refactor!: rename project to bot-bottle

Assisted-by: Codex

docs/prds/0006-pipelock-tls-interception.md

@@ -75,7 +75,7 @@ The feature is **done** when all of the following ship:
   sidecar (read-only) so the running pipelock can read its CA.
 - `BottleBackend.provision_ca` (new) copies the CA public cert
   into the agent at
-  `/usr/local/share/ca-certificates/claude-bottle-mitm.crt`, runs
+  `/usr/local/share/ca-certificates/bot-bottle-mitm.crt`, runs
   `update-ca-certificates`, and sets the `NODE_EXTRA_CA_CERTS` /
   `SSL_CERT_FILE` / `REQUESTS_CA_BUNDLE` env trio on the agent
   container's runtime env. Default no-op on the abstract base so
@@ -122,14 +122,14 @@ The feature is **done** when all of the following ship:
 
 ### In scope
 
-- **`claude_bottle/pipelock.py`** changes:
+- **`bot_bottle/pipelock.py`** changes:
   - Extend `pipelock_build_config` to include
     `tls_interception: { enabled: true, ca_cert: <path>, ca_key:
     <path> }`. Paths are populated from the plan; the function's
     signature grows a `cert_path` / `key_path` pair or reads them
     off `Bottle` once they're stored.
   - Extend `pipelock_render_yaml` to emit the new block.
-- **`claude_bottle/backend/docker/pipelock.py`** changes:
+- **`bot_bottle/backend/docker/pipelock.py`** changes:
   - New helper `pipelock_tls_init(stage_dir)` runs the upstream
     image as a one-shot:
     `docker run --rm -v <stage>:/h -e PIPELOCK_HOME=/h pipelock tls init`,
@@ -143,31 +143,31 @@ The feature is **done** when all of the following ship:
     config. If pipelock's image runs as non-root, a `docker exec
     -u 0 chown pipelock:pipelock /etc/pipelock/ca*.pem` lands
     between the `cp` and the `start`.
-- **`claude_bottle/backend/__init__.py`**: new abstract method
+- **`bot_bottle/backend/__init__.py`**: new abstract method
   `provision_ca(plan, target)` on `BottleBackend`, default no-op.
   `BottleBackend.provision` orchestrates `ca → prompt → skills →
   ssh → git`.
-- **`claude_bottle/backend/docker/provision/ca.py`** (new):
+- **`bot_bottle/backend/docker/provision/ca.py`** (new):
   - Reads the cert from `stage_dir` (already written by prepare).
   - `docker cp` into the agent.
   - `docker exec -u 0 ... chmod 644 ...` + `update-ca-certificates`.
   - Computes the SHA-256 fingerprint with stdlib (`ssl` +
     `hashlib`), emits one stderr log line.
-- **`claude_bottle/backend/docker/launch.py`**:
+- **`bot_bottle/backend/docker/launch.py`**:
   - Three new `-e` flags on the agent's `docker run`:
-    `NODE_EXTRA_CA_CERTS=/usr/local/share/ca-certificates/claude-bottle-mitm.crt`,
+    `NODE_EXTRA_CA_CERTS=/usr/local/share/ca-certificates/bot-bottle-mitm.crt`,
     `SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt`,
     `REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt`.
   - `HTTPS_PROXY` / `HTTP_PROXY` continue to point at pipelock
     (unchanged from PRD 0001 — the mitmproxy detour in PR #8 is
     abandoned).
-- **`claude_bottle/backend/docker/bottle_plan.py`**:
+- **`bot_bottle/backend/docker/bottle_plan.py`**:
   - One new `info(...)` line in `print()` noting TLS interception
     is on.
   - `to_dict()` gains an `egress.tls_interception: { enabled:
     true, ca_fingerprint: null }` block. Reserved for future
     population.
-- **`claude_bottle/backend/docker/prepare.py`**: call
+- **`bot_bottle/backend/docker/prepare.py`**: call
   `pipelock_tls_init(stage_dir)` and write the resolved cert/key
   paths onto the plan (either on the existing `proxy_plan` field
   or on the parent `DockerBottlePlan`).
@@ -221,7 +221,7 @@ generated at prepare time.
   the one-shot generation step. The rendered YAML references
   the in-container paths.
 - **Bottle install.** `provision_ca` (Docker impl) does
-  `docker cp <stage>/ca.pem agent:/usr/local/share/ca-certificates/claude-bottle-mitm.crt`,
+  `docker cp <stage>/ca.pem agent:/usr/local/share/ca-certificates/bot-bottle-mitm.crt`,
   then `update-ca-certificates`. The CA env trio is set at
   `docker run -e` time (Docker propagates run-time env into
   `docker exec`).
@@ -235,7 +235,7 @@ generated at prepare time.
   `stage_dir`. CA dies with both, in that order, so the sidecar
   is never reading a deleted mount on shutdown.
 - **Fingerprint.** Computed via stdlib in `provision_ca` and
-  logged once to stderr (`claude-bottle: mitm ca fingerprint:
+  logged once to stderr (`bot-bottle: mitm ca fingerprint:
   sha256:<hex>…`). The private key never appears in any log.
 
 ### Data model changes
@@ -248,18 +248,18 @@ always null at dry-run because the CA doesn't exist yet.
 
 Surgical, all on the existing pipelock path:
 
-- `claude_bottle/pipelock.py` — config builder + YAML renderer.
-- `claude_bottle/backend/__init__.py` — abstract `provision_ca`.
-- `claude_bottle/backend/docker/pipelock.py` — `tls init` helper,
+- `bot_bottle/pipelock.py` — config builder + YAML renderer.
+- `bot_bottle/backend/__init__.py` — abstract `provision_ca`.
+- `bot_bottle/backend/docker/pipelock.py` — `tls init` helper,
   sidecar volume mount.
-- `claude_bottle/backend/docker/prepare.py` — CA paths on plan.
-- `claude_bottle/backend/docker/launch.py` — CA env trio on agent.
-- `claude_bottle/backend/docker/backend.py` — `provision_ca`
+- `bot_bottle/backend/docker/prepare.py` — CA paths on plan.
+- `bot_bottle/backend/docker/launch.py` — CA env trio on agent.
+- `bot_bottle/backend/docker/backend.py` — `provision_ca`
   dispatch + thread `self._proxy` through prepare/launch unchanged
   shape.
-- `claude_bottle/backend/docker/bottle_plan.py` — preflight
+- `bot_bottle/backend/docker/bottle_plan.py` — preflight
   rendering.
-- `claude_bottle/backend/docker/provision/ca.py` (new).
+- `bot_bottle/backend/docker/provision/ca.py` (new).
 
 Net diff is meaningfully smaller than PR #8 because pipelock
 already does the work — no addon, no second sidecar, no second