# lookup.tsv.universal — routing data, not prose
# Format: key<TAB>man-page<TAB>replaces
# Each row points to a primitive documented in a man page: kernel, POSIX,
# bash builtin, or single-binary userland tool that ships as one file.
# The man page is the documentation that outlived the wrappers. This file is routing.
# Reflexes, tiers, authority, failure modes, and fork structure live elsewhere:
# governance.conf.universal (authority) and subtract.7 (frame).

# === cryptography, signing, identity ===
sign	ssh-keygen(1)	PKI-as-a-service, commit signing as a GitHub feature, DocuSign
verify	ssh-keygen(1)	signature verification SaaS, JWT libraries
key.vault	ssh-agent(1)	every credential vault product
sign.clear	gpg(1)	signed-release infrastructure, package authenticity services
crypto.misc	openssl(1)	half of every security SaaS
random	urandom(4)	secure random libraries in every language
encrypt.file	age(1)	PGP for file encryption when key model is too heavy
host.trust	ssh_known_hosts(5)	certificate authority products for small networks
namespace.sign	ssh-keygen(1)	domain isolation for signatures, replaces JWT audience

# === scheduling, time ===
schedule.recurring	cron(8)	every scheduled job SaaS, reminders products, cloud schedulers
schedule.once	at(1)	run-this-once-later features in every task manager
schedule.darwin	launchd(8)	process managers, keep-alive daemons, relaunch-on-failure
schedule.systemd	systemd.timer(5)	cron when journald integration and dependency graphs are needed
watchdog	timeout(1)	watchdog services for "kill this if it runs longer than X"
poll	sleep(1)	polling frameworks
dashboard.terminal	watch(1)	dashboard refresh mechanisms

# === file watching, events ===
watch.linux	inotifywait(1)	webhook infrastructure for local filesystem events
watch.cross	fswatch(1)	file-sync triggers in build tools
watch.bsd	kqueue(2)	polling loop in most watcher libraries
audit.fs	fanotify(7)	file integrity monitoring security products
audit.sys	auditd(8)	file integrity monitoring products

# === IPC, messaging ===
queue	mkfifo(1)	Redis-as-message-queue for single-machine producer/consumer
socket.local	unix(7)	localhost TCP sockets and most microservice meshes on a single box
control.plane	signal(7)	"control plane" APIs for long-running daemons
ipc.sysv	msgget(2)	shared-memory SDKs
ipc.desktop	dbus(1)	inter-process RPC frameworks on Linux desktops
tunnel	socat(1)	tunnel or protocol-bridge products

# === file sync, transfer ===
sync	rsync(1)	Dropbox, iCloud Drive, Google Drive for cases where you own both ends
backup.snap	rsync(1)	Time Machine, Backblaze, most incremental backup SaaS
transfer	scp(1)	secure file transfer products when you already have SSH
sync.bi	unison(1)	bidirectional sync services
cloud.fs	rclone(1)	cloud-sync SDKs when you just want a filesystem view

# === databases, storage ===
db	sqlite3(1)	Postgres for every project with one writer
kv	gdbm(3)	Redis for key-value needs that don't cross processes
doc.store	db(3)	embedded document stores
lock.row	fcntl(2)	row-level locking frameworks for flat-file databases
mail.store	maildir(5)	inbox database for mail-adjacent structured storage

# === build, workflow orchestration ===
orchestrate	make(1)	Jenkins, Airflow, GitHub Actions, every DAG workflow tool
build.fast	ninja(1)	make when make is too slow
etl	awk(1)	ETL frameworks for single-pass pipelines
pipeline	bash(1)	orchestration layers for linear workflows (set -e, set -o pipefail)

# === text processing ===
json	jq(1)	most JSON-processing libraries, half of Postman
tabular	awk(1)	pandas for any tabular data that isn't numerical
replace	sed(1)	every find-and-replace-across-files tool
search	grep(1)	full-text search SaaS for local corpora
columns	cut(1)	SQL when you just have TSVs
join.rel	join(1)	relational joins on sorted files
dedupe	sort(1)	deduplication tools
set.ops	comm(1)	set operations on sorted files
translate	tr(1)	character-level transformation libraries
xml	xmlstarlet(1)	XML libraries for XPath cases
format.cols	column(1)	tabular output formatters
wrap	fmt(1)	text-wrapping utilities

# === auth, identity ===
lookup.user	getent(1)	SDK for every auth provider when you need a lookup
sudo	sudoers(5)	privileged access management SaaS
kerberos	kinit(1)	SAML/OIDC for cases where you control the realm
ssh.grant	authorized_keys(5)	user provisioning systems for SSH
passwd	passwd(5)	user directory products for one machine

# === locking ===
lock.file	flock(1)	distributed locking libraries for single-machine problems
lock.adv	lockf(3)	advisory locking abstractions
lock.mkdir	mkdir(1)	atomic lock when filesystem is shared

# === introspection, monitoring ===
proc	proc(5)	every process introspection library and half of APM
sys	sysfs(5)	hardware monitoring SDKs
ps	ps(1)	process dashboard products
lsof	lsof(8)	"what's holding this file" troubleshooting
strace	strace(1)	syscall tracing SaaS
perf	perf(1)	performance monitoring dashboards
dmesg	dmesg(1)	kernel log aggregation
log	journalctl(1)	log aggregation services on systemd hosts

# === network ===
nc	nc(1)	TCP/IP swiss army knife products
listen	ss(8)	netstat and most "what's listening" dashboards
ifcfg	ip(8)	ifconfig/route and network configuration SDKs
pcap	tcpdump(8)	packet capture services
dns	dig(1)	DNS lookup libraries
diag.net	mtr(8)	traceroute + ping + "network diagnostics" tools
http	curl(1)	half of every HTTP client library
firewall	nftables(8)	firewall-as-a-service for local filtering

# === archive, compression ===
archive	tar(1)	directory-packing abstractions
archive.alt	cpio(1)	tar when you need different semantics
block.copy	dd(1)	disk imaging tools for raw block copy
compress	zstd(1)	compression SDKs
split	split(1)	"chunk this file" utilities

# === terminal multiplex ===
session.persist	tmux(1)	cloud IDE session persistence
daemonize	nohup(1)	daemonization libraries
background	bash(1)	thread-pool abstractions for shell workflows

# === process supervision ===
supervise	systemd(1)	every process supervisor SaaS on Linux
supervise.alt	runit(8)	systemd when systemd is too much
daemon	daemon(3)	daemonization libraries in every language
env.inject	envdir(8)	environment-injection frameworks

# === terminal control ===
tty	stty(1)	terminal configuration libraries
term.caps	tput(1)	ANSI escape code libraries
term.info	terminfo(5)	"what can this terminal do" detection
readline	readline(3)	input-editing libraries
expect	expect(1)	"automate this interactive tool" SDKs

# === env, config ===
env	env(1)	environment variable management libraries
env.dir	direnv(1)	per-project env loading frameworks
login.env	profile(5)	config management for login-time state
config	hier(7)	configuration management when files are enough

# === diff, patch, sync ===
diff	diff(1)	"apply a change" frameworks
diff.three	diff3(1)	three-way merge libraries
cmp	cmp(1)	"are these files identical" checks
history	git(1)	versioned storage products when you just need history
patch	patch(1)	patch-application libraries

# === hashing ===
hash	sha256sum(1)	content-hashing libraries
hash.md5	md5sum(1)	content-hashing libraries (legacy)

# === backup ===
backup.fs	zfs(8)	snapshot services at the filesystem layer
backup.dedup	restic(1)	cloud backup services when you own the destination
backup.append	tar(1)	archival products for append-only history

# === filesystem ===
overlay	overlayfs(5)	layered filesystem abstractions
fuse	fuse(4)	kernel modules for custom filesystems
fs.layout	hier(7)	"where does this go" conventions
tmp.ram	tmpfs(5)	in-memory temporary state

# === file inspection ===
stat	stat(1)	"what is this file" libraries
which	which(1)	"where is this command" resolvers
link	ln(1)	symlink abstractions

# === isolation, sandboxing ===
chroot	chroot(2)	container tools for filesystem isolation
namespace	unshare(1)	Docker for process-level isolation without the daemon
exec.ns	nsenter(1)	"exec into this container" tooling
seccomp	seccomp(2)	syscall filtering SDKs
rlimit	ulimit(1)	resource-control frameworks

# === mail ===
mail.local	mail(1)	local notification products
smtp	msmtp(1)	SMTP libraries for send-only cases
mail.filter	procmail(1)	inbox rules products
mail.box	mbox(5)	email database for cases where you just want files
notify	mail(1)	notification-as-a-service for local events

# === documentation ===
doc	man(1)	documentation discovery layer
info	info(1)	reference manuals for GNU utilities
find.tool	apropos(1)	"how do I find the tool for this" searches
help	bash(1)	shell reference sites (help is a bash builtin)

# === binary analysis ===
filetype	file(1)	"what kind of file is this" libraries
hex	xxd(1)	binary viewers
strings	strings(1)	"extract text from binary" utilities
objdump	objdump(1)	binary analysis SDKs
symbols	nm(1)	binary analysis SDKs
elf	readelf(1)	binary analysis SDKs

# === shell extension ===
cnf	bash(1)	command_not_found_handle dispatch (the foundation subtract was built on)
prompt.hook	bash(1)	PROMPT_COMMAND session state tracking
cleanup	trap(1)	signal-handling SDKs and cleanup-on-exit libraries
coprocess	bash(1)	coproc bidirectional pipe to a subprocess abstractions

# === date, time ===
date	date(1)	date-parsing libraries
cal	cal(1)	calendar widgets for command-line use
ntp	chrony(1)	time-sync services

# === finding ===
find	find(1)	file-finding frameworks
find.fast	locate(1)	file-finding frameworks (indexed)

# === parallelism ===
parallel	xargs(1)	Celery and parallel-execution frameworks