Doctor sync issues (#231)

* feat: enhance bd doctor sync detection with count and prefix mismatch checks

Improves bd doctor to detect actual database-JSONL sync issues instead of relying only on file modification times:

Key improvements:
1. Count detection: Reports when database issue count differs from JSONL (e.g., "Count mismatch: database has 0 issues, JSONL has 61")
2. Prefix detection: Identifies prefix mismatches when majority of JSONL issues use different prefix than database config
3. Error handling: Returns errors from helper functions instead of silent failures, distinguishing "can't open DB" from "counts differ"
4. Query optimization: Single database connection for all checks (reduced from 3 opens to 1)
5. Better error reporting: Shows actual error details when database or JSONL can't be read

This addresses the core issue where bd doctor would incorrectly report "Database and JSONL are in sync" when the database was empty but JSONL contained issues (as happened in privacy2 project).

Tests:
- Added TestCountJSONLIssuesWithMalformedLines to verify malformed JSON handling
- Existing doctor tests still pass
- countJSONLIssues now returns error to indicate parsing issues

🤖 Generated with Claude Code

Co-Authored-By: Claude <noreply@anthropic.com>

* fix: correct git hooks installation instructions in bd doctor

The original message referenced './examples/git-hooks/install.sh' which doesn't exist in user projects. This fix changes the message to point to the actual location in the beads GitHub repository:

Before: "Run './examples/git-hooks/install.sh' to install recommended git hooks"
After: "See https://github.com/steveyegge/beads/tree/main/examples/git-hooks for installation instructions"

This works for any project using bd, not just the beads repository itself.

🤖 Generated with Claude Code

Co-Authored-By: Claude <noreply@anthropic.com>

* feat: add recovery suggestions when database fails but JSONL has issues

When bd doctor detects that the database cannot be opened/queried but the JSONL file contains issues, it now suggests the recovery command:

  Fix: Run 'bd import -i issues.jsonl --rename-on-import' to recover issues from JSONL

This addresses the case where:
- Database is corrupted or inaccessible
- JSONL has all the issues backed up
- User needs a clear path to recover

The check now:
1. Reads JSONL first (doesn't depend on database)
2. If database fails but JSONL has issues, suggests recovery command
3. If database can be queried, continues with sync checks as before

Tested on privacy2 project which has 61 issues in JSONL but inaccessible database.

🤖 Generated with Claude Code

Co-Authored-By: Claude <noreply@anthropic.com>

* fix: support hash-based issue IDs in import rename

The import --rename-on-import flag was rejecting valid issue IDs with
hash-based suffixes (e.g., privacy-09ea) because the validation only
accepted numeric suffixes. Beads now generates and accepts base36-encoded
hash IDs, so update the validation to match.

Changes:
- Update isNumeric() to accept base36 characters (0-9, a-z)
- Update tests to reflect hash-based ID support
- Add gosec nolint comment for safe file path construction

Fixes the error: "cannot rename issue privacy-09ea: non-numeric suffix '09ea'"

---------

Co-authored-by: Claude <noreply@anthropic.com>

internal/importer/importer_test.go

@@ -398,14 +398,18 @@ func TestRenameImportedIssuePrefixes(t *testing.T) {
 		}
 	})
 
-	t.Run("error on non-numeric suffix", func(t *testing.T) {
+	t.Run("hash-based suffix rename", func(t *testing.T) {
+		// Hash-based IDs (base36) are now valid and should be renamed
 		issues := []*types.Issue{
-			{ID: "old-abc", Title: "Invalid"},
+			{ID: "old-a3f8", Title: "Hash suffix issue"},
 		}
 
 		err := RenameImportedIssuePrefixes(issues, "new")
-		if err == nil {
-			t.Error("Expected error for non-numeric suffix")
+		if err != nil {
+			t.Errorf("Unexpected error for hash-based suffix: %v", err)
+		}
+		if issues[0].ID != "new-a3f8" {
+			t.Errorf("Expected ID 'new-a3f8', got %q", issues[0].ID)
 		}
 	})
 
@@ -522,13 +526,20 @@ func TestIsNumeric(t *testing.T) {
 		s    string
 		want bool
 	}{
+		// Numeric suffixes (traditional)
 		{"123", true},
 		{"0", true},
 		{"999", true},
-		{"abc", false},
-		{"12a", false},
-		{"", true}, // Empty string returns true (edge case in implementation)
-		{"1.5", false},
+		// Hash-based suffixes (base36: 0-9, a-z)
+		{"a3f8e9", true},
+		{"09ea", true},
+		{"abc123", true},
+		{"zzz", true},
+		// Invalid suffixes
+		{"", false},      // Empty string now returns false
+		{"1.5", false},   // Non-base36 characters
+		{"A3F8", false},  // Uppercase not allowed
+		{"@#$!", false},  // Special characters not allowed
 	}
 
 	for _, tt := range tests {

internal/importer/utils.go

@@ -271,8 +271,12 @@ func isBoundary(c byte) bool {
 }
 
 func isNumeric(s string) bool {
+	if len(s) == 0 {
+		return false
+	}
+	// Accept base36 characters (0-9, a-z) for hash-based suffixes
 	for _, c := range s {
-		if c < '0' || c > '9' {
+		if !((c >= '0' && c <= '9') || (c >= 'a' && c <= 'z')) {
 			return false
 		}
 	}