max / makenotwork

• Remove now-dead KNOWN_PREAUTH_CSRF_GAPS const

  Max Johnson 2026-06-15 21:10 3d33f5b

• Close CHRONIC A': posture-independent CSRF origin gate + drop pre-auth skip

  Max Johnson 2026-06-15 20:39 c33c72d

• Add whole-router CSRF coverage manifest + tracker tests

  Max Johnson 2026-06-15 20:22 02b0274