Prepare CodeClone 2.0.2 release

[orenlab]

Summary

Prepare CodeClone 2.0.2 as a focused patch release for dead-code reachability precision, VS Code extension metadata, README link behavior, and release documentation.

Changes

• Refine dead-code reachability to reduce false positives for framework/runtime patterns, public exports, and guarded dynamic dispatch.
• Exclude node_modules from default Python scanning.
• Add a one-time interactive CLI migration note for users upgrading trusted baselines from 2.0.1 to 2.0.2.
• Fix HTML PyCharm/IntelliJ source links so line navigation is preserved.
• Fix README package badge links.
• Record VS Code extension 0.2.7 metadata for the Marketplace build with Coverage Join hotspot support.
• Update release docs, changelog, schema examples, and lockfile.

Validation

• uv run pre-commit run --all-files
• uv run pytest --cov=codeclone --cov-report=term-missing --cov-fail-under=99 --cov-report=xml
• uv run --with mkdocs --with mkdocs-material mkdocs build --strict
• MCP tool smoke/gates
• Python package build + twine check
• clean venv install smoke, including codeclone[mcp]
• VS Code extension checks/tests/package
• Claude Desktop bundle checks/tests/package

[github-actions]

CodeClone Review

✅ Passed · Health 90/100 (A) · Baseline ok · Cache miss · CodeClone 2.0.2

Review snapshot

Area	Signal	Review note
Clones	0 total, 0 new, 0 known	no new clone debt reported
Quality	CC max 20, CBO max 8, LCOM4 max 3, overloaded 11	structural metric snapshot
Dependencies	avg 4.0, p95 12, max 16, cycles 0	acyclic
Coverage Join	not joined	no coverage.xml facts in this report
Security Surfaces	59 surfaces, 4 categories, 29 production	report-only boundary inventory
API Surface	2254 symbols, 217 modules	0 breaking, 0 added
Dead code	0 high-confidence, 1 suppressed	clean

Review focus

• Treat 29 production security surface(s) as review-first boundary code when touched.
• Review 11 overloaded module candidate(s) when they intersect this PR.

_{Security Surfaces are report-only capability inventory, not vulnerability claims. Generated by CodeClone}