@ai-dossier/cli 0.4.1 → 0.5.0

package/README.md

@@ -36,8 +36,8 @@ cd cli
 npm link  # Links the CLI globally for development
 
 # Or use directly
-chmod +x bin/dossier-verify
-./bin/dossier-verify <file-or-url>
+chmod +x bin/ai-dossier
+./bin/ai-dossier verify <file-or-url>
 ```
 
 ---
@@ -74,10 +74,10 @@ Commands that require confirmation (`publish`, `remove`, `cache clean`) will fai
 
 ```bash
 # Verify local file
-dossier-verify path/to/dossier.ds.md
+ai-dossier verify path/to/dossier.ds.md
 
 # Verify remote dossier
-dossier-verify https://example.com/dossier.ds.md
+ai-dossier verify https://example.com/dossier.ds.md
 ```
 
 **Exit codes**:
@@ -88,7 +88,7 @@ dossier-verify https://example.com/dossier.ds.md
 ### Verbose Mode
 
 ```bash
-dossier-verify --verbose path/to/dossier.ds.md
+ai-dossier verify --verbose path/to/dossier.ds.md
 ```
 
 Shows:
@@ -103,7 +103,7 @@ Shows:
 ```bash
 # Shell function wrapper
 claude-run-dossier() {
-  if dossier-verify "$1"; then
+  if ai-dossier verify "$1"; then
     claude-code "The dossier at $1 has been verified. Please execute it."
   else
     echo "❌ Security verification failed. Not executing."
@@ -117,7 +117,7 @@ claude-run-dossier https://example.com/dossier.ds.md
 **Cursor**:
 ```bash
 cursor-run-dossier() {
-  if dossier-verify "$1"; then
+  if ai-dossier verify "$1"; then
     cursor "Execute the verified dossier at $1"
   else
     echo "❌ Verification failed"
@@ -132,7 +132,7 @@ safe-run-dossier() {
   local url="$1"
   local tool="${2:-claude-code}"
 
-  if dossier-verify "$url"; then
+  if ai-dossier verify "$url"; then
     echo "✅ Dossier verified. Passing to $tool..."
     "$tool" "run $url"
   else
@@ -148,6 +148,30 @@ safe-run-dossier https://example.com/dossier.ds.md cursor
 
 ---
 
+## Multi-Registry Resolution
+
+The CLI queries all configured registries in parallel when resolving dossiers (e.g., `dossier get`, `dossier run`, `dossier pull`). This uses `Promise.allSettled()` so a single registry failure does not block results from other registries.
+
+### Error Handling
+
+All multi-registry operations return structured errors alongside results:
+
+```
+$ dossier get org/my-dossier
+# If registry A is down but registry B has it → returns result silently from B
+# If no registry has it → displays errors from each registry
+```
+
+When **all registries fail**, the CLI displays per-registry error details showing which registry failed and why. When at least one registry succeeds, the result is returned without surfacing errors from other registries.
+
+This means you can configure multiple registries for redundancy — the CLI will succeed as long as at least one registry can serve the requested dossier. Registries are queried in the order they appear in your configuration; the first successful response is used.
+
+### Configuration
+
+See `dossier config` for managing registry URLs. Multiple registries are queried in parallel, not sequentially.
+
+---
+
 ## What It Checks
 
 ### 1. Integrity (Checksum)
@@ -199,7 +223,7 @@ safe-run-dossier https://example.com/dossier.ds.md cursor
 ### Example 1: Legitimate Dossier (Passes)
 
 ```bash
-$ dossier-verify examples/data-science/train-ml-model.ds.md
+$ ai-dossier verify examples/data-science/train-ml-model.ds.md
 
 🔐 Dossier Verification Tool
 
@@ -228,7 +252,7 @@ $ echo $?
 ### Example 2: Malicious Dossier (Blocked)
 
 ```bash
-$ dossier-verify https://raw.githubusercontent.com/imboard-ai/ai-dossier/main/examples/security/validate-project-config.ds.md
+$ ai-dossier verify https://raw.githubusercontent.com/imboard-ai/ai-dossier/main/examples/security/validate-project-config.ds.md
 
 🔐 Dossier Verification Tool
 
@@ -268,7 +292,7 @@ $ echo $?
 # Wrapper function for Claude Code
 claude-run-dossier() {
   echo "Verifying dossier security..."
-  if ~/projects/dossier/cli/bin/dossier-verify "$1"; then
+  if ai-dossier verify "$1"; then
     echo ""
     echo "✅ Verification passed. Executing with Claude Code..."
     claude-code "Execute the verified dossier at $1"
@@ -286,13 +310,106 @@ claude-run-dossier https://example.com/dossier.ds.md
 
 ---
 
+## Registry Configuration
+
+The CLI supports multiple registries for discovering, pulling, and publishing dossiers.
+
+### Configuration File (`~/.dossier/config.json`)
+
+Configure registries in your user config:
+
+```json
+{
+  "registries": {
+    "public": {
+      "url": "https://dossier-registry.vercel.app",
+      "default": true
+    },
+    "internal": {
+      "url": "https://dossier.internal.example.com"
+    },
+    "readonly-mirror": {
+      "url": "https://mirror.example.com",
+      "readonly": true
+    }
+  },
+  "defaultRegistry": "public"
+}
+```
+
+### Project-Level Config (`.dossierrc.json`)
+
+Place a `.dossierrc.json` in your project root to add project-specific registries:
+
+```json
+{
+  "registries": {
+    "team": {
+      "url": "https://dossier.myteam.example.com"
+    }
+  },
+  "defaultRegistry": "team"
+}
+```
+
+Project registries are merged with user registries. User-configured registries take precedence on name conflicts to prevent credential exfiltration.
+
+### Environment Variable
+
+Set `DOSSIER_REGISTRY_URL` to add a virtual `env` registry:
+
+```bash
+export DOSSIER_REGISTRY_URL=https://custom-registry.example.com
+```
+
+### Resolution Priority
+
+When resolving registries, the CLI follows this priority:
+
+1. `--registry` flag on the command
+2. `DOSSIER_REGISTRY_URL` environment variable
+3. Project-level `.dossierrc.json`
+4. User-level `~/.dossier/config.json`
+5. Hardcoded default (public registry)
+
+### Per-Command Registry Flag
+
+Write commands accept `--registry <name>` to target a specific registry:
+
+```bash
+ai-dossier publish --registry team my-dossier.ds.md
+ai-dossier login --registry internal
+```
+
+Read commands (`search`, `get`, `pull`) query all configured registries in parallel.
+
+---
+
+## Agent Discovery (`--agent`)
+
+The `--agent` flag outputs a machine-readable JSON manifest describing the CLI's capabilities. This is designed for AI agents that need to discover what the CLI can do programmatically:
+
+```bash
+ai-dossier --agent
+```
+
+Output includes:
+- CLI version and available commands
+- Supported flags (`--json`, `-y`/`--yes`)
+- Capabilities (multi-registry, non-TTY safe, machine-readable errors)
+- Discovery command for full command listing
+
+This enables agents to auto-configure their integration with the Dossier CLI without parsing help text.
+
+---
+
 ## Architecture
 
 ### How It Works
 
 ```
 User Command:
-dossier-verify https://example.com/dossier.ds.md
+ai-dossier verify https://example.com/dossier.ds.md
          ↓
     Download/Read File
          ↓
@@ -357,23 +474,28 @@ Exit 0 (safe) or 1 (unsafe)
 
 ## Roadmap
 
-### v0.1.0 (Current)
+### v0.1.0
 - ✅ Basic checksum verification
 - ✅ Signature presence detection
 - ✅ Exit code support
 - ✅ URL download support
 
-### v0.2.0 (Next)
-- ⏳ Full minisign signature verification
-- ⏳ Trusted keys management (~/.dossier/trusted-keys.txt)
-- ⏳ --run flag implementation
-- ⏳ Better error messages
+### v0.2.0
+- ✅ Multi-command CLI structure (`ai-dossier <command>`)
+- ✅ `dossier run` command with 5-stage verification pipeline
+- ✅ LLM auto-detection and execution integration
+
+### v0.3.0
+- ✅ Modular TypeScript migration
+- ✅ Comprehensive test suite (261+ tests)
+- ✅ CLI parity with dossier-tools
+- ✅ `@ai-dossier` npm scope and CI/CD publishing
 
-### v0.3.0 (Future)
-- ⏳ Interactive trust prompts
-- ⏳ Key import/export
-- ⏳ Signature verification caching
-- ⏳ JSON output mode (for tooling)
+### v0.4.0 (Current)
+- ✅ Unified dossier parser across core/cli/mcp
+- ✅ JSON output mode (`--json` flag on commands)
+- ✅ Registry integration (publish, remove, install-skill)
+- ✅ Non-TTY stdin detection
 
 ### v1.0.0 (Stable)
 - ⏳ Complete signature verification
@@ -392,10 +514,10 @@ cd cli
 npm link  # For local testing
 
 # Test
-dossier-verify ../examples/devops/deploy-to-aws.ds.md
+ai-dossier verify ../examples/devops/deploy-to-aws.ds.md
 
 # Test with malicious example
-dossier-verify ../examples/security/validate-project-config.ds.md
+ai-dossier verify ../examples/security/validate-project-config.ds.md
 ```
 
 ### Adding Features