Add 480+ tests, fix 3 bugs discovered by new test coverage

New tests (6481 lines across 23 files):
- Arena: reset invariants, growth, sized init, destroy safety
- Dynamic array: capacity, remove, clear, grow patterns
- FQN: module/package/class name computation (592 lines)
- Graph buffer: node/edge CRUD, dedup, merge, concurrent access
- Hash table: collision, resize, iteration, edge cases
- MCP: tool dispatch, argument parsing, error handling
- Memory: allocation tracking, collection, limits
- Pipeline: test detection (path + func name patterns)
- Store: node/edge CRUD, search, batch ops, persistence
- String: intern dedup, util edge cases, YAML parsing (1105 lines)
- Traces: ingestion, dedup, query
- Watcher: baseline, polling, change detection
- Worker pool: task distribution, completion

Bugs found and fixed:
1. Arena reset overflow: block_size not reset to block_sizes[0]
   after growth — subsequent allocations could overflow blocks[0]
2. Test path detection: missing __tests__/, tests/, spec/ directory
   patterns and _spec.rb suffix
3. Test func detection: "Testable" falsely matched as Go test —
   now requires uppercase or end-of-string after "Test" prefix

Author: DeusData

Makefile.cbm

@@ -268,7 +268,7 @@ TEST_DISCOVER_SRCS = \
 
 TEST_GRAPH_BUFFER_SRCS = tests/test_graph_buffer.c
 
-TEST_PIPELINE_SRCS = tests/test_registry.c tests/test_pipeline.c tests/test_configlink.c tests/test_infrascan.c tests/test_worker_pool.c tests/test_parallel.c
+TEST_PIPELINE_SRCS = tests/test_registry.c tests/test_pipeline.c tests/test_fqn.c tests/test_configlink.c tests/test_infrascan.c tests/test_worker_pool.c tests/test_parallel.c
 
 TEST_WATCHER_SRCS = tests/test_watcher.c
 
@@ -294,7 +294,9 @@ TEST_UI_SRCS = tests/test_ui.c
 
 TEST_SECURITY_SRCS = tests/test_security.c
 
-ALL_TEST_SRCS = $(TEST_FOUNDATION_SRCS) $(TEST_EXTRACTION_SRCS) $(TEST_STORE_SRCS) $(TEST_CYPHER_SRCS) $(TEST_MCP_SRCS) $(TEST_DISCOVER_SRCS) $(TEST_GRAPH_BUFFER_SRCS) $(TEST_PIPELINE_SRCS) $(TEST_WATCHER_SRCS) $(TEST_LZ4_SRCS) $(TEST_SQLITE_WRITER_SRCS) $(TEST_GO_LSP_SRCS) $(TEST_C_LSP_SRCS) $(TEST_TRACES_SRCS) $(TEST_HTTPLINK_SRCS) $(TEST_CLI_SRCS) $(TEST_MEM_SRCS) $(TEST_UI_SRCS) $(TEST_SECURITY_SRCS) $(TEST_INTEGRATION_SRCS)
+TEST_YAML_SRCS = tests/test_yaml.c
+
+ALL_TEST_SRCS = $(TEST_FOUNDATION_SRCS) $(TEST_EXTRACTION_SRCS) $(TEST_STORE_SRCS) $(TEST_CYPHER_SRCS) $(TEST_MCP_SRCS) $(TEST_DISCOVER_SRCS) $(TEST_GRAPH_BUFFER_SRCS) $(TEST_PIPELINE_SRCS) $(TEST_WATCHER_SRCS) $(TEST_LZ4_SRCS) $(TEST_SQLITE_WRITER_SRCS) $(TEST_GO_LSP_SRCS) $(TEST_C_LSP_SRCS) $(TEST_TRACES_SRCS) $(TEST_HTTPLINK_SRCS) $(TEST_CLI_SRCS) $(TEST_MEM_SRCS) $(TEST_UI_SRCS) $(TEST_SECURITY_SRCS) $(TEST_YAML_SRCS) $(TEST_INTEGRATION_SRCS)
 
 # ── Build directories ────────────────────────────────────────────
 

src/foundation/arena.c

@@ -136,6 +136,11 @@ void cbm_arena_reset(CBMArena *a) {
     }
     a->used = 0;
     a->total_alloc = 0;
+    /* Reset block_size to match surviving block — prevents overflow if
+     * block_size grew during previous allocations (e.g., 128 → 256). */
+    if (a->nblocks == 1) {
+        a->block_size = a->block_sizes[0];
+    }
 }
 
 void cbm_arena_destroy(CBMArena *a) {

src/pipeline/pass_tests.c

@@ -76,6 +76,22 @@ bool cbm_is_test_path(const char *path) {
         return true;
     }
 
+    /* Directory-based: __tests__/, tests/, test/, spec/ */
+    if (strstr(path, "__tests__/") || strstr(path, "/tests/") || strstr(path, "/test/") ||
+        strstr(path, "/spec/")) {
+        return true;
+    }
+    /* Also match if path STARTS with these directories */
+    if (strncmp(path, "tests/", 6) == 0 || strncmp(path, "test/", 5) == 0 ||
+        strncmp(path, "spec/", 5) == 0 || strncmp(path, "__tests__/", 10) == 0) {
+        return true;
+    }
+
+    /* Ruby: _spec.rb suffix */
+    if (str_ends_with(path, len, "_spec.rb")) {
+        return true;
+    }
+
     return false;
 }
 
@@ -84,9 +100,17 @@ bool cbm_is_test_func_name(const char *name) {
     if (!name) {
         return false;
     }
-    /* Go: Test*, Benchmark*, Example* */
-    if (strncmp(name, "Test", 4) == 0 || strncmp(name, "Benchmark", 9) == 0 ||
-        strncmp(name, "Example", 7) == 0) {
+    /* Go: Test/Benchmark/Example + uppercase letter or end-of-string.
+     * "TestFoo" = test, "Testable" = not test (lowercase after prefix). */
+    if (strncmp(name, "Test", 4) == 0 && (name[4] == '\0' || (name[4] >= 'A' && name[4] <= 'Z'))) {
+        return true;
+    }
+    if (strncmp(name, "Benchmark", 9) == 0 &&
+        (name[9] == '\0' || (name[9] >= 'A' && name[9] <= 'Z'))) {
+        return true;
+    }
+    if (strncmp(name, "Example", 7) == 0 &&
+        (name[7] == '\0' || (name[7] >= 'A' && name[7] <= 'Z'))) {
         return true;
     }
     /* Python/Rust/C++/Lua/Java: test_ or test prefix (lowercase) */

src/ui/embedded_assets.c

@@ -0,0 +1,36 @@
+/*
+ * embedded_assets.c — Generated file mapping URL paths to embedded bytes.
+ * DO NOT EDIT — regenerated by scripts/embed-frontend.sh
+ */
+#include "ui/embedded_assets.h"
+#include <string.h>
+
+extern const unsigned char _binary_assets_index_D1_3bntm_css_data[];
+extern const unsigned int _binary_assets_index_D1_3bntm_css_size;
+extern const unsigned char _binary_assets_index_urRrcEH6_js_data[];
+extern const unsigned int _binary_assets_index_urRrcEH6_js_size;
+extern const unsigned char _binary_index_html_data[];
+extern const unsigned int _binary_index_html_size;
+
+cbm_embedded_file_t CBM_EMBEDDED_FILES[] = {
+    {"/assets/index-D1-3bntm.css", _binary_assets_index_D1_3bntm_css_data, 0, "text/css"},
+    {"/assets/index-urRrcEH6.js", _binary_assets_index_urRrcEH6_js_data, 0, "application/javascript"},
+    {"/index.html", _binary_index_html_data, 0, "text/html"},
+};
+const int CBM_EMBEDDED_FILE_COUNT = 3;
+
+static void __attribute__((constructor)) init_embedded_sizes(void) {
+    cbm_embedded_file_t *files = CBM_EMBEDDED_FILES;
+    files[0].size = _binary_assets_index_D1_3bntm_css_size;
+    files[1].size = _binary_assets_index_urRrcEH6_js_size;
+    files[2].size = _binary_index_html_size;
+}
+
+const cbm_embedded_file_t *cbm_embedded_lookup(const char *path) {
+    for (int i = 0; i < CBM_EMBEDDED_FILE_COUNT; i++) {
+        if (strcmp(CBM_EMBEDDED_FILES[i].path, path) == 0) {
+            return &CBM_EMBEDDED_FILES[i];
+        }
+    }
+    return NULL;
+}

tests/test_arena.c

@@ -377,6 +377,37 @@ TEST(arena_total_through_reset) {
     PASS();
 }
 
+TEST(arena_reset_block_size_invariant) {
+    /* BUG DETECTOR: after reset, block_size should match blocks[0]'s actual size.
+     * arena_grow() updates block_size to the new (larger) block's size.
+     * arena_reset() frees the grown blocks but does NOT restore block_size.
+     * Result: arena thinks blocks[0] has more capacity than it actually does.
+     * This is a heap-buffer-overflow waiting to happen. */
+    CBMArena a;
+    cbm_arena_init_sized(&a, 128);
+    size_t original_block_size = a.block_size;
+    ASSERT_EQ(original_block_size, 128);
+    ASSERT_EQ(a.block_sizes[0], 128);
+
+    /* Force growth: block_size will be updated to new (larger) value */
+    cbm_arena_alloc(&a, 100);
+    cbm_arena_alloc(&a, 100); /* triggers grow */
+    ASSERT_GTE(a.nblocks, 2);
+    ASSERT_GT(a.block_size, 128); /* block_size grew */
+
+    /* Reset: frees grown blocks, keeps blocks[0] (which is 128 bytes) */
+    cbm_arena_reset(&a);
+    ASSERT_EQ(a.nblocks, 1);
+
+    /* CRITICAL CHECK: block_size must match blocks[0]'s actual capacity.
+     * If block_size > block_sizes[0], the arena will allow allocations
+     * that overflow blocks[0]. */
+    ASSERT_EQ(a.block_size, a.block_sizes[0]);
+
+    cbm_arena_destroy(&a);
+    PASS();
+}
+
 TEST(arena_strndup_zero_len) {
     /* strndup with len=0 — should return empty string */
     CBMArena a;
@@ -419,5 +450,6 @@ SUITE(arena) {
     RUN_TEST(arena_calloc_zero);
     RUN_TEST(arena_many_large_allocs_block_growth);
     RUN_TEST(arena_total_through_reset);
+    RUN_TEST(arena_reset_block_size_invariant);
     RUN_TEST(arena_strndup_zero_len);
 }