thumbgate 1.16.21 → 1.17.0

package/public/numbers.html

@@ -6,9 +6,9 @@
 <meta name="generator" content="ThumbGate">
 <meta name="author" content="Igor Ganapolsky">
 <title>ThumbGate — The Numbers | First-Party Data Snapshot</title>
-<meta name="description" content="ThumbGate's generated first-party operational snapshot: active pre-action checks, AI agent actions blocked, estimated LLM tokens and dollars saved, and the Bayes error rate of the intervention scorer.">
+<meta name="description" content="ThumbGate's generated first-party operational snapshot: configured pre-action checks, recorded block/warn events, estimated LLM token savings when events exist, and scorer calibration when the sample supports it.">
 <meta property="og:title" content="ThumbGate — The Numbers">
-<meta property="og:description" content="Generated first-party operational metrics: gates, blocks, token savings, and scorer calibration.">
+<meta property="og:description" content="Generated first-party operational snapshot: configured gates, recorded interventions, and explicit zero-evidence caveats.">
 <meta property="og:type" content="website">
 <meta property="og:url" content="https://thumbgate-production.up.railway.app/numbers">
 <meta name="twitter:card" content="summary_large_image">
@@ -25,9 +25,9 @@
   "alternateName": "thumbgate",
   "applicationCategory": "DeveloperApplication",
   "operatingSystem": "Cross-platform, Node.js >=18.18.0",
-  "softwareVersion": "1.16.21",
+  "softwareVersion": "1.17.0",
   "url": "https://thumbgate-production.up.railway.app/numbers",
-  "dateModified": "2026-05-06",
+  "dateModified": "2026-05-07",
   "creator": {
     "@type": "Person",
     "name": "Igor Ganapolsky",
@@ -44,8 +44,8 @@
 {
   "@context": "https://schema.org",
   "@type": "Dataset",
-  "name": "ThumbGate Live Operational Metrics",
-  "description": "First-party operational metrics from the ThumbGate pre-action check runtime: active checks, blocked AI agent actions, estimated token savings, and Bayes error rate of the intervention scorer.",
+  "name": "ThumbGate Operational Snapshot",
+  "description": "First-party operational snapshot from the ThumbGate pre-action check runtime: configured checks, recorded block/warn events, estimated token savings from recorded blocks, and Bayes error rate when the sample supports it.",
   "url": "https://thumbgate-production.up.railway.app/numbers",
   "license": "https://opensource.org/licenses/MIT",
   "creator": {
@@ -57,8 +57,8 @@
       "https://www.linkedin.com/in/igorganapolsky"
     ]
   },
-  "dateModified": "2026-05-06",
-  "datePublished": "2026-05-06",
+  "dateModified": "2026-05-07",
+  "datePublished": "2026-05-07",
   "keywords": [
     "AI agent gates",
     "LLM token savings",
@@ -69,7 +69,7 @@
   "variableMeasured": [
     {
       "@type": "PropertyValue",
-      "name": "active_gates",
+      "name": "configured_gates",
       "value": 36
     },
     {
@@ -119,6 +119,8 @@
     --cyan: #22d3ee;
     --green: #34d399;
     --amber: #fbbf24;
+    --amber-soft: rgba(251, 191, 36, 0.1);
+    --amber-line: rgba(251, 191, 36, 0.34);
   }
   body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif; background: var(--bg); color: var(--text); line-height: 1.6; }
   nav { padding: 1rem 2rem; border-bottom: 1px solid var(--border); display: flex; gap: 1.5rem; align-items: center; }
@@ -140,6 +142,16 @@
     font-weight: 600;
     margin-bottom: 2.5rem;
   }
+  .truth-note {
+    background: var(--amber-soft);
+    border: 1px solid var(--amber-line);
+    border-radius: 12px;
+    color: #fde68a;
+    padding: 16px 18px;
+    margin: 0 0 2.5rem;
+    font-size: 0.95rem;
+  }
+  .truth-note strong { color: #fff3bd; }
   .stats-grid { display: grid; grid-template-columns: repeat(auto-fit, minmax(220px, 1fr)); gap: 18px; margin: 1.5rem 0; }
   .stat-card {
     background: var(--bg-card);
@@ -189,33 +201,34 @@
 
 <main class="container">
   <h1>The Numbers</h1>
-  <p class="subtitle">Generated first-party operational data from the ThumbGate runtime. No surveys or projections — this page is a release-time snapshot produced by the same local scripts that power the CLI and dashboard.</p>
-  <div class="freshness">Updated: 2026-05-06 · Version 1.16.21</div>
+  <p class="subtitle">Generated first-party operational snapshot from the ThumbGate runtime. This is not customer traction, install volume, revenue, or proof that a configured gate has fired.</p>
+  <div class="freshness">Updated: 2026-05-07 · Version 1.17.0</div>
+  <div class="truth-note"><strong>Read this first:</strong> configured checks are inventory. Recorded blocks and warnings are usage evidence. This snapshot currently reports 0 recorded hard-block event(s) and 0 recorded warning event(s).</div>
 
   <h2>Gate enforcement</h2>
   <div class="stats-grid">
     <div class="stat-card">
-      <div class="stat-label">Active gates</div>
+      <div class="stat-label">Configured checks</div>
       <div class="stat-value">36</div>
-      <div class="stat-sub">36 manual · 0 auto-promoted</div>
+      <div class="stat-sub">36 shipped defaults · 0 auto-promoted; inventory, not usage</div>
       <a class="stat-source" href="https://github.com/IgorGanapolsky/ThumbGate/blob/main/scripts/gate-stats.js">source: gate-stats.js</a>
     </div>
     <div class="stat-card">
       <div class="stat-label">Actions blocked</div>
       <div class="stat-value">0</div>
-      <div class="stat-sub">repeat AI mistakes prevented at the gate</div>
+      <div class="stat-sub">no recorded hard-block events in this snapshot</div>
       <a class="stat-source" href="https://github.com/IgorGanapolsky/ThumbGate/blob/main/scripts/gate-stats.js">source: gate-stats.js</a>
     </div>
     <div class="stat-card">
       <div class="stat-label">Actions warned</div>
       <div class="stat-value">0</div>
-      <div class="stat-sub">soft interventions; not blocks</div>
+      <div class="stat-sub">no recorded soft-warning events in this snapshot</div>
       <a class="stat-source" href="https://github.com/IgorGanapolsky/ThumbGate/blob/main/scripts/gate-stats.js">source: gate-stats.js</a>
     </div>
     <div class="stat-card">
-      <div class="stat-label">Top blocked gate</div>
-      <div class="stat-value" style="font-size:1.1rem;">local-only-git-writes (0 blocks)</div>
-      <div class="stat-sub">highest-occurrence prevention rule</div>
+      <div class="stat-label">Top recorded blocker</div>
+      <div class="stat-value" style="font-size:1.1rem;">No recorded blocker yet</div>
+      <div class="stat-sub">top blocker appears only after at least one recorded block</div>
       <a class="stat-source" href="https://github.com/IgorGanapolsky/ThumbGate/blob/main/scripts/gate-stats.js">source: gate-stats.js</a>
     </div>
   </div>
@@ -225,25 +238,25 @@
     <div class="stat-card">
       <div class="stat-label">Estimated hours saved</div>
       <div class="stat-value">0.0</div>
-      <div class="stat-sub">~15 min per blocked mistake × blocks+warns</div>
+      <div class="stat-sub">0 because no block/warn events are recorded</div>
       <a class="stat-source" href="https://github.com/IgorGanapolsky/ThumbGate/blob/main/scripts/gate-stats.js">source: gate-stats.js</a>
     </div>
     <div class="stat-card">
       <div class="stat-label">Estimated LLM dollars saved</div>
       <div class="stat-value">$0.00</div>
-      <div class="stat-sub">blended Sonnet/Opus/Haiku 80/15/5 mix</div>
+      <div class="stat-sub">0 because no recorded block events feed this estimate</div>
       <a class="stat-source" href="https://github.com/IgorGanapolsky/ThumbGate/blob/main/scripts/token-savings.js">source: token-savings.js</a>
     </div>
     <div class="stat-card">
       <div class="stat-label">Tokens not spent</div>
       <div class="stat-value">0</div>
-      <div class="stat-sub">2,000 input + 600 output per block, conservative</div>
+      <div class="stat-sub">0 because no recorded block events feed this estimate</div>
       <a class="stat-source" href="https://github.com/IgorGanapolsky/ThumbGate/blob/main/scripts/token-savings.js">source: token-savings.js</a>
     </div>
     <div class="stat-card">
       <div class="stat-label">Scorer Bayes error</div>
-      <div class="stat-value">n/a (no feedback sequences recorded yet)</div>
-      <div class="stat-sub">irreducible error given current feature set</div>
+      <div class="stat-value">n/a</div>
+      <div class="stat-sub">needs both safe and harmful feedback sequences</div>
       <a class="stat-source" href="https://github.com/IgorGanapolsky/ThumbGate/blob/main/scripts/bayes-optimal-gate.js">source: bayes-optimal-gate.js</a>
     </div>
   </div>
@@ -252,11 +265,11 @@
   <div class="method">
     <p><strong>Where the numbers come from.</strong> This page is regenerated from local scripts — no survey data, no hand-edited figures, no third-party attribution. Every number on this page is produced by code in the public <a href="https://github.com/IgorGanapolsky/ThumbGate">ThumbGate repo</a>.</p>
     <ul>
-      <li><strong>Active checks</strong> — union of shipped default rules and the auto-promotion ledger (auto).</li>
-      <li><strong>Actions blocked/warned</strong> — sum of <code>occurrences</code> across gates with the corresponding action.</li>
-      <li><strong>Hours saved</strong> — conservative 15-minute/incident estimate for debugging a repeated AI mistake × (blocks + warns).</li>
-      <li><strong>Dollars saved</strong> — blended per-call token estimate (2k input + 600 output) × blocks × 2026-04-15 Anthropic + OpenAI list prices. See <code>scripts/token-savings.js</code> for the full price snapshot.</li>
-      <li><strong>Bayes error rate</strong> — irreducible classifier error of the current risk scorer given its feature set. High values mean "add features, don't tune thresholds."</li>
+      <li><strong>Configured checks</strong> — union of shipped default rules and the auto-promotion ledger. This is inventory, not proof that the check fired.</li>
+      <li><strong>Actions blocked/warned</strong> — recorded intervention counts from gate occurrence data. These are the evidence counters.</li>
+      <li><strong>Hours saved</strong> — conservative 15-minute/incident estimate, shown only as a function of recorded block/warn counts.</li>
+      <li><strong>Dollars saved</strong> — blended per-call token estimate (2k input + 600 output) × recorded blocks × 2026-04-15 Anthropic + OpenAI list prices. See <code>scripts/token-savings.js</code> for the full price snapshot.</li>
+      <li><strong>Bayes error rate</strong> — shown only when the feedback sample contains both safe and harmful outcomes. One-class samples are reported as n/a.</li>
     </ul>
     <p style="margin-top:12px;">Last auto-promotion: none. Regenerated on every release via <code>npm run numbers:generate</code> and on a weekly cadence.</p>
   </div>
@@ -264,7 +277,7 @@
   <div class="cta">
     <a href="https://www.npmjs.com/package/thumbgate">Install ThumbGate — npx thumbgate init</a>
     <div class="footer-note">Prefer the raw feed? See <a href="https://github.com/IgorGanapolsky/ThumbGate">GitHub</a> or run <code>npm run gate:stats</code> locally.</div>
-    <div class="footer-note">Generated at 2026-05-06T21:53:14.685Z UTC.</div>
+    <div class="footer-note">Generated at 2026-05-07T14:59:51.816Z UTC.</div>
   </div>
 </main>
 </body>

package/scripts/billing.js

@@ -1149,7 +1149,8 @@ function loadResolvedRevenueEvents(options = {}) {
     const derived = deriveRevenueEventFromPaidProviderEvent(entry);
     if (!derived) continue;
     if (hasRevenueEventMatch(resolved, derived)) continue;
-    resolved.push(derived);
+    const priced = resolveGithubMarketplaceRevenueEntry(derived, { annotate: false }).entry;
+    resolved.push(priced);
   }
 
   return mergeRevenueEvents(resolved, extraRevenueEvents);
@@ -1161,6 +1162,9 @@ function repairGithubMarketplaceRevenueLedger(options = {}) {
   const rows = loadJsonlFile(ledgerPath);
   const resolvedAt = new Date().toISOString();
   const repairs = [];
+
+  // Pass 1: in-place repair of rows already in revenue-events.jsonl that have
+  // unknown amounts but resolvable plan metadata.
   const updatedRows = rows.map((entry) => {
     const result = resolveGithubMarketplaceRevenueEntry(entry, {
       annotate: true,
@@ -1178,21 +1182,76 @@ function repairGithubMarketplaceRevenueLedger(options = {}) {
       currency: normalizeCurrency(result.entry.currency),
       recurringInterval: normalizeText(result.entry.recurringInterval),
       pricingSource: normalizeText(metadata.githubMarketplaceAmountSource),
+      source: 'in_place',
     });
     return result.entry;
   });
 
+  // Pass 2: append rows for funnel-derived paid github_marketplace events that
+  // never landed in the revenue ledger. The webhook handler at handleGithubWebhook
+  // skips appendRevenueEvent when hasRevenueEventMatch is true, so duplicates from
+  // a re-run are already prevented; the only way an order gets here is if the
+  // revenue write was skipped at webhook time (e.g. funnel pre-existed, planPricing
+  // had unknown amount at the time, or the row was created via a different path).
+  const funnelRecords = loadFunnelLedger().filter(
+    (e) =>
+      e &&
+      e.stage === 'paid' &&
+      normalizeText((e.metadata && e.metadata.provider) || e.provider) === 'github_marketplace'
+  );
+
+  for (const funnelEntry of funnelRecords) {
+    const derived = deriveRevenueEventFromPaidProviderEvent(funnelEntry);
+    if (!derived) continue;
+    if (hasRevenueEventMatch(updatedRows, derived)) continue;
+
+    const resolved = resolveGithubMarketplaceRevenueEntry(derived, {
+      annotate: true,
+      resolvedAt,
+    });
+    // Skip funnel-derived rows that still have unknown amounts after resolving —
+    // we don't want to permanently bake amountKnown:false rows when there's no
+    // pricing data to attach. Better to leave them off-disk and keep the
+    // read-time merge in loadResolvedRevenueEvents covering them.
+    if (!resolved.changed || !resolved.entry.amountKnown) continue;
+
+    const persisted = {
+      ...resolved.entry,
+      metadata: {
+        ...sanitizeMetadata(resolved.entry.metadata),
+        recoveredFromFunnelLedger: true,
+        funnelRecordedAt: normalizeText(funnelEntry.timestamp) || null,
+      },
+    };
+    updatedRows.push(persisted);
+
+    const metadata = sanitizeMetadata(persisted.metadata);
+    repairs.push({
+      orderId: normalizeText(persisted.orderId),
+      customerId: normalizeText(persisted.customerId),
+      planId: normalizeText(metadata.planId ?? persisted.planId),
+      amountCents: normalizeInteger(persisted.amountCents),
+      currency: normalizeCurrency(persisted.currency),
+      recurringInterval: normalizeText(persisted.recurringInterval),
+      pricingSource: normalizeText(metadata.githubMarketplaceAmountSource),
+      source: 'funnel_derived',
+    });
+  }
+
   const writeResult = write && repairs.length > 0
     ? writeJsonlRecords(ledgerPath, updatedRows)
-    : { written: false, rowCount: rows.length };
+    : { written: false, rowCount: updatedRows.length };
 
   return {
     ledgerPath,
     write,
     wrote: Boolean(writeResult.written),
     scanned: rows.length,
+    funnelScanned: funnelRecords.length,
     repaired: repairs.length,
-    unchanged: rows.length - repairs.length,
+    repairedInPlace: repairs.filter((r) => r.source === 'in_place').length,
+    repairedFromFunnel: repairs.filter((r) => r.source === 'funnel_derived').length,
+    unchanged: rows.length - repairs.filter((r) => r.source === 'in_place').length,
     repairs,
     writeResult,
   };

package/scripts/gate-stats.js

@@ -43,10 +43,12 @@ function calculateStats() {
     .filter((g) => g.action === 'warn')
     .reduce((sum, g) => sum + (g.occurrences || 0), 0);
 
-  // Top blocked gate
+  // Top blocked gate. A configured block rule with zero occurrences is not a
+  // "top blocker"; only recorded block events should appear here.
   const topBlocked = [...allGates]
+    .filter((g) => g.action === 'block' && Number(g.occurrences || 0) > 0)
     .sort((a, b) => (b.occurrences || 0) - (a.occurrences || 0))
-    .find((g) => g.action === 'block') || null;
+    .at(0) || null;
 
   // Last promotion event
   const lastPromotion = promotionLog.length > 0
@@ -58,11 +60,9 @@ function calculateStats() {
   const estimatedHoursSaved = (estimatedMinutesSaved / 60).toFixed(1);
 
   // Bayes error rate: irreducible error floor of the current scorer given its
-  // feature set (tag signatures). If this is near zero, the scorer is already
-  // close to optimal — threshold tuning won't help, and new features are the
-  // only lever. If this is high, the feature set can't discriminate the signal
-  // and we should add features (file path, recency, commit context) rather
-  // than tune thresholds. Null when no feedback sequences have been recorded.
+  // feature set (tag signatures). It is only meaningful when the local sample
+  // contains both harmful and safe outcomes; an all-negative or all-positive
+  // sample can produce a misleading 0.0% floor.
   const bayesErrorRate = tryComputeBayesErrorRate();
 
   return {
@@ -90,12 +90,33 @@ function tryComputeBayesErrorRate() {
       .filter(Boolean)
       .map((line) => { try { return JSON.parse(line); } catch { return null; } })
       .filter(Boolean);
+    if (!hasMixedOutcomeClasses(rows)) return null;
     return computeBayesErrorRate(rows);
   } catch {
     return null;
   }
 }
 
+function hasMixedOutcomeClasses(rows) {
+  if (!Array.isArray(rows) || rows.length < 2) return false;
+  let harmful = 0;
+  let safe = 0;
+  for (const row of rows) {
+    if (sequenceIsHarmful(row)) harmful += 1;
+    else safe += 1;
+    if (harmful > 0 && safe > 0) return true;
+  }
+  return false;
+}
+
+function sequenceIsHarmful(row) {
+  if (!row || typeof row !== 'object') return false;
+  if (typeof row.targetRisk === 'number') return row.targetRisk > 0;
+  if (typeof row.accepted === 'boolean' && row.accepted === false) return true;
+  const label = String(row.label || row.signal || '').toLowerCase();
+  return label === 'negative';
+}
+
 function formatLastPromotion(promo) {
   if (!promo) return 'none';
   const ts = promo.timestamp ? new Date(promo.timestamp) : null;
@@ -125,7 +146,7 @@ function formatStats(stats) {
 }
 
 function formatBayesErrorRate(rate) {
-  if (rate === null || rate === undefined) return 'n/a (no feedback sequences yet)';
+  if (rate === null || rate === undefined) return 'n/a (need both safe and harmful feedback sequences)';
   const pct = (rate * 100).toFixed(1);
   if (rate < 0.02) return `${pct}% — scorer is near-optimal; add features, don't tune thresholds`;
   if (rate < 0.10) return `${pct}% — scorer has modest headroom`;

package/scripts/rate-limiter.js

@@ -12,28 +12,28 @@ const {
 const USAGE_FILE = path.join(process.env.HOME || '/tmp', '.thumbgate', 'usage-limits.json');
 
 // ──────────────────────────────────────────────────────────
-// NEW: Lifetime caps on free tier — users hit the wall fast
-// and must upgrade to keep using core features.
+// Free tier: generous on captures (habit formation) and rules
+// (5 active gates), gated on Pro-only features (recall, search,
+// exports). Dashboard, exports, and unlimited rules drive Pro.
 // ──────────────────────────────────────────────────────────
 const FREE_TIER_LIMITS = {
-  capture_feedback:   { daily: Infinity, lifetime: 3,  label: 'feedback captures' },
-  prevention_rules:   { daily: Infinity, lifetime: 1,  label: 'prevention rules generated' },
-  recall:             { daily: 0,        lifetime: 0,  label: 'recall queries (Pro only)' },
-  search_lessons:     { daily: 0,        lifetime: 0,  label: 'lesson searches (Pro only)' },
-  search_thumbgate:   { daily: 0,        lifetime: 0,  label: 'ThumbGate searches (Pro only)' },
-  commerce_recall:    { daily: 0,        lifetime: 0,  label: 'commerce recalls (Pro only)' },
-  export_dpo:         { daily: 0,        lifetime: 0,  label: 'DPO exports (Pro only)' },
-  export_databricks:  { daily: 0,        lifetime: 0,  label: 'Databricks exports (Pro only)' },
-  construct_context_pack: { daily: Infinity, lifetime: 3, label: 'context packs' },
+  capture_feedback:   { daily: Infinity, lifetime: Infinity, label: 'feedback captures' },
+  prevention_rules:   { daily: Infinity, lifetime: Infinity, label: 'prevention rules generated' },
+  recall:             { daily: 0,        lifetime: 0,        label: 'recall queries (Pro only)' },
+  search_lessons:     { daily: 0,        lifetime: 0,        label: 'lesson searches (Pro only)' },
+  search_thumbgate:   { daily: 0,        lifetime: 0,        label: 'ThumbGate searches (Pro only)' },
+  commerce_recall:    { daily: 0,        lifetime: 0,        label: 'commerce recalls (Pro only)' },
+  export_dpo:         { daily: 0,        lifetime: 0,        label: 'DPO exports (Pro only)' },
+  export_databricks:  { daily: 0,        lifetime: 0,        label: 'Databricks exports (Pro only)' },
+  construct_context_pack: { daily: Infinity, lifetime: Infinity, label: 'context packs' },
 };
 
-const FREE_TIER_MAX_GATES = 1; // Down from 5 — one auto-promoted gate, then paywall
+const FREE_TIER_MAX_GATES = 5; // 5 active prevention rules on free; Pro is unlimited
 
-const UPGRADE_MESSAGE = `Pro: ${PRO_PRICE_LABEL} — unlimited captures, recall, prevention rules, and dashboard: ${PRO_MONTHLY_PAYMENT_LINK}\n  Team: ${TEAM_PRICE_LABEL} after workflow qualification.`;
+const UPGRADE_MESSAGE = `Pro: ${PRO_PRICE_LABEL} — unlimited rules, recall, lesson search, dashboard, and exports: ${PRO_MONTHLY_PAYMENT_LINK}\n  Team: ${TEAM_PRICE_LABEL} after workflow qualification.`;
 
 const PAYWALL_MESSAGES = {
-  capture_feedback: 'You\'ve used all 3 free feedback captures. Your agent is still making mistakes — upgrade to Pro to capture every one and build real prevention rules.',
-  prevention_rules: 'Free tier includes 1 prevention rule. Your agents need more protection — upgrade to Pro for unlimited rules.',
+  prevention_rules: 'Free tier includes 5 active prevention rules. Promote more or unlock unlimited rules with Pro.',
   recall: 'Recall is a Pro feature. Your past feedback is stored locally — upgrade to search and reuse it.',
   search_lessons: 'Lesson search is a Pro feature. Upgrade to find patterns in your agent\'s mistakes.',
   default: 'This feature requires Pro. Start Pro — card required; billed today.',

package/src/api/server.js

@@ -16,6 +16,8 @@ const POSTHOG_STATIC_PATH_PREFIX = '/static/';
 const FIRST_FAILURE_RULE_CHECKOUT_URL = 'https://buy.stripe.com/4gM6oHgH2bTw4lH6i73sI0z';
 const QUICK_READ_CHECKOUT_URL = 'https://buy.stripe.com/aFa8wPgH29Lo4lH35V3sI0w';
 const WORKFLOW_TEARDOWN_CHECKOUT_URL = 'https://buy.stripe.com/7sYfZhgH29LodWhdKz3sI0v';
+const SPRINT_DIAGNOSTIC_CHECKOUT_URL = 'https://buy.stripe.com/3cI7sLgH25v8dWh5e33sI0o';
+const WORKFLOW_SPRINT_CHECKOUT_URL = 'https://buy.stripe.com/8x25kDcqMaPs9G15e33sI0p';
 
 function getPosthogProxyPath(pathname) {
   return pathname.slice('/ingest'.length) || '/';
@@ -210,6 +212,7 @@ const NUMBERS_PAGE_PATH = path.resolve(__dirname, '../../public/numbers.html');
 const LEARN_DIR = path.resolve(__dirname, '../../public/learn');
 const GUIDES_DIR = path.resolve(__dirname, '../../public/guides');
 const COMPARE_DIR = path.resolve(__dirname, '../../public/compare');
+const USE_CASES_DIR = path.resolve(__dirname, '../../public/use-cases');
 const PUBLIC_DIR = path.resolve(__dirname, '../../public');
 const PUBLIC_ASSETS_DIR = path.resolve(__dirname, '../../public/assets');
 const BUYER_INTENT_SCRIPT_PATH = path.resolve(__dirname, '../../public/js/buyer-intent.js');
@@ -1587,6 +1590,12 @@ function normalizeTrackedLinkSlug(value) {
   return String(value || '').trim().toLowerCase().replace(/[^a-z0-9-]/g, '');
 }
 
+function normalizePublicPageSlug(value) {
+  return String(value || '')
+    .replace(/\.html$/i, '')
+    .replace(/[^a-z0-9-]/g, '');
+}
+
 function getTrackedLinkTarget(slug) {
   const normalizedSlug = normalizeTrackedLinkSlug(slug);
   return TRACKED_LINK_TARGETS[normalizedSlug]
@@ -1939,8 +1948,8 @@ function loadPublicMarketingTemplateHtml(templatePath, runtimeConfig, pageContex
     '__CHECKOUT_FALLBACK_URL__': runtimeConfig.checkoutFallbackUrl,
     '__PRO_PRICE_DOLLARS__': runtimeConfig.proPriceDollars,
     '__PRO_PRICE_LABEL__': runtimeConfig.proPriceLabel,
-    '__SPRINT_DIAGNOSTIC_CHECKOUT_URL__': runtimeConfig.sprintDiagnosticCheckoutUrl || '',
-    '__WORKFLOW_SPRINT_CHECKOUT_URL__': runtimeConfig.workflowSprintCheckoutUrl || '',
+    '__SPRINT_DIAGNOSTIC_CHECKOUT_URL__': runtimeConfig.sprintDiagnosticCheckoutUrl || SPRINT_DIAGNOSTIC_CHECKOUT_URL,
+    '__WORKFLOW_SPRINT_CHECKOUT_URL__': runtimeConfig.workflowSprintCheckoutUrl || WORKFLOW_SPRINT_CHECKOUT_URL,
     '__SPRINT_DIAGNOSTIC_PRICE_DOLLARS__': runtimeConfig.sprintDiagnosticPriceDollars || 499,
     '__WORKFLOW_SPRINT_PRICE_DOLLARS__': runtimeConfig.workflowSprintPriceDollars || 1500,
     '__GA_MEASUREMENT_ID__': runtimeConfig.gaMeasurementId || '',
@@ -4193,6 +4202,15 @@ async function addContext(){
       return;
     }
 
+    if (isGetLikeRequest && pathname === '/lessons/') {
+      res.writeHead(302, {
+        Location: '/lessons',
+        'Cache-Control': 'no-store',
+      });
+      res.end();
+      return;
+    }
+
     if (isGetLikeRequest && pathname === '/lessons') {
       try {
         const html = loadLessonsPageHtml(req, expectedApiKey);
@@ -4245,7 +4263,7 @@ async function addContext(){
       return;
     }
 
-    if (isGetLikeRequest && pathname === '/guide') {
+    if (isGetLikeRequest && (pathname === '/guide' || pathname === '/guide.html')) {
       try {
         const html = fs.readFileSync(GUIDE_PAGE_PATH, 'utf-8');
         sendHtml(res, 200, html, {}, { headOnly: isHeadRequest });
@@ -4255,7 +4273,7 @@ async function addContext(){
       return;
     }
 
-    if (isGetLikeRequest && pathname === '/codex-plugin') {
+    if (isGetLikeRequest && (pathname === '/codex-plugin' || pathname === '/codex-plugin.html')) {
       try {
         const html = fs.readFileSync(CODEX_PLUGIN_PAGE_PATH, 'utf-8');
         sendHtml(res, 200, html, {}, { headOnly: isHeadRequest });
@@ -4265,7 +4283,7 @@ async function addContext(){
       return;
     }
 
-    if (isGetLikeRequest && pathname === '/compare') {
+    if (isGetLikeRequest && (pathname === '/compare' || pathname === '/compare.html')) {
       try {
         const html = fs.readFileSync(COMPARE_PAGE_PATH, 'utf-8');
         sendHtml(res, 200, html, {}, { headOnly: isHeadRequest });
@@ -4275,7 +4293,7 @@ async function addContext(){
       return;
     }
 
-    if (isGetLikeRequest && pathname === '/blog') {
+    if (isGetLikeRequest && (pathname === '/blog' || pathname === '/blog.html')) {
       try {
         const blogPath = path.resolve(__dirname, '../../public/blog.html');
         const html = fs.readFileSync(blogPath, 'utf-8');
@@ -4286,7 +4304,7 @@ async function addContext(){
       return;
     }
 
-    if (isGetLikeRequest && pathname === '/learn') {
+    if (isGetLikeRequest && (pathname === '/learn' || pathname === '/learn.html')) {
       try {
         const html = fs.readFileSync(LEARN_PAGE_PATH, 'utf-8');
         sendHtml(res, 200, html, {}, { headOnly: isHeadRequest });
@@ -4296,6 +4314,24 @@ async function addContext(){
       return;
     }
 
+    if (isGetLikeRequest && (pathname === '/guides' || pathname === '/guides/' || pathname === '/guides.html')) {
+      res.writeHead(302, {
+        Location: '/learn',
+        'Cache-Control': 'no-store',
+      });
+      res.end();
+      return;
+    }
+
+    if (isGetLikeRequest && (pathname === '/services' || pathname === '/services.html')) {
+      res.writeHead(302, {
+        Location: '/#workflow-sprint-intake',
+        'Cache-Control': 'no-store',
+      });
+      res.end();
+      return;
+    }
+
     if (isGetLikeRequest && (pathname === '/numbers' || pathname === '/numbers.html')) {
       // Route through servePublicMarketingPage so landing_page_view telemetry
       // + funnel-events.jsonl `discovery/landing_view` get captured with UTM
@@ -4331,7 +4367,7 @@ async function addContext(){
 
     if (isGetLikeRequest && pathname.startsWith('/learn/')) {
       try {
-        const slug = pathname.replace('/learn/', '').replace(/[^a-z0-9-]/g, '');
+        const slug = normalizePublicPageSlug(pathname.replace('/learn/', ''));
         const articlePath = path.join(LEARN_DIR, `${slug}.html`);
         if (!articlePath.startsWith(LEARN_DIR)) {
           sendJson(res, 403, { error: 'Forbidden' });
@@ -4347,7 +4383,7 @@ async function addContext(){
 
     if (isGetLikeRequest && pathname.startsWith('/guides/')) {
       try {
-        const slug = pathname.replace('/guides/', '').replace(/[^a-z0-9-]/g, '');
+        const slug = normalizePublicPageSlug(pathname.replace('/guides/', ''));
         const guidePath = path.join(GUIDES_DIR, `${slug}.html`);
         if (!guidePath.startsWith(GUIDES_DIR)) { sendJson(res, 403, { error: 'Forbidden' }); return; }
         const html = fs.readFileSync(guidePath, 'utf-8');
@@ -4358,7 +4394,7 @@ async function addContext(){
 
     if (isGetLikeRequest && pathname.startsWith('/compare/') && pathname !== '/compare') {
       try {
-        const slug = pathname.replace('/compare/', '').replace(/[^a-z0-9-]/g, '');
+        const slug = normalizePublicPageSlug(pathname.replace('/compare/', ''));
         const comparePath = path.join(COMPARE_DIR, `${slug}.html`);
         if (!comparePath.startsWith(COMPARE_DIR)) { sendJson(res, 403, { error: 'Forbidden' }); return; }
         const html = fs.readFileSync(comparePath, 'utf-8');
@@ -4367,6 +4403,17 @@ async function addContext(){
       return;
     }
 
+    if (isGetLikeRequest && pathname.startsWith('/use-cases/')) {
+      try {
+        const slug = normalizePublicPageSlug(pathname.replace('/use-cases/', ''));
+        const useCasePath = path.join(USE_CASES_DIR, `${slug}.html`);
+        if (!useCasePath.startsWith(USE_CASES_DIR)) { sendJson(res, 403, { error: 'Forbidden' }); return; }
+        const html = fs.readFileSync(useCasePath, 'utf-8');
+        sendHtml(res, 200, html, {}, { headOnly: isHeadRequest });
+      } catch { sendJson(res, 404, { error: 'Use case not found' }); }
+      return;
+    }
+
     if (isGetLikeRequest && pathname.startsWith('/assets/')) {
       const rel = pathname.slice('/assets/'.length);
       const resolved = path.resolve(PUBLIC_ASSETS_DIR, rel);
@@ -4500,24 +4547,28 @@ async function addContext(){
           ctaPlacement: 'checkout_interstitial',
           planId: 'workflow_teardown',
         });
-        const diagnosticCheckoutHref = hostedConfig.sprintDiagnosticCheckoutUrl
-          ? buildCheckoutIntentHref(hostedConfig.sprintDiagnosticCheckoutUrl, analyticsMetadata, {
+        const diagnosticCheckoutHref = buildCheckoutIntentHref(
+          hostedConfig.sprintDiagnosticCheckoutUrl || SPRINT_DIAGNOSTIC_CHECKOUT_URL,
+          analyticsMetadata,
+          {
             utmMedium: 'checkout_interstitial_paid_path',
             utmCampaign: analyticsMetadata.utmCampaign || 'checkout_interstitial_diagnostic',
             ctaId: 'checkout_interstitial_sprint_diagnostic_checkout',
             ctaPlacement: 'checkout_interstitial',
             planId: 'sprint_diagnostic',
-          })
-          : '';
-        const sprintCheckoutHref = hostedConfig.workflowSprintCheckoutUrl
-          ? buildCheckoutIntentHref(hostedConfig.workflowSprintCheckoutUrl, analyticsMetadata, {
+          }
+        );
+        const sprintCheckoutHref = buildCheckoutIntentHref(
+          hostedConfig.workflowSprintCheckoutUrl || WORKFLOW_SPRINT_CHECKOUT_URL,
+          analyticsMetadata,
+          {
             utmMedium: 'checkout_interstitial_paid_path',
             utmCampaign: analyticsMetadata.utmCampaign || 'checkout_interstitial_workflow_sprint',
             ctaId: 'checkout_interstitial_workflow_sprint_checkout',
             ctaPlacement: 'checkout_interstitial',
             planId: 'workflow_sprint',
-          })
-          : '';
+          }
+        );
         const html = renderCheckoutIntentPage({
           confirmHref: buildCheckoutConfirmHref(parsed),
           firstRuleCheckoutHref,