feat: build system transition to release fork + archive hardening

Release fork infrastructure:
- REDBEAR_RELEASE=0.1.1 with offline enforcement (fetch/distclean/unfetch blocked)
- 195 BLAKE3-verified source archives in standard format
- Atomic provisioning via provision-release.sh (staging + .complete sentry)
- 5-phase improvement plan: restore format auto-detection, source tree
  validation (validate-source-trees.py), archive-map.json, REPO_BINARY fallback

Archive normalization:
- Removed 87 duplicate/unversioned archives from shared pool
- Regenerated all archives in consistent format with source/ + recipe.toml
- BLAKE3SUMS and manifest.json generated from stable tarball set

Patch management:
- verify-patches.sh: pre-sync dry-run report (OK/REVERSED/CONFLICT)
- 121 upstream-absorbed patches moved to absorbed/ directories
- 43 active patches verified clean against rebased sources
- Stress test: base updated to upstream HEAD, relibc reset and patched

Compilation fixes:
- relibc: Vec imports in redox-rt (proc.rs, lib.rs, sys.rs)
- relibc: unsafe from_raw_parts in mod.rs (2024 edition)
- fetch.rs: rev comparison handles short/full hash prefixes
- kibi recipe: corrected rev mismatch

New scripts: restore-sources.sh, provision-release.sh, verify-sources-archived.sh,
check-upstream-releases.sh, validate-source-trees.py, verify-patches.sh,
repair-archive-format.sh, generate-manifest.py

Documentation: AGENTS.md, README.md, local/AGENTS.md updated for release fork model

docs/06-BUILD-SYSTEM-SETUP.md

@@ -8,19 +8,18 @@
 
 ## Repository Model Reminder
 
-Build this repository using the Red Bear overlay model:
+Build this repository using the Red Bear release fork model:
 
-- upstream-owned source trees are refreshable working copies,
+- sources are frozen, immutable release snapshots at baseline 0.1.0,
 - durable Red Bear state lives in `local/patches/`, `local/recipes/`, `local/docs/`, and tracked
   Red Bear configs,
-- upstream WIP recipes are useful inputs, but should not automatically be treated as the durable
-  shipping source of truth for Red Bear.
+- build from archived sources offline by default; provision new releases explicitly via provision-release.sh.
 
 Resilience policy for package/source inputs:
 
 - default build posture is local-first/offline-capable,
-- local copies are used continuously unless upstream refresh is explicitly requested,
-- upstream refresh is an explicit operation, not an implicit background requirement for normal
+- local copies are used continuously unless release provisioning is explicitly requested,
+- release provisioning is an explicit operation, not an implicit background requirement for normal
   builds.
 
 ## Prerequisites
@@ -210,11 +209,11 @@ sudo dd if=build/x86_64/harddrive.img of=/dev/sdX bs=4M status=progress
 ./target/release/repo cook recipes/wip/kde/kwin
 ```
 
-Under the Red Bear overlay model, remember:
+Under the Red Bear release fork model, remember:
 
-- `recipes/*/source/` is a refreshable working tree,
+- `recipes/*/source/` is an immutable archived release snapshot,
 - Red Bear-owned shipping deltas should be preserved under `local/patches/` and `local/recipes/`,
-- if a recipe is still upstream WIP, Red Bear may still choose to ship from `local/recipes/` instead.
+- sources are built offline by default; provision new releases via provision-release.sh.
 
 ### Understanding Recipe Format
 
@@ -264,7 +263,7 @@ cp target/release/myapp ${COOKBOOK_STAGE}/usr/bin/
 | `PREFIX_BINARY` | `1` | Use prebuilt toolchain (faster) |
 | `REPO_BINARY` | `0` | Use prebuilt packages (faster, no compilation) |
 | `REPO_NONSTOP` | `0` | Continue on build errors |
-| `REPO_OFFLINE` | `0` | Don't update source repos; Red Bear policy treats local-first sourcing as the normal operating mode and upstream refresh as explicit opt-in |
+| `REPO_OFFLINE` | `0` | Don't update source repos; Red Bear policy treats local-first sourcing as the normal operating mode and release provisioning as explicit opt-in |
 
 ### Environment Variables for Recipes