`, `region: string`, `operator: string`). `RossvyazPrefixLookup::find(string $phone): ?RossvyazRecord` по алгоритму спеки §3.7: `def_code = (int) substr($phone,1,3)`, `subscriber = (int) substr($phone,4)`, SQL `SELECT region, operator, subject_code FROM phone_ranges WHERE def_code=? AND from_num<=? AND to_num>=? ORDER BY (to_num-from_num) ASC LIMIT 1`. Запрос через `DB::connection('pgsql_supplier')` (BYPASSRLS, как LeadRouter).
-- [ ] **Step 4: PASS.**
-- [ ] **Step 5: Коммит** `feat(region): RossvyazPrefixLookup + RossvyazRecord DTO`.
-
-### Task 2.2 — PhoneRangesImportCommand (TDD)
-
-- [ ] **Step 1: Падающий Feature-тест** — `phone-ranges:import --dry-run` парсит фикстурный XLSX/CSV в `phone_ranges_staging`, маппит region→subject_code через `RussianRegions::nameToCode()`, при `--dry-run` не свапает. (Фикстура: маленький CSV в `app/tests/Fixtures/rossvyaz/sample.csv`.)
-- [ ] **Step 2: FAIL.**
-- [ ] **Step 3: Реализация** по спеке §6.2: staging-таблица → COPY → checksum-idempotency → atomic `RENAME` swap → `phone_ranges_imports.status`. Несматчившиеся регионы → лог в `phone_ranges_imports.error`. `--dry-run` останавливается до swap. **NB:** реальный источник — пакет ~500-600 файлов XLSX (§6.1); для теста парсим один CSV-фикстуру. Парсер XLSX — отдельный приватный метод, в тесте подменяется CSV-веткой через флаг формата.
-- [ ] **Step 4: PASS.**
-- [ ] **Step 5: Коммит** `feat(region): phone-ranges:import command with atomic swap + idempotency`.
-
-**Session 2 завершение:** GREEN сервис-слой Россвязи. Push. (Реальный первый импорт реестра — оператором в Session 6 раскатке, не в тесте.)
-
----
-
-## SESSION 3 — DaData клиент + бюджет + rate-limit + region map
-
-**Deliverable:** `DaDataPhoneClient` дёргает REST, `DaDataRegionMap` маппит имя→код, `DaDataBudgetGuard` режет по дневному лимиту, token-bucket защищает от 429. Никакой оркестрации (она в Session 4).
-**Preconditions:** Sessions 1-2 готовы.
-**Files:**
-
-- Create: `app/app/Services/DaData/DaDataPhoneClient.php`, `DaDataPhoneResponse.php`, `DaDataQualityCode.php`, `DaDataException.php`, `DaDataTimeoutException.php`
-- Create: `app/app/Services/DaData/DaDataBudgetGuard.php`
-- Create: `app/app/Support/DaDataRegionMap.php`
-- Modify: `app/config/services.php` (+`dadata` блок)
-- Test: `app/tests/Unit/Services/DaData/DaDataPhoneClientTest.php`, `DaDataBudgetGuardTest.php`, `app/tests/Unit/Support/DaDataRegionMapTest.php`
-
-### Task 3.1 — config/services.php + DaDataQualityCode enum
-
-- [ ] **Step 1:** Добавить в `config/services.php`:
-
-```php
-'dadata' => [
-    'api_key' => env('DADATA_API_KEY'),
-    'secret' => env('DADATA_SECRET'),
-    'timeout_ms' => (int) env('DADATA_TIMEOUT_MS', 2000),
-    'retries' => (int) env('DADATA_RETRIES', 1),
-    'daily_cap_rub' => (int) env('DADATA_DAILY_CAP_RUB', 10000),
-    'enabled' => filter_var(env('LEAD_REGION_RESOLVER_ENABLED', false), FILTER_VALIDATE_BOOL),
-    'cache_ttl_days' => (int) env('PHONE_REGION_CACHE_TTL_DAYS', 30),
-],
-```
-
-- [ ] **Step 2:** `DaDataQualityCode` — enum:int (CASE_RECOGNIZED=0, ASSUMPTIONS=1, EMPTY=2, MULTIPLE=3, FOREIGN=7). Без теста (тривиальный enum) — покрывается через клиент.
-- [ ] **Step 3: Коммит** `chore(region): config/services dadata + DaDataQualityCode enum`.
-
-### Task 3.2 — DaDataRegionMap (TDD)
-
-- [ ] **Step 1: Падающий unit-тест** `DaDataRegionMapTest.php`:
-
-```php
-use App\Support\DaDataRegionMap;
-it('maps exact official names via RussianRegions', function (): void {
-    expect(DaDataRegionMap::toSubjectCode('Москва'))->toBe(82);
-    expect(DaDataRegionMap::toSubjectCode('Московская область'))->toBe(56);
-    expect(DaDataRegionMap::toSubjectCode('Санкт-Петербург'))->toBe(83);
-    expect(DaDataRegionMap::toSubjectCode('Ленинградская область'))->toBe(53);
-});
-it('flags ambiguous agglomeration strings', function (): void {
-    expect(DaDataRegionMap::isAmbiguous('Санкт-Петербург и область'))->toBeTrue();
-    expect(DaDataRegionMap::isAmbiguous('Москва и область'))->toBeTrue();
-    expect(DaDataRegionMap::isAmbiguous('Москва'))->toBeFalse();
-});
-it('returns null for unmappable region', function (): void {
-    expect(DaDataRegionMap::toSubjectCode('Атлантида'))->toBeNull();
-});
-it('resolves all 89 RussianRegions names', function (): void {
-    foreach (App\Support\RussianRegions::CODE_TO_NAME as $code => $name) {
-        expect(DaDataRegionMap::toSubjectCode($name))->toBe($code);
-    }
-});
-```
-
-- [ ] **Step 2: FAIL.**
-- [ ] **Step 3: Реализация.** `DaDataRegionMap`: `AMBIGUOUS_REGIONS = ['Санкт-Петербург и область','Москва и область']` (const). `OVERRIDES` — массив для несовпадающих имён (на старте пустой — заполняется findings). `toSubjectCode(string $name): ?int` → trim → `OVERRIDES[$name] ?? RussianRegions::nameToCode()[$name] ?? null`. `isAmbiguous(string $name): bool` → `in_array($name, self::AMBIGUOUS_REGIONS, true)`.
-- [ ] **Step 4: PASS.**
-- [ ] **Step 5: Коммит** `feat(region): DaDataRegionMap with ambiguous-list + 89-region coverage`.
-
-### Task 3.3 — DaDataPhoneClient (TDD, Http::fake)
-
-> **Конвенция HTTP-клиента** — зеркалить [`app/app/Services/Supplier/SupplierPortalClient.php`](../../../app/app/Services/Supplier/SupplierPortalClient.php): инжектить `Illuminate\Http\Client\Factory $http`, кастомные исключения, приватный `request()`.
-
-- [ ] **Step 1: Падающие unit-тесты** `DaDataPhoneClientTest.php` (по одному на qc 0/1/2/3/7 + timeout + 5xx-retry + 4xx-no-retry). Пример:
-
-```php
-use App\Services\DaData\DaDataPhoneClient;
-use Illuminate\Support\Facades\Http;
-it('parses qc=0 mobile response', function (): void {
-    Http::fake(['cleaner.dadata.ru/*' => Http::response([[
-        'qc'=>0,'qc_conflict'=>0,'type'=>'Мобильный','phone'=>'+7 921 555-12-34',
-        'provider'=>'МегаФон','region'=>'Санкт-Петербург и область','timezone'=>'UTC+3',
-    ]], 200)]);
-    $resp = app(DaDataPhoneClient::class)->cleanPhone('7921555XXXX');
-    expect($resp->qc)->toBe(0)->and($resp->provider)->toBe('МегаФон')
-        ->and($resp->region)->toBe('Санкт-Петербург и область');
-});
-it('throws DaDataTimeoutException on connection timeout', function (): void {
-    Http::fake(fn () => throw new Illuminate\Http\Client\ConnectionException('timeout'));
-    expect(fn () => app(DaDataPhoneClient::class)->cleanPhone('7921555XXXX'))
-        ->toThrow(App\Services\DaData\DaDataTimeoutException::class);
-});
-```
-
-- [ ] **Step 2: FAIL.**
-- [ ] **Step 3: Реализация** по §3.6: POST `https://cleaner.dadata.ru/api/v1/clean/phone`, headers `Authorization: Token <key>`, `X-Secret: <secret>`, body `["<phone>"]`, timeout из config, retry на сетевые/5xx. Парсинг массива[0] → `DaDataPhoneResponse` (readonly DTO, поля по §3.6). `ConnectionException`/таймаут → `DaDataTimeoutException`; не-2xx после retry → `DaDataException`.
-- [ ] **Step 4: PASS.**
-- [ ] **Step 5: Коммит** `feat(region): DaDataPhoneClient + DTO + exceptions`.
-
-### Task 3.4 — DaDataBudgetGuard + token-bucket (TDD)
-
-- [ ] **Step 1: Падающий тест** — `canSpend()` true пока `phone_resolution.dadata.spent_today_kopecks < daily_cap`; false при превышении; `recordSpend()` делает Redis INCRBY. (`Cache::store('array')` или Redis-fake.)
-- [ ] **Step 2: FAIL.**
-- [ ] **Step 3: Реализация** §5.3 + §3.13: `DaDataBudgetGuard` (canSpend/recordSpend через Redis-ключ с дневным TTL). Token-bucket 18 RPS — `RateLimiter::for('dadata-cleaner', ...)` зарегистрировать в провайдере; в клиенте обернуть вызов (или отдельный guard — решить в Session 4 при сборке).
-- [ ] **Step 4: PASS.**
-- [ ] **Step 5: Коммит** `feat(region): DaDataBudgetGuard + rate-limit`.
-
-**Session 3 завершение:** GREEN `tests/Unit/Services/DaData tests/Unit/Support/DaDataRegionMapTest.php`. Push.
-
----
-
-## SESSION 4 — LeadRegionResolver (оркестратор)
-
-**Deliverable:** `LeadRegionResolver::resolve(SupplierLead): RegionResolution` со всем каскадом qc-решений, кэшем, ambiguous-логикой, persistent-idempotency, cache-hit логированием. Это сердце фичи.
-**Preconditions:** Sessions 1-3. Все суб-компоненты существуют и зелёные.
-**Files:**
-
-- Create: `app/app/Services/LeadRegionResolver.php`, `app/app/Services/Dto/RegionResolution.php`
-- Test: `app/tests/Unit/Services/LeadRegionResolverTest.php` (12 кейсов из спеки §9.1)
-
-### Task 4.1 — RegionResolution DTO + source rank
-
-- [ ] **Step 1: Падающий тест** на DTO: поля `subjectCode: ?int`, `actualSubjectCode: ?int`, `source: string` ('dadata'|'rossvyaz'|'tag'|'unknown'), `phoneOperator: ?string`, `qc: ?int`, `cacheHit: bool`, `dadataResponseMasked: ?array`, `durationMs: ?int`, `rossvyazMatched: bool`. + статик `SOURCE_RANK` const `['dadata'=>4,'rossvyaz'=>3,'tag'=>2,'unknown'=>1]`. + фабрики `fromTag()`, `fromSupplierLead()` (для persistent-idempotency).
-- [ ] **Step 2-4:** реализация readonly DTO, PASS.
-- [ ] **Step 5: Коммит** `feat(region): RegionResolution DTO + SOURCE_RANK`.
-
-### Task 4.2 — LeadRegionResolver: 12 кейсов (TDD, по одному тесту за раз)
-
-Реализация по алгоритму спеки §3.3 + §3.4 (decision-таблица). Кэш-ключ `sha256("phone-region:".$phone)`, TTL = `config('services.dadata.cache_ttl_days')` дней. Persistent-idempotency: в начале `resolve()` если `$lead->resolved_subject_code !== null || $lead->region_source !== null` → `RegionResolution::fromSupplierLead($lead)` без DaData. Валидация телефона `/^7\d{10}$/` (как в Job/Controller).
-
-Каждый тест из списка спеки §9.1 — отдельный TDD-цикл (Step write→fail→implement→pass→commit). Имена тестов (Pest `it('...')`):
-
-- [ ] `dadata qc 0 returns dadata source` — `Http::fake` qc=0 region не-ambiguous → source='dadata', subjectCode маппится.
-- [ ] `dadata qc 0 ambiguous region falls to rossvyaz but keeps dadata provider` — region='Санкт-Петербург и область' → идём в Россвязь за subjectCode=83, provider остаётся от DaData (И-2). **Ключевой тест ambiguous-логики.**
-- [ ] `dadata qc 3 returns dadata with multiple flag`.
-- [ ] `dadata qc 1 falls back to rossvyaz`.
-- [ ] `dadata qc 2 falls back to tag skipping rossvyaz`.
-- [ ] `dadata qc 7 falls back to tag skipping rossvyaz`.
-- [ ] `dadata timeout falls back to rossvyaz`.
-- [ ] `dadata network error falls back to rossvyaz`.
-- [ ] `budget cap exceeded skips dadata directly to rossvyaz` (`DaDataBudgetGuard::canSpend()` false).
-- [ ] `cache hit skips dadata and rossvyaz` — второй вызов того же телефона не дёргает Http (assert `Http::assertSentCount`).
-- [ ] `invalid phone skips dadata returns tag`.
-- [ ] `qc 0 region null falls through to rossvyaz` (мобильный без региона, §3.4 Q6/Q7).
-- [ ] `unmappable dadata region falls through to rossvyaz` (qc=0 но region не в справочнике).
-- [ ] `all three layers fail returns unknown with null subject_code`.
-
-После каждого — Step «commit» `feat(region): LeadRegionResolver — <case>` (или батч-коммит на 3-4 связанных кейса).
-
-**Session 4 завершение:** `cd app && ./vendor/bin/pest tests/Unit/Services/LeadRegionResolverTest.php` все GREEN. Push. **Это самая важная сессия — не торопиться, ревью каждого кейса.**
-
----
-
-## SESSION 5 — LeadRouter каскад + подмена региона
-
-**Deliverable:** `LeadRouter::matchEligibleProjects` принимает `?int $resolvedSubjectCode`, фильтрует в 3 фазы (точное→РФ→запасной) для ОБОИХ путей (DIRECT + pivot), отдаёт ≤3 кандидата с атрибутом `routing_step`.
-**Preconditions:** Sessions 1-4. **Решён вопрос D1** (random→deterministic подтверждён заказчиком).
-**Files:**
-
-- Modify: `app/app/Services/LeadRouter.php` (новый параметр + queryCandidates 3-фазы)
-- Modify: `app/tests/Pest.php` (расширить `createRoutingSnapshotFromProject` параметром `string $regions = '{}'`)
-- Test: `app/tests/Feature/Services/LeadRouterCascadeTest.php`
-
-### Task 5.1 — Расширить тест-хелпер
-
-- [ ] **Step 1:** В `createRoutingSnapshotFromProject` (Pest.php строки 128-150) добавить параметр `string $regions = '{}'` и подставить в insert вместо хардкода `'{}'` (строка 141). Существующие вызовы не ломаются (дефолт сохранён).
-- [ ] **Step 2:** Прогнать существующий `LeadRouterTest.php` — GREEN (регресс не сломан).
-- [ ] **Step 3: Коммит** `test(region): createRoutingSnapshotFromProject accepts regions param`.
-
-### Task 5.2 — Каскад: сигнатура + 3 фазы (TDD)
-
-> **Подход:** обернуть существующий SQL приватным `queryCandidates(string $activeDate, SupplierProject $sp, string $regionFilter, ?int $code, array $excludeTenantIds, int $limit): Collection`. Он содержит развилку DIRECT vs pivot (как сейчас) + добавляет WHERE-фрагмент по фильтру. `matchEligibleProjects(SupplierProject $sp, ?int $resolvedSubjectCode = null)` оркестрирует 3 фазы (§3.9 псевдокод), проставляет `routing_step` на каждый Project через `$project->setAttribute('routing_step', N)`.
-
-WHERE-фрагменты:
-
-- `exact`: `AND ?::int = ANY(snap.regions)` (bind `$code`)
-- `all_ru`: `AND snap.regions = '{}'::int[]`
-- `any`: без региона-фильтра (текущее поведение)
-
-- [ ] **Step 1: Падающие тесты** `LeadRouterCascadeTest.php` (Pest, `DatabaseTransactions` + `SharesSupplierPdo`, tenant-context '0'):
-
-```php
-it('step 1: exact region match wins', function (): void {
-    $sp = SupplierProject::query()->create(['platform'=>'B1','signal_type'=>'site','unique_key'=>'ex.ru','subject_code'=>82,'current_limit'=>0,'sync_status'=>'ok']);
-    // tenant A — регион 83 (СПб); tenant B — регион 82 (Москва)
-    $a = makeLinkedProject($sp, regions: '{83}'); // helper inline
-    $b = makeLinkedProject($sp, regions: '{82}');
-    $matched = app(LeadRouter::class)->matchEligibleProjects($sp, resolvedSubjectCode: 82);
-    expect($matched->pluck('id')->all())->toBe([$b->id])      // только Москва-проект
-        ->and($matched->first()->routing_step)->toBe(1);
-});
-it('step 2: falls to all-RF when no exact match', function (): void {
-    // кандидат только с regions='{}' → routing_step=2 для resolvedSubjectCode=82
-});
-it('step 3: fallback channel when nobody subscribed to region', function (): void {
-    // кандидат с regions='{83}' только; resolvedSubjectCode=82 → никто не подписан, нет РФ →
-    // возвращается с routing_step=3 (подмена в Job, не здесь)
-});
-it('exact + all-RF combine up to cap=3', function (): void { /* 2 точных + 2 РФ → 3 взяты, точные первыми */ });
-it('null resolvedSubjectCode skips exact, uses all-RF then fallback', function (): void { /* резолвер не сработал */ });
-it('cascade works for DIRECT supplier_project path too', function (): void { /* platform=DIRECT */ });
-```
-
-(`makeLinkedProject($sp, regions)` — inline-хелпер в файле теста: создаёт tenant с балансом, project, `linkProjectToSupplier`, `createRoutingSnapshotFromProject($p, regions: $regions)`.)
-
-- [ ] **Step 2: FAIL.**
-- [ ] **Step 3: Реализация** каскада. Сохранить fail-loud `logIfNoSnapshot` (вызывать на финальном результате). `excludeTenantIds` для шага 2 = tenant_id из шага 1.
-- [ ] **Step 4: PASS** + регресс `LeadRouterTest.php` GREEN (старые вызовы без 2-го параметра используют дефолт `null` → ведут себя как «any», но теперь через каскад → проверить что 0-региональные тесты не сломались; при необходимости старые snapshot'ы имеют `regions='{}'` → попадают в шаг 2 all_ru).
-
-> **⚠️ Регрессионный риск:** существующие `LeadRouterTest` создают snapshot с `regions='{}'` и вызывают `matchEligibleProjects($sp)` без 2-го арг. С каскадом `resolvedSubjectCode=null` → шаг 1 пропускается → шаг 2 all_ru матчит `regions='{}'` → те же результаты. **Проверить это явно**; если расходится — поправить дефолтную ветку, чтобы `null` + любой regions вёл себя как старое «any» (backward-compat). Это решение зафиксировать в коммит-сообщении.
-
-- [ ] **Step 5: Коммит** `feat(region): LeadRouter cascade routing (exact→all-RF→fallback) with routing_step`.
-
-**Session 5 завершение:** `cd app && ./vendor/bin/pest tests/Feature/Services/LeadRouterTest.php tests/Feature/Services/LeadRouterCascadeTest.php` GREEN. Push.
-
----
-
-## SESSION 6 — Интеграция в Job + CSV-merge + flag + раскатка
-
-**Deliverable:** `RouteSupplierLeadJob` использует `LeadRegionResolver`, персистит резолв, передаёт `routing_step`, подменяет регион на шаге 3; CSV-merge обновляет по рангу источника; feature-flag; метрики; staging-smoke.
-**Preconditions:** Sessions 1-5 все зелёные и смержены.
-**Files:**
-
-- Modify: `app/app/Jobs/RouteSupplierLeadJob.php` (handle + createDealCopyForProject + CSV-merge)
-- Create: `app/app/Console/Commands/PhoneRegionSmokeCommand.php` (staging-smoke §9.4)
-- Test: `app/tests/Feature/Jobs/RouteSupplierLeadJobRegionResolutionTest.php`
-
-### Task 6.1 — Резолв до транзакции + persist (TDD)
-
-> **Точка вставки** ([RouteSupplierLeadJob.php:151-160](../../../app/app/Jobs/RouteSupplierLeadJob.php#L151)). Сейчас: `$matched = $router->matchEligibleProjects($supplier); $selected = $distributor->selectRecipients($matched); $subjectCode = $tagResolver->resolve(...)`. Становится: резолв региона ДО `matchEligibleProjects`, persist в одной короткой `DB::transaction()`, затем `matchEligibleProjects($supplier, $resolution->subjectCode)`.
-
-- [ ] **Step 1: Падающий тест** `RouteSupplierLeadJobRegionResolutionTest.php`:
-
-```php
-it('lead with phone uses dadata region not tag', function (): void {
-    Http::fake(['cleaner.dadata.ru/*' => Http::response([['qc'=>0,'type'=>'Мобильный','provider'=>'МТС','region'=>'Москва']], 200)]);
-    // lead с raw_payload tag='Санкт-Петербург' но phone резолвится в Москву(82)
-    // → deal.subject_code = 82, supplier_leads.resolved_subject_code=82, region_source='dadata'
-    // → строка в lead_region_resolution_log
-});
-it('region resolution logged per lead with cache_hit flag', function (): void { /* 1 строка в log */ });
-it('lead with invalid phone falls back to tag', function (): void { /* phone='123' → region_source='tag' */ });
-it('lead with resolver disabled via flag uses tag', function (): void { /* config dadata.enabled=false → tag-flow */ });
-it('persistent idempotency: retry does not re-call dadata', function (): void { /* resolved_subject_code уже set → Http::assertNothingSent */ });
-```
-
-- [ ] **Step 2: FAIL.**
-- [ ] **Step 3: Реализация.** Инжектить `LeadRegionResolver $regionResolver` в `handle()`. После `$lead->update(['supplier_project_id'...])`:
-
-```php
-$resolution = $regionResolver->resolve($lead);
-// persist в одной короткой транзакции (ДО циклов по проектам — HTTP не висит в tenant-tx)
-DB::transaction(function () use ($lead, $resolution): void {
-    $lead->update([
-        'resolved_subject_code' => $resolution->subjectCode,
-        'region_source' => $resolution->source,
-        'dadata_qc' => $resolution->qc,
-        'phone_operator' => $resolution->phoneOperator,
-    ]);
-    $this->logRegionResolution($lead, $resolution); // INSERT lead_region_resolution_log
-});
-$matched = $router->matchEligibleProjects($supplier, $resolution->subjectCode);
-$selected = $distributor->selectRecipients($matched);
-```
-
-Удалить старый `$subjectCode = $tagResolver->resolve(...)`. `RegionTagResolver` остаётся injected (его использует `LeadRegionResolver` как fallback — DI цепочка). Приватный `logRegionResolution()` пишет в `lead_region_resolution_log` через `pgsql_supplier`, телефон маскируется (§7.1: `7XXX***YYYY`).
-
-- [ ] **Step 4: PASS.**
-- [ ] **Step 5: Коммит** `feat(region): wire LeadRegionResolver into RouteSupplierLeadJob + persist`.
-
-### Task 6.2 — Подмена subject_code на шаге 3 (TDD)
-
-- [ ] **Step 1: Падающий тест** — `routing_step=3` проект получает deal с `subject_code` = первый из `project->regions`, `region_substituted=true`; `lead_region_resolution_log.actual_subject_code` = настоящий резолв. `routing_step<3` → настоящий subjectCode, `region_substituted=false`.
-- [ ] **Step 2: FAIL.**
-- [ ] **Step 3: Реализация** §3.10. `createDealCopyForProject` получает `RegionResolution $resolution` (вместо `?int $subjectCode`). Внутри:
-
-```php
-$dealSubjectCode = ($project->routing_step ?? 1) < 3
-    ? $resolution->subjectCode
-    : $this->pickSubstituteRegion($project, $resolution->subjectCode);
-$dealRegionSubstituted = ($project->routing_step ?? 1) === 3;
-// Deal::create([... 'subject_code'=>$dealSubjectCode, 'phone_operator'=>$resolution->phoneOperator, 'region_substituted'=>$dealRegionSubstituted])
-```
-
-`pickSubstituteRegion(Project $p, ?int $resolved): ?int` — пустой `$p->regions` → `$resolved`; иначе `$p->regions[0]`. Дописать `lead_region_resolution_log` UPDATE с `routing_step`/`actual_subject_code`/`substituted_subject_code` (или включить в Task 6.1 лог — решить при сборке, лог пишется ПОСЛЕ маршрутизации когда routing_step известен; возможно перенести запись лога из 6.1 в конец handle()).
-
-> **NB порядок записи лога:** `routing_step` известен только ПОСЛЕ `matchEligibleProjects`. Значит INSERT в `lead_region_resolution_log` логичнее делать ПОСЛЕ цикла (с агрегатом routing_step) ИЛИ писать базовую строку в 6.1 и UPDATE'ить routing-поля после. Выбрать: **одна строка на лид** пишется в конце `handle()` с финальными routing-полями (subject_code лида один, routing_step берётся от первого selected-проекта или max). Зафиксировать решение в коммите.
-
-- [ ] **Step 4: PASS.**
-- [ ] **Step 5: Коммит** `feat(region): step-3 fallback subject_code substitution + region_substituted`.
-
-### Task 6.3 — CSV-merge update по рангу источника (TDD)
-
-- [ ] **Step 1: Падающий тест** — CSV-recovered deal `region_source='tag'`, subject_code=99; webhook даёт `dadata` subject=82 → merge обновляет subject_code/phone_operator/region_source (rank 4>2). Равный/худший ранг → НЕ обновляет.
-- [ ] **Step 2: FAIL.**
-- [ ] **Step 3: Реализация** §3.12 в merge-блоке (строки 340-369). При наличии `$existingMergeable` и нового `$resolution`: сравнить `RegionResolution::SOURCE_RANK`, если новый выше — добавить `subject_code`/`phone_operator`/`region_source` в `DB::table('deals')->where('id')->where('received_at')->update([...])`. **Сохранить `received_at` в WHERE** (partition pruning + FK, как в существующем коде, строки 357-360).
-- [ ] **Step 4: PASS.**
-- [ ] **Step 5: Коммит** `feat(region): CSV-merge updates subject_code/operator by source rank`.
-
-### Task 6.4 — Staging-smoke команда + метрики
-
-- [ ] **Step 1:** `PhoneRegionSmokeCommand` (`phone-region:smoke --phone=...`) §9.4 — дёргает живой DaData+Россвязь, печатает решение, НЕ пишет в БД. Тест: команда с `Http::fake` печатает структуру.
-- [ ] **Step 2:** Метрики §8.1 — инкременты `phone_resolution.source.*` / `dadata.qc.*` / `cache.{hit,miss}` через существующий механизм метрик проекта (проверить как проект шлёт в Sentry/Prometheus — grep `metric`/`Sentry::` в `app/app/Services`). Если механизма нет — отложить в отдельную задачу, отметить в коммите.
-- [ ] **Step 3: Коммит** `feat(region): staging smoke command + resolution metrics`.
-
-### Task 6.5 — Регрессия + handoff раскатки
-
-- [ ] **Step 1:** Полная регрессия затронутого слоя: `cd app && ./vendor/bin/pest tests/Unit/Services tests/Feature/Services tests/Feature/Jobs tests/Feature/Migrations`. GREEN.
-- [ ] **Step 2:** `superpowers:requesting-code-review` на весь диапазон фичи.
-- [ ] **Step 3:** Документ-handoff раскатки (§10): порядок прод-шагов (миграция → импорт реестра → деплой с `LEAD_REGION_RESOLVER_ENABLED=false` → 1% → 100%), включая `DADATA_API_KEY`/`DADATA_SECRET` в YC Lockbox. Файл: `docs/superpowers/runbooks/2026-05-31-lead-region-resolution-rollout.md`.
-- [ ] **Step 4: Финальный коммит + PR.** `superpowers:finishing-a-development-branch`.
-
-**Session 6 завершение:** вся фича зелёная, code-review пройден, runbook готов. Фактический первый импорт реестра Россвязи + раскатка — оператором по runbook, ВНЕ этого плана.
-
----
-
-## Self-Review (выполнено автором плана)
-
-**Spec coverage:** §3.3 резолвер→Session 4; §3.4/§3.4.1 qc+ambiguous→Session 4; §3.7 Россвязь→Session 2; §3.6 DaData→Session 3; §3.9 каскад→Session 5; §3.10 подмена→Session 6.2; §3.11 persist/idempotency→Session 6.1; §3.12 CSV-merge→Session 6.3; §3.13 rate-limit→Session 3.4; §4 схема→Session 1; §5 config→Session 3.1; §6 импорт→Session 2.2; §8 метрики→Session 6.4; §9 тесты→распределены; §11 бюджет→config+guard Session 3. **Gap:** §7 (152-ФЗ маскирование) — покрыто частично (phone_masked в логе, Session 6.1); pg_anonymizer-маски (§7.2) НЕ выделены в задачу → **добавить в Session 1 Task 1.3 как комментарий схемы ИЛИ отдельную задачу раскатки** (low-risk, отметить для заказчика).
-
-**Type consistency:** `RegionResolution` поля (`subjectCode`/`source`/`phoneOperator`/`qc`/`actualSubjectCode`) согласованы между Session 4 (определение), Session 5 (роутер не зависит от DTO), Session 6 (потребитель). `routing_step` — атрибут на `Project` (Session 5 пишет, Session 6 читает). `SOURCE_RANK` — один источник в `RegionResolution` (Session 4), потребляется в Session 6.3.
-
-**Placeholders:** DDL, сигнатуры, имена тестов, точка интеграции — конкретны. Полные TDD-шаги для рутинных тестов внутри Session 4/6 описаны именами кейсов + поведением; при subagent-driven-development каждый кейс разворачивается исполнителем в write→fail→implement→pass (имена и ожидаемое поведение заданы точно).
-
----
-
-## Порядок выполнения и ветки
-
-1. Все 6 сессий — на одной ветке `feat/lead-region-resolution`, последовательно.
-2. Каждая сессия = отдельный subagent-driven-development прогон с ревью между задачами (Pravila §15.1 — субагенты git только Sonnet/Opus, верификация commit-базы после каждого).
-3. Между сессиями — пауза/чекпойнт заказчику (можно разнести по календарным дням).
-4. Изоляция от параллельных сессий: если router-gate v4 streams ещё активны — работать в worktree (`superpowers:using-git-worktrees`), мерж в main отдельным чекпойнтом.
diff --git a/docs/superpowers/plans/2026-05-29-supplier-webhook-fast-fail-and-stuck-cleanup.md b/docs/superpowers/plans/2026-05-29-supplier-webhook-fast-fail-and-stuck-cleanup.md
deleted file mode 100644
index 8734006..0000000
--- a/docs/superpowers/plans/2026-05-29-supplier-webhook-fast-fail-and-stuck-cleanup.md
+++ /dev/null
@@ -1,427 +0,0 @@
-# Supplier webhook fast-fail + stuck leads cleanup Implementation Plan
-
-> **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
-
-**Goal:** Остановить retry-шторм в `failed_webhook_jobs` (256k записей от 2 застрявших supplier_leads id=1110, 1157) через (а) минимальный resolve этих 2 + (б) код-фикс на fast-fail для будущих случаев, чтобы один битый лид не генерировал >100 000 retry-записей в день.
-
-**Architecture:** Шторм имеет два слоя:
-
-1. **Data layer** — 2 supplier_leads с `error LIKE '%does not support%'` имеют `processed_at IS NULL` → поставщик при каждом новом webhook'е/CSV-recovery их видит как «нужно повторить» → пишет новую попытку обработки → 3 retries → 1 строка в failed_webhook_jobs. Решение: `UPDATE supplier_leads SET processed_at=NOW(), error=...` чтобы пометить как terminal-failed.
-2. **Application logic layer** — `SupplierLeadRouter` (или эквивалент) при получении webhook'а проверяет `chk_supplier_projects_b1_not_for_sms` constraint и кидает Exception **без проверки** что этот же supplier_lead уже failed N раз с тем же message. Решение: short-circuit в job handler — если supplier_lead.error содержит «does not support» и нет нового события (new vid / different signal_identifier), пропускаем без retry.
-
-**Tech Stack:** PHP 8.3 / Laravel 13, PostgreSQL 16, Pest 4, Queue jobs (Redis backend).
-
-**Контекст находки:** docs/superpowers/plans/2026-05-29-stage5-monitoring-checklist.md → day 1 → Finding 2. Полный data dump — GitHub Actions run `26616602381` artifact `investigate-day1-round3/investigate3.log`. Распределение failed_webhook_jobs:
-
-```
-sl_id=1110 — 152 464 fails за 24h (phone 7933***4038, project «&lt;client-project&gt;.рф», B1+SMS-tag «ваши деньги»)
-sl_id=1157 — 104 318 fails за 24h (тот же phone+project, source=webhook+vid)
-все остальные sl_id — по 1 fail (норма)
-```
-
-Все 5 supplier_projects.platform='B1' имеют signal_type='call' — нет ни одной B1+SMS записи (constraint chk не позволяет). Поставщик crm.bp-gr.ru шлёт нам этот лид как **SMS-tag «ваши деньги»** → не находит matching supplier_project → Exception.
-
-**Hypothesis:** Либо у поставщика legacy mapping (тэг «ваши деньги» исторически отправлялся как SMS, но клиент перешёл на call-канал в B1 без обновления mapping'а на стороне поставщика), либо это новый клиент с настройкой которая мы должны разрешить (но constraint запрещает).
-
-**Out of scope этого плана:** разговор с поставщиком про правильный mapping. Этот план — техническая защита от подобных штормов независимо от того что поставщик пришлёт.
-
----
-
-## Task 1: Manual cleanup застрявших лидов (5 минут)
-
-**Files:**
-
-- Create: `.github/workflows/sql-runner.yml` (универсальный SQL-runner для прод-операций)
-- Create: `docs/ops/2026-05-29-stage5-stuck-leads-cleanup.md` (rollback log)
-
-- [ ] **Step 1: SQL-runner workflow** (расширение GH Actions для произвольных whitelisted SQL запросов)
-
-```yaml
-name: Run whitelisted SQL on liderra.ru
-
-on:
-  workflow_dispatch:
-    inputs:
-      sql:
-        description: 'SQL query (SELECT only by default; UPDATE/DELETE need confirm_mutating=true)'
-        required: true
-        type: string
-      confirm_mutating:
-        description: 'Подтверждаю UPDATE/DELETE на проде'
-        required: false
-        default: false
-        type: boolean
-
-jobs:
-  run:
-    runs-on: ubuntu-latest
-    timeout-minutes: 10
-    env:
-      LIDERRA_HOST: 111.88.246.137
-      LIDERRA_USER: ubuntu
-      SQL: ${{ github.event.inputs.sql }}
-      CONFIRM_MUT: ${{ github.event.inputs.confirm_mutating }}
-
-    steps:
-      - name: Whitelist check
-        run: |
-          set -euo pipefail
-          SQL_LOWER=$(echo "$SQL" | tr '[:upper:]' '[:lower:]' | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
-
-          # Allow: SELECT / WITH (CTE) / \d / EXPLAIN
-          READ_RE='^(select |with |explain |\\d|\\df|\\di|\\dt)'
-
-          # Mutating allowed if confirm=true: targeted UPDATE/DELETE on specific tables
-          MUTATING_RE='^(update supplier_leads|update failed_webhook_jobs|update scheduler_heartbeats|delete from failed_webhook_jobs|delete from incidents_log) '
-
-          if [[ "$SQL_LOWER" =~ $READ_RE ]]; then
-            echo "::notice::SELECT/read-only — allowed."
-            exit 0
-          fi
-
-          if [[ "$SQL_LOWER" =~ $MUTATING_RE ]]; then
-            if [[ "$CONFIRM_MUT" != "true" ]]; then
-              echo "::error::Mutating SQL requires confirm_mutating=true."
-              exit 1
-            fi
-            echo "::warning::Mutating SQL authorized."
-            exit 0
-          fi
-
-          echo "::error::SQL not in whitelist: $SQL_LOWER"
-          exit 1
-
-      - name: Setup SSH key
-        run: |
-          mkdir -p ~/.ssh
-          echo "${{ secrets.LIDERRA_SSH_KEY }}" > ~/.ssh/liderra_deploy
-          chmod 600 ~/.ssh/liderra_deploy
-          ssh-keyscan -H ${{ env.LIDERRA_HOST }} >> ~/.ssh/known_hosts 2>/dev/null
-
-      - name: Run on prod
-        run: |
-          set -o pipefail
-          SQL_B64=$(printf '%s' "$SQL" | base64 -w0)
-          ssh -i ~/.ssh/liderra_deploy ${{ env.LIDERRA_USER }}@${{ env.LIDERRA_HOST }} \
-            "SQL_B64='$SQL_B64' bash -s" <<'REMOTE' | tee /tmp/sql.log
-            SQL=$(echo "$SQL_B64" | base64 -d)
-            echo "=== Running on $(hostname) at $(date -u) ==="
-            echo "SQL: $SQL"
-            echo
-            sudo -u postgres psql -d liderra -c "$SQL"
-            RC=$?
-            echo
-            echo "=== Exit code: $RC ==="
-            exit $RC
-          REMOTE
-
-      - name: Summary
-        if: always()
-        run: |
-          {
-            echo "## SQL on prod"
-            echo
-            echo '```sql'
-            echo "$SQL"
-            echo '```'
-            echo
-            echo '```'
-            cat /tmp/sql.log 2>/dev/null
-            echo '```'
-          } >> "$GITHUB_STEP_SUMMARY"
-
-      - name: Cleanup
-        if: always()
-        run: rm -f ~/.ssh/liderra_deploy
-```
-
-- [ ] **Step 2: Snapshot before mutation**
-
-Через `gh workflow run sql-runner.yml -f sql="SELECT id, phone, error, processed_at FROM supplier_leads WHERE id IN (1110, 1157);"` — сохранить вывод в `docs/ops/2026-05-29-stage5-stuck-leads-cleanup.md` для rollback.
-
-- [ ] **Step 3: Resolve stuck supplier_leads**
-
-```
-gh workflow run sql-runner.yml \
-  -f sql="UPDATE supplier_leads SET processed_at = NOW(), error = COALESCE(error,'') || ' [admin-resolved 2026-05-29: B1+SMS unsupported, see plan 2026-05-29-supplier-webhook-fast-fail]' WHERE id IN (1110, 1157) AND processed_at IS NULL;" \
-  -f confirm_mutating=true
-```
-
-Expected: 2 rows updated.
-
-- [ ] **Step 4: Resolve связанные failed_webhook_jobs**
-
-```
-gh workflow run sql-runner.yml \
-  -f sql="UPDATE failed_webhook_jobs SET resolved_at = NOW(), retried_by = 'admin-cleanup-2026-05-29' WHERE raw_payload->>'supplier_lead_id' IN ('1110','1157') AND resolved_at IS NULL;" \
-  -f confirm_mutating=true
-```
-
-Expected: ~256 000 rows updated.
-
-- [ ] **Step 5: Verify**
-
-```
-gh workflow run sql-runner.yml \
-  -f sql="SELECT COUNT(*) FROM failed_webhook_jobs WHERE failed_at > NOW() - INTERVAL '1 hour' AND resolved_at IS NULL;"
-```
-
-Через 1 час после Step 4: ожидаем count <100 (если поставщик продолжает слать те же 2 лида — будут новые попытки, Task 2 это закроет).
-
-- [ ] **Step 6: Commit + ops log**
-
-```
-git add .github/workflows/sql-runner.yml docs/ops/2026-05-29-stage5-stuck-leads-cleanup.md
-git commit -m "ops: cleanup 2 stuck supplier_leads (1110, 1157) + 256k failed_webhook_jobs (manual resolve, root cause: poставщик шлёт B1+SMS combo, constraint chk запрещает; Task 2 plan — fast-fail в job handler чтобы будущие подобные кейсы не нагнетали)"
-```
-
----
-
-## Task 2: Fast-fail в SupplierWebhookJob
-
-**Files:**
-
-- Locate: `app/app/Jobs/Supplier/ProcessSupplierWebhookJob.php` (или эквивалент — нужно найти конкретный класс)
-- Modify: добавить short-circuit в начале `handle()`
-- Test: `app/tests/Feature/Supplier/SupplierWebhookFastFailTest.php`
-
-- [ ] **Step 1: Locate the actual job class**
-
-```
-cd /var/www/liderra/app
-grep -rln "failed_webhook_jobs" app/ | head -5
-grep -rln "does not support SMS" app/ | head -5
-```
-
-Найти PHP файл где Exception про «B1 does not support SMS» бросается. Записать точный путь.
-
-- [ ] **Step 2: Failing test**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace Tests\Feature\Supplier;
-
-use App\Jobs\Supplier\ProcessSupplierWebhookJob; // или реальное имя
-use App\Models\SupplierLead;
-use App\Models\Tenant;
-use Illuminate\Support\Facades\DB;
-use Tests\TestCase;
-
-it('webhook job fast-fails when supplier_lead already errored with does-not-support', function (): void {
-    $tenant = Tenant::factory()->create();
-    DB::statement("SET LOCAL app.current_tenant_id = " . $tenant->id);
-
-    $lead = SupplierLead::factory()->create([
-        'platform' => 'B1',
-        'phone' => '7933***4038',
-        'raw_payload' => ['tag' => 'ваши деньги', 'project' => 'B1_&lt;client-project&gt;.рф'],
-        'error' => 'B1 platform does not support SMS signals (supplier limitation: chk_supplier_projects_b1_not_for_sms)',
-        'processed_at' => null,
-    ]);
-
-    $startFails = DB::table('failed_webhook_jobs')->count();
-
-    // Dispatch handler synchronously — should fast-fail without writing failed_webhook_jobs
-    $job = new ProcessSupplierWebhookJob($lead->id);
-    $job->handle();
-
-    $endFails = DB::table('failed_webhook_jobs')->count();
-    expect($endFails)->toBe($startFails); // 0 new failures
-    expect($lead->fresh()->processed_at)->not->toBeNull(); // marked processed
-});
-
-it('webhook job processes lead normally when error is empty or transient', function (): void {
-    $tenant = Tenant::factory()->create();
-    DB::statement("SET LOCAL app.current_tenant_id = " . $tenant->id);
-
-    $lead = SupplierLead::factory()->create([
-        'platform' => 'B1',
-        'error' => null,
-        'processed_at' => null,
-    ]);
-
-    $job = new ProcessSupplierWebhookJob($lead->id);
-    // Этот тест может бросить (нет matching project) — главное что fast-fail НЕ срабатывает
-    try { $job->handle(); } catch (\Throwable) {}
-
-    // Lead либо processed (matched), либо вернулся в queue — но fast-fail terminal mark не произошёл
-    $fresh = $lead->fresh();
-    $isFastFailed = $fresh->processed_at !== null && str_contains($fresh->error ?? '', 'fast-failed');
-    expect($isFastFailed)->toBeFalse();
-});
-```
-
-- [ ] **Step 3: Run failing test**
-
-Expected: FAIL — fast-fail логики нет, обработчик идёт по обычному пути, ловит Exception, пишет в failed_webhook_jobs.
-
-- [ ] **Step 4: Implementation — short-circuit в handle()**
-
-В найденном на Step 1 классе (предположим `ProcessSupplierWebhookJob`):
-
-```php
-public function handle(): void
-{
-    $lead = SupplierLead::find($this->supplierLeadId);
-    if ($lead === null) {
-        return;
-    }
-
-    // Fast-fail: if lead already failed with a terminal error and no new
-    // distinguishing data arrived, mark processed and exit.
-    // Closes failed_webhook_jobs storm class (Finding 2 plan).
-    $isTerminal = $lead->error !== null && (
-        str_contains($lead->error, 'does not support')
-        || str_contains($lead->error, 'platform mismatch')
-        || str_contains($lead->error, 'no matching supplier_project')
-    );
-    if ($isTerminal && $lead->processed_at === null) {
-        $lead->update([
-            'processed_at' => now(),
-            'error' => $lead->error . ' [fast-failed by ProcessSupplierWebhookJob]',
-        ]);
-        return;
-    }
-
-    // Existing normal flow...
-}
-```
-
-- [ ] **Step 5: Run test, expect PASS**
-
-Expected: PASS — fast-fail path активируется когда lead.error содержит terminal-pattern и processed_at IS NULL → НЕ пишет в failed_webhook_jobs → marks processed.
-
-- [ ] **Step 6: Commit**
-
-```
-git add app/app/Jobs/Supplier/ProcessSupplierWebhookJob.php app/tests/Feature/Supplier/SupplierWebhookFastFailTest.php
-git commit -m "feat(supplier): fast-fail in webhook job for terminal errors (closes 256k failed_webhook_jobs storm class — if supplier_lead.error contains 'does not support'/'platform mismatch'/'no matching supplier_project' and processed_at IS NULL, mark processed and exit without writing failed_webhook_jobs)"
-```
-
----
-
-## Task 3: Метрика и алерт на новый шторм
-
-**Files:**
-
-- Modify: `app/app/Console/Commands/IncidentsWatchFailures.php` (порог per-supplier_lead_id)
-
-- [ ] **Step 1: Failing test**
-
-```php
-<?php
-
-declare(strict_types=1);
-
-namespace Tests\Feature\Incidents;
-
-use Illuminate\Support\Facades\DB;
-use Tests\TestCase;
-
-it('watch-failures detects single-lead storm (>=1000 failures per supplier_lead_id in 1h)', function (): void {
-    // Insert 1500 failed_webhook_jobs for the same sl_id
-    $rows = [];
-    for ($i = 0; $i < 1500; $i++) {
-        $rows[] = [
-            'raw_payload' => json_encode(['supplier_lead_id' => 9999]),
-            'exception' => 'Test storm',
-            'retry_count' => 3,
-            'failed_at' => now()->subMinutes(rand(1, 30)),
-        ];
-    }
-    DB::connection('pgsql_supplier')->table('failed_webhook_jobs')->insert($rows);
-
-    $exitCode = $this->artisan('incidents:watch-failures')->run();
-    expect($exitCode)->toBe(0); // command succeeds
-
-    // Incident logged for the storm
-    $incident = DB::table('incidents_log')
-        ->where('root_cause', 'LIKE', '%single-lead-storm%')
-        ->orderByDesc('created_at')
-        ->first();
-    expect($incident)->not->toBeNull();
-    expect($incident->severity)->toBe('high');
-});
-```
-
-- [ ] **Step 2-5: Implement single-lead-storm detection** в `incidents:watch-failures` (новый порог `--threshold-single-lead=1000`)
-
-- [ ] **Step 6: Commit**
-
----
-
-## Task 4: Deploy + verify
-
-> **NB (2026-05-29):** Task 2 — PHP-код fast-fail в RouteSupplierLeadJob.
-> Task 3 — опция --threshold-single-lead в incidents:watch-failures.
-> **Миграций нет** — только PHP. Деплой активирует fast-fail немедленно.
-
-- [ ] **Step 1: Merge + деплой**
-
-```bash
-# Controller merges agent branch to main, then:
-gh workflow run deploy.yml --ref main
-```
-
-- [ ] **Step 2: Manual cleanup застрявших лидов (Task 1 Steps 3-4)**
-
-```bash
-# UPDATE 2 stuck supplier_leads (processed_at IS NULL)
-gh workflow run sql-runner.yml \
-  -f sql="UPDATE supplier_leads SET processed_at = NOW(), error = COALESCE(error,'') || ' [admin-resolved 2026-05-29: B1+SMS unsupported, see plan 2026-05-29-supplier-webhook-fast-fail]' WHERE id IN (1110, 1157) AND processed_at IS NULL;" \
-  -f confirm_mutating=true
-
-# UPDATE ~256k failed_webhook_jobs (mark resolved)
-gh workflow run sql-runner.yml \
-  -f sql="UPDATE failed_webhook_jobs SET resolved_at = NOW(), retried_by = 'admin-cleanup-2026-05-29' WHERE raw_payload->>'supplier_lead_id' IN ('1110','1157') AND resolved_at IS NULL;" \
-  -f confirm_mutating=true
-```
-
-  Заполнить лог в `docs/ops/2026-05-29-stage5-stuck-leads-cleanup.md`.
-
-- [ ] **Step 3: Verify storm stopped (через 1 час после Step 2)**
-
-```bash
-gh workflow run sql-runner.yml \
-  -f sql="SELECT COUNT(*) FROM failed_webhook_jobs WHERE failed_at > NOW() - INTERVAL '1 hour' AND resolved_at IS NULL;"
-```
-
-  Expected: < 100. Если поставщик шлёт те же лиды повторно:
-  - 1-й webhook → новый SupplierLead (error=NULL) → ≤3 retries → failed() записывает error
-  - Следующий retry (RetryFailedSupplierJobsCommand) → fast-fail срабатывает → processed
-  - Net: ≤3 строки failed_webhook_jobs вместо 256k.
-
-- [ ] **Step 4: Verify incidents:watch-failures алерт**
-
-```bash
-gh workflow run sql-runner.yml \
-  -f sql="SELECT root_cause, severity, detected_at FROM incidents_log WHERE root_cause LIKE '%single-lead-storm%' ORDER BY detected_at DESC LIMIT 5;"
-```
-
-- [ ] **Step 5: Memory update**
-  - `project_state.md` — запись о Task 2+3+4 closure
-  - новый `memory/feedback_supplier_webhook_fast_fail.md` — паттерн + поведение шторма
-
----
-
-## Self-review
-
-**Spec coverage:**
-
-- ✅ Остановить шторм на 1110/1157 → Task 1 manual resolve.
-- ✅ Запретить будущим подобным лидам нагнетать → Task 2 fast-fail.
-- ✅ Алерт если новый шторм всё-таки случится → Task 3 single-lead-storm threshold.
-- ⚠️ Out of scope: связаться с поставщиком про правильный mapping B1+«ваши деньги» — это бизнес-задача, не код.
-
-**Risks/edge cases:**
-
-- Task 2 фaст-fail срабатывает на любую ошибку содержащую «does not support» / «platform mismatch» / «no matching supplier_project». **Риск:** если эти patterns появятся transient'ом (например БД временно недоступна → пишет такую ошибку, лид кажется terminal'ным), мы ошибочно пометим processed. Mitigation: список patterns короткий и специфичный, для transient ошибок используется retry с другими error message.
-- Task 1 Step 4 update 256k rows — может занять несколько минут на проде. БД 16 GB, table small column count. Verify perf на dev перед prod.
-- Task 1 SQL-runner whitelist разрешает UPDATE/DELETE на 5 конкретных таблиц с confirm. Перед merge'ом — review кем именно из админ-аккаунтов GH Actions можно запускать workflow_dispatch (`Settings → Actions → Workflow permissions`).
-
-**Что НЕ покрыто (out of scope):**
-
-- Структурная проблема «constraint vs supplier mapping» — нужно решение от бизнес-сторон (либо снять constraint chk и позволить B1+SMS, либо договориться с поставщиком о mapping). Этот план — техническая защита, не бизнес-решение.
diff --git a/docs/superpowers/specs/2026-05-09-sprint1-hygiene-design.md b/docs/superpowers/specs/2026-05-09-sprint1-hygiene-design.md
deleted file mode 100644
index 3c97f88..0000000
--- a/docs/superpowers/specs/2026-05-09-sprint1-hygiene-design.md
+++ /dev/null
@@ -1,347 +0,0 @@
-# Spec: Спринт 1 «Hygiene» — исправление дефектов аудита 2026-05-09
-
-**Версия:** 1.0
-**Дата:** 09.05.2026
-**Автор:** Claude Code (skill: superpowers:brainstorming)
-**Заказчик:** Дмитрий
-**Статус:** черновик, ждёт review заказчика
-
-## 1. Цель
-
-Закрыть быстрые/безопасные находки аудита [docs/audit_2026-05-09.md](../../audit_2026-05-09.md) (commit `b6ae8dd`):
-
-- **Все 3 P0** (security/RLS + сломанный конфиг) — обязательно.
-- **10 из 12 P1** (P1-10/P1-11 → реестр, не правки).
-- **Все 3 P2** (мелочи).
-- **6 low-risk O-\*** (effort=S, risk=low): 2 missing FK indices, password rules trait, ESLint anti-vuetify-import, npm outdated CI workflow, font-display docs.
-
-**Не входит в Sprint 1:** все большие рефакторинги (DealController/AuthController/12 Vue-компонентов >300 строк), все O-perf кроме индексов, любые миграции стека (Pest 4 browser-tests, Vue 3.5 фичи). Это Спринт 2/3 — отдельный flow.
-
-**Wall-clock:** 3-5 часов агентов в субагентном режиме.
-
-## 2. Scope — 22 правки + 3 записи в реестр
-
-### Дефекты (16)
-
-- **3 P0:** P0-01, P0-02, P0-03
-- **10 P1:** P1-01, P1-02, P1-03, P1-04, P1-05, P1-06, P1-07, P1-08, P1-09, P1-12
-- **3 P2:** P2-01, P2-02, P2-03
-
-### Out-of-scope (2 P1 → реестр без правок)
-
-- **P1-10** (auth на /api/deals) — добавить в `docs/Открытые_вопросы_v8_3.md` как новый CTO-вопрос pre-prod migration.
-- **P1-11** (auth на /api/admin) — уже = Б-1; добавить cross-link.
-
-### Возможности low-risk (6 из 24 O-\*)
-
-- **O-perf-02:** index `failed_webhook_jobs.webhook_log_id`
-- **O-perf-03:** index `rejected_deals_log.webhook_log_id`
-- **O-refactor-03:** `HasPasswordRules` trait для FormRequest
-- **O-refactor-05:** ESLint `no-restricted-imports` rule против `vuetify/components`
-- **O-stack-08:** GitHub Actions workflow с `npm outdated` (еженедельно)
-- **O-stack-09:** документация `font-display: swap` + WOFF2 в handoff
-
-## 3. Архитектура — 6 фаз / 6 коммитов
-
-```
-[A. DB]      → schema.sql v8.10 → v8.11 (RLS + 2 FK indices) + CHANGELOG_schema
-       ↓
-[B. Backend] → app/ register middleware + trait + test fix
-       ↓
-[C. Configs] → 6 config files (npm/lychee/pa11y/composer/eslint/ci)
-       ↓
-[D. Docs (narrative)] → README + CLAUDE.md + Pravila + Tooling + cspell-words
-       ↓
-[E. Docs (handoff)]   → BRANDBOOK + DEVELOPER_HANDOFF (status mapping + axe doc + font-display)
-       ↓
-[F. Registry] → Открытые_вопросы (CTO + Histoire-Vite trigger)
-```
-
-**Зависимости:**
-
-- B зависит от A (B упоминает CHANGELOG schema v8.11, который пишется в A).
-- D зависит от A (D обновляет метрики schema в README/CLAUDE.md).
-- E/F не зависят от A-D — могут идти параллельно после A-D, но для простоты выполняются последовательно.
-
-Каждая фаза — отдельный git commit со своим осмысленным scope. После каждой фазы (где применимо) — verification (см. §6).
-
-## 4. Детальный scope по фазам
-
-### Фаза A — DB
-
-**Файлы:** `db/schema.sql`, `db/CHANGELOG_schema.md`.
-
-**Изменения:**
-
-1. **P0-02:** добавить после `CREATE TABLE impersonation_tokens` (строка 510):
-
-   ```sql
-   ALTER TABLE impersonation_tokens ENABLE ROW LEVEL SECURITY;
-   CREATE POLICY tenant_isolation ON impersonation_tokens
-       USING (tenant_id = current_setting('app.current_tenant_id')::bigint);
-   ```
-
-2. **O-perf-02:** добавить после индексов `failed_webhook_jobs`:
-
-   ```sql
-   CREATE INDEX idx_failed_webhook_jobs_log ON failed_webhook_jobs(webhook_log_id);
-   ```
-
-3. **O-perf-03:** добавить после индексов `rejected_deals_log`:
-
-   ```sql
-   CREATE INDEX idx_rejected_deals_log_webhook ON rejected_deals_log(webhook_log_id);
-   ```
-
-4. **CHANGELOG_schema.md:** добавить запись v8.10 → v8.11 со ссылкой на audit P0-02 + O-perf-02/03.
-
-**Шапка schema.sql:** обновить версию v8.10 → v8.11, метрики 37 RLS → 38 RLS, 95 индексов → 97 индексов.
-
-**Verification:** squawk на schema.sql; повторный grep на ENABLE RLS = 40, POLICY = 38; визуальная проверка diff.
-
-### Фаза B — Backend
-
-**Файлы:** `app/app/Http/Kernel.php`, `app/routes/web.php`, `app/app/Http/Requests/Auth/Concerns/HasPasswordRules.php` (создать), `app/app/Http/Requests/Auth/LoginRequest.php`, `app/app/Http/Requests/Auth/RegisterRequest.php`, `app/tests/Feature/AdminIncidentsIndexTest.php`.
-
-**Изменения:**
-
-1. **P0-01:** в `app/Http/Kernel.php` зарегистрировать alias:
-
-   ```php
-   protected $middlewareAliases = [
-       // ... existing
-       'tenant' => \App\Http\Middleware\SetTenantContext::class,
-   ];
-   ```
-
-   В `routes/web.php` обернуть tenant-маршруты (Deal/Notification/Reminder/Report/Webhook) в группу `Route::middleware(['tenant'])->group(...)`. Сохранить тестовый flow с `tenant_id` query-param (через middleware читать оба источника: header + query).
-
-   **Risk note:** middleware дополняет, не заменяет существующий MVP-flow. На prod-миграции (Б-1) `tenant_id`-param будет удалён, останется только middleware.
-
-2. **O-refactor-03:** создать trait `HasPasswordRules`:
-
-   ```php
-   namespace App\Http\Requests\Auth\Concerns;
-
-   trait HasPasswordRules
-   {
-       protected function passwordRules(): array
-       {
-           return ['required', 'string', 'min:8'];
-       }
-   }
-   ```
-
-   Подключить в `LoginRequest::rules()` и `RegisterRequest::rules()`.
-
-3. **P2-01:** в `tests/Feature/AdminIncidentsIndexTest.php` заменить `bcrypt('test')` на `bcrypt('test1234')` (≥8 chars).
-
-**Verification:** `cd app && composer test` — Pest 416/416 PASS. `composer stan` — 0 errors.
-
-### Фаза C — Configs
-
-**Файлы:** `package.json`, `.lychee.toml`, `pa11y.config.json`, `app/composer.json`, `app/eslint.config.js` (или новый `.eslintrc-vuetify-rules.js`), `.github/workflows/dependency-check.yml` (создать).
-
-**Изменения:**
-
-1. **P0-03:** в `package.json:13` заменить `/tmp/schema-formatted.sql` на `db/.schema-formatted.tmp.sql`. Добавить `db/.schema-formatted.tmp.sql` в `.gitignore`.
-
-2. **P1-02:** в `.lychee.toml` добавить exclude для `web/v8/*.html` (root-relative ссылки концептов):
-
-   ```toml
-   exclude = [
-       # ... existing
-       "^/(login|register|legal|dashboard|deals|admin|reports|reminders|billing|impersonation|notifications)",
-   ]
-   ```
-
-3. **P1-12:** в `pa11y.config.json` обновить пути с `web/01-login.html` (несуществующих) на `liderra_v8_handoff/concepts/v8_*.html` (фактические).
-
-4. **P1-07:** в `app/composer.json` `scripts` добавить:
-
-   ```json
-   "audit-offline": "@composer audit --locked --no-network"
-   ```
-
-5. **O-refactor-05:** в `app/eslint.config.js` добавить правило `no-restricted-imports`:
-
-   ```js
-   {
-       'no-restricted-imports': ['error', {
-           paths: [{
-               name: 'vuetify/components',
-               message: 'Use auto-import via vite-plugin-vuetify (see vite.config.ts)',
-           }],
-       }],
-   }
-   ```
-
-6. **O-stack-08:** создать `.github/workflows/dependency-check.yml`:
-
-   ```yaml
-   name: Dependency Check
-   on:
-     schedule: [{ cron: '0 9 * * 1' }]  # каждый понедельник 09:00 UTC
-     workflow_dispatch:
-   jobs:
-     outdated:
-       runs-on: ubuntu-latest
-       steps:
-         - uses: actions/checkout@v4
-         - uses: actions/setup-node@v4
-           with: { node-version: '20' }
-         - run: npm install --ignore-scripts
-         - run: npm outdated --json > outdated.json || true
-         - name: Open issue if outdated
-           if: ${{ hashFiles('outdated.json') != '' }}
-           run: gh issue create --title "Weekly outdated check $(date)" --body "$(cat outdated.json)" --label dependencies
-           env: { GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} }
-   ```
-
-**Verification:** `npm run format:sql:check` (на Windows) — больше не «system cannot find path»; `npm run links` — 0 errors на `docs/**` (web/v8/* исключён); ESLint smoke на правках Vue-файлов; pre-commit hooks PASS.
-
-### Фаза D — Docs (narrative)
-
-**Файлы:** `README.md`, `CLAUDE.md`, `docs/Pravila_raboty_Claude_v1_1.md`, `docs/Tooling_v8_3.md`, `cspell-words.txt`.
-
-**Изменения:**
-
-1. **P1-01:** в `README.md:83-90` синхронизировать с CLAUDE.md:
-   - Tooling v1.0 → v1.10
-   - Pravila v1.2 → v1.6
-   - schema v8.5 → v8.11 (после Фазы A)
-   - 54 таблицы / 91 индекс / 34 RLS → 56 таблиц / 97 индексов / 38 RLS (после Фазы A)
-
-2. **P1-03:** в `CLAUDE.md:192` (и §3.3) обновить «Histoire 21/28» → «Histoire 21/43».
-
-3. **P1-06:** в `docs/Pravila_raboty_Claude_v1_1.md:613` (приблизительно) добавить версию в ссылку: `[Plugin_stack_rules_v1.md](Plugin_stack_rules_v1.md) (v1.3)`.
-
-4. **P1-08:** в `docs/Tooling_v8_3.md` Прил. Н §4.2 п.22 дополнить: `stylelint-config-standard ^40.0.0`.
-
-5. **P2-02:** добавить `ребрендинга` в `cspell-words.txt`. (**Уже добавлено** во время self-review аудита 09.05.2026 — verify, не дублировать.)
-
-6. **P2-03:** в шапку `CLAUDE.md` рядом с упоминанием «6 трений F–K» добавить ссылку: «(детали в [Plugin_stack_rules_v1.md История версий](../../Plugin_stack_rules_v1.md))».
-
-**CLAUDE.md правки — через `claude-md-management:claude-md-improver`** (CLAUDE.md §5 п.10 — единственный путь). Pravila/Tooling — то же самое (плагин охватывает их по §0 priority chain).
-
-**Verification:** `npm run check:docs` (markdownlint + cspell + lychee + a11y); pre-commit hooks PASS.
-
-### Фаза E — Docs (handoff)
-
-**Файлы:** `liderra_v8_handoff/docs/BRANDBOOK_v2.md`, `liderra_v8_handoff/docs/DEVELOPER_HANDOFF.md`.
-
-**Изменения:**
-
-1. **P1-04:** в `DEVELOPER_HANDOFF.md:430+518` явно указать дату прогона axe-core (если есть в архиве) или пометить как «требует подтверждения после фикса pa11y.config (см. P1-12)». Не удалять заявление, но связать с воспроизводимым evidence.
-
-2. **P1-05:** в `BRANDBOOK_v2.md` после §3.6 (14 OKLCH-статусов) добавить таблицу:
-
-   | Slug (schema) | Имя BRANDBOOK | OKLCH | Статус-код |
-   |---|---|---|---|
-   | new | Новая | ... | ... |
-   | viewed | Просмотрена | ... | ... |
-   | ... (14 строк всего) | | | |
-
-   Извлечь slug'и из `db/schema.sql:2172-2186` (INSERT lead_statuses), сопоставить с 14 цветами BRANDBOOK по hue-порядку. Если сопоставление неоднозначно — оставить TODO с явным вопросом дизайнеру.
-
-3. **O-stack-09:** в `DEVELOPER_HANDOFF.md:250-258` (§4 Типографика) добавить раздел «Font loading strategy»:
-   - Объяснить `&display=swap` (FOUT, fallback сразу).
-   - WOFF2 формат по умолчанию из Google Fonts (лучше сжатие).
-   - `<link rel="preconnect">` на `fonts.gstatic.com` для ускорения.
-
-**Verification:** `npm run check:docs`; визуальная проверка таблицы.
-
-**Note:** handoff правки — в репозитории `liderra_v8_handoff/`. Если этот dir не входит в наш git (sub-module / external) — Фаза E пропускается, фиксируется как «требует push в handoff-репо отдельно».
-
-### Фаза F — Registry
-
-**Файлы:** `docs/Открытые_вопросы_v8_3.md`.
-
-**Изменения:**
-
-1. **P1-10 → новый CTO-вопрос:**
-
-   ```markdown
-   ### CTO-XX (новый, открыт 09.05.2026)
-   **Заголовок:** auth+tenant middleware на /api/deals на pre-prod миграции
-   **Контекст:** MVP использует tenant_id query-param. На prod-миграции
-   обязательно перейти на header `X-Tenant-Id` + middleware('tenant').
-   **Trigger закрытия:** prod-миграция (после Б-1).
-   **Связанные находки:** audit_2026-05-09.md P1-10.
-   ```
-
-2. **P1-11 → cross-link к Б-1:**
-
-   ```markdown
-   В разделе Б-1 (admin SSO) добавить упоминание /api/admin/* без auth = тот же блокер.
-   ```
-
-3. **P1-09 → новый OPEN-вопрос:**
-
-   ```markdown
-   ### OPEN-XX — Histoire ↔ Vite 8 миграционный долг
-   **Контекст:** Histoire 1.0-beta.1 установлен через --legacy-peer-deps.
-   **Trigger закрытия:** релиз Histoire с peerDep `vite ^8`.
-   ```
-
-**Verification:** `npm run links` — 0 errors на новые ссылки.
-
-## 5. Definition of Done
-
-Sprint 1 завершён, когда:
-
-1. ✅ Все 22 правки из §2 + §4 применены, по одной фазе на коммит.
-2. ✅ `cd app && composer test` — Pest 416/416 PASS (после Фазы B).
-3. ✅ `cd app && composer stan` — 0 errors above baseline.
-4. ✅ `cd app && npm run type-check` — 0 type errors.
-5. ✅ `cd app && npm run test:vue` — Vitest 393/393 PASS.
-6. ✅ `npm run check:docs` (markdownlint + cspell + lychee + a11y) — 0 errors.
-7. ✅ Pre-commit hooks lefthook PASS на каждом коммите.
-8. ✅ schema метрики обновлены до v8.11 (38 RLS / 97 индексов).
-9. ✅ Git log: 6 коммитов с осмысленными scope-сообщениями.
-10. ✅ После Фазы F: 3 новые/обновлённые записи в `docs/Открытые_вопросы_v8_3.md`.
-
-**Не входит в DoD:**
-
-- Реализация O-* за пределами 6 заявленных.
-- Прогон Pa11y на handoff концептах (требует браузер-сессии — следствие P1-12 fix, может быть pre-prod manual step).
-- Спринт 2/3 (modernization, big refactors).
-
-## 6. Бюджет
-
-| Фаза | Wall-clock |
-|---|---|
-| A. DB | 15-20 мин |
-| B. Backend | 30-40 мин |
-| C. Configs | 30-40 мин |
-| D. Docs (narrative) | 30-45 мин (через claude-md-management) |
-| E. Docs (handoff) | 30-45 мин |
-| F. Registry | 10-15 мин |
-| **Итого** | **2.5-3.5 часа** |
-
-## 7. Риски
-
-- **Риск:** RLS-policy на impersonation_tokens может сломать существующие тесты, если они не используют `SET LOCAL app.current_tenant_id`. Митигация: после Фазы A прогнать Pest, если что-то падает — добавить `SET LOCAL` в test setup.
-- **Риск:** SetTenantContext middleware регистрация может перехватить тестовые маршруты с tenant_id query-param. Митигация: в Фазе B middleware читает оба источника (header + query) до prod-миграции.
-- **Риск:** Фаза E (handoff) может попасть в внешний репозиторий — если так, фаза формально пропускается с пометкой «требует ручной push».
-- **Риск:** Фаза D правки CLAUDE.md/Pravila обязательно через `claude-md-management:claude-md-improver` (CLAUDE.md §5 п.10). Прямые Edit/Write этих файлов без skill = нарушение.
-
-## 8. Плагины и MCP
-
-| Плагин / Skill | Применение |
-|---|---|
-| `superpowers:writing-plans` | Сразу после approve этого spec'а (для implementation plan) |
-| `superpowers:subagent-driven-development` | Исполнение plan'а в этой же сессии |
-| `superpowers:verification-before-completion` | После каждой фазы перед коммитом |
-| `claude-md-management:claude-md-improver` | **Обязательно** для Фазы D правок CLAUDE.md/Pravila/Tooling (CLAUDE.md §5 п.10) |
-| `laravel-boost` MCP | По необходимости в Фазе B (Eloquent, маршруты) |
-| `github` MCP | По необходимости в Фазе C для GitHub Actions workflow |
-| Frontend Design plugin | НЕ призывается (R10: аудит-фиксы ≠ дизайн) |
-| simplify / security-review / review / init / ui-ux-pro-max | НЕ призываются (R10: только по явному /команде) |
-
-## 9. Не входит в этот spec
-
-- Спринт 2 «Modernization» (Pest 4 browser/mutation, Vue 3.5 фичи, Vuetify 3.12 типизированные слоты, Laravel 13 lazy-loading) — отдельный spec→plan→execute.
-- Спринт 3 «Big refactors» (DealController split, AuthController split, 12 Vue-компонентов >300 строк, OFFSET → keyset, export streaming, CLAUDE.md §0 reorg) — отдельный spec→plan→execute.
-- Pa11y prod-режим на handoff — manual user step после Фазы C (P1-12 fix).
-- Регистрация Frontend Design plugin в `~/.claude/settings.json` (O-stack-06) — manual user step, файл вне git.
diff --git a/docs/superpowers/specs/2026-05-09-sprint2-modernization-design.md b/docs/superpowers/specs/2026-05-09-sprint2-modernization-design.md
deleted file mode 100644
index 6b54739..0000000
--- a/docs/superpowers/specs/2026-05-09-sprint2-modernization-design.md
+++ /dev/null
@@ -1,80 +0,0 @@
-# Spec: Спринт 2 «Modernization» — 12 O-\* находок аудита 2026-05-09
-
-**Версия:** 1.0
-**Дата:** 09.05.2026
-**Заказчик:** Дмитрий
-**Статус:** утверждён («а» в auto-mode после Sprint 1)
-
-## 1. Цель
-
-Закрыть 12 low/medium-risk O-\* находок аудита (после Sprint 1 «Hygiene»). Без архитектурных рефакторингов — только модернизация стека, оптимизация O-perf без breaking-changes, гигиена tooling. Wall-clock: 5-6 часов агентов.
-
-## 2. Scope — 12 правок
-
-### O-stack — модернизация (8)
-
-- **O-stack-01:** Pest 4 browser-tests setup. **Default:** 2 smoke E2E — login-flow (`/login → /dashboard`) и deal-create-flow (`/deals → создать → видна в списке`). Выбор — 2 ключевых сценария, не полное E2E-покрытие.
-- **O-stack-02:** mutation testing setup. **Default:** установить `infection/infection`, конфиг с базовым thresholdMin=50%, прогон в CI weekly (не блокировать pre-commit).
-- **O-stack-03:** Laravel 13 string-based lazy-loading контроллеров в `routes/web.php` (заменить `use App\...` на строки `[App\...::class, 'method']` где имеет смысл).
-- **O-stack-04:** Vue 3.5 фичи в диалогах. **Default:** 3 диалога с `v-model` паттернами — `ImpersonationDialog`, `DealDetailDrawer`, `ConfirmDialog` (если есть). Migrate на `defineModel()` + `useTemplateRef()`.
-- **O-stack-05:** Vuetify 3.12 типизированные слоты VDataTable. **Default:** 2 таблицы — `DealsView` (списке сделок) и `AdminTenantsView` (SaaS-админка).
-- **O-stack-06:** Verify Frontend Design plugin в `~/.claude/settings.json`. **Manual user step** — Claude может только распечатать checklist + текущее состояние, не править файл вне git.
-- **O-stack-07:** ESLint flat-config check — `app/eslint.config.js` уже flat-config (подтверждено в Phase C); просто verify + добавить comment-метку.
-- **O-stack-10:** Google Fonts API v2 + @font-face fallback в `liderra_v8_handoff/docs/DEVELOPER_HANDOFF.md`. **Документация only**, не правка кода (handoff уже использует Google Fonts).
-
-### O-perf — оптимизация (2)
-
-- **O-perf-06:** lazy-imports на 3 views >300 строк — `DealsView` (852), `ReportsView` (592), `DealDetailDrawer` (580). `defineAsyncComponent()` для тяжёлых внутренних диалогов.
-- **O-perf-07:** Larastan в pre-commit → перенос в pre-push ИЛИ включение result cache. **Default:** result cache в pre-commit (быстрее без жёсткого изменения flow).
-
-### O-refactor — гигиена (2)
-
-- **O-refactor-06:** dead-code detection. **Default:** запустить `npm run build -- --analyze` + `knip` smoke; найденные unused-exports — выписать в `.tmp/audit/sprint2_dead_code.md` (НЕ удалять автоматически — отдельное решение).
-- **O-refactor-07:** CLAUDE.md §0 reorg. **Default:** вынести историю версий из CLAUDE.md в `docs/CHANGELOG_claude_md.md` (там уже есть такой файл!), оставить в CLAUDE.md только последние 2 версии. Через `claude-md-management:claude-md-improver`.
-
-## 3. Не входит в Sprint 2 (= Sprint 3)
-
-- O-perf-01 N+1 DealController bulk-actions — high risk, нужны новые тесты
-- O-perf-04 OFFSET → keyset — breaking API change
-- O-perf-05 export() streaming — новая зависимость
-- O-refactor-01/02 DealController/AuthController split — архитектурное (Pravila §4.5)
-- O-refactor-04 12 Vue-компонентов >300 строк — cross-cutting refactor (R0.6)
-
-## 4. Архитектура — 4 фазы / 4 коммита
-
-```
-[A. Backend modernization] → Pest 4 browser + mutation + lazy-loading + Larastan cache
-       ↓
-[B. Frontend modernization] → Vue 3.5 + Vuetify 3.12 + lazy-imports + ESLint check
-       ↓
-[C. Docs] → Google Fonts API + CLAUDE.md §0 reorg + FD plugin verify checklist
-       ↓
-[D. Hygiene] → dead-code detection report
-```
-
-Каждая фаза = 1 коммит. После A — Pest + Larastan; после B — Vitest + vue-tsc + ESLint; после C — `npm run check:docs`; после D — отчёт без правок (анализ).
-
-## 5. DoD
-
-- 4 коммита, каждый с осмысленным scope.
-- `cd app && composer test` — 416/416 + новые browser tests (минимум 2).
-- `cd app && composer stan` — 0 errors above baseline.
-- `cd app && npm run type-check` — 0 errors.
-- `cd app && npm run test:vue` — 393/393 (или больше).
-- `npm run check:docs` — 0 errors на narrative.
-- `.tmp/audit/sprint2_dead_code.md` создан с отчётом (анализ без удалений).
-- `~/.claude/settings.json` checklist распечатан в финальном отчёте Sprint 2.
-
-## 6. Риски
-
-- **O-stack-01 Pest 4 browser-tests на Windows** — Pest 4 browser использует Playwright под капотом, может потребовать `npx playwright install chromium`. На Windows native может быть тормоза/конфликты. Митигация — установить, если падает на setup → smoke не пишем, фиксируем как «требует Linux CI» в реестре.
-- **O-stack-02 infection/infection** — может быть медленным на 416 тестах (>5-10 минут). Митигация — конфиг с filter по `--filter='App\Http'` (только наш код, не vendor), CI-only.
-- **O-stack-04/05 Vue 3.5 migration** — `defineModel()` ломает type signatures props/events; нужно проверить ESLint + vue-tsc после каждой миграции.
-- **O-perf-06 lazy-imports** — `defineAsyncComponent()` меняет shape компонента, может ломать tests. Митигация — Vitest после каждой миграции.
-- **O-refactor-07 CLAUDE.md §0 reorg** — обязательно через `claude-md-management:claude-md-improver` (CLAUDE.md §5 п.10).
-
-## 7. Не делаем
-
-- Pa11y prod-режим (пользователь delegated в Sprint 1 P1-12, требует браузер-сессии).
-- Pre-prod migration P1-10/11 (уже в реестре, ждут Б-1).
-- Любые из 6 Sprint 3 пунктов (high risk, отдельный spec→plan).
diff --git a/docs/superpowers/specs/2026-05-10-sprint6-postmvp-backend-design.md b/docs/superpowers/specs/2026-05-10-sprint6-postmvp-backend-design.md
deleted file mode 100644
index 7aea587..0000000
--- a/docs/superpowers/specs/2026-05-10-sprint6-postmvp-backend-design.md
+++ /dev/null
@@ -1,460 +0,0 @@
-# Sprint 6 «Post-MVP backend» — Design Spec
-
-**Версия:** 1.0  
-**Дата:** 10.05.2026  
-**Автор:** Claude Code (skill: superpowers:brainstorming)  
-**Заказчик:** Дмитрий  
-**Статус:** approved  
-**Базовый HEAD:** `e5848bd` (Sprint 5 Pre-prod tooling закрыт)  
-**Источники:** codebase exploration (Reports/Notifications/AdminTenantDetail), roadmap Sprint 6, memory `project_state.md`
-
----
-
-## 1. Цель
-
-Закрыть Post-MVP backend backlog, не зависящий от Б-1: расширить Reports (3 новых провайдера + файловый download + S3-абстракция), реализовать оставшиеся Notification интеграции (new_device_login + deep-link bell + ЮKassa scaffold) и урезанный AdminTenantDetail (contact_phone + role).
-
-**Definition of done:**
-
-- 3 новых типа отчётов генерируются и скачиваются через API
-- `GET /api/reports/jobs/{id}/file` отдаёт файл с правильным Content-Disposition
-- `REPORT_DISK` переменная позволяет переключиться на S3 без кода
-- При логине с нового устройства пользователь получает email
-- Клик по колокольчику с deal_id навигирует на нужный раздел
-- `POST /api/webhooks/yukassa` принимает платёж и обновляет invoice
-- `tenants.contact_phone` и `users.role` в схеме, API и Vue
-- Регрессия зелёная: Pest / Vitest / Larastan / vue-tsc / ESLint
-
----
-
-## 2. Non-goals
-
-- `inn`, `legal_address` для тенантов — ждут Б-1
-- Реальная интеграция ЮKassa (боевые ключи, тестовые платежи) — ждёт Б-1 / DO-2
-- Push-уведомления (FCM / APNS) — Post-MVP
-- PDF-формат отчётов — Post-MVP (`PdfStubFormatter` остаётся)
-- Новые модули CRM (аналитика второго порядка и т.п.)
-
----
-
-## 3. Phase A: Reports backend доделки
-
-### 3.1 Три новых провайдера
-
-Все провайдеры реализуют `App\Services\Reports\Providers\ReportDataProvider`:
-
-```php
-interface ReportDataProvider {
-    public function headers(): array;
-    public function rows(ReportJob $job): array;
-    public function slug(): string;
-}
-```
-
-Фильтры берутся из `$job->parameters` (JSONB): `date_from`, `date_to` обязательные (уже валидируются в `ReportJobController::store()`).
-
-#### ManagersSummaryProvider
-
-- **Slug:** `managers_summary`
-- **Файл:** `app/app/Services/Reports/Providers/ManagersSummaryProvider.php`
-- **Колонки:** Менеджер | Всего заявок | Принято | Отклонено | Конверсия % | Выручка ₽ | Средняя стоимость ₽
-- **Источник данных:**
-
-  ```sql
-  SELECT
-    COALESCE(u.first_name || ' ' || u.last_name, u.email) AS manager,
-    COUNT(d.id) AS total,
-    COUNT(d.id) FILTER (WHERE d.status = 'accepted') AS accepted,
-    COUNT(d.id) FILTER (WHERE d.status = 'rejected') AS rejected,
-    ROUND(COUNT(d.id) FILTER (WHERE d.status = 'accepted') * 100.0 / NULLIF(COUNT(d.id), 0), 1) AS conversion,
-    COALESCE(SUM(slc.cost_rub), 0) AS revenue_rub,
-    ROUND(AVG(slc.cost_rub), 2) AS avg_cost_rub
-  FROM deals d
-  LEFT JOIN users u ON u.id = d.assigned_user_id
-  LEFT JOIN supplier_lead_costs slc ON slc.deal_id = d.id
-  WHERE d.received_at BETWEEN :date_from AND :date_to
-    AND d.deleted_at IS NULL
-  GROUP BY u.id, u.first_name, u.last_name, u.email
-  ORDER BY total DESC
-  ```
-
-- **Тест-кейсы:** headers() возвращает 7 колонок; rows() с данными считает конверсию; rows() на пустой период → пустой массив.
-
-#### SourcesSummaryProvider
-
-- **Slug:** `sources_summary`
-- **Файл:** `app/app/Services/Reports/Providers/SourcesSummaryProvider.php`
-- **Колонки:** Источник | Всего заявок | Принято | Конверсия % | Итого ₽ | Среднее ₽
-- **Источник данных:**
-
-  ```sql
-  SELECT
-    p.name AS source,
-    COUNT(d.id) AS total,
-    COUNT(d.id) FILTER (WHERE d.status = 'accepted') AS accepted,
-    ROUND(COUNT(d.id) FILTER (WHERE d.status = 'accepted') * 100.0 / NULLIF(COUNT(d.id), 0), 1) AS conversion,
-    COALESCE(SUM(slc.cost_rub), 0) AS total_rub,
-    ROUND(AVG(slc.cost_rub), 2) AS avg_cost_rub
-  FROM deals d
-  LEFT JOIN projects p ON p.id = d.project_id
-  LEFT JOIN supplier_lead_costs slc ON slc.deal_id = d.id
-  WHERE d.received_at BETWEEN :date_from AND :date_to
-    AND d.deleted_at IS NULL
-  GROUP BY p.id, p.name
-  ORDER BY total DESC
-  ```
-
-#### BillingSummaryProvider
-
-- **Slug:** `billing_summary`
-- **Файл:** `app/app/Services/Reports/Providers/BillingSummaryProvider.php`
-- **Колонки:** Дата | Тип операции | Сумма ₽ | Баланс после ₽ | Описание
-- **Источник данных:**
-
-  ```sql
-  SELECT
-    bt.created_at::date AS date,
-    bt.transaction_type,
-    bt.amount_rub,
-    bt.balance_after_rub,
-    bt.description
-  FROM balance_transactions bt
-  WHERE bt.created_at BETWEEN :date_from AND :date_to
-  ORDER BY bt.created_at ASC
-  ```
-
-  (RLS обеспечивает изоляцию tenant'а через `SET LOCAL app.current_tenant_id`)
-- **Параметры:** только `date_from`/`date_to`, без `project_id`/`manager_id`
-
-### 3.2 ReportGeneratorRegistry — расширение
-
-**Файл:** `app/app/Services/Reports/ReportGeneratorRegistry.php`
-
-Обновить `isSupported()` — добавить 3 новых типа в `SUPPORTED_TYPES` константу (или аналог):
-
-```php
-private const SUPPORTED_TYPES = [
-    'deals_export',
-    'managers_summary',
-    'sources_summary',
-    'billing_summary',
-];
-```
-
-Зарегистрировать 3 новых провайдера в `provider()` switch/match — по аналогии с `DealsExportProvider`.
-
-### 3.3 File download endpoint
-
-**Route:** `GET /api/reports/jobs/{id}/file` (под `auth:sanctum` + `tenant` middleware)  
-**Controller:** `ReportJobController::download(ReportJob $job)`  
-**Файл:** `app/app/Http/Controllers/Api/ReportJobController.php` (добавить метод)
-
-Логика:
-
-1. Проверить принадлежность job текущему tenant (уже делает Route Model Binding + RLS, дополнительно явная проверка `$job->tenant_id === auth()->user()->tenant_id`)
-2. Если `$job->status !== 'done'` → 422 с `{"message": "Report not ready"}`
-3. Если `$job->file_path === null` → 410 Gone (`{"message": "Report file expired"}`)
-4. Если файл физически не существует → 410 Gone
-5. Определить MIME по формату из `$job->parameters['format']`:
-   - csv → `text/csv; charset=utf-8`
-   - xlsx → `application/vnd.openxmlformats-officedocument.spreadsheetml.sheet`
-   - json → `application/json`
-6. `StreamedResponse` через `Storage::disk(config('filesystems.reports_disk'))->readStream($job->file_path)`
-7. Заголовки: `Content-Disposition: attachment; filename="report-{$job->id}.{ext}"`, `Content-Type`, `Content-Length`
-
-### 3.4 S3-абстракция
-
-**Файл:** `config/filesystems.php`  
-Добавить в секцию `disks`:
-
-```php
-'reports' => [
-    'driver' => env('REPORT_DISK', 'local'),
-    // При driver=s3 подхватит стандартные AWS_* env vars
-    // При driver=local — файлы в storage/app/
-],
-```
-
-**Файл:** `app/app/Jobs/GenerateReportJob.php`  
-Заменить `Storage::disk('local')` на `Storage::disk('reports')`.
-
-**Файл:** `app/app/Http/Controllers/Api/ReportJobController.php` (download метод)  
-Использовать `Storage::disk('reports')`.
-
-**Файл:** `.env.example`  
-Добавить `REPORT_DISK=local`.
-
----
-
-## 4. Phase B: Notifications
-
-### 4.1 new_device_login
-
-#### Миграция: `user_known_devices`
-
-```sql
-CREATE TABLE user_known_devices (
-    id           BIGSERIAL PRIMARY KEY,
-    user_id      BIGINT NOT NULL REFERENCES users(id) ON DELETE CASCADE,
-    fingerprint  VARCHAR(64) NOT NULL,
-    first_seen_at TIMESTAMPTZ NOT NULL DEFAULT now(),
-    CONSTRAINT uq_user_known_devices UNIQUE (user_id, fingerprint)
-);
-CREATE INDEX idx_user_known_devices_user_id ON user_known_devices(user_id);
-```
-
-**Миграция-файл:** `app/database/migrations/XXXX_XX_XX_create_user_known_devices_table.php`
-
-#### Логика определения нового устройства
-
-**Файл:** `app/app/Http/Controllers/Auth/AuthenticatedSessionController.php` (метод `store()`)
-
-После успешной аутентификации (`Auth::attempt(...)` прошёл):
-
-```php
-$fingerprint = hash('sha256', $request->ip() . '|' . $request->userAgent());
-$isNew = ! UserKnownDevice::where('user_id', $user->id)
-    ->where('fingerprint', $fingerprint)
-    ->exists();
-
-UserKnownDevice::firstOrCreate(
-    ['user_id' => $user->id, 'fingerprint' => $fingerprint],
-    ['first_seen_at' => now()]
-);
-
-if ($isNew) {
-    app(NotificationService::class)->notifyNewDeviceLogin(
-        $user,
-        $request->ip(),
-        $request->userAgent()
-    );
-}
-```
-
-#### NotificationService::notifyNewDeviceLogin()
-
-**Файл:** `app/app/Services/NotificationService.php` (добавить метод)
-
-```php
-public function notifyNewDeviceLogin(User $user, string $ip, string $userAgent): void
-{
-    if (!($user->notification_preferences['new_device_login']['email'] ?? true)) {
-        return;
-    }
-    try {
-        Mail::to($user->email)->send(new NewDeviceLoginMail($user, $ip, $userAgent));
-    } catch (Throwable $e) {
-        Log::error('new_device_login mail failed', ['user' => $user->id, 'error' => $e->getMessage()]);
-    }
-}
-```
-
-#### Mailable + Blade
-
-**Файлы:**
-
-- `app/app/Mail/NewDeviceLoginMail.php`
-- `app/resources/views/emails/new-device-login.blade.php`
-
-`NewDeviceLoginMail` получает `$user`, `$ip`, `$userAgent`. Blade-шаблон показывает: IP-адрес, браузер/ОС (из userAgent, без парсинга — raw строка), время, ссылку на смену пароля (`/settings#security`). Стиль — аналогичен существующим шаблонам проекта.
-
-#### Модель UserKnownDevice
-
-**Файл:** `app/app/Models/UserKnownDevice.php`
-
-```php
-class UserKnownDevice extends Model {
-    public $timestamps = false;
-    protected $fillable = ['user_id', 'fingerprint', 'first_seen_at'];
-    protected $casts = ['first_seen_at' => 'datetime'];
-}
-```
-
-### 4.2 Deep-link bell (Vue frontend)
-
-**Файл:** `app/resources/js/components/AppTopbar.vue` (или субкомпонент BellNotifications)
-
-При клике на уведомление в списке:
-
-```typescript
-function handleNotificationClick(notification: InAppNotification) {
-  markAsRead(notification.id) // существующий PATCH endpoint
-
-  if (notification.deal_id) {
-    router.push({ name: 'deals', query: { open: String(notification.deal_id) } })
-  } else if (notification.event === 'reminder') {
-    router.push({ name: 'reminders' })
-  } else if (['low_balance', 'zero_balance', 'topup_success', 'invoice_paid'].includes(notification.event)) {
-    router.push({ name: 'billing' })
-  }
-  // new_device_login, marketing, new_lead без deal_id — только markAsRead
-}
-```
-
-`DealsView` — нужно добавить логику `query.open`: при монтировании если `route.query.open` задан → открыть DealDetailDrawer для этого deal_id. Это часть коммита #6.
-
-**Тип InAppNotification** (обновить в `api/notifications.ts` если не хватает полей):
-
-```typescript
-interface InAppNotification {
-  id: number
-  event: string
-  title: string
-  body: string
-  deal_id: number | null
-  payload: Record<string, unknown>
-  read_at: string | null
-  created_at: string
-}
-```
-
-### 4.3 ЮKassa webhook scaffold
-
-#### Route
-
-**Файл:** `app/routes/api.php`
-
-```php
-Route::post('/webhooks/yukassa', [WebhookYukassaController::class, 'handle'])
-    ->name('webhooks.yukassa');
-// БЕЗ auth:sanctum и tenant middleware — внешний webhook
-```
-
-#### WebhookYukassaController
-
-**Файл:** `app/app/Http/Controllers/Api/WebhookYukassaController.php`
-
-```php
-class WebhookYukassaController extends Controller
-{
-    public function handle(Request $request, NotificationService $notifications): JsonResponse
-    {
-        // 1. Валидация подписи
-        $secret = config('services.yukassa.secret');
-        $body = $request->getContent();
-        $signature = hash('sha256', $body . $secret);
-        if (!hash_equals($signature, $request->header('HTTP_SHOP_ID', ''))) {
-            return response()->json(['error' => 'Invalid signature'], 401);
-        }
-        // NOTE: точный формат подписи ЮKassa уточнить по docs.yukassa.ru при активации.
-        // SHA-256(body . secret) — scaffold-реализация; заголовок HTTP_SHOP_ID предположительный.
-
-        // 2. Парсинг тела
-        $data = json_decode($body, true);
-        $event = $data['event'] ?? null;
-        $invoiceId = $data['object']['metadata']['invoice_id'] ?? null;
-
-        if (!$invoiceId) {
-            return response()->json(['error' => 'Missing invoice_id'], 422);
-        }
-
-        $invoice = SaasInvoice::find($invoiceId);
-        if (!$invoice) {
-            return response()->json(['error' => 'Invoice not found'], 404);
-        }
-
-        // 3. Обновление статуса
-        if ($event === 'payment.succeeded') {
-            $invoice->update(['status' => 'paid', 'paid_at' => now()]);
-            $tenant = Tenant::find($invoice->tenant_id);
-            $notifications->notifyInvoicePaid($tenant, $invoice);
-        } elseif ($event === 'payment.canceled') {
-            $invoice->update(['status' => 'canceled']);
-        }
-
-        return response()->json(['status' => 'ok']);
-    }
-}
-```
-
-#### Конфиг
-
-**Файл:** `config/services.php` — добавить:
-
-```php
-'yukassa' => [
-    'secret' => env('YUKASSA_SECRET_KEY', ''),
-],
-```
-
-**Файл:** `.env.example` — добавить `YUKASSA_SECRET_KEY=`.
-
----
-
-## 5. Phase C: AdminTenantDetail (reduced)
-
-### 5.1 Миграция 1: tenants.contact_phone
-
-**Файл:** `app/database/migrations/XXXX_add_contact_phone_to_tenants.php`
-
-```php
-Schema::table('tenants', function (Blueprint $table) {
-    $table->string('contact_phone', 20)->nullable()->after('contact_email');
-});
-```
-
-Обновить `app/Models/Tenant.php` — добавить `contact_phone` в `$fillable`.
-
-Обновить `AdminTenantsController::show()` — включить `contact_phone` в tenant base секцию ответа.
-
-**Vue:** Обновить `TenantDetailHeader.vue` — показать `contact_phone` рядом с `contact_email` (через `v-if`).
-
-### 5.2 Миграция 2: users.role
-
-**Файл:** `app/database/migrations/XXXX_add_role_to_users.php`
-
-```php
-Schema::table('users', function (Blueprint $table) {
-    $table->string('role', 20)->default('manager')->after('last_name');
-});
-```
-
-Допустимые значения: `manager`, `owner`, `admin`. Валидация в UserController при обновлении профиля — `in:manager,owner,admin`.
-
-Обновить `AdminTenantsController::show()` users секцию — заменить захардкоженный `'manager'` на `$user->role`.
-
-Обновить `app/Models/User.php` — добавить `role` в `$fillable`.
-
-**Vue:** Обновить `TenantDetailTabs.vue` (users tab) — брать `role` из API вместо hardcode.
-
----
-
-## 6. Тестовое покрытие
-
-| Phase | Тесты Pest | Тесты Vitest |
-|-------|-----------|-------------|
-| A1: 3 провайдера | +9 (3×3: headers, rows with data, rows empty) | — |
-| A2: registry | +3 (isSupported для каждого нового типа) | — |
-| A3: file download | +4 (200, 422 not ready, 410 expired, 403 wrong tenant) | — |
-| B1: new_device_login | +3 (новое устройство → уведомление; повтор → нет; preference off → нет) | — |
-| B2: deep-link bell | — | +3 (deal_id → router.push deals; reminder → reminders; billing event → billing) |
-| B3: ЮKassa webhook | +4 (payment.succeeded, payment.canceled, bad signature, unknown invoice) | — |
-| C: AdminTenantDetail | +2 (contact_phone в ответе; role из БД а не хардкод) | +1 (role отображается в TenantDetailTabs) |
-| **Итого** | **+25 Pest** | **+4 Vitest** |
-
----
-
-## 7. Порядок коммитов
-
-| # | Содержание | Phase |
-|---|------------|-------|
-| 1 | feat(reports): ManagersSummaryProvider + SourcesSummaryProvider + BillingSummaryProvider + registry update | A |
-| 2 | feat(reports): GET /api/reports/jobs/{id}/file download endpoint | A |
-| 3 | feat(reports): REPORT_DISK env var — S3-ready storage abstraction | A |
-| 4 | feat(auth): user_known_devices table + new_device_login notification | B |
-| 5 | feat(notifications): NewDeviceLoginMail + blade template | B |
-| 6 | feat(frontend): deep-link bell navigation on notification click | B |
-| 7 | feat(webhooks): POST /api/webhooks/yukassa scaffold + notifyInvoicePaid trigger | B |
-| 8 | feat(tenants): add contact_phone column + API + Vue | C |
-| 9 | feat(users): add role column + remove hardcoded 'manager' + Vue | C |
-
----
-
-## 8. Архитектурные решения (recap)
-
-| Решение | Выбор | Обоснование |
-|---------|-------|-------------|
-| S3-абстракция | `REPORT_DISK` env var → Laravel Storage disk | YAGNI; Storage facade уже абстрагирует |
-| new_device_login хранилище | Таблица `user_known_devices` | Чисто; позволит «доверенные устройства» в будущем |
-| AdminTenantDetail scope | contact_phone + role только; inn/legal_address → Б-1 | Не заблокировано; immediate value |
-| ЮKassa scope | Scaffold только (endpoint + HMAC + model update) | Боевые ключи ждут Б-1 |
diff --git a/docs/superpowers/specs/2026-05-10-supplier-integration-design.md b/docs/superpowers/specs/2026-05-10-supplier-integration-design.md
deleted file mode 100644
index 85c7fc9..0000000
--- a/docs/superpowers/specs/2026-05-10-supplier-integration-design.md
+++ /dev/null
@@ -1,295 +0,0 @@
-# Дизайн интеграции Лидерра ↔ Поставщик crm.bp-gr.ru
-
-**Дата:** 2026-05-10
-**Статус:** черновик дизайна (brainstorming output)
-**Заказчик:** Дмитрий (владелец Лидерры)
-
-## 1. Контекст
-
-Лидерра — реселлер лидов. Покупает поток номеров у поставщика [crm.bp-gr.ru](https://crm.bp-gr.ru) (бренд «BG») и перепродаёт своим тенантам через собственный портал.
-
-У поставщика нет публичного REST API. Доступны:
-
-- **PUSH webhook** для приёма лидов: настройка на [/admin/user/api](https://crm.bp-gr.ru/admin/user/api), payload `{vid, project, tag, phone, phones, time}`.
-- **Внутренние AJAX endpoints** для управления проектами: `rt-project-save`, `rt-project-update`, `rt-project-delete`, `rt-projects-load` и т.д. Требуют cookie-сессии и CSRF-токена.
-
-## 2. Модель данных
-
-### 2.1. Проект Лидерры
-
-Один проект Лидерры = один сигнал-источник лидов:
-
-| Тип сигнала | Идентификатор | Пример |
-|---|---|---|
-| **Сайт** | домен конкурента | `vashinvestor.ru` |
-| **Звонок** | номер конкурента (11 цифр, начинается с 7) | `7XXXXXXXXXX` |
-| **СМС** | пара (имя отправителя, ключевое слово) | sender=`TINKOFF`, keyword=`ипотека` |
-
-Поля проекта:
-
-- `id`, `tenant_id` (клиент Лидерры), `name`, `signal_type`, `signal_identifier`
-- `daily_limit` (число лидов в день, заказ от клиента)
-- `workdays` (массив 1–7 = Пн–Вс)
-- `regions` (массив кодов регионов РФ; пустой = все регионы)
-- `status` (`active` / `paused` / `archived`)
-- `created_at`, `updated_at`
-
-Для СМС вместо одного `signal_identifier` хранится:
-
-- `sms_senders[]` — массив имён отправителей (буквы / цифры до 6, не 11-значные)
-- `sms_keyword` — фраза/слово в SMS (опциональное)
-
-### 2.2. Поставщик-проект
-
-Уникальность у поставщика зависит от типа сигнала и платформы:
-
-| Тип | Платформы | Ключ уникальности supplier-проекта |
-|---|---|---|
-| Сайт | B1, B2, B3 | `(signal_identifier)` = домен |
-| Звонок | B1, B2, B3 | `(signal_identifier)` = номер |
-| СМС | **B2** (B1 недоступен) | `(sms_senders, sms_keyword)` |
-| СМС | **B3** (B1 недоступен) | `(sms_senders)` — keyword игнорируется |
-
-**Правило объединения для СМС:**
-
-- На B3 все Лидерра-проекты с одним и тем же отправителем (любым keyword'ом) шарят один supplier-проект.
-- На B2 Лидерра-проекты с одним отправителем, но разными keyword'ами — отдельные supplier-проекты.
-- Если у Лидерра-клиента keyword пуст — он подключается только к B3, на B2 не идёт.
-
-В Лидерре отдельная сущность `supplier_projects` (агрегатная):
-
-- `id`, `platform` (`B1`/`B2`/`B3`), `signal_type`, `unique_key` (домен / номер / `sender+keyword` / `sender`)
-- `supplier_id` (внутренний id у поставщика)
-- `current_limit`, `current_workdays` (синхронизировано с поставщиком)
-- `last_synced_at`, `sync_status` (`ok` / `pending` / `failed`)
-
-Маппинг N:M — один Лидерра-проект СМС может ссылаться на 1 проект B2 + 1 проект B3 (или только B3, если keyword пуст). Проекты Сайт/Звонок ссылаются на 3 supplier-проекта (B1+B2+B3).
-
-### 2.3. Sharing-модель лидов
-
-Один входящий лид от поставщика → потенциально создаёт несколько `deal`-записей (по одной на каждого клиента Лидерры, активного на этом источнике сегодня и не исчерпавшего квоту).
-
-Каждая deal-копия:
-
-- независимый статус, комментарии, история
-- ссылается на исходный `supplier_lead` (для трассировки)
-
-## 3. Жизненный цикл проекта Лидерры
-
-### 3.1. Создание
-
-1. Клиент Лидерры в UI указывает `signal_type`, `signal_identifier`, `daily_limit`, `workdays`.
-2. Лидерра валидирует формат идентификатора:
-   - **Сайт:** валидный домен (regex `^[a-z0-9-]+(\.[a-z0-9-]+)+$` нижний регистр)
-   - **Звонок:** 11 цифр, начинается с `7`
-   - **СМС sender:** 1–30 символов, буквы латиницы/цифры (до 6 цифр — короткий номер); 11-значные номера отвергаем (ограничение поставщика)
-   - **СМС keyword:** 1–60 символов, любые символы; опционально (если пусто — используется только B3)
-3. Лидерра ищет существующий `supplier_projects` по `(signal_type, signal_identifier)`:
-   - **Если есть:** просто привязывает новый Лидерра-проект к нему. Push настроек у поставщика — следующим cron'ом.
-   - **Если нет:** ставит задачу `create_supplier_project` в очередь синхронизации (см. §4).
-
-### 3.2. Изменение
-
-Клиент может править:
-
-- `daily_limit` (количество)
-- `workdays` (дни сбора)
-- `status` (active ↔ paused — пауза без удаления)
-
-Все правки немедленно сохраняются в Лидерре. На поставщика — следующим cron'ом.
-
-### 3.3. Удаление (архивирование)
-
-Soft delete: `status = 'archived'`.
-
-**Lifecycle на стороне supplier_project:**
-
-- Как только у supplier_project не остаётся активных Лидерра-проектов (все паузнули/удалили) → следующим cron'ом выключаем у поставщика (`status=false` через `rt-project-update`). Запоминаем `inactive_since`.
-- Если активный клиент возвращается до истечения TTL — supplier_project переиспользуется (просто `status=true` + актуальные limit/workdays).
-- Через **180 дней** без активных клиентов supplier_project удаляется у поставщика (`rt-project-delete`) и в нашей БД.
-
-### 3.4. UI-подсказка
-
-В форме создания/редактирования отображается:
-
-> Лиды равномерно распределяются по 3 платформам сбора. Чтобы увеличить приток — увеличьте общее количество. Изменения применятся со следующего дня.
-
-## 4. Синхронизация Лидерра → Поставщик
-
-### 4.1. Cron-задача в 20:30 МСК
-
-Каждый день в 20:30 МСК Лидерра запускает `SyncSupplierProjects`:
-
-1. Для каждого `supplier_projects` — собирает все активные Лидерра-проекты, привязанные к нему.
-2. Считает на день D+1:
-   - `total_quota[day]` = сумма `daily_limit` клиентов, у которых день `D+1` в `workdays`
-   - `target_workdays` = объединение всех `workdays` активных клиентов
-3. Распределяет `total_quota` по платформам:
-   - **Сайт / Звонок** (3 платформы): `B1 = ⌈total/3⌉`, `B2 = ⌈(total-B1)/2⌉`, `B3 = total-B1-B2`
-   - **СМС с keyword** (B2+B3): `B2 = ⌈total/2⌉`, `B3 = ⌊total/2⌋`
-   - **СМС без keyword** (только B3): `B3 = total`
-   - Остаток после деления отдаётся приоритетом старшим платформам (B1 → B2)
-4. Объединяет геофильтр: `regions` у поставщика = объединение `regions` всех активных Лидерра-проектов на этом источнике; `regions_reverse` всегда `false` (включающий список).
-5. Сравнивает с текущими настройками поставщика:
-   - Если изменилось — POST `rt-project-update` для каждой из 3 платформ.
-   - Если новый источник — POST `rt-project-save`.
-   - Если активных клиентов 0 — выключение/удаление.
-6. Запас 30 минут до 21:00 МСК (дедлайн поставщика).
-
-### 4.2. Cutoff для клиента
-
-- До 20:30 МСК — изменения попадают в текущий cron, применятся завтра.
-- После 20:30 МСК — изменения сохраняются, в UI баннер «Применится послезавтра», следующий cron подхватит.
-- 22:00–00:00 МСК — у поставщика API заблокирован (для контекста; cron в 20:30 не попадает).
-
-### 4.3. Резервирование push'а настроек
-
-**Основной канал:** AJAX-автоматизация через cookie-сессию + CSRF.
-
-**Поддержание сессии:** отдельный cron-job `RefreshSupplierSession` (запускается каждый час и за 15 мин до основного 20:30 cron'а):
-
-1. Headless Playwright заходит на crm.bp-gr.ru.
-2. Если уже залогинен (по предыдущей cookie из Redis) — извлекает свежий CSRF-токен со страницы.
-3. Если нет — логинится с credentials из `.env` (`SUPPLIER_LOGIN`, `SUPPLIER_PASSWORD`, защищены через Laravel encrypter).
-4. Сохраняет `cookie` (PHPSESSID) и `csrf_token` в Redis с TTL 6 часов.
-5. Основной sync-cron читает их оттуда и подмешивает в HTTP-запросы к `rt-*` endpoints.
-6. При 401/403 от поставщика — Лидерра запускает `RefreshSupplierSession` внепланово.
-
-**Резерв (при сбоях):**
-
-1. **Очередь pending-changes**: каждое неуспешное обновление помещается в очередь, повтор каждые 10 минут до 21:00.
-2. **Алерт менеджеру**: если очередь не пуста к 21:00 — уведомление в Telegram/email с инструкцией ручной правки через UI поставщика.
-3. **Откат к предыдущему успешному состоянию**: если новые настройки не дошли — клиенты Лидерры работают на вчерашних квотах (известное состояние, никакой потери).
-4. **Health-check сессии**: перед cron'ом проверяем `rt-projects-load` — если 401/403, заранее обновляем cookie/CSRF.
-
-## 5. Приём лидов Поставщик → Лидерра
-
-### 5.1. Основной канал — webhook
-
-Поставщик POST'ит на `https://liderra.ru/webhook/{tenant_token}` (общий URL, не per-client).
-
-Payload:
-
-```json
-{
-  "vid": 432176649,
-  "project": "B1_vashinvestor.ru",
-  "tag": "Ваш инвестор",
-  "phone": "7XXXXXXXXXX",
-  "phones": ["7XXXXXXXXXX"],
-  "time": 1703781939
-}
-```
-
-Обработчик (`HandleSupplierWebhook`):
-
-1. Проверяет защиту в два слоя:
-   - **IP allowlist** — запрос отвергается, если IP отправителя не из списка известных IP поставщика (хранится в `settings.supplier_ip_allowlist`, обновляется админом).
-   - **Секретный токен в URL** — `tenant_token` это длинный случайный секрет (≥32 символа), генерируется при регистрации интеграции; известен только Лидерре и поставщику. Неверный токен → 404 (не 403, чтобы не палить существование endpoint'а).
-2. Парсит `project` → определяет `(signal_type, signal_identifier)`:
-   - префикс `B1_` / `B2_` / `B3_` → B-платформа
-   - остальная часть → identifier
-3. Сохраняет `supplier_lead` (raw payload + метаданные).
-4. Запускает `RouteLead` (см. §6).
-5. Возвращает 200 OK.
-
-### 5.2. Резерв — CSV reconciliation
-
-**Раз в час** (или 4 раза в день) Лидерра запрашивает CSV-экспорт `/admin/report/index?type=49` (или archive endpoint) за последние сутки и сверяет:
-
-1. Список `vid` из CSV vs `supplier_leads` в БД.
-2. Если в CSV есть `vid`, которого нет у нас — pending: восстанавливаем с тем же `RouteLead` flow (но помечаем как `recovered_from_csv`).
-3. Если расхождение > 5% за день — алерт менеджеру.
-
-Это даёт стабильность даже при кратковременных сбоях нашего webhook'а.
-
-## 6. Routing к клиентам Лидерры
-
-При поступлении лида (`RouteLead`):
-
-1. Находим `supplier_projects` по `(signal_type, signal_identifier)`.
-2. Определяем регион номера по коду телефона (справочник DEF-кодов).
-3. Берём список Лидерра-проектов на этом источнике с условиями:
-   - `status = 'active'`
-   - сегодняшний день в `workdays`
-   - не превышен дневной счётчик: `delivered_today < daily_limit`
-   - регион номера попадает в `regions` клиента (или `regions` пуст = все)
-4. Сортируем по `created_at ASC` (старые проекты первыми — детерминированный порядок).
-5. Для каждого подходящего проекта:
-   - Создаём `deal` с независимой копией данных лида.
-   - Инкрементируем `delivered_today` и `delivered_in_month`.
-   - Списываем с баланса по текущей ступени `pricing_tiers`.
-   - Шлём уведомление клиенту по его настройкам.
-6. Один и тот же лид → может попасть N клиентам (sharing).
-7. Если клиент уже исчерпал квоту — пропускаем.
-
-### 6.1. Reset счётчиков
-
-Cron в 00:00 МСК сбрасывает `delivered_today = 0` для всех Лидерра-проектов.
-
-## 7. Биллинг и тарифы клиентам Лидерры
-
-### 7.1. Закупка у поставщика
-
-Поставщик берёт **фиксированную цену** за лид (значение хранится в `settings`, поле редактируемое админом Лидерры).
-
-### 7.2. Тариф для клиентов Лидерры — ступенчатый (volume tiers)
-
-Клиент Лидерры платит по ступенчатой схеме: чем больше лидов получено в текущем месяце — тем дешевле каждый следующий.
-
-**Структура** (таблица `pricing_tiers`, конфигурируется админом Лидерры):
-
-- `tier_no` — номер ступени (1..7)
-- `leads_in_tier` — сколько лидов покрывает эта ступень (для последней — может быть `NULL` = «всё свыше»)
-- `price_per_lead` — цена за один лид в рублях
-
-И объём ступени, и цена редактируются в админке Лидерры. Изменения тарифной сетки применяются с 1-го числа следующего месяца (кроме ситуации когда изменение увеличивает цену — тут TBD по бизнесу).
-
-### 7.3. Логика начисления
-
-- Счётчик `delivered_in_month` для каждого `(tenant_id)` обнуляется автоматически 1-го числа каждого месяца в 00:00 МСК.
-- При доставке очередного лида: `delivered_in_month++`, цена этого лида = `price_per_lead` той ступени, в которую попадает текущий `delivered_in_month`.
-- Списание с баланса клиента происходит немедленно по доставке (атомарно с созданием `deal`).
-- Если баланс недостаточен — лид не доставляется, проект автоматически переходит в `paused` до пополнения; уведомление клиенту.
-
-### 7.4. История
-
-Хранится в таблице `lead_charges`: `tenant_id, deal_id, tier_no, price_per_lead, charged_at`. Используется для отчётов клиенту и аудита.
-
-## 8. Бизнес-правила и инварианты
-
-- **Источников у поставщика на одного `(signal_type, signal_identifier)` всегда ровно 3** (B1/B2/B3).
-- **Лимит у поставщика равен `Total/3` с приоритетом остатка B1→B2.**
-- **Workdays у поставщика = объединение workdays активных Лидерра-клиентов.**
-- **Если у `supplier_project` 0 активных Лидерра-проектов — выключаем у поставщика, не удаляем сразу** (теплый кэш на случай быстрого возврата).
-
-## 9. Схема БД (предварительно)
-
-Новые таблицы:
-
-- `signal_sources` (источники: домены/номера/SMS-тексты)
-- `liderra_projects` (проекты клиентов Лидерры)
-- `supplier_projects` (агрегатное состояние у поставщика)
-- `supplier_leads` (raw payload от поставщика)
-- `liderra_project_deliveries` (счётчики delivered_today, history)
-- `supplier_sync_jobs` (очередь и история синхронизаций)
-
-Существующая таблица `deals` дополняется FK на `liderra_project` и `supplier_lead`.
-
-Точная DDL — отдельным шагом после утверждения дизайна.
-
-## 10. Открытые вопросы
-
-| # | Вопрос | Кто решает |
-|---|---|---|
-| 1 | ~~Правила валидации SMS-содержания~~ | ✅ закрыт 10.05.2026 (см. §2.1, §3.1) |
-| 2 | ~~Цена за лид от поставщика — фиксирована или по типу B1/B2/B3?~~ | ✅ закрыт 10.05.2026: фикс. (см. §7.1) |
-| 3 | ~~Как Лидерра билит клиентов: за каждый delivered лид или подписочно?~~ | ✅ закрыт 10.05.2026: 7-ступенчатый volume tier, месячный сброс (см. §7.2–7.4) |
-| 4 | ~~Геофильтр (регионы) — поддерживаем уже сейчас или v2?~~ | ✅ закрыт 10.05.2026: MVP, объединение на supplier + фильтр на нашей стороне (см. §2.1, §4.1, §6) |
-| 5 | ~~HMAC-подпись поставщика — есть или только IP allowlist?~~ | ✅ закрыт 10.05.2026: defense-in-depth (IP allowlist + секретный токен в URL, см. §5.1) |
-| 6 | ~~Точный механизм cookie/CSRF refresh для AJAX-автоматизации~~ | ✅ закрыт 10.05.2026: headless Playwright cron каждый час + по 401/403 (см. §4.3) |
-| 7 | ~~TTL для «теплого кэша» выключенных supplier_projects~~ | ✅ закрыт 10.05.2026: сразу выключение, удаление через 180 дней (см. §3.3) |
-
-## 11. План реализации
-
-После подтверждения дизайна — следующий шаг через skill `writing-plans`: декомпозиция на спринты, schema-миграции, контроллеры, jobs, тесты.
diff --git a/docs/superpowers/specs/2026-05-11-plan3-supplier-sync-design.md b/docs/superpowers/specs/2026-05-11-plan3-supplier-sync-design.md
deleted file mode 100644
index 4cae4b7..0000000
--- a/docs/superpowers/specs/2026-05-11-plan3-supplier-sync-design.md
+++ /dev/null
@@ -1,618 +0,0 @@
-# Plan 3 (Supplier Sync) — Implementation Design
-
-**Дата:** 2026-05-11
-**Статус:** черновик дизайна (brainstorming output, готов к writing-plans)
-**Заказчик:** Дмитрий (владелец Лидерры)
-**Parent spec:** [2026-05-10-supplier-integration-design.md](2026-05-10-supplier-integration-design.md) (общий дизайн интеграции Лидерра ↔ crm.bp-gr.ru)
-**Зависит от:** Plan 1 (Foundation) `001d781` + Plan 2 (Webhook+Routing) `d5aa972` + Plan 2.5 (concurrency+retry hotfix) `c1ae195`+`1ba1df8` + Plan 2.6 (cleanup CV.11) `7899071`
-**Назначение:** implementation-уровень дизайна для Plan 3 — конкретные компоненты, data flow, error handling, testing strategy. Закрывает BLOCKER #6 (`failed_webhook_jobs` RLS NULL tenant) + WARN #2/#3 (LeadRouter/ResetCmd под `crm_app_user` без tenant-context) + добавляет supplier sync (Playwright session + 20:30 МСК cron + AJAX rt-* + 180d cleanup + автоматический retry).
-
----
-
-## 1. Контекст и связь с parent spec
-
-Plan 1 + Plan 2 + Plan 2.5 + Plan 2.6 закрыли направление **поставщик → Лидерра** (приём входящих лидов через webhook, sharing-routing, RLS-изоляция, idempotency, operational deploy gates). Plan 3 закрывает направление **Лидерра → поставщик** (управление supplier-проектами через AJAX-эмуляцию личного кабинета), плюс закрывает перетекающий backlog Plan 2.6: BLOCKER #6 и архитектурные WARN #2/#3 о работе jobs под `crm_app_user`.
-
-**Scope Plan 3:** полный sync-блок без CSV reconcile.
-
-- ✅ BLOCKER #6 закрывается через переключение supplier-flow на `crm_supplier_worker` BYPASSRLS-роль (создана в Plan 2.6 #iv `7899071`).
-- ✅ WARN #2 (LeadRouter под crm_app_user не видит tenant projects) — закрывается тем же переключением.
-- ✅ WARN #3 (ResetDeliveredTodayCommand тот же) — закрывается тем же переключением.
-- ✅ Playwright session manager + Redis cache cookie/CSRF.
-- ✅ 20:30 МСК cron `SyncSupplierProjectsJob` с distribution-логикой B1/B2/B3.
-- ✅ 180d cleanup cron `CleanupInactiveSupplierProjectsJob`.
-- ✅ Автоматический retry failed webhook jobs (Console command + hourly cron).
-
-**Out of Plan 3 scope (перенесено):** CSV reconciliation (parent spec §5.2) → Plan 4 (billing/tariffs); frontend forms (signal-type wizards, region-picker) → Plan 5.
-
-**Архитектурное решение по BLOCKER #6 — вариант C (BYPASSRLS-role):** согласовано с заказчиком 2026-05-11 в brainstorming-сессии. Альтернативы A (schema bump v8.18→v8.19 с INSERT WITH CHECK (true) policy) и B (отдельная SaaS-таблица supplier_failed_jobs) отвергнуты: C даёт 0 schema changes, 1 fix закрывает 3 элемента backlog'а, согласуется с архитектурным направлением Plan 2.6 #iv brainstorm-выбора (вариант C из 3 опций для queue worker).
-
-**Архитектурное решение по headless browser — Playwright real (Node.js subprocess):** согласовано с заказчиком 2026-05-11. Альтернативы chrome-php (PHP-only) и Guzzle (без headless) отвергнуты: Playwright real даёт страховку при изменениях на стороне поставщика (Cloudflare/reCAPTCHA/JS-login/2FA в будущем), кросс-платформенно (Linux CI prod + Windows native dev через MCP), supported Microsoft.
-
-**Discovery подход — вариант А с явным локальным снятием Pravila §6:** согласовано с заказчиком 2026-05-11. Я через `mcp__playwright__browser_*` MCP-tools залогинюсь в crm.bp-gr.ru с credentials заказчика (передаются в `app/.env` через Laravel encrypter, НЕ plaintext в чат), создам тестовый проект `__claude_probe_<timestamp>`, запишу 5 HTTP-фиксаций (login + projects-load + project-save + project-update + project-delete), удалю тестовый проект, сохраню фиксации как baseline.
-
----
-
-## 2. Архитектура — 9 Tasks, 2 фазы, параллелизм
-
-### 2.1. Фаза I — Discovery (Tasks 1–2), блокирует фазу II в основной части
-
-| Task | Файлы | Зависит от |
-|---|---|---|
-| **Task 1 — Discovery через Playwright MCP** | `app/tests/Fixtures/SupplierPortal/*.json` (5 fixtures) | Credentials поставщика в `app/.env` (заказчик передаёт перед стартом) |
-| **Task 2 — Spec update v1.0 → v1.1** | [2026-05-10-supplier-integration-design.md](2026-05-10-supplier-integration-design.md) §4.4 «AJAX endpoints — observed formats» | Task 1 |
-
-**Stop-gate после Task 2:** ждём заказчика «ок, формат разобран корректно» перед переходом в фазу II основной частью.
-
-### 2.2. Фаза II — Implementation (Tasks 3–9)
-
-| Task | Назначение | Зависит от |
-|---|---|---|
-| **Task 3 — Switch supplier-flow на pgsql_supplier (BYPASSRLS)** | Закрывает BLOCKER #6 + WARN #2 + WARN #3 | Task 1 (параллельно — не зависит от discovery, чисто DB-connection change) |
-| **Task 4 — SupplierPortalClient** | HTTP-клиент над rt-* endpoints | Task 2 (нужны fixtures), Task 3 (использует pgsql_supplier connection) |
-| **Task 5 — RefreshSupplierSessionJob + PlaywrightBridge** | Headless login + Redis cache cookie/CSRF | Task 2, Task 4 |
-| **Task 6 — SyncSupplierProjectsJob + SupplierQuotaAllocator** | 20:30 МСК cron, distribution B1/B2/B3 | Tasks 4, 5 |
-| **Task 7 — CleanupInactiveSupplierProjectsJob** | Daily 02:00 МСК cron, Phase A re-activate → B mark inactive → C delete 180d | Tasks 4, 5 |
-| **Task 8 — RetryFailedSupplierJobsCommand** | Console + hourly cron, авто-восстановление от transient outage | Task 3 |
-| **Task 9 — E2E Integration test (Linux CI only)** | Mock supplier-server → полный flow | Tasks 3–8 |
-
-**Параллелизм Task 1 ‖ Task 3:** discovery (Task 1) — отдельная ветка работы (HTTP-эксплорация поставщика), Task 3 — code change (DB connection switch в 3 файлах). Независимы. Можно идти в разных commit-сериях, но code-review subagent для Task 3 уходит до начала Task 4 (SupplierPortalClient зависит от Task 3 connection).
-
-### 2.3. 0 schema changes
-
-Проверено [db/schema.sql:889](../../db/schema.sql#L889) — колонка `inactive_since TIMESTAMPTZ NULL` уже добавлена в v8.13 (Plan 1/5 Task 2). Индекс [db/schema.sql:908-909](../../db/schema.sql#L908-L909) `supplier_projects_inactive_since_index` тоже есть. Plan 3 — code-only, schema.sql не трогается. Это понижает риск ошибки: меньше surface for breakage, не трогаем RLS-политики, не нужен `migrate:fresh` + проверка метрик.
-
-Готовые элементы schema, используемые Plan 3:
-
-- [db/schema.sql:877-902](../../db/schema.sql#L877) — таблица `supplier_projects` (платформа, signal_type, unique_key, supplier_external_id, current_limit, current_workdays JSONB, current_regions JSONB, sync_status pending/ok/failed, last_synced_at, inactive_since, CHECK constraints).
-- [db/schema.sql:904-905](../../db/schema.sql#L904) — UNIQUE INDEX `supplier_projects_platform_unique_key_unique (platform, unique_key)` — защита от race на create.
-- [db/schema.sql:1819](../../db/schema.sql#L1819) — `supplier_sync_log` SaaS-level audit log.
-- [db/00_create_roles.sql:70-73](../../db/00_create_roles.sql#L70) — `crm_supplier_worker` BYPASSRLS-роль v1.1.
-
----
-
-## 3. Компоненты — файлы и изменения
-
-### 3.1. Новый PG-connection
-
-**Файл [app/config/database.php](../../app/config/database.php):** добавить ключ `pgsql_supplier` рядом с существующим `pgsql`:
-
-```php
-'pgsql_supplier' => array_merge(
-    config('database.connections.pgsql'),
-    [
-        'username' => env('DB_SUPPLIER_USERNAME', 'crm_supplier_worker'),
-        'password' => env('DB_SUPPLIER_PASSWORD'),
-    ]
-),
-```
-
-На dev (Windows native, `postgres` superuser) — env'ы могут совпадать с основными `DB_USERNAME`/`DB_PASSWORD`. На prod — отдельная роль `crm_supplier_worker` с BYPASSRLS.
-
-### 3.2. Изменения существующих файлов (Task 3)
-
-| Файл | Изменение |
-|---|---|
-| [app/app/Jobs/RouteSupplierLeadJob.php](../../app/app/Jobs/RouteSupplierLeadJob.php) | `protected $connection = 'pgsql_supplier'` на уровне класса. INSERT в `failed_webhook_jobs` в `failed()` callback автоматически идёт под BYPASSRLS → NULL `tenant_id` проходит. Inline-warnings lines 258-263 удаляем. |
-| [app/app/Services/LeadRouter.php](../../app/app/Services/LeadRouter.php) | `Project::on('pgsql_supplier')->where(...)` в `matchEligibleProjects`. Inline-warnings lines 25-29 удаляем. |
-| [app/app/Console/Commands/ResetDeliveredTodayCommand.php](../../app/app/Console/Commands/ResetDeliveredTodayCommand.php) | `Project::on('pgsql_supplier')->where('delivered_today', '!=', 0)->update(['delivered_today' => 0])`. Inline-warnings lines 16-18 удаляем. |
-| `.env.example` | + `DB_SUPPLIER_USERNAME=crm_supplier_worker` + `DB_SUPPLIER_PASSWORD=` + `SUPPLIER_LOGIN=` + `SUPPLIER_PASSWORD=` + `SUPPLIER_PORTAL_URL=https://crm.bp-gr.ru` + `SUPPLIER_ALERT_EMAIL=` |
-
-### 3.3. Новые файлы
-
-```
-app/app/Services/Supplier/
-├── SupplierPortalClient.php              # HTTP-клиент над rt-*, читает cookie/CSRF из Redis
-├── SupplierQuotaAllocator.php            # Distribution-логика B1/B2/B3 (pure function)
-├── PlaywrightBridge.php                  # Spawn Node.js subprocess, parse stdout JSON
-└── Dto/
-    └── SupplierProjectDto.php            # Read-only DTO: platform, signal_type, unique_key, limit, workdays, regions, regions_reverse, status
-
-app/app/Exceptions/Supplier/
-├── SupplierException.php                 # abstract base
-├── SupplierAuthException.php             # 401/403 sticky после refresh-retry
-├── SupplierTransientException.php        # 5xx, network, timeout
-└── SupplierClientException.php           # 4xx 400/404/422 (наша ошибка payload'а)
-
-app/app/Jobs/Supplier/
-├── RefreshSupplierSessionJob.php         # Spawn PlaywrightBridge, put session в Redis 6h TTL
-├── SyncSupplierProjectsJob.php           # 20:30 МСК cron, per-supplier_project failure isolation
-└── CleanupInactiveSupplierProjectsJob.php  # Daily 02:00 МСК, Phase A→B→C
-
-app/app/Console/Commands/
-├── SupplierSessionRefreshCommand.php     # supplier:session:refresh (ручной запуск)
-└── RetryFailedSupplierJobsCommand.php    # supplier:retry-failed (hourly cron + лимит 10/24h)
-
-app/app/Mail/
-└── SupplierCriticalAlertMail.php         # Mailable для critical alert: subject + body + details
-
-app/playwright/
-├── package.json                          # playwright npm dep (изолировано от app/package.json)
-└── refresh-session.js                    # ~50 строк Node, stdin {login, password, url} → stdout {phpsessid, csrf, refreshed_at}
-
-app/tests/Fixtures/SupplierPortal/        # из Task 1 discovery
-├── login.json
-├── projects-load.json
-├── project-save.json
-├── project-update.json
-└── project-delete.json
-```
-
-### 3.4. Schedule entries
-
-[app/routes/console.php](../../app/routes/console.php) (Laravel 13 syntax):
-
-```php
-use Illuminate\Support\Facades\Schedule;
-use App\Jobs\Supplier\RefreshSupplierSessionJob;
-use App\Jobs\Supplier\SyncSupplierProjectsJob;
-use App\Jobs\Supplier\CleanupInactiveSupplierProjectsJob;
-use App\Console\Commands\RetryFailedSupplierJobsCommand;
-
-Schedule::job(new RefreshSupplierSessionJob)->hourly()->onOneServer();
-Schedule::job(new RefreshSupplierSessionJob)->dailyAt('20:15')->timezone('Europe/Moscow')->onOneServer();
-Schedule::job(new SyncSupplierProjectsJob)->dailyAt('20:30')->timezone('Europe/Moscow')->onOneServer();
-Schedule::job(new CleanupInactiveSupplierProjectsJob)->dailyAt('02:00')->timezone('Europe/Moscow')->onOneServer();
-Schedule::command('supplier:retry-failed')->hourly()->onOneServer();
-```
-
-`onOneServer()` требует `cache_locks` таблицу в схеме. Plan 2 deferred WARNING #5 — таблица должна быть добавлена при необходимости. Plan 3 это явно реализует (либо `php artisan cache:table` + миграция в schema.sql v8.18, либо использовать существующий Redis driver через `Cache::store('redis')` — простая опция).
-
-**Решение:** использовать Redis driver для `onOneServer()` через `RATELIMITER`/`CACHE_STORE` env. Не требует таблицы. Это уточняем в Task 6/7 при implementation.
-
----
-
-## 4. Data flow
-
-### 4.1. Lead routing flow (после Task 3, при поступлении входящего лида)
-
-```
-POST /api/webhook/supplier/{secret}
-   ↓ SupplierWebhookController::receive (под crm_app_user, RLS-active — НЕ меняется)
-   ↓ verifySecret + verifyIpAllowlist + timestamp ±24h validation
-   ↓ supplier_leads.insert (raw payload, без tenant)
-   ↓ dispatch RouteSupplierLeadJob (queue, processed-async)
-   ↓
-RouteSupplierLeadJob::handle (под crm_supplier_worker BYPASSRLS — НОВОЕ Task 3)
-   ↓ guard processed_at IS NULL (idempotency, fix Plan 2.5 #3)
-   ↓ LeadRouter::matchEligibleProjects(...) — НА pgsql_supplier (НОВОЕ Task 3)
-   ↓     ← теперь видит все tenant projects через BYPASSRLS (WARN #2 закрыт)
-   ↓ foreach project:
-   ↓     lockForUpdate(Tenant) (Plan 2.5 #2)
-   ↓     lockForUpdate(Project) + recheck delivered_today (Plan 2.5 #2)
-   ↓     createDealCopyForProject + LeadCharge + delivered_today++
-   ↓     SET LOCAL app.current_tenant_id = $project->tenant_id  ← defense-in-depth
-   ↓ supplier_lead.update processed_at=NOW(), deals_created_count=N
-   ↓ если упало 3 раза → failed_webhook_jobs.insert(tenant_id=NULL) ← BLOCKER #6 ЗАКРЫТ
-   ↓     ← BYPASSRLS пропускает NULL, no silent fail
-```
-
-Минимальное изменение: `protected $connection = 'pgsql_supplier'` в 3 классах. Бизнес-логика не меняется.
-
-### 4.2. Session refresh flow (Task 5)
-
-```
-Triggers:
-  [1] Schedule hourly (routes/console.php)
-  [2] Schedule daily 20:15 МСК (15 мин до sync deadline)
-  [3] SupplierPortalClient получил 401/403 → dispatch_sync(RefreshSupplierSessionJob)
-
-RefreshSupplierSessionJob::handle
-   ↓ Cache::lock('supplier:session:refresh', 30)->block(35, function() { ... })
-   ↓     # защита от concurrent refresh; ждёт до 35s если другой воркер уже рефрешит
-   ↓ PlaywrightBridge::refreshSession()
-   ↓     spawn `node app/playwright/refresh-session.js` через Symfony\Process
-   ↓     stdin (JSON):
-   ↓         {login: env(SUPPLIER_LOGIN), password: env(SUPPLIER_PASSWORD), url: env(SUPPLIER_PORTAL_URL)}
-   ↓     Node-скрипт (~50 lines):
-   ↓         const {chromium} = require('playwright');
-   ↓         const browser = await chromium.launch({headless: true});
-   ↓         const page = await browser.newPage();
-   ↓         await page.goto(args.url);
-   ↓         await page.fill('input[name=login]', args.login);
-   ↓         await page.fill('input[name=password]', args.password);
-   ↓         await page.click('button[type=submit]');
-   ↓         await page.waitForLoadState('networkidle');
-   ↓         const csrf = await page.locator('meta[name=csrf-token]').getAttribute('content');
-   ↓         const cookies = await page.context().cookies();
-   ↓         const phpsessid = cookies.find(c => c.name === 'PHPSESSID')?.value;
-   ↓         await browser.close();
-   ↓         process.stdout.write(JSON.stringify({phpsessid, csrf, refreshed_at: Date.now()}));
-   ↓     timeout 60s; non-zero exit → throw SupplierAuthException
-   ↓ Cache::store('redis')->put('supplier:session', $data, now()->addHours(6))
-   ↓ Log::info('supplier.session.refreshed', ['ttl' => 21600])
-```
-
-DOM-селекторы `input[name=login]`, `meta[name=csrf-token]` — placeholder'ы; точные селекторы будут известны после Task 1 discovery и могут потребовать корректировку refresh-session.js.
-
-### 4.3. Sync flow (Task 6, 20:30 МСК cron)
-
-```
-Schedule::job(SyncSupplierProjectsJob)->dailyAt('20:30')->timezone('Europe/Moscow')->onOneServer()
-
-SyncSupplierProjectsJob::handle (под crm_supplier_worker BYPASSRLS)
-   ↓ $consecutiveTransientCount = 0;
-   ↓ foreach SupplierProject::query()->whereNull('deleted_at')->cursor():
-   ↓     $startTime = now();
-   ↓     if ($startTime->copy()->timezone('Europe/Moscow')->format('H:i') >= '20:55') {
-   ↓         Log::warning('supplier.sync.time_budget_reached');
-   ↓         break;  // 5-мин запас до 21:00 deadline
-   ↓     }
-   ↓     try {
-   ↓         $activeProjects = $supplierProject->liderraProjects()
-   ↓                                            ->where('status', 'active')
-   ↓                                            ->get();
-   ↓         if ($activeProjects->isEmpty()) {
-   ↓             continue;  // CleanupJob отдельно пометит inactive_since
-   ↓         }
-   ↓         $allocation = SupplierQuotaAllocator::allocate(
-   ↓             platform: $supplierProject->platform,
-   ↓             signalType: $supplierProject->signal_type,
-   ↓             liderraProjects: $activeProjects,
-   ↓             targetDate: Carbon::tomorrow('Europe/Moscow'),
-   ↓         );
-   ↓         $current = SupplierProjectDto::fromModel($supplierProject);
-   ↓         if ($allocation->equals($current)) {
-   ↓             continue;  // no diff, save API call
-   ↓         }
-   ↓         DB::transaction(function() use ($supplierProject, $allocation) {
-   ↓             if ($supplierProject->supplier_external_id === null) {
-   ↓                 $externalId = $portalClient->saveProject($allocation);
-   ↓                 $supplierProject->update([
-   ↓                     'supplier_external_id' => $externalId,
-   ↓                     'current_limit' => $allocation->limit,
-   ↓                     'current_workdays' => $allocation->workdays,
-   ↓                     'current_regions' => $allocation->regions,
-   ↓                     'sync_status' => 'ok',
-   ↓                     'last_synced_at' => now(),
-   ↓                 ]);
-   ↓             } else {
-   ↓                 $portalClient->updateProject($supplierProject->supplier_external_id, $allocation);
-   ↓                 $supplierProject->update([
-   ↓                     'current_limit' => $allocation->limit,
-   ↓                     'current_workdays' => $allocation->workdays,
-   ↓                     'current_regions' => $allocation->regions,
-   ↓                     'sync_status' => 'ok',
-   ↓                     'last_synced_at' => now(),
-   ↓                 ]);
-   ↓             }
-   ↓             SupplierSyncLog::create([
-   ↓                 'supplier_project_id' => $supplierProject->id,
-   ↓                 'action' => $supplierProject->wasRecentlyCreated ? 'save' : 'update',
-   ↓                 'status' => 'ok',
-   ↓             ]);
-   ↓         });
-   ↓         $consecutiveTransientCount = 0;
-   ↓     } catch (SupplierAuthException $e) {
-   ↓         Mail::to(config('services.supplier.alert_email'))->queue(new SupplierCriticalAlertMail('auth_sticky', $e));
-   ↓         report($e);
-   ↓         throw $e;  // фатально, останавливает весь job
-   ↓     } catch (SupplierTransientException $e) {
-   ↓         $consecutiveTransientCount++;
-   ↓         SupplierSyncLog::create([
-   ↓             'supplier_project_id' => $supplierProject->id,
-   ↓             'action' => 'update',
-   ↓             'status' => 'failed',
-   ↓             'error' => substr($e->getMessage(), 0, 500),
-   ↓         ]);
-   ↓         if ($consecutiveTransientCount >= 50) {
-   ↓             Mail::to(config('services.supplier.alert_email'))->queue(new SupplierCriticalAlertMail('mass_transient', $e));
-   ↓             report(new \RuntimeException('Supplier outage suspected: 50 consecutive transient failures'));
-   ↓             break;
-   ↓         }
-   ↓         continue;
-   ↓     } catch (SupplierClientException $e) {
-   ↓         SupplierSyncLog::create([
-   ↓             'supplier_project_id' => $supplierProject->id,
-   ↓             'action' => 'update',
-   ↓             'status' => 'failed',
-   ↓             'error' => substr($e->getMessage(), 0, 500),
-   ↓         ]);
-   ↓         report($e);  // warning to Sentry
-   ↓         continue;  // одна bad payload не валит остальных
-   ↓     }
-```
-
-**Failure-isolation per supplier_project:** один сбой не валит партию. Согласуется с Plan 2 Task 6 `605c457` per-Project isolation.
-
-**Mass-fail mitigation:** 50 подряд `SupplierTransientException` → abort + email + Sentry.
-
-**Time budget:** 20:30–21:00 = 30 мин до deadline'а поставщика, 5-мин safety margin до 20:55.
-
-### 4.4. Cleanup flow (Task 7, daily 02:00 МСК) — Phase A → B → C
-
-**Критический порядок фаз** (исправление черновика — порядок важен для safety):
-
-```
-CleanupInactiveSupplierProjectsJob::handle (под crm_supplier_worker)
-   ↓ Phase A — re-activate (СНАЧАЛА, чтобы Phase C не удалила недавно вернувшихся):
-   ↓     UPDATE supplier_projects SET inactive_since=NULL
-   ↓     WHERE inactive_since IS NOT NULL
-   ↓       AND id IN (
-   ↓           SELECT DISTINCT supplier_b1_project_id FROM projects WHERE status='active' AND supplier_b1_project_id IS NOT NULL
-   ↓           UNION SELECT DISTINCT supplier_b2_project_id FROM projects WHERE status='active' AND supplier_b2_project_id IS NOT NULL
-   ↓           UNION SELECT DISTINCT supplier_b3_project_id FROM projects WHERE status='active' AND supplier_b3_project_id IS NOT NULL
-   ↓       )
-   ↓
-   ↓ Phase B — mark new inactive:
-   ↓     UPDATE supplier_projects SET inactive_since=NOW()
-   ↓     WHERE inactive_since IS NULL
-   ↓       AND id NOT IN ( … тот же DISTINCT SELECT … )
-   ↓
-   ↓ Phase C — delete 180d-old:
-   ↓     foreach SupplierProject::where('inactive_since', '<', now()->subDays(180))->cursor():
-   ↓         try {
-   ↓             if ($sp->supplier_external_id) {
-   ↓                 $portalClient->deleteProject($sp->supplier_external_id);
-   ↓             }
-   ↓             $sp->delete();  // soft-delete если SoftDeletes trait; иначе forceDelete
-   ↓             SupplierSyncLog::create([
-   ↓                 'supplier_project_id' => $sp->id,
-   ↓                 'action' => 'delete',
-   ↓                 'status' => 'ok',
-   ↓             ]);
-   ↓         } catch (SupplierClientException $e) {
-   ↓             // 404 от поставщика = уже удалён → продолжаем с локальным soft-delete
-   ↓             if ($e->httpStatus === 404) {
-   ↓                 $sp->delete();
-   ↓                 SupplierSyncLog::create([
-   ↓                     'supplier_project_id' => $sp->id,
-   ↓                     'action' => 'delete',
-   ↓                     'status' => 'ok',
-   ↓                     'note' => 'supplier returned 404 (already deleted)',
-   ↓                 ]);
-   ↓             } else {
-   ↓                 SupplierSyncLog::create([...status=failed]);
-   ↓                 report($e);
-   ↓                 continue;
-   ↓             }
-   ↓         } catch (SupplierTransientException $e) {
-   ↓             SupplierSyncLog::create([...status=failed]);
-   ↓             continue;  // retry завтра
-   ↓         }
-```
-
-**Safety property:** если Phase A не отработает по ошибке → Phase C не удалит активно используемые supplier_projects, потому что Phase C select-критерий — `inactive_since < NOW() - INTERVAL '180 days'`, а Phase B (которая ставит NOW()) выполняется ПОСЛЕ Phase A → новые inactive_since=NOW() даты сильно меньше 180-дневной отсечки.
-
-**180 дней — paritет со spec §3.3.** Без grace-period. Защита от потенциального reverse'а на стороне поставщика — через `supplier_sync_log` audit (полная история «что/когда удалено / response поставщика»). При обнаружении ошибки восстановление через manual rt-project-save с тем же `unique_key` — UNIQUE INDEX [schema.sql:904-905](../../db/schema.sql#L904) защитит от дублей.
-
----
-
-## 5. Error handling и retry strategy
-
-### 5.1. Матрица ошибок
-
-| Тип ошибки | Источник | Кто ловит | Retry | Эскалация |
-|---|---|---|---|---|
-| Network timeout / connection refused | Любой rt-* call | `SupplierPortalClient` → `SupplierTransientException` | Job-уровень: `$tries=3`, `backoff()=[60,300,900]` (1м/5м/15м) | После $tries → `failed_webhook_jobs` (Sync) ИЛИ `supplier_sync_log.status='failed'` (per-item) |
-| HTTP 401/403 (session expired) | Любой rt-* call | `SupplierPortalClient` | Inline: `dispatch_sync(RefreshSupplierSessionJob)` + retry 1 раз | Повторный 401/403 → `SupplierAuthException` (sticky), job fails, email + Sentry critical |
-| HTTP 5xx | Любой rt-* call | `SupplierPortalClient` → `SupplierTransientException` | Job-уровень (как network) | Same as network |
-| HTTP 4xx (не 401/403): 400/404/422 | rt-project-save/update/delete | `SupplierPortalClient` → `SupplierClientException` | НЕТ retry (наша ошибка payload'а) | `supplier_sync_log.status='failed'` + Sentry warn + continue к следующему |
-| Playwright subprocess timeout/crash | `PlaywrightBridge` | `RefreshSupplierSessionJob` → `SupplierAuthException` | Job-уровень: `$tries=3`, `backoff()=[120,600,1800]` (2м/10м/30м) | После $tries → email + Sentry critical |
-| Redis недоступен | `SupplierPortalClient` чтение cache | Laravel native exception | Laravel automatic с queue worker | После N retries → fallback: synchronous `RefreshSupplierSessionJob` минуя cache |
-| PG transient | DB calls в jobs | Laravel native retry | Auto retry на conn-level | Baseline noise, игнорируется |
-| Supplier overcommit | Sync видит что поставщик отверг limit | `SupplierPortalClient::updateProject` → 422 | НЕТ retry | Email + Sentry + `supplier_sync_log` |
-| 50 подряд `SupplierTransientException` в Sync | `SyncSupplierProjectsJob` aggregate | Job-уровень | Job aborts mid-loop | Email + Sentry critical |
-
-### 5.2. Idempotency
-
-| Операция | Идемпотентность |
-|---|---|
-| `RefreshSupplierSessionJob` | Естественно идемпотентна (write to Redis-ключ); защита от concurrent — `Cache::lock('supplier:session:refresh', 30)->block(35, ...)` |
-| `SyncSupplierProjectsJob` (whole) | `->onOneServer()` через Redis driver не запускается параллельно |
-| `SyncSupplierProjectsJob` per-item | save: `if supplier_external_id IS NULL → save, else update` + UNIQUE INDEX `(platform, unique_key)` [schema.sql:904](../../db/schema.sql#L904) защищает от race на нашей стороне; на стороне поставщика — дополнительный Redis lock per `supplier_projects.id` перед save для гарантии single-flight |
-| `CleanupInactiveSupplierProjectsJob` | `->onOneServer()`; Phase A/B — идемпотентные UPDATE'ы; Phase C delete защищён per-row try/catch на 404 |
-| `RouteSupplierLeadJob` | Уже идемпотентна — fix Plan 2.5 #3 `1ba1df8`, НЕ меняем |
-| `RetryFailedSupplierJobsCommand` | Idempotent через `last_retried_at + retry_attempts < 10` фильтр |
-
-### 5.3. Безопасность данных при failure
-
-- **Save sequence:** HTTP-call к поставщику получает `external_id` → UPDATE `supplier_projects.supplier_external_id` в той же transaction'е, с retry на UPDATE отдельно (3 attempts). При полном failure UPDATE — `supplier_sync_log.action='save_orphan'` для manual recovery (search by `(platform, unique_key)`).
-- **Delete sequence:** soft-delete в `supplier_projects` (locally) ПОСЛЕ успешного HTTP-call. Если HTTP fail — row остаётся с `inactive_since`, next-day Phase C retry. Если HTTP succeed но локальный delete failed — next-day Phase C видит row снова, повтор HTTP → поставщик 404 → catch'им как «уже удалён», локальный delete. Self-healing.
-
-### 5.4. Алерт-каналы
-
-| Severity | Event | Канал |
-|---|---|---|
-| `critical` | `SupplierAuthException` после retry | Sentry + email (`SupplierCriticalAlertMail`) |
-| `critical` | Playwright subprocess crashed 3 раза подряд | Sentry + email |
-| `critical` | 50 подряд transient в Sync (suspected outage) | Sentry + email |
-| `warning` | per-item failure в Sync (один supplier_project) | Sentry + `supplier_sync_log` |
-| `info` | rt-project-delete success | `supplier_sync_log` (audit для potential reverse) |
-| `info` | session refreshed | `supplier_sync_log` + Sentry breadcrumb |
-
-**Email через Unisender Go SMTP relay** ([CLAUDE.md §2](../../CLAUDE.md)), target из `config('services.supplier.alert_email')` (env `SUPPLIER_ALERT_EMAIL`). Telegram — НЕ используется (избегаем supply-chain risk от внешнего сервиса; controlled email survivable).
-
-### 5.5. Exception hierarchy
-
-```
-\App\Exceptions\Supplier\SupplierException (abstract)
-├── SupplierAuthException        // 401/403 sticky после refresh-retry
-├── SupplierTransientException   // 5xx, network, timeout
-└── SupplierClientException      // 4xx 400/404/422 (наша ошибка payload)
-```
-
-3 класса вместо одного с predicate-methods: idiomatic Laravel/PHP pattern, IDE autocomplete + Larastan static-check ловит unhandled paths. При добавлении новых типов (например, `SupplierRateLimitException` для 429) — +1 файл, не +1 ветка в predicate.
-
----
-
-## 6. Testing strategy
-
-### 6.1. Многоуровневая пирамида
-
-| Уровень | Объём | Где запускается | Покрывает |
-|---|---|---|---|
-| **Unit (Mockery)** | 60–70% тестов Plan 3 | Native Windows dev + Linux CI | Pure-function logic (QuotaAllocator), HTTP-clients через `Http::fake`, Job-orchestration через mocked services |
-| **Integration (real PG)** | 20–25% | Native Windows dev + Linux CI | Job → DB → connection switch (pgsql_supplier vs pgsql); RouteSupplierLeadJob под BYPASSRLS; CleanupJob Phase A/B/C SQL'и |
-| **E2E (mock supplier server)** | 5–10% | **Linux CI only** (skip на Windows) | Полный flow liderra_project create → SyncJob → mock-server получает корректный rt-project-save payload |
-| **Discovery fixtures** | Static JSON | Не запускаются | Артефакт Task 1 как baseline |
-
-### 6.2. Per-Task testing
-
-**Task 1 (Discovery):** 5 JSON-fixtures в `app/tests/Fixtures/SupplierPortal/`. Каждый fixture: `{request: {method, url, headers, body}, response: {status, headers, body}}`. Артефакт коммитится в репозиторий, не запускается.
-
-**Task 3 (Switch supplier-flow):** `tests/Feature/Supplier/SupplierConnectionTest.php`:
-
-- `it('uses pgsql_supplier connection by default in RouteSupplierLeadJob')` — assertion через reflection / Mockery
-- `it('inserts failed_webhook_jobs with tenant_id=null without error')` — **regression-test для BLOCKER #6**. Сетап: имитировать throw в `createDealCopyForProject`, assert что `failed()` callback пишет row с `tenant_id = NULL`.
-- `it('LeadRouter sees projects across tenants under BYPASSRLS')` — **regression-test WARN #2**. Создать 3 tenant'а × 2 projects, без SET LOCAL вызвать `matchEligibleProjects`, assert что видит все 6 projects.
-- `it('ResetDeliveredTodayCommand updates all tenants under BYPASSRLS')` — **regression-test WARN #3**.
-
-**Task 4 (SupplierPortalClient):** `tests/Unit/Supplier/SupplierPortalClientTest.php` через `Http::fake()`:
-
-- `it('attaches PHPSESSID and CSRF cookies from cache')`
-- `it('triggers RefreshSupplierSessionJob synchronously on 401')` + `it('retries once after refresh')` + `it('throws SupplierAuthException on sticky 401')`
-- `it('throws SupplierTransientException on 5xx')`
-- `it('throws SupplierClientException on 4xx not 401/403')`
-- `it('parses rt-projects-load response into SupplierProjectDto collection')`
-- Один тест per method: `saveProject` / `updateProject` / `deleteProject` / `listProjects` (используют fixtures Task 1)
-
-**Task 5 (RefreshSupplierSessionJob + PlaywrightBridge):**
-
-- Unit: `tests/Unit/Supplier/RefreshSupplierSessionJobTest.php`:
-  - `it('writes session data to Redis with 6h TTL')` (mock PlaywrightBridge)
-  - `it('throws SupplierAuthException if PlaywrightBridge returns null')`
-  - `it('acquires Redis lock before refresh')` (prevent concurrent)
-- Unit для PlaywrightBridge: `tests/Unit/Supplier/PlaywrightBridgeTest.php`:
-  - Mock `Symfony\Process` через DI
-  - `it('passes credentials to subprocess via stdin not argv')` (avoid leak in ps output)
-  - `it('parses stdout JSON')`, `it('throws on non-zero exit')`, `it('throws on timeout')`
-- Integration Linux CI only: `tests/Browser/SupplierPlaywrightBridgeTest.php`:
-  - `it('actually launches chromium and returns cookies')` — `->skip(PHP_OS_FAMILY === 'Windows', ...)`
-  - Mock supplier-server → real Node subprocess → assert cookies extracted
-
-**Task 6 (SyncSupplierProjectsJob + SupplierQuotaAllocator):**
-
-- Unit QuotaAllocator (pure function): `tests/Unit/Supplier/SupplierQuotaAllocatorTest.php`:
-  - 9 тестов на distribution: B1+B2+B3 для site/call, B2+B3 для sms-with-keyword, B3-only для sms-without-keyword
-  - Workdays union, regions union, regions_reverse=false
-  - Edge cases: 0 active liderra (return null), 1 project с limit=1, 1000 projects с limit=10000
-- Integration SyncJob: `tests/Feature/Supplier/SyncSupplierProjectsJobTest.php`:
-  - `it('creates supplier_project at supplier when supplier_external_id is null')` — Http::fake получает rt-project-save с правильным payload
-  - `it('updates when diff detected')`
-  - `it('skips when no diff')`
-  - `it('isolates failure: one bad supplier_project does not stop others')` — критический тест per-item isolation
-  - `it('aborts after 50 consecutive transient failures and alerts')` — mass-fail mitigation
-  - `it('writes supplier_sync_log row for each action')`
-  - `it('respects time budget 20:30-20:55')` — mock Carbon, assert exit при cutoff
-
-**Task 7 (CleanupInactiveSupplierProjectsJob):** `tests/Feature/Supplier/CleanupInactiveSupplierProjectsJobTest.php`:
-
-- `it('phase A re-activates supplier_project when active liderra returns')`
-- `it('phase B marks inactive_since=NOW for newly orphaned supplier_project')`
-- `it('phase C deletes supplier_project after 180 days inactive')`
-- **`it('phase A runs before phase B before phase C')`** — критический ordering test (safety от accidental delete активного supplier_project)
-- `it('handles 404 from supplier on already-deleted supplier_project')`
-- `it('writes audit row to supplier_sync_log on each delete')`
-- Edge case: `it('does not delete supplier_project marked inactive < 180 days ago')`
-
-**Task 8 (RetryFailedSupplierJobsCommand):** `tests/Feature/Supplier/RetryFailedSupplierJobsCommandTest.php`:
-
-- `it('dispatches RouteSupplierLeadJob for each row in failed_webhook_jobs')`
-- `it('skips rows with retry_attempts >= 10')`
-- `it('skips rows with last_retried_at within last hour')`
-- `it('increments retry_attempts and updates last_retried_at')`
-
-**Task 9 (E2E flow, Linux CI only):** `tests/Browser/SupplierIntegrationE2ETest.php`:
-
-- Mock supplier-server на временном порту через Symfony HttpFoundation
-- Создать liderra_project в БД, запустить SyncSupplierProjectsJob
-- Assert mock-server получил rt-project-save с корректным payload
-- Assert `supplier_projects.supplier_external_id` обновился
-- Skip на Windows
-- Опционально: проверить что после Task 3 connection switch не сломан Plan 2 E2E test `b6b5b0b`
-
-### 6.3. Pre-commit lefthook расширение
-
-Дополнения к [lefthook.yml](../../lefthook.yml):
-
-- Job `playwright-fixtures-syntax`: `node app/playwright/check-fixtures.js` валидирует JSON-fixtures (на Linux); skip на Windows.
-- Job `pest-supplier-unit-fast`: запускать только `tests/Unit/Supplier/` + `tests/Feature/Supplier/` на staged commit (~5s). Полный `composer test` остаётся на push-hook.
-
-### 6.4. CI matrix
-
-- **GitHub Actions Linux job:** добавить `npx playwright install chromium --with-deps` в setup, запуск `composer test --testsuite=Browser` для full E2E
-- **Native Windows dev:** `composer test` пропускает Browser tests; всё остальное проходит
-
-### 6.5. Метрики приёма Plan 3
-
-Минимум для merge:
-
-- **Pest:** +50–70 новых тестов; total после Plan 3 ≥ ~608/610 (Plan 2.6 baseline 558/556)
-- **Larastan:** 0 errors на новом коде; baseline пополняется только Pest-Mockery-PhpDoc edge cases
-- **Pint:** clean
-- **squawk:** 0 issues (Plan 3 = 0 SQL миграций → squawk не активируется)
-- **gitleaks-full-history:** 0 leaks. **Особое внимание:** `SUPPLIER_LOGIN`, `SUPPLIER_PASSWORD` НИКОГДА не в коде / fixtures / tests. Тесты используют dummy `SUPPLIER_LOGIN=test_login`.
-- **lychee:** 0 broken links в spec + plan files
-
----
-
-## 7. Acceptance criteria
-
-Plan 3 считается готовым к FF-merge в main когда:
-
-1. **BLOCKER #6 закрыт:** failed_webhook_jobs.insert с tenant_id=NULL не падает silent под `crm_supplier_worker` connection. Regression-test green.
-2. **WARN #2 закрыт:** LeadRouter::matchEligibleProjects видит все tenant projects под BYPASSRLS. Regression-test green.
-3. **WARN #3 закрыт:** ResetDeliveredTodayCommand обновляет projects всех tenant'ов. Regression-test green.
-4. **Session refresh работает:** `php artisan supplier:session:refresh` успешно логинится в реальный crm.bp-gr.ru и записывает в Redis. Smoke check после deploy.
-5. **SyncSupplierProjectsJob smoke:** один тестовый liderra_project → 20:30 cron создаёт supplier-side проект через rt-project-save → `supplier_projects.supplier_external_id` обновляется.
-6. **Cleanup ordering:** Phase A → B → C проверен явным test'ом.
-7. **Mass-fail mitigation:** 50 transient → abort + email + Sentry.
-8. **Все per-Task тесты:** green на Linux CI, green на Windows dev (с E2E skip).
-9. **Code-review subagent:** один прогон с финальным «Ready for FF-merge» без BLOCKERов.
-10. **CV-gates (Comprehensive Verification):** 14 проверок (как в Plan 2 — CV.1–CV.14) green.
-
----
-
-## 8. Не верифицировано в этом design'е
-
-Согласно правилам экономии 0%, явный список limitations:
-
-- **DOM-селекторы** для `refresh-session.js` (`input[name=login]`, `meta[name=csrf-token]`) — placeholder'ы. Точные селекторы будут известны после Task 1 discovery; могут потребовать корректировку Node-скрипта.
-- **Mock supplier server library** в Pest Browser tests — предположил Symfony HttpFoundation для in-process mock-server'а. Альтернативы (`hammerstone/closure-server`, `react/http`) не проверял; финальный выбор — в Task 9.
-- **Cache lock `Cache::lock('supplier:session:refresh', 30)->block(35, ...)`** для Redis driver — синтаксис Laravel 13 не проверил против актуальной `[config/cache.php](app/config/cache.php)` (memurai на dev). Возможна корректировка при implementation.
-- **`onOneServer()` driver:** предполагаю Redis (через memurai). Если `CACHE_STORE` env-default — `file` (Plan 2 deferred WARNING #5 упоминает отсутствие `cache_locks` таблицы), нужна явная коррекция env или добавление `cache_locks` таблицы. Финал — в Task 6/7.
-- **Larastan PhpDoc для `Symfony\Process` stub injection** — на Linux может работать иначе чем Windows. Не верифицировал.
-- **Telegram-канал для алертов** — отвергнут в пользу email; альтернатива не реализуется в Plan 3, можно добавить в Sprint 5+ как extra канал.
-- **Семантика rt-project-delete у поставщика (soft vs hard):** узнаем в Task 1 discovery. План предполагает наихудший случай (hard) и опирается на `supplier_sync_log` audit для potential reverse. При soft-семантике план не меняется — overhead минимален.
-- **Cookie `PHPSESSID` имя:** предположение, реальное имя session-cookie у поставщика — узнаем в Task 1. Может быть `JSESSIONID`, `_session`, etc.
-- **CSRF-токен механизм:** предположил `<meta name="csrf-token" content="...">`. Альтернативы: hidden input в каждой форме, custom header. Узнаем в Task 1.
-- **Время для `onOneServer` lock TTL:** взят дефолт Laravel (~30s); если cron жёстко занимает >30s — race возможна. Уточним при implementation.
-
----
-
-## 9. Открытые вопросы для Discovery (Task 1)
-
-Список конкретных вопросов, на которые Task 1 должен дать ответ:
-
-1. **Login flow:** обычный HTML-form POST или JS-rendered (SPA)? Какие input-name (`login`/`username`/`email`)?
-2. **Cookie names:** `PHPSESSID`, `JSESSIONID`, custom? Какие attributes (HttpOnly, Secure, SameSite)?
-3. **CSRF mechanism:** `<meta>` tag в head? Hidden input в каждой форме? Custom header (`X-CSRF-Token`)?
-4. **rt-projects-load:** GET или POST? Pagination? Format JSON / form-urlencoded?
-5. **rt-project-save:** обязательные поля? Валидация на сервере? Response format (id + status / только status / redirect)?
-6. **rt-project-update:** включает все поля или только diff? Принимает PATCH или POST?
-7. **rt-project-delete:** идемпотентен (повторный delete → 200 / 404)? Soft или hard?
-8. **HTTP error semantics:** что возвращается на bad payload — 400 / 422? На auth fail — 401 / 403? На rate limit — 429?
-9. **Rate limits:** есть ли вообще? Сколько RPS поддерживает personal account?
-10. **Логин-страница URL:** прямой URL для login form?
-11. **DOM селекторы успешного логина:** какой signal что login passed (redirect URL? presence of element? cookie change?)?
-12. **Логаут timeout:** через сколько без активности cookie expires?
-
-Эти ответы попадут в spec parent §4.4 после Task 2.
-
----
-
-## 10. Следующий шаг
-
-После approval этого design'а:
-
-1. `superpowers:writing-plans` skill → создать [docs/superpowers/plans/2026-05-11-supplier-sync-plan3.md](../plans/2026-05-11-supplier-sync-plan3.md) с детальной декомпозицией каждого из 9 Tasks (failing test → implementation → green → commit).
-2. После писания plan'а — отдельный stop-gate user review.
-3. Executing-plans (либо subagent-driven для Tasks 4–7, либо inline для Task 3 как самой простой).
-4. После всех 9 Tasks → CV-gates → code-review subagent → FF-merge в main.
-
----
-
-## История версий design'а
-
-- **v1.0 от 2026-05-11** — первичный draft после brainstorming-сессии (5 секций обсуждено, 9 Tasks утверждены, 3 архитектурных решения: BLOCKER #6 = вариант C, headless browser = Playwright real, discovery = вариант А). Согласовано через delegated decision-making у заказчика «реши сам, руководствуясь максимумом эффекта и минимумом риска как в моменте так и в дальнейшем».
diff --git a/docs/superpowers/specs/2026-05-11-plan4-billing-csv-admin-design.md b/docs/superpowers/specs/2026-05-11-plan4-billing-csv-admin-design.md
deleted file mode 100644
index fdcfb43..0000000
--- a/docs/superpowers/specs/2026-05-11-plan4-billing-csv-admin-design.md
+++ /dev/null
@@ -1,736 +0,0 @@
-# Plan 4 (Billing + CSV Reconcile + Admin) Implementation Design
-
-**Дата:** 2026-05-11
-**Статус:** черновик дизайна (brainstorming output)
-**Заказчик:** Дмитрий (владелец Лидерры)
-**Parent spec:** [docs/superpowers/specs/2026-05-10-supplier-integration-design.md](./2026-05-10-supplier-integration-design.md) §5.2, §7
-**Inherits from:** Plan 1 (Foundation `001d781`) + Plan 2 (Webhook+Routing `d5aa972`) + Plan 2.5 (concurrency hotfix `c1ae195`+`1ba1df8`) + Plan 2.6 (cleanup `7899071`) + Plan 3 (Supplier Sync `734b0ab`).
-
-## 1. Контекст, инварианты, что уже есть в коде
-
-### 1.1. Цель Plan 4
-
-Активировать ступенчатый биллинг клиентов Лидерры (`pricing_tiers` / `lead_charges`), закрыть TODO «Биллинг per Plan 4» в [RouteSupplierLeadJob.php:48](../../../app/app/Jobs/RouteSupplierLeadJob.php#L48), реализовать резервный CSV-канал приёма лидов и Admin UI для конфигурации.
-
-### 1.2. Что уже есть в коде (после Plans 1+2+3)
-
-| Сущность | Где | Состояние |
-|---|---|---|
-| `pricing_tiers` (7 ступеней, копейки, `effective_from`) | [db/schema.sql:962](../../../db/schema.sql#L962) | Таблица создана (v8.14), **никем не читается** |
-| `lead_charges` (append-only ledger, RLS, FK на partitioned deals) | [db/schema.sql:1001](../../../db/schema.sql#L1001) | Таблица создана (v8.15), **никто не пишет** |
-| `tenants.balance_rub` (DECIMAL 12,2 без CHECK), `tenants.balance_leads` (INT) | [db/schema.sql:629](../../../db/schema.sql#L629) | Существуют; `balance_leads` декрементится в RouteSupplierLeadJob |
-| `projects.delivered_in_month` (INTEGER) | [db/schema.sql:786](../../../db/schema.sql#L786) | Инкрементится в RouteJob, **нет cron'а сброса** |
-| `BalanceTransaction` (type=`lead_charge`, amount_leads=-1) | [RouteSupplierLeadJob:271](../../../app/app/Jobs/RouteSupplierLeadJob.php#L271) | Пишется при доставке |
-| `SupplierLeadCost` (per-deal закупочный snapshot, partitioned) | [db/schema.sql:2201](../../../db/schema.sql#L2201), [ProcessWebhookJob:216](../../../app/app/Jobs/ProcessWebhookJob.php#L216) | Пишется только в старом `ProcessWebhookJob`, в новом `RouteSupplierLeadJob` НЕ пишется (gap) |
-| `suppliers.cost_rub` (per-platform B1/B2/B3) | [db/schema.sql:352](../../../db/schema.sql#L352) | Seed B1/B2/B3 в [schema.sql:2505](../../../db/schema.sql#L2505) |
-| `SupplierPortalClient` + `RefreshSupplierSessionJob` + `PlaywrightBridge` | `app/app/Services/Supplier/*`, Plan 3 | Готово, переиспользуется для CSV |
-| `SupplierCriticalAlertMail` (email через Unisender Go) | `app/app/Mail/*`, Plan 3 | Готово, расширим алертами биллинга и drift'а |
-
-### 1.3. Бизнес-инварианты Plan 4
-
-1. **Dual balance:** при доставке лида сначала пытаемся списать 1 единицу `balance_leads` (prepaid pool); если 0 — списываем из `balance_rub` по текущей tier-цене.
-2. **Tier-lookup per-tenant:** ступень определяется накопительной суммой `tenants.delivered_in_month` за месяц (новая колонка — см. §2).
-3. **Атомарность:** charge + deal-INSERT + counter increment — одна транзакция. `lead_charges` пишется **всегда** при успешной доставке: `price_per_lead_kopecks=0` для prepaid, фактическая tier-цена для рублёвого списания. `charge_source ENUM('prepaid','rub')` для прозрачности.
-4. **Pause-on-insufficient:** если оба источника пусты — лид НЕ доставляется этому проекту, статус Лидерра-проекта → `is_active=false` + email уведомление с rate-limit 1/час/tenant.
-5. **Pricing tier change → effective 1-го числа след. месяца:** UI принимает изменения в любой день, но `effective_from` всегда auto-set = `DATE_TRUNC('month', NOW() + INTERVAL '1 month')`. Текущая активная ступень = `MAX(effective_from) WHERE effective_from <= CURRENT_DATE AND is_active=true`.
-6. **`SupplierLeadCost` для sharing-flow:** при каждой созданной deal-копии пишем `supplier_lead_costs(deal_id, supplier_id, cost_rub=suppliers.cost_rub)` — закрывает существующий gap (Plan 2/3 не писали).
-7. **CSV reconcile:** hourly. Сравнение по `supplier_leads.vid` за окно 25h. Drift > 5% → email админу. Recovered лиды идут через тот же `RouteSupplierLeadJob` с `recovered_from_csv_at` маркером.
-8. **Admin UI:** SaaS-level `/admin/pricing-tiers` (CRUD 7 ступеней) + `/admin/supplier-prices` (B1/B2/B3 cost_rub editor) + tenant-level «Списания» tab в существующем `BillingView`.
-
-### 1.4. Out of scope Plan 4
-
-1. Balance top-up UI для admin/tenant — Plan 4.5 или Plan 5.
-2. Auto-resume project при пополнении баланса — Plan 4.5+.
-3. Подписочный биллинг / payments / счета-фактуры — Plan 5+.
-4. Per-tenant pricing override — out of MVP (spec §1.2).
-5. Replay сделок при изменении tier'а задним числом — нет (`effective_from` + append-only `lead_charges`).
-6. `Schedule::onOneServer()` для новых cron'ов — требует `cache_locks` таблицу, gated на Б-1 / Managed PG в Yandex Cloud.
-7. SaaS-admin auth middleware — gated на Б-1 + SSO заказчика; на MVP все `/api/admin/*` без middleware (паритет с Plans 1/2/3).
-8. Discovery CSV-схемы через credentials поставщика (паритет с Plan 3 Tasks 1+2 BLOCKED).
-9. Polling балансов из платёжного шлюза.
-
-## 2. Schema delta v8.18 → v8.19
-
-### 2.1. Изменения в существующих таблицах
-
-#### `tenants` — +1 колонка `delivered_in_month`
-
-```sql
-ALTER TABLE tenants ADD COLUMN delivered_in_month INTEGER NOT NULL DEFAULT 0
-    CHECK (delivered_in_month >= 0);
-
-COMMENT ON COLUMN tenants.delivered_in_month IS
-  'Накопительный счётчик доставленных лидов в текущем календарном месяце (Europe/Moscow). '
-  'Используется PricingTierResolver для определения текущей ступени pricing_tiers '
-  'на горячем пути RouteSupplierLeadJob. Сбрасывается в 0 cron-командой '
-  'ResetMonthlyCountersCommand 1-го числа в 00:00 МСК (Plan 4).';
-```
-
-Обоснование: SUM-by-projects на каждом charge — N+1 + `lockForUpdate`-race; денормализованный счётчик читается O(1) и обновляется в той же транзакции, что `lead_charges` INSERT.
-
-#### `tenants.balance_rub` — CHECK НЕ добавляем
-
-Намеренно: проверка `< price` происходит в `LedgerService::canCharge()`, в БД оставляем свободу для chargeback writedown (Ю-3, может уйти в плюс) и админских корректировок.
-
-#### `lead_charges` — +1 колонка `charge_source` + 1 CHECK
-
-```sql
-ALTER TABLE lead_charges
-    ADD COLUMN charge_source VARCHAR(8) NOT NULL DEFAULT 'rub'
-        CHECK (charge_source IN ('prepaid','rub'));
-
-ALTER TABLE lead_charges
-    ADD CONSTRAINT chk_lead_charges_prepaid_zero_price
-    CHECK (charge_source = 'rub' OR price_per_lead_kopecks = 0);
-
-COMMENT ON COLUMN lead_charges.charge_source IS
-  'Источник списания: prepaid (balance_leads -1, price_per_lead_kopecks=0) '
-  'или rub (balance_rub минус price). Plan 4.';
-```
-
-`DEFAULT 'rub'` безопасен: до Plan 4 строк в таблице нет.
-
-#### `supplier_leads` — +1 колонка `recovered_from_csv_at`
-
-```sql
-ALTER TABLE supplier_leads
-    ADD COLUMN recovered_from_csv_at TIMESTAMPTZ;
-
-CREATE INDEX supplier_leads_recovered_from_csv_partial
-    ON supplier_leads(recovered_from_csv_at)
-    WHERE recovered_from_csv_at IS NOT NULL;
-
-COMMENT ON COLUMN supplier_leads.recovered_from_csv_at IS
-  'NULL для лидов, пришедших через webhook (основной канал). Заполняется CsvReconcileJob '
-  'при восстановлении лида, который webhook пропустил. Plan 4.';
-```
-
-### 2.2. Новая таблица: `supplier_csv_reconcile_log`
-
-```sql
-CREATE TABLE supplier_csv_reconcile_log (
-    id                   BIGSERIAL PRIMARY KEY,
-    started_at           TIMESTAMPTZ NOT NULL,
-    finished_at          TIMESTAMPTZ,
-    window_start         TIMESTAMPTZ NOT NULL,
-    window_end           TIMESTAMPTZ NOT NULL,
-    total_csv_rows       INTEGER,
-    matched_count        INTEGER,
-    recovered_count      INTEGER,
-    drift_ratio          NUMERIC(5,4),
-    status               VARCHAR(16) NOT NULL DEFAULT 'running'
-                         CHECK (status IN ('running','ok','drift_alert','failed')),
-    error_message        TEXT,
-    alert_email_sent_at  TIMESTAMPTZ,
-    created_at           TIMESTAMPTZ NOT NULL DEFAULT NOW()
-);
-
-CREATE INDEX supplier_csv_reconcile_log_started_at_index
-    ON supplier_csv_reconcile_log(started_at DESC);
-CREATE INDEX supplier_csv_reconcile_log_status_index
-    ON supplier_csv_reconcile_log(status)
-    WHERE status IN ('drift_alert','failed');
-```
-
-SaaS-level (не tenant-scoped), без RLS. Аналог `supplier_sync_log`. **GRANT-policy:** REVOKE/GRANT для `crm_supplier_worker` (BYPASSRLS) **не идут в `schema.sql`** — `schema.sql` остаётся DDL-only под dev (postgres superuser). GRANT SELECT,INSERT,UPDATE на `supplier_csv_reconcile_log` для `crm_supplier_worker` добавляется в [db/02_grants.sql](../../../db/02_grants.sql) (паттерн Plan 2.6 #iv `7899071`). На dev таблица доступна суперпользователю по умолчанию.
-
-### 2.3. Seed-данные (отдельно от schema.sql)
-
-7 ступеней `pricing_tiers` + системные настройки. **НЕ идут в schema.sql** (тот — DDL only), а в:
-
-- `database/seeders/PricingTierSeeder.php` — 7 строк с `effective_from='1970-01-01'`.
-- `system_settings` row seed в schema.sql §INSERTS — TBD ключ `supplier_lead_price_default_kopecks` (если потребуется fallback).
-
-**Дефолтные tier-цены** (`[?]` для заказчика — открытый вопрос #1):
-
-| tier_no | leads_in_tier | price_per_lead (руб) | price_per_lead_kopecks |
-|---|---|---|---|
-| 1 | 100 | 500.00 | 50000 |
-| 2 | 200 | 450.00 | 45000 |
-| 3 | 400 | 400.00 | 40000 |
-| 4 | 800 | 350.00 | 35000 |
-| 5 | 1500 | 300.00 | 30000 |
-| 6 | 3000 | 270.00 | 27000 |
-| 7 | NULL | 250.00 | 25000 |
-
-### 2.4. Метрики после Plan 4
-
-| Метрика | До (v8.18) | После (v8.19) | Δ |
-|---|---|---|---|
-| Базовые таблицы | 61 | 62 (+`supplier_csv_reconcile_log`) | +1 |
-| Партиции | 12 | 12 | 0 |
-| Индексы | 114 | 117 | +3 |
-| RLS-политики | 39 | 39 | 0 |
-| CHECK constraints | (без явного подсчёта) | +2 (`tenants.delivered_in_month >= 0`, `chk_lead_charges_prepaid_zero_price`) | +2 |
-| Добавлено колонок | — | `tenants.delivered_in_month`, `lead_charges.charge_source`, `supplier_leads.recovered_from_csv_at` | +3 |
-
-### 2.5. Patch order в schema.sql
-
-1. `tenants.delivered_in_month` — после строки 644 (`desired_daily_numbers`), в секции «Биллинг».
-2. `lead_charges.charge_source` + CHECK — внутри `CREATE TABLE lead_charges` после строки 1008.
-3. `supplier_csv_reconcile_log` — новая секция после `supplier_sync_log`.
-4. `supplier_leads.recovered_from_csv_at` — внутри `CREATE TABLE supplier_leads` (v8.18).
-5. Bump version header v8.18 → v8.19 + entry в `db/CHANGELOG_schema.md`.
-
-## 3. Billing flow в `RouteSupplierLeadJob`
-
-### 3.1. Новые сервисы
-
-**`App\Services\Billing\PricingTierResolver`** — pure resolver:
-
-```php
-final class PricingTierResolver
-{
-    /**
-     * @param  Collection<int, PricingTier>  $tiers  активные ступени, отсортированные по tier_no
-     * @return PricingTier  ступень, в которую попадает N-й лид (1-based)
-     */
-    public function resolveForCount(Collection $tiers, int $deliveredInMonth): PricingTier;
-}
-```
-
-Логика: tier 1 покрывает 1..`leads_in_tier`; tier 2 — следующие `leads_in_tier`; ... tier 7 с `leads_in_tier=NULL` ловит всё свыше. Текущая активная сетка = `MAX(effective_from) WHERE effective_from <= CURRENT_DATE AND is_active=true` через `PricingTierRepository::activeAt(Carbon $date)`.
-
-**`App\Services\Billing\LedgerService`** — командный сервис, инжектится в job:
-
-```php
-final class LedgerService
-{
-    public function __construct(
-        private PricingTierResolver $resolver,
-        private PricingTierRepository $tiers,
-    ) {}
-
-    /**
-     * Выполняется ВНУТРИ открытой DB-транзакции под lockForUpdate(Tenant).
-     * Возвращает ChargeResult с source ('prepaid'|'rub'); throws InsufficientBalanceException.
-     */
-    public function chargeForDelivery(Tenant $lockedTenant, Deal $deal): ChargeResult;
-}
-```
-
-**`App\Exceptions\Billing\InsufficientBalanceException`** — несёт `priceKopecks`, `balanceRub`, `balanceLeads` для логирования.
-
-### 3.2. Точка интеграции — diff в `createDealCopyForProject`
-
-Замена строк [RouteSupplierLeadJob.php:265-279](../../../app/app/Jobs/RouteSupplierLeadJob.php#L265-L279):
-
-**Было:**
-
-```php
-$tenant->decrement('balance_leads');
-$tenant->refresh();
-$project->increment('delivered_today');
-$project->increment('delivered_in_month');
-
-BalanceTransaction::create([
-    'tenant_id' => $tenant->id,
-    'type' => BalanceTransaction::TYPE_LEAD_CHARGE,
-    'amount_leads' => -1,
-    'balance_leads_after' => (int) $tenant->balance_leads,
-    'related_type' => Deal::class,
-    'related_id' => $deal->id,
-    'created_at' => now(),
-]);
-```
-
-**Станет:**
-
-```php
-try {
-    $chargeResult = $ledger->chargeForDelivery($tenant, $deal);
-} catch (InsufficientBalanceException $e) {
-    Log::warning('billing.insufficient_balance.deal_rolled_back', [
-        'tenant_id' => $tenant->id,
-        'project_id' => $project->id,
-        'supplier_lead_id' => $lead->id,
-        'price_kopecks' => $e->priceKopecks,
-        'balance_rub' => $e->balanceRub,
-        'balance_leads' => $e->balanceLeads,
-    ]);
-    throw $e;  // вылетает из DB::transaction → rollback Deal/Tenant lock/ActivityLog
-}
-
-$project->increment('delivered_today');
-$project->increment('delivered_in_month');
-```
-
-### 3.3. Поток внутри `LedgerService::chargeForDelivery`
-
-```
-1. Считать активные tiers через PricingTierRepository::activeAt(today).
-2. Resolve currentTier = PricingTierResolver::resolveForCount(tiers,
-                              $lockedTenant->delivered_in_month + 1).
-3. priceKopecks = currentTier->price_per_lead_kopecks.
-4. Decide chargeSource (все денежные сравнения через bcmath — НЕ через PHP float):
-   - if $lockedTenant->balance_leads >= 1:                                          source='prepaid'
-   - else if bccomp(bcmul((string) $lockedTenant->balance_rub, '100', 0),
-                    (string) $priceKopecks, 0) >= 0:                                source='rub'
-   - else: throw InsufficientBalanceException(...)
-5. Apply:
-   if source='prepaid':
-     - $lockedTenant->decrement('balance_leads', 1)
-     - $lockedTenant->increment('delivered_in_month', 1)
-     - $lockedTenant->refresh()
-     - INSERT lead_charges (charge_source='prepaid', tier_no=current,
-                            price_per_lead_kopecks=0, charged_at=now)
-     - INSERT balance_transactions (type='lead_charge', amount_leads=-1,
-                                    balance_leads_after, related=Deal)
-   if source='rub':
-     - amount_rub = bcdiv($priceKopecks, '100', 2)  (string-math, не float)
-     - $lockedTenant->decrement('balance_rub', $amount_rub)
-     - $lockedTenant->increment('delivered_in_month', 1)
-     - $lockedTenant->refresh()
-     - INSERT lead_charges (charge_source='rub', tier_no=current,
-                            price_per_lead_kopecks=$priceKopecks, charged_at=now)
-     - INSERT balance_transactions (type='lead_charge', amount_rub=-$amount_rub,
-                                    balance_rub_after, related=Deal)
-6. INSERT supplier_lead_costs (deal_id, received_at, supplier_id, cost_rub)
-   — закрывает gap (Plan 2/3 не писали в sharing-flow). supplier_id резолвится через
-   $lead->supplierProject->supplier_id (FK supplier_projects → suppliers); если null
-   (stub-проект без resolved supplier) — fallback в suppliers WHERE code = strtolower(platform).
-   cost_rub = $supplier->cost_rub (snapshot на момент INSERT'а).
-7. return new ChargeResult(source, currentTier, priceKopecks)
-```
-
-**Атомарность:** все INSERT'ы — внутри одного `DB::transaction` родительского closure. Композитный DEFERRABLE FK `lead_charges → deals(id, received_at)` проверяется на commit.
-
-**Денежная арифметика:** `price_per_lead_kopecks` (INTEGER) → `balance_rub` (DECIMAL 12,2) через `bcdiv($priceKopecks, '100', 2)`, не PHP float. `Tenant::decrement('balance_rub', $amount)` использует SQL UPDATE (Eloquent), PG корректно держит в DECIMAL.
-
-### 3.4. Concurrency и порядок locks
-
-Текущий код держит lock'и в порядке (после Plan 2.5 fix #2):
-
-1. `Tenant::lockForUpdate` ([RouteSupplierLeadJob.php:188-191](../../../app/app/Jobs/RouteSupplierLeadJob.php#L188-L191))
-2. `Project::lockForUpdate` ([RouteSupplierLeadJob.php:199-202](../../../app/app/Jobs/RouteSupplierLeadJob.php#L199-L202))
-
-Plan 4 не меняет порядок. `LedgerService::chargeForDelivery` принимает **уже locked** `$tenant` — не делает повторный SELECT.
-
-## 4. Monthly reset + balance-insufficient → auto-pause
-
-### 4.1. `ResetMonthlyCountersCommand` (cron 1-го числа в 00:00 МСК)
-
-Расширенный аналог `ResetDeliveredTodayCommand`:
-
-```php
-namespace App\Console\Commands;
-
-final class ResetMonthlyCountersCommand extends Command
-{
-    protected $signature = 'projects:reset-monthly';
-    protected $description = 'Сброс tenants.delivered_in_month + projects.delivered_in_month = 0 (1-го числа в 00:00 МСК)';
-
-    public function handle(): int
-    {
-        DB::connection('pgsql_supplier')->transaction(function () {
-            $tenants = DB::connection('pgsql_supplier')
-                ->update('UPDATE tenants  SET delivered_in_month = 0 WHERE delivered_in_month <> 0');
-            $projects = DB::connection('pgsql_supplier')
-                ->update('UPDATE projects SET delivered_in_month = 0 WHERE delivered_in_month <> 0');
-            $this->info("Monthly reset: {$tenants} tenants, {$projects} projects.");
-        });
-        return self::SUCCESS;
-    }
-}
-```
-
-Schedule entry в [routes/console.php](../../../app/routes/console.php) — после `reset-delivered-today`:
-
-```php
-Schedule::command('projects:reset-monthly')
-    ->monthlyOn(1, '00:00')
-    ->timezone('Europe/Moscow');
-```
-
-Идемпотентность: `WHERE delivered_in_month <> 0` → повторный запуск даёт 0 affected.
-
-### 4.2. Auto-pause при insufficient balance
-
-`InsufficientBalanceException` ловится в `createDealCopyForProject` **после** rollback'а транзакции:
-
-```php
-try {
-    return DB::transaction(function () use (...) { /* существующий код + LedgerService */ });
-} catch (InsufficientBalanceException $e) {
-    $this->handleInsufficientBalance($lead, $project, $e);
-    return false;
-}
-```
-
-```php
-private function handleInsufficientBalance(
-    SupplierLead $lead,
-    Project $project,
-    InsufficientBalanceException $e,
-): void {
-    // UPDATE через pgsql_supplier (BYPASSRLS-роль crm_supplier_worker) — паттерн
-    // ResetDeliveredTodayCommand. Не используем SET LOCAL app.current_tenant_id,
-    // т.к. queue worker может работать под non-tenant context'ом.
-    DB::connection('pgsql_supplier')
-        ->update('UPDATE projects SET is_active = false WHERE id = ?', [$project->id]);
-
-    $cacheKey = "billing:zero_balance_alert:{$project->tenant_id}";
-    if (Cache::add($cacheKey, true, now()->addHour())) {
-        app(NotificationService::class)->notifyZeroBalance($project->tenant, $project);
-    }
-
-    Log::warning('billing.project_paused_insufficient_balance', [
-        'tenant_id' => $project->tenant_id,
-        'project_id' => $project->id,
-        'supplier_lead_id' => $lead->id,
-        'price_kopecks' => $e->priceKopecks,
-        'balance_rub' => $e->balanceRub,
-        'balance_leads' => $e->balanceLeads,
-    ]);
-}
-```
-
-### 4.3. Семантика паузы
-
-- **Что пауза делает:** `projects.is_active = false`. `LeadRouter::matchEligibleProjects` уже фильтрует `WHERE is_active = true` (Plan 1/2 паттерн — подтверждается тестом).
-- **Что НЕ делает:** не отменяет связь с supplier_projects, не сбрасывает счётчики, не трогает `SyncSupplierProjectsJob` (но союз active-tenant'ов пересчитается на след. SyncJob run).
-- **Re-activation:** через UI пополнения баланса (Plan 4.5+) или manual toggle. Auto-resume — out of Plan 4.
-
-### 4.4. Notification — `notifyZeroBalance`
-
-`NotificationService::notifyZeroBalance(Tenant $tenant, Project $project)`. Матрица `notification_preferences` ([schema.sql:716](../../../db/schema.sql#L716)) `zero_balance` дефолтно через email. Email через Unisender Go.
-
-Mailable `App\Mail\ZeroBalancePausedMail` + blade `resources/views/emails/zero_balance_paused.blade.php`:
-
-- Subject: «Проект "{name}" приостановлен — недостаточно средств»
-- Body (русский): имя проекта, текущий баланс (rub и leads), требуемая ступень + цена, ссылка `/billing/topup`.
-
-### 4.5. Rate-limit алертов 1/час/tenant
-
-Через `Cache::add($key, true, now()->addHour())` — atomic Redis SETNX. Открытый вопрос #2: возможна корректировка.
-
-## 5. CSV reconcile архитектура
-
-### 5.1. Расширение `SupplierPortalClient`
-
-Один новый публичный метод в [SupplierPortalClient.php:65](../../../app/app/Services/Supplier/SupplierPortalClient.php#L65):
-
-```php
-public function downloadLeadsCsv(CarbonInterface $from, CarbonInterface $to): string
-{
-    $response = $this->request('GET', '/admin/report/index', [
-        'type' => 49,
-        'from' => $from->format('Y-m-d H:i:s'),
-        'to'   => $to->format('Y-m-d H:i:s'),
-    ]);
-
-    return $response->body();
-}
-```
-
-`request()` ([line 70](../../../app/app/Services/Supplier/SupplierPortalClient.php#L70)) уже поддерживает GET + query-string + 401 retry через `RefreshSupplierSessionJob` + 5xx → `SupplierTransientException` + 4xx → `SupplierClientException`.
-
-### 5.2. `SupplierCsvParser`
-
-Pure парсер, streaming через generator:
-
-```php
-namespace App\Services\Supplier;
-
-final class SupplierCsvParser
-{
-    /**
-     * Ожидаемые столбцы (placeholder — открытый вопрос #4):
-     *   vid;project;tag;phone;phones;time
-     *
-     * @return iterable<int, array{vid: string, project: string, phone: string, time: int}>
-     */
-    public function parse(string $rawCsv): iterable;
-}
-```
-
-### 5.3. `CsvReconcileJob`
-
-```php
-namespace App\Jobs\Supplier;
-
-final class CsvReconcileJob implements ShouldQueue
-{
-    public int $tries = 1;
-    public int $timeout = 300;
-
-    public function handle(
-        SupplierPortalClient $portal,
-        SupplierCsvParser $parser,
-        Mailer $mailer,
-    ): void;
-}
-```
-
-**Алгоритм:**
-
-```
-1. Cache::lock('supplier:csv_reconcile', 600) — защита от overlap'а.
-2. INSERT supplier_csv_reconcile_log (status='running', started_at=now,
-     window_start=now-25h, window_end=now).
-3. csv = $portal->downloadLeadsCsv(window_start, window_end).
-4. rows = $parser->parse(csv) → собрать ['vid' => row, ...].
-5. existing = SELECT vid FROM supplier_leads WHERE received_at BETWEEN window_start AND window_end
-              (через pgsql_supplier BYPASSRLS).
-6. missing = array_diff_key(csvRows, existing).
-7. drift_ratio = count(missing) / max(count(rows), 1).
-8. Для каждой missing row:
-   - INSERT supplier_leads (vid, raw_payload=json_encode(row), received_at=row.time,
-                            recovered_from_csv_at=now, supplier_project_id=null).
-   - dispatch(new RouteSupplierLeadJob($newLead->id)).
-   - recovered_count++.
-9. UPDATE supplier_csv_reconcile_log:
-   total_csv_rows, matched_count, recovered_count, drift_ratio, finished_at, status.
-10. if drift_ratio > 0.05:
-    - status='drift_alert', $mailer->send(CsvDriftAlertMail), alert_email_sent_at=now.
-11. На исключение: status='failed', error_message, throw.
-```
-
-Окно — 25h (запас 1h над hourly cron'ом). Дубли через `supplier_leads.vid UNIQUE` — INSERT упадёт `unique_violation`, ловим, считаем как matched.
-
-### 5.4. Schedule entry
-
-После Plan 3 entries в [routes/console.php](../../../app/routes/console.php):
-
-```php
-Schedule::job(new CsvReconcileJob)->hourly();
-```
-
-Без `withoutOverlapping()` (нет `cache_locks`). Защита от overlap — внутренний `Cache::lock` (шаг 1).
-
-### 5.5. Recovery flow
-
-`RouteSupplierLeadJob` уже идемпотентен (Plan 2.5 fix #3 `processed_at` guard). `recovered_from_csv_at` маркер нужен для:
-
-1. Отчётности «webhook vs CSV» (spec §5.2).
-2. ActivityLog tag: `'source' => $lead->recovered_from_csv_at !== null ? 'supplier_csv_recovery' : 'supplier_webhook'`.
-
-### 5.6. `CsvDriftAlertMail`
-
-Mailable + `resources/views/emails/csv_drift_alert.blade.php`:
-
-- Subject: «Лидерра ↔ Поставщик: расхождение CSV > 5% за {window}»
-- Body (русский): drift %, total_csv_rows, missing_count, recovered_count, window, ссылка на `supplier_csv_reconcile_log.id`.
-- Адресат: `config('services.supplier.alert_email')` — **не верифицировал** существование ключа в config из Plan 3; при impl грепнем и при необходимости добавим.
-
-## 6. Admin UI экраны
-
-### 6.1. `/admin/pricing-tiers` (SaaS-admin)
-
-**Frontend:** `resources/js/views/admin/AdminPricingTiersView.vue`. Маршрут в `resources/js/router/index.ts`:
-
-```ts
-{ path: '/admin/pricing-tiers',
-  name: 'admin-pricing-tiers',
-  component: () => import('@/views/admin/AdminPricingTiersView.vue'),
-  meta: { layout: 'app', requiresAdmin: true } },
-```
-
-**UI:** Vue 3 + Vuetify 3, Forest-палитра, Inter + JetBrains Mono для цифр (`font-feature-settings:'tnum'`).
-
-- `<v-card>` «Текущая активная сетка (с {effective_from})»: `<v-data-table>` 7 строк (tier_no, leads_in_tier — `NULL → «всё свыше»`, price отображается через computed «{руб},{коп}»).
-- `<v-card>` «Запланированные изменения»: будущие pricing_tiers (`effective_from > today`) + «отменить запланированное».
-- `<v-btn>` «Редактировать сетку» → `<v-dialog>` с 7-строчным редактором: `<v-text-field type="number">` для `leads_in_tier` (последний disabled = «NULL»), `<v-text-field>` для `price_rub` с 2 десятичными.
-- `effective_from`: read-only, auto = «1-е след. месяца».
-- POST `/api/admin/pricing-tiers` (создаёт 7 новых строк с одинаковым `effective_from`).
-
-**Backend:** `App\Http\Controllers\Api\AdminPricingTiersController`:
-
-- `GET /api/admin/pricing-tiers` — active + scheduled.
-- `POST /api/admin/pricing-tiers` — 7 новых rows с `effective_from = DATE_TRUNC('month', NOW() + INTERVAL '1 month')`. Validation: ровно 7 tiers, `tier_no` 1..7 unique, `leads_in_tier > 0` для 1..6, `leads_in_tier IS NULL` для 7, `price_per_lead_kopecks >= 0`. Single transaction.
-- `DELETE /api/admin/pricing-tiers/scheduled/{effective_from}` — отмена будущей сетки.
-
-Маршрут в [routes/web.php:99](../../../app/routes/web.php#L99):
-
-```php
-Route::prefix('/api/admin/pricing-tiers')->group(function () {
-    Route::get('/', 'App\Http\Controllers\Api\AdminPricingTiersController@index');
-    Route::post('/', 'App\Http\Controllers\Api\AdminPricingTiersController@store');
-    Route::delete('/scheduled/{effective_from}',
-        'App\Http\Controllers\Api\AdminPricingTiersController@deleteScheduled')
-        ->where('effective_from', '\d{4}-\d{2}-\d{2}');
-});
-```
-
-Без auth middleware (паритет с другими `/api/admin/*`). Audit trail — `saas_admin_audit_log`.
-
-### 6.2. `/admin/supplier-prices` (SaaS-admin)
-
-**Frontend:** `resources/js/views/admin/AdminSupplierPricesView.vue` + маршрут `/admin/supplier-prices`.
-
-**UI:** `<v-card>` + `<v-data-table>` 3 строки (B1/B2/B3): code, name, cost_rub (editable inline `<v-text-field type="number" step="0.01">`), quality_score (editable inline), is_active toggle. Кнопка «Сохранить».
-
-**Backend:** `App\Http\Controllers\Api\AdminSuppliersController`:
-
-- `GET /api/admin/suppliers` — список 3 строк.
-- `PATCH /api/admin/suppliers/{id}` — обновление `cost_rub` / `quality_score` / `is_active`. Audit log.
-
-```php
-Route::get('/api/admin/suppliers', 'App\Http\Controllers\Api\AdminSuppliersController@index');
-Route::patch('/api/admin/suppliers/{id}', 'App\Http\Controllers\Api\AdminSuppliersController@update')
-    ->where('id', '[0-9]+');
-```
-
-### 6.3. Tenant-side: «Списания» tab в `BillingView`
-
-Не отдельный route — **новый tab** в существующем `BillingView`. Tabs: «Баланс» + «Списания» (новый) + «Тариф» (read-only показ pricing_tiers — открытый вопрос #3: всё или только текущая ступень).
-
-**UI** `resources/js/views/billing/ChargesTab.vue`:
-
-- Фильтры: `<v-select>` период (текущий месяц / прошлый / 90 дней / диапазон), `<v-select>` charge_source.
-- `<v-data-table>`: charged_at, deal_id (clickable → `/deals/{id}`), tier_no, charge_source (chip), price_rub, balance_rub_after.
-- Footer: «Всего за период: {N} лидов, {sum} ₽» + кнопка «Скачать CSV».
-- Pagination server-side.
-
-**Backend:** `App\Http\Controllers\Api\TenantChargesController` под `auth:sanctum + tenant`:
-
-```php
-Route::middleware(['auth:sanctum', 'tenant'])->prefix('/api/billing/charges')->group(function () {
-    Route::get('/', 'App\Http\Controllers\Api\TenantChargesController@index');
-    Route::post('/export', 'App\Http\Controllers\Api\TenantChargesController@export');
-});
-```
-
-- `GET /api/billing/charges` — paginated lead_charges WHERE tenant_id = current (RLS защищает через `SetTenantContext`). JOIN `pricing_tiers` для leads_in_tier.
-- `POST /api/billing/charges/export` — CSV через OpenSpout + `StreamedResponse` (паттерн из DealExport).
-
-### 6.4. Nav-tree
-
-В [AppLayout.vue](../../../app/resources/js/layouts/AppLayout.vue) — добавить пункты под admin-секцию (если `user.is_saas_admin`): «Тарифы» (`/admin/pricing-tiers`), «Поставщики» (`/admin/supplier-prices`).
-
-**Не верифицировал** различение saas-admin vs tenant-user в nav-tree (связано с Б-1 / SSO). Грепнем при impl.
-
-### 6.5. Stories для Histoire
-
-- `AdminPricingTiersView.story.vue` — 4 variants: пустая сетка / активная / scheduled / dialog open.
-- `AdminSupplierPricesView.story.vue` — 2 variants: default / editing row.
-- `billing/ChargesTab.story.vue` — 3 variants: пустой / mixed prepaid+rub / только rub.
-
-### 6.6. A11y и стиль
-
-- Vuetify-компоненты покрывают keyboard nav + ARIA.
-- Числа — JetBrains Mono с `font-feature-settings:'tnum'`.
-- Pa11y проверка после impl — 0 violations.
-
-## 7. Тестовая стратегия и Acceptance Criteria
-
-### 7.1. Сводка тестов
-
-| Категория | Слой | Кол-во |
-|---|---|---|
-| Pure unit на `PricingTierResolver` | tests/Unit/Billing | 7 |
-| Integration `LedgerService::chargeForDelivery` | tests/Feature/Billing | 6 |
-| E2E `RouteSupplierLeadJob` с биллингом | tests/Feature/Supplier | 4 |
-| `ResetMonthlyCountersCommand` | tests/Feature/Console | 4 |
-| Auto-pause flow | tests/Feature/Supplier | 5 |
-| `SupplierCsvParser` | tests/Unit/Supplier | 5 |
-| `SupplierPortalClient::downloadLeadsCsv` | tests/Unit/Supplier | 3 |
-| `CsvReconcileJob` integration | tests/Feature/Supplier | 6 |
-| E2E CSV happy-path mock-server | tests/Browser (Linux CI only) | 1 |
-| `AdminPricingTiersController` | tests/Feature/Admin | 8 |
-| `AdminSuppliersController` | tests/Feature/Admin | 4 |
-| `TenantChargesController` | tests/Feature/Billing | 6 |
-| Frontend Vitest на 3 Vue компонента | resources/js/.../spec.ts | 12 |
-| **Итого новых тестов Plan 4** | | **71** |
-
-После Plan 4 baseline: ориентировочно **688 Pest + 405 Vitest** (фактическое число подтвердится при impl).
-
-### 7.2. Pre-commit (lefthook) gates
-
-Без изменений в `lefthook.yml`: Pint / Larastan / squawk / pgFormatter / cspell / gitleaks / markdownlint — встраивается в существующие jobs. Larastan baseline вероятно расширится на ~5-10 entries.
-
-### 7.3. Acceptance criteria
-
-| AC | Описание | Verification |
-|---|---|---|
-| **AC-1** | Schema v8.18 → v8.19: +1 таблица, +3 колонки, +3 индекса, +2 CHECK. | `migrate:fresh` зелёный; `db/CHANGELOG_schema.md`. |
-| **AC-2** | `RouteSupplierLeadJob` пишет `lead_charges` + `supplier_lead_costs` в одной транзакции с Deal. | 4 E2E теста (см. §7.1). |
-| **AC-3** | Dual-balance: balance_leads-first, balance_rub-second; tier через `delivered_in_month + 1`; bcmath. | 6 LedgerService тестов (см. §7.1). |
-| **AC-4** | `ResetMonthlyCountersCommand` + `monthlyOn(1, '00:00')` + Europe/Moscow. | 4 Console-теста + `schedule:list`. |
-| **AC-5** | Insufficient balance → exception → rollback → `is_active=false` + email (1/час/tenant). | 5 auto-pause тестов. |
-| **AC-6** | `CsvReconcileJob` hourly, окно 25h, drift > 5% → email, лог в `supplier_csv_reconcile_log`. | 6 integration + 1 E2E. |
-| **AC-7** | Admin UI: 7-tier editor, 3-row supplier prices, ChargesTab + CSV export. | 18 backend + 12 frontend + Histoire +9 variants + Pa11y 0. |
-| **AC-8** | Retry-idempotency: повторный run job'а не пишет дубль `lead_charges`. | 1 retry-idempotency тест. |
-| **AC-9** | Атомарные коммиты: 1 commit = 1 logical change. | git log review. |
-| **AC-10** | 0 schema-orphan FK / 0 duplicate CREATE TABLE / RLS-метрики 39. | self-review per Pravila §4.6. |
-
-### 7.4. Verification gate перед merge (CV-pattern)
-
-1. `composer pint` — clean diff.
-2. `composer stan` — 0 errors above baseline.
-3. `composer test` — все Pest зелёные.
-4. `npm run lint:vue` — clean.
-5. `npm run type-check` — 0 errors.
-6. `npm run test:vue` — все Vitest зелёные.
-7. `npm run story` build — все variants собираются.
-8. `php artisan migrate:fresh --database=liderra_testing` + RLS smoke + model smoke.
-9. `npm run a11y` — 0 violations.
-10. `gitleaks detect --no-banner` full history — 0 leaks.
-11. `npm run links` (lychee) — 0 broken.
-12. code-reviewer subagent → no BLOCKER.
-13. Manual smoke tinker `RouteSupplierLeadJob`.
-14. Manual UI smoke: pricing-tiers editor.
-
-### 7.5. Risks / mitigations
-
-| Risk | Mitigation |
-|---|---|
-| `delivered_in_month` race 2 concurrent deliveries | `lockForUpdate(Tenant)` уже держится; tier-lookup внутри lock → safe. |
-| PHP float drift при price/100 | `bcdiv($kopecks, '100', 2)` — string-math; `decimal:2` cast. |
-| CSV-схема расходится с реальной (Tasks 1-2 BLOCKED) | Schema parser placeholder; Http::fake тесты; impl Task 0 = manual curl после credentials. |
-| Reset cron не запустился вовремя | Idempotent UPDATE; manual `php artisan projects:reset-monthly`. |
-| Redis crash → Cache::add false → ноль алертов | Log::warning всегда; observability-alert out of Plan 4. |
-| Pricing-tier editor: tier 7 c `leads_in_tier ≠ NULL` | Validation на бэке: ровно одна row с NULL = tier 7. |
-| `charge_source='prepaid'` + `price ≠ 0` | CHECK `chk_lead_charges_prepaid_zero_price`. |
-
-### 7.6. Открытые вопросы
-
-| # | Вопрос | Кто решает | Дефолт |
-|---|---|---|---|
-| 1 | Дефолтные tier-цены (500/450/400/350/300/270/250 руб) | Заказчик | placeholder, ждём согласования перед seed'ом |
-| 2 | Email rate-limit 1/час/tenant — норма? | Заказчик | 1/час |
-| 3 | Tenant видит ВСЕ ступени или только свою? | Заказчик | transparent (все) |
-| 4 | CSV-схема (точные столбцы из `/admin/report/index?type=49`) | Discovery после credentials | placeholder webhook-payload |
-| 5 | CSV окно (25h) — норма? | Заказчик/опыт | 25h |
-| 6 | Drift threshold 5% — норма? | Заказчик/опыт | 5% |
-| 7 | Pricing-tier-change при повышении цены | Заказчик | единая логика с понижением (effective 1-е след. месяца) |
-
-Эти 7 — попадают в Открытые_вопросы реестра как новые `Биз-*` после approval'а спецификации.
-
-### 7.7. Декомпозиция на impl-задачи (preview)
-
-Детальный impl-plan будет написан через skill `superpowers:writing-plans` после approval'а spec'а. Preview:
-
-1. **Task 1:** Schema delta v8.18 → v8.19.
-2. **Task 2:** `PricingTierResolver` (pure unit, TDD).
-3. **Task 3:** `LedgerService::chargeForDelivery` (integration, TDD).
-4. **Task 4:** Integration `LedgerService` в `RouteSupplierLeadJob`.
-5. **Task 5:** `ResetMonthlyCountersCommand` + Schedule entry.
-6. **Task 6:** Auto-pause flow + `ZeroBalancePausedMail` + rate-limit.
-7. **Task 7:** `SupplierPortalClient::downloadLeadsCsv` + `SupplierCsvParser`.
-8. **Task 8:** `CsvReconcileJob` + `supplier_csv_reconcile_log` + `CsvDriftAlertMail`.
-9. **Task 9:** `AdminPricingTiersController` backend + Vue view + Histoire.
-10. **Task 10:** `AdminSuppliersController` backend + Vue view + Histoire.
-11. **Task 11:** `TenantChargesController` + ChargesTab + CSV export + Histoire.
-12. **Task 12:** Verification gate (full CV) + code-review subagent.
-
-12 Tasks. TDD: red → green → refactor; атомарный коммит на Task.
-
-## 8. Ограничения и неверифицированное
-
-В соответствии с экономия-0% дисциплиной фиксирую явно, что **не верифицировано** на момент написания spec'а:
-
-- `LeadRouter::matchEligibleProjects` действительно фильтрует `WHERE is_active = true` — будет проверено грепом и feature-тестом при impl.
-- `config('services.supplier.alert_email')` ключ уже существует из Plan 3 — будет проверено грепом при impl.
-- `AppLayout.vue` различает saas-admin vs tenant-user nav-tree — будет проверено грепом при impl.
-- Точное число Pest baseline после Plan 4 (688) — округлённое; финальное число — после запуска `composer test`.
-- Vuetify `<v-data-table>` cells применяют `font-feature-settings:'tnum'` без кастомного slot'а — будет проверено визуально при impl.
-- OpenSpout `StreamedResponse` паттерн в проекте — упомянут в memory `feedback_environment.md`, но конкретный пример код в DealExport не перечитывал; найдём при impl.
-
-## 9. Источник истины и cross-refs
-
-- Spec Plan 4 (этот файл): docs/superpowers/specs/2026-05-11-plan4-billing-csv-admin-design.md
-- Parent spec: [docs/superpowers/specs/2026-05-10-supplier-integration-design.md](./2026-05-10-supplier-integration-design.md) §5.2, §7
-- Schema: [db/schema.sql](../../../db/schema.sql) (v8.18; будет v8.19 после impl)
-- CLAUDE.md §6 (текущая фаза) — будет обновлён после merge Plan 4
-- Pravila §4.5 (3 варианта) — overridden brainstorming-skill согласно §11.1 + §12
diff --git a/docs/superpowers/specs/2026-05-17-deals-page-redesign-design.md b/docs/superpowers/specs/2026-05-17-deals-page-redesign-design.md
deleted file mode 100644
index 7fe4828..0000000
--- a/docs/superpowers/specs/2026-05-17-deals-page-redesign-design.md
+++ /dev/null
@@ -1,132 +0,0 @@
-# Редизайн страницы «Сделки» — дизайн
-
-**Дата:** 2026-05-17
-**Статус:** дизайн утверждён заказчиком; спека на ревью.
-**Макет:** `web/v8/deals-final.html` (вариант A, финал). Сравнение вариантов — `web/v8/deals-variants.html`.
-
-## 1. Контекст и проблема
-
-Текущая страница «Сделки» (`resources/js/views/DealsView.vue`) построена как обычная CRM: ручное создание сделки, корзина, mock-данные, колонки «Менеджер»/«Стоимость». Это неверно: лиды поступают в портал **только** от поставщика crm.bp по заказанным в проектах источникам (B1/B2/B3 × тип сигнала). Сделку нельзя создать вручную и нельзя удалить — у неё есть только статус.
-
-Конкретные ошибки текущей реализации:
-
-- Кнопка «Новая сделка» + `NewDealDialog` — [DealsView.vue:542-551](../../../app/resources/js/views/DealsView.vue#L542-L551), [:741](../../../app/resources/js/views/DealsView.vue#L741).
-- Режим «Корзина» (soft-delete) — [DealsView.vue:524-532](../../../app/resources/js/views/DealsView.vue#L524-L532).
-- Mock-данные — `mockDeals.ts` ([DealsView.vue:18](../../../app/resources/js/views/DealsView.vue#L18)).
-- Колонки «Менеджер»/«Стоимость» и две дублирующие фильтр-панели — [DealsTable.vue:57-64](../../../app/resources/js/components/deals/DealsTable.vue#L57-L64), [DealsView.vue:559-687](../../../app/resources/js/views/DealsView.vue#L559-L687).
-
-## 2. Утверждённый дизайн
-
-Страница — **реестр лидов, поставленных crm.bp**. Ручного создания и корзины нет.
-
-**Шапка:** заголовок «Сделки» + статистика + кнопка «Обновить».
-
-**Панель экспорта:** диапазон дат поставки (`от` — `до`) + кнопки «Экспорт в Excel» и «Экспорт в CSV». Диапазон фильтрует таблицу и задаёт окно экспорта.
-
-**Фильтры:** поиск по телефону, Статус, Проект, Город.
-
-**Выбор числа строк:** 10 / 20 / 50 — между фильтрами и таблицей.
-
-**Таблица** (колонки): чекбокс · Телефон · Источник · Город · Статус · Напоминание · Комментарий · Поставлен.
-
-- **Телефон** — только номер (ФИО убрано).
-- **Источник** — название проекта + тип сигнала (Звонки/Сайт/СМС); B1/B2/B3 не показываются.
-- **Город** — см. §4 (открытый вопрос источника).
-- **Статус** — одна из 5 (см. §3).
-- Колонка «Ответственный» убрана; «Отгружен» переименован в «Поставлен».
-
-**Панель сделки (master-detail):** клик по строке открывает панель с деталями сделки **справа от списка**. Список при этом **сжимается влево**, освобождая место — панель **не перекрывает** таблицу (в отличие от текущего overlay-дровера). Повторный клик / кнопка ✕ — закрыть. Содержимое панели: телефон, статус, источник (проект+тип), город, дата поставки, напоминание, комментарий, история сделки.
-
-**Футер:** пагинация.
-
-**Сайдбар** (отдельная правка, уже внесена): из nav убраны ссылки «Импорт данных» и «Отчёты» — `AppSidebar.vue`, тест `AppLayout.spec.ts` обновлён.
-
-## 3. Воронка статусов: 14 → 5
-
-Заказчик пересматривает воронку: вместо 14 статусов — **5**:
-
-1. **Новая сделка** — присваивается при поступлении лида от crm.bp.
-2. **Просмотрено**
-3. **В работе**
-4. **Сделка** — успешно закрыта.
-5. **Не реализовано** — закрыта без результата.
-
-Это самый крупный затрагиваемый блок (work-stream B, см. §6). Каскад:
-
-- Схема: `lead_statuses` / воронка (`db/schema.sql` р-н строки 2076) — изменение справочника статусов; миграция с записью в `db/CHANGELOG_schema.md`.
-- `composables/leadStatuses.ts` + `stores/leadStatuses` — новый набор.
-- `mockDeals.ts` `DEALS_TABS` — срезы по статусам.
-- Страница **Канбан** — колонки строятся из статусов → 5 колонок вместо 14.
-- Фильтр по статусу + массовая смена статуса (`DealsBulkBar`, `DealBulkActionController@transition`, `dealsApi.transitionDeals`).
-- `StatusRuToSlugMapper` (Sprint 4, импорт исторических лидов) — маппинг русских статусов поставщика на slug'и пересматривается под 5.
-
-**Предлагаемый маппинг старых 14 → новых 5** (на подтверждение в фазе плана):
-
-| Старый | Новый |
-|---|---|
-| Новый | Новая сделка |
-| Просмотрено | Просмотрено |
-| Проработан, База, Недозвон, Переговоры, Ожидаем оплаты, Партнёрка, Тест-драйв, Горячий, На замену, Конечный недозвон | В работе |
-| Оплачено | Сделка |
-| Закрыто и не реализовано | Не реализовано |
-
-Слуги новых статусов и точный маппинг — фиксируются в плане после явного подтверждения заказчиком.
-
-## 4. Открытый вопрос — источник данных для колонки «Город»
-
-crm.bp **не передаёт** город/регион ни по одному каналу ингеста:
-
-- вебхук `SupplierWebhookController@receive` валидирует только `vid/project/phone/time/tag/phones`;
-- CSV-импорт (`Services/Import/*`) гео-полей не читает.
-
-Поставщик доработку делать не будет. Из телефона регион не вывести (`PhonePrefixService` для мобильных 9XX → «неизвестно»). В схеме `deals.region_code` + `deals.city` есть (Биз-23), но заполнять нечем.
-
-**Решение:** заказчик определит источник заполнения «Города» отдельно. До этого колонка в реализацию не берётся (рендерится пустой/`—`). Вопрос зафиксирован: memory `project_deals_page_redesign.md`, напоминание 18.05.
-
-## 5. Затрагиваемые компоненты
-
-**Frontend:**
-
-- `views/DealsView.vue` — убрать `NewDealDialog`/«Новая сделка», trash-режим, дублирующую `.ld-filterbar`; перевести на реальный API; добавить панель экспорта по датам и выбор числа строк.
-- `components/deals/DealsTable.vue` — новый набор колонок.
-- `components/deals/DealsFilters.vue` — фильтры Статус/Проект/Город; убрать «Менеджер».
-- `components/deals/DealsBulkBar.vue` — массовая смена статуса на 5 значений.
-- `composables/mockDeals.ts` — снять mock-зависимость (реальные данные из API).
-- `composables/leadStatuses.ts` / `stores/leadStatuses` — 5 статусов.
-- `api/deals.ts` — список с фильтром по диапазону дат поставки, пагинацией `per_page`, полем города.
-- `components/deals/DealDetailDrawer.vue` — переделать из overlay-дровера в боковую панель master-detail: список сжимается, панель встаёт рядом (flex split-pane), не перекрывает таблицу. Содержимое карточки переиспользуется.
-
-**Backend:**
-
-- `DealController@index` — пагинация `per_page` (10/20/50), фильтр `received_at BETWEEN`, фильтр по городу/статусу/проекту.
-- `DealExportController` (`POST /api/deals/export`) — экспорт по диапазону дат, XLSX + CSV.
-- `db/schema.sql` — справочник статусов воронки 14→5 (+ `db/CHANGELOG_schema.md`).
-- `RouteSupplierLeadJob` — присваивает статус «Новая сделка» новым лидам (сейчас `'new'`).
-- `StatusRuToSlugMapper` — маппинг под 5 статусов.
-
-## 6. Декомпозиция и порядок
-
-Два work-stream'а:
-
-- **A — редизайн страницы** (frontend + `DealController`/`DealExportController`): колонки, фильтры, экспорт, пагинация, удаление ручного создания/корзины. Не зависит от B при условии, что A временно работает на текущем наборе статусов.
-- **B — воронка 14→5** (схема + миграция + Канбан + маппинг импорта). Schema-change — гейт на явное подтверждение маппинга §3.
-
-Рекомендация для плана: A и B — отдельными фазами; B стартует после подтверждения маппинга. Колонка «Город» — вне реализации до решения §4.
-
-## 7. Вне scope
-
-- Заполнение колонки «Город» данными — до решения по источнику (§4).
-- Inline-редактирование напоминания/комментария в строке (было в варианте B макета) — вариант A оставляет их read-only.
-- Содержимое карточки сделки (поля, история) не пересматривается — переиспользуется как есть; меняется только подача: overlay-дровер → боковая панель master-detail (§2, §5).
-
-## 8. Тестирование
-
-- TDD на каждый блок: Vitest (DealsView/DealsTable/DealsFilters/DealsBulkBar), Pest (`DealController@index` пагинация/фильтры, `DealExportController` диапазон дат, миграция статусов — db-тесты).
-- После изменения схемы статусов — db-тесты + smoke.
-- Регрессия Vitest + Pest перед коммитом.
-
-## 9. Открытые вопросы для фазы плана
-
-1. Источник данных для «Города» (§4) — ждём заказчика.
-2. Точные slug'и 5 статусов и маппинг старых 14 (§3) — подтвердить.
-3. ~~Судьба маршрутов `/import` и `/reports`~~ — **РЕШЕНО (2026-05-17): вариант А** — маршруты и вью остаются доступными по прямому URL; из nav-сайдбара ссылки убраны (уже сделано).
diff --git a/docs/superpowers/specs/2026-05-18-supplier-csv-reconcile-channel-design.md b/docs/superpowers/specs/2026-05-18-supplier-csv-reconcile-channel-design.md
deleted file mode 100644
index 5b6e5b3..0000000
--- a/docs/superpowers/specs/2026-05-18-supplier-csv-reconcile-channel-design.md
+++ /dev/null
@@ -1,217 +0,0 @@
-# Резервный CSV-канал импорта лидов (Путь 2) — дизайн
-
-**Дата:** 18.05.2026
-**Статус:** утверждён заказчиком
-**Эпик:** интеграция с поставщиком crm.bp-gr.ru — резервный канал
-
-## 1. Цель
-
-Webhook (Путь 3) — основной живой канал поступления лидов от поставщика crm.bp-gr.ru.
-Доказан вживую 18.05.2026 (112 реальных лидов). Но живой провод может оборваться —
-сбой сети, смена webhook-URL на стороне поставщика, падение нашего портала.
-
-CSV-канал (Путь 2) — **страховка**: периодическая сверка отчёта поставщика «Запрос
-номеров» с тем, что реально приняли через webhook. Лиды, которых нет в нашей базе, —
-подбираются (recovery). Если webhook жив, сверка стабильно находит 0 пропущенных.
-
-CSV-канал НЕ заменяет webhook и не работает параллельным потоком — он только
-**добирает пропущенное** и **сигнализирует**, что webhook теряет лиды.
-
-## 2. Источник данных
-
-Отчёт поставщика **«Запрос номеров»** (`/admin/report/index`, self-service dropdown).
-
-- Формат: **CSV**, разделитель `;`, заголовок `Name;Tag;Phone` — 3 колонки.
-  - `Name` — имя проекта поставщика, формат `B<N>_<rest>` (как в webhook `raw_payload['project']`).
-  - `Tag` — тег проекта (клиент/рекламодатель).
-  - `Phone` — номер телефона лида.
-- **Нет** `vid` (id лида), **нет** времени отгрузки.
-- Генерация **асинхронная**: заказать отчёт за диапазон дат → отчёт строится (секунды) →
-  появляется в «Списке отчётов» со статусом «Обработан» → скачать `/admin/report/getfile?id=N`.
-
-Разведано 18.05.2026 (см. memory `reference_supplier_crm.md` §«Отчёты / выгрузки»).
-Альтернатива «Выгрузка данных» (XLSX, 10 колонок с id и временем) — НЕ в self-service
-dropdown, генерируется иначе; отвергнута как источник — «Запрос номеров» легче и доступен.
-
-## 3. Поток данных
-
-Каждые 30 минут (Laravel scheduler) **и** по кнопке «Сверить сейчас»:
-
-```
-1. Cache::lock('supplier:csv_reconcile', 600s) — overlap-защита (skip если занят).
-2. INSERT supplier_csv_reconcile_log (status='running').
-3. SupplierPortalClient.requestNumbersReport(from, to) → report_id.
-   from..to = окно (вчера 00:00 .. сегодня 23:59 — 2 календарных дня).
-4. SupplierPortalClient.waitReportReady(report_id) — polling статуса «Обработан».
-5. SupplierPortalClient.downloadReport(report_id) → raw CSV.
-6. SupplierCsvParser.parse(csv) → строки {project, tag, phone}.
-7. Дедуп: для каждой CSV-строки ключ (phone, project). SELECT существующих
-   supplier_leads за окно → set ключей. Строки вне set → missing.
-8. Для каждой missing:
-   - INSERT supplier_leads (vid=NULL, source='csv_recovery',
-     recovered_from_csv_at=now(), received_at=now(), raw_payload=строка).
-   - dispatch RouteSupplierLeadJob(lead_id).
-9. drift_ratio = missing / total_csv_rows.
-10. UPDATE supplier_csv_reconcile_log: total/matched/recovered/drift/status.
-11. drift > 5% → CsvDriftAlertMail + плашка + колокольчик.
-12. На любом исключении — status='failed', error_message, throw (cron повторит через 30 мин).
-```
-
-## 4. Компоненты
-
-### 4.1. `SupplierCsvParser` — переписать (rework)
-
-Текущая версия ([app/app/Services/Supplier/SupplierCsvParser.php](../../../app/app/Services/Supplier/SupplierCsvParser.php))
-написана под неверную догадку: 6 колонок `vid;project;tag;phone;phones;time`.
-
-Новая версия:
-
-- Заголовок `Name;Tag;Phone` — 3 колонки.
-- BOM (UTF-8 `EF BB BF`) + CRLF→LF — сохранить.
-- Streaming-generator — сохранить.
-- Malformed-строки (< 3 колонок) — skip + `Log::warning` — сохранить.
-- Возвращает `iterable<array{project: string, tag: string, phone: string}>` — без `vid`/`time`.
-
-### 4.2. `CsvReconcileJob` — переписать (rework)
-
-Текущая версия ([app/app/Jobs/Supplier/CsvReconcileJob.php](../../../app/app/Jobs/Supplier/CsvReconcileJob.php))
-строит дедуп на `vid` (`$csvByVid`, `array_diff_key`), вызывает синхронный
-`downloadLeadsCsv` — оба невозможны на реальном CSV.
-
-Новая версия:
-
-- Async-флоу заказа отчёта (шаги 3–5 §3) вместо `downloadLeadsCsv`.
-- Дедуп по `(phone, project)` вместо `vid` (§5).
-- Окно — `WINDOW_DAYS = 2` календарных дня (вчера + сегодня).
-- `Cache::lock` overlap-защита — сохранить.
-- `supplier_csv_reconcile_log` запись — сохранить (status CHECK `running/ok/drift_alert/failed`
-  уже существует, не меняется).
-- drift-порог `0.05` — сохранить.
-- vid у создаваемых `supplier_leads` — `NULL` (см. §6).
-
-### 4.3. `SupplierPortalClient` — расширить
-
-Добавить 3 метода (auth/retry семантика — от приватного `request()`, как у существующих):
-
-- `requestNumbersReport(CarbonInterface $from, CarbonInterface $to): int`
-  — POST-запрос генерации отчёта «Запрос номеров» за диапазон → возвращает `report_id`.
-- `waitReportReady(int $reportId): void`
-  — polling статуса отчёта до «Обработан»; таймаут (напр. 60s) → `SupplierTransientException`.
-- `downloadReport(int $reportId): string`
-  — GET `/admin/report/getfile?id=N` → raw CSV-body.
-
-Метод `downloadLeadsCsv` — удалить (единственный потребитель — старый `CsvReconcileJob`;
-проверить grep при реализации).
-
-> **Discovery-оговорка:** точные имена endpoint'ов и поля payload отчёта «Запрос
-> номеров» — placeholder (как было с `rt-*` endpoints в §4.4 spec'а 2026-05-10).
-> Уточняются на реальном портале при реализации; при расхождении — fixup-commit.
-
-### 4.4. UI — страница «Интеграция с поставщиком» (админ-часть)
-
-Новый экран в админ-части портала:
-
-- **Здоровье канала:** дата/статус последней сверки, текущий `drift %`, индикатор
-  «webhook live / webhook down» (down — если последняя сверка дала drift > 5%).
-- **Кнопка «Сверить сейчас»** → `POST` → dispatch `CsvReconcileJob` вручную (вне расписания).
-- **История сверок** — таблица из `supplier_csv_reconcile_log` (последние N записей:
-  время, окно, total/matched/recovered, drift, статус).
-
-### 4.5. Расписание
-
-`CsvReconcileJob` — в Laravel scheduler `everyThirtyMinutes()`.
-Ручной запуск кнопкой — всегда доступен независимо от расписания.
-
-## 5. Дедуп
-
-CSV «Запрос номеров» не содержит `vid` и времени → дедуп по `vid` невозможен.
-
-**Ключ дедупа: `(phone, project)`** за окно сверки.
-
-- `project` — поле `B<N>_<rest>` из CSV-строки (= `raw_payload['project']` у webhook-лидов).
-- Существующие `supplier_leads` за окно (по `received_at`) → set ключей `phone|project`.
-- CSV-строка, чьего ключа нет в set → missing → recovery.
-
-**Известное ограничение:** если за окно поступило две *разных* заявки с одним телефоном
-на один проект — CSV-канал подберёт только одну (вторую сочтёт уже принятой). Это
-приемлемо, потому что:
-
-1. CSV-канал — резервный, его задача — не потерять лид, а не точный аудит.
-2. Даже если бы CSV создал второй `supplier_lead` — `RouteSupplierLeadJob` через
-   `DuplicateDetector::findMaster` (phone + окно 24ч) пометил бы его дублем
-   **без списания баланса**. Деньги защищены на уровне routing, не дедупа CSV.
-
-## 6. Миграция: `supplier_leads.vid` → nullable
-
-Сейчас `supplier_leads.vid` — `bigint NOT NULL` с `idx_supplier_leads_vid_unique`
-(UNIQUE-индекс). CSV «Запрос номеров» vid не содержит.
-
-**Миграция:** `ALTER TABLE supplier_leads ALTER COLUMN vid DROP NOT NULL`.
-
-- Webhook-лиды — без изменений (настоящий `vid` от поставщика).
-- CSV-recovered лиды — `vid = NULL`.
-- UNIQUE-индекс `idx_supplier_leads_vid_unique` **остаётся**: в PostgreSQL несколько
-  строк с `vid = NULL` не нарушают UNIQUE (NULL ≠ NULL) — много CSV-лидов с NULL сосуществуют.
-- `RouteSupplierLeadJob` пишет `Deal.source_crm_id = lead.vid` → для CSV-лида `NULL`.
-  `Deal.source_crm_id` уже nullable (webhook-only поле). Дедуп сделок — `DuplicateDetector`
-  по phone+окну, не по `source_crm_id` — не ломается.
-
-Запись в `db/CHANGELOG_schema.md` обязательна (правило §4.2). RLS на `supplier_leads`
-не меняется (миграция трогает только nullability колонки).
-
-## 7. Drift-детект и уведомления
-
-`drift_ratio = missing_count / total_csv_rows`.
-
-- `drift ≤ 5%` → status `ok` (webhook здоров; recovery подобрал мелочь — норма).
-- `drift > 5%` → status `drift_alert` → webhook систематически теряет лиды:
-  - `CsvDriftAlertMail` ([app/app/Mail/CsvDriftAlertMail.php](../../../app/app/Mail/CsvDriftAlertMail.php) — уже существует).
-  - Плашка в портале + колокольчик (in-app notification).
-  - **Письмо фактически отправляется только после настройки почты (Б-1)** — до этого
-    Mailable формируется, но доставка зависит от mail-конфига; плашка+колокольчик работают сразу.
-
-## 8. Error handling
-
-| Сбой | Поведение |
-|---|---|
-| Playwright-логин упал / сессия не обновилась | `SupplierAuthException` → `reconcile_log` status=`failed`, throw, cron повторит |
-| Портал поставщика 5xx | `SupplierTransientException` → status=`failed`, throw |
-| Отчёт не дошёл до «Обработан» за таймаут | `SupplierTransientException` → status=`failed` |
-| Параллельный запуск (cron + кнопка) | `Cache::lock` занят → skip с `Log::info`, без записи в log |
-| CSV-строка с непарсимым `project` | skip + `Log::warning`, остальные обрабатываются |
-| `vid`-коллизия (CSV-лид совпал с webhook-vid) | невозможна — CSV-лиды имеют `vid=NULL` |
-
-`$tries = 1` у `CsvReconcileJob` — повтор обеспечивает cron каждые 30 мин, не retry-механизм.
-
-## 9. Тестирование
-
-- **`SupplierCsvParser`** (Pest unit): 3-колоночный заголовок, BOM, CRLF, malformed-строки skip,
-  пустой CSV, корректный generator-выход.
-- **`CsvReconcileJob`** (Pest feature): дедуп phone+project (missing подобран, существующий
-  пропущен), drift расчёт + порог 5%, missing → `RouteSupplierLeadJob` dispatched,
-  overlap-lock skip, fail-path (status=`failed` на исключении), drift_alert → Mailable.
-- **`SupplierPortalClient`** новые методы — HTTP-факт мокается (`Http::fake`), как у существующих.
-- **Миграция vid** (Pest feature/db): `supplier_leads` принимает `vid=NULL`; несколько
-  NULL-строк сосуществуют под UNIQUE-индексом; webhook-путь с настоящим vid не сломан.
-- **UI** (Vitest): страница «Интеграция с поставщиком» рендерит здоровье/историю;
-  кнопка «Сверить сейчас» вызывает endpoint.
-- Регрессия: существующие `RouteSupplierLeadJobTest`, `SupplierWebhookTest`,
-  `CsvReconcileJobTest` (последний переписывается под новый дедуп).
-
-## 10. Что НЕ входит (YAGNI)
-
-- Параллельный CSV-поток как равноправный канал — нет, только recovery.
-- Импорт исторических лидов — отдельный флоу (Sprint 4, `HistoricalImportService`), не трогаем.
-- Региона/города из CSV — у поставщика гео-данных нет (см. открытый вопрос «Город»).
-- Ретрай-механизм внутри job — повтор обеспечивает 30-мин cron.
-
-## 11. Журнал решений
-
-| # | Решение | Обоснование |
-|---|---|---|
-| 1 | Источник — отчёт «Запрос номеров» (CSV 3 колонки) | Лёгкий, в self-service dropdown; «Выгрузка данных» XLSX — не self-service |
-| 2 | Частота авто-сверки — 30 минут | Баланс свежести подхвата и нагрузки на портал поставщика (подтв. заказчиком 18.05) |
-| 3 | Окно — 2 календарных дня (вчера+сегодня) | CSV без времени; покрывает скользящие 24ч независимо от гранулярности диапазона портала |
-| 4 | Дедуп по (phone, project) | CSV не содержит vid; деньги защищены DuplicateDetector в RouteJob |
-| 5 | `vid` → nullable (миграция) | CSV не даёт vid; NULL-ы не конфликтуют под UNIQUE-индексом (PG semantics) |
-| 6 | Письмо drift-alert — после Б-1 | Почта не настроена; плашка+колокольчик работают сразу |
diff --git a/docs/superpowers/specs/2026-05-19-supplier-project-channel-failover-design.md b/docs/superpowers/specs/2026-05-19-supplier-project-channel-failover-design.md
deleted file mode 100644
index 7ebc299..0000000
--- a/docs/superpowers/specs/2026-05-19-supplier-project-channel-failover-design.md
+++ /dev/null
@@ -1,223 +0,0 @@
-# Резервный канал миграции проектов Лидерра → поставщик — дизайн
-
-**Дата:** 19.05.2026
-**Статус:** утверждён заказчиком (4 секции согласованы поэтапно)
-**Эпик:** интеграция с поставщиком crm.bp-gr.ru — резерв канала проектов
-**Связано:** [2026-05-18-supplier-csv-reconcile-channel-design.md](2026-05-18-supplier-csv-reconcile-channel-design.md) (зеркальная архитектура: тот резервирует ВХОДЯЩЕЕ направление — лиды, этот резервирует ИСХОДЯЩЕЕ — миграцию проектов)
-
-## 1. Цель
-
-`SyncSupplierProjectJob` (singular, on-edit) и `SyncSupplierProjectsJob` (plural, ночной крон) сегодня мигрируют проект Лидерра → поставщик crm.bp-gr.ru только через AJAX `rt-project-save/update/delete` ([SupplierPortalClient.php:103-121](../../../app/app/Services/Supplier/SupplierPortalClient.php#L103-L121)). Этот канал — единственный, и он:
-
-- В коде помечен как **placeholder, на реальном портале не верифицирован** ([SupplierPortalClient.php:24-28](../../../app/app/Services/Supplier/SupplierPortalClient.php#L24-L28)).
-- Реверс-инжиниринг внутреннего AJAX «Мои проекты» — может сломаться при правках портала без предупреждения (это не публичный контракт).
-- Зависит от эмуляции сессии через `PlaywrightBridge` ([RefreshSupplierSessionJob.php:43](../../../app/app/Jobs/Supplier/RefreshSupplierSessionJob.php#L43)) — отдельная точка отказа (логин-форма, креды).
-
-Цель: **полный резерв канала миграции проектов**. Не точечная защита от одного сбоя — полная избыточность, по образцу резерва входящих лидов (webhook + CSV-сверка).
-
-## 2. Граница и пределы резерва
-
-Разведка портала 19.05.2026 (Playwright read-only по согласию заказчика, снапшоты `rt-projects-snapshot.yml`, `rt-add-project-form.yml`, `user-api-page.yml`) установила:
-
-- **У поставщика нет API управления проектами.** Раздел «API» меню — это интеграции *доставки* лидов (Битрикс / amoCRM / Google-таблица / Unisender + webhook). `/admin/user/api` — только настройка webhook'а («Апи ссылка», протокол, статус) + docs формата входящих лидов.
-- **Единственная дверь к проектам** — UI «Мои проекты» (`/admin/visit/rt`), за ним внутренний AJAX `rt-project-*`. Наш HTTP-канал бьёт именно туда.
-- **Внеканальной приёмной стороны не существует** — у поставщика нет менеджера/поддержки, принимающей запросы по почте/мессенджеру (подтверждено заказчиком).
-
-**Следствие — потолок резерва.** Резервный канал может быть только *вторым механизмом в ту же дверь*. Он переживёт слом контракта `rt-project-*`, поломку нашей сессионной авторизации, частичные сбои портала. Полный даун хоста crm.bp-gr.ru роняет оба пути одновременно — это принятый предел, не недоработка дизайна.
-
-## 3. Архитектура — три яруса
-
-| Ярус | Механизм | Скорость | Когда работает |
-|---|---|---|---|
-| 1 | **AJAX** `rt-project-*` (primary) | быстро | штатно |
-| 2 | **Браузерная автоматизация** формы «Мои проекты» через `PlaywrightBridge` | медленно (Chromium boot + загрузки страниц) | контракт/auth яруса 1 сломан |
-| 3 | **Operator worklist** — оператор Лидерры вносит руками в crm.bp-gr.ru | сколько займёт у человека | оба автоматических яруса упали ИЛИ хост недоступен |
-
-`FailoverProjectChannel` — декоратор-оркестратор: пробует ярус 1 → классифицирует исход → ярус 2 / прыжок на 3. Это зеркало входящего дизайна: webhook (push, машинный) + CSV-сверка (другой механизм, тот же портал).
-
-## 4. Компоненты
-
-### 4.1. `SupplierProjectChannel` — интерфейс
-
-Новый интерфейс `App\Services\Supplier\Channel\SupplierProjectChannel`:
-
-```php
-interface SupplierProjectChannel
-{
-    public function createProject(SupplierProjectDto $dto): int; // external_id
-    public function updateProject(int $externalId, SupplierProjectDto $dto): void;
-    public function listProjects(): array; // для дедуп-сверки
-}
-```
-
-Контракт нейтрален к транспорту. Реализации — три (см. ниже).
-
-### 4.2. `AjaxProjectChannel` — ярус 1, тонкий адаптер
-
-Имплементирует интерфейс через существующий `SupplierPortalClient` (его `saveProject`/`updateProject`/`listProjects` + `request()`/`loadSession()` остаются HTTP-плумбингом — [SupplierPortalClient.php:103-121](../../../app/app/Services/Supplier/SupplierPortalClient.php#L103-L121)). Тонкий wrapper, чтобы не ломать существующий код CSV-канала, который тоже использует `SupplierPortalClient`.
-
-### 4.3. `FormProjectChannel` — ярус 2, браузерная автоматизация
-
-Новый класс `App\Services\Supplier\Channel\FormProjectChannel`. Зависит от `PlaywrightBridge` ([RefreshSupplierSessionJob.php:43](../../../app/app/Jobs/Supplier/RefreshSupplierSessionJob.php#L43)) — тот уже водит headless Chromium для логина, инфра переиспользуется.
-
-Новый Node-скрипт `app/playwright/manage-project.js` (рядом с `refresh-session.js`):
-
-- Принимает аргументы `{operation, externalId|null, dto}`.
-- Логин (как `refresh-session.js`, селекторы Yii2 `#loginform-username`/`#loginform-password`), переход на `/admin/visit/rt`, ожидание загрузки таблицы.
-- Для `create`: клик «Добавить проект» → форма из 11 полей (снапшот разведки `rt-add-project-form.yml`) → заполнить (`textbox` Тег/Название, `checkbox` B1/B2/B3, `combobox` Источники сбора, `tree`/`switch` Регион include/exclude, `textarea` Список сайтов или вкладка «Файл» при необходимости, `spinbutton` Лимит в день, `checkbox` дни Пн-Вс) → «Сохранить» → дождаться появления новой строки в таблице → прочитать её `id` → вернуть.
-- Для `update`: найти проект в таблице по `externalId` → открыть форму редактирования → изменить нужные поля → «Сохранить».
-- Для `listProjects`: прочитать таблицу через snapshot/evaluate → массив `{id, platform, signal_type, unique_key, limit, workdays, regions, ...}`.
-
-PHP-сторона — `FormProjectChannel` вызывает bridge с JSON-полезной нагрузкой и парсит ответ.
-
-### 4.4. `FailoverProjectChannel` — декоратор
-
-Новый класс `App\Services\Supplier\Channel\FailoverProjectChannel`. Конструктор: `AjaxProjectChannel`, `FormProjectChannel`, `ManualSyncQueueRepository`, `Mailer`.
-
-`createProject(dto)`:
-
-1. **Локальная проверка существования** (`SupplierProject::where(platform, signal_type, unique_key)`) — логика `ensureSupplierProject` ([SupplierPortalClient.php:54-91](../../../app/app/Services/Supplier/SupplierPortalClient.php#L54-L91)). Если есть — вернуть id.
-2. **Портальная сверка** через `listProjects()` (кэш на прогон job) по тому же ключу — если на портале уже есть (полу-успех яруса 1 в прошлом запуске, или другой Лидерра-проект на тот же канал), «усыновить»: создать локальную строку с external_id, вернуть id.
-3. Иначе — попытка яруса 1. Классификация исключения:
-   - Успех → запись в `supplier_sync_log`, вернуть external_id.
-   - `SupplierTransientException` (5xx, [SupplierPortalClient.php:291](../../../app/app/Services/Supplier/SupplierPortalClient.php#L291); сеть, [.php:263](../../../app/app/Services/Supplier/SupplierPortalClient.php#L263)) — `FailoverProjectChannel` сам ретраит транзиент (N попыток с backoff; точные значения пинуем в плане); после исчерпания → **хост недоступен** → прыжок на ярус 3 (ярус 2 по тому же хосту тоже не зайдёт), reason `portal_unreachable`. Существующий job-уровневый `$tries=3` ([SyncSupplierProjectJob.php:35](../../../app/app/Jobs/SyncSupplierProjectJob.php#L35)) — на catastrophic-сценарии вне канала (например, `FailoverProjectChannel` бросил неожиданное исключение).
-   - `SupplierClientException` (4xx, [.php:299](../../../app/app/Services/Supplier/SupplierPortalClient.php#L299)) или неожиданная форма ответа (`saveProject` без `id` и т.п.) → **слом контракта** → ярус 2.
-   - `SupplierAuthException` ([.php:270](../../../app/app/Services/Supplier/SupplierPortalClient.php#L270)) → ярус 2 (его свежий интерактивный логин может пройти, если протух только cookie).
-4. Ярус 2 — `FormProjectChannel.createProject(dto)`. На успех → запись в `supplier_projects` + `supplier_sync_log`, алёрт `failover_to_form` (инфо). На любой сбой (логин не прошёл, селекторы формы не найдены, save error-тост, таймаут) → запись в `supplier_manual_sync_queue` (status `pending`) + алёрт `manual_required`.
-
-`updateProject(externalId, dto)`: аналогично без шагов 1–2 (проект уже привязан).
-
-`listProjects()`: ярус 1; на client-exc → ярус 2 (browser-чтение таблицы).
-
-### 4.5. Очередь яруса 3 — `supplier_manual_sync_queue`
-
-Новая SaaS-level таблица (как `supplier_csv_reconcile_log` — без `tenant_id`, без RLS; доступ только SaaS-admin через admin-controller):
-
-| Поле | Тип | Описание |
-|---|---|---|
-| `id` | bigserial PK | |
-| `project_id` | bigint NOT NULL, FK `projects` | Лидерра-проект |
-| `platform` | varchar CHECK `B1`/`B2`/`B3` | |
-| `operation` | varchar CHECK `create`/`update` | |
-| `external_id` | varchar NULL | для update — `supplier_external_id` |
-| `payload_snapshot` | jsonb NOT NULL | снимок DTO (signal_type, unique_key, limit, workdays, regions, regions_reverse, ...) — оператор видит точные значения для ввода на портале |
-| `failure_reason` | varchar NOT NULL | `portal_unreachable` / `contract_break` / `auth_failure` / `form_selector_break` / `form_save_error` / ... |
-| `status` | varchar CHECK `pending`/`resolved`/`cancelled` | |
-| `resolved_by_user_id` | bigint NULL FK `users` | оператор, отметивший выполненным |
-| `created_at`, `resolved_at` | timestamp | |
-
-Миграция + обновление `db/schema.sql` + запись в `db/CHANGELOG_schema.md` обязательны (правило §4.2 Pravila).
-
-### 4.6. Admin UI — worklist (расширение существующего)
-
-Расширяем существующий админ-экран «Интеграция с поставщиком» (`AdminSupplierIntegrationController` + `AdminSupplierIntegrationView.vue`, созданы для CSV-канала, [spec 2026-05-18 §4.4](2026-05-18-supplier-csv-reconcile-channel-design.md)). Точное расположение контроллера — `app/app/Http/Controllers/Api/Admin/` (по конвенции; **не верифицировал именно файл в этой сессии**, запиную при планировании).
-
-Новые endpoint'ы:
-
-- `GET /api/admin/supplier-integration/manual-queue` — список pending записей с полным `payload_snapshot` (чтобы оператор видел, что вносить).
-- `POST /api/admin/supplier-integration/manual-queue/{id}/resolve` — оператор отмечает done. Backend:
-  1. Дёргает `listProjects()` (ярус 1; fallback на ярус 2 если ярус 1 не работает).
-  2. Ищет проект по `(platform, signal_type, unique_key)` из снапшота.
-  3. Если нашёл — создаёт/обновляет локальный `supplier_projects`, ставит FK на `projects.supplier_b{1,2,3}_project_id`, помечает строку очереди `resolved`.
-  4. Если не нашёл — возвращает 409 «проект не найден на портале, проверьте, что вы действительно его создали» (оператор перепроверяет).
-
-`AdminSupplierIntegrationView.vue` — +секция «Ручная очередь»:
-
-- Таблица: project name, platform, operation, payload (читаемое представление), reason, created_at.
-- Кнопка «Отметить выполнено» (с подтверждением).
-- Счётчик pending в шапке экрана + колокольчик-уведомление при появлении новых записей.
-
-### 4.7. Расписание
-
-- `SyncSupplierProjectsJob` крон: 20:30 МСК → **18:00 МСК**.
-- `RefreshSupplierSessionJob` ежедневный триггер: 20:15 → **17:45** МСК (15 мин до sync, [RefreshSupplierSessionJob.php:24](../../../app/app/Jobs/Supplier/RefreshSupplierSessionJob.php#L24)). Hourly-trigger остаётся.
-- `TIME_BUDGET_CUTOFF = '20:55'` ([SyncSupplierProjectsJob.php:60](../../../app/app/Jobs/Supplier/SyncSupplierProjectsJob.php#L60)) — **остаётся** (страховка от правок после портального дедлайна 21:00; при 18:00-старте обычно недостижим, остаётся safety rail).
-
-Рацио 18:00: эскалация на ярус 2 (медленный) или ярус 3 (ручной оператор) — в рабочее время, не поздно вечером. Запас ~3 часа до 21:00.
-
-Точный файл scheduler-записи (`routes/console.php` либо `app/Console/Kernel.php` — Laravel 13) — **не верифицировал**, запиную при планировании.
-
-## 5. Поток данных
-
-**On project create/edit** ([ProjectService.php:212-234](../../../app/app/Services/Project/ProjectService.php#L212-L234)): `ProjectService::create/update` → dispatch `SyncSupplierProjectJob(projectId)` → для каждой нужной платформы ([SyncSupplierProjectJob.php:70-81](../../../app/app/Jobs/SyncSupplierProjectJob.php#L70-L81)) → `FailoverProjectChannel.createProject(dto)` → ярусы. FK `projects.supplier_b{1,2,3}_project_id` ставится только при успехе яруса 1 или 2. При прыжке на ярус 3 — FK пока null, операция в очереди; FK ставится при resolve.
-
-**Ночной 18:00** ([SyncSupplierProjectsJob.php](../../../app/app/Jobs/Supplier/SyncSupplierProjectsJob.php)): итерация по supplier_projects → расчёт allocation через `SupplierQuotaAllocator` ([.php:134-141](../../../app/app/Jobs/Supplier/SyncSupplierProjectsJob.php#L134-L141)) → если изменилось ([.php:147-149](../../../app/app/Jobs/Supplier/SyncSupplierProjectsJob.php#L147-L149)) → ветвление: `external_id IS NULL` → `FailoverProjectChannel.createProject` ([.php:158](../../../app/app/Jobs/Supplier/SyncSupplierProjectsJob.php#L158)), иначе → `updateProject` ([.php:168](../../../app/app/Jobs/Supplier/SyncSupplierProjectsJob.php#L168)) — обе через ярусы. Окно 18:00–20:55.
-
-**Закрытие яруса 3:** оператор внёс правки на портале → жмёт «Отметить выполнено» → backend reconcile через `listProjects()` → дописывает `supplier_projects` + FK, помечает строку очереди `resolved`.
-
-## 6. Обработка ошибок и эскалация
-
-Сжатая матрица (детали в §4.4):
-
-| Ярус 1 исход | Куда |
-|---|---|
-| Успех | done |
-| Транзиент исчерпан (5xx/сеть) | сразу ярус 3 (`portal_unreachable`) — ярус 2 пропускаем |
-| 4xx или непарсимый ответ | ярус 2 |
-| Sticky 401/403 | ярус 2 |
-| Ярус 2 любой сбой | ярус 3 (`form_selector_break`/`auth_failure`/...) |
-
-Алёрты: реюз `SupplierCriticalAlertMail` ([SyncSupplierProjectsJob.php:88](../../../app/app/Jobs/Supplier/SyncSupplierProjectsJob.php#L88)). Новые типы:
-
-- `failover_to_form` — инфо: AJAX сломан, ярус 2 несёт нагрузку (команде сигнал: чинить primary).
-- `manual_required` — ярус 3: оператор обязан вмешаться.
-
-Дополнительно — отражение в админ-экране (плашка + колокольчик).
-
-`$tries` у job'ов — пересмотр при планировании; повтор обеспечивает крон, ретрай-механизм внутри job'а не нужен.
-
-## 7. Защита от дублей (идемпотентность)
-
-**Опасность:** ярус 1 `createProject` полу-успешен — портал создал проект, но наш парсинг ответа упал → мы думаем «не вышло» → ярус 2 повторяет create → **дубль на портале**.
-
-**Гард** в `FailoverProjectChannel.createProject` (шаги 1–2 §4.4): локальная проверка + портальная сверка через `listProjects()` (кэш на прогон job) до любой попытки create. Так create идемпотентен сквозь все ярусы и через ручное закрытие яруса 3.
-
-Update — идемпотентен по своей природе (повтор `updateProject(externalId, dto)` с тем же DTO даёт то же состояние).
-
-## 8. Временное окно поставщика
-
-Портал на `/admin/visit/rt` показывает alert: «правки до 21:00 МСК; в 22:00–00:00 создание/редактирование запрещено» (зафиксировано снапшотом `rt-projects-snapshot.yml`). Заказчик уточнил 19.05.2026: это **UX-предупреждение пользователю** (для управления его ожиданиями), не технический забор; функционально портал работает 24/7. Соответственно:
-
-- Канал и ярусы **не гейтятся** по времени.
-- 18:00-крон — рационален «эскалация в рабочее время», не «успеть до 21:00».
-
-**Защитная ветка** (на случай, если 22:00–00:00 всё-таки технический reject): `FailoverProjectChannel` классифицирует window-связанный отказ (специфичный 4xx/строка ошибки) как `WindowDeferred` — **не сбой, не эскалация**; операция переносится на следующий ретрай/тик. Если окно полностью мягкое (опыт заказчика подтвердит), ветка не сработает ни разу и стоит ноль.
-
-**Не верифицировал:** технический ли это reject в 22:00–00:00 на `rt-project-save`. Час 22:00–00:00 живьём не протестировать в день разведки (09:37 МСК). Если из эксплуатации станет ясно, что отказ невозможен — защитную ветку удалить.
-
-## 9. Тестирование
-
-- **`FailoverProjectChannel` — приоритет №1**, мозг фичи. Чистое юнит-тестирование с тест-даблами ярусов 1 и 2 (поддельные каналы, бросающие сконфигурированные исключения). Покрыть матрицу эскалации (§4.4 / §6) целиком: успех — никаких эскалаций; transient-exhausted → прыжок на ярус 3 (ярус 2 НЕ зван); client-exc → ярус 2 → успех / провал → очередь; auth-exc → ярус 2; идемпотентность — портальный матч `listProjects` → create не зван, FK усыновлён; `WindowDeferred` → ни очереди, ни эскалации. Детерминированно, быстро.
-- **`AjaxProjectChannel`** — Pest feature через `Http::fake()` (паттерн `CsvReconcileJobTest`): create/update/list, 4xx → `SupplierClientException`, 5xx → transient, 401/403 → auth. *Ограничение:* `Http::fake` проверяет НАШ код против предполагаемого контракта, не реальный портал; контракт верифицируется отдельным live-шагом (Задача 1 плана, см. §11 ниже).
-- **`FormProjectChannel` (PHP)**: `PlaywrightBridge` мокается на PHP-границе (он DI-инжектируемый, [RefreshSupplierSessionJob.php:43](../../../app/app/Jobs/Supplier/RefreshSupplierSessionJob.php#L43)) — тест проверяет правильность вызова bridge + обработку возвращаемых значений.
-- **Node-скрипт `manage-project.js`**: прогон против сохранённого статического HTML-фикстура формы «Мои проекты» — снапшот разведки `rt-add-project-form.yml` используется как seed-фикстура. Покрывает логику заполнения полей без живого портала.
-- **Миграция `supplier_manual_sync_queue`**: Pest feature/db — миграция применяется, `db/schema.sql` + `CHANGELOG_schema.md` синхронны, db-smoke (CHECK-constraint'ы, FK на `projects`).
-- **Джобы** `SyncSupplierProjectJob`/`SyncSupplierProjectsJob` — существующие тесты обновляются под инъекцию `FailoverProjectChannel`. +Тест расписания (18:00 крон, 17:45 session-refresh).
-- **`AdminSupplierIntegrationController`** — Pest feature: getJson worklist, postJson resolve + reconcile-эффект.
-- **`AdminSupplierIntegrationView.vue`** — Vitest: новая секция worklist рендерит pending; кнопка «выполнено» дёргает endpoint; счётчик/колокольчик при появлении новой записи.
-- **End-to-end `FormProjectChannel` против боевого crm.bp-gr.ru** — только **ручной smoke с живой сессией** (как webhook live-test / discovery T3). CI реальный портал не трогает: нет кредов, внешняя зависимость, создавал бы настоящие проекты. Live-smoke — отдельная gated-задача плана (read-mostly + один контролируемый create+откат через `deleteProject`).
-
-Larastan baseline возможно потребует bump (новые классы) — зелёный larastan — обязательное условие коммита.
-
-## 10. Что НЕ входит (YAGNI)
-
-- Бэк-портирование `rt-project-delete` через ярусы — текущий код delete не зовёт нигде вне расширения channel'а; вероятно понадобится, но за рамками этого spec'а.
-- Pull-листинг проектов с портала как фоновый sync (метод `listProjects` уже есть) — на сегодня не нужен; используется только для дедуп-сверки в моменте create.
-- Out-of-band канал (e-mail / FTP / менеджер) — у поставщика приёма вне портала нет (см. §2).
-- Замена AJAX на browser как primary — отвергнуто: один механизм не даёт «полного резерва».
-- Параллельный browser-канал «для верификации каждого AJAX-вызова» — слишком дорого; cross-проверка делается на этапе discovery (Задача 1 плана) однократно.
-
-## 11. Журнал решений
-
-| # | Решение | Обоснование |
-|---|---|---|
-| 1 | Три яруса A+C (AJAX → авто-браузер → ручной worklist) | Максимальная избыточность в пределах единственной двери поставщика; зеркало webhook↔CSV |
-| 2 | Ярус 1 (AJAX) остаётся primary | Быстро; ярус 2 медленный (Chromium boot + загрузки страниц) — нежелателен по умолчанию |
-| 3 | Transient-exhausted → прыжок прямо на ярус 3 (ярус 2 пропускаем) | Если хост недоступен, браузер по тому же хосту тоже не зайдёт — пустая трата времени и контекста |
-| 4 | Ярус 3 ручной с точным worklist (не алёрт-без-данных) | Без точного снимка payload оператор не знает, что вносить — ошибки и расхождения |
-| 5 | Крон 18:00 МСК (был 20:30) | Эскалация на ярус 2/3 в рабочее время, не поздно вечером (запас ~3 часа до 21:00) |
-| 6 | Временное окно — не гейт (заказчик 19.05.2026) | UX-предупреждение, а не технический забор; защитная ветка `WindowDeferred` на случай, если 22:00–00:00 окажется hard-reject |
-| 7 | Идемпотентность через портальный `listProjects()` до create | Защита от дубля при полу-успехе яруса 1 / повторе ярусом 2 |
-| 8 | Очередь яруса 3 — отдельная SaaS-таблица (не расширение `supplier_sync_log`) | `supplier_sync_log` — append-only log; ярус 3 — resolvable queue (pending/resolved), отдельная семантика |
-| 9 | Discovery яруса 1 (верификация `rt-project-*` на боевом портале) — первая задача плана | AJAX endpoints placeholder, не верифицированы ([SupplierPortalClient.php:24-28](../../../app/app/Services/Supplier/SupplierPortalClient.php#L24-L28)); fixup-commit при расхождении; `FormProjectChannel` (ярус 2) служит независимым оракулом сверки |
-| 10 | Расширение существующего `AdminSupplierIntegrationView` (не новый экран) | Эта же админ-секция уже покрывает CSV-сверку; «здоровье интеграции с поставщиком» — один экран, две сущности (CSV + manual queue) |
diff --git a/docs/superpowers/specs/2026-05-22-supplier-projects-import-lkomega-design.md b/docs/superpowers/specs/2026-05-22-supplier-projects-import-lkomega-design.md
deleted file mode 100644
index 1baf62e..0000000
--- a/docs/superpowers/specs/2026-05-22-supplier-projects-import-lkomega-design.md
+++ /dev/null
@@ -1,147 +0,0 @@
-# Дизайн: разовый импорт активных проектов поставщика в тенант info@lkomega.ru
-
-**Дата:** 2026-05-22
-**Статус:** утверждён заказчиком (brainstorming), готов к плану
-**Ветка:** `feat/supplier-import-lkomega` (worktree от origin/main `4c80a58`)
-**Среда выполнения:** боевой пилот liderra.ru = `111.88.246.137` (там тенант info@lkomega.ru и живая supplier-сессия)
-
-## 1. Цель
-
-Заказчик ведёт проекты вручную на портале поставщика crm.bp-gr.ru (логин `lkomega.ru`). Нужно один раз завести их как проекты в Лидерре под тенантом **info@lkomega.ru** («Компания 1»), **полностью по правилам Лидерры**: три площадки B1/B2/B3 одного источника = один проект Лидерры; лимит лидов и прочие настройки переносятся корректно.
-
-Проекты **уже существуют** на портале и собирают лиды. Поэтому «перенести» = **усыновить** существующие записи портала (связать с ними проекты Лидерры), **не создавая дублей** на портале и **не меняя** его настройки.
-
-## 2. Решения заказчика (brainstorming)
-
-| Вопрос | Решение |
-|---|---|
-| Охват | Все активные проекты (`status` = включён; у всех `lim` > 0) |
-| Сторона поставщика | **Не трогать** портал — только усыновить (никаких save/update/delete на портал) |
-| Лимит в Лидерре | **Сумма** `lim` активных площадок группы (B1+B2+B3) |
-| Способ | Артизан-команда с режимом «примерки» (dry-run по умолчанию) |
-
-## 3. Исходные данные (recon read-only 2026-05-22)
-
-`SupplierPortalClient::listProjects()` на пилоте: **472** проекта аккаунта lkomega.
-
-- По типу: `calls`=322, `hosts`=135, `sms`=15.
-- По источнику (`src`): `rt`=152, `bl`=160, `mt`=159, `dop2`=1.
-- По статусу: активных (`status=true`)=375, выключенных=97. У всех `lim`>0.
-- Группировка активных по `(content, type, tag)` → **128 групп**: 120 троек B1/B2/B3, 6 пар, 2 одиночных.
-
-Форма строки портала (ключевые поля): `id` (строка, внешний id), `tag`, `src` (rt/bl/mt/…), `type` (calls/hosts/sms), `content` (идентификатор — телефон/домен), `name` (`B<n>_<content>`), `lim` (строка, лимит на площадку), `workdays` (строки `["1".."7"]`, 1=Пн..7=Вс ISO), `regions` (строка кодов ГИБДД, через запятую; пусто = вся РФ), `regions_reverse` (bool), `status` (bool).
-
-NB: на портале лимиты активных проектов **уже поделены** на B1/B2/B3 (re-split форсом, ПИЛОТ.md `029b19a`) — значит сумма площадок = корректный целевой total для Лидерры.
-
-## 4. Маппинг портал → Лидерра
-
-| Портал | Лидерра |
-|---|---|
-| `src` rt / bl / mt | platform B1 / B2 / B3 |
-| `src` = `dop2` и любые иные | **пропуск** + строка в отчёт (вне модели B1/B2/B3) |
-| `type` calls / hosts / sms | `signal_type` call / site / sms |
-| `content` (для site/call) | `signal_identifier` |
-| группа = (`content`, `type`, `tag`) | один `Project` Лидерры |
-| Σ `lim` активных площадок группы | `daily_limit_target` |
-| `regions` (коды ГИБДД, union по площадкам группы) | `Project.regions` INT[] (коды Лидерры, обратная карта `SupplierRegions`); пусто = вся РФ → `[]` |
-| `regions_reverse=false` (include) | поддерживаем; `regions_reverse=true` (exclude) → **пропуск группы** + отчёт (модель Лидерры импорта — include) |
-| union `workdays` строк | `delivery_days_mask` (бит 0=Пн..6=Вс; bit=`1<<(d-1)`) |
-| `tag` | `Project.tag` (как есть); `Project.name` = производное от `tag` (+ суффикс идентификатора при коллизии имён) |
-| `status=true` | `is_active=true` |
-
-**Обратная карта регионов:** существующий `SupplierRegions::mapToSupplier()` — Лидерра→ГИБДД (биекция 79 субъектов). Импорту нужна инверсия `mapFromSupplier()` (ГИБДД→Лидерра); непереводимый код → лог-warning + пропуск кода (регион не добавляется).
-
-**SMS (15 строк, особый случай):** модель Лидерры для sms: `sms_senders` + `sms_keyword`, площадки B2 (sender+keyword) / B3 (sender), `unique_key` по `SupplierProjectGrouping::buildUniqueKey`. На портале `content` sms-строки кодирует sender(+keyword). План: best-effort разбор `content` → `sms_senders[0]`/`sms_keyword`; группы sms, которые не разбираются однозначно, **выводятся в отчёт и пропускаются** для ручного решения (объём мал).
-
-## 5. Группировка и идемпотентность
-
-- **Группа** строится только из **активных** строк (`status=true`), у которых `src` ∈ {rt,bl,mt}. Группы с одной/двумя площадками — валидны (создаём проект с теми платформами, что есть).
-- `unique_key` для `supplier_projects` вычисляется через `SupplierProjectGrouping::buildUniqueKey($project, $platform)` (консистентность с ночным джобом: будущие синки матчатся).
-- **Идемпотентность Project:** если под тенантом info@lkomega.ru уже есть `Project` с тем же (`signal_type`, `signal_identifier`) [для sms — (`signal_type`, `sms_senders[0]`, `sms_keyword`)] → **пропуск** (в отчёт «уже существует»), не дубль.
-- **Идемпотентность supplier_projects:** строка матчится по `supplier_external_id` (id портала) либо по unique-индексу `(platform, unique_key, subject_code=null)`. Есть → переиспользуем; нет → `forceCreate` с `sync_status='ok'`, `last_synced_at=now()`.
-- Повторный запуск команды безопасен: создаёт только недостающее.
-
-## 6. Архитектура / компоненты
-
-1. **`App\Services\Supplier\SupplierProjectImporter`** — чистая логика, без побочных эффектов записи:
-   - `buildPlan(): ImportPlan` — читает `listProjects()`, фильтрует активные, группирует, реверс-маппит, считает суммы лимитов, помечает пропуски (dop2 / regions_reverse / нераспознанный sms / уже существующие). Возвращает структуру плана (список запланированных проектов + список пропусков). Зависимость `SupplierPortalClient` инжектится → тестируется на моках.
-2. **`App\Console\Commands\ImportSupplierProjectsCommand`** (`supplier:import-projects {--tenant=} {--commit}`):
-   - Резолвит тенант по email (`User::where('email', …)->tenant_id`).
-   - Печатает план таблицей (имя, тип, регионы, лимит, площадки + external_id) + счётчики + список пропусков.
-   - Без `--commit` (по умолчанию) — только печать (dry-run), 0 записей.
-   - С `--commit` — пишет в транзакции (см. §7).
-3. **`SupplierRegions::mapFromSupplier(array<int> $gibddCodes): array<int>`** — инверсия существующей карты.
-
-Граница: importer НЕ знает про вывод в консоль; команда НЕ знает про парсинг портала. План — простая DTO-структура.
-
-## 7. Путь записи (только при `--commit`)
-
-Зеркалит create-ветку `SyncSupplierProjectsJob::syncGroup`, но **без HTTP на портал** — `supplier_external_id` берётся из уже прочитанного `listProjects` (`id` строки).
-
-Соединение: **`pgsql_supplier`** (BYPASSRLS, роль `crm_supplier_worker`) для всех записей — это паттерн supplier-джобов; `Project` пишется с **явным `tenant_id`** (BYPASSRLS обходит RLS, поэтому tenant_id задаётся в коде, не из GUC). `supplier_projects` и `project_supplier_links` — SaaS-level (без RLS).
-
-На каждую группу в транзакции:
-
-1. `Project::on('pgsql_supplier')->create([tenant_id, name, tag, signal_type, signal_identifier|sms_*, regions, delivery_days_mask, daily_limit_target=Σ, is_active=true, region_mode='include'])`.
-2. На каждую активную площадку: upsert `supplier_projects` (`platform`, `signal_type`, `unique_key`, `subject_code=null`, `supplier_external_id`=id портала, `current_limit`=`lim` площадки, `current_workdays`, `current_regions`, `sync_status='ok'`, `last_synced_at=now()`).
-3. `project_supplier_links` insertOrIgnore (`project_id`, `supplier_project_id`, `platform`, `subject_code=null`).
-4. `SupplierSyncLog` action='create' (audit).
-
-Легаси-FK `supplier_b{1,2,3}_project_id` **не заполняем** — текущий `LeadRouter` ходит через pivot `project_supplier_links` (Plan 2 redesign); консистентно с актуальным джобом.
-
-## 8. Безопасность
-
-- **dry-run по умолчанию** — реальная запись только с явным `--commit`.
-- Перед `--commit` на пилоте — показ плана заказчику и его «ок».
-- Запись в **одной транзакции** на пилоте; при ошибке — откат.
-- Портал не трогаем (никаких save/update/delete) — нулевой риск дублей и переплаты.
-- Телефоны/ПДн в выводе/логах команды маскируются (152-ФЗ): идентификаторы и имена с цифровыми хвостами усекаются в отчёте.
-
-## 9. Тестирование (TDD)
-
-`SupplierProjectImporterTest` на моках `SupplierPortalClient`:
-
-- группировка троек B1/B2/B3 в один план-проект;
-- сумма лимитов площадок → `daily_limit_target`;
-- обратная карта регионов (ГИБДД→Лидерра), union, пусто=вся РФ;
-- фильтр статуса (выключенные не попадают);
-- пропуск `dop2` / `regions_reverse=true` / нераспознанного sms — с записью в отчёт;
-- идемпотентность (существующий Project → skip; существующий supplier_project → reuse).
-
-`ImportSupplierProjectsCommandTest` — smoke: dry-run ничего не пишет; `--commit` создаёт Project+supplier_projects+pivot (на тестовой БД, мок listProjects).
-
-`SupplierRegions::mapFromSupplier` — unit: биекция-инверсия, непереводимый код.
-
-## 10. Выполнение (порядок)
-
-1. Команда + сервис + тесты в worktree `feat/supplier-import-lkomega` (от origin/main).
-2. Зелёная регрессия (Pest целевой + relevant supplier suite, Pint, Larastan).
-3. Деплой на пилот (scp файлов; команда — не воркер, restart очереди не нужен).
-4. **Dry-run на пилоте** → показываю план заказчику → его «ок».
-5. Реальный прогон `--commit` на пилоте.
-6. Пост-проверка: число созданных Project под тенантом, выборочная сверка лимитов/регионов, отсутствие записей на портале (портал не дёргался).
-7. Push ветки → main; merge по решению заказчика.
-
-## 11. Уточнить при планировании (не блокеры)
-
-- **Ключ группировки.** Ночной `SyncSupplierProjectsJob` группирует по `(signal_type, identifier)` **без тега**; recon считал по `(content, type, tag)` → 128. Если у одного `(content,type)` несколько тегов — счёт групп изменится, и будущий ночной синк слил бы их в одну. **Рекомендация:** группировать как ночной джоб — по `(signal_type, identifier)` без тега (консистентно с live-синком); при нескольких тегах на одном идентификаторе — взять один (первый/наиболее частый) + отчёт. Финальный счёт уточнить на реальных данных при планировании.
-- **Семантика `tag`.** На портале у Дмитрия `tag` = кампания (напр. «Сфера Займов https://…»). Ночной синк Лидерры, наоборот, **пишет в портальный `tag` имя региона** (или «РФ»). Для импорта `Project.tag` = **сохранить кампанию из портала** (это данные заказчика); портал не трогаем, поэтому подмены тега не происходит. NB: если позже сделать resync этого проекта — штатный синк перезапишет портальный `tag` на регион (известный побочный эффект штатного поведения, вне scope импорта).
-- Точные fillable/типы `SupplierProject` (платформенный CHECK uppercase B1/B2/B3; колонка `supplier_external_id` строка).
-- Имя `Project.name`: формат из `tag` (тег бывает с URL — обрезать/нормализовать).
-- SMS-разбор `content` → sender/keyword (15 строк) — формат подтвердить на реальных sms-строках портала (read-only).
-- Резолв тенанта: `User` vs отдельная `Tenant` запись по email.
-
-## 12. Вне scope (YAGNI)
-
-- Импорт исторических лидов/сделок (отдельный CSV-эпик, уже частично сделан).
-- Импорт выключенных проектов (`status=false`).
-- Изменение чего-либо на портале crm.bp-gr.ru.
-- UI для импорта (разовая операция — команда).
-- Двусторонняя синхронизация (это разовый импорт; дальше работает штатный sync).
-
-## 13. Риски
-
-- **Несовпадение группировки портал↔Лидерра для sms** — митигируется пропуском нераспознанных + отчётом (объём 15).
-- **Регионы exclude (`regions_reverse=true`)** — пропуск + отчёт (импорт only-include).
-- **Параллельная сессия / §15** — worktree изолирован; коммиты явными путями; pre-flight sync перед нормативкой (нормативка тут не правится).
-- **Расхождение кода ветки vs пилота** — строим от origin/main = код пилота; перед `--commit` проверяем, что версия команды на пилоте = собранная.
diff --git a/docs/superpowers/specs/2026-05-23-admin-tenant-balance-edit-design.md b/docs/superpowers/specs/2026-05-23-admin-tenant-balance-edit-design.md
deleted file mode 100644
index 119ee26..0000000
--- a/docs/superpowers/specs/2026-05-23-admin-tenant-balance-edit-design.md
+++ /dev/null
@@ -1,98 +0,0 @@
-# Дизайн: правка рублёвого баланса тенанта из админки
-
-**Дата:** 2026-05-23
-**Статус:** утверждён заказчиком (через brainstorming Q&A)
-**Контекст:** после Биллинга v2 Spec A (единый ₽-баланс) заказчику нужен постоянный инструмент корректировки `tenants.balance_rub` из админки — вместо ручных правок через psql. Триггер — необходимость выставить адекватные балансы тестовым/демо-тенантам на проде после выкатки Spec A (где `balance_leads` стал vestigial, конвертация даёт артефакты вроде ½ млрд ₽).
-
-## Решения (зафиксированы в brainstorming)
-
-1. **Семантика — «установить точную сумму».** Админ вводит целевой `balance_rub`; сервер считает знаковую разницу `target − current` и записывает её в ledger. (Не дельта-ввод, не двойной режим — YAGNI.)
-2. **Поле — только `balance_rub`.** `balance_leads` после Spec A не используется и удаляется в Phase B → редактировать его смысла нет.
-3. **Доступ — из двух мест:** карточка тенанта (`AdminTenantDetailView`) И инлайн в таблице списка (`AdminTenantsView` → `TenantsTable`). Общий диалог-компонент.
-
-## Архитектура
-
-### Backend
-
-Новый метод `AdminTenantsController::updateBalance(Request $request, int $id): JsonResponse`.
-
-**Маршрут:** `PATCH /api/admin/tenants/{id}/balance` под `middleware('saas-admin')` (тот же гейт, что у hole #4 `pd-subject-requests` и `AdminPricingTiers`). Сейчас `AdminTenantsController` MVP-без-auth; новый мутирующий эндпоинт ставится под saas-admin гейт сразу (мутация денег — не lookup).
-
-**Валидация:**
-
-- `balance_rub` — `required`, `string`, `regex:/^-?\d+(\.\d{1,2})?$/`. Отрицательное допустимо (баланс легитимно уходит в минус при задолженности; `chargeback_unrecovered_rub` / overdue-логика это поддерживает).
-- `reason` — `nullable`, `string`, `max:500`.
-
-**Логика (внутри `DB::transaction`):**
-
-1. Через SaaS-connection `DB::connection('pgsql_supplier')` (BYPASSRLS-роль `crm_supplier_worker`) — `AdminTenantsController` не tenant-aware, RLS-контекст не ставится (паттерн hole #7 + `AdminBillingController::refund`).
-2. `lockForUpdate` на строке `tenants` (защита от lost-update при конкурентных topup/charge/adjust).
-3. 404 если тенант не найден / `deleted_at` не null.
-4. `delta = bcsub(target, current, 2)`. Если `bccomp(delta, '0', 2) === 0` → HTTP 422 «Баланс не изменился».
-5. `UPDATE tenants SET balance_rub = target WHERE id = ?` (raw через ту же connection; модель Eloquent decimal:2 тоже допустима, паттерн `BillingTopupService`).
-6. `INSERT balance_transactions`:
-   - `type = 'manual_adjustment'` (валидное значение CHECK).
-   - `amount_rub = delta` (знаковая строка — отрицательная при уменьшении).
-   - `amount_leads = null`, `balance_leads_after = null` (Spec A — лиды не трогаем).
-   - `balance_rub_after = target`.
-   - `description = reason ?? 'Ручная корректировка баланса (админ)'`.
-   - `admin_user_id = <actor>` (nullable — saas-admin SSO ⏸ Б-1; на MVP `null`).
-   - `created_at = now()`.
-   - Hash-chain BEFORE INSERT триггер `audit_chain_hash` подпишет `log_hash` автоматически; `audit_block_mutation` гарантирует append-only.
-7. `INSERT saas_admin_audit_log`: `action = 'tenant.balance_adjusted'`, `payload_before = {balance_rub: current}`, `payload_after = {balance_rub: target, delta, transaction_id}`. Паттерн `AdminBillingController::refund` (строки 130-131).
-
-**Ответ:** `{ balance_rub: target, delta, transaction_id }` (200).
-
-**Деньги:** только bcmath (`bcsub`/`bccomp`), без PHP float. `lockForUpdate` + append-only ledger.
-
-### Frontend
-
-**Общий компонент** `app/resources/js/components/admin/TenantBalanceDialog.vue`:
-
-- Props: `tenantId: number`, `tenantName: string`, `currentBalanceRub: string`, `modelValue: boolean` (v-model open).
-- Поля: «Новый баланс ₽» (числовой ввод, маска decimal 2), «Причина» (textarea, опц.).
-- Живой предпросмотр: «было `{current}` ₽ → станет `{new}` ₽ (`{±delta}` ₽)». Считается на клиенте через простую арифметику строк (для отображения; источник истины — сервер).
-- Кнопки: «Сохранить» (disabled если поле пустое / не изменилось / невалидно), «Отмена».
-- Submit → `PATCH /api/admin/tenants/{id}/balance` → `emit('saved', { balance_rub, transaction_id })` → закрытие.
-- Ошибка валидации/сервера → показ в диалоге (не закрывать).
-
-**Точка 1 — карточка тенанта** `AdminTenantDetailView.vue`: кнопка «Изменить баланс» рядом с отображением `balance_rub`. По `saved` → перезагрузить detail (`balance_rub` + `balance_history`, новая строка manual_adjustment видна).
-
-**Точка 2 — список** `AdminTenantsView.vue` / `TenantsTable.vue`: действие в строке (иконка-кнопка «карандаш» или пункт меню «Изменить баланс»). Открывает тот же диалог. По `saved` → обновить `balance_rub` строки в таблице (точечный патч локального состояния или перезапрос списка).
-
-**API-клиент** `app/resources/js/api/admin.ts` (или где живут admin-вызовы): функция `updateTenantBalance(id, { balance_rub, reason })`.
-
-### Тесты
-
-**Pest feature** `tests/Feature/Admin/AdminTenantBalanceUpdateTest.php`:
-
-- Установка нового баланса → `tenants.balance_rub` обновлён, `balance_transactions(type='manual_adjustment')` с правильной знаковой разницей + `balance_rub_after`, `saas_admin_audit_log` строка.
-- Уменьшение баланса (отрицательная дельта) → корректная знаковая amount_rub.
-- Установка того же значения (delta=0) → 422.
-- Невалидный формат (`10.123` / буквы) → 422.
-- Отрицательный целевой баланс → принимается.
-- 404 на несуществующий/удалённый тенант.
-
-**Vitest** `tests/Frontend/TenantBalanceDialog.spec.ts`:
-
-- Предпросмотр считает дельту корректно.
-- «Сохранить» disabled при пустом/неизменённом вводе.
-- Submit вызывает API с правильными аргументами.
-
-## Изоляция и границы
-
-- Эндпоинт — в `AdminTenantsController` (домен «Тенанты»), не в `AdminBillingController` (там tenant-аккаунт-операции refund/changeTariff). Граница: balance-adjust — административная корректировка, логически принадлежит карточке тенанта.
-- Диалог — отдельный переиспользуемый компонент, не дублируется между detail и list.
-- Никаких изменений в `LedgerService` / `BalanceToLeadsConverter` / биллинг-flow — это независимая admin-операция.
-
-## Вне scope (YAGNI)
-
-- Редактирование `balance_leads` (vestigial, удаляется Phase B).
-- Дельта-режим ввода / двойной режим.
-- Массовая правка балансов нескольких тенантов разом.
-- Лимиты-пороги на сумму (кроме формата decimal) — админ доверенный.
-- Реальный actor_admin_user_id — saas-admin SSO ⏸ Б-1 (поле nullable, заполнится позже).
-
-## Развёртывание
-
-Feature-ветка `feat/admin-tenant-balance-edit` (worktree). После реализации + регрессии + ревью — выкатка на боевой `liderra.ru` тем же копир-паттерном, что Биллинг v2 Phase A (scp файлов + frontend build + кэши). DDL не требуется (новых таблиц/колонок нет). После выкатки заказчик выставляет реальные балансы тестовым тенантам через UI.
diff --git a/docs/superpowers/specs/2026-05-23-billing-v2-spec-a-balance-rub-design.md b/docs/superpowers/specs/2026-05-23-billing-v2-spec-a-balance-rub-design.md
deleted file mode 100644
index 1459c09..0000000
--- a/docs/superpowers/specs/2026-05-23-billing-v2-spec-a-balance-rub-design.md
+++ /dev/null
@@ -1,633 +0,0 @@
-# Спек A — Биллинг v2: единый ₽-баланс + унификация tariff_plans
-
-**Дата:** 2026-05-23
-**Статус:** Design (awaiting user review)
-**Автор:** Claude Opus 4.7 (под руководством заказчика)
-**Брейнсторм:** сессия 23.05.2026
-**Триггер:** «баланс только в рублях и перевести его в лиды в соответствии с тарифом, клиент видит и то и то» + аудит раздела «Биллинг» с 19 находками.
-
-**Часть серии из 3 спеков:**
-
-- **Спек A (этот)** — балансовая модель + аудит UI.
-- Спек B — дубли (`DuplicateDetector` ↔ кросс-месячные кейсы).
-- Спек C — preflight баланса + остановка всех проектов + пересчёт заказа поставщику + VTB-эквайринг.
-
----
-
-## §1. Контекст и проблема
-
-### §1.1 Текущая модель
-
-Сейчас у тенанта **два баланса** ([db/schema.sql](../../../db/schema.sql) таблица `tenants`):
-
-- `balance_leads` (INTEGER) — предоплаченные лиды поштучно.
-- `balance_rub` (DECIMAL) — рублёвый баланс.
-
-При доставке лида ([LedgerService::chargeForDelivery](../../../app/app/Services/Billing/LedgerService.php)):
-
-1. Подбирается ступень из `pricing_tiers` (7 ступеней объёмного тарифа).
-2. Если `balance_leads >= 1` → списываем 1 лид, цена `lead_charges.price_per_lead_kopecks=0`, `charge_source='prepaid'`.
-3. Иначе — списываем рубли по цене ступени, `charge_source='rub'`.
-
-Параллельно в `tariff_plans` есть колонки `price_per_lead`, `price_monthly`, `included_leads`, `trial_bonus_leads`, `billing_model` — второе понятие «цены за лид» и «включённых лидов», которое не используется в горячем пути (`LedgerService` смотрит только `pricing_tiers`), но висит в схеме и читается из API.
-
-### §1.2 Проблемы
-
-1. Клиенту трудно понять «сколько лидов у меня хватит» — два кошелька с разными правилами трат.
-2. Концепция «предоплаченных лидов» (`balance_leads`) дублирует ту же ценность, что и `balance_rub`, но в другой валюте.
-3. `tariff_plans.price_per_lead` ↔ `pricing_tiers.price_per_lead_kopecks` — конфликт источников истины.
-4. UI раздела «Биллинг» содержит 19 формальных находок (см. §7).
-5. Концепция «включённых лидов» (`included_leads`) при подписочной модели (`billing_model='monthly'`/`'hybrid'`) — мёртвый код.
-
-### §1.3 Триггер
-
-Заказчик 23.05.2026: «**баланс только в рублях и перевести его в лиды в соответствии с тарифом, клиент видит и то и то**». Дальше через брейнсторм согласован Approach 3 — «Чистый разрез + унификация tariff_plans».
-
----
-
-## §2. Решение
-
-**Подход:** единый ₽-баланс, лиды — деривативом через pure-сервис, `tariff_plans` ужимается до «название и фичи».
-
-### §2.1 Ключевые тезисы
-
-1. **Единый ₽-баланс.** Колонка `tenants.balance_leads` удаляется. Существующие ненулевые остатки конвертируются в `balance_rub` по цене ступени 1 (консервативно, в пользу клиента) одноразовой artisan-командой.
-2. **Лиды — деривативом** через pure-сервис `BalanceToLeadsConverter`. Точный расчёт по ступеням: сколько лидов клиент реально получит при текущем балансе, учитывая уже доставленные за месяц и пересечения ступеней.
-3. **`tariff_plans` — только название и фичи.** Колонки `price_per_lead`, `price_monthly`, `included_leads`, `trial_bonus_leads`, `billing_model` удаляются. Все цены — только из `pricing_tiers`.
-4. **Никаких возвратов** (`refund`). Соответствующий таб/фильтр удаляются. (Если бизнес-нужда подтвердится — отдельный спек.)
-5. **Все P0/P1/P2 находки реестра** (§7) закрываются в рамках этого спека.
-
-### §2.2 Что НЕ делаем (явно — out of scope)
-
-- VTB-эквайринг и реальная оплата → **спек C**.
-- Auto-stop всех проектов клиента при нехватке баланса + пересчёт заказа у поставщика → **спек C**.
-- Дубли (`DuplicateDetector` 24h окно, кросс-месячные кейсы) → **спек B**.
-- Сверка с поставщиком CSV (`CsvReconcileJob`) — не трогаем.
-- `SupplierQuotaAllocator::computeOrder` — не трогаем.
-- Возвраты (`refund`) — не реализуем.
-
----
-
-## §3. Архитектура
-
-### §3.1 Карта изменений
-
-| Слой | Что |
-|---|---|
-| **БД** | `tenants` (DROP `balance_leads`), `tariff_plans` (DROP 5 колонок), `balance_transactions` (новый `type='migration'`), `lead_charges` (без изменений в схеме) |
-| **Бэк-сервисы** | `LedgerService` (упрощается), `BillingTopupService` (без изменений), **новый** `BalanceToLeadsConverter` (pure) |
-| **Бэк-контроллеры** | `BillingController` (wallet + transactions), `TenantChargesController` (export), `AdminPricingTiersController` (bcmul fix) |
-| **Бэк-команды** | **новая** `BillingMigrateLeadsToRubCommand` (artisan, идемпотентная) |
-| **Фронт-страница** | `BillingView`, `views/billing/ChargesTab` |
-| **Фронт-компоненты** | `BalanceCard`, `TransactionsTable`, `InvoicesTable`, `TopupDialog` (минимально) |
-| **Новый UI** | `TierPricesPanel` (7-ступенчатая таблица с подсветкой текущей, сворачиваемая) |
-| **Seeders** | `DemoSeeder`, `TenantSeeder` (если ссылаются на удаляемые поля) |
-| **Тесты** | Pest +3 новых файла, ~6 обновляемых; Vitest +1, ~4 обновляемых; Histoire +1, ~2 обновляемых |
-
-### §3.2 Изменения схемы БД
-
-#### §3.2.1 Phase 1 — data migration (artisan-команда)
-
-Команда `php artisan billing:migrate-leads-to-rub`:
-
-```
-ДЛЯ КАЖДОГО tenant С balance_leads > 0:
-  В транзакции с lockForUpdate(tenant):
-    1. Если balance_leads <= 0 → no-op (идемпотентность).
-    2. migrated_kopecks := balance_leads × pricing_tiers[tier_no=1, активная на сегодня].price_per_lead_kopecks
-       migrated_rub := bcdiv(migrated_kopecks, '100', 2)
-    3. new_balance_rub := bcadd(balance_rub, migrated_rub, 2)
-    4. UPDATE tenants SET balance_rub = new_balance_rub, balance_leads = 0 WHERE id = tenant.id
-    5. INSERT balance_transactions(
-         type = 'migration',
-         amount_leads = -balance_leads,
-         amount_rub = '+' || migrated_rub,
-         balance_leads_after = 0,
-         balance_rub_after = new_balance_rub,
-         description = 'Конвертация предоплаченных лидов в ₽ (миграция модели биллинга)',
-         created_at = now()
-       )
-```
-
-Свойства:
-
-- **Идемпотентна:** повторный запуск — no-op (проверка `balance_leads > 0`).
-- **Аудит:** одна `balance_transactions(type='migration')` на тенанта — единственный пейпер-трейл.
-- **Защита:** lockForUpdate против параллельных списаний/пополнений.
-
-#### §3.2.2 Phase 2 — schema cleanup (отдельный коммит, **после кодовой части в проде**)
-
-Миграция Laravel:
-
-```sql
-ALTER TABLE tenants DROP COLUMN balance_leads;
-
-ALTER TABLE tariff_plans
-  DROP COLUMN price_per_lead,
-  DROP COLUMN price_monthly,
-  DROP COLUMN included_leads,
-  DROP COLUMN trial_bonus_leads,
-  DROP COLUMN billing_model;
-
--- balance_transactions.amount_leads — остаётся nullable INT навсегда (история).
--- lead_charges.charge_source + chk_lead_charges_prepaid_zero_price — остаются (история).
--- pricing_tiers — без изменений.
--- balance_transactions hash-chain триггеры — не трогаем.
-```
-
-После Phase 2: `tariff_plans` содержит только `id, code, name, description, features (jsonb), limits (jsonb), is_active, is_public, sort_order, created_at, updated_at`. Превращается из «тарифного плана» в «пакет фич/лимитов».
-
-#### §3.2.3 Новые константы
-
-- `BalanceTransaction::TYPE_MIGRATION = 'migration'` (добавляем).
-- `BalanceTransaction::TYPE_REFUND` — **не вводим** (возвратов нет в этом спеке).
-
-### §3.3 Изменения бэка
-
-#### §3.3.1 Новый pure-сервис `BalanceToLeadsConverter`
-
-Файл: `app/app/Services/Billing/BalanceToLeadsConverter.php`.
-
-Сигнатура:
-
-```php
-final class BalanceToLeadsConverter
-{
-    /**
-     * @param string $balanceRub  DECIMAL-строка («5000.00»), bcmath
-     * @param int    $deliveredInMonth  tenants.delivered_in_month
-     * @param Collection<int, PricingTier> $activeTiers
-     * @return array{
-     *   leads: int,
-     *   breakdown: list<array{tier_no:int, leads:int, price_rub:string}>,
-     *   current_tier: array{no:int, price_rub:string, leads_left_in_tier:int}|null,
-     *   next_tier: array{no:int, price_rub:string, leads_in_tier:int}|null
-     * }
-     */
-    public function convert(string $balanceRub, int $deliveredInMonth, Collection $activeTiers): array;
-}
-```
-
-Алгоритм (псевдокод):
-
-```
-balance_kopecks := bcmul(balanceRub, '100', 0)   # string-int
-sorted := tiers.sortBy('tier_no').values()
-total_leads := 0
-breakdown := []
-cumulative := 0   # сколько лидов покрыто пройденными ступенями (для определения «вы здесь»)
-
-current_tier := null
-next_tier := null
-
-ДЛЯ tier В sorted:
-    tier_start := cumulative + 1
-    tier_cap := (tier.leads_in_tier === null) ? INF : tier.leads_in_tier
-    tier_end := cumulative + tier_cap
-
-    # сколько слотов в этой ступени ещё не «съедено» уже доставленными
-    slots_left_in_tier := max(0, tier_end - max(tier_start - 1, deliveredInMonth))
-
-    # «текущая ступень» — первая, где (deliveredInMonth + 1) попадает
-    ЕСЛИ current_tier IS null AND deliveredInMonth < tier_end:
-        current_tier := { no: tier.tier_no, price_rub: tier.price_rub, leads_left_in_tier: slots_left_in_tier }
-
-    ЕСЛИ slots_left_in_tier <= 0:
-        cumulative := tier_end
-        ПРОДОЛЖИТЬ
-
-    price_kopecks := tier.price_per_lead_kopecks
-    ЕСЛИ price_kopecks <= 0:
-        # бесплатная ступень (теоретически — пока не используется)
-        total_leads += slots_left_in_tier
-        breakdown.append({ tier_no, leads: slots_left_in_tier, price_rub: '0.00' })
-        cumulative := tier_end
-        ПРОДОЛЖИТЬ
-
-    # сколько лидов в этой ступени можем себе позволить
-    affordable_in_tier := (int) bcdiv(balance_kopecks, price_kopecks, 0)
-    take := min(slots_left_in_tier, affordable_in_tier)
-
-    ЕСЛИ take > 0:
-        total_leads += take
-        breakdown.append({ tier_no, leads: take, price_rub: format(price_kopecks) })
-        balance_kopecks := bcsub(balance_kopecks, bcmul(price_kopecks, take, 0), 0)
-
-    ЕСЛИ take < slots_left_in_tier:
-        # баланс кончился в этой ступени — следующей нет смысла
-        # next_tier остаётся null (нет смысла показывать)
-        ВЫЙТИ
-
-    cumulative := tier_end
-    ЕСЛИ tier.leads_in_tier === null: ВЫЙТИ   # «всё свыше»
-
-# next_tier — следующая после current_tier
-next_idx := sorted.findIndex(t => t.tier_no > current_tier.no)
-ЕСЛИ next_idx !== -1:
-    next_tier := { no: sorted[next_idx].tier_no, price_rub, leads_in_tier: sorted[next_idx].leads_in_tier }
-
-ВЕРНУТЬ { leads: total_leads, breakdown, current_tier, next_tier }
-```
-
-Деньги — bcmath, без PHP float. Pure (без БД-обращений). Тестируется изолированно.
-
-#### §3.3.2 `LedgerService::chargeForDelivery` (упрощённый)
-
-Удаляется dual-balance ветвление. Метод ужимается до:
-
-```php
-public function chargeForDelivery(Tenant $lockedTenant, Deal $deal, ?SupplierLead $lead = null): ChargeResult
-{
-    $activeTiers = $this->tiers->activeAt(Carbon::now('Europe/Moscow'));
-    $tier = $this->resolver->resolveForCount($activeTiers, ($lockedTenant->delivered_in_month ?? 0) + 1);
-    $priceKopecks = (int) $tier->price_per_lead_kopecks;
-
-    // bcmath check: balance_rub × 100 >= priceKopecks
-    $balanceKopecks = bcmul((string) $lockedTenant->balance_rub, '100', 0);
-    if (bccomp($balanceKopecks, (string) $priceKopecks, 0) < 0) {
-        throw new InsufficientBalanceException(
-            priceKopecks: $priceKopecks,
-            balanceRub: (string) $lockedTenant->balance_rub,
-        );
-    }
-
-    $amountRub = bcdiv((string) $priceKopecks, '100', 2);
-    $newBalanceRub = bcsub((string) $lockedTenant->balance_rub, $amountRub, 2);
-    DB::table('tenants')->where('id', $lockedTenant->id)->update(['balance_rub' => $newBalanceRub]);
-    $lockedTenant->increment('delivered_in_month', 1);
-    $lockedTenant->refresh();
-
-    LeadCharge::create([
-        'tenant_id' => $lockedTenant->id,
-        'deal_id' => $deal->id,
-        'deal_received_at' => $deal->received_at,
-        'tier_no' => $tier->tier_no,
-        'price_per_lead_kopecks' => $priceKopecks,
-        'charge_source' => 'rub',  // всегда
-        'charged_at' => now(),
-        'created_at' => now(),
-    ]);
-
-    BalanceTransaction::create([
-        'tenant_id' => $lockedTenant->id,
-        'type' => BalanceTransaction::TYPE_LEAD_CHARGE,
-        'amount_leads' => null,    // история - больше не пишем
-        'amount_rub' => '-' . $amountRub,
-        'balance_leads_after' => null,
-        'balance_rub_after' => (string) $lockedTenant->balance_rub,
-        'related_type' => Deal::class,
-        'related_id' => $deal->id,
-        'created_at' => now(),
-    ]);
-
-    // supplier_lead_costs - без изменений
-    if ($lead !== null) {
-        $supplierId = $this->resolveSupplierId($lead);
-        if ($supplierId !== null) {
-            $supplier = Supplier::findOrFail($supplierId);
-            DB::table('supplier_lead_costs')->insert([
-                'deal_id' => $deal->id,
-                'received_at' => $deal->received_at,
-                'supplier_id' => $supplierId,
-                'cost_rub' => $supplier->cost_rub,
-                'created_at' => now(),
-            ]);
-        }
-    }
-
-    return new ChargeResult('rub', $tier, $priceKopecks);
-}
-```
-
-Удаляется:
-
-- Приватный метод `decideSource()`.
-- Поле `ChargeResult::$source` (или всегда `'rub'`).
-- Параметр `InsufficientBalanceException::$balanceLeads`.
-
-#### §3.3.3 `BillingController::wallet`
-
-Новая структура ответа:
-
-```json
-{
-  "balance_rub": "5000.00",
-  "affordable_leads": 46,
-  "current_tier": { "no": 1, "price_rub": "120.00", "leads_left_in_tier": 20 },
-  "next_tier": { "no": 2, "price_rub": "100.00", "leads_in_tier": 100 },
-  "delivered_in_month": 30,
-  "runway_days": 12,
-  "tiers_preview": [
-    { "tier_no": 1, "leads_in_tier": 50,   "price_rub": "120.00" },
-    { "tier_no": 2, "leads_in_tier": 100,  "price_rub": "100.00" },
-    ...
-    { "tier_no": 7, "leads_in_tier": null, "price_rub": "60.00" }
-  ],
-  "tariff": { "code": "...", "name": "...", "features": [...] }
-}
-```
-
-`runway_days` пересчитывается как `affordable_leads / средний_лидов_в_день_за_30дн`. Если средняя = 0 → `null`. Если `affordable_leads = 0` → `0`. Одна формула для всего экрана.
-
-`tariff` — без `price_monthly`, `billing_model`, `included_leads` (поля удалены).
-
-#### §3.3.4 `BillingController::transactions`
-
-Удалить фильтр `refund` из validation:
-
-```diff
-- if (is_string($type) && in_array($type, ['topup', 'lead_charge', 'refund'], true)) {
-+ if (is_string($type) && in_array($type, ['topup', 'lead_charge', 'migration'], true)) {
-```
-
-#### §3.3.5 `AdminPricingTiersController::store`
-
-```diff
-- 'tiers.*.price_rub' => ['required', 'numeric', 'min:0'],
-+ 'tiers.*.price_rub' => ['required', 'string', 'regex:/^\d+(\.\d{1,2})?$/'],
-
-- 'price_per_lead_kopecks' => (int) round(((float) $tier['price_rub']) * 100),
-+ 'price_per_lead_kopecks' => (int) bcmul((string) $tier['price_rub'], '100', 0),
-```
-
-#### §3.3.6 `TenantChargesController::export`
-
-Заполняем колонку `balance_rub_after` через JOIN к `balance_transactions`:
-
-```sql
-JOIN balance_transactions bt ON bt.related_type = 'App\Models\Deal'
-                            AND bt.related_id = lead_charges.deal_id
-                            AND bt.tenant_id = lead_charges.tenant_id
-```
-
-#### §3.3.7 Seeders cleanup
-
-Перед миграцией `grep -r 'balance_leads\|trial_bonus_leads\|included_leads\|billing_model\|price_per_lead\|price_monthly' app/database/seeders/` — заменить все ссылки. Бонусные лиды при подключении тарифа выдаются как ₽ через `BillingTopupService::topup($tenantId, $startBonusRub, null)` с описанием «Стартовый бонус».
-
-### §3.4 Изменения фронта
-
-#### §3.4.1 Типы (`app/resources/js/api/billing.ts`)
-
-```typescript
-export interface Wallet {
-  balance_rub: string
-  affordable_leads: number
-  current_tier: { no: number; price_rub: string; leads_left_in_tier: number }
-  next_tier: { no: number; price_rub: string; leads_in_tier: number } | null
-  delivered_in_month: number
-  runway_days: number | null
-  tiers_preview: Array<{ tier_no: number; leads_in_tier: number | null; price_rub: string }>
-  tariff: { code: string; name: string; features: string[] } | null
-}
-
-export interface BillingTransaction {
-  id: number
-  code: string
-  type: 'topup' | 'lead_charge' | 'migration'    // 'refund' удалён
-  description: string | null
-  amount_rub: string
-  amount_leads: number | null                    // история, может быть null
-  balance_rub_after: string
-  display_amount_rub: string                     // новое: всегда ₽-эквивалент (для исторических prepaid)
-  created_at: string
-}
-```
-
-#### §3.4.2 `BillingView.vue`
-
-- Шапка `page-stats`: удалить «N лидов запас». Остаётся «`X` кошелёк · хватит на `Y` дн.» (если `runway_days` не null).
-- Под `BalanceCard` — новый блок `TierPricesPanel` (см. §3.4.6), перед `TransactionsTable`.
-
-#### §3.4.3 `BalanceCard.vue`
-
-3 карточки:
-
-| # | Заголовок | Контент |
-|---|---|---|
-| 1 | «Кошелёк ₽» (тёмная) | `balanceRub ₽` + мелким «мин. пополнение 100 ₽» (удалить «округление вниз ₽→лиды») + кнопка «Пополнить» + disabled «Автопополнение» |
-| 2 | «**≈ N лидов**» | `affordable_leads` крупно + tooltip «Точный расчёт по текущим ценам. Меняется при переходе ступеней.» + sub-line «сейчас по `current_tier.price_rub` ₽/лид» |
-| 3 | «Что входит» | `tariff.name` + список `tariff.features` (галочки). Без `price_monthly`. Кнопка «Сменить тариф» disabled остаётся. |
-
-Удалить:
-
-- «Баланс лидов (ГЦК)» текст.
-- Аббревиатуру «(ГЦК)».
-- Текст «округление вниз ₽→лиды».
-- Префикс `tariff_price` («₽/мес»).
-
-#### §3.4.4 `TransactionsTable.vue`
-
-- Массив `TABS` — удалить пункт `{ id: 'refund', ... }`.
-- Функция `txAmountText` — переписать: всегда выводит ₽-эквивалент через `display_amount_rub` (бэк отдаёт уже посчитанный).
-- `formatWhen` — добавить год: `{ year: '2-digit', day: '2-digit', month: '2-digit', hour, minute }` → «23.05.26, 14:30».
-
-#### §3.4.5 `InvoicesTable.vue`
-
-- Сумма с «₽»: `formatPlain(Number(inv.amount_total)) + ' ₽'`.
-- Empty-state без изменений («Счета появятся после первой оплаты»).
-
-#### §3.4.6 `ChargesTab.vue`
-
-- Удалить `v-select` «Источник» (`source` ref, `sources` массив).
-- Удалить колонку «Источник» из `headers`.
-- Колонка «Цена»: для исторических строк с `price_per_lead_kopecks === 0` (prepaid) — серое «0 ₽ (из бесплатного)» с tooltip «До перехода на новую модель эти лиды списывались из бесплатного остатка».
-- POST → GET для экспорта (находка #13) — отложено.
-
-#### §3.4.7 `TopupDialog.vue`
-
-В этом спеке **не трогаем** (VTB перекроит — спек C). Минимум 100₽ остаётся.
-
-#### §3.4.8 Новый `TierPricesPanel.vue`
-
-Свёрнутый по умолчанию `<v-expansion-panel>` с заголовком «Цены за лид (7 ступеней)». Внутри — таблица 7 строк:
-
-| Ступень | Диапазон | Цена |
-|---|---|---|
-| 1 | 1–50 лидов | 120 ₽ |
-| 2 | 51–150 лидов | 100 ₽ |
-| ... | ... | ... |
-| 7 | 1501+ | 60 ₽ |
-
-С подсветкой (бордер + чип «вы здесь») текущей ступени из `current_tier.no`. Данные — из `wallet.tiers_preview` (один API-запрос, не два).
-
-### §3.5 Тесты
-
-#### §3.5.1 Pest (новые)
-
-- `Tests/Unit/Services/Billing/BalanceToLeadsConverterTest.php` — ≥8 кейсов (пустой баланс, одна ступень, переход ступеней, последняя `NULL`-ступень, `delivered_in_month` пропуск, граничные копейки, bcmath-точность, неактивные ступени).
-- `Tests/Feature/Billing/MigrationLeadsToRubTest.php` — конвертация по tier 1, INSERT `balance_transactions(type='migration')`, идемпотентность, lockForUpdate.
-- `Tests/Feature/Billing/WalletApiTest.php` — `/api/billing/wallet` отдаёт `affordable_leads`, `current_tier`, `next_tier`, `tiers_preview`, `tariff` без удалённых полей.
-
-#### §3.5.2 Pest (обновляемые)
-
-- `LedgerServiceTest` — удалить кейсы prepaid-ветки, оставить только rub.
-- `BillingControllerTest::transactions` — убрать кейс `type=refund`.
-- `AdminPricingTiersControllerTest` — кейс «цена 10.10 → 1010 копеек» через bcmul.
-- `TenantChargesControllerTest::export` — ассертить `balance_rub_after` заполнен.
-
-#### §3.5.3 Pest (удаляемые)
-
-- Все кейсы с `balance_leads--` или `charge_source='prepaid'` для **новых** сделок.
-
-#### §3.5.4 Vitest
-
-- `BalanceCard.spec.ts` — обновить (≈ N лидов, tooltip, без «(ГЦК)»).
-- `TransactionsTable.spec.ts` — без таба «Возвраты», конвертация через `display_amount_rub`.
-- `ChargesTab.spec.ts` — без фильтра/колонки «Источник».
-- `InvoicesTable.spec.ts` — формат суммы с «₽».
-- **Новый** `TierPricesPanel.spec.ts` — 7 ступеней рендерятся, текущая подсвечена.
-- `BillingView.spec.ts` — шапка без «лидов запас», `TierPricesPanel` свёрнут по умолчанию.
-
-#### §3.5.5 Histoire
-
-- `BillingView.story.vue`, `BalanceCard.story.vue` — обновить fixture'ы.
-- **Новый** `TierPricesPanel.story.vue` — 3 вариации (на ступени 1, 3, 7).
-
-#### §3.5.6 Larastan / type-check
-
-- Удалить `Tenant::balance_leads` свойство (PHPDoc + `$casts`).
-- vue-tsc после изменения `Wallet`-интерфейса найдёт все потребители — поправить точечно.
-
----
-
-## §4. Миграция и релиз
-
-### §4.1 Двухфазное развёртывание (критично)
-
-#### Фаза A — код + data migration (PR #1)
-
-1. Все code-side изменения (LedgerService, контроллеры, фронт, тесты, конвертер).
-2. Новая artisan-команда `php artisan billing:migrate-leads-to-rub`.
-3. **Колонка `balance_leads` остаётся в БД** — код её больше не читает/пишет, но физически на месте (страховка от мгновенного rollback).
-4. Прогон на проде:
-   - бэкап БД (`pg_dump`),
-   - деплой кода,
-   - `php artisan billing:migrate-leads-to-rub`,
-   - smoke-тесты на 2 demo тенантах (`/api/billing/wallet`, доставка тестового лида),
-   - 24-72 ч наблюдения через `balance_transactions(type='migration')` audit-log.
-
-#### Фаза B — schema cleanup (PR #2, через 1-3 дня после Фазы A в проде)
-
-1. Grep-проверка: `grep -r 'balance_leads\|price_per_lead\|price_monthly\|included_leads\|trial_bonus_leads\|billing_model' app/` (исключая `lead_charges.price_per_lead_kopecks` — другое поле).
-2. Миграция Laravel `ALTER TABLE` (§3.2.2).
-3. Деплой.
-
-**Rollback Фазы A:** `balance_leads` ещё в БД → обратный SQL по `balance_transactions.amount_leads` для строк `type='migration'`. Поэтому Фаза B — отдельный PR.
-
-### §4.2 Регрессионные критерии (`/regression full` перед merge каждой фазы)
-
-- Pest --parallel зелёный (целевое: +20-30 новых ассертов).
-- Vitest зелёный (+10-15 новых ассертов).
-- Larastan 0 ошибок.
-- Vite build OK.
-- Histoire build OK.
-- Pa11y `/billing` — 0 violations.
-- gitleaks 0, lychee 0 broken.
-
-### §4.3 Контракты и инварианты
-
-- **bcmath** для всех мутаций `balance_rub` (никогда PHP float).
-- **append-only** `balance_transactions` и `lead_charges` — hash-chain триггеры в БД не трогаем.
-- **Никогда** `balance_rub < 0` — `InsufficientBalanceException` перед мутацией.
-- **delivered_in_month** — единственный счётчик «лидов в этом месяце», обнуляется `ResetMonthlyCountersCommand` 1-го числа месяца.
-
----
-
-## §5. Алгоритм конвертации `BalanceToLeadsConverter::convert` — рабочий пример
-
-**Вход:**
-
-- `balanceRub = '5000.00'`
-- `deliveredInMonth = 30`
-- `tiers`:
-  - tier 1: leads_in_tier=50, price=120₽ (12000 коп)
-  - tier 2: leads_in_tier=100, price=100₽ (10000 коп)
-  - tier 3: leads_in_tier=200, price=80₽ (8000 коп)
-  - ...
-  - tier 7: leads_in_tier=NULL, price=60₽ (6000 коп)
-
-**Прогон:**
-
-- balance_kopecks = 500 000
-- **tier 1:** tier_start=1, tier_end=50, slots_left = 50−max(0, 30) = 20.
-  - current_tier := { no:1, price:'120.00', leads_left:20 }
-  - affordable_in_tier = floor(500000/12000) = 41 → take = min(20, 41) = 20
-  - total = 20; balance_kopecks = 500000 − 20×12000 = 260000
-  - take == slots_left → продолжаем; cumulative = 50.
-- **tier 2:** tier_start=51, tier_end=150, slots_left = 150−max(50, 30) = 100.
-  - affordable = floor(260000/10000) = 26 → take = min(100, 26) = 26
-  - total = 46; balance_kopecks = 260000 − 26×10000 = 0
-  - take < slots_left → выход.
-- **Итог:** `{ leads: 46, breakdown: [{1, 20, '120.00'}, {2, 26, '100.00'}], current_tier: {1, '120.00', 20}, next_tier: {2, '100.00', 100} }`
-
-UI: «**≈ 46 лидов**» крупно. Tooltip: «20 лидов по 120 ₽ + 26 по 100 ₽».
-
----
-
-## §6. Реестр находок «Биллинг» (закрывается в этом спеке)
-
-**P0 — критичные:**
-
-- **№1.** «Баланс лидов (ГЦК)» карточка → «≈ N лидов» с tooltip. Убрать «(ГЦК)».
-- **№2.** Дубль `balance_leads` в шапке `BillingView` — удалить из `page-stats`.
-- **№3.** Таб «Возвраты» в `TransactionsTable` + фильтр `refund` в `BillingController::transactions` — удалить (без возвратов в этом спеке).
-- **№4.** Чип `prepaid` и фильтр «Источник» в `ChargesTab` — удалить (исторические строки помечаются tooltip'ом).
-- **№5.** `InvoicesTable.amount_total` без «₽» — добавить суффикс.
-
-**P1 — важные:**
-
-- **№6.** `BillingController::runwayDays` — переписать на `affordable_leads / средний_лидов_в_день` (одна формула с шапкой).
-- **№7.** `AdminPricingTiersController::store` — float → bcmul + `regex:/^\d+(\.\d{1,2})?$/` validation.
-- **№8.** «Округление вниз ₽→лиды» в `BalanceCard` — удалить (после конвертера термин не нужен).
-- **№9.** `TopupDialog` алерт «Платёжный шлюз...» — оставить как есть (VTB перекроит в спеке C).
-- **№10.** `TopupDialog.PRESETS` — синхронизировать с VTB после спека C; в этом спеке не трогаем.
-- **№11.** `txAmountText` «− 1 лид.» — переписать через `display_amount_rub` от бэка.
-
-**P2 — нюансы:**
-
-- **№12.** `TransactionsTable.formatWhen` — добавить год.
-- **№13.** `ChargesTab.exportCsv` POST → GET — отложено (не блокер).
-- **№14.** `TenantChargesController::export.balance_rub_after` пустой — заполнить через JOIN.
-- **№15.** `InvoicesTable.amount_total → Number()` precision — отложено (под VTB).
-
-**Связанные (вне этого спека):**
-
-- **№16.** `DuplicateDetector.WINDOW_HOURS = 24` → спек B.
-- **№17.** `SupplierQuotaAllocator::computeOrder` без учёта баланса → спек C.
-- **№18.** `RouteSupplierLeadJob::handleInsufficientBalance` останавливает один проект → спек C.
-- **№19.** `BillingTopupService` зачисляет сразу → спек C (VTB).
-
----
-
-## §7. Открытые вопросы
-
-Все решения согласованы в брейнсторме 23.05.2026:
-
-- Вариант 3 (с унификацией `tariff_plans`) — выбран.
-- Точный расчёт по ступеням — выбран (не «по текущей ступени», не «по ступени 1»).
-- `balance_leads` удаляется полностью (не остаётся как «подарочный остаток»).
-- Возвраты — не реализуем.
-- Конвертер — pure, на бэке, один движок для шапки + карточки + runway.
-- `TierPricesPanel` — свёрнут по умолчанию.
-- `tiers_preview` встроен в `/api/billing/wallet` (один запрос).
-- Релиз — двухфазный (код+data → ALTER TABLE).
-- Миграция данных — artisan-команда, идемпотентная.
-
----
-
-## §8. Связанные документы
-
-- Брейнсторм-сессия: 23.05.2026 (transcript не сохранён отдельно — содержание этого спека отражает все решения).
-- Исходный дизайн биллинга: [docs/superpowers/specs/2026-05-11-plan4-billing-csv-admin-design.md](2026-05-11-plan4-billing-csv-admin-design.md).
-- Спек B (дубли) — будет создан после Спека A.
-- Спек C (preflight + VTB) — будет создан после Спека B.
-
----
-
-## §9. Следующие шаги
-
-1. **Пользовательское ревью** этого спека.
-2. После одобрения — переход к `superpowers:writing-plans` для генерации детального плана реализации (`docs/superpowers/plans/2026-05-23-billing-v2-spec-a-balance-rub-plan.md`).
-3. Реализация по плану в отдельной ветке (предположительно `feat/billing-v2-spec-a`).
-4. Релиз Phase A → наблюдение → релиз Phase B.
-5. Переход к брейнсторму Спека C.
diff --git a/docs/superpowers/specs/2026-05-23-billing-v2-spec-b-duplicates-design.md b/docs/superpowers/specs/2026-05-23-billing-v2-spec-b-duplicates-design.md
deleted file mode 100644
index bb24917..0000000
--- a/docs/superpowers/specs/2026-05-23-billing-v2-spec-b-duplicates-design.md
+++ /dev/null
@@ -1,160 +0,0 @@
-# Биллинг v2 — Спек B: политика дублей (дизайн)
-
-**Дата:** 2026-05-23
-**Статус:** дизайн утверждён заказчиком, готов к writing-plans
-**Серия:** Биллинг v2 (Спек A — балансовая модель ✅ Phase A; Спек B — дубли; Спек C — preflight + VTB)
-**Связано:** `docs/superpowers/specs/2026-05-23-billing-v2-spec-a-balance-rub-design.md`, memory `project-billing-v2`
-
----
-
-## 1. Главное правило (governing rule)
-
-**Дедупликация лидов — ответственность ПОСТАВЩИКА (crm.bp-gr.ru), не Лидерры.**
-
-Поставщик чистит повторы в своём окне (≈30 дней). Что поставщик прислал — для Лидерры это «настоящий» лид: мы его раздаём клиентам и берём за него деньги. **Лидерра повторы по телефону НЕ фильтрует.**
-
-Единственная наша забота — **не наделать своих дублей**: одна поставка одному клиенту = ровно один оплаченный лид. При этом один лид по-прежнему можно продать **до 3 РАЗНЫХ клиентов** (модель шеринга — это норма, не дубль).
-
-Формулировка заказчика (брейнсторм 23.05.2026):
-
-- «убираем все фильтры! но главное нам самим не наделать дублей — нам прислал поставщик в одном экземпляре, а мы клиенту выдали 2 раза! это не касается правила: 1 лид может быть продан 3-м».
-- «если 5 клиентов заказали лиды с одного источника, то мы можем продать лид только 3-м максимум».
-
-«Смотри через это правило всё окружение» — спецификация проходит по всем местам, где есть логика дублей/дедупа, и приводит их в соответствие с правилом.
-
-### Разрез понятий (важно не путать)
-
-| Понятие | Что это | Решение |
-|---|---|---|
-| **Дубль по телефону** (антифрод) | Два разных лида с одинаковым телефоном | НЕ фильтруем — убираем (правило выше) |
-| **Технический повтор поставки** | Тот же физический лид пришёл дважды (один `vid`) | Идемпотентность по `vid` — оставляем |
-| **Наш собственный дубль** | Одна поставка → одному клиенту 2 копии | Запрещаем (новый замок в БД) |
-| **Шеринг** | Один лид → до 3 РАЗНЫХ клиентов | Норма, сохраняем (лимит теперь по клиентам) |
-| **CSV-восстановление повтора** | CSV тащит то, что уже принято вебхуком | Дедуп CSV по (телефон, проект) — оставляем |
-
----
-
-## 2. Текущее состояние (as-is)
-
-- **`app/app/Services/DuplicateDetector.php`** — телефонный фильтр. `findMaster(tenantId, phone, now)` ищет master-сделку `(tenant_id, phone)` с `received_at >= now − 24h` и `duplicate_of_id IS NULL`. `WINDOW_HOURS = 24`.
-- Вызывается в двух местах:
-  - **`ProcessWebhookJob`** (прямой вебхук, `WebhookReceiveController` → `ProcessWebhookJob`; legacy-путь на `balance_leads`): `handle()` находит master → `markAsDuplicate()` (проставляет `duplicate_of_id`, НЕ списывает). Идемпотентность по `vid` обеспечена `webhook_dedup_keys (tenant_id, source_crm_id)`.
-  - **`RouteSupplierLeadJob`** (шеринг, `SupplierWebhookController` → `SupplierLead` → `RouteSupplierLeadJob`; новый путь на `LedgerService`): `createDealCopyForProject()` находит master → помечает дубль, без `chargeForDelivery`.
-- **`LeadRouter::matchEligibleProjects`** — отдаёт ВСЕ подходящие проекты (по всем клиентам), среди них могут быть несколько проектов одного клиента.
-- **`LeadDistributor::selectRecipients`** — `CAP = 3`, берёт 3 случайных **проекта** (не клиента). → один лид может попасть в 2+ проекта одного клиента = «наш дубль».
-- **`CsvReconcileJob`** — дедуп CSV-строк по (телефон, проект) против уже принятых `supplier_leads` за окно 2 дня; недостающие → `SupplierLead(vid=NULL, source='csv_recovery')` → `RouteSupplierLeadJob`.
-- **Схема:** `deals.duplicate_of_id BIGINT` (без FK — `deals` партиционирована), индекс `ON deals (duplicate_of_id) WHERE duplicate_of_id IS NOT NULL`; индекс `(tenant_id, phone, received_at)`.
-- **UI:** строка `duplicate_detected` в матрице уведомлений `SettingsView.vue` (8×3). Уведомление **нигде в коде не отправляется** (мёртвая строка). На карточке сделки/в списке отображения дублей нет.
-
----
-
-## 3. Целевое состояние (to-be)
-
-### 3.1. Убираем наш антифрод-фильтр
-
-- Удаляем сервис `DuplicateDetector`.
-- В `ProcessWebhookJob`: убираем вызов `findMaster` + метод `markAsDuplicate`; новая сделка всегда списывается через `chargeNewLead`. Защита от своих дублей здесь — существующая идемпотентность по `vid` (один `vid` → одна сделка на клиента; разные `vid` с одним телефоном → обе списываются — целевое поведение).
-- В `RouteSupplierLeadJob::createDealCopyForProject`: убираем вызов `findMaster` + ветку пометки дубля.
-
-### 3.2. Раздача по клиентам, а не по проектам
-
-- Подбор получателей схлопывается **до одного проекта на клиента**: среди подходящих проектов клиента берём проект с **наибольшим остатком дневного лимита** (`COALESCE(effective_daily_limit_today, daily_limit_target) − delivered_today` по убыванию; при равенстве — `created_at, id` по возрастанию). Детерминированно.
-- Лимит `CAP = 3` теперь применяется к **разным клиентам**. 5 клиентов под один источник → ровно 3 получают лид (случайный выбор среди клиентов через инъектируемый `Randomizer`, как сейчас).
-- Реализация (на усмотрение writing-plans): `DISTINCT ON (tenant_id)` в `LeadRouter` с соответствующим `ORDER BY`, либо явное схлопывание по `tenant_id` в отдельном шаге; `LeadDistributor::selectRecipients` остаётся cap=3 поверх уже «один-на-клиента» списка.
-
-### 3.3. Замок в БД — «одна поставка одному клиенту = один раз» (ядро Варианта B)
-
-Новая таблица-замок `supplier_lead_deliveries`:
-
-| Колонка | Тип | Назначение |
-|---|---|---|
-| `supplier_lead_id` | BIGINT NOT NULL | поставка (FK на `supplier_leads(id)` ON DELETE CASCADE — `supplier_leads` не партиционирована) |
-| `tenant_id` | BIGINT NOT NULL | клиент |
-| `deal_id` | BIGINT NULL | созданная сделка (без FK — `deals` партиционирована, паттерн как `duplicate_of_id`) |
-| `created_at` | TIMESTAMPTZ NOT NULL DEFAULT now() | |
-
-- **PRIMARY KEY (`supplier_lead_id`, `tenant_id`)** — уникальность «поставка ↔ клиент».
-- **RLS** `tenant_isolation` по `tenant_id` (USING + WITH CHECK на `app.current_tenant_id`), как у прочих tenant-таблиц.
-- GRANT'ы для 5 ролей (`crm_app_user`, `crm_app_admin`, `crm_supplier_worker` BYPASSRLS, `crm_readonly`, `crm_migrator`).
-
-**Логика в `createDealCopyForProject`** (внутри той же транзакции с `SET LOCAL app.current_tenant_id`, ПОСЛЕ lock'а tenant и recheck'а лимита проекта, ДО создания сделки):
-
-1. `INSERT INTO supplier_lead_deliveries (supplier_lead_id, tenant_id, created_at) VALUES (...) ON CONFLICT (supplier_lead_id, tenant_id) DO NOTHING`.
-2. Если вставлено 0 строк → эта поставка этому клиенту уже выдавалась → `return false` (сделку не создаём, баланс не списываем).
-3. Иначе → создаём `Deal`, `UPDATE supplier_lead_deliveries SET deal_id = ...`, затем `LedgerService::chargeForDelivery` + счётчики + уведомление.
-
-**Почему ключ по `supplier_lead_id`, а не по телефону:** это НЕ возвращает телефонный фильтр. Два разных лида с одним телефоном — две разные поставки, два разных `supplier_lead_id`, обе оплачиваются. А одну и ту же поставку клиенту дважды БД физически не пропустит — даже при гонках, перезапусках задачи (`tries=3`) и CSV-восстановлении (где `vid=NULL`, но `supplier_lead_id` всегда есть).
-
-**Scope:** замок нужен только в шеринг-пути (`RouteSupplierLeadJob`). Прямой вебхук (`ProcessWebhookJob`) не идёт через `supplier_leads` и уже защищён `webhook_dedup_keys (tenant_id, vid)` — там замок не требуется.
-
-### 3.4. Чистка следов концепции дублей
-
-- Перестаём писать `deals.duplicate_of_id`. Колонку оставляем **спящей** (решение заказчика 23.05 — безопаснее; удалить можно отдельной задачей, как `balance_leads` в Спеке A Phase B). Индекс `ON deals (duplicate_of_id) WHERE NOT NULL` становится лишним — удаляем сразу.
-- Убираем строку `duplicate_detected` из матрицы уведомлений `SettingsView.vue` (8×3 → 7×3). Старый ключ в сохранённых `users.notification_preferences` JSONB просто игнорируем (не ломает).
-
-### 3.5. Что НЕ трогаем
-
-- Идемпотентность по `vid` в `ProcessWebhookJob` (`webhook_dedup_keys`).
-- Дедуп CSV по (телефон, проект) в `CsvReconcileJob` — это защита от наших дублей, в духе правила.
-- Рабочие дни (`delivery_days_mask`), дневные лимиты, проверку баланса (eligibility) — настройки клиента/биллинг, не фильтры дублей.
-
----
-
-## 4. Крайние случаи
-
-| Случай | Поведение |
-|---|---|
-| Один телефон у РАЗНЫХ клиентов | Каждый клиент оплачивает свою копию (без изменений — корректно) |
-| Один телефон, ДВЕ разные поставки (`vid` A и B), один клиент | Обе списываются (НОВОЕ — раньше глушилось телефонным фильтром) |
-| Одна поставка, у клиента 2+ подходящих проекта | Один проект (max остаток лимита), одно списание (замок + раздача-по-клиентам) |
-| 5 клиентов под один источник | Ровно 3 получают и оплачивают |
-| CSV-восстановленный лид (`vid=NULL`) | Замок по `supplier_lead_id` работает; повторная выдача тому же клиенту не пройдёт |
-| Перезапуск задачи (`tries=3`) после частичного успеха | `processed_at` + замок не дают повторных списаний |
-| Прямой вебхук, тот же `vid` повторно | Одна сделка (идемпотентность `vid`), без изменений |
-
----
-
-## 5. Тесты
-
-Добавить:
-
-- Один телефон, две разные поставки, один клиент → списано дважды.
-- Одна поставка, у клиента 2 подходящих проекта → одна сделка + одно списание; выбран проект с наибольшим остатком лимита (тай-брейк).
-- 5 клиентов eligible под один источник → ровно 3 списания у 3 разных клиентов.
-- Замок: повторный `INSERT` той же `(supplier_lead_id, tenant_id)` → `DO NOTHING`, сделка не создаётся, баланс не тронут.
-- CSV-восстановление: лид с `vid=NULL`, повторная выдача клиенту → замок срабатывает.
-
-Удалить:
-
-- Тесты телефонного фильтра в `ProcessWebhookJobTest`, `RouteSupplierLeadJobTest`, `RouteSupplierLeadJobBillingTest`, `SupplierLeadFlowTest`, `AutoPauseFlowTest`, `DealCreatePdLogTest` (по факту наличия — verify в writing-plans).
-
-Регрессия: Pest на затронутом коде зелёный; Larastan/Pint/ESLint clean; Vitest на `SettingsView` (после правки матрицы).
-
----
-
-## 6. Выкатка
-
-- Изменение **одна-фазное**: код + новая аддитивная таблица `supplier_lead_deliveries`. Двухфазность (как в Спеке A с DROP COLUMN) не нужна — ничего разрушающего (`duplicate_of_id` остаётся в БД спящей).
-- `db/CHANGELOG_schema.md` — запись о новой таблице (правило проекта §4.2).
-- **Бизнес-эффект:** после выката клиенты начнут платить за то, что раньше глушилось как «дубль» — это и есть заказанная правка. Предупредить заказчика перед прод-merge.
-
----
-
-## 7. Границы (out of scope)
-
-- `DuplicateDetector.WINDOW_HOURS` тюнинг — N/A, сервис удаляется целиком.
-- Балансовая модель, тарифные ступени — Спек A.
-- Preflight баланса, `SupplierQuotaAllocator`, VTB-эквайринг — Спек C.
-- Физическое удаление `deals.duplicate_of_id` — потенциальная отдельная cleanup-задача.
-
----
-
-## 8. Ключевые решения брейнсторма (зафиксированы)
-
-1. Дедуп — ответственность поставщика; Лидерра телефон не фильтрует.
-2. `DuplicateDetector` удаляется полностью (Вариант B принят над «лёгким» A и отвергнутым C «помечать но списывать»).
-3. Лимит шеринга «3» = 3 РАЗНЫХ клиента; одному клиенту одна копия.
-4. Тай-брейк проекта внутри клиента — максимальный остаток дневного лимита (детерминированно).
-5. Защита от своих дублей — на уровне БД (замок `supplier_lead_deliveries`, ключ по поставке, не по телефону).
-6. `duplicate_of_id` остаётся спящей; индекс по ней удаляется.
-7. Одна-фазная выкатка.
diff --git a/docs/superpowers/specs/2026-05-24-billing-v2-spec-c-preflight-vtb-design.md b/docs/superpowers/specs/2026-05-24-billing-v2-spec-c-preflight-vtb-design.md
deleted file mode 100644
index 8ae4888..0000000
--- a/docs/superpowers/specs/2026-05-24-billing-v2-spec-c-preflight-vtb-design.md
+++ /dev/null
@@ -1,820 +0,0 @@
-# Спек C — Биллинг v2: preflight баланса + VTB-эквайринг
-
-**Дата:** 2026-05-24
-**Статус:** Design (awaiting user review)
-**Автор:** Claude Opus 4.7 (под руководством заказчика)
-**Брейнсторм:** сессия 24.05.2026
-**Триггер:** «preflight баланса перед заказом у поставщика, чтобы не заказать лишнего; VTB-эквайринг для пополнения баланса» (заказчик 23.05.2026, расширено в брейнсторме 24.05).
-
-**Часть серии из 3 спеков:**
-
-- Спек A — единый ₽-баланс (DONE на проде, [спек](2026-05-23-billing-v2-spec-a-balance-rub-design.md)).
-- Спек B — политика дублей (DONE на проде, [спек](2026-05-23-billing-v2-spec-b-duplicates-design.md)).
-- **Спек C (этот)** — preflight баланса + VTB-эквайринг.
-
----
-
-## §1. Контекст и проблема
-
-### §1.1 Текущее поведение портала
-
-**Расчёт заказа у поставщика** ([app/app/Services/Supplier/SupplierQuotaAllocator.php:88-98](../../../app/app/Services/Supplier/SupplierQuotaAllocator.php#L88-L98)):
-
-```
-order = max(самый_большой_лимит, ceil(сумма_лимитов ÷ 3))
-```
-
-где входной массив — `daily_limit` всех eligible-на-сегодня проектов клиентов на источнике (источник = тег × субъект). Затем `order` делится между площадками B1/B2/B3 (`distributeForPlatform`, largest-remainder).
-
-**Allocator не смотрит баланс.** На вход принимает только лимиты проектов. Если у клиента нулевой баланс — он всё равно учитывается в формуле, значит портал заказывает у поставщика лиды, которые этот клиент оплатить не сможет.
-
-**Списание с клиента** ([app/app/Services/Billing/LedgerService.php](../../../app/app/Services/Billing/LedgerService.php)) происходит при доставке (`RouteSupplierLeadJob` создаёт `Deal` → `LedgerService::chargeForDelivery`). Если баланса не хватает — после Спека A не было защиты «на входе»; шёл лид, списывалось, баланс уходил в ноль.
-
-**Пополнение баланса** ([app/app/Services/Billing/BillingTopupService.php](../../../app/app/Services/Billing/BillingTopupService.php)) — MVP-stub: мгновенно кредитует `balance_rub` + пишет `balance_transactions(type='topup')`. Реальной оплаты нет. UI — `AdminTenantsController::adjustBalance` (admin-only).
-
-### §1.2 Проблемы
-
-**Преfflight:**
-
-1. **Портал переплачивает поставщику** за лиды клиентов, у которых нет денег. Это прямой убыток — закупка оплачена, а продажа не состоится.
-2. **Нет проактивной защиты при создании/изменении проектов.** Клиент может выставить лимит, который сам по себе не оплачиваем. Сейчас проблема всплывает только в момент списания.
-3. **Нет ясной коммуникации с клиентом** «у тебя баланса хватит на X лидов, ты заказал Y, нужно пополнить или сократить» — клиент узнаёт по факту остановки списания.
-
-**VTB-эквайринг:**
-
-4. **Реального пополнения нет** — `BillingTopupService` это заглушка. Деньги попадают на баланс только через ручное действие админа (`AdminTenantsController::adjustBalance`).
-5. **Нет 54-ФЗ фискализации** при ритейл-платежах (после подключения карт/СБП — обязательно).
-
-### §1.3 Триггер
-
-Заказчик 23.05.2026: «preflight баланса перед заказом у поставщика; VTB-эквайринг; аудит раздела Биллинг» → в брейнсторме 24.05 уточнено как один спек с детальной механикой preflight + полный охват трёх методов оплаты (безнал, СБП, карты).
-
-**Главный принцип** (заказчик 24.05): «**не заказать лишнего у поставщика — это убыток**».
-
----
-
-## §2. Scope
-
-### §2.1 Что делаем
-
-**Преfflight баланса:**
-
-- Расширение `SupplierQuotaAllocator` для учёта баланса клиента (фильтрация eligible-проектов до `computeOrder`).
-- Активная проверка при создании/правке проекта в личном кабинете (диалог выбора).
-- Активная проверка перед cut-off (18:00 MSK ежедневно) — для пассивного износа баланса.
-- UI-баннер «приём приостановлен» в личном кабинете клиента.
-- Уведомления по email с правильной частотой (1 + 1д + 3д + «возобновлено»).
-- Журналирование событий заморозки/разморозки в `balance_transactions` или новой таблице.
-
-**VTB-эквайринг:**
-
-- Архитектура (интерфейс `TopupGateway` + три реализации: `BankTransfer`, `SBP`, `Card`).
-- **Полная реализация Безнала** (генерация PDF-счёта, журнал «ожидающих платежей» в админке, авто-поиск через VTB Бизнес API с подтверждением человеком, режимный переключатель «автомат / с подтверждением», часовые email-алерты).
-- **Dev-заглушки для СБП и Карт** (мгновенное подтверждение в dev/test, реальные эндпоинты VTB — после Б-1).
-- **Архитектура 54-ФЗ** через ОФД-Атол (заглушка в dev, реальная интеграция после Б-1 параллельно с СБП).
-
-### §2.2 Что НЕ делаем (явно out of scope)
-
-- **Реальное подключение VTB Acquiring и СБП** — требует реквизитов ООО (P0-блокер Б-1). Отдельные задачи после Б-1.
-- **Реальная интеграция ОФД-Атол** — параллельно с СБП после Б-1.
-- **Авто-сверка с банковской выпиской VTB** (`/api/vtb-business`) — отдельная задача после Б-1; в этом спеке только архитектурный интерфейс и ручной режим.
-- **«Отдать разморозившемуся клиенту лиды, уже купленные сегодня, через шеринг»** — отложено в Спек D (см. §8).
-- **Возвраты пополнений** (refund) — не реализуем (Спек A: «возвраты не делаем»).
-- **Recurring-платежи** (автосписание) — не реализуем.
-- **Изменение формулы `computeOrder`** — формула остаётся прежней, преfflight только фильтрует входной список.
-
----
-
-## §3. Решение — часть 1: Преfflight баланса
-
-### §3.1 Главный инвариант
-
-**Баланс клиента никогда не уходит в минус.** Гарант — преfflight, который проверяет «хватит ли на полный дневной заказ» **до** того, как заказ уйдёт поставщику. Если хватает — клиент в заказе; если поставщик пришлёт меньше планируемого (норма), остаток баланса уходит в следующий день.
-
-### §3.2 Когда срабатывает преfflight
-
-**Одна основная точка:** ежедневный cut-off в **18:00 MSK** (включая выходные).
-
-Между cut-off и cut-off (всё внутри текущего дня) никаких внутридневных стопов нет. Лиды, заказанные у поставщика на сегодня, идут клиенту полностью, списываются с его баланса как поступают. Защита от ухода в минус — на стороне cut-off предыдущего вечера.
-
-**Дополнительные триггерные точки** (для UX в личном кабинете, не для блокировки заказа):
-
-- Создание нового проекта в UI клиента.
-- Изменение лимита существующего проекта в UI клиента.
-- Активация ранее приостановленного проекта.
-- Пополнение баланса (для авто-разморозки при следующем cut-off).
-- Снижение/удаление проекта (может вернуть в зелёную зону).
-
-### §3.3 Что значит «баланса хватает»
-
-Сравнение делается **в лидах**, не в рублях, потому что в existing-сервисе `BalanceToLeadsConverter` (от Спека A) есть прямой расчёт «сколько лидов даст баланс с учётом 7 ступеней и уже отгруженного объёма за месяц»:
-
-```php
-$capacity = $converter->convert(
-    balanceRub: $tenant->balance_rub,
-    deliveredInMonth: $tenant->delivered_in_month,
-    tiers: $activePricingTiers
-)['leads'];
-
-$requiredLeads = $tenant->projects()
-    ->where('status', 'active')
-    ->where('eligible_tomorrow', true)
-    ->sum('daily_limit');
-
-$passes = $capacity >= $requiredLeads;
-```
-
-Если `passes=true` — клиент проходит преfflight. Если `false` — не проходит.
-
-7-ступенчатый расчёт уже реализован в `BalanceToLeadsConverter::convert` (Спек A) — он сам пройдёт по ступеням, учтёт «текущую» (где сейчас клиент в накопленном объёме) и переход на следующие при росте.
-
-**NB:** проверяется на **полный лимит** проектов, не на «уже отгруженное + остаток сегодняшнего дня». Это потому, что преfflight работает один раз перед формированием заказа на завтра, а не во время выдачи.
-
-### §3.4 Что делает портал при создании/правке «перегруженного» проекта
-
-В UI клиента при попытке сохранить проект, после которого сумма `daily_limit` всех eligible-проектов превысит «потолок баланса»:
-
-**Модальный диалог** (не блокирующая ошибка):
-
-```
-Этот лимит превышает твой баланс.
-У тебя на счёте 1000₽ = 30 лидов по текущему тарифу.
-После сохранения этого проекта сумма лимитов будет 40 лидов.
-Не хватает: 10 лидов.
-
-Чтобы он начал работать, нужно одно из:
-  • Пополнить счёт (примерно 350₽ покроют 10 лидов недостачи)
-  • Поставить лимит этого проекта 0
-  • Уменьшить лимиты других проектов
-
-[Сохранить и приостановить только этот] [Поставить лимит 0] [Отмена]
-```
-
-- **«Сохранить и приостановить только этот»** — проект сохраняется с исходным лимитом, но при следующем cut-off исключается из расчёта заказа на завтра (`active_today = false`). Остальные проекты клиента работают как обычно.
-- **«Поставить лимит 0»** — проект сохраняется с лимитом 0 (фактически выключен). Не идёт в заказ.
-- **«Отмена»** — изменения отбрасываются.
-
-**Ключевое:** заморозка точечная, **только перегружающий проект**. Не «весь тенант». Это позволяет клиенту работать над созданием 20-30 проектов поэтапно, постепенно понимая «нужно столько-то ₽ для запуска всех».
-
-### §3.5 Что делает портал при пассивном износе баланса
-
-Клиент не правил проекты, просто баланс таял по дням. На очередном cut-off (18:00 MSK) выясняется, что баланс уже не покрывает все активные проекты.
-
-**Действие:**
-
-1. **Все проекты клиента** исключаются из расчёта заказа на завтра.
-2. На `tenants` устанавливается флаг `frozen_by_balance_at = now()` (новая колонка).
-3. На email клиента — письмо «Приём лидов приостановлен» (детали §3.7).
-4. В личном кабинете — красный баннер на всех страницах (детали §3.6).
-
-Клиент сам выбирает что делать в личном кабинете:
-
-- Пополнить баланс (откроет UI «Пополнение», см. часть 2).
-- Снизить лимиты на проектах (UI «Проекты»).
-- Выключить часть проектов (paused).
-- Любое сочетание.
-
-Как только сумма лимитов снова влезает в баланс (после пополнения, снижения лимита, или выключения проектов) — `frozen_by_balance_at = NULL`, баннер исчезает, отправляется письмо «Возобновлено» (если успели до 18:00 — клиент в завтрашнем заказе; если позже — в послезавтрашнем).
-
-### §3.6 UI личного кабинета клиента
-
-**Красный баннер на всех страницах** (компонент `BalanceFrozenBanner.vue`) когда `tenant.frozen_by_balance_at IS NOT NULL`:
-
-```
-🔴 Приём лидов приостановлен
-Не хватает баланса на дневной заказ. Нужно ещё 380₽ (или сократи лимиты на 10 лидов).
-[Пополнить счёт] [Перейти к проектам]
-```
-
-**Постоянная подсказка под балансом** (даже когда не в заморозке) — компонент `BalanceCapacityIndicator.vue`:
-
-```
-Баланс: 1000₽ = до 30 лидов по тарифу
-Проекты заказывают: 25 лидов в день
-✅ Хватит на ~1.2 дня
-```
-
-В состоянии «хватает на меньше 3 дней» — жёлтый цвет с подсказкой «скоро потребуется пополнение». В состоянии «не хватает» — красный (баннер выше).
-
-### §3.7 Email-уведомления
-
-**При входе в заморозку:**
-
-- T+0 (сразу) — `BalanceFrozenMail` («Приём лидов приостановлен»).
-- T+24ч (если ещё в заморозке) — `BalanceFrozenReminderMail` («Всё ещё приостановлено»).
-- T+72ч (если ещё в заморозке) — `BalanceFrozenFinalMail` («Приостановлено 3 дня»).
-- Дальше — тишина до следующего цикла (если разморозится и снова попадёт — счёт идёт заново).
-
-**При выходе из заморозки:**
-
-- T+0 — `BalanceUnfrozenMail` («Приём возобновлён»).
-
-Все письма throttled по `tenant_id` через `mail_log` (паттерн `ZeroBalancePausedMail` из Plan 4) — повторов не будет.
-
-### §3.8 Cut-off режимы синхронизации с поставщиком
-
-Сохраняем оба существующих режима (admin-переключатель уже есть):
-
-- **Онлайн-режим** (сейчас, для малого числа клиентов): любое изменение в проектах Лидерры → немедленный апдейт на сервере поставщика (`SyncSupplierProjectJob` per-project). Поставщик сохраняет, использует в своём 21:00 слепке.
-- **Batch до 18:00** (на будущее при росте): накопленные изменения уезжают одним пакетом перед 18:00 (`SyncSupplierProjectsJob` daily cron).
-
-**Преfflight работает одинаково в обоих режимах** — он только меняет, какие проекты идут в `SyncSupplierProjectJob` (исключает frozen-проекты из `active_today`). Дальше — стандартный механизм синхронизации.
-
-### §3.9 Граничные случаи
-
-| Случай | Поведение |
-|---|---|
-| Ретро-операция (CSV-импорт исторических лидов) между 18:00 и началом следующего дня списывает баланс ниже плана | Допускается, но админ предупреждается в UI «эта операция может вывести клиента в заморозку, продолжить?». Если согласился — выполняется; на следующем cut-off клиент будет в заморозке. Минусовых балансов не возникает (CSV-импорт делает обычные `lead_charges` через `LedgerService`, который остаётся защищён от минуса) |
-| Ручная правка баланса админом (`adjustBalance`) уменьшает баланс ниже плана | Аналогично — админ предупреждается, ответственность на нём. Преfflight отработает на следующем cut-off |
-| Клиент уже в минусовом балансе на момент запуска преfflight (legacy состояние) | Одноразовая artisan-команда `billing:preflight-initial-sweep` — проходит по всем тенантам, помечает `frozen_by_balance_at` где нужно, отправляет письма с пояснением «у вас активирована новая защита баланса». Запускается один раз при выкатке миграции |
-| Тарифная ступень меняется в течение дня (накопился объём) | Преfflight на 18:00 MSK использует **текущую** ступень. На завтра ступень может быть другой — но это уже зона следующего cut-off |
-| Поставщик прислал меньше планируемого (норма) | Остаток баланса клиента — экономия для следующего дня. Никаких корректировок |
-| Клиент пополнил после 18:00 | В сегодня-в-21:00-слепок поставщика не успевает, но в личном кабинете тут же «Возобновлено». В следующий вечерний cut-off — в заказ на послезавтра |
-
-### §3.10 Шеринг с другими клиентами на том же источнике
-
-**Формула** (живёт в `SupplierQuotaAllocator::computeOrder`, [код](../../../app/app/Services/Supplier/SupplierQuotaAllocator.php#L88-L98)):
-
-```
-order = max(самый_большой_лимит, ceil(сумма_лимитов ÷ 3))
-```
-
-Преfflight **не меняет формулу**, а **фильтрует входной массив `daily_limits`** — выкидывает клиентов, не прошедших проверку.
-
-**Эффект зависит от того, кого выкинули:**
-
-| Кто выкинут | `max(...)` | Заказ у поставщика | Маржа портала |
-|---|---|---|---|
-| Крупнейший клиент группы | Падает (новый крупнейший меньше) | **Уменьшается** — реальная экономия закупки | Падает |
-| Любой некрупный | Не меняется | **Не меняется** | Падает на лимит выкинутого |
-
-**Гарантии:**
-
-1. **Никогда не вредит** другим клиентам в группе — их лимиты неприкосновенны.
-2. **Никогда не заказывает у поставщика на «бедного»** — он исключён из формулы.
-3. **Реальная экономия закупки** только при выкидывании крупнейшего. В остальных случаях защищаемся от логической ошибки «заказали лиды, оплатить которые некому» без эффекта на закупку.
-
-### §3.11 Журналирование
-
-При каждом срабатывании преfflight (заморозка / разморозка) — строка в новой таблице `balance_freeze_log`:
-
-```sql
-CREATE TABLE balance_freeze_log (
-    id BIGSERIAL PRIMARY KEY,
-    tenant_id BIGINT NOT NULL REFERENCES tenants(id),
-    event_type VARCHAR(20) NOT NULL,  -- 'frozen' | 'unfrozen' | 'project_overload_dialog'
-    triggered_by VARCHAR(30) NOT NULL,  -- 'cutoff_18msk' | 'project_update' | 'topup'
-    balance_rub_at_event DECIMAL(12,2) NOT NULL,
-    required_rub_at_event DECIMAL(12,2) NOT NULL,
-    leads_capacity INTEGER NOT NULL,
-    total_daily_limit INTEGER NOT NULL,
-    details JSONB,  -- какие проекты, какая причина, и т.д.
-    created_at TIMESTAMP DEFAULT now()
-);
-```
-
-RLS — `tenant_isolation` стандартный (как для большинства tenant-таблиц). Append-only через `audit_block_mutation` триггер. Цель — видеть в админке историю «когда и почему клиент попадал в заморозку».
-
----
-
-## §4. Решение — часть 2: VTB-эквайринг (3 метода оплаты)
-
-### §4.1 Архитектурный подход
-
-**Интерфейс `TopupGatewayInterface`** + **три реализации**:
-
-| Реализация | Метод оплаты | Статус в этом спеке |
-|---|---|---|
-| `BankTransferGateway` | Безнал (счёт PDF) | **Полная реализация** |
-| `SbpGateway` | СБП | Архитектура + dev-заглушка; реальный код после Б-1 |
-| `CardGateway` | Карта | Архитектура + dev-заглушка; реальный код после Б-1 |
-
-`BillingTopupService` рефакторится — становится оркестратором:
-
-```php
-public function initiateTopup(
-    int $tenantId,
-    string $amountRub,
-    int $userId,
-    string $method  // 'bank_transfer' | 'sbp' | 'card'
-): TopupSession {
-    $gateway = $this->resolveGateway($method);
-    return $gateway->createSession($tenantId, $amountRub, $userId);
-}
-```
-
-И отдельно обработка callback'а:
-
-```php
-public function confirmPayment(string $providerRef, ?int $adminUserId): BalanceTransaction {
-    // gateway-agnostic кредит баланса + запись audit
-}
-```
-
-### §4.2 Состояния платежа
-
-Новая таблица `topup_sessions`:
-
-```sql
-CREATE TABLE topup_sessions (
-    id BIGSERIAL PRIMARY KEY,
-    tenant_id BIGINT NOT NULL REFERENCES tenants(id),
-    user_id BIGINT REFERENCES users(id),
-    method VARCHAR(20) NOT NULL,  -- 'bank_transfer' | 'sbp' | 'card'
-    amount_rub DECIMAL(12,2) NOT NULL,
-    provider_ref VARCHAR(100),  -- номер счёта / VTB transaction ID / SBP QR ID
-    status VARCHAR(20) NOT NULL DEFAULT 'pending',  -- 'pending' | 'matched' | 'confirmed' | 'failed' | 'expired'
-    matched_at TIMESTAMP,  -- когда нашли соответствие (только bank_transfer)
-    confirmed_at TIMESTAMP,  -- когда человек подтвердил (или авто)
-    confirmed_by INTEGER REFERENCES users(id),  -- кто подтвердил (NULL = автомат)
-    failed_reason VARCHAR(500),
-    metadata JSONB,
-    created_at TIMESTAMP DEFAULT now(),
-    updated_at TIMESTAMP DEFAULT now()
-);
-```
-
-RLS — `tenant_isolation` для tenant_id; админ видит все через `crm_app_admin` роль.
-
-После `status='confirmed'` — кредит баланса (`BalanceTransaction` с `type='topup'` и ссылкой на `topup_session_id`).
-
-### §4.3 Безнал — полная реализация
-
-**Шаг 1: Клиент инициирует пополнение**
-
-В личном кабинете → Биллинг → «Пополнить счёт» → выбор метода «Безнал (счёт)» → ввод суммы → кнопка «Сформировать счёт».
-
-Backend: `BankTransferGateway::createSession` — создаёт `topup_sessions(method='bank_transfer', status='pending')`, генерирует уникальный номер счёта (`SCH-{YYYY}-{tenant_id}-{seq}`).
-
-**Шаг 2: Генерация PDF-счёта**
-
-Шаблон `resources/views/pdf/invoice.blade.php`:
-
-- Шапка: реквизиты Лидерры (название ООО, ИНН, КПП, юр. адрес, расчётный счёт VTB).
-- Реквизиты плательщика (тенант): название, ИНН, КПП, юр. адрес — берутся из новых полей `tenants.legal_entity_*` (см. §4.7).
-- Назначение платежа: «Оплата лидов по договору публичной оферты, счёт №SCH-2026-15-001 от 24.05.2026».
-- Сумма: NNNN,NN ₽ (БЕЗ НДС или С НДС в зависимости от системы налогообложения Лидерры — `tax_regime` в admin-settings; для УСН 6% — без НДС).
-- Срок оплаты: 5 рабочих дней.
-
-Возвращается клиенту как файл скачивания. URL `/api/billing/topup-sessions/{id}/invoice.pdf`.
-
-**Шаг 3: Авто-поиск платежа в VTB Бизнес API**
-
-Артизан-команда `billing:vtb-statement-sync --since=N` (cron: каждые 15 минут после Б-1; в dev — manual только):
-
-- Запрашивает выписку у VTB Бизнес API за период N часов.
-- Для каждой входящей транзакции ищет в `назначение_платежа` номер счёта (`SCH-YYYY-...`).
-- При совпадении — `topup_sessions(provider_ref=...).status = 'matched'`, `matched_at = now()`.
-
-В dev/test (когда нет реальных VTB-реквизитов) — режим симуляции: команда `billing:vtb-statement-simulate {session_id} --amount=N` для ручного тестирования флоу.
-
-**Шаг 4: Подтверждение человеком или автомат (admin setting)**
-
-В админке `Биллинг → Настройки` — переключатель:
-
-- **«С подтверждением» (по умолчанию):** платёж в статусе `matched` ждёт ручного клика «Подтвердить зачисление». До этого баланс не растёт.
-- **«Автомат»:** платёж в статусе `matched` сразу переводится в `confirmed`, баланс растёт.
-
-В админке `Биллинг → Ожидающие платежи` — список платежей в статусах `matched` и `pending`:
-
-```
-[SCH-2026-15-001] ООО Альфа, 100000₽, найден 24.05 15:42 [Подтвердить] [Отклонить]
-[SCH-2026-22-003] ИП Иванов, 50000₽, не найден (3 дня)   [Найти вручную] [Отменить]
-```
-
-Кнопка «Подтвердить» → `confirmPayment(...)` → кредит баланса + `BalanceTransaction(type='topup', topup_session_id=...)`.
-
-**Шаг 5: Часовые email-алерты админу (только в режиме «С подтверждением»)**
-
-Cron `billing:notify-pending-confirmations` каждый час:
-
-- Если есть платежи в статусе `matched`, не подтверждённые — отправить email админу (`admin_emails` из settings, по умолчанию `eclips9363@gmail.com`).
-- Throttle: один email в час суммарно.
-
-### §4.4 СБП — архитектура + dev-заглушка
-
-**Реализация в этом спеке:**
-
-- `SbpGateway::createSession` — в dev/test возвращает фейковый QR-код PNG (`data:image/png;base64,...`) и через 5 секунд (фоновый job) переводит сессию в `confirmed`. Это позволяет полностью отлаживать UI и пост-обработку.
-- В prod (после Б-1): зовёт реальный VTB SBP API, получает QR-код / платёжную ссылку, регистрирует callback на `/api/billing/vtb-sbp/callback`.
-
-**Реализация после Б-1 (отдельная задача):**
-
-- Боевая интеграция VTB SBP API (REST + signed callbacks).
-- ОФД-Атол для 54-ФЗ чеков (см. §4.6).
-- Боевые секреты — в YC Lockbox (SEC-5).
-
-### §4.5 Карты — архитектура + dev-заглушка
-
-**Реализация в этом спеке:**
-
-- `CardGateway::createSession` — в dev/test возвращает редирект-URL на локальную страницу `/dev-mock-vtb-acquiring/{session_id}` с двумя кнопками «Симулировать успех» / «Симулировать ошибку». Клик → переводит сессию в `confirmed` или `failed`.
-- В prod (после Б-1): редирект на боевую страницу VTB internet-эквайринга с 3DS Secure.
-
-**Реализация после Б-1 (отдельная задача):**
-
-- Боевая интеграция VTB Acquiring API.
-- 3DS Secure (обязательно для всех карт).
-- Обработка chargeback'ов.
-- ОФД-Атол для 54-ФЗ чеков.
-
-### §4.6 54-ФЗ фискализация
-
-**Текущее состояние:** не реализовано. Раздел подсветить в архитектуре, реальный код — после Б-1 параллельно с СБП.
-
-**Когда нужен чек:**
-
-| Метод оплаты | Чек 54-ФЗ |
-|---|---|
-| Безнал (юр→юр) | **Не нужен** (статья 1.2 п.9 закона) |
-| СБП | **Обязателен** (B2C ритейл-платёж) |
-| Карта | **Обязателен** (B2C ритейл-платёж) |
-
-**Архитектура** (заглушка в этом спеке):
-
-```php
-interface FiscalReceiptProvider {
-    public function issueReceipt(TopupSession $session): FiscalReceipt;
-}
-```
-
-Реализации:
-
-- `AtolOnlineFiscalProvider` — реальная интеграция (после Б-1).
-- `NoOpFiscalProvider` — для безнала (возвращает «чек не требуется по 54-ФЗ»).
-- `DevMockFiscalProvider` — для dev/test (фейковый чек ID).
-
-### §4.7 Реквизиты тенанта
-
-Новые поля в `tenants` (для счёта-фактуры):
-
-```sql
-ALTER TABLE tenants ADD COLUMN legal_entity_name VARCHAR(255);    -- "ООО Альфа" или "ИП Иванов Иван"
-ALTER TABLE tenants ADD COLUMN legal_entity_inn VARCHAR(12);
-ALTER TABLE tenants ADD COLUMN legal_entity_kpp VARCHAR(9);       -- NULL для ИП
-ALTER TABLE tenants ADD COLUMN legal_entity_address TEXT;
-ALTER TABLE tenants ADD COLUMN legal_entity_form VARCHAR(20);     -- 'OOO' | 'IP' | 'OAO' | 'ZAO' | 'OTHER'
-```
-
-В личном кабинете клиента → Настройки → «Реквизиты юр. лица» — форма для заполнения. **Обязательны** для безнала (без них счёт PDF не выписывается); для СБП/карт — опционально (но желательно).
-
-Валидация ИНН (контрольное число), КПП (формат), форма юрлица — стандартными правилами laravel.
-
-### §4.8 Минимум/максимум суммы пополнения
-
-| Метод | Минимум | Максимум |
-|---|---|---|
-| Безнал | 1000 ₽ | 1 000 000 ₽ |
-| СБП | 100 ₽ | 600 000 ₽ (лимит СБП) |
-| Карта | 100 ₽ | 100 000 ₽ за одну транзакцию |
-
-Конфигурация в `config/billing.php` (settable).
-
----
-
-## §5. Архитектура изменений
-
-### §5.1 Карта изменений по слоям
-
-| Слой | Что |
-|---|---|
-| **БД** | `tenants` (+`frozen_by_balance_at`, +5 `legal_entity_*` полей); новые таблицы `balance_freeze_log`, `topup_sessions` |
-| **Бэк-сервисы** | `SupplierQuotaAllocator` (новый pre-filter pipeline); `BalancePreflightService` (новый, проверка платёжеспособности); `BillingTopupService` (рефакторинг под gateway pattern); `TopupGatewayInterface` + 3 реализации; `FiscalReceiptProvider` + 3 реализации |
-| **Бэк-джобы** | `BalancePreflightSweepJob` (cron @18:00 MSK ежедневно); `BalanceFrozenNotificationJob` (event-driven при заморозке); `VtbStatementSyncJob` (cron @ каждые 15 мин); `NotifyPendingConfirmationsJob` (cron hourly) |
-| **Бэк-команды** | `billing:preflight-sweep`, `billing:vtb-statement-sync`, `billing:notify-pending-confirmations`, `billing:preflight-initial-sweep` (one-time migration), `billing:vtb-statement-simulate` (dev only) |
-| **Бэк-контроллеры** | `BillingController` (+endpoints: `/api/billing/topup/initiate`, `/api/billing/topup-sessions/{id}`, `/api/billing/topup-sessions/{id}/invoice.pdf`); `ProjectController` (preflight check + 409 response с диалогом); `Admin/PendingTopupsController` (новый); `Admin/BillingSettingsController` (новый, для переключателя auto/manual) |
-| **Бэк-Mail** | `BalanceFrozenMail`, `BalanceFrozenReminderMail`, `BalanceFrozenFinalMail`, `BalanceUnfrozenMail`, `PendingConfirmationsAdminMail` |
-| **Фронт-компоненты** | `BalanceFrozenBanner.vue`, `BalanceCapacityIndicator.vue`, `ProjectLimitOverloadDialog.vue`, `TopupMethodPicker.vue`, `BankTransferInvoiceView.vue`, `SbpQrCodeView.vue`, `CardRedirectView.vue`, `PendingPaymentsAdminView.vue`, `BillingSettingsAdminView.vue`, `LegalEntityForm.vue` (в Настройки) |
-| **Фронт-views** | `TopupView.vue` (новый, обёртка с переключателем methods); `BillingFrozenInfoView.vue` |
-| **Pinia** | `billingStore` (расширение под topup-сессии); `tenantStore` (frozen-флаг) |
-
-### §5.2 Sequence-диаграмма преfflight на cut-off
-
-```
-18:00 MSK Cron
-   │
-   ├── BalancePreflightSweepJob::handle()
-   │     │
-   │     ├── для каждого tenant:
-   │     │     │
-   │     │     ├── BalancePreflightService::evaluate(tenant)
-   │     │     │     │
-   │     │     │     ├── читает projects (active=true, eligible_tomorrow=true)
-   │     │     │     ├── требуемые лиды = Σ daily_limit
-   │     │     │     ├── ёмкость лидов = BalanceToLeadsConverter::convert(balance, delivered, tiers)['leads']
-   │     │     │     ├── сравнивает: passes = capacity >= required
-   │     │     │     └── возвращает PreflightResult { passes: bool, required_leads, capacity_leads, deficit_leads }
-   │     │     │
-   │     │     ├── если passes изменился:
-   │     │     │     │
-   │     │     │     ├── tenant.frozen_by_balance_at = NULL | now()
-   │     │     │     ├── balance_freeze_log.insert(event_type='frozen' | 'unfrozen')
-   │     │     │     ├── dispatch(BalanceFrozenMail | BalanceUnfrozenMail)
-   │     │     │     │
-   │     │     │     └── (если frozen) для каждого projects:
-   │     │     │           projects.preflight_blocked_at = now()  (новая колонка)
-   │     │     │
-   │     │     └── (если unfrozen) projects.preflight_blocked_at = NULL для всех
-   │     │
-   │     └── для следующего tenant...
-   │
-18:05 MSK (после преfflight) — обычный SyncSupplierProjectsJob запускается
-   │
-   ├── SupplierQuotaAllocator::allocate(eligible_projects)
-   │     │
-   │     ├── фильтр eligible_projects: only WHERE preflight_blocked_at IS NULL
-   │     ├── computeOrder([daily_limit, ...]) (формула не меняется)
-   │     └── distributeForPlatform(order, [B1, B2, B3])
-   │
-   └── SyncSupplierProjectJob (per project) → отправка лимитов поставщику
-```
-
-### §5.3 Sequence-диаграмма пополнения (Безнал)
-
-```
-Клиент в личном кабинете
-   │
-   ├── Кнопка "Пополнить счёт"
-   │
-   └── TopupMethodPicker → выбор "Безнал (счёт)"
-         │
-         └── Ввод суммы → "Сформировать счёт"
-               │
-               └── POST /api/billing/topup/initiate { method: 'bank_transfer', amount_rub: '100000.00' }
-                     │
-                     ├── BillingTopupService::initiateTopup(...)
-                     │     │
-                     │     └── BankTransferGateway::createSession(...)
-                     │           │
-                     │           ├── создание topup_sessions(status='pending', provider_ref='SCH-2026-15-001')
-                     │           └── возвращает { session_id, invoice_url: '/api/billing/topup-sessions/15001/invoice.pdf' }
-                     │
-                     └── Редирект клиента на invoice_url → скачивание PDF
-
-Клиент оплачивает в своём банк-клиенте
-   │
-   └── Деньги поступают на расчётный счёт VTB Лидерры (за ~часы)
-
-VtbStatementSyncJob (каждые 15 минут)
-   │
-   ├── VTB Business API → выписка
-   │
-   └── для каждой входящей транзакции:
-         │
-         ├── парсинг назначения платежа → ищем SCH-YYYY-tenant-seq
-         │
-         └── если совпадение найдено + сумма совпадает:
-               │
-               ├── topup_sessions.status = 'matched'
-               ├── matched_at = now()
-               │
-               └── (если admin-setting auto_confirm=true):
-                     │
-                     ├── BillingTopupService::confirmPayment(provider_ref, NULL)
-                     │     │
-                     │     ├── topup_sessions.status = 'confirmed'
-                     │     ├── tenant.balance_rub += amount_rub  (bcadd)
-                     │     └── BalanceTransaction.create(type='topup', topup_session_id=...)
-                     │
-                     └── (если auto_confirm=false): ждёт ручного подтверждения
-
-NotifyPendingConfirmationsJob (каждый час)
-   │
-   └── если есть topup_sessions(status='matched') не подтверждённые:
-         │
-         └── PendingConfirmationsAdminMail → admin email
-
-Админ в кабинете
-   │
-   └── Биллинг → Ожидающие платежи → [Подтвердить SCH-2026-15-001]
-         │
-         └── POST /api/admin/topup-sessions/15001/confirm
-               │
-               └── BillingTopupService::confirmPayment(provider_ref, admin_user_id)
-                     │
-                     ├── topup_sessions.status = 'confirmed'
-                     ├── tenant.balance_rub += amount_rub
-                     ├── BalanceTransaction.create(type='topup', confirmed_by=admin_user_id)
-                     │
-                     └── BalancePreflightService::evaluate(tenant)  ← может разморозить!
-                           │
-                           └── если frozen_by_balance_at был NOT NULL и теперь passes:
-                                 │
-                                 ├── tenant.frozen_by_balance_at = NULL
-                                 ├── balance_freeze_log.insert(event_type='unfrozen', triggered_by='topup')
-                                 └── BalanceUnfrozenMail отправляется
-```
-
-### §5.4 Изменения в `SupplierQuotaAllocator`
-
-Минимальное и неинвазивное — добавление одного шага в caller (`SyncSupplierProjectsJob`):
-
-**До:**
-
-```php
-$eligibleProjects = $this->projectsQuery->getEligibleForToday($targetDate);
-$dto = SupplierQuotaAllocator::allocate(..., $eligibleProjects, $targetDate);
-```
-
-**После:**
-
-```php
-$eligibleProjects = $this->projectsQuery->getEligibleForToday($targetDate);
-
-// NEW: фильтр по frozen-флагу tenant
-$eligibleProjects = $eligibleProjects->reject(
-    fn($p) => $p->tenant->frozen_by_balance_at !== null
-);
-
-$dto = SupplierQuotaAllocator::allocate(..., $eligibleProjects, $targetDate);
-```
-
-`SupplierQuotaAllocator` сам не меняется — он pure-функция, принимает то что дали. Это важно для тестируемости (формула не сломалась).
-
----
-
-## §6. Сценарии (end-to-end)
-
-### §6.1 Преfflight — пассивный износ
-
-**Воскресенье 00:00.** Клиент с балансом 1000₽ = 30 лидов (tier 3, цена ~33₽/лид). Проекты заказывают 25/день. Запас 5.
-
-**Воскресенье 18:00.** Cron `BalancePreflightSweepJob`:
-- `BalancePreflightService::evaluate(client)` → `passes=true` (хватает на 25).
-- `frozen_by_balance_at` остаётся `NULL`.
-
-**Воскресенье 18:05.** `SyncSupplierProjectsJob` — все 25 идут в заказ поставщику. Поставщик в 21:00 берёт слепок.
-
-**Понедельник.** В течение дня партии лидов приходят, клиент получает все 25, баланс падает до 0. Никаких внутридневных стопов.
-
-**Понедельник 18:00.** Cron snova:
-- `evaluate(client)` → `passes=false` (0₽ ≠ 25 лидов).
-- `frozen_by_balance_at = now()`.
-- `balance_freeze_log.insert(event='frozen', triggered_by='cutoff_18msk')`.
-- `BalanceFrozenMail` отправляется.
-
-**Понедельник 18:05.** `SyncSupplierProjectsJob` — этот клиент исключён, формула пересчитывается для остальных в группе на источнике.
-
-**Понедельник 19:00.** Клиент видит письмо, пополняет на 1000₽ через безнал PDF → 1-2 дня ждёт зачисления через сверку. Или через СБП/карту (после Б-1) — мгновенно.
-
-**Вторник 14:00.** Безнал подтверждён админом (или авто) → баланс 1000₽. `confirmPayment` зовёт `evaluate` → `passes=true`. `frozen_by_balance_at = NULL`. `BalanceUnfrozenMail`. В личном кабинете баннер исчезает.
-
-**Вторник 18:00.** Cron snova — клиент в заказе на среду. Со среды получает лиды.
-
-### §6.2 Преfflight — активная нехватка при создании проекта
-
-**Клиент с балансом 1000₽ = 30 лидов.** Имеет 3 проекта по 10 = 30 лимит. Всё впритык.
-
-**Клиент создаёт 4-й проект с лимитом 20.** Бэк (`ProjectController::store`) делает превью-преfflight:
-
-- `Σ daily_limit (после сохранения) = 50` лидов
-- `capacity = BalanceToLeadsConverter::convert(1000₽, delivered, tiers)['leads'] = 30` лидов
-- `30 < 50` → недостаток 20 лидов
-
-Возвращает HTTP 409 с body:
-
-```json
-{
-  "error": "balance_insufficient",
-  "current_balance_rub": "1000.00",
-  "current_capacity_leads": 30,
-  "would_be_required_leads": 50,
-  "deficit_leads": 20
-}
-```
-
-Фронт показывает диалог `ProjectLimitOverloadDialog.vue`:
-
-```
-Этот лимит превышает баланс.
-У тебя 1000₽ = 30 лидов по текущему тарифу.
-После сохранения нужно 50 лидов.
-Не хватает: 20 лидов.
-
-Чтобы он начал работать, нужно одно из:
-  • Пополнить счёт (примерно 700₽ покроют 20 лидов недостачи)
-  • Поставить лимит этого проекта 0
-  • Уменьшить лимиты других проектов
-
-[Сохранить и приостановить этот] [Поставить лимит 0] [Отмена]
-```
-
-«Примерно 700₽» — оценка через обратное преобразование: добавляем баланс шагами по 100₽ и смотрим, при какой сумме `capacity` вырастет до 50 (фронт делает это локально, не дёргая бэк).
-
-- Если «Сохранить и приостановить» → POST `/api/projects` с флагом `force_save_blocked=true`. Создаётся проект с `preflight_blocked_at = now()`. Остальные 3 проекта работают.
-- Если «Поставить лимит 0» → POST `/api/projects` с `daily_limit = 0`. Создаётся, не идёт в заказ.
-- Если «Отмена» → форма закрывается, ничего не сохраняется.
-
-### §6.3 VTB — Безнал end-to-end (после Б-1)
-
-1. Клиент → Биллинг → «Пополнить 100000₽» → выбор «Безнал».
-2. Backend создаёт `topup_sessions(status='pending', provider_ref='SCH-2026-15-001')`.
-3. Скачивает PDF-счёт с реквизитами Лидерры (ИНН, КПП, р/с) и своими реквизитами.
-4. Идёт в свой банк-клиент, оплачивает.
-5. Деньги в течение нескольких часов приходят на р/с Лидерры в VTB.
-6. `VtbStatementSyncJob` за 15 минут после прихода находит транзакцию с «SCH-2026-15-001» в назначении, ставит `status='matched'`.
-7. Часовой `NotifyPendingConfirmationsJob` шлёт админу email «есть 1 непровер. платёж».
-8. Админ в админке → Биллинг → Ожидающие платежи → видит запись → «Подтвердить» → 100000₽ кредитуется, `BalanceTransaction` пишется.
-9. Если клиент был в `frozen_by_balance_at` — `evaluate` пересчитывает → разморозка → `BalanceUnfrozenMail`.
-
-В dev-режиме шаг 6 заменяется на `billing:vtb-statement-simulate 15001 --amount=100000` (manual).
-
----
-
-## §7. Известные открытые вопросы
-
-1. **Учёт перехода ступени за день.** `BalanceToLeadsConverter::convert` уже учитывает «текущую ступень и переход на следующие при росте объёма». Граничный случай «дневной заказ переваливает за порог ступени, после чего цена меняется» автоматически обрабатывается — `convert` итерирует по ступеням и считает разные цены для разных кусков. **Не нужна дополнительная логика.**
-2. **Что если клиент имеет несколько менеджеров с email?** Письмо `BalanceFrozenMail` — на главный email тенанта (`tenant.email`) или на всех users этого тенанта? **Решение по умолчанию:** на главный email тенанта (как сейчас в `ZeroBalancePausedMail`).
-3. **Формат номера счёта** `SCH-YYYY-{tenant_id}-{seq}` — гарантирована уникальность через `(tenant_id, seq)` сериал. Если переходим на ОФД-Атол, может потребоваться другой формат. **Решение:** сейчас наш формат, при подключении ОФД — модернизируем (отдельная задача).
-4. **Локализация PDF-счёта** — пока только русский. После Б-1 при необходимости — английский / казахский (если расширим географию).
-5. **Reconcilation между `topup_sessions` и `balance_transactions`** — есть ли инвариант «каждая completed-сессия = одна balance_transaction»? Да, должен быть — добавить foreign key + unique constraint.
-
----
-
-## §8. Future enhancements (Спек D и далее)
-
-1. **«Отдать разморозившемуся клиенту лиды, уже купленные сегодня, через шеринг»** (см. §3.10) — бизнес: разморозившийся в 15:00 клиент мог бы получить лиды, поступающие после 15:00 по его источнику, если есть свободные слоты шеринга. Технически — модификация `RouteSupplierLeadJob` + расширение eligible-кандидатов после mid-day events. Реальная частота сценария = низкая; делать после месяца сбора статистики.
-2. **«Приоритет шеринга 4+ клиентов — те, у кого хватало баланса на момент cut-off»** — снимок «утренней платёжеспособности» сохраняется, при шеринге сверяется. Полезно при переполненном шеринге (>3 покупателей конкурируют за лид).
-3. **Авто-сверка с VTB Бизнес API** — реальная интеграция (не заглушка), боевой `VtbStatementSyncJob` с retry и подписью.
-4. **Recurring-платежи** — автосписание с карты раз в месяц (отдельная фича, требует UX-проработки).
-5. **Возвраты** (refund) — если бизнес-нужда подтвердится. Сейчас Спек A явно говорит «не делаем».
-6. **Мульти-валютность** — если выходим на казахский / белорусский рынок (KZT/BYN).
-
----
-
-## §9. Связи
-
-- [Спек A](2026-05-23-billing-v2-spec-a-balance-rub-design.md) — единый ₽-баланс, `BalanceToLeadsConverter` (используется в этом спеке).
-- [Спек B](2026-05-23-billing-v2-spec-b-duplicates-design.md) — `supplier_lead_deliveries` lock-таблица, шеринг до 3 клиентов на лид (контекст для §3.10).
-- [App allocator](../../../app/app/Services/Supplier/SupplierQuotaAllocator.php) — формула заказа, остаётся без изменений.
-- [App ledger](../../../app/app/Services/Billing/LedgerService.php) — списания с баланса, остаётся без изменений.
-- [App topup](../../../app/app/Services/Billing/BillingTopupService.php) — рефакторится в этом спеке.
-- [App webhook routing](../../../app/app/Jobs/Supplier/SyncSupplierProjectsJob.php) — добавляется фильтр frozen-проектов.
-- [App project controller](../../../app/app/Http/Controllers/Api/ProjectController.php) — добавляется preflight check.
-- [Pravila §13.2](../../../docs/Pravila_raboty_Claude_v1_1.md) — финансовая нормативка.
-- [CLAUDE.md §6](../../../CLAUDE.md) — текущая фаза.
-- [project_billing_v2 memory](../../../../C:/Users/Administrator/.claude/projects/c---------------------crm-------------/memory/project_billing_v2.md) — серия из 3 спеков.
-- [SEC-3, SEC-5 (memory)](../../../../C:/Users/Administrator/.claude/projects/c---------------------crm-------------/memory/project_server_hardening.md) — блокеры YC Lockbox для секретов VTB.
-
----
-
-## §10. План реализации (overview)
-
-Детальный план — отдельным документом через `superpowers:writing-plans` после утверждения этого спека.
-
-Предварительная разбивка на фазы (для оценки масштаба):
-
-**Phase 1 — Преfflight баланса** (~5-7 задач):
-
-- Миграция БД (`frozen_by_balance_at`, `preflight_blocked_at`, `balance_freeze_log`).
-- `BalancePreflightService` (pure) + тесты.
-- `BalancePreflightSweepJob` + cron.
-- 4 Mailable + throttle.
-- `BalanceFrozenBanner.vue` + `BalanceCapacityIndicator.vue`.
-- `ProjectController` preflight check + 409 response.
-- `ProjectLimitOverloadDialog.vue`.
-- Фильтр в `SyncSupplierProjectsJob`.
-- One-time `billing:preflight-initial-sweep`.
-
-**Phase 2 — Безнал PDF + админка** (~6-8 задач):
-
-- Миграция БД (`legal_entity_*` в `tenants`, `topup_sessions`).
-- `TopupGatewayInterface` + `BankTransferGateway`.
-- PDF-генерация (`resources/views/pdf/invoice.blade.php`).
-- `LegalEntityForm.vue` + валидация.
-- `TopupView.vue` + `TopupMethodPicker.vue` + `BankTransferInvoiceView.vue`.
-- `Admin/PendingTopupsController` + `PendingPaymentsAdminView.vue`.
-- `Admin/BillingSettingsController` (auto/manual переключатель).
-- `VtbStatementSyncJob` (с dev-симулятором).
-- `NotifyPendingConfirmationsJob`.
-
-**Phase 3 — СБП и Карты dev-заглушки** (~4-5 задач):
-
-- `SbpGateway` (dev режим) + `SbpQrCodeView.vue`.
-- `CardGateway` (dev режим) + `/dev-mock-vtb-acquiring/...` страница.
-- `FiscalReceiptProvider` interface + `NoOpFiscalProvider` + `DevMockFiscalProvider`.
-
-**Phase 4 — Тесты + smoke** (~3-4 задач):
-
-- Pest end-to-end сценарии преfflight (frozen/unfrozen flow).
-- Pest end-to-end сценарии безнала (создание счёта → симуляция выписки → подтверждение).
-- Vitest на новые Vue-компоненты.
-- Регрессия (Pest --parallel + Vitest + lychee + gitleaks).
-
-**Phase 5 — Документация + memory + ПИЛОТ.md** (~2 задач):
-
-- Обновление `project_billing_v2.md` (Спек C статус, известные хвосты).
-- ADR (если требуется новый — `docs/adr/016-preflight-vtb-architecture.md`).
-- Обновление `ПИЛОТ.md` после выкатки на прод.
-
-**Out of scope этого плана (post-Б-1, отдельные планы):**
-
-- Боевая интеграция VTB Acquiring (карты).
-- Боевая интеграция VTB SBP API.
-- Боевая интеграция VTB Бизнес API (авто-сверка).
-- Боевая интеграция ОФД-Атол (фискализация).
-- Боевые секреты в YC Lockbox.
-
----
-
-**Конец Спека C.**
diff --git a/docs/superpowers/specs/2026-05-24-legacy-direct-webhook-removal-design.md b/docs/superpowers/specs/2026-05-24-legacy-direct-webhook-removal-design.md
deleted file mode 100644
index cd41fad..0000000
--- a/docs/superpowers/specs/2026-05-24-legacy-direct-webhook-removal-design.md
+++ /dev/null
@@ -1,204 +0,0 @@
-# Удаление legacy прямого webhook-канала (`ProcessWebhookJob`)
-
-**Дата:** 2026-05-24
-**Статус:** Design (awaiting user review)
-**Автор:** Claude Opus 4.7 (под руководством заказчика)
-**Брейнсторм:** сессия 2026-05-24
-**Триггер:** в коде осталось legacy-расхождение от старой prepaid-схемы. Изначально планировалась унификация под always-rub; в ходе брейнсторма выяснилось, что код — рудимент, не часть актуальной архитектуры каналов.
-
----
-
-## §1. Контекст и проблема
-
-### §1.1 Архитектура каналов приёма лидов
-
-Лидерра принимает лиды через **два канала**:
-
-| Канал | Назначение | Реализация | Биллинг |
-|---|---|---|---|
-| Основной | Real-time приём от `crm.bp-gr.ru` | `SupplierWebhookController::receive` → `INSERT supplier_leads` → `RouteSupplierLeadJob::dispatch` | `LedgerService` (always-rub) |
-| Резервный | Часовая доливка пропусков через CSV-отчёт `crm.bp-gr.ru` | `CsvReconcileJob` → доливает `supplier_leads` → `RouteSupplierLeadJob` | `LedgerService` (always-rub, косвенно через основной) |
-
-Оба канала **уже** на единой биллинг-логике — рубли + 7-ступенчатая тарифная шкала через `LedgerService::chargeForDelivery`.
-
-### §1.2 Что осталось от старой архитектуры
-
-До эпика «шеринг» (Plan 2/5) в коде была другая модель: у каждого тенанта был свой `webhook_token`, поставщик стучался напрямую `POST /api/webhook/{token}` → `WebhookReceiveController` → `ProcessWebhookJob` → списание из `tenants.balance_leads` (штучный prepaid-баланс).
-
-После шеринг-эпика этот путь **перестал использоваться**, но из кода не убран:
-
-- `ProcessWebhookJob` ([app/app/Jobs/ProcessWebhookJob.php](../../../app/app/Jobs/ProcessWebhookJob.php), 342 строки) — на старой prepaid-модели (`tenant->decrement('balance_leads')`, `BalanceTransaction(amount_leads=-1)`).
-- `WebhookReceiveController` + публично открытый роут `POST /api/webhook/{token}` ([app/routes/web.php:276](../../../app/routes/web.php#L276)).
-- Таблицы `webhook_log` (партиционированная, 13 партиций) и `webhook_dedup_keys` — источник записей только этот job.
-- Колонки `tenants.webhook_token`, `tenants.webhook_token_rotated_at`.
-- Тесты `ProcessWebhookJobTest`, `WebhookReceiveTest` (плюс упоминания в 4 других файлах-тестах).
-
-**Подтверждение «не используется на проде»:**
-
-- `SELECT COUNT(*) FROM webhook_log` = 0 (за всю историю боевого сервера).
-- `last_webhook_at` у всех 5 тенантов = NULL.
-- Боевые лиды (`deals.tenant_id=2`, 412 шт.) пришли через основной канал — `source_crm_id` имеет формат `vid` от `crm.bp-gr.ru`.
-
-### §1.3 Проблемы рудимента
-
-1. **Открытый публичный эндпоинт.** `POST /api/webhook/{token}` доступен из интернета без middleware-проверки, аутентификация по знанию токена в URL. Лишний attack surface для DAST/нагрузочных атак.
-2. **Блокирует Phase B Спека A.** Phase B = `ALTER TABLE tenants DROP COLUMN balance_leads`. После него `ProcessWebhookJob` сломается на первом же вызове (или на запуске тестов).
-3. **Расхождение биллинг-моделей в коде.** Два разных списания на одну и ту же сущность (`Deal`) — путаница для будущих изменений.
-4. **Test-debt.** Тесты на старую prepaid-модель продолжают занимать набор тестов и время CI.
-
-### §1.4 Решение
-
-Удалить рудимент целиком (код + контроллер + роут + модель `WebhookDedupKey` + связанные тесты + таблицы БД + колонки `tenants`). Одним PR, выкатка одним релизом.
-
----
-
-## §2. Scope
-
-### §2.1 Что удаляем
-
-**PHP-код:**
-
-- `app/app/Jobs/ProcessWebhookJob.php` (целиком)
-- `app/app/Http/Controllers/Api/WebhookReceiveController.php` (целиком, если используется ТОЛЬКО для legacy-роута)
-- роут `Route::post('/api/webhook/{token}', ...)` в [app/routes/web.php:276](../../../app/routes/web.php#L276)
-- `app/app/Models/WebhookDedupKey.php` (целиком — используется только `ProcessWebhookJob`)
-- `app/app/Mail/LowBalanceNotification.php`, `app/app/Mail/ZeroBalanceNotification.php` — **только если impact-check (§3) подтвердит, что нет других caller'ов**
-
-**Методы в `NotificationService`** (только если impact-check подтвердит, что нет других caller'ов):
-
-- `notifyLowBalance`
-- `notifyZeroBalance` (NB: не путать с `notifyZeroBalancePaused` — это разный метод шеринг-канала, оставляем)
-- `notifyNewLead` — **оставляем** (использует и шеринг через `RouteSupplierLeadJob`)
-
-**Тесты (целиком):**
-
-- `app/tests/Feature/ProcessWebhookJobTest.php`
-- `app/tests/Feature/WebhookReceiveTest.php`
-
-**Тесты (частично — удалить только релевантные кейсы, проверить не опустели ли файлы):**
-
-- `app/tests/Feature/Pd/DealCreatePdLogTest.php`
-- `app/tests/Feature/Notifications/BalanceNotificationsTest.php`
-- `app/tests/Feature/Notifications/NewLeadNotificationTest.php`
-- `app/tests/Feature/Notifications/InAppNotificationTest.php`
-
-**Миграция БД (одной миграцией, идемпотентной):**
-
-- `DROP TABLE webhook_log` (партиционированная) + все 13 партиций
-- `DROP TABLE webhook_dedup_keys`
-- `DROP TABLE rejected_deals_log` — **только если impact-check подтвердит, что писалось только `ProcessWebhookJob`**
-- `ALTER TABLE tenants DROP COLUMN webhook_token, DROP COLUMN webhook_token_rotated_at` — **только если impact-check подтвердит, что не используется в UI/API**
-- удаление сидов / system_settings ключей, относящихся только к legacy: `low_balance_threshold_leads` (если не унифицируется в рамках другого спека)
-
-### §2.2 Что НЕ трогаем (явно out of scope)
-
-- `failed_webhook_jobs` — используется `RouteSupplierLeadJob::failed()` (шеринг-канал).
-- `SupplierLeadCost` — пишется и шеринг-каналом (через `LedgerService::chargeForDelivery`).
-- `MonthlyPartitionManager` — управляет партициями нескольких таблиц, не только `webhook_log`.
-- `SupplierResolver` — используется в админке (`AdminSupplierIntegrationController`).
-- Phase B Спека A (`DROP COLUMN balance_leads`) — отдельная задача после ≥72ч наблюдения Phase A.
-- Унификация `notifyLowBalance` под рубли — отдельная задача, если решим возрождать low-balance уведомления.
-
----
-
-## §3. Impact-checks (обязательны перед удалением)
-
-Каждая удаляемая сущность пройдёт автоматическую проверку «не использует ли её живой код». Список проверок — задачи в плане:
-
-| Сущность | Проверка | Решение если есть use |
-|---|---|---|
-| `WebhookReceiveController` | `grep -r "WebhookReceiveController" app/` | Если есть use вне роута — удалить только метод `receive`, контроллер оставить |
-| `NotificationService::notifyLowBalance` | `grep -r "notifyLowBalance" app/` | Если есть caller вне `ProcessWebhookJob` — оставить метод |
-| `NotificationService::notifyZeroBalance` | `grep -r "notifyZeroBalance\b" app/` (с word boundary, чтобы не зацепить `notifyZeroBalancePaused`) | Если есть caller — оставить метод |
-| `LowBalanceNotification`, `ZeroBalanceNotification` (Mailable) | `grep -r "LowBalanceNotification\|ZeroBalanceNotification" app/` | Если есть use — оставить класс |
-| `tenants.webhook_token`, `webhook_token_rotated_at` | grep по `app/` и `app/resources/js/` — поиск в UI, API-resource, ресурс-сериализаторах, фабриках, сидах | Если есть UI/API consumer — отдельная задача на удаление UI |
-| `rejected_deals_log` | `grep -r "RejectedDealsLog\|rejected_deals_log" app/` | Если есть use вне `ProcessWebhookJob` — таблицу не дропать |
-| `webhook_dedup_keys` | `grep -r "webhook_dedup_keys\|WebhookDedupKey" app/` | Должен быть пустым после удаления `ProcessWebhookJob` |
-| `low_balance_threshold_leads` (system_settings) | `grep -r "low_balance_threshold_leads" app/` | Если есть caller — мигрировать или удалить настройку |
-
-Все проверки делаются на текущем коде (после mental-удаления `ProcessWebhookJob` и тестов).
-
----
-
-## §4. Решение по архитектуре
-
-### §4.1 Главный инвариант
-
-После выпиливания **остаётся ровно одна труба биллинга**: `RouteSupplierLeadJob::createDealCopyForProject` → `LedgerService::chargeForDelivery`. Все списания всех каналов идут через неё.
-
-### §4.2 Что меняется в публичном API
-
-- `POST /api/webhook/{token}` — **404**. Старые токены тенантов перестают принимать вход (попадание в логи nginx как 404 — это нормально, на проде вызовов 0).
-- `POST /api/webhook/supplier/{secret}` — **без изменений** (это шеринг-канал от `crm.bp-gr.ru`).
-
-### §4.3 Откатываемость
-
-Миграция БД **необратимая** (DROP TABLE / DROP COLUMN). Бэкап `pg_dump` снимается перед выкаткой по runbook `docs/deploy/test-server-runbook.md`. В случае critical-инцидента — restore из бэкапа + откат git revert.
-
-Риск отката оценивается как **нулевой** — на проде webhook_log = 0, рудимент никем не используется.
-
-### §4.4 Совместимость с другими спеками
-
-- **Спек A (₽-баланс, Phase A на проде)** — этот спек снимает блокер для Phase B.
-- **Спек B (дубли, на проде)** — не пересекается (Спек B про шеринг-канал; legacy webhook имеет собственный `webhook_dedup_keys`, который тоже удаляется).
-- **Спек C (preflight + VTB)** — не пересекается (preflight работает на уровне `SupplierQuotaAllocator`; VTB — на пополнении баланса, не на списании).
-
----
-
-## §5. Тестирование
-
-### §5.1 Регрессионная проверка
-
-- `composer test` — Pest --parallel, должно пройти на dev (после удаления тестов количество suite уменьшится).
-- `npm run test:vue` — Vitest, должен остаться зелёным (UI не трогаем кроме возможного раздела webhook-token, если impact-check найдёт).
-- Lefthook pre-commit — все джобы зелёные.
-- Larastan — без новых ошибок (baseline регенерация только если потребуется).
-
-### §5.2 Smoke-проверка на проде после деплоя
-
-- `curl -X POST https://liderra.ru/api/webhook/test-token -d '{}'` → ожидается **404** (роут больше не существует).
-- `curl -X POST https://liderra.ru/api/webhook/supplier/$SECRET -d '{...}'` → ожидается **200/202** (шеринг-канал работает как раньше).
-- `SELECT * FROM information_schema.tables WHERE table_name IN ('webhook_log', 'webhook_dedup_keys')` → 0 строк (миграция применилась).
-- `SELECT column_name FROM information_schema.columns WHERE table_name='tenants' AND column_name LIKE 'webhook_%'` → 0 строк (если impact-check подтвердил удаление колонок).
-
-### §5.3 7-дневное наблюдение
-
-После деплоя — наблюдать:
-
-- `failed_jobs` (новые fail'ы только от шеринг-канала).
-- nginx access log на `/api/webhook/{token}` 404 — если **кто-то** реально начнёт долбиться (что маловероятно: 0 вызовов за всю историю), но если начнёт — это сигнал к ретроспективе.
-- Sentry-алерты — без новых регрессий (Sentry pending Б-1).
-
----
-
-## §6. Выкатка
-
-**Один PR, один релиз** (заказчик подтвердил 2026-05-24).
-
-Шаги (детали — в плане реализации):
-
-1. Изолированный worktree.
-2. Impact-checks (§3) — финальный список «что удаляем точно, что оставляем».
-3. Code-удаление + удаление/чистка тестов.
-4. Миграция БД (одна идемпотентная миграция с DROP).
-5. Полная регрессия (`composer test` + `npm run test:vue` + lefthook).
-6. Subagent code-review.
-7. Push в main, FF merge.
-8. Деплой на боевой:
-   - Бэкап `pg_dump` перед миграцией (runbook).
-   - `git archive | scp | tar -xf` (10-15 файлов).
-   - `redeploy.sh` (composer + migrate + cache + reload php-fpm).
-   - Smoke-проверка (§5.2).
-9. 7-дневное наблюдение (§5.3).
-
----
-
-## §7. Связано
-
-- [Спек A Биллинг v2 — единый ₽-баланс](2026-05-23-billing-v2-spec-a-balance-rub-design.md) (Phase B = блокирован этим документом до выпиливания).
-- [Спек B Биллинг v2 — политика дублей](2026-05-23-billing-v2-spec-b-duplicates-design.md) (не пересекается, но даёт контекст шеринг-канала).
-- [Спек C Биллинг v2 — preflight + VTB](2026-05-24-billing-v2-spec-c-preflight-vtb-design.md) (не пересекается).
-- [Supplier integration spec](2026-05-10-supplier-integration-design.md) §5–§6 (определение шеринг-канала, который остаётся единственным боевым).
-- [CSV reconcile channel spec](2026-05-18-supplier-csv-reconcile-channel-design.md) (резервный канал, не трогается).
-- `docs/deploy/test-server-runbook.md` (бэкап перед миграцией).
-- Памятки в коде комментариев: [routes/web.php:282](../../../app/routes/web.php#L282) уже маркирует роут как «legacy».
diff --git a/docs/superpowers/specs/2026-05-25-supplier-webhook-reliability-design.md b/docs/superpowers/specs/2026-05-25-supplier-webhook-reliability-design.md
deleted file mode 100644
index 78a1fdb..0000000
--- a/docs/superpowers/specs/2026-05-25-supplier-webhook-reliability-design.md
+++ /dev/null
@@ -1,291 +0,0 @@
-# Supplier webhook reliability — design spec
-
-**Дата:** 2026-05-25
-**Статус:** draft → готов к плану
-**Ветка:** `feat/supplier-webhook-fixes`
-**Связано:** Спек B Phase 1 (`docs/superpowers/specs/2026-05-23-billing-v2-spec-b-duplicates-design.md`) — снят DuplicateDetector; данная спека закрывает race condition, оставшийся после Спека B.
-
----
-
-## 1. Проблема
-
-На боевом liderra.ru за сутки 25.05.2026 для тенанта `client1` (tenant_id=2):
-
-- Поставщик crm.bp-gr.ru отдал **205 уникальных лидов** (учётка `info@lkomega.ru`, страница `/admin/visit/index-visit?visit=rt`)
-- На портале — **160 сделок**, из них **123 уникальных телефона** (37 — дубликаты `phone+project`)
-- **Расхождения:** 82 лида у поставщика не дошли до портала; 37 deals в портале дублированы
-
-### 1.1. Корневая причина потерь (76 из 82)
-
-Из 234 POST-запросов поставщика на `/api/webhook/supplier/<secret>` сегодня:
-- **132** → 202 Accepted (приняты)
-- **76** → 302 Found (Location: `https://liderra.ru`)
-- 29 → 301 (http→https на `/`)
-
-Воспроизведено вручную: `curl -X POST` с пустым `{}` → 302 + Set-Cookie. Это **дефолтный Laravel behavior**: для запросов, где `Accept` НЕ содержит `application/json`, `ValidationException` рендерится через `redirect()->back()->withErrors()` — 302 на referer (которого нет у webhook-вызывающего) → fallback на `/`.
-
-Запросы 302 — это webhook-и где `project` НЕ матчится regex `'project' => regex:/^B[123]_.+$/'` ([app/app/Http/Controllers/Api/SupplierWebhookController.php:86](../../../app/app/Http/Controllers/Api/SupplierWebhookController.php#L86)).
-
-Конкретные «непринимаемые» проекты (видны в supplier rt-list):
-- `client.carmoney.ru` — 55 лидов
-- `B2_Caranga` — 7
-- `cabinet.caranga.ru` — 3
-- `cashmotor.ru` — 2
-- остальные единичные: `73912346386`, `79135191264`, `78006009393`, `78007006600`, `79029248888`, `B2_drivezaim`, `B3_+7 (495) 023-66-52` и т.п.
-
-### 1.2. Корневая причина дублей (37)
-
-[app/app/Jobs/Supplier/CsvReconcileJob.php:146-155](../../../app/app/Jobs/Supplier/CsvReconcileJob.php#L146-L155) каждые 30 мин создаёт «recovered» `SupplierLead` с **`vid: null`**, `source: csv_recovery` для лидов, найденных в CSV поставщика но отсутствующих в наших `supplier_leads` за окно.
-
-Затем поставщик ретраит webhook с настоящим `vid` (численный) → создаётся **новый** `SupplierLead` (UNIQUE по `vid`, NULL ≠ NULL → не считается дублем) → `RouteSupplierLeadJob` создаёт **второй Deal**.
-
-`supplier_lead_deliveries` уник-индекс на `(supplier_lead_id, tenant_id)` ([app/app/Jobs/RouteSupplierLeadJob.php:249-262](../../../app/app/Jobs/RouteSupplierLeadJob.php#L249-L262)) **не блокирует**, потому что у CSV-recovered и webhook разные `supplier_lead.id`.
-
-Раньше эту race-condition закрывал `DuplicateDetector` (24h-фильтр по `phone+project`), который был снят в Спеке B Phase 1 (commit `ccfecd5e`, 24.05) с обоснованием «за повторы поставщика берём».
-
-### 1.3. Цепочка B-префикса (5 точек)
-
-Regex `B[123]_` встречается в коде в **5 точках**, и все обязательны для текущего flow:
-
-| # | Место | file:line | Поведение без B-префикса |
-|---|---|---|---|
-| 1 | Webhook validation | [SupplierWebhookController.php:86](../../../app/app/Http/Controllers/Api/SupplierWebhookController.php#L86) | ValidationException → 302 (см. 1.1) |
-| 2 | parsePlatform fallback | [SupplierWebhookController.php:183-188](../../../app/app/Http/Controllers/Api/SupplierWebhookController.php#L183-L188) | silent fallback 'B1' |
-| 3 | parseProjectField | [RouteSupplierLeadJob.php:172-200](../../../app/app/Jobs/RouteSupplierLeadJob.php#L172-L200) | **RuntimeException** → retry 3x → failed_webhook_jobs |
-| 4 | extractPlatform | [CsvReconcileJob.php:237-244](../../../app/app/Jobs/Supplier/CsvReconcileJob.php#L237-L244) | возвращает `null` → строка в `unparseable_count` (56 сегодня) |
-| 5 | БД constraint | `supplier_projects.platform CHECK IN (B1,B2,B3)` | нельзя сохранить platform=`DIRECT` |
-
----
-
-## 2. Цели и не-цели
-
-### Цели
-
-- **C1.** Webhook на `/api/webhook/supplier/*` ВСЕГДА отвечает JSON (202/200/422/429/404), никогда не редиректит. Любая `ValidationException` для этого URL — JSON 422 с полем `errors`.
-- **C2.** Webhook, поступивший после CSV-recovered deal по тому же `(tenant_id, phone, project_id)` в окне 24h, **обновляет** существующий deal (`source_crm_id`, `received_at` если новее, `phones`), а не создаёт второй. Биллинг не списывает второй раз.
-- **C3.** Webhook на проекты без префикса `B[123]_` (`client.carmoney.ru`, `cashmotor.ru`, числовые) принимается, проходит routing, создаёт Deal под новой платформой `DIRECT`.
-
-### Не-цели
-
-- **NG1.** Восстановление 82 потерянных лидов 25.05 — оффлайн-операция после деплоя, через `php artisan supplier:reconcile-force` или ручное добавление по списку (вне scope этой спеки).
-- **NG2.** Очистка 37 текущих дублей в проде — отдельная миграция данных или ручной SQL (вне scope).
-- **NG3.** Изменение бизнес-правил биллинга для DIRECT-платформы. Берётся та же тарификация, что для B1/B2/B3 (по умолчанию tier по `signal_type`). Альтернативная цена для DIRECT — отдельный спек если потребуется.
-- **NG4.** Отказ от CSV reconcile job — он остаётся как safety net, но теперь дедупликация не приводит к дублям.
-
----
-
-## 3. Решение
-
-Три независимые фазы. Каждая фаза — отдельный PR, отдельный план, отдельный выкат на боевой. Между фазами — observation period (1-2 часа на проде, потом следующая фаза).
-
-### Phase 1 (низкий риск) — Always JSON 422 для webhook validation errors
-
-**Изменения:**
-
-- В [app/bootstrap/app.php:35](../../../app/bootstrap/app.php#L35) `withExceptions()` добавить render:
-  ```php
-  $exceptions->render(function (\Illuminate\Validation\ValidationException $e, Request $request) {
-      if ($request->is('api/webhook/supplier/*')) {
-          return response()->json([
-              'message' => 'Validation failed',
-              'errors' => $e->errors(),
-          ], 422);
-      }
-      return null; // дефолтный рендер для остальных
-  });
-  ```
-- Тест: POST с `Accept: text/html` (имитация поставщика без JSON-Accept) на webhook с невалидным payload → assert 422 + JSON Content-Type + ошибка в `errors`.
-- Существующие тесты `SupplierWebhookTest.php` — все `postJson(...)` → 422 уже работают. Добавляется один новый тест с обычным `post()`.
-
-**Risk:** низкий. Изменение не трогает control flow webhook'а, только формат ответа на ошибку.
-
-**Откатываемость:** одной строчкой revert.
-
-### Phase 2 (средний риск) — Идемпотентность webhook ↔ CSV-recovered
-
-**Изменения:**
-
-- В [app/app/Jobs/RouteSupplierLeadJob.php:207](../../../app/app/Jobs/RouteSupplierLeadJob.php#L207) `createDealCopyForProject()` ДО создания Deal — поиск:
-  ```php
-  $existingDeal = Deal::query()
-      ->where('tenant_id', $tenant->id)
-      ->where('phone', (string) $lead->phone)
-      ->where('project_id', $project->id)
-      ->where('received_at', '>=', now()->subDay())
-      ->whereNull('source_crm_id') // только CSV-recovered ждут vid
-      ->lockForUpdate()
-      ->first();
-  ```
-- Если найден → `UPDATE deals SET source_crm_id = vid, received_at = MAX(...)` + `supplier_lead_deliveries` запись + **НЕ списываем баланс повторно** (Ledger.alreadyChargedForDeal или просто отсутствие второго `chargeForDelivery`) → возврат `false`/`'merged'`.
-- Если не найден → текущий путь создания нового Deal без изменений.
-- `supplier_lead_deliveries.deal_id` обновляется на найденный deal.id.
-
-**Биллинг safety:**
-- `LedgerService::chargeForDelivery` уже идемпотентен по `supplier_lead_id` (PK lead_charges) — проверить.
-- Если не идемпотентен — добавить guard: SELECT lead_charges WHERE deal_id=$existingDeal->id; если есть — skip charge.
-
-**Тесты:**
-- TDD: CSV-recovered deal без vid → webhook на тот же phone+project → assert 1 deal (не 2), source_crm_id заполнен, lead_charges = 1 запись.
-- Regression: повтор поставщика по тому же vid (память Спека B — «за повторы берём») → assert 2 deals (если разные supplier_lead с разными vid).
-- Race: одновременный webhook и CSV-recovery → lockForUpdate гарантирует один deal.
-
-**Risk:** средний — затрагивает биллинг. Нужно убедиться что `chargeForDelivery` не списывает второй раз.
-
-### Phase 3 (высокий риск) — DIRECT platform для проектов без B-префикса
-
-**Изменения:**
-
-1. **Миграция БД** `database/migrations/2026_05_25_120000_add_direct_platform.php`:
-   ```sql
-   ALTER TABLE supplier_projects DROP CONSTRAINT chk_supplier_projects_platform;
-   ALTER TABLE supplier_projects ADD CONSTRAINT chk_supplier_projects_platform
-     CHECK (platform IN ('B1','B2','B3','DIRECT'));
-   ALTER TABLE project_supplier_links DROP CONSTRAINT chk_psl_platform;
-   ALTER TABLE project_supplier_links ADD CONSTRAINT chk_psl_platform
-     CHECK (platform IN ('B1','B2','B3','DIRECT'));
-   ```
-   Также снять constraint `chk_supplier_projects_b1_not_for_sms` (он про B1+sms) если он мешает.
-
-2. **Webhook regex** [SupplierWebhookController.php:86](../../../app/app/Http/Controllers/Api/SupplierWebhookController.php#L86):
-   ```php
-   'project' => ['required', 'string', 'max:255'], // снят regex
-   ```
-
-3. **parsePlatform** [SupplierWebhookController.php:183-188](../../../app/app/Http/Controllers/Api/SupplierWebhookController.php#L183-L188):
-   ```php
-   private function parsePlatform(string $project): string
-   {
-       if (preg_match('/^(B[123])_/', $project, $m) === 1) {
-           return $m[1];
-       }
-       return 'DIRECT';
-   }
-   ```
-
-4. **parseProjectField** [RouteSupplierLeadJob.php:172-200](../../../app/app/Jobs/RouteSupplierLeadJob.php#L172-L200) — добавить DIRECT branch:
-   ```php
-   private function parseProjectField(string $project): array
-   {
-       if (preg_match('/^(B[123])_(.+)$/', $project, $m) === 1) {
-           $platform = $m[1];
-           $rest = $m[2];
-       } else {
-           $platform = 'DIRECT';
-           $rest = $project; // весь project считается identifier-частью
-       }
-       // далее существующая логика определения signal_type/identifier на $rest
-       // (call / site / sms по тем же regex'ам)
-   }
-   ```
-
-5. **extractPlatform** [CsvReconcileJob.php:237-244](../../../app/app/Jobs/Supplier/CsvReconcileJob.php#L237-L244):
-   ```php
-   private function extractPlatform(string $project): string
-   {
-       if (preg_match('/^(B[123])_/', $project, $m) === 1) {
-           return $m[1];
-       }
-       return 'DIRECT';
-   }
-   ```
-   Логика `unparseable_count` снимается для DIRECT-кейса; остаётся только для **реального мусора** (телефоны/URL в поле project). Различение через дополнительный regex проверки `[a-z0-9]` в начале.
-
-6. **SupplierProjectResolver** — резолв по `(platform=DIRECT, signal_type, identifier)` создаёт/находит `supplier_projects` row с platform=DIRECT.
-
-7. **LeadRouter::matchEligibleProjects** — DIRECT-platform fetches по тем же signal_type/identifier-полям проекта; никаких B1/B2/B3 специальных условий.
-
-**Тесты:**
-- Существующий тест `'rejects invalid project format with 422'` ([SupplierWebhookTest.php:95](../../../app/tests/Feature/Http/Webhook/SupplierWebhookTest.php#L95)) переписать: теперь invalid_format → 202 (принят), platform=DIRECT.
-- Новый тест: webhook с `project: "client.carmoney.ru"` → 202, supplier_lead.platform=DIRECT, RouteSupplierLeadJob создаёт SupplierProject под DIRECT, Deal создаётся.
-- Существующие тесты RouteSupplierLeadJobTest / CsvReconcileJobTest — добавить DIRECT-кейсы.
-- Регрессия: все B1/B2/B3 кейсы продолжают работать без изменений.
-
-**Risk:** высокий — затрагивает миграцию БД, ⩾5 файлов кода, тесты, бизнес-семантику биллинга для DIRECT.
-
-**Сложность:** одновременная правка должна быть атомарной — если деплоится миграция но не код, controller примет lid'ы которые job не сможет обработать. Один PR, один деплой, очередь queue:restart после.
-
----
-
-## 4. Стратегия деплоя
-
-Три отдельных деплоя на liderra.ru через `redeploy.sh` (per memory: «`sudo -u www-data php artisan optimize` в строке 9 скрипта»):
-
-1. **Деплой 1 (Phase 1):** ~10 мин outage риск 0. Сразу после деплоя смотрим nginx logs — все POST → 422 или 202, нет 30x. Ждём 30 мин — drift_alert не должен подниматься.
-2. **Деплой 2 (Phase 2):** ~10 мин outage риск 0. Смотрим что новые deals не дублируются (`SELECT phone, project_id, COUNT(*) FROM deals WHERE created_at > NOW()-interval'2h' GROUP BY 1,2 HAVING COUNT(*)>1`). Ждём 1-2 часа.
-3. **Деплой 3 (Phase 3):** включает миграцию БД. Сначала миграция (idempotent CHECK extension), затем код. Smoke: POST `project: "client.carmoney.ru"` с правильным secret и IP → 202, supplier_lead создан, deal создан. Ждём 6 часов на наблюдение, после — закрытие задачи.
-
-Перед каждым деплоем — обязательно агент `prod-deploy-validator` (per [Pravila §2.4](../../Pravila_raboty_Claude_v1_1.md)).
-
----
-
-## 5. Тестирование
-
-### Pest unit/feature
-
-Все три фазы — TDD: тест → fail → имплементация → pass → commit. Запуск `composer test -- --filter='Supplier'` после каждой фазы.
-
-Существующие тесты, которые гарантированно адаптируются:
-- `app/tests/Feature/Http/Webhook/SupplierWebhookTest.php` — line 95 «invalid_format → 422» переписывается на «invalid_format → 202 DIRECT» в Phase 3.
-- `app/tests/Feature/Supplier/CsvReconcileJobTest.php` — добавить кейс DIRECT в Phase 3.
-- `app/tests/Feature/Supplier/RouteSupplierLeadJobBillingTest.php` — добавить «webhook после CSV-recovered не списывает второй раз» в Phase 2.
-- `app/tests/Feature/Supplier/SupplierLeadDeliveryGuardTest.php` — добавить кейс «разные SupplierLead.id, тот же phone+project — не дубль» в Phase 2.
-
-### Регрессия
-
-`/regression full` ПОСЛЕ каждой фазы (Pest --parallel + Larastan + Vitest + Vite build + lychee + gitleaks). Каждая фаза — отдельный коммит на ветке `feat/supplier-webhook-fixes`, отдельный PR, отдельный merge → отдельный redeploy.
-
-### Прод-smoke
-
-После каждого деплоя — конкретные SQL-проверки в `db/`, описаны в каждом плане.
-
----
-
-## 6. Откат
-
-- Phase 1 — revert single commit.
-- Phase 2 — revert commit + dedup кода. Миграции БД нет.
-- Phase 3 — revert commit + миграция down: `DROP CONSTRAINT ... ADD CONSTRAINT ... CHECK IN (B1,B2,B3)`. Если в БД уже есть `platform=DIRECT` rows — миграция down упадёт. Нужен seed-cleanup перед откатом.
-
----
-
-## 7. Файлы (общий список)
-
-**Создать:**
-- `database/migrations/2026_05_25_120000_add_direct_platform.php` (Phase 3)
-- `app/tests/Feature/Http/Webhook/SupplierWebhookValidationFormatTest.php` (Phase 1, новый файл)
-- `app/tests/Feature/Supplier/CsvWebhookRaceTest.php` (Phase 2, новый файл)
-- `app/tests/Feature/Supplier/DirectPlatformTest.php` (Phase 3, новый файл)
-
-**Изменить:**
-- `app/bootstrap/app.php` (Phase 1)
-- `app/app/Http/Controllers/Api/SupplierWebhookController.php` (Phase 3)
-- `app/app/Jobs/RouteSupplierLeadJob.php` (Phase 2 + Phase 3)
-- `app/app/Jobs/Supplier/CsvReconcileJob.php` (Phase 3)
-- `app/app/Services/SupplierProjects/SupplierProjectResolver.php` (Phase 3)
-- `app/app/Services/LeadRouter.php` (Phase 3)
-- `app/tests/Feature/Http/Webhook/SupplierWebhookTest.php` (Phase 3 — переписать line 95)
-- `db/schema.sql` (Phase 3 — sync с миграцией)
-- `db/CHANGELOG_schema.md` (Phase 3)
-
-**Возможно затронуть:**
-- `app/app/Services/Billing/LedgerService.php` (Phase 2 — guard от двойного списания, если ещё не идемпотентен)
-
----
-
-## 8. Открытые вопросы (на момент написания спеки)
-
-- **OQ-1.** Идемпотентен ли `LedgerService::chargeForDelivery` по `(deal_id, lead_id)` или может списать дважды? — выяснится в Phase 2 Task 1 (read code).
-- **OQ-2.** `supplier_projects.subject_code` — обязательное поле для DIRECT? — выяснится в Phase 3 Task 2 (миграция).
-- **OQ-3.** `chk_supplier_projects_b1_not_for_sms` constraint конфликтует с DIRECT? — выяснится в Phase 3 Task 1.
-
-Каждый вопрос разрешается inline во время реализации, не блокирует план.
-
----
-
-## 9. Ссылки
-
-- План Phase 1: `docs/superpowers/plans/2026-05-25-supplier-webhook-phase-1-json-422.md`
-- План Phase 2: `docs/superpowers/plans/2026-05-25-supplier-webhook-phase-2-dedup.md`
-- План Phase 3: `docs/superpowers/plans/2026-05-25-supplier-webhook-phase-3-direct-platform.md`
-- Memory project_supplier_integration.md — историческая информация о supplier flow
-- ADR-008 (если потребуется DIRECT — оформить как ADR-018 «Supplier DIRECT platform»)
diff --git a/docs/superpowers/specs/2026-05-26-slepok-routing-protection-design.md b/docs/superpowers/specs/2026-05-26-slepok-routing-protection-design.md
deleted file mode 100644
index c883424..0000000
--- a/docs/superpowers/specs/2026-05-26-slepok-routing-protection-design.md
+++ /dev/null
@@ -1,1106 +0,0 @@
-# Защита слепка поставщика в маршрутизации лидов — дизайн
-
-**Автор:** Claude Opus 4.7 (сессия `135a4adf`, аудит «вчерашний слепок vs live state» 26.05.2026)
-**Статус:** Draft v0.4 — уточнение оценки Этапа 1 после свежего git diff (26.05.2026 поздний вечер).
-**Дата:** 2026-05-26
-
-**Changelog v0.3 → v0.4:**
-
-- §4.1.1 / §11: оценка Этапа 1 пересмотрена `4ч` → **`0.5–1 рабочий день`**. Свежий diff показал, что `feat/billing-v2-spec-c` отстаёт от `origin/main` на **50+ коммитов** (а не 16 как предполагалось в v0.1), включая Snapshot Guard 10-коммитную серию (`8b6b4101..0902de96`) и Phase 2 FK-fix `0da72778` («не обновлять deals.received_at»). Merge spec-c в main потребует аккуратного резолва конфликтов в `LeadRouter.php` / `RouteSupplierLeadJob.php` / `Project.php` / `Tenant.php` + сохранения Phase 2 FK fix.
-- §11: добавлена строка «гипотезы R-11/R-16/R-17/R-19 не верифицированы на проде из-за отсутствия SSH-доступа с dev-машины в этой сессии; они остаются как unfalsified assumptions, конкретные пороги уточняются на этапе реализации через прод-SQL запросы».
-
-**Changelog v0.2 → v0.3:**
-
-- §4.2.5/UX: `appliesFrom` возвращает не `00:00 МСК`, а `21:00 МСК` дня старта slepok'а (тот момент, с которого slepok реально работает по канону §0).
-- §4.2.4: `delivered_count` инкрементится в **активный** snapshot (учитывает 21:00 МСК границу), а не в `Carbon::today()` — иначе в окне 21:00–24:00 МСК счётчик уезжает не в тот snapshot.
-- §4.2 + §6: явно прописано, что `SyncSupplierProjectsJob` (ночной push в 18:05 МСК) **читает из snapshot**, а не из live `projects` — иначе race 18:02 → 18:05 ломает идемпотентность.
-- §4.2.2: добавлен fail-loud механизм при отсутствии snapshot за активную дату — алёрт + heartbeat-флаг (роутер не молчит, мы знаем сразу).
-- §4.2.6/§4.2.7/§6/§8.1: синхронизированы все упоминания времени cron'а на **18:02 МСК** (было местами 21:00 как наследие v0.1).
-
-**Changelog v0.1 → v0.2 (для истории):**
-
-- Cut-off Лидерры исправлен 21:00 → **18:00 МСК** (3-часовое окно 18:00–21:00 на push поставщику до его фиксации).
-- Бизнес-инвариант переписан в каноническую формулировку заказчика (slepok №NЛ / №NП).
-- `SnapshotProjectRoutingJob` cron сдвинут 21:00 → **18:00 МСК** (после `BalancePreflightSweepJob`).
-- Активный snapshot в роутере: до 21:00 МСК = сделанный вчера; после 21:00 МСК = сделанный сегодня.
-- `SupplierSnapshotGuard::appliesFrom`: граница 21:00 → **18:00 МСК**.
-- OPEN-2 закрыт: resume = со следующего slepok'а; emergency-кнопка НЕ нужна.
-- OPEN-5 закрыт: `effective_daily_limit_today` сохраняется, в snapshot подхватывается, обнуляется в 00:00 МСК (вариант A).
-- OPEN-1 закрыт: после 21:00 МСК поставщик строго работает только по завтрашнему слепку.
-**Связано:**
-- [[project-billing-v2]] memory — режим online/batch policy.
-- [docs/superpowers/specs/2026-05-24-billing-v2-spec-c-preflight-vtb-design.md] §3.10 (deferred item «отдать разморозившемуся клиенту лиды»).
-- [docs/superpowers/plans/2026-05-26-supplier-snapshot-guard.md] — текущий SupplierSnapshotGuard, защищает только delete/change_source.
-
----
-
-## §0. TL;DR
-
-В Лидерре нет собственного фиксированного «снимка заказа на сегодня». `LeadRouter` распределяет входящие лиды по живому состоянию настроек проекта (`is_active`, `daily_limit_target`, `delivery_days_mask`, `regions`). Поставщик у себя фиксирует **свой** слепок в 21:00 МСК на следующий день, и до 21:00 МСК следующего дня лиды летят по этому слепку. Любое изменение клиентом (пауза, лимит, регионы, дни) применяется к роутеру **мгновенно** — но слепок поставщика об этом уже не знает. Возникает разрыв «что клиент заказал у Лидерры вчера» vs «что роутер сегодня делает».
-
-**Канонический бизнес-инвариант (формулировка заказчика, 26.05.2026):**
-
-> Наш клиент Лидерры подаёт нам до 18:00 МСК. Лидерра подаёт в 21:00 МСК поставщику; разница во времени вызвана тем, чтобы нам успеть перенести все правки поставщику.
->
-> 26.05.26 в 18:00 МСК делается слепок **№1Л** клиентов Лидерры. 26.05.26 в 21:00 МСК делается слепок **№1П** поставщиком проектов Лидерры. Все лиды, которые поступят от поставщика в период с **26.05.26 21:01** до **27.05.26 20:59** будут приходить по слепку №1П (его внутренний эквивалент у нас — слепок №1Л).
->
-> 27.05.26 в 18:00 и в 21:00 появятся ещё 2 слепка — **№2Л** и **№2П**. Если клиент 26.05.26 в 23:00 нажмёт «возобновить проект», то он получит свои сделки и мы свои лиды только в рамках слепков №2Л и №2П — в период с 27.05.26 21:00 МСК по 28.05.26 20:59 МСК.
-
-Из этого инварианта вытекает временна́я схема:
-
-```
-N.18:00 МСК — cut-off клиента (последний момент правок на день N+1)
-N.18:00 МСК — Лидерра создаёт slepok №NЛ (на день N+1)
-N.18:00 – N.21:00 МСК — Лидерра пушит поставщику (3-часовое окно доставки)
-N.21:00 МСК — поставщик фиксирует slepok №NП (на день N+1)
-N.21:01 МСК → (N+1).20:59 МСК — лиды летят по slepok №NЛ / №NП
-```
-
-Спек закрывает 19 рисков (R-01..R-19), выявленных в аудите, через 5 этапов: **(1)** стабилизация прод-state, **(2)** собственная snapshot-таблица + переключение роутера на неё, **(3)** фильтр frozen/blocked в роутере, **(4)** корректные расчёты (legacy FK / online vs batch ключи / preflight с шерингом / Carbon::tomorrow boundary), **(5)** переключение боевого режима `online → batch`.
-
----
-
-## §1. Контекст и проблема
-
-### §1.1 Контракты
-
-**Контракт #1 — внешний (Лидерра ↔ поставщик crm.bp-gr.ru):**
-
-- Лидерра агрегирует заявки всех своих клиентов по `(signal_type, identifier)` и шлёт поставщику **одну строку** «нужно N лидов с +7XXX, регионы X, дни Y».
-- Поставщик не знает про tenant_id Лидерры — для него заказчик един.
-- Слепок поставщика на следующий день фиксируется в 21:00 МСК.
-- Расчёт обязательства Лидерры перед поставщиком — агрегатный per-supplier_project, не per-client.
-
-**Контракт #2..N — внутренние (Лидерра ↔ каждый клиент-тенант):**
-
-- Каждый клиент договорился с Лидеррой на свой объём, лимит, источники, регионы, дни.
-- Если несколько клиентов на одном источнике — шеринг до 3-х копий ([LeadDistributor::CAP=3](app/app/Services/LeadDistributor.php)).
-- Заказ Лидерры поставщику для одной группы: `order = max(наибольший_лимит, ceil(Σ_лимитов / 3))` ([SupplierQuotaAllocator::computeOrder](app/app/Services/Supplier/SupplierQuotaAllocator.php)).
-- Расчёт обязательства клиента перед Лидеррой — per-client, по тарифной ступени.
-
-### §1.2 Корень проблемы
-
-В коде:
-
-| Слой | Что фиксируется | Когда | Что читает роутер |
-|---|---|---|---|
-| 18:05 МСК sync | push поставщику | один раз в сутки | — |
-| 21:00 МСК слепок поставщика | внешний снимок (его БД) | один раз в сутки | — |
-| 00:00 МСК reset | `delivered_today=0` | один раз в сутки | — |
-| **— нет собственного snapshot —** | — | — | live `projects.*` |
-| Изменения через UI | мгновенно в `projects` | в любой момент | мгновенно влияет |
-
-`LeadRouter` ([app/app/Services/LeadRouter.php](app/app/Services/LeadRouter.php)) делает SQL по live полям таблицы `projects`. Любая правка через `ProjectService::update` / `bulkPauseResume` / `bulkUpdateLimit` / `bulkUpdateRegions` / `bulkUpdateDays` применяется в тот же момент.
-
-### §1.3 19 рисков из аудита (краткая ссылка)
-
-🔴 **P0 (5):**
-
-- R-01 — pause после 21:00 МСК: A заплатил Лидерре, лиды не получил.
-- R-02 — лид через шеринг к B/C при выпавшем A: внутренний разрыв расходов.
-- R-03 — frozen клиент получает лиды по уже зафиксированному слепку: списания идут.
-- R-04 — auto-pause каскад: первый InsufficientBalance → `is_active=false`, хвост слепка исчезает.
-- R-05 — CSV reconcile считает webhook-loss, а не «доставлено-ли-тем-кому-заказано».
-
-🟡 **P1 (11):**
-
-- R-06 — уменьшение лимита после слепка.
-- R-07 — изменение `delivery_days_mask` на ходу.
-- R-08 — изменение `regions` на ходу.
-- R-09 — race webhook ↔ pause: `lockForUpdate` не recheck'ает `is_active`.
-- R-10 — editable `signal_identifier` без pivot.
-- R-11 — `effective_daily_limit_today` admin-override без TTL.
-- R-12 — drop column `balance_leads` (Spec B Phase B) сломает SQL роутера.
-- R-16 — `CleanupInactiveSupplierProjectsJob` использует legacy FK, а не pivot.
-- R-17 — `buildUniqueKey` vs `buildUniqueKeyAgnostic` расходятся для SMS+keyword.
-- R-18 — `Carbon::tomorrow` boundary в полночь.
-- R-19 — preflight считает Σ лимитов, реальная нагрузка ≤ Σ/3 при шеринге.
-
-🟠 **P2 (3):**
-
-- R-13 — `paused_at` не выставляется при freeze (Snapshot Guard слепой).
-- R-14 — RuntimeException на non-B префиксе если прод на spec-c версии RouteSupplierLeadJob.
-- R-15 — создание проекта после 18:05 МСК не успевает к завтрашнему слепку.
-
----
-
-## §2. Цель / Не-цель
-
-### §2.1 Цель
-
-1. Зафиксировать в коде Лидерры собственный snapshot настроек проектов на каждый рабочий день, синхронно со слепком поставщика.
-2. Переключить `LeadRouter` на чтение из snapshot для **всех eligibility-полей** кроме баланса. Баланс остаётся live (это нужно для auto-pause).
-3. Дать клиенту явную UX-семантику: «изменения настроек применяются с послезавтра».
-4. Закрыть точечные дефекты R-12/R-14/R-16/R-17/R-18/R-19 параллельно.
-5. Перевести продакшен с `online` на `batch` режим после стабилизации.
-
-### §2.2 Не-цель
-
-1. Не меняем модель шеринга (CAP=3 в `LeadDistributor`) — она корректна.
-2. Не меняем форму заказа Лидерра ↔ поставщик (`computeOrder = max(max, ceil(Σ/3))`) — она корректна и одобрена брейнстормом.
-3. Не меняем биллинг-инварианты `LedgerService::chargeForDelivery` — bcmath, tier-резолюция, atomicity транзакции остаются как есть.
-4. Не строим механизм «доставить позже после разморозки» из Spec C §3.10 (deferred) — это отдельный спек после месяца статистики.
-5. Не меняем биллинг с поставщиком (`supplier_lead_costs` агрегат) — это смежная задача, отдельный аудит при необходимости.
-
-### §2.3 Бизнес-инвариант после реализации
-
-См. каноническую формулировку в §0 (slepok №NЛ / №NП).
-
-**Производное правило для UI/UX:**
-
-> Правка клиента **до 18:00 МСК дня N** — попадает в slepok №NЛ → действует с **N.21:00 МСК до (N+1).20:59 МСК**.
->
-> Правка клиента **после 18:00 МСК дня N** — попадает в slepok №(N+1)Л → действует с **(N+1).21:00 МСК до (N+2).20:59 МСК**.
-
-**Исключения** (правки применяются вне семантики slepok'а):
-
-- Удаление баланса / отсутствие баланса → `auto-pause` работает мгновенно (защита Лидерры от перерасхода).
-- `delete` / `change_source` — защищено существующим `SupplierSnapshotGuard` (grace до 21:00 МСК + 24h хвост).
-- Frozen tenant ↔ unfrozen tenant — переход подчиняется тому же правилу: эффект со следующего slepok'а; если freeze случился **до 18:00 МСК** дня N, проект не попадает в slepok №NЛ, и сегодняшние лиды по slepok №(N-1)П всё ещё могут лететь до 20:59 МСК (закрывается дополнительно фильтром `frozen_by_balance_at IS NULL` в `LeadRouter`).
-
-**Отдельно подтверждено заказчиком (ответ OPEN-2, 26.05.2026):** «emergency-кнопка» для немедленного включения проекта **не нужна** — она бы шла против бизнес-инварианта и снова создала бы разрыв между нашим snapshot'ом и слепком поставщика. Resume в любое время = эффект со следующего slepok'а.
-
----
-
-## §3. Текущее состояние (что есть)
-
-См. аудит сессии `135a4adf` 26.05.2026. Краткое резюме здесь:
-
-- [SupplierSnapshotGuard.php](app/app/Services/Project/SupplierSnapshotGuard.php) — закрывает только delete/change_source, через `paused_at` grace.
-- [SyncSupplierProjectsJob.php](app/app/Jobs/Supplier/SyncSupplierProjectsJob.php) — 18:05 МСК push поставщику (после 18:00 МСК `BalancePreflightSweepJob` фильтрует frozen).
-- [LeadRouter.php](app/app/Services/LeadRouter.php) — SELECT по live `projects.*`, фильтр `is_active`, `delivery_days_mask`, `delivered_today`, `daily_limit_target`, `tenant.balance_rub > 0 OR tenant.balance_leads > 0`. Не фильтрует `frozen_by_balance_at`, не фильтрует `preflight_blocked_at`.
-- [RouteSupplierLeadJob.php](app/app/Jobs/RouteSupplierLeadJob.php) — `lockForUpdate(Project)`, recheck `delivered_today >= limit`. Не recheck'ает `is_active`. На `InsufficientBalanceException` → мгновенный `UPDATE projects SET is_active=false`.
-- [CleanupInactiveSupplierProjectsJob.php](app/app/Jobs/Supplier/CleanupInactiveSupplierProjectsJob.php) — 02:00 МСК через legacy FK `supplier_b{1,2,3}_project_id`. **Дефект R-16.**
-- `SupplierExportMode` = `online` на проде (debug-режим, заказчик ограничил жизненный цикл первыми 10-15 клиентами).
-- На проде = main `0902de96` + scp-патчи из `feat/billing-v2-spec-c` (HEAD `f0269534`).
-
----
-
-## §4. Решение по этапам
-
-### §4.1 Этап 1 — стабилизация прод-state (≈ 0.5–1 рабочий день, 0 архитектурных правок)
-
-Цель: убрать рассинхрон git ↔ прод и закрыть точечные дефекты, которые не требуют новой архитектуры.
-
-#### §4.1.1 Merge `feat/billing-v2-spec-c` в `main`
-
-Сейчас на проде = main + scp-патчи из spec-c. Следующий `redeploy.sh` через `git pull` затрёт ручные scp, если ветка не влита. Действие:
-
-1. Rebase `feat/billing-v2-spec-c` на текущий `origin/main` (свежий замер 26.05 поздний вечер: **14 коммитов forward** на ветке + **50+ коммитов backward** на main).
-2. Резолв конфликтов — главные в:
-   - `LeadRouter.php` (DIRECT path добавился в main).
-   - `RouteSupplierLeadJob.php` (Phase 3 parsing + Phase 2 CSV merge + `0da72778` FK fix — **сохранить!**).
-   - `Project.php` (`paused_at` в main, отсутствует в spec-c).
-   - `Tenant.php` (`frozen_by_balance_at` в spec-c).
-   - `ProjectService.php` (Snapshot Guard в main, `c84272c5c` врезка в delete/update).
-3. **Особое внимание Phase 2 FK fix `0da72778`** — он защищает от `lead_charges_deal_id_deal_received_at_fkey` violation при merge CSV-recovered deal'а с webhook. Не теряем этот фикс при rebase.
-4. Полный `composer test --parallel` + `npm run test:vue` после merge. Регресс должен оставаться зелёным **до** правок R-16/R-14 — иначе откатываемся.
-5. PR в main, merge через FF после успешного регресса.
-6. Документация: ПИЛОТ.md обновить — пометить «прод теперь = main HEAD после merge». [project_billing_v2.md](memory) пометить «Spec C влит в main, scp-патчи больше не нужны».
-7. **Не делать redeploy** до окончания этапа 1 — следующий деплой = после правок R-16 / R-14, чтобы избежать множественных деплоев подряд.
-
-#### §4.1.2 R-12 — подготовка к DROP COLUMN `balance_leads`
-
-Файл: [LeadRouter.php:65-66, 95-97](app/app/Services/LeadRouter.php).
-
-Текущий SQL:
-
-```sql
-AND EXISTS (
-    SELECT 1 FROM tenants
-    WHERE tenants.id = projects.tenant_id
-      AND (tenants.balance_leads > 0 OR tenants.balance_rub > 0)
-)
-```
-
-Изменить на:
-
-```sql
-AND EXISTS (
-    SELECT 1 FROM tenants
-    WHERE tenants.id = projects.tenant_id
-      AND tenants.balance_rub > 0
-)
-```
-
-Должно быть выкачено **до** Spec B Phase B (`DROP COLUMN balance_leads`).
-
-Тест: добавить feature-test в [tests/Feature/LeadRouterTest.php](app/tests/Feature) — сценарий «тенант с balance_leads=999 balance_rub=0 → проект НЕ eligible».
-
-#### §4.1.3 R-14 — проверить и зафиксировать версию `RouteSupplierLeadJob` на проде
-
-Действие:
-
-1. SSH на прод, `cat /var/www/liderra/app/app/Jobs/RouteSupplierLeadJob.php | grep -A2 "parseProjectField"`.
-2. Если версия с `throw RuntimeException` (spec-c) — заменить на main-версию через `redeploy.sh` после §4.1.1 merge.
-3. Smoke: отправить тестовый webhook с `project='lkomega.ru'` (без B-префикса) — должен получить platform='DIRECT', НЕ упасть с retry-штормом.
-
-#### §4.1.4 R-16 — Cleanup на pivot вместо legacy FK
-
-Файл: [CleanupInactiveSupplierProjectsJob.php Phase A+B subquery](app/app/Jobs/Supplier/CleanupInactiveSupplierProjectsJob.php).
-
-Заменить:
-
-```sql
-SELECT DISTINCT id FROM (
-    SELECT supplier_b1_project_id AS id FROM projects WHERE is_active=true AND supplier_b1_project_id IS NOT NULL
-    UNION SELECT supplier_b2_project_id FROM projects WHERE is_active=true AND supplier_b2_project_id IS NOT NULL
-    UNION SELECT supplier_b3_project_id FROM projects WHERE is_active=true AND supplier_b3_project_id IS NOT NULL
-) AS active_supplier_ids
-```
-
-На:
-
-```sql
-SELECT DISTINCT psl.supplier_project_id AS id
-FROM project_supplier_links psl
-INNER JOIN projects p ON p.id = psl.project_id
-WHERE p.is_active = true
-```
-
-Тесты:
-
-- existing-pivot, нет legacy FK → supplier_project не помечается inactive.
-- legacy FK заполнен (старый проект), пустой pivot → также не помечается (потому что legacy FK на проде уже почти везде null после Plan 3 migration; нужно проверить вручную через Boost MCP).
-
-#### §4.1.5 Acceptance Этапа 1
-
-- ✅ main = прод (никакого git-drift).
-- ✅ `LeadRouter` готов к DROP `balance_leads`.
-- ✅ DIRECT path работает (R-14 закрыт).
-- ✅ Cleanup на pivot.
-- ✅ Полный регресс зелёный.
-
-### §4.2 Этап 2 — собственный slepok (≈ 3-5 дней, главная архитектурная работа)
-
-#### §4.2.1 Новая таблица `project_routing_snapshots`
-
-Хранит фиксированное состояние каждого `is_active` проекта на каждый рабочий день.
-
-```sql
-CREATE TABLE project_routing_snapshots (
-    id              BIGSERIAL,
-    snapshot_date   DATE        NOT NULL,
-    project_id      BIGINT      NOT NULL,
-    tenant_id       BIGINT      NOT NULL,
-    daily_limit     INT         NOT NULL CHECK (daily_limit >= 0),
-    delivery_days_mask INT      NOT NULL CHECK (delivery_days_mask BETWEEN 0 AND 127),
-    regions         INT[]       NOT NULL DEFAULT '{}',
-    signal_type     TEXT        NOT NULL,
-    signal_identifier TEXT,
-    sms_senders     JSONB,
-    sms_keyword     TEXT,
-    expected_volume INT         NOT NULL CHECK (expected_volume >= 0),
-    -- бизнес-наблюдение (заполняется в течение дня)
-    delivered_count INT         NOT NULL DEFAULT 0 CHECK (delivered_count >= 0),
-    created_at      TIMESTAMP   NOT NULL DEFAULT NOW(),
-    PRIMARY KEY (snapshot_date, project_id),
-    -- ↑ композитный PK обеспечивает идемпотентность + индекс роутера на snapshot_date
-    FOREIGN KEY (tenant_id) REFERENCES tenants(id) ON DELETE CASCADE
-    -- NB: НЕ ссылаемся на projects(id) — проект может быть удалён,
-    --     а snapshot должен пережить (хвост слепка ещё летит).
-);
-CREATE INDEX project_routing_snapshots_tenant_date_idx
-    ON project_routing_snapshots (tenant_id, snapshot_date);
-CREATE INDEX project_routing_snapshots_signal_idx
-    ON project_routing_snapshots (snapshot_date, signal_type, lower(signal_identifier));
-```
-
-**RLS:**
-
-```sql
-ALTER TABLE project_routing_snapshots ENABLE ROW LEVEL SECURITY;
-CREATE POLICY project_routing_snapshots_tenant_isolation
-    ON project_routing_snapshots
-    USING (tenant_id = current_setting('app.current_tenant_id', true)::bigint);
-GRANT SELECT, INSERT, UPDATE ON project_routing_snapshots TO crm_app_user;
-GRANT SELECT, INSERT, UPDATE, DELETE ON project_routing_snapshots TO crm_supplier_worker;
-GRANT USAGE, SELECT ON SEQUENCE project_routing_snapshots_id_seq TO crm_supplier_worker;
-```
-
-**Retention:** snapshots старше 90 дней удаляются партиционным cleanup-ом (если таблица большая) или WHERE-DELETE раз в неделю. На этапе 2 — простая partitioning по `snapshot_date` (PARTITION BY RANGE).
-
-#### §4.2.2 Cron `SnapshotProjectRoutingJob` @ 18:00 МСК
-
-Создаёт slepok №NЛ для дня N+1 — **синхронно с cut-off'ом клиента** (18:00 МСК), за 3 часа до фиксации slepok'а №NП поставщиком (21:00 МСК). 3-часовое окно — на push поставщику через `SyncSupplierProjectsJob`.
-
-**Порядок cron'ов в 18:00 МСК (важно — зависимость):**
-
-1. `billing:preflight-sweep` — обновляет `tenants.frozen_by_balance_at`.
-2. `SnapshotProjectRoutingJob` — создаёт snapshot, читая актуальный frozen-статус.
-3. `SyncSupplierProjectsJob` (в 18:05 МСК) — пушит поставщику ровно то, что в snapshot'е.
-
-```php
-namespace App\Jobs;
-
-final class SnapshotProjectRoutingJob implements ShouldQueue {
-    use Dispatchable, Queueable, InteractsWithQueue, SerializesModels;
-
-    public const DB_CONNECTION = 'pgsql_supplier'; // BYPASSRLS
-
-    public function handle(): void {
-        // Создаём slepok №NЛ на завтрашний день N+1. Cron запускается в N.18:00 МСК.
-        $snapshotDate = Carbon::tomorrow('Europe/Moscow')->toDateString();
-        $weekdayBit = 1 << (Carbon::tomorrow('Europe/Moscow')->isoWeekday() - 1);
-
-        DB::connection(self::DB_CONNECTION)->transaction(function () use ($snapshotDate, $weekdayBit) {
-            // Идемпотентность: если уже есть snapshot за эту дату — пропускаем.
-            $exists = DB::connection(self::DB_CONNECTION)
-                ->table('project_routing_snapshots')
-                ->where('snapshot_date', $snapshotDate)
-                ->exists();
-            if ($exists) {
-                Log::info('snapshot.already_exists', ['date' => $snapshotDate]);
-                return;
-            }
-
-            // Eligible: is_active=true + рабочий день в маске + tenant не frozen + проект не blocked.
-            // ВНИМАНИЕ: для расчёта expected_volume используем формулу LeadDistributor:
-            //   на каждом источнике (signal_type, identifier) сумма expected_volume у всех
-            //   шерящих клиентов = order группы (max(max_limit, ceil(Σ/3))) × 3 (CAP)
-            //   распределяется по числу шерящих, пропорционально daily_limit.
-            // Это даст preflight'у корректный «реальный требуемый capacity per tenant»
-            // (закрывает R-19).
-
-            $eligibleSql = <<<SQL
-                INSERT INTO project_routing_snapshots (
-                    snapshot_date, project_id, tenant_id,
-                    daily_limit, delivery_days_mask, regions,
-                    signal_type, signal_identifier, sms_senders, sms_keyword,
-                    expected_volume
-                )
-                SELECT
-                    ?::date AS snapshot_date,
-                    p.id, p.tenant_id,
-                    COALESCE(p.effective_daily_limit_today, p.daily_limit_target),
-                    p.delivery_days_mask,
-                    p.regions,
-                    p.signal_type, p.signal_identifier, p.sms_senders, p.sms_keyword,
-                    -- expected_volume: распределяем order группы пропорционально лимитам
-                    -- (см. §4.4.4 R-19 — реальная formula тут)
-                    COALESCE(p.effective_daily_limit_today, p.daily_limit_target) AS expected_volume
-                    -- TODO Этап 4: заменить на share-aware формулу
-                FROM projects p
-                INNER JOIN tenants t ON t.id = p.tenant_id
-                WHERE p.is_active = true
-                  AND (p.delivery_days_mask & ?::int) <> 0
-                  AND p.preflight_blocked_at IS NULL
-                  AND t.frozen_by_balance_at IS NULL
-                  AND t.deleted_at IS NULL
-            SQL;
-
-            $count = DB::connection(self::DB_CONNECTION)
-                ->insert($eligibleSql, [$snapshotDate, $weekdayBit]);
-
-            Log::info('snapshot.created', [
-                'date' => $snapshotDate,
-                'rows' => $count,
-            ]);
-        });
-    }
-}
-```
-
-**Регистрация в `routes/console.php`:**
-
-```php
-// §4.2.2: snapshot настроек проектов на завтра (cut-off клиента Лидерры).
-// Запускается в 18:02 МСК — ПОСЛЕ billing:preflight-sweep (18:00) чтобы
-// успеть подхватить актуальный tenants.frozen_by_balance_at, и ДО
-// SyncSupplierProjectsJob (18:05) чтобы тот пушил поставщику ровно snapshot.
-Schedule::job(new \App\Jobs\SnapshotProjectRoutingJob)
-    ->dailyAt('18:02')
-    ->timezone('Europe/Moscow')
-    ->onSuccess(fn () => $hb->recordRunResult('SnapshotProjectRoutingJob', true, null, null))
-    ->onFailure(fn () => $hb->recordRunResult('SnapshotProjectRoutingJob', false, 'Job failed', null));
-```
-
-**NB:** Зависимости по timing:
-
-- `billing:preflight-sweep` (18:00 МСК) — выставляет `frozen_by_balance_at`.
-- `SnapshotProjectRoutingJob` (18:02 МСК) — читает frozen + создаёт snapshot.
-- `SyncSupplierProjectsJob` (18:05 МСК) — пушит поставщику.
-
-Между ними 2-5 минут запаса. Если первые два не успеют — третий запустится с устаревшим состоянием. На практике sweep отрабатывает за секунды (≤200 тенантов), snapshot тоже секунды (≤2000 активных проектов). Запас достаточный.
-
-**Fail-loud механизм при отсутствии snapshot.** Если `SnapshotProjectRoutingJob` упал и snapshot за активную дату отсутствует — `LeadRouter::matchEligibleProjects` вернёт 0 проектов на КАЖДЫЙ входящий лид. Это **катастрофа молча**: весь трафик в простой. Защитные слои:
-
-1. **Heartbeat alarm.** `SchedulerHeartbeatTracker::recordRunResult('SnapshotProjectRoutingJob', false, ...)` уже подключён (см. `routes/console.php`). Если cron упал → запись `false`. Cron `scheduler:check-heartbeats` (каждый час) поднимет инцидент через `IncidentsLog`.
-2. **Routing guard в `LeadRouter`** — при возврате `Collection`-empty логировать `Log::error('lead_router.no_snapshot_for_date', ['date' => $activeDate, 'supplier_project_id' => $sp->id])`. По существующему cron `incidents:watch-failures` (каждые 10 мин, порог 200) — если за 10 мин 200+ таких записей, поднимается отдельный инцидент high severity.
-3. **Ручной recovery.** Артизан-команда `php artisan snapshot:rebuild --date=YYYY-MM-DD` — пересоздаёт snapshot из live `projects` по требованию (для одноразового восстановления). NB: rebuild не воспроизводит «правильное» состояние момента 18:02 МСК — он берёт live на момент запуска; это known-tradeoff между «промолчать» и «маршрутизировать по приближению».
-
-**Не делаем fallback на live `projects` в самом роутере** — это нарушит бизнес-инвариант (правки сегодня влияют на сегодня). Лучше явный простой + алёрт + ручной rebuild, чем тихая регрессия к старому поведению.
-
-#### §4.2.3 Изменения `LeadRouter::matchEligibleProjects`
-
-Файл: [LeadRouter.php](app/app/Services/LeadRouter.php).
-
-**До:**
-
-```sql
-SELECT DISTINCT ON (projects.tenant_id) projects.*
-FROM projects
-WHERE EXISTS (SELECT 1 FROM project_supplier_links psl ...)
-  AND projects.is_active = true
-  AND (projects.delivery_days_mask & ?) <> 0
-  AND projects.delivered_today < COALESCE(projects.effective_daily_limit_today, projects.daily_limit_target)
-  AND EXISTS (SELECT 1 FROM tenants WHERE tenants.id = projects.tenant_id AND tenants.balance_rub > 0)
-ORDER BY ...
-```
-
-**После:**
-
-Выбор активного `snapshot_date` зависит от времени в МСК (по канону §0):
-
-- Если сейчас **< 21:00 МСК** — активен slepok, сделанный **вчера в 18:00 МСК** (с датой=сегодня).
-- Если сейчас **≥ 21:00 МСК** — активен slepok, сделанный **сегодня в 18:00 МСК** (с датой=завтра).
-
-```sql
-WITH active_slepok_date AS (
-    SELECT
-        CASE
-            WHEN EXTRACT(HOUR FROM (NOW() AT TIME ZONE 'Europe/Moscow')) >= 21
-                THEN ((NOW() AT TIME ZONE 'Europe/Moscow')::date + INTERVAL '1 day')::date
-            ELSE (NOW() AT TIME ZONE 'Europe/Moscow')::date
-        END AS d
-)
-SELECT DISTINCT ON (snap.tenant_id)
-    projects.*,
-    snap.daily_limit AS effective_daily_limit_snapshot
-FROM project_routing_snapshots snap
-INNER JOIN projects ON projects.id = snap.project_id
-WHERE snap.snapshot_date = (SELECT d FROM active_slepok_date)
-  AND EXISTS (
-      SELECT 1 FROM project_supplier_links psl
-      WHERE psl.project_id = snap.project_id
-        AND psl.supplier_project_id = ?
-  )
-  AND projects.delivered_today < snap.daily_limit
-  -- баланс ЖИВОЙ (защита auto-pause, не slepok):
-  AND EXISTS (
-      SELECT 1 FROM tenants
-      WHERE tenants.id = snap.tenant_id
-        AND tenants.balance_rub > 0
-        AND tenants.frozen_by_balance_at IS NULL  -- ← Этап 3 R-03
-  )
-ORDER BY snap.tenant_id,
-         (snap.daily_limit - projects.delivered_today) DESC,
-         projects.created_at,
-         projects.id
-```
-
-Ключевые изменения:
-
-1. JOIN с `project_routing_snapshots` по **активному slepok_date** (CTE учитывает 21:00 МСК границу) — лимит, дни, регионы берутся **из снимка**.
-2. `is_active=true` фильтр **снят** — snapshot уже содержит только активные на момент 18:00 МСК.
-3. `delivery_days_mask & todayBit` фильтр **снят** — snapshot уже содержит только проекты с маской на день N+1.
-4. `regions` — теперь читается из snapshot для соответствия региона (TODO: уточнить логику matching в Этап 2 task 4).
-5. `delivered_today` — остаётся live (это инкремент в реальном времени, не slepok-поле). NB: cron `projects:reset-delivered-today` в 00:00 МСК сейчас обнуляет `delivered_today` — это совместимо со схемой slepok'а: окно 21:00–24:00 МСК работает по новому snapshot (на завтра), но `delivered_today` ещё накоплен от сегодня; после 00:00 МСК счётчик обнулён, и продолжает считать по тому же snapshot. **TODO Этап 2 task 5:** перенести счётчик `delivered_count` в сам snapshot (см. поле `delivered_count` в §4.2.1) и убрать live `projects.delivered_today`.
-6. Баланс остаётся live + добавлен `frozen_by_balance_at IS NULL` (Этап 3).
-
-#### §4.2.4 Изменения `RouteSupplierLeadJob::createDealCopyForProject`
-
-Файл: [RouteSupplierLeadJob.php:212-386](app/app/Jobs/RouteSupplierLeadJob.php).
-
-Изменения:
-
-1. **`lockForUpdate` recheck** теперь смотрит на snapshot:
-
-   ```php
-   $snapshot = DB::connection('pgsql_supplier')
-       ->table('project_routing_snapshots')
-       ->where('snapshot_date', Carbon::today('Europe/Moscow')->toDateString())
-       ->where('project_id', $project->id)
-       ->lockForUpdate()
-       ->first();
-   if ($snapshot === null) {
-       Log::info('supplier_lead.no_snapshot_skipped', ['project_id' => $project->id]);
-       return false;
-   }
-   $effectiveLimit = (int) $snapshot->daily_limit;
-   if ($lockedProject->delivered_today >= $effectiveLimit) {
-       // ... existing limit-exceeded log + return false
-   }
-   ```
-
-2. **R-09 fix:** добавить recheck `is_active` под lockForUpdate(Project):
-
-   ```php
-   if (!$lockedProject->is_active) {
-       Log::info('supplier_lead.project_paused_under_lock', [...]);
-       return false;
-   }
-   ```
-
-   (NB: это уже не «slepok»-поле — это live, мы его всё ещё recheck'аем потому что paused между matchEligible и lock — реальный race, защищаем от двойной обработки.)
-
-3. **Инкремент `delivered_count` в snapshot:**
-
-   ```php
-   // Используем АКТИВНЫЙ snapshot_date (та же логика, что в LeadRouter CTE active_slepok_date).
-   // Иначе в окне 21:00-24:00 МСК счётчик уезжает в today, а матчинг идёт по today+1 —
-   // разойдутся за вечер.
-   $msk = Carbon::now('Europe/Moscow');
-   $activeSnapshotDate = $msk->hour >= 21
-       ? $msk->copy()->addDay()->toDateString()
-       : $msk->toDateString();
-
-   DB::connection('pgsql_supplier')
-       ->table('project_routing_snapshots')
-       ->where('snapshot_date', $activeSnapshotDate)
-       ->where('project_id', $project->id)
-       ->increment('delivered_count');
-   ```
-
-   NB: `increment()` в Laravel генерирует `UPDATE ... SET col = col + 1 WHERE ...` — атомарная PG-операция, lockForUpdate не нужен.
-
-#### §4.2.4b Изменения `SyncSupplierProjectsJob` (ночной push поставщику)
-
-Файл: [SyncSupplierProjectsJob.php:83-91](app/app/Jobs/Supplier/SyncSupplierProjectsJob.php).
-
-**Проблема (без правки):** `collectEligibleProjects()` читает live `Project::on(...)->where('is_active', true)...`. Cron запускается в 18:05 МСК — через ~3 минуты после `SnapshotProjectRoutingJob` (18:02). В окне 18:02→18:05 клиент может успеть нажать «пауза» через UI; live state будет отличаться от только что зафиксированного snapshot'а. Поставщик получит push **не равный** нашему slepok'у на следующий день — разрыв.
-
-**Решение:** после Этапа 2 `SyncSupplierProjectsJob` читает **из snapshot'а на завтра**, а не из live `projects`. Гарантия: то, что в snapshot, то и пушим поставщику.
-
-```php
-// До (live):
-$projects = Project::on(self::DB_CONNECTION)
-    ->where('is_active', true)
-    ->orderBy('id')
-    ->get();
-
-// После (читаем из snapshot, который SnapshotProjectRoutingJob создал в 18:02):
-$tomorrow = Carbon::tomorrow('Europe/Moscow')->toDateString();
-$projects = DB::connection(self::DB_CONNECTION)
-    ->table('project_routing_snapshots AS snap')
-    ->join('projects', 'projects.id', '=', 'snap.project_id')
-    ->where('snap.snapshot_date', $tomorrow)
-    ->select('projects.*', 'snap.daily_limit AS snapshot_daily_limit',
-             'snap.regions AS snapshot_regions',
-             'snap.delivery_days_mask AS snapshot_days_mask')
-    ->orderBy('projects.id')
-    ->get();
-// NB: в группировке (§4.2.4b.2) используем snapshot_* поля, не live projects.*.
-```
-
-В `syncGroup()` (line 187) и `computeOrder()` параметрах — заменить `$p->daily_limit_target` на `$p->snapshot_daily_limit`, `$p->delivery_days_mask` на `$p->snapshot_days_mask`, `$p->regions` на `$p->snapshot_regions`.
-
-**Что не меняется:**
-
-- `BalancePreflightSweepJob` (18:00) — она пишет `frozen_by_balance_at` ПЕРЕД snapshot'ом, и `SnapshotProjectRoutingJob` уже отфильтрует frozen-проекты (см. §4.2.2 SQL). Поэтому SyncSupplierProjectsJob получит из snapshot ровно non-frozen non-blocked проекты — фильтр Spec C `collectEligibleProjects` становится **избыточным**, но оставляем его как defence-in-depth.
-
-**Что меняется в `SyncSupplierProjectJob` (single-project online edit):** ничего. Online edit — это «передать поставщику изменения после 18:00 МСК» — это **не часть нашего snapshot'а**, это отдельный канал доставки изменений. Online edit пушит live состояние сейчас; поставщик может (или нет) учесть. Snapshot на день N+1 уже зафиксирован в snapshot table — изменение применится только к slepok'у на день N+2 (по `appliesFrom`).
-
-#### §4.2.5 Расширение `SupplierSnapshotGuard`
-
-Файл: [SupplierSnapshotGuard.php](app/app/Services/Project/SupplierSnapshotGuard.php).
-
-Сейчас защищает только `delete` / `change_source`. После этапа 2 защищает **все изменения, влияющие на slepok**:
-
-- `pause` (is_active → false).
-- `resume` (is_active → false → true).
-- `daily_limit_target` (любое изменение, не только уменьшение).
-- `delivery_days_mask`.
-- `regions`.
-
-**Не блокирует мгновенно**, а позволяет, но:
-
-1. Записывает изменение в `Project` (UI отражает «применится с послезавтра»).
-2. Slepok сегодняшнего дня не меняется (он зафиксирован вчера 21:00).
-3. Slepok завтрашнего дня (который будет создан сегодня 21:00) — учтёт изменение.
-
-**API change:**
-
-```php
-class SupplierSnapshotGuard {
-    /**
-     * Возвращает дату, с которой применится изменение настройки.
-     * NULL = немедленно (нет slepok-защиты, проект без pivot или live-only поле).
-     */
-    public function appliesFrom(Project $project, string $field): ?CarbonImmutable {
-        $hasLinks = DB::table('project_supplier_links')->where('project_id', $project->id)->exists();
-        if (!$hasLinks) {
-            return null;  // нет slepok'а у поставщика — нет grace
-        }
-        $isSlepokSensitive = in_array($field, [
-            'is_active', 'daily_limit_target', 'delivery_days_mask', 'regions',
-            'signal_identifier', 'sms_senders', 'sms_keyword',
-        ], true);
-        if (!$isSlepokSensitive) {
-            return null;
-        }
-        // Slepok начинает работать в 21:00 МСК (по канону §0), а не в 00:00 МСК следующего дня.
-        // Возвращаем точный момент активации, UI отобразит его клиенту.
-        $nowMsk = CarbonImmutable::now('Europe/Moscow');
-        $todayCutoff = $nowMsk->setTime(18, 0, 0);
-        if ($nowMsk->gte($todayCutoff)) {
-            // После 18:00 МСК дня N — правка попадёт в slepok №(N+1)Л (создан (N+1).18:00),
-            // активен с (N+1).21:00 МСК → applies = (N+1).21:00 МСК.
-            return $nowMsk->addDay()->setTime(21, 0, 0);
-        }
-        // До 18:00 МСК дня N — правка попадёт в slepok №NЛ (создан N.18:00),
-        // активен с N.21:00 МСК → applies = N.21:00 МСК.
-        return $nowMsk->setTime(21, 0, 0);
-    }
-}
-```
-
-**UX:**
-
-Front-end после сохранения настроек показывает сообщение:
-> «Сохранено. Изменения вступят в силу с {applies_date} 21:00 МСК.»
-
-- Правка до 18:00 МСК дня N → `applies_date == today` 21:00 МСК (сегодня вечером).
-- Правка после 18:00 МСК дня N → `applies_date == today + 1` 21:00 МСК (завтра вечером).
-
-Формат показа клиенту — на усмотрение UI (например, «Сегодня в 21:00» / «Завтра в 21:00» / «27 мая 21:00»).
-
-#### §4.2.6 Backfill для перехода на slepok
-
-Один раз при выкатке Этапа 2:
-
-- Создать `php artisan snapshot:backfill --date=today` — создаёт snapshot за **сегодня** (текущий день) из live состояния проектов. Это нужно, чтобы роутер не остался без snapshot между deploy и первым cron **18:02 МСК**.
-- Cron **18:02 МСК** создаст snapshot за завтра.
-- Дальше — естественный ход.
-
-#### §4.2.7 Acceptance Этапа 2
-
-- ✅ `project_routing_snapshots` существует на проде с RLS.
-- ✅ Cron **18:02 МСК** (`SnapshotProjectRoutingJob`) работает, есть запись heartbeat.
-- ✅ `LeadRouter` читает из snapshot для всех eligibility-полей кроме баланса.
-- ✅ `RouteSupplierLeadJob` recheck'ает snapshot под lock + `is_active`.
-- ✅ `SupplierSnapshotGuard.appliesFrom` отвечает корректно для всех 6 slepok-sensitive полей.
-- ✅ UI показывает «изменения вступят в силу с DD.MM».
-- ✅ Backfill отработал, snapshot за текущий день существует.
-- ✅ Pest тесты на R-01, R-06, R-07, R-08, R-10, R-15 — закрыты с воспроизведением сценария и проверкой что фикс работает.
-
-### §4.3 Этап 3 — фильтр frozen + блок в роутере + sync paused_at (≈ 1 день)
-
-#### §4.3.1 R-03 — фильтр `frozen_by_balance_at`
-
-Уже включён в SQL `LeadRouter` (Этап 2 §4.2.3). Доп. проверка: убедиться, что `LedgerService::chargeForDelivery` тоже не пройдёт для frozen tenant'а.
-
-Файл: [LedgerService.php:51-70](app/app/Services/Billing/LedgerService.php). Перед `bcmath` проверкой добавить:
-
-```php
-if ($lockedTenant->frozen_by_balance_at !== null) {
-    throw new InsufficientBalanceException(
-        priceKopecks: $priceKopecks,
-        balanceRub: (string) $lockedTenant->balance_rub,
-    );
-}
-```
-
-Это даст ту же auto-pause семантику для frozen — лид не уйдёт, проект пометится `is_active=false`.
-
-#### §4.3.2 R-13 — `BalancePreflightSweepJob` синхронизирует `paused_at`
-
-Файл: `BalancePreflightSweepJob.php` (spec-c).
-
-При переходе active → frozen:
-
-```php
-$tenant->frozen_by_balance_at = now();
-$tenant->save();
-// Новое: пометить все проекты тенанта paused_at = NOW(), чтобы Snapshot Guard работал.
-DB::connection('pgsql_supplier')->table('projects')
-    ->where('tenant_id', $tenant->id)
-    ->whereNull('paused_at')
-    ->update(['paused_at' => now()]);
-```
-
-При переходе frozen → active:
-
-```php
-$tenant->frozen_by_balance_at = null;
-$tenant->save();
-// Откатить paused_at тенанта, чтобы Snapshot Guard перестал блокировать.
-// NB: только проекты, у которых paused_at <= frozen_at — иначе можем сбросить ручную паузу клиента.
-DB::connection('pgsql_supplier')->table('projects')
-    ->where('tenant_id', $tenant->id)
-    ->where('paused_at', '<=', $tenant->frozen_by_balance_at_was) // captured before save
-    ->update(['paused_at' => null]);
-```
-
-#### §4.3.3 Acceptance Этапа 3
-
-- ✅ Frozen tenant НЕ получает лиды (роутер фильтрует + LedgerService rejects).
-- ✅ Frozen tenant защищён Snapshot Guard от удаления / change_source.
-- ✅ Unfreeze откатывает `paused_at` корректно.
-- ✅ Pest тесты на R-03, R-13.
-
-### §4.4 Этап 4 — корректные расчёты (≈ 2 дня)
-
-#### §4.4.1 R-17 — унификация `buildUniqueKey` ↔ `buildUniqueKeyAgnostic`
-
-Файл: [SupplierProjectGrouping.php](app/app/Services/Supplier/SupplierProjectGrouping.php).
-
-Удалить platform-specific метод `buildUniqueKey($project, $platform)`. Везде использовать `buildUniqueKeyAgnostic($project)`.
-
-**Миграция данных** (одноразовая artisan-команда `php artisan supplier:rekey-orphans`):
-
-- Найти все `supplier_projects` с `signal_type='sms'` и `unique_key=sender` (без keyword), для которых существует проект Лидерры с `sms_keyword != NULL`.
-- Если для того же tenant'а уже есть `supplier_project` с `unique_key=sender+keyword` — старый row помечается dead, через `DeleteSupplierProjectJob` чистится у поставщика.
-- Если не существует — UPDATE `unique_key = sender+keyword`.
-
-Тест: сценарий R-17 в Pest.
-
-#### §4.4.2 R-18 — фиксированная target_date в online sync
-
-Файл: [SyncSupplierProjectJob.php:141 handleOnline](app/app/Jobs/SyncSupplierProjectJob.php#L141).
-
-Изменить:
-
-```php
-// Было:
-$targetWeekday = Carbon::tomorrow('Europe/Moscow')->isoWeekday();
-
-// Стало (более явная семантика — после 21:00 МСК уже работает завтрашний slepok, target = послезавтра):
-$msk = CarbonImmutable::now('Europe/Moscow');
-$targetDate = $msk->hour >= 21
-    ? $msk->addDays(2)->startOfDay()
-    : $msk->addDay()->startOfDay();
-$targetWeekday = $targetDate->isoWeekday();
-```
-
-То есть граница 00:00 МСК больше не дёргает `target_date` (она дёргает её в 21:00 МСК, что совпадает с моментом фиксации нашего slepok'а).
-
-Тест: фиктивный clock на 23:59:59 МСК понедельника → target = вторник. На 00:00:01 МСК вторника → target = вторник (тот же, не среда). На 21:00:01 МСК вторника → target = четверг.
-
-#### §4.4.3 R-19 — share-aware формула в `requiredLeadsForTomorrow`
-
-Файл: [Tenant.php](app/app/Models/Tenant.php) (spec-c).
-
-Текущая:
-
-```php
-public function requiredLeadsForTomorrow(): int {
-    return (int) $this->projects()
-        ->where('is_active', true)
-        ->sum('daily_limit_target');
-}
-```
-
-Новая — учитывает шеринг:
-
-```php
-public function requiredLeadsForTomorrow(): int {
-    // Для каждого активного проекта тенанта: ожидаемый объём = его доля от order группы.
-    // Формула:
-    //   group_order = max(max(group_limits), ceil(Σ group_limits / 3))
-    //   tenant_share = group_order × (tenant_limit / Σ group_limits)
-    // Слабее, чем daily_limit_target, если в группе ≥ 2 других клиентов.
-
-    $projects = $this->projects()->where('is_active', true)->get();
-    if ($projects->isEmpty()) {
-        return 0;
-    }
-
-    $total = 0;
-    foreach ($projects as $p) {
-        $groupLimits = DB::connection('pgsql_supplier')
-            ->table('projects')
-            ->where('is_active', true)
-            ->where('signal_type', $p->signal_type)
-            ->where(function ($q) use ($p) {
-                // Тот же agnostic identifier
-                if (in_array($p->signal_type, ['site', 'call'], true)) {
-                    $q->where('signal_identifier', $p->signal_identifier);
-                } else {
-                    // sms — упрощённо, sender первый
-                    $q->whereJsonContains('sms_senders', (string) ($p->sms_senders[0] ?? ''));
-                    if ($p->sms_keyword !== null && $p->sms_keyword !== '') {
-                        $q->where('sms_keyword', $p->sms_keyword);
-                    } else {
-                        $q->whereNull('sms_keyword');
-                    }
-                }
-            })
-            ->pluck('daily_limit_target')
-            ->all();
-
-        $sum = (int) array_sum(array_map('intval', $groupLimits));
-        $max = (int) max($groupLimits);
-        $groupOrder = max($max, (int) ceil($sum / 3));
-
-        if ($sum > 0) {
-            $share = (int) ceil($groupOrder * ((int) $p->daily_limit_target / $sum));
-            $total += $share;
-        }
-    }
-    return $total;
-}
-```
-
-Тест: один источник, 3 шерящих клиента по 10 лимит → groupOrder=10, share per клиент = 10/3 ≈ 4. Старая формула давала 10. Закрывает overcharge preflight'а.
-
-#### §4.4.4 R-05 + R-02 — CSV reconcile рефактор
-
-Файл: [CsvReconcileJob.php](app/app/Jobs/Supplier/CsvReconcileJob.php).
-
-Сейчас drift = `(missing - unparseable) / parseable_total`. Считает webhook-loss.
-
-Новый drift (per snapshot_date, per tenant):
-
-```sql
--- расхождение между "ожидали по snapshot" и "доставили в реальности"
-SELECT
-    snap.snapshot_date,
-    snap.tenant_id,
-    SUM(snap.expected_volume) AS expected,
-    SUM(snap.delivered_count) AS delivered,
-    CASE WHEN SUM(snap.expected_volume) > 0
-         THEN (SUM(snap.expected_volume) - SUM(snap.delivered_count))::float / SUM(snap.expected_volume)
-         ELSE 0 END AS shortfall_ratio
-FROM project_routing_snapshots snap
-WHERE snap.snapshot_date BETWEEN ? AND ?
-GROUP BY snap.snapshot_date, snap.tenant_id
-HAVING ... shortfall > threshold ...
-```
-
-Алёрт если shortfall > 20% (порог обсуждаем). Email = `tenant_business_drift_alert` — отдельно от webhook-loss CsvDriftAlertMail.
-
-Старый webhook-loss check остаётся — он тоже нужен (R-05.1: лид прилетел, мы webhook'а не получили). Новый — поверх (R-05.2: лид прилетел, мы доставили не тому/никому).
-
-#### §4.4.5 Acceptance Этапа 4
-
-- ✅ `buildUniqueKey` удалён, везде `buildUniqueKeyAgnostic`.
-- ✅ Миграция R-17 отработала на проде, dead rows у поставщика почищены.
-- ✅ `target_date` в online sync не скачет на границе 00:00 МСК.
-- ✅ Preflight для шерящихся клиентов не overcharges (R-19).
-- ✅ CSV reconcile подсвечивает business-drift, а не только webhook-loss.
-- ✅ Pest тесты на R-17, R-18, R-19.
-
-### §4.5 Этап 5 — переключение online → batch (≈ 1 час + неделя наблюдения)
-
-#### §4.5.1 Когда
-
-После стабильной работы Этапов 1-4 на 10-15 клиентах в течение минимум 1 недели **без P0 инцидентов**. Решение принимает заказчик.
-
-#### §4.5.2 Как
-
-```sql
-UPDATE system_settings
-SET value = 'batch'
-WHERE key = 'supplier_export_mode';
-```
-
-Все остальные механизмы (`BalancePreflightSweepJob::dispatchSupplierSyncIfOnline`, `SyncSupplierProjectJob::handle`, и т.д.) автоматически переходят на batch path. Никаких изменений в коде.
-
-#### §4.5.3 Что меняется для пользователя
-
-- Изменения настроек больше не «летят моментально» поставщику.
-- UI продолжает показывать «применится с DD.MM» — теперь это работает **через ночной batch 18:05 МСК**, а не через моментальный online sync.
-- Семантика для клиента: «вечером 18:05 МСК закрывается окно правок на завтрашний день».
-
-#### §4.5.4 Acceptance Этапа 5
-
-- ✅ `supplier_export_mode = 'batch'` на проде.
-- ✅ 7 дней нет P0 инцидентов.
-- ✅ Memory `project_billing_v2.md` и `project_slepok_protection.md` обновлены («целевой режим достигнут»).
-
----
-
-## §5. Схема БД (полная сводка)
-
-### §5.1 Новые таблицы
-
-- `project_routing_snapshots` (см. §4.2.1).
-
-### §5.2 Новые колонки
-
-- Никаких (используем существующие `tenants.frozen_by_balance_at`, `projects.preflight_blocked_at`, `projects.paused_at`).
-
-### §5.3 Удаляемые колонки (после Этапа 1 §4.1.2)
-
-- `tenants.balance_leads` (через Spec B Phase B — не наш scope).
-
-### §5.4 Индексы
-
-- `project_routing_snapshots(snapshot_date, project_id)` PK.
-- `project_routing_snapshots(tenant_id, snapshot_date)`.
-- `project_routing_snapshots(snapshot_date, signal_type, lower(signal_identifier))`.
-
-### §5.5 RLS
-
-- `project_routing_snapshots` — стандартная `tenant_isolation` policy. См. §4.2.1.
-
-### §5.6 Партиционирование
-
-- `project_routing_snapshots` по `snapshot_date` (RANGE per month) — последовательно с существующими partitioned-таблицами (`deals`, `supplier_lead_costs`).
-- Retention 90 дней через `partitions:drop-expired` cron (уже существует).
-
----
-
-## §6. Изменения в коде по файлам
-
-| Файл | Изменение | Этап |
-|---|---|---|
-| `app/app/Services/LeadRouter.php` | SQL переписан на JOIN со snapshot, фильтр frozen | §4.2.3, §4.3.1 |
-| `app/app/Jobs/RouteSupplierLeadJob.php` | recheck snapshot, recheck is_active под lock | §4.2.4 |
-| `app/app/Jobs/SnapshotProjectRoutingJob.php` | новый файл | §4.2.2 |
-| `app/app/Services/Project/SupplierSnapshotGuard.php` | расширен на pause/limit/regions/days, `appliesFrom()` API | §4.2.5 |
-| `app/app/Services/Project/ProjectService.php` | вызов `SupplierSnapshotGuard::appliesFrom` для всех slepok-полей | §4.2.5 |
-| `app/app/Jobs/Billing/BalancePreflightSweepJob.php` | sync `paused_at` при freeze/unfreeze | §4.3.2 |
-| `app/app/Services/Billing/LedgerService.php` | reject frozen tenant в `chargeForDelivery` | §4.3.1 |
-| `app/app/Jobs/Supplier/CleanupInactiveSupplierProjectsJob.php` | subquery через pivot | §4.1.4 |
-| `app/app/Services/Supplier/SupplierProjectGrouping.php` | удалить platform-specific `buildUniqueKey` | §4.4.1 |
-| `app/app/Jobs/SyncSupplierProjectJob.php` | fixed `target_date` (R-18) | §4.4.2 |
-| `app/app/Models/Tenant.php` | share-aware `requiredLeadsForTomorrow` | §4.4.3 |
-| `app/app/Jobs/Supplier/CsvReconcileJob.php` | + business-drift проверка | §4.4.4 |
-| `app/app/Jobs/Supplier/SyncSupplierProjectsJob.php` | **читает из snapshot** (snapshot_date=tomorrow), а не live `projects` — для гарантии идемпотентности с нашим slepok | §4.2 (новый §4.2.4b) |
-| `app/routes/console.php` | + `SnapshotProjectRoutingJob` @ **18:02 МСК** (между 18:00 sweep и 18:05 sync) | §4.2.2 |
-| `app/resources/js/.../ProjectFormDialog.vue` (UI) | сообщение «применится с DD.MM» | §4.2.5 |
-
----
-
-## §7. Тестирование
-
-### §7.1 Unit
-
-- `SupplierSnapshotGuard::appliesFrom` — 6 полей × 2 окна (до 21:00 / после).
-- `Tenant::requiredLeadsForTomorrow` — 4 сценария (один проект / шеринг 2 / шеринг 3 / Σ=0).
-- `SnapshotProjectRoutingJob` — идемпотентность, фильтры (frozen/blocked/paused/inactive day).
-
-### §7.2 Feature (Pest)
-
-Полный список сценариев из risk-map'а:
-
-- **R-01 closure:** snapshot @ 21:00 → клиент paus'нул в 11:00 следующего дня → роутер берёт snapshot, клиент **получает** свои лиды до конца дня. Pause применяется только к следующему snapshot.
-- **R-02 closure:** Лидерра по snapshot роутит к А; A paus'нул сегодня → завтрашний snapshot не включает A → лиды завтра не уходят шерящим вместо A.
-- **R-03 closure:** frozen tenant — роутер фильтрует + LedgerService rejects + Snapshot Guard защищает удаление.
-- **R-04 closure:** auto-pause всё ещё работает (live `is_active=false` под lock), но снимок дня уже закрыт — хвост слепка летит **только** до момента auto-pause; завтрашний snapshot уже без проекта.
-- **R-05 closure:** CSV reconcile подсвечивает business-drift, не только webhook-loss.
-- **R-06..R-08 closure:** изменения limit/days/regions не влияют на сегодняшний роутер, попадают в следующий snapshot.
-- **R-09 closure:** lock recheck `is_active` — paused под lock пропускается.
-- **R-10 closure:** Snapshot Guard расширен на change_source через `appliesFrom`.
-- **R-15 closure:** create в 22:00 → следующий snapshot 21:00 МСК следующего дня → effect на день+1 предсказуем; UI сообщает.
-- **R-16/R-17/R-18/R-19 closure:** unit + feature по §4.4.
-
-### §7.3 Integration
-
-- Полный цикл: snapshot create → 100 webhook лидов через сутки → проверить delivered_count в snapshot = sum(deals) для tenant'а.
-- Race-тест: 10 concurrent webhook + 5 concurrent project updates → no double charges, no missed leads.
-
-### §7.4 Регресс
-
-- `composer test --parallel`: все Pest должны быть зелёные.
-- `npm run test:vue`: Vitest зелёный.
-- `php artisan migrate:fresh --seed --env=testing` + smoke full webhook → deal цепочка.
-
----
-
-## §8. Миграция / Rollout
-
-### §8.1 Порядок
-
-1. **Этап 1** — самостоятельный PR, влить в main, deploy.
-2. **Этап 2** — отдельный PR с миграциями, бэкфилл-командой, deploy в час малой нагрузки (например, ночь субботы 03:00 МСК).
-   - Backfill `php artisan snapshot:backfill --date=today` сразу после deploy.
-   - Регресс мониторинг 24h: snapshot за след. день создаётся в **18:02 МСК**, роутер работает корректно.
-3. **Этап 3** — отдельный PR. Frozen-фильтр + paused_at sync.
-4. **Этап 4** — отдельный PR. Корректные расчёты + миграция R-17 dead rows.
-5. **Этап 5** — манипуляция в БД (`UPDATE system_settings`).
-
-### §8.2 Rollback
-
-- **Этап 2:** `LeadRouter` фоллбек на live (через feature flag `system_settings.routing_use_snapshot = false`). Backfill snapshot остаётся как dead data, retention 90 дней вытрет.
-- **Этап 3:** убрать `frozen_by_balance_at IS NULL` фильтр.
-- **Этап 4:** R-17 миграция нерверсивна (orphans удалены). R-18/R-19 ревёрсятся git-revert.
-
-### §8.3 Feature flag
-
-`system_settings.routing_use_snapshot` = `true` (default) | `false`.
-
-При `false` — `LeadRouter` ходит по старому SQL (live). Это даёт оперативный rollback Этапа 2 без deploy. После 30 дней стабильности — feature flag удалить.
-
----
-
-## §9. Открытые вопросы
-
-### §9.1 OPEN-1 — ✅ ЗАКРЫТО (заказчик 26.05.2026)
-
-> «С 21:00 поставщик строго работает только по завтрашнему слепку.»
-
-В роутере: до 21:00 МСК — snapshot c `snapshot_date = today`; после 21:00 МСК — snapshot c `snapshot_date = today + 1`. Реализовано через CTE `active_slepok_date` в SQL (§4.2.3).
-
-### §9.2 OPEN-2 — ✅ ЗАКРЫТО (заказчик 26.05.2026)
-
-> «Если клиент 26.05.26 в 23:00 нажмёт возобновить проект, то он получит свои сделки и мы свои лиды в рамках слепков №2Л и №2П — в период с 27.05.26 21:00 по 28.05.26 20:59.»
-
-Resume в любое время = эффект со следующего slepok'а. «Emergency-unpause» не реализуется (нарушит инвариант). UI должен явно показывать клиенту дату вступления изменений в силу через `SupplierSnapshotGuard::appliesFrom()`.
-
-### §9.3 OPEN-3. Backfill стратегия при множестве клиентов (не критично)
-
-На 10-15 клиентов backfill snapshot — <1сек. На 1000+ клиентов — пересмотр потребуется. На текущем масштабе откладываем; вернёмся при росте.
-
-### §9.4 OPEN-4. Удаление snapshot при удалении tenant (не критично)
-
-`ON DELETE CASCADE FROM tenants` — если tenant удаляется (soft-delete не cascadit'ся, hard-delete cascadit'ся). Для soft-delete (что у нас стандарт) — snapshot остаётся, что окей. Очистка через retention 90 дней.
-
-### §9.5 OPEN-5 — ✅ ЗАКРЫТО вариантом A (заказчик 26.05.2026, ответ «в» = «не знаю, оставить пока»)
-
-`effective_daily_limit_today` — admin override «временный лимит только на сегодня».
-
-**Решение:** при `SnapshotProjectRoutingJob` create — если `effective_daily_limit_today IS NOT NULL`, использовать его как `daily_limit` в snapshot; иначе `daily_limit_target`. Cron `projects:reset-delivered-today` (00:00 МСК) дополнительно обнуляет `effective_daily_limit_today` (закрывает R-11 «override без TTL»).
-
-Если в будущем выяснится, что админ не пользуется этим полем — отдельной задачей удалить (`Spec C cleanup` или `Spec D`).
-
----
-
-## §10. Связано / Cross-refs
-
-- Аудит-сессия Claude Code `135a4adf-75a7-4c0b-b731-3aa7d57a73da` (26.05.2026) — 19 рисков, code-grounded findings. Memory `project_slepok_protection.md`.
-- [SupplierSnapshotGuard plan](docs/superpowers/plans/2026-05-26-supplier-snapshot-guard.md) — текущая защита delete/change_source (база для расширения).
-- [Spec C plan](docs/superpowers/plans/2026-05-24-billing-v2-spec-c-preflight-vtb.md) §3.10 — deferred item «отдать разморозившемуся через шеринг».
-- Memory `project_billing_v2.md` — решение online → batch.
-- [Pravila §4.7](docs/Pravila_raboty_Claude_v1_1.md) — структура спек/план.
-
----
-
-## §11. Оценка трудозатрат
-
-| Этап | Срок | Сложность | Риск |
-|---|---|---|---|
-| 1 | **0.5–1 день** | средняя | средний (rebase 14↔50+ коммитов + сохранить `0da72778`) |
-| 2 | 3-5 дней | **высокая** | средний (новая таблица + переключение роутера + UX) |
-| 3 | 1 день | средняя | низкий |
-| 4 | 2 дня | средняя | средний (миграция R-17 dead rows у поставщика) |
-| 5 | 1 час + неделя | низкая | низкий |
-| **Итого** | **~7.5–10 рабочих дней** | | |
-
-**Не верифицированы на проде (unfalsified assumptions, уточняются при реализации):**
-
-- R-11 — реальное использование `effective_daily_limit_today` (вариант A в спеке — сохраняем, потенциально удалить как Spec D cleanup если выяснится что не используется).
-- R-16 — пропорция legacy FK vs pivot в `projects` (это влияет на тест-кейсы §4.1.4, но не на саму правку — она безопасна в обоих случаях).
-- R-17 — число orphan SMS unique_keys без keyword (это влияет на размер артизан-команды миграции в §4.4.1).
-- R-19 — реальное распределение шерящих клиентов на источник (это влияет на пороги preflight'а в §4.4.3).
-
-SQL для верификации — см. session-id `135a4adf` (последняя turn'а — готовый блок). Может быть выполнено на этапе planning / pre-deploy в любой момент через SSH liderra.ru.
-
----
-
-## §12. Acceptance criteria (полный список)
-
-Закрыты все 19 рисков:
-
-- [x] R-01..R-04 — Этап 2.
-- [x] R-05 — Этап 4.4.4.
-- [x] R-06..R-08 — Этап 2.
-- [x] R-09 — Этап 2.4.
-- [x] R-10 — Этап 2.5.
-- [x] R-11 — Этап 9.5 OPEN-5 (решение в Этап 2).
-- [x] R-12 — Этап 1.2.
-- [x] R-13 — Этап 3.2.
-- [x] R-14 — Этап 1.3.
-- [x] R-15 — Этап 2 (UX-семантика).
-- [x] R-16 — Этап 1.4.
-- [x] R-17 — Этап 4.1.
-- [x] R-18 — Этап 4.2.
-- [x] R-19 — Этап 4.3.
-
-Бизнес-инвариант §2.3 выполняется (verified Pest + integration).
-
----
-
-**End of spec.**
diff --git a/docs/superpowers/specs/2026-05-29-lead-region-resolution-design.md b/docs/superpowers/specs/2026-05-29-lead-region-resolution-design.md
deleted file mode 100644
index 9c1bb75..0000000
--- a/docs/superpowers/specs/2026-05-29-lead-region-resolution-design.md
+++ /dev/null
@@ -1,1069 +0,0 @@
-# Spec: Lead Region Resolution via DaData + Россвязь
-
-**Версия:** v0.5 — 30.05.2026
-**Статус:** DRAFT READY (untracked, все вопросы закрыты после adversarial-review 30.05; готова к writing-plans фазе)
-**Заказчик:** Дмитрий
-**Связано:** [Plan 6 regions subject-level](2026-05-14-plan-6-regions-subject-level-design.md), [supplier-integration MVP](2026-05-10-supplier-integration-design.md), [project-migration redesign §4.4](2026-05-20-project-migration-redesign-design.md), [slepok routing protection](2026-05-26-slepok-routing-protection-design.md)
-
----
-
-## §0 Контекст (как есть на 30.05.2026, после adversarial-review)
-
-### Истинная бизнес-проблема (подтверждено заказчиком 30.05)
-
-Реальная проблема НЕ в том, что поставщик присылает неверный тег. Реальная проблема — **разные клиенты Лидерры используют один и тот же источник (сайт/телефон/SMS-отправитель) с разными региональными настройками**.
-
-Пример: сайт `example.com` используют 4 клиента — у Иванова проект на Москву, у Петрова на Питер, у Сидорова на Красноярский край, у Кузнецова «вся РФ». Поставщику мы не можем передать «отдельный supplier_project per региону клиента» — у поставщика unique_key один (`B1_example.com`), один supplier_project. Поэтому при создании этого supplier_project в Лидерре мы **сами ставим тег `РФ`** (потому что выбрать «и Москва, и Питер, и Красноярск, и вся РФ» нельзя).
-
-Лид прилетает с тегом `РФ` (наш собственный тег, который мы себе сами поставили). Текущий `LeadRouter` берёт всех 4 клиентов как кандидатов на этот источник и через `DISTINCT ON tenant_id` отдаёт каждому копию (cap=3) — **без учёта региона лида**. В итоге Иванов (Москва) получает питерский лид, Петров (Питер) получает московский. Это и есть «всё разваливается».
-
-### Текущая модель в коде (зафиксировано через прямой code-walking)
-
-- **`deals.subject_code SMALLINT`** (1..89; NULL=вся РФ) пишется в [`RouteSupplierLeadJob::createDealCopyForProject`](../../../app/app/Jobs/RouteSupplierLeadJob.php#L405) из тега поставщика через [`RegionTagResolver`](../../../app/app/Services/RegionTagResolver.php) (`RussianRegions::nameToCode()[$tag]`).
-- **`LeadRouter::matchEligibleProjects`** ([LeadRouter.php](../../../app/app/Services/LeadRouter.php)) НЕ использует `subject_code` в WHERE. Матчит только по `signal_type+signal_identifier` (DIRECT) или `project_supplier_links` (B1/B2/B3). Регион клиента (`projects.regions INT[]`) есть в snapshot, но в SELECT не интерпретируется.
-- **`supplier_projects.subject_code`** — dead column. `SupplierProjectResolver::resolveOrStub` его не передаёт в `firstOrCreate`; все supplier_projects сейчас имеют `subject_code=NULL`. Schema готова к Plan 6.5 переходу, код пока нет.
-- **Plan 6 spec** ([2026-05-14-plan-6-regions-subject-level-design.md §1](2026-05-14-plan-6-regions-subject-level-design.md)) явно: «Рефакторинг LeadRouter — продолжает читать region_mask, переключение на regions[] отложено до Plan 6.5». Эта спека и есть Plan 6.5 — она впервые подключает subject-level фильтрацию к маршрутизатору.
-- **Один tenant — один проект на один источник.** Реализовано в [`ProjectService::assertSourceUnique`](../../../app/app/Services/Project/ProjectService.php#L454) (вызывается из `create` и `update`). Не в БД (только обычный INDEX, не UNIQUE), а на уровне сервиса.
-- **Один лимит на проект, независимо от количества регионов в проекте.** Регионы в проекте — это фильтр входящих, а не разные «корзины» с разными лимитами.
-
-### Что было раньше: phone-prefix маршрутизация (DEPRECATED)
-
-[`PhonePrefixService`](../../../app/app/Services/PhonePrefixService.php) исторически фильтровал лиды по битмаске 8 федеральных округов (`projects.region_mask`). Снят с маршрутизации в эпике миграции проектов:
-
-> «Регион сопоставляется самим supplier_project (тег = субъект) — phone-prefix фильтр убран: для мобильных он no-op, а регион гарантирован тем, через какой supplier_project пришёл лид.»
-
-В комментарии `PhonePrefixService` явно: *«Полный справочник Минсвязи DEF-codes (40K+ строк) — отложен на Plan 5 / future.»* Эта спека и есть та самая «future».
-
-### Масштаб
-
-До **30 000 лидов/день** через `RouteSupplierLeadJob`. Канал webhook + резервный канал CSV-recovery (`CsvReconcileJob`).
-
-### Что есть для верификации
-
-Поле `supplier_leads.phone` (тип TEXT, формат 11 цифр с лидирующей `7` — гарантировано регэкспом `/^7\d{10}$/` в [`SupplierWebhookController`](../../../app/app/Http/Controllers/Api/SupplierWebhookController.php#L87)). Телефон — независимый сигнал, не контролируемый поставщиком. Резолв phone → region и phone → оператор делается через DaData (внешний REST-API) и локальный реестр Россвязи как fallback.
-
----
-
-## §1 Цели и не-цели
-
-### Цели
-
-1. **Резолвить `subject_code` лида по телефону** независимо от тега поставщика (DaData → Россвязь → tag-fallback).
-2. **Сохранять оператора связи** (DaData `provider`, с учётом MNP) — для будущих сервисов Лидерры (рассылки, звонки, аналитика по операторам). Текущая логика не использует, но поле обязательно с момента запуска.
-3. **Правка `LeadRouter`** (Plan 6.5 в рамках этой спеки): использовать `resolved_subject_code` лида + `projects.regions[]` клиента для каскадной фильтрации кандидатов-tenants.
-4. **Каскад маршрутизации**:
-   - Шаг 1 — клиенты с точным совпадением региона
-   - Шаг 2 — клиенты с «вся РФ» (regions=[])
-   - Шаг 3 — запасной канал: лид с регионом, на который никто не подписан, всё равно отдаётся (любой клиент с этим источником и остатком лимита) с подменой региона в карточке на один из выбранных клиентом
-5. **Не терять лиды.** Запасной канал (шаг 3) гарантирует доставку — мы заплатили поставщику за этот лид, не можем выбрасывать.
-6. **Никогда не показывать клиенту «не его регион»** в карточке сделки. В сделке всегда subject_code из списка regions проекта клиента. Настоящий резолвенный регион хранится отдельно, во внутреннем журнале — для аналитики и спора с поставщиком.
-7. **Идемпотентность по бюджету DaData** — один телефон = один DaData call в окне 30 дней (кэш sha256(phone)).
-8. **Аудит каждого решения** (`lead_region_resolution_log`) — для разбора жалоб и наблюдения за качеством поставщика.
-
-### Не-цели (out of scope этой спеки)
-
-- **GeoIP по IP клиента** — отдельная задача, требует payload-расширения от поставщика.
-- **SMS-подтверждение региона** — ломает конверсию.
-- **Backfill старых лидов** задним числом — отдельная джоба после MVP.
-- **Поддержка иностранных номеров** — DaData помечает `qc=7`, оставляем `subject_code=NULL`.
-- **Удаление `RegionTagResolver` / `raw_payload['tag']`** — после 1-2 мес мониторинга, отдельная спека.
-- **Удаление `PhonePrefixService` / `projects.region_mask`** — отдельный Plan 6.5 cleanup.
-- **Гармонизация `supplier_projects.subject_code` с phone-резолвом** — за рамками; нам достаточно, что это dead column.
-- **Передача клиенту настоящего региона лида** (когда регион не совпал с его настройками) — клиент видит только подменённый из своего списка regions. Внутренний журнал для нас, не для клиента.
-
----
-
-## §2 Бизнес-инварианты (зафиксированы заказчиком 30.05)
-
-### И-1. Резолв региона по телефону
-
-Для каждого `SupplierLead.phone`:
-
-```
-1. DaData clean/phone — если уверенный ответ И регион не в ambiguous-list →
-   берём region+provider → resolved_subject_code
-2. Россвязь по def-коду — берём region → resolved_subject_code,
-   provider оставляем из DaData если она ответила (с MNP), иначе из Россвязи
-3. tag-fallback (RegionTagResolver) — как сейчас, provider=NULL
-```
-
-Лид никогда не остаётся без попытки определить регион.
-
-### И-2. Оператор всегда от DaData
-
-DaData учитывает MNP (перенос номера между операторами). Заказчик подтвердил (30.05): **оператор нужен актуальный** (для будущих сервисов рассылок/звонков). Поэтому даже когда регион берём из Россвязи (ambiguous-list или qc=1), DaData всё равно дёргаем — ради `provider`.
-
-Исключение: при `qc=2` (мусор), `qc=7` (иностранец) или DaData недоступен — provider = NULL.
-
-### И-3. Один телефон = один DaData call в окне 30 дней
-
-Кэш `sha256("phone-region:" + phone)` хранит `RegionResolution` DTO (subject_code, provider, qc, region_source). TTL 30 дней. Срок выбран заказчиком (30.05) как баланс между экономией бюджета (~80% cache-hit ожидаемо) и актуальностью оператора при MNP (за 30 дней оператор успевает обновиться).
-
-### И-4. Каскад маршрутизации (правка `LeadRouter`)
-
-Для каждого лида с `resolved_subject_code = X`, источник = S, кандидаты — все клиенты, у которых есть проект с источником S:
-
-```
-Шаг 1. Точное совпадение
-  Среди кандидатов выбираем тех, у кого проект имеет X в массиве regions.
-  Сортируем по остатку лимита (delivered_today vs daily_limit) DESC.
-  Берём до cap=3.
-
-Шаг 2. «Вся РФ»
-  Если набралось <3 — добираем кандидатов с проектами regions=[]
-  (пустой массив = принимает любой регион). Сортируем так же.
-
-Шаг 3. Запасной канал
-  Если шаги 1+2 дали 0 кандидатов — берём любых кандидатов
-  с этим источником и остатком лимита. Сортируем так же. До cap=3.
-  В сделках этих клиентов subject_code подменяем на один из его regions
-  (первый по порядку — выбор не критичен, лимит общий на проект).
-  region_substituted=TRUE, actual_subject_code=X (настоящий) — в журнал.
-```
-
-### И-5. Никогда не выбрасываем лид
-
-Если на шаге 3 совсем никого нет (например, у всех кандидатов лимит исчерпан) — это валидное состояние «лид не доставлен сегодня», обрабатывается существующей логикой (failed_webhook_jobs + retry). Никаких новых path'ов.
-
-### И-6. Клиент видит регион только из своих настроек
-
-`deals.subject_code` для клиента всегда либо настоящий резолвенный регион (если клиент подписан на него — шаги 1+2), либо один из выбранных клиентом регионов (шаг 3). **Никогда** «не его регион». Настоящий регион — в нашем внутреннем `lead_region_resolution_log.actual_subject_code`.
-
-### И-7. Биллинг как обычно
-
-Списываем с клиента полную цену по pricing_tier за каждую копию лида, в том числе на шаге 3. Заказчик подтвердил (30.05): убыток от выбрасывания > риск жалобы клиента на «не свой регион».
-
-### И-8. CSV-merge — обновляем регион если новый источник лучше
-
-При merge CSV-recovered deal с догнавшим webhook'ом (24h окно по phone+project+tenant) — обновляем `deals.subject_code` если новый `region_source` имеет более высокий ранг:
-
-```
-dadata > rossvyaz > tag > unknown
-```
-
-Также обновляем `deals.phone_operator` если был NULL/устаревший.
-
----
-
-## §3 Архитектура
-
-### 3.1 Новые компоненты
-
-```
-app/Services/
-├── LeadRegionResolver.php          ← новый главный сервис
-├── DaData/
-│   ├── DaDataPhoneClient.php       ← HTTP-клиент REST API
-│   ├── DaDataPhoneResponse.php     ← value object (DTO ответа)
-│   └── DaDataQualityCode.php       ← enum для qc-значений
-└── RossvyazPrefixLookup.php        ← локальный матчер префикса
-```
-
-```
-app/Console/Commands/
-└── PhoneRangesImportCommand.php    ← cron-импорт реестра Россвязи
-```
-
-```
-database/migrations/
-└── <timestamp>_create_phone_ranges_and_resolution_log.php
-```
-
-### 3.2 Точка вставки в `RouteSupplierLeadJob`
-
-**Сейчас** ([`RouteSupplierLeadJob.php:154`](../../../app/app/Jobs/RouteSupplierLeadJob.php#L154)):
-
-```php
-$subjectCode = $tagResolver->resolve((string) ($lead->raw_payload['tag'] ?? ''));
-```
-
-**Становится:**
-
-```php
-$resolution = $leadRegionResolver->resolve($lead);
-$subjectCode = $resolution->subjectCode;
-// + persist $resolution в lead_region_resolution_log
-```
-
-`LeadRegionResolver` инжектится через DI рядом с `$tagResolver` (тот сохраняется как deprecated dependency для fallback внутри resolver'а).
-
-### 3.3 `LeadRegionResolver` — алгоритм
-
-```
-function resolve(SupplierLead $lead): RegionResolution
-{
-    // 0. Защита от мусора
-    if (!isValidRuPhone($lead->phone)) {
-        return RegionResolution::fromTag($lead, source: 'tag');
-    }
-
-    // 1. Кэш (sha256(phone), TTL 30 дней)
-    $cached = $cache->get($this->cacheKey($lead->phone));
-    if ($cached !== null) {
-        return $cached->withLeadId($lead->id);
-    }
-
-    // 2. DaData
-    if ($this->budgetGuard->canSpend()) {
-        try {
-            $dadata = $this->dadataClient->cleanPhone($lead->phone);
-
-            if (in_array($dadata->qc, [0, 3], true)) {
-                $subjectCode = $this->mapRegionNameToCode($dadata->region);
-                if ($subjectCode !== null) {
-                    return $this->finalize($lead, $subjectCode, 'dadata', $dadata);
-                }
-                // qc=0, но регион не маппится в наш справочник — логируем,
-                // идём в Россвязь как страховку (мини-вероятность спорного маппинга).
-                $this->logUnmappableDadataRegion($lead, $dadata);
-            } elseif ($dadata->qc !== 1) {
-                // qc=2 (мусор) или qc=7 (иностранец) → DaData не помог;
-                // на Россвязь идти бессмысленно, сразу tag-fallback.
-                return $this->finalize($lead, null, 'tag', $dadata);
-            }
-            // qc=1 → DaData не уверен, идём в Россвязь.
-        } catch (DaDataException | DaDataTimeoutException $e) {
-            // Сеть/таймаут/превышен лимит — деградируем на Россвязь, не падаем.
-            $this->logDadataFailure($lead, $e);
-        }
-    }
-
-    // 3. Россвязь
-    $rossvyaz = $this->rossvyazLookup->find($lead->phone);
-    if ($rossvyaz !== null) {
-        $subjectCode = $this->mapRegionNameToCode($rossvyaz->region);
-        if ($subjectCode !== null) {
-            return $this->finalize($lead, $subjectCode, 'rossvyaz', $rossvyaz);
-        }
-    }
-
-    // 4. Tag-fallback (текущая логика)
-    return $this->finalize(
-        $lead,
-        $this->tagResolver->resolve((string) ($lead->raw_payload['tag'] ?? '')),
-        'tag',
-        null,
-    );
-}
-```
-
-### 3.4 Решающее правило по DaData `qc`
-
-| `qc` | Что значит | Действие |
-|---|---|---|
-| `0` | Российский, распознан уверенно | если `region` ∉ ambiguous-list (§3.4.1) → берём, source=`dadata`; иначе → шаг 3 Россвязь |
-| `3` | Несколько номеров, взят первый | то же правило + флаг `dadata_multiple` в логе |
-| `1` | Распознан с допущениями | → шаг 3 Россвязь |
-| `2` | Пустой/некорректный | → шаг 4 tag-fallback (Россвязь тоже не поможет) |
-| `7` | Иностранный | → шаг 4 tag-fallback (наш справочник по РФ) |
-| таймаут/ошибка | DaData недоступен | → шаг 3 Россвязь (страховка) |
-| qc=0 + region=NULL | мобильный без региональной привязки (фед.) | → шаг 3 Россвязь (Q6/Q7 решение) |
-
-`qc_conflict` — не используем; DaData сравнивает телефон с адресом, который мы не передаём.
-
-### 3.4.1 Ambiguous-list — DaData всё равно дёргаем (ради оператора), но регион берём из Россвязи
-
-DaData по мобильным префиксам, охватывающим **город + область** одной агломерации, отдаёт **объединённую строку**. Подтверждённый пример: мобильный +7-911-... → `region: "Санкт-Петербург и область"`.
-
-У нас и у клиентов это **2 разных субъекта**: код 78 СПб и код 47 ЛО (аналогично 77 Москва и 50 МО).
-
-**Правило (обновлено 30.05 после ответа заказчика про оператора):** если DaData вернула `region ∈ ambiguous-list` — **`region` от DaData игнорируем**, идём в Россвязь по тому же телефону за точным регионом. Но **DaData call всё равно выполнен** — `provider` от DaData используем как актуального оператора (Россвязь не учитывает MNP).
-
-```php
-private const DADATA_AMBIGUOUS_REGIONS = [
-    'Санкт-Петербург и область',
-    'Москва и область',
-    // Расширяется по мере накопления данных на staging (см. §16 acceptance).
-];
-```
-
-**Поэтому отказались от ранее обсуждавшейся pre-DaData skip оптимизации** (когда мы хотели для префиксов 911/921/916/985 пропускать DaData полностью — экономия ~600 ₽/день). Теперь это невозможно: оператор от DaData нужен для 100% мобильных лидов. Экономии нет, точность оператора есть.
-
-**Open assumption (проверяется в staging-smoke §9.4):** Россвязь действительно различает эти 4 субъекта по subscriber-блоку внутри def-кода. Если для какого-то префикса реестр Россвязи даёт ту же объединённую запись (оператор зарегистрировал блок «на регион 78+47 общий») — fallback на tag.
-
-**NB:** До staging-прогона список ambiguous-регионов расширяется только после реального наблюдения. Возможные кандидаты (Севастополь+Крым) — проверим smoke'ом, не добавляем заранее.
-
-### 3.5 Маппинг DaData `region` → наш `subject_code`
-
-**Проблема:** DaData отдаёт строку типа `"Санкт-Петербург и область"`. У нас в [`RussianRegions`](../../../app/app/Support/RussianRegions.php) отдельно: код 78 «Санкт-Петербург» и код 47 «Ленинградская область». Прямого `nameToCode()[$dadataRegion]` не получится.
-
-**Решение:** новый Support-класс `DaDataRegionMap` (PHP-зеркало JSON-таблицы) с явными маппингами проблемных случаев. Для большинства регионов DaData отдаёт **ровно** официальное имя из ст. 65 КРФ (формат справочника DaData идентичен Россвязи), поэтому маппинг покроется в основном fallback'ом «если строка совпадает с `RussianRegions::nameToCode()` — берём; иначе lookup в `DaDataRegionMap::overrides`».
-
-Конкретный override-список — открытый вопрос, см. §12 Q1.
-
-### 3.6 `DaDataPhoneClient` — спецификация HTTP-вызова
-
-```
-POST https://cleaner.dadata.ru/api/v1/clean/phone
-Headers:
-  Content-Type: application/json
-  Accept: application/json
-  Authorization: Token <DADATA_API_KEY>
-  X-Secret: <DADATA_SECRET>
-Body: ["<phone>"]
-Timeout: 2000 ms (configurable via DADATA_TIMEOUT_MS)
-Retries: 1 (configurable; only на сетевые/5xx)
-```
-
-Ответ — массив с одним элементом (один номер → один объект). Парсится в `DaDataPhoneResponse` DTO:
-
-```php
-final class DaDataPhoneResponse
-{
-    public function __construct(
-        public readonly ?int $qc,
-        public readonly ?int $qcConflict,
-        public readonly ?string $type,        // "Мобильный" | "Стационарный" | …
-        public readonly ?string $phone,       // нормализованный
-        public readonly ?string $provider,    // оператор (после MNP)
-        public readonly ?string $region,      // имя субъекта
-        public readonly ?string $city,        // только для стационарных
-        public readonly ?string $timezone,
-        public readonly array $raw,           // полный сырой JSON
-    ) {}
-}
-```
-
-### 3.7 `RossvyazPrefixLookup` — алгоритм матчинга
-
-Реестр Россвязи: таблица `phone_ranges` с диапазонами `(def_code, from_num, to_num)` → `region`, `operator`.
-
-Алгоритм:
-
-```sql
-SELECT region, operator
-FROM phone_ranges
-WHERE def_code = $1
-  AND from_num <= $2
-  AND to_num >= $2
-ORDER BY (to_num - from_num) ASC   -- предпочтение более узкому диапазону
-LIMIT 1;
-```
-
-PHP-обёртка:
-
-```php
-public function find(string $phone): ?RossvyazRecord
-{
-    // phone = "7921555XXXX" → def_code=921, subscriber=5551234
-    $defCode = (int) substr($phone, 1, 3);
-    $subscriber = (int) substr($phone, 4);
-    // SQL выше.
-}
-```
-
-Производительность: индекс `(def_code, from_num, to_num)` btree — миллисекунды на запрос. Реестр ~600-800k строк (см. §6).
-
-### 3.8 Где не работает phone-резолвер
-
-- `qc=2` — мусор: пустой/невалидный/слишком короткий
-- `qc=7` — иностранец
-- Номер не начинается с `7` и не 11 цифр (валидация на входе ещё до DaData)
-- DaData недоступен И в Россвязи префикса нет
-
-Во всех этих случаях — fallback на tag, как сейчас.
-
-### 3.9 Каскадная маршрутизация (правка `LeadRouter` — Plan 6.5 в рамках спеки)
-
-**Сейчас** ([LeadRouter::matchEligibleProjects](../../../app/app/Services/LeadRouter.php#L54)) WHERE-блок не использует subject_code. Все клиенты с подходящим source-key проходят равноправно, сортировка только по остатку лимита.
-
-**После правки** — добавляем PHP-orchestration вокруг существующего SQL'я. Один SQL-запрос разбивается на три фазы по приоритету; PHP управляет добором кандидатов до cap=3.
-
-Псевдокод:
-
-```php
-public function matchEligibleProjects(
-    SupplierProject $supplierProject,
-    ?int $resolvedSubjectCode,   // НОВЫЙ параметр; NULL = резолвер не сработал
-): Collection {
-    $activeDate = $this->activeSnapshotDate();
-    $cap = 3;
-
-    // Шаг 1: точное совпадение региона
-    // (только если resolvedSubjectCode известен)
-    $exact = $resolvedSubjectCode !== null
-        ? $this->queryCandidates($activeDate, $supplierProject, regionFilter: 'exact', code: $resolvedSubjectCode, limit: $cap)
-        : collect();
-
-    if ($exact->count() >= $cap) {
-        return $exact->take($cap);
-    }
-
-    // Шаг 2: «вся РФ» (regions = '{}')
-    $allRu = $this->queryCandidates(
-        $activeDate, $supplierProject,
-        regionFilter: 'all_ru',
-        excludeTenantIds: $exact->pluck('tenant_id')->all(),
-        limit: $cap - $exact->count(),
-    );
-    $combined = $exact->concat($allRu);
-
-    if ($combined->count() > 0) {
-        // На шагах 1/2 нашлись кандидаты — шаг 3 не нужен.
-        return $combined->take($cap);
-    }
-
-    // Шаг 3: запасной канал (никто не подписан на этот регион и нет «вся РФ»)
-    // Берём всех с этим источником и остатком лимита, без фильтра по региону.
-    // Сделки в этих проектах получат подменённый subject_code (см. §3.10).
-    return $this->queryCandidates(
-        $activeDate, $supplierProject,
-        regionFilter: 'any',
-        limit: $cap,
-    );
-}
-```
-
-`queryCandidates(...)` — приватный метод, расширяет существующий SQL добавлением WHERE-фильтра по `snap.regions`:
-
-- `regionFilter='exact'` → `AND ?::int = ANY(snap.regions)`
-- `regionFilter='all_ru'` → `AND snap.regions = '{}'::int[]`
-- `regionFilter='any'` → без фильтра (как сейчас)
-
-DISTINCT ON (tenant_id) + сортировка по остатку лимита остаётся в SQL'е. PHP только склеивает результаты трёх фаз и обрезает по cap=3.
-
-`excludeTenantIds` — чтобы клиент, попавший в шаг 1, не попал ещё раз в шаг 2 (если у него есть и точный, и «вся РФ» проект — что невозможно по `assertSourceUnique`, но защищаемся явно).
-
-Возвращаемая Collection — каждый Project обёрнут с дополнительным полем `routing_step` (1/2/3) — RouteSupplierLeadJob использует это для решения о подмене региона в сделке (см. §3.10).
-
-### 3.11 Persistent idempotency и транзакционность persist'а
-
-**Где вызывается `resolve()`:** в `RouteSupplierLeadJob::handle()` **ДО** входа в DB::transaction циклов по проектам. Это важно — HTTP-вызов DaData (~150мс) не должен висеть внутри транзакции, иначе блокирует PgBouncer pool и lockForUpdate(Tenant).
-
-**Persist результата** (`supplier_leads` UPDATE + `lead_region_resolution_log` INSERT) делается атомарно в **одной короткой `DB::transaction()`** сразу после `resolve()`, до начала циклов по проектам.
-
-**Persistent idempotency** для retry-сценария (`tries=3`): в начале `resolve()` проверяется persistent state:
-
-```php
-if ($lead->resolved_subject_code !== null || $lead->region_source !== null) {
-    // Уже резолвили на предыдущем try — возвращаем без DaData call.
-    return RegionResolution::fromSupplierLead($lead);
-}
-```
-
-Это защищает от **двойной оплаты DaData** при Redis-restart (когда кэш потерян, но persistent state в БД остался).
-
-**Cache hit логируется:** даже при cache hit мы пишем строку в `lead_region_resolution_log` с `cache_hit=true`, `dadata_response_masked=NULL`. Это нужно для метрик `phone_resolution.source.*` — без логирования cache hit'ов аналитика покажет искажённое распределение источников.
-
-### 3.12 CSV-merge — обновление `subject_code` и `phone_operator` по рангу источника
-
-При merge CSV-recovered deal с догнавшим webhook'ом ([RouteSupplierLeadJob.php:340-369](../../../app/app/Jobs/RouteSupplierLeadJob.php#L340)):
-
-```php
-private const SOURCE_RANK = [
-    'dadata'   => 4,
-    'rossvyaz' => 3,
-    'tag'      => 2,
-    'unknown'  => 1,
-];
-
-// при merge
-if ($newResolution !== null && $existingMergeable->region_source !== null) {
-    $newRank = self::SOURCE_RANK[$newResolution->source] ?? 0;
-    $oldRank = self::SOURCE_RANK[$existingMergeable->region_source] ?? 0;
-
-    if ($newRank > $oldRank) {
-        $updateFields['subject_code'] = $newResolution->subjectCode;
-        $updateFields['phone_operator'] = $newResolution->phoneOperator;
-        $updateFields['region_source'] = $newResolution->source;
-    }
-}
-```
-
-Пример: CSV-recovered deal был с `region_source='tag'`, subject_code=99 (мусор из тега). Webhook через 30 мин дал DaData-результат subject_code=77, source='dadata'. Ранг dadata=4 > tag=2 → обновляем оба поля.
-
-Если оба источника одного ранга (например, оба dadata) — НЕ обновляем (consistency). Если новый источник хуже — НЕ обновляем (stability).
-
-**NB:** `deals.subject_code` обновляется на партиционированной таблице — обязательно включать `received_at` в WHERE для pruning'а партиций (см. [Deal::setKeysForSaveQuery](../../../app/app/Models/Deal.php#L93)). DB::table('deals')->where('id', ...)->where('received_at', $existing->received_at)->update(...) — паттерн из существующего merge-кода.
-
-### 3.13 Client-side rate-limit для DaData (защита от 429)
-
-DaData лимит: 20 RPS с одного IP. Наш пик — 1-2 RPS, но при burst-ретрансляции от поставщика (50 webhook'ов за секунду) можем упереться.
-
-**Решение:** Redis token bucket 18 RPS (запас 10%). Реализация — `RateLimiter::for('dadata-cleaner', ...)`. Когда bucket пуст: `Cache::lock('dadata-rps-wait')->block(seconds: 2)` — ждём свободный слот, либо если 2 сек не хватило, идём в Россвязь (бесплатна, ничего не теряем кроме оператора).
-
-Метрика `phone_resolution.dadata.rate_limited_count` — для дашборда.
-
-### 3.10 Подмена `subject_code` в сделке на шаге 3 запасного канала
-
-Когда `LeadRouter` вернул проекты с `routing_step=3`, в `RouteSupplierLeadJob::createDealCopyForProject` выбираем subject_code иначе:
-
-```php
-$dealSubjectCode = $project->routing_step < 3
-    ? $resolvedSubjectCode    // настоящий — клиент подписан или принимает всё
-    : $this->pickSubstituteRegion($project);
-
-$dealRegionSubstituted = $project->routing_step === 3;
-
-Deal::create([
-    ...,
-    'subject_code' => $dealSubjectCode,
-    'region_substituted' => $dealRegionSubstituted,
-]);
-```
-
-`pickSubstituteRegion($project)`:
-
-- если `$project->regions` пустой массив (проект «вся РФ» — но он бы попал в шаг 2, не 3 — оборонительный fallback) → `$resolvedSubjectCode` (нет смысла подменять, клиент принимает любой)
-- если `$project->regions` непустой → берём **первый по порядку** (`$project->regions[0]`). Выбор не критичен — у клиента один лимит на проект независимо от региона, регионы не имеют «своих» лимитов. Первый по порядку детерминирован для тестов.
-
-Подменённый regionвсегда остаётся в журнале как `region_substituted=true`, а настоящий `resolvedSubjectCode` — в `lead_region_resolution_log.actual_subject_code` для аналитики.
-
----
-
-## §4 Изменения схемы БД
-
-Новые таблицы и колонки — отдельная миграция, без правки существующих структур, чтобы минимизировать риск collision с параллельными ветками.
-
-### 4.1 `phone_ranges` — реестр Россвязи
-
-**SaaS-level (без RLS)**, реестр публичных данных.
-
-```sql
-CREATE TABLE phone_ranges (
-    id              BIGSERIAL PRIMARY KEY,
-    def_code        SMALLINT NOT NULL,        -- 3 цифры после 7: 495, 921, 916, …
-    from_num        BIGINT NOT NULL,          -- начало диапазона (7 цифр subscriber-части)
-    to_num          BIGINT NOT NULL,          -- конец включительно
-    operator        TEXT NOT NULL,            -- название оператора (как в реестре)
-    region          TEXT NOT NULL,            -- имя субъекта (как в реестре)
-    region_normalized TEXT,                   -- нормализованное к нашему справочнику, NULL если не сматчилось
-    subject_code    SMALLINT,                 -- 1..89 после маппинга к RussianRegions
-    imported_at     TIMESTAMPTZ NOT NULL,
-    import_id       BIGINT NOT NULL REFERENCES phone_ranges_imports(id),
-
-    CONSTRAINT chk_phone_ranges_def_code CHECK (def_code BETWEEN 300 AND 999),
-    CONSTRAINT chk_phone_ranges_subject_code CHECK (subject_code IS NULL OR subject_code BETWEEN 1 AND 89),
-    CONSTRAINT chk_phone_ranges_range_valid CHECK (from_num <= to_num)
-);
-
-CREATE INDEX idx_phone_ranges_lookup ON phone_ranges (def_code, from_num, to_num);
-COMMENT ON TABLE phone_ranges IS
-    'Реестр диапазонов нумерации Россвязи (rossvyaz.gov.ru). Локальный fallback для LeadRegionResolver. Обновляется ежемесячным cron-импортом.';
-```
-
-Грантирование: `crm_readonly` + `crm_supplier_worker` имеют SELECT. INSERT/UPDATE — только `crm_migrator` через импорт-команду.
-
-### 4.2 `phone_ranges_imports` — журнал импортов
-
-```sql
-CREATE TABLE phone_ranges_imports (
-    id              BIGSERIAL PRIMARY KEY,
-    imported_at     TIMESTAMPTZ NOT NULL DEFAULT NOW(),
-    source_url      TEXT NOT NULL,                -- URL XLSX-выписки или manual:<filename>
-    rows_inserted   INTEGER NOT NULL DEFAULT 0,
-    rows_updated    INTEGER NOT NULL DEFAULT 0,
-    checksum_sha256 TEXT NOT NULL,                -- хэш файла-источника для idempotency
-    status          TEXT NOT NULL DEFAULT 'in_progress'
-        CHECK (status IN ('in_progress', 'completed', 'failed', 'rolled_back')),
-    error           TEXT,
-    completed_at    TIMESTAMPTZ
-);
-```
-
-### 4.3 `lead_region_resolution_log` — аудит каждого резолва
-
-**SaaS-level**, секционирована по месяцу `received_at` (паттерн `activity_log` / `balance_transactions`).
-
-```sql
-CREATE TABLE lead_region_resolution_log (
-    id                  BIGSERIAL,
-    supplier_lead_id    BIGINT NOT NULL,                  -- FK на supplier_leads (без cascade — лид может быть удалён, лог остаётся для аналитики)
-    received_at         TIMESTAMPTZ NOT NULL,             -- partition key (= supplier_leads.received_at)
-    phone_masked        TEXT NOT NULL,                    -- "7921***5234" (первые 4 + последние 4, середина *)
-    subject_code_resolved   SMALLINT,                     -- что в итоге написали в deal
-    subject_code_from_tag   SMALLINT,                     -- что бы получили без новой логики (для A/B-аналитики)
-    region_source       TEXT NOT NULL                     -- 'dadata' | 'rossvyaz' | 'tag' | 'unknown'
-        CHECK (region_source IN ('dadata','rossvyaz','tag','unknown')),
-    dadata_qc           SMALLINT,                         -- NULL если до DaData не дошли
-    dadata_provider     TEXT,
-    dadata_type         TEXT,                             -- "Мобильный"/"Стационарный"/...
-    dadata_response_masked  JSONB,                        -- полный ответ DaData с маскированным phone
-    rossvyaz_matched    BOOLEAN NOT NULL DEFAULT FALSE,
-    resolved_at         TIMESTAMPTZ NOT NULL DEFAULT NOW(),
-    duration_ms         INTEGER,                          -- общая длительность resolve()
-
-    PRIMARY KEY (id, received_at)
-) PARTITION BY RANGE (received_at);
-
-CREATE INDEX idx_lrrl_lead_id ON lead_region_resolution_log (supplier_lead_id);
-CREATE INDEX idx_lrrl_received_at ON lead_region_resolution_log (received_at);
-CREATE INDEX idx_lrrl_source ON lead_region_resolution_log (region_source, received_at);
-```
-
-Создание партиций — через существующий [`MonthlyPartitionManager`](../../../app/app/Services/MonthlyPartitionManager.php) и cron `partitions:create-months`.
-
-### 4.4 Денормализация в `supplier_leads`
-
-Добавляем 4 inline-колонки для быстрого показа в карточке лида без JOIN на партиционированный лог + persistent idempotency для retry-сценария (§3.x):
-
-```sql
-ALTER TABLE supplier_leads
-  ADD COLUMN resolved_subject_code SMALLINT
-    CHECK (resolved_subject_code IS NULL OR resolved_subject_code BETWEEN 1 AND 89),
-  ADD COLUMN region_source TEXT
-    CHECK (region_source IN ('dadata','rossvyaz','tag','unknown')),
-  ADD COLUMN dadata_qc SMALLINT,
-  ADD COLUMN phone_operator TEXT;  -- актуальный оператор от DaData (с MNP)
-```
-
-Полная история (`dadata_response_masked`, `duration_ms`, `subject_code_from_tag`, `phone_masked`, `actual_subject_code`) остаётся в `lead_region_resolution_log`.
-
-### 4.5 Добавления в `deals`
-
-Для UI-карточки клиента и будущих сервисов рассылок/звонков (И-2):
-
-```sql
-ALTER TABLE deals
-  ADD COLUMN phone_operator TEXT,
-  ADD COLUMN region_substituted BOOLEAN NOT NULL DEFAULT FALSE;
-```
-
-- `phone_operator` — оператор от DaData (с MNP), для будущих сервисов. Заполняется в `RouteSupplierLeadJob::createDealCopyForProject` из `RegionResolution`.
-- `region_substituted` — флаг «регион в сделке подменён на один из regions клиента» (шаг 3 запасного канала). Клиент это **не видит** в UI; у нас используется в аналитике + для логики merge (см. §3.11 ниже).
-
-### 4.6 Дополнения в `lead_region_resolution_log`
-
-К полям из §4.3 добавляем:
-
-```sql
-ALTER TABLE lead_region_resolution_log
-  ADD COLUMN actual_subject_code SMALLINT       -- настоящий резолвенный регион
-    CHECK (actual_subject_code IS NULL OR actual_subject_code BETWEEN 1 AND 89),
-  ADD COLUMN substituted_subject_code SMALLINT  -- что подменили в сделке (если шаг 3)
-    CHECK (substituted_subject_code IS NULL OR substituted_subject_code BETWEEN 1 AND 89),
-  ADD COLUMN routing_step SMALLINT              -- 1=точное, 2=всяРФ, 3=запасной канал
-    CHECK (routing_step IS NULL OR routing_step BETWEEN 1 AND 3),
-  ADD COLUMN phone_operator TEXT,               -- от DaData
-  ADD COLUMN cache_hit BOOLEAN NOT NULL DEFAULT FALSE;
-```
-
-### 4.7 Не трогаем
-
-- `supplier_projects.subject_code` — dead column, не наша зона (Plan 6.5+ cleanup).
-- `projects.regions` (Plan 6) — потребитель `resolved_subject_code` через новый WHERE-фильтр, формат не меняется.
-- `projects.region_mask` (DEPRECATED) — без изменений.
-- Snapshot `project_routing_snapshots.regions` — уже содержит `projects.regions` (см. [SnapshotProjectRoutingJob.handle](../../../app/app/Jobs/SnapshotProjectRoutingJob.php#L55)), готов к нашему WHERE-фильтру.
-
----
-
-## §5 Конфигурация
-
-### 5.1 `.env` + YC Lockbox
-
-```env
-DADATA_API_KEY=<via YC Lockbox secret 'dadata-api-key'>
-DADATA_SECRET=<via YC Lockbox secret 'dadata-secret'>
-DADATA_TIMEOUT_MS=2000
-DADATA_RETRIES=1
-DADATA_DAILY_CAP_RUB=10000        # мягкий лимит, при превышении — skip DaData
-PHONE_REGION_CACHE_TTL_DAYS=30
-LEAD_REGION_RESOLVER_ENABLED=true # feature-flag для аварийного выключения
-```
-
-### 5.2 Feature-flag для постепенной раскатки
-
-`LEAD_REGION_RESOLVER_ENABLED=false` → `LeadRegionResolver::resolve()` сразу возвращает tag-fallback (то же, что текущее поведение). Включаем глобально после smoke на staging.
-
-### 5.3 Бюджет DaData
-
-`DaDataBudgetGuard` — отдельный сервис, читающий `phone_resolution.dadata.spent_today_kopecks` из Redis. При исчерпании дневного лимита `DADATA_DAILY_CAP_RUB` — `canSpend()` возвращает `false`, resolver сразу идёт в Россвязь.
-
-Накопление расхода — атомарный `INCRBY` после каждого успешного вызова DaData (~20 копеек = 20 единиц).
-
----
-
-## §6 Cron-импорт реестра Россвязи
-
-### 6.1 Источник
-
-[`rossvyaz.gov.ru/deyatelnost/resurs-numeracii/vypiska-iz-reestra-sistemy-i-plana-numeracii`](https://rossvyaz.gov.ru/deyatelnost/resurs-numeracii/vypiska-iz-reestra-sistemy-i-plana-numeracii)
-
-Выкладывают пакет CSV/XLSX по каждому коду DEF (~500-600 файлов; объём ~50 МБ).
-
-### 6.2 Команда
-
-```bash
-php artisan phone-ranges:import --url=<URL> [--force] [--dry-run]
-```
-
-Алгоритм:
-
-1. `wget` всех файлов реестра → `storage/app/rossvyaz/<imported_at>/`.
-2. Парсинг XLSX → нормализованные строки.
-3. Маппинг `region` → `subject_code` через `RussianRegions::nameToCode()`. Несматчившиеся — лог в `phone_ranges_imports.error`.
-4. `BEGIN; COPY → phone_ranges_staging; COMMIT;` — staging-таблица.
-5. Сверка checksum'а файлов с предыдущим импортом: если идентичен — `status='rolled_back'`, EXIT (idempotency).
-6. `BEGIN; RENAME phone_ranges → phone_ranges_old; RENAME phone_ranges_staging → phone_ranges; COMMIT;` — atomic swap.
-7. `phone_ranges_imports.status='completed'`, `completed_at=NOW()`.
-8. `phone_ranges_old` — удаляется только при следующем успешном импорте (т.е. всегда есть одна предыдущая версия для отката).
-
-### 6.3 Расписание
-
-Cron раз в месяц, 4-е число в 03:00 МСК (после месячного обновления реестра Россвязью):
-
-```bash
-# В config/scheduler.php или artisan-run workflow
-0 0 4 * * php artisan phone-ranges:import --url=https://rossvyaz.gov.ru/...
-```
-
-### 6.4 Ручной откат
-
-```bash
-php artisan phone-ranges:rollback   # swap phone_ranges ↔ phone_ranges_old
-```
-
----
-
-## §7 152-ФЗ и ПДн
-
-### 7.1 Маскирование телефона в логах
-
-- `lead_region_resolution_log.phone_masked` — формат `7XXX***YYYY` (первые 4 + последние 4 цифры).
-- `lead_region_resolution_log.dadata_response_masked` — JSON с маскированным `phone`/`source`. Маскирование — в коде PHP **до** INSERT, не через триггер.
-- Application-логи (`Log::info` и т.п.) — только `phone_masked`, никогда сырой номер.
-
-### 7.2 `pg_anonymizer`
-
-Для dev-дампов prod-БД настроены маски через `pg_anonymizer` ([setup](../../security/pgaudit-anonymizer-setup.md)). Добавить маски на:
-
-- `lead_region_resolution_log.phone_masked` — уже маскирован, но на всякий случай **truncate** (≤4 первых цифр).
-- `lead_region_resolution_log.dadata_response_masked` → `anon.partial_email` для `phone` поля? **Открытый вопрос Q5 §12.**
-
-### 7.3 Кэш
-
-Redis-кэш ключевания: `sha256("phone-region:" + phone)` — **без сырого номера в ключе**. Значение кэша — DTO `RegionResolution`, без `phone` (только `subjectCode`, `regionSource`, `qc`).
-
-### 7.4 Период хранения
-
-`lead_region_resolution_log` — храним всё (партиции по месяцу, после 365 дней — `DETACH` партиции и архив в S3 через существующий механизм `MonthlyPartitionManager`).
-
----
-
-## §8 Метрики и алерты
-
-### 8.1 Метрики (Prometheus / Sentry custom)
-
-```
-phone_resolution.source.dadata       # сколько лидов через DaData
-phone_resolution.source.rossvyaz     # сколько через Россвязь
-phone_resolution.source.tag          # сколько ушло в tag-fallback
-phone_resolution.source.unknown      # сколько ушло без региона совсем
-
-phone_resolution.dadata.qc.0..7      # распределение qc
-phone_resolution.dadata.error        # сетевые/таймаут
-phone_resolution.dadata.budget_capped  # деградация на Россвязь из-за бюджета
-
-phone_resolution.rossvyaz.hit
-phone_resolution.rossvyaz.miss
-
-phone_resolution.cache.hit
-phone_resolution.cache.miss
-
-phone_resolution.latency_ms          # p50/p95/p99 общего resolve()
-phone_resolution.dadata.latency_ms   # p50/p95/p99 HTTP-вызова
-```
-
-### 8.2 Алерты
-
-| Триггер | Реакция |
-|---|---|
-| `source.tag` > 20% в течение часа | DaData+Россвязь массово деградируют — paging |
-| `source.unknown` > 5% в течение часа | Мусорные номера, ломаная валидация на входе или поставщик |
-| `dadata.qc.1` > 5% в течение часа | DaData качество просело — review |
-| `rossvyaz.miss` > 10% | Реестр устарел (последний импорт > 60 дней) |
-| `dadata.budget_capped > 0` | Дневной лимит исчерпан — нотификация в Telegram |
-| `dadata.latency_ms p95 > 1500` | DaData медленный — проверить сеть/тариф |
-
-### 8.3 Дашборд
-
-Grafana панель «Lead Region Resolution»:
-
-- Линии распределения по `source` (stacked area)
-- Гистограмма `qc`
-- Latency p50/p95/p99
-- Бюджет DaData (сегодня / месяц / форкаст до конца месяца)
-- Топ-5 регионов по объёму
-
----
-
-## §9 Тестирование (TDD)
-
-### 9.1 Unit-тесты
-
-```
-tests/Unit/Services/LeadRegionResolverTest.php
-  - dadata_qc_0_returns_dadata_source
-  - dadata_qc_3_returns_dadata_with_multiple_flag
-  - dadata_qc_1_falls_back_to_rossvyaz
-  - dadata_qc_2_falls_back_to_tag_skipping_rossvyaz
-  - dadata_qc_7_falls_back_to_tag_skipping_rossvyaz
-  - dadata_timeout_falls_back_to_rossvyaz
-  - dadata_network_error_falls_back_to_rossvyaz
-  - budget_cap_exceeded_skips_dadata_directly_to_rossvyaz
-  - cache_hit_skips_dadata_and_rossvyaz
-  - invalid_phone_skips_dadata_returns_tag
-  - unmappable_dadata_region_falls_through_to_rossvyaz
-  - all_three_layers_fail_returns_unknown_with_null_subject_code
-
-tests/Unit/Services/RossvyazPrefixLookupTest.php
-  - mobile_prefix_returns_correct_region
-  - city_code_3digit_returns_correct_region
-  - city_code_4digit_more_specific_wins_over_3digit
-  - unknown_prefix_returns_null
-
-tests/Unit/Services/DaData/DaDataPhoneClientTest.php
-  - mocked HTTP с фикстурами ответов 0/1/2/3/7
-  - timeout exception
-  - 5xx retry
-  - 4xx no retry
-
-tests/Unit/Support/DaDataRegionMapTest.php
-  - "Санкт-Петербург и область" → ambiguous, требует override
-  - "Москва" → код 77
-  - "Московская область" → код 50
-  - все 89 регионов из RussianRegions резолвятся
-```
-
-### 9.2 Integration-тесты
-
-```
-tests/Feature/Jobs/RouteSupplierLeadJobRegionResolutionTest.php
-  - lead_with_phone_uses_dadata_region_not_tag
-  - lead_with_phone_dadata_disagrees_with_tag_writes_log
-  - lead_with_invalid_phone_falls_back_to_tag
-  - lead_with_dadata_disabled_via_flag_uses_tag
-  - region_resolution_logged_per_lead
-```
-
-### 9.3 Pest 4 совместимость
-
-Все тесты пишутся в Pest 4 (текущий dev-стандарт), без shared state — для `--parallel` совместимости. DaData HTTP мокается через `Http::fake()` — без реальных сетевых вызовов в CI.
-
-### 9.4 Smoke на staging
-
-Отдельный artisan-команда `phone-region:smoke --phone=7921555XXXX`:
-
-- Дёргает живой DaData (с реальным ключом staging).
-- Дёргает Россвязь.
-- Печатает оба ответа и решение resolver'а.
-- Не пишет в БД.
-
----
-
-## §10 Раскатка
-
-### 10.1 Этапы
-
-1. **Миграция схемы** — `phone_ranges*` + `lead_region_resolution_log` + (опционально) колонки в `supplier_leads`.
-2. **Импорт реестра Россвязи** — первый ручной запуск `phone-ranges:import`.
-3. **Деплой кода с `LEAD_REGION_RESOLVER_ENABLED=false`** — резолвер не используется, существующий tag-flow продолжает работать. Это «нулевая раскатка» — проверяем, что миграция БД и команды работают.
-4. **Включение для 1% трафика** — feature-flag в виде «hash(phone) % 100 < N». Алерты, дашборд.
-5. **Раскатка на 100%** через 24-48 часов мониторинга.
-6. **Backfill старых лидов** — отдельный план, не часть MVP.
-7. **Через 1 месяц мониторинга** — можно начинать обсуждение «выключить `raw_payload['tag']` как нормативный источник, перейти на phone-only». Не часть этой спеки.
-
-### 10.2 Аварийный откат
-
-`LEAD_REGION_RESOLVER_ENABLED=false` → возврат к tag-flow без деплоя кода. Время отката — секунды.
-
----
-
-## §11 Деньги
-
-### 11.1 Прямая стоимость DaData (без оптимизаций)
-
-- Тариф: 20 копеек / запрос
-- Объём: 30 000 лидов/день
-- **= 6 000 ₽/день = ~180 000 ₽/мес** при 100% покрытии и без кэша
-
-### 11.2 Экономия за счёт кэша 30 дней по `sha256(phone)`
-
-Cache-hit-rate ожидается **15-25%** (повторные лиды с того же телефона: одна заявка через несколько каналов / повторная заявка через 1-3 недели / поставщик ретранслирует одного лида CSV+webhook).
-
-Срок 30 дней выбран заказчиком (30.05) как баланс между экономией бюджета и актуальностью оператора при MNP.
-
-| Cache-hit-rate | DaData запросов/день | Расход/день | Расход/месяц |
-|---|---|---|---|
-| 0% | 30 000 | 6 000 ₽ | 180 000 ₽ |
-| 15% | 25 500 | 5 100 ₽ | 153 000 ₽ |
-| 20% (ожидаемо) | 24 000 | 4 800 ₽ | **~144 000 ₽** |
-| 25% | 22 500 | 4 500 ₽ | 135 000 ₽ |
-
-Точная доля видна через 1-2 недели после раскатки по метрикам `phone_resolution.cache.{hit,miss}`.
-
-### 11.3 Бюджетные ступени у DaData
-
-При объёмах > 500k запросов/мес — переход на тариф «Стандарт» с предоплатой и скидкой ~30%. При > 5М/мес — индивидуальный тариф. **Расчёт по факту, через 1-2 мес после раскатки.**
-
-### 11.4 Лимиты API
-
-- 20 запросов/сек с одного IP — наш пик ~1-2 RPS, защита через client-side rate-limit (см. §3.13)
-- 60 новых соединений / минуту — keep-alive в HTTP-клиенте решает (см. §3.6)
-
-### 11.5 Бюджетный hard-stop
-
-`DADATA_DAILY_CAP_RUB` (`.env`) — мягкий лимит. При исчерпании `DaDataBudgetGuard::canSpend()` возвращает false, resolver идёт сразу в Россвязь (без оператора в этой ситуации — потеря качества для оставшейся части дня, не блокер). Алерт в Telegram «бюджет DaData исчерпан».
-
----
-
-## §12 Открытые вопросы — все закрыты после adversarial-review 30.05
-
-### Q1 — Маппинг неоднозначных регионов DaData ✅ ЗАКРЫТ (29.05)
-
-**Решение:** для 4 регионов (Москва 77, Московская область 50, СПб 78, Ленинградская область 47) при `region ∈ ambiguous-list` `region` от DaData игнорируем, идём в Россвязь. DaData всё равно дёргаем ради `provider` (см. Q9 ниже). Регламент — §3.4.1.
-
-### Q2 — Конфликт DaData ↔ tag ✅ ЗАКРЫТ (29.05)
-
-**Решение:** по конструкции конфликта нет. На ambiguous-регионы тег не используется (берём Россвязь). На остальные 85 регионов tag — только fallback при недоступности DaData/Россвязи.
-
-### Q3 — `type=Колл-центр` ✅ ЗАКРЫТ (29.05)
-
-**Решение:** принимаем как обычный лид, без флага. Маршрутизируем по региону.
-
-### Q4 — Денормализация в `supplier_leads` ✅ ЗАКРЫТ (30.05)
-
-**Решение:** (a) — добавляем 4 inline-колонки (`resolved_subject_code` / `region_source` / `dadata_qc` / `phone_operator`) в `supplier_leads` (§4.4). Полная история — в `lead_region_resolution_log`.
-
-### Q5 — Маскирование `dadata_response` для дампов ✅ ЗАКРЫТ (29.05)
-
-**Решение:** оставляем как есть, телефон уже маскирован в коде до INSERT. pg_anonymizer на это поле не настраиваем.
-
-### Q6 — Мобильный без региона ✅ ЗАКРЫТ (29.05)
-
-**Решение:** при `region=NULL` у мобильного → Россвязь. §3.4.
-
-### Q7 — qc=0 + region=NULL ✅ ЗАКРЫТ (29.05)
-
-**Решение:** в Россвязь. §3.4.
-
-### Q8 — Реальная бизнес-проблема ✅ ЗАКРЫТ (30.05, adversarial)
-
-**Решение заказчика:** проблема — несколько разных клиентов используют один источник с разными региональными настройками; маршрутизатор сейчас раздаёт лиды без учёта региона, нужна правка `LeadRouter` (Plan 6.5 в рамках спеки). Зафиксировано в §0 и И-4.
-
-### Q9 — Оператор связи: актуальный (DaData) или исторический (Россвязь) ✅ ЗАКРЫТ (30.05)
-
-**Решение заказчика:** актуальный (DaData, с MNP). Для будущих сервисов рассылок/звонков нужен фактический оператор. Pre-DaData skip для ambiguous-регионов отменён — DaData дёргается всегда (ради provider), регион берём из Россвязи когда нужно.
-
-### Q10 — Логика каскада маршрутизатора ✅ ЗАКРЫТ (30.05)
-
-**Решение заказчика:** точное совпадение → «вся РФ» → запасной канал (любой подписчик источника с остатком лимита). Точные имеют приоритет, чтобы РФ-клиент не съел все региональные лимиты. §3.9, И-4.
-
-### Q11 — Уникальность «один источник на клиента» ✅ ЗАКРЫТ (30.05)
-
-**Решение:** реализовано в `ProjectService::assertSourceUnique` (не в БД). У клиента может быть только один проект на один источник; разные клиенты могут использовать один источник с разными regions. Зафиксировано в §0.
-
-### Q12 — Лимит на регион или на проект ✅ ЗАКРЫТ (30.05)
-
-**Решение заказчика:** один лимит на проект независимо от количества регионов. Регионы в проекте — фильтр, не корзины. §0, И-4.
-
-### Q13 — Шаг 3 запасного канала ✅ ЗАКРЫТ (30.05)
-
-**Решение заказчика:** отдаём всем подходящим (cap=3) с пометкой; биллинг как обычно. Подмена subject_code на один из regions проекта клиента — первый по порядку (выбор не критичен, лимит общий). Настоящий регион — в `lead_region_resolution_log`. §3.10, И-4, И-6.
-
-### Q14 — CSV-merge: обновлять регион или оставлять ✅ ЗАКРЫТ (30.05)
-
-**Решение заказчика:** (а) — обновлять если новый источник лучше по рангу `dadata > rossvyaz > tag > unknown`. §3.12, И-8.
-
-### Q15 — Срок кэша DaData ✅ ЗАКРЫТ (30.05)
-
-**Решение заказчика:** 30 дней. Баланс между экономией бюджета и актуальностью оператора при MNP. §11.2.
-
----
-
-## §13 Связанные документы
-
-- [Plan 6 regions subject-level design](2026-05-14-plan-6-regions-subject-level-design.md) — текущий формат `projects.regions INT[]` 1..89, конституционный порядок.
-- [Supplier integration MVP](2026-05-10-supplier-integration-design.md) §6 step 2 — где жил исходный `PhonePrefixService`, с пометкой «полный справочник — future».
-- [Project migration redesign](2026-05-20-project-migration-redesign-design.md) §4.4 — где появился `RegionTagResolver` (tag → subject_code).
-- [Slepok routing protection](2026-05-26-slepok-routing-protection-design.md) — `subject_code` входит в snapshot, влияние на эту спеку **нулевое** (мы не меняем сам формат snapshot'а, только источник `subject_code`).
-- [pg_audit + pg_anonymizer setup](../../security/pgaudit-anonymizer-setup.md) — для §7 маскирования.
-- [ADR-018 audit hash-chain per-tenant](../../adr/018-audit-chain-per-tenant.md) — паттерн `audit_chain_hash`, **не относится** к этой спеке (мы пишем в обычный log, не audit-chain).
-
----
-
-## §14 Не входит в эту фичу
-
-- Уточнение региона по IP клиента (GeoIP).
-- SMS-подтверждение региона у клиента.
-- Авто-исправление старых лидов задним числом.
-- Уточнение оператора в реальном времени при MNP (DaData это уже отдаёт в `provider`, отдельная логика не нужна).
-- Поддержка иностранных номеров (DaData помечает `qc=7`, оставляем `subject_code=NULL`).
-- Снятие `RegionTagResolver` / `raw_payload['tag']` из нормативных источников — отдельная спека после 1-2 мес мониторинга.
-- Снятие `PhonePrefixService` и `projects.region_mask` (DEPRECATED Plan 6.5) — отдельная задача.
-
----
-
-## §15 Риски
-
-| Риск | Вероятность | Влияние | Митигация |
-|---|---|---|---|
-| DaData падает на N часов | Низкая | Средняя (деградация на Россвязь — она оффлайн) | Россвязь fallback + кэш |
-| Россвязь реестр меняет формат XLSX | Низкая | Средняя | Cron алерт на «import failed», ручной разбор, manual override через `--url=file://...` |
-| `DADATA_API_KEY` утекает | Низкая | Высокая | YC Lockbox, ротация ключей через .env-redeploy |
-| Биллинг DaData превышает прогноз x2 | Средняя | Средняя | `DADATA_DAILY_CAP_RUB` + алерт + переход на Россвязь как primary |
-| Маппинг регионов даёт неверный код для X% лидов | Средняя | Высокая | A/B-аналитика `subject_code_from_tag` vs `subject_code_resolved` в логе, ручной разбор |
-| Кэш-ключ коллизит при rotation key | Очень низкая | Низкая | sha256 — pure-data hash, не зависит от прод-ключей |
-| Бизнес-инвариант «никогда не теряем регион» нарушен из-за NULL subject_code | Низкая | Средняя | Это валидное состояние (= «вся РФ»), маршрутизатор обрабатывает; не блокер |
-
----
-
-## §16 Acceptance criteria
-
-После раскатки на 100%:
-
-- [ ] `phone_resolution.source.dadata` > 70% (DaData доминирующий источник)
-- [ ] `phone_resolution.source.rossvyaz` > 5% (fallback живой)
-- [ ] `phone_resolution.source.tag` < 15% (резкое снижение от текущих 100%)
-- [ ] `phone_resolution.source.unknown` < 2%
-- [ ] `phone_resolution.latency_ms p95 < 500` (включая DaData HTTP)
-- [ ] Дашборд Grafana «Lead Region Resolution» доступен
-- [ ] Все 12 unit-тестов GREEN; integration GREEN на CI
-- [ ] Smoke на staging прогон: 100 случайных prod-лидов → 100 записей в `lead_region_resolution_log`, distribution в пределах ожидаемого
-- [ ] Дневной бюджет DaData < 7 000 ₽ в среднем (с учётом cache-hit-rate)
-- [ ] Первый монтаж реестра Россвязи (`phone_ranges_imports.status='completed'`)
-- [ ] Pravila §16.4 «не использован ≠ проблема» соблюдён: новые узлы (если добавим в Tooling Прил. Н) корректно классифицированы
-
----
-
-## §17 Метаданные документа
-
-- **Автор:** Claude (через `superpowers:brainstorming` cycle на основе диалога 29-30.05.2026; adversarial-review с прямым code-walking файлов LeadRouter / RouteSupplierLeadJob / SupplierProjectResolver / LedgerService / SnapshotProjectRoutingJob / CsvReconcileJob / SupplierWebhookController / ProjectService / ProjectController / StoreProjectRequest / UpdateProjectRequest / Plan 6 spec)
-- **Аудитория:** Дмитрий + следующая сессия implementer'а
-- **Жанр:** design spec (`docs/superpowers/specs/`), не implementation plan
-- **Implementation plan:** будет создан отдельно — `docs/superpowers/plans/2026-05-29-lead-region-resolution.md` через skill `superpowers:writing-plans`
-- **Размер оценки реализации:** 6-7 рабочих дней через subagent-driven-development:
-  - Day 1: миграции БД (`phone_ranges*`, `lead_region_resolution_log`, ALTER `supplier_leads` +4, ALTER `deals` +2) + первый импорт реестра Россвязи + регистрация партиций в `MonthlyPartitionManager`
-  - Day 2: `DaDataPhoneClient` (HTTP + rate-limit + budget guard) + `RossvyazPrefixLookup` + кэш sha256(phone) TTL=30д (TDD unit)
-  - Day 3: `LeadRegionResolver` (qc-decision + ambiguous-list + persistent-idempotency + cache-hit логирование) (TDD unit)
-  - Day 4: `LeadRouter` каскад (точное → всяРФ → запасной с подменой) + `pickSubstituteRegion` (TDD unit + integration через RouteSupplierLeadJob)
-  - Day 5: CSV-merge update по рангу источника + integration `RouteSupplierLeadJob` (resolve до транзакции, persist в одной короткой транзакции, передача `routing_step` в createDealCopyForProject) + feature-flag `LEAD_REGION_RESOLVER_ENABLED`
-  - Day 6: метрики Prometheus + дашборд Grafana + алерты + staging-smoke на 100 prod-номеров + раскатка hash(phone)%100<1%
-  - Day 7: мониторинг + раскатка до 100% + добивка по findings первой недели + резерв на тонкий тюнинг ambiguous-list по реальным DaData-ответам
-
-**Изменение от v0.3:** в v0.3 была оценка 4-6 дней без правки LeadRouter; теперь спека покрывает и резолвер, и правку маршрутизатора (Plan 6.5 включён в этот эпик), поэтому +2 дня на маршрутизатор и подмену региона.
-
----
-
-## Changelog
-
-- **v0.5 (30.05.2026 — поздний вечер) — крупный rewrite после adversarial-review:**
-  - §0 переписан: настоящая бизнес-проблема — несколько разных клиентов используют один источник с разными regions; тег «РФ» — наш собственный (ставим в supplier_project когда выбора нет); зафиксированы факты из прямого code-walking (`LeadRouter` не использует subject_code, `supplier_projects.subject_code` — dead column, `ProjectService::assertSourceUnique` блокирует «один tenant — два проекта на один источник», один лимит на проект)
-  - §1 переписан: добавлены цели «правка LeadRouter» (Plan 6.5 в рамках спеки), «сохранять оператора DaData», «каскадная фильтрация», «никогда не показывать клиенту не его регион», «никогда не выбрасывать лид»
-  - §2 расширен до 8 бизнес-инвариантов И-1..И-8
-  - §3.4.1 переписан: DaData всё равно дёргаем при ambiguous-list ради оператора, регион берём из Россвязи (отказались от pre-DaData skip)
-  - §3.9 (новый) — каскадная маршрутизация в `LeadRouter` (3 фазы: точное → всяРФ → запасной)
-  - §3.10 (новый) — подмена `subject_code` в сделке на шаге 3 запасного канала
-  - §3.11 (новый) — persistent idempotency через колонки `supplier_leads` (защита от двойной оплаты DaData при Redis-restart) + транзакционность persist'а + cache-hit логирование
-  - §3.12 (новый) — CSV-merge update `subject_code` и `phone_operator` по рангу источника `dadata > rossvyaz > tag > unknown`
-  - §3.13 (новый) — client-side rate-limit для защиты от DaData 429
-  - §4.4 — `supplier_leads` +4 колонки (добавлен `phone_operator`)
-  - §4.5 (новый) — `deals` +2 колонки (`phone_operator`, `region_substituted`)
-  - §4.6 (новый) — `lead_region_resolution_log` +5 колонок (`actual_subject_code`, `substituted_subject_code`, `routing_step`, `phone_operator`, `cache_hit`)
-  - §11 расширен: таблица расходов по cache-hit-rate, бюджетный hard-stop
-  - §12 +Q8-Q15 закрыты по ответам заказчика 30.05 (всего 15 закрытых вопросов)
-  - §17 оценка пересмотрена 4-6 → 6-7 дней (правка LeadRouter добавлена в scope)
-- **v0.4 (30.05.2026 — день) — пропущена** (последовательность нумерации перешла v0.3 → v0.5 при rewrite).
-- **v0.3 (30.05.2026)** — Q4 закрыт: денормализация в `supplier_leads`. §4.4 переписан. Все 7 первых вопросов закрыты — спека готова к writing-plans (до adversarial-review).
-- **v0.2 (30.05.2026)** — закрыты Q1, Q2, Q3, Q5, Q6, Q7. §3.4 расширен. §3.4.1 (новый) — ambiguous-list. Q4 открыт.
-- **v0.1 (29.05.2026)** — первый драфт. Untracked-файл.