Prepare v1.7.1 release

v1.7.0: Non-destructive profile install + release checksums

OPE-110 / GitHub #7: Profile as guarded snippet
- Install shellfix as separate shellfix_profile.ps1 snippet file
- Inject guarded dot-source block (# >>> shellfix >>>) into user profile
- Idempotent reinstall: detect existing block, replace in place
- Full -Uninstall: remove block, delete snippet, remove shim, restore shortcuts

OPE-113 / GitHub #10: Release checksums and trust documentation
- Release workflow generates checksums.txt with SHA256 hashes
- SECURITY.md: trust model, PATH-shadowing risk, verification steps
- README: checksum verification and uninstall instructions

Add v1.6.0 changelog entry

Polish: badges, quick start, release workflow, updated CONTRIBUTING

- README: CI/license/.NET/platform badges, Quick Start block at top
- New .github/workflows/release.yml: self-contained exe + GitHub Release on tag
- CONTRIBUTING: updated project structure with all current files
- Preparing for v1.5.2 tagged release

v1.5.1: BOM stripping + UTF-8 input encoding fix

- Set Console.InputEncoding to UTF-8 no BOM in RunInteractiveProxy so that
  BOM bytes (EF BB BF) from IDE stdin are decoded as a single U+FEFF character
  instead of 3 separate CP437 characters
- TrimStart('\uFEFF') on each stdin line before RewriteForProxy() so BOM
  doesn't prevent WSL command detection
- Added test-replay.ps1: 10-test suite replaying exact failure patterns from
  real IDE agent sessions (python for-loops, [print()] brackets, sed+&&,
  open() nested parens, f-strings, heredocs, slices, nested quotes)
- test-replay uses UTF-8 no-BOM StreamWriter for stdin to avoid harness
  injecting its own BOM

Test results: test-proxy.ps1 16/16, test-replay.ps1 9/10 (heredoc multi-line
is inherently incompatible with --% single-line stop-parsing, by design)

v1.5.0: Session proxy mode — real fix for IDE in-session commands

v1.4.0 only handled one-shot -Command invocations, which IDE agents
don't use. The agent sends commands via stdin into a persistent PS
session (terminal.sendText()), so the shim must proxy stdin.

New: RunInteractiveProxy() spawns real powershell.exe, reads each
stdin line, and rewrites WSL commands containing PS 5.1-problematic
tokens (&&, ||, [N:-N], nested bash quotes) by injecting the --%
stop-parsing token after wsl.exe.

Pure PS commands pass through unchanged. The proxy only rewrites
lines that start with wsl/wsl.exe and match HasProblematicTokens().

Test suite: 16/16 pass via Process.Start + stdin injection
(simulates exact IDE behavior).

Fixes #1, fixes #2, fixes #3

v1.4.0: Raw command line extraction — fixes #1, #2, #3, #4

- Extract -Command payload from Environment.CommandLine instead of args[]
- Tokens like &&, [1:-1], nested quotes bypass PS parser entirely
- WSL-prefix commands (wsl -d ... -- bash -c) pass through directly
- ParseCommandArgs() for quote-aware argument parsing
- Added Known Interactions section to README (issue #4)
- 4 new regression test cases

Closes #1, closes #2, closes #3, closes #4

v1.3.0: Tier 2 - BOM-safe writes, LongPaths, shell integration compat

Three new defenses completing the community pain point fixes:

1. BOM-safe file writing: PSDefaultParameterValues forces UTF-8
   for Set-Content, Out-File, Add-Content. New Write-Utf8NoBom
   helper for truly BOM-free writes via .NET. Prevents UTF-16LE
   null-byte corruption in JSON/YAML/config files.

2. Long path support: installer checks and enables Windows
   LongPathsEnabled registry key (HKLM FileSystem). Fixes
   'path too long' errors with deep node_modules trees.

3. Shell integration compat: profile detects VS Code via
   TERM_PROGRAM and avoids redefining prompt function. Prevents
   infinite loops and hangs from conflicting prompt injection.

Test suite: 39 -> 44 tests (5 new for Tier 2 features)

v1.2.0: Update README, CHANGELOG for Tier 1 features

v1.1.0: Three-class defense - README, CHANGELOG, tests, docs

Complete overhaul reflecting the three failure classes:
  1. Bash commands mangled by PS (shim routes to WSL)
  2. Complex PS quoting (shim uses -File fallback)
  3. NativeCommandError stderr (profile wraps native tools)

- README rewritten with three-class architecture
- CHANGELOG updated with v1.1.0 section
- CONTRIBUTING updated with per-class contribution guide
- test.ps1 rewritten: 34 tests across all three classes
  Uses runtime string construction to embed bash syntax
  without tripping PS 5.1 parser (meta-irony: the test file
  itself must avoid the problems shellfix solves)