@aifabrix/builder 2.44.4 → 2.44.5

package/lib/commands/wizard.js

@@ -26,6 +26,7 @@ const {
   validateAndCheckAppDirectory,
   formatDataplaneRejectedTokenMessage,
   extractSessionId,
+  handleSourceSelection,
   handleOpenApiParsing,
   handleCredentialSelection,
   handleTypeDetection,
@@ -50,6 +51,149 @@ const {
 } = require('./wizard-helpers');
 const { humanizeAppKey } = require('../generator/wizard-prompts-secondary');
 
+/**
+ * Map resolved source type/data onto wizard state.source.
+ * @param {Object} state - Mutable wizard state
+ * @param {string} sourceType - Source type key
+ * @param {unknown} sourceData - Raw source payload from prompts
+ */
+function applySourceSelectionToState(state, sourceType, sourceData) {
+  state.source = { type: sourceType };
+  if (sourceType === 'openapi-file') state.source.filePath = sourceData;
+  else if (sourceType === 'openapi-url') state.source.url = sourceData;
+  else if (sourceType === 'mcp-server') state.source.serverUrl = JSON.parse(sourceData).serverUrl;
+  else if (sourceType === 'known-platform') state.source.platform = sourceData;
+}
+
+/**
+ * Interactive or prefill source selection (Step 2).
+ * @returns {Promise<{ sourceType: string, sourceData: unknown }>}
+ */
+async function resolveWizardSourcePhase(dataplaneUrl, sessionId, authConfig, platforms, prefill) {
+  if (prefill?.source?.type) {
+    logger.log(chalk.gray(
+      `Using source from wizard.yaml (${prefill.source.type}). Skipping source prompts.`
+    ));
+    return handleSourceSelection(dataplaneUrl, sessionId, authConfig, prefill.source);
+  }
+  return handleInteractiveSourceSelection(dataplaneUrl, sessionId, authConfig, platforms);
+}
+
+/**
+ * Credential selection with optional prefill (Step 3).
+ * @returns {Promise<string>} credentialIdOrKey for generation step
+ */
+async function resolveWizardCredentialPhase(dataplaneUrl, authConfig, prefill, state) {
+  if (prefill?.credential) {
+    state.credential = prefill.credential;
+    return handleCredentialSelection(dataplaneUrl, authConfig, prefill.credential);
+  }
+  const credentialAction = await promptForCredentialAction();
+  const configCredential = await resolveCredentialConfig(dataplaneUrl, authConfig, credentialAction);
+  state.credential = configCredential;
+  return handleCredentialSelection(dataplaneUrl, authConfig, configCredential);
+}
+
+/**
+ * Collect user intent and UI preferences (Step 5), with optional wizard.yaml prefill.
+ * @returns {Promise<{ userIntent: string, preferences: Object, hasPrefillIntent: boolean }>}
+ */
+async function collectIntentAndPreferences(preferencesPrefill) {
+  const prefillPrefs = preferencesPrefill;
+  const hasPrefillIntent =
+    prefillPrefs &&
+    typeof prefillPrefs.intent === 'string' &&
+    prefillPrefs.intent.trim().length > 0;
+
+  if (hasPrefillIntent) {
+    logger.log(chalk.gray(
+      'Using preferences from wizard.yaml (intent and toggles). Skipping preference prompts.'
+    ));
+    const level = prefillPrefs.fieldOnboardingLevel;
+    const validLevel = level === 'standard' || level === 'minimal' ? level : 'full';
+    return {
+      userIntent: prefillPrefs.intent.trim(),
+      preferences: {
+        fieldOnboardingLevel: validLevel,
+        mcp: Boolean(prefillPrefs.enableMCP),
+        abac: Boolean(prefillPrefs.enableABAC),
+        rbac: Boolean(prefillPrefs.enableRBAC)
+      },
+      hasPrefillIntent: true
+    };
+  }
+
+  const userIntent = await promptForUserIntent();
+  const preferences = await promptForUserPreferences();
+  return { userIntent, preferences, hasPrefillIntent: false };
+}
+
+/**
+ * Run Step 5 (generate), Step 6–7 (review), and save files; updates state.preferences.
+ * @param {Object} payload
+ * @param {string} payload.appKey - Application key
+ * @param {string} payload.dataplaneUrl - Dataplane URL
+ * @param {Object} payload.authConfig - Auth configuration
+ * @param {string} payload.sessionId - Wizard session ID
+ * @param {Object} payload.state - Mutable wizard state
+ * @param {Object} payload.flowOpts - Flow options (mode, systemIdOrKey, debug, prefill, etc.)
+ * @param {Object} payload.genInput - Generation inputs (openapiSpec, detectedType, credential…)
+ * @returns {Promise<Object|null>} Updated state or null if review cancelled
+ */
+async function completeWizardGenerateReviewSave(payload) {
+  const {
+    appKey,
+    dataplaneUrl,
+    authConfig,
+    sessionId,
+    state,
+    flowOpts,
+    genInput
+  } = payload;
+  const { mode, systemIdOrKey, debug, prefill } = flowOpts;
+  const genResult = await handleInteractiveConfigGeneration({
+    dataplaneUrl,
+    authConfig,
+    mode,
+    openapiSpec: genInput.openapiSpec,
+    detectedType: genInput.detectedType,
+    credentialIdOrKey: genInput.credentialIdOrKey,
+    systemIdOrKey,
+    sourceType: genInput.sourceType,
+    sourceData: genInput.sourceData,
+    entityName: genInput.entityName,
+    appName: appKey,
+    debug,
+    systemDisplayName: flowOpts.systemDisplayName,
+    preferencesPrefill: prefill?.preferences
+  });
+  const { systemConfig, datasourceConfigs, systemKey, preferences: savedPrefs } = genResult;
+  state.preferences = savedPrefs || {};
+
+  const finalConfigs = await handleConfigurationReview(
+    dataplaneUrl,
+    authConfig,
+    sessionId,
+    systemConfig,
+    datasourceConfigs,
+    { appKey, debug }
+  );
+  if (!finalConfigs) return null;
+
+  await handleFileSaving(
+    appKey,
+    finalConfigs.systemConfig,
+    finalConfigs.datasourceConfigs,
+    systemKey || appKey,
+    {
+      dataplaneUrl,
+      authConfig,
+      enableRBAC: Boolean(savedPrefs?.enableRBAC)
+    }
+  );
+  return state;
+}
+
 /**
  * Create wizard session with given mode and optional systemIdOrKey (no prompts)
  * @async
@@ -125,12 +269,15 @@ async function handleInteractiveSourceSelection(dataplaneUrl, sessionId, authCon
  * @param {Object} options.detectedType - Detected type info
  * @param {string} [options.credentialIdOrKey] - Credential ID or key (optional)
  * @param {string} [options.systemIdOrKey] - System ID or key (optional)
+ * @param {Object} [options.preferencesPrefill] - From wizard.yaml `preferences` (skip Step 5 prompts when intent is set)
  * @returns {Promise<Object>} Generated configuration and preferences { systemConfig, datasourceConfigs, systemKey, preferences }
  */
 async function handleInteractiveConfigGeneration(options) {
   logger.log(chalk.blue('\n\uD83D\uDCCB Step 5: User Preferences'));
-  const userIntent = await promptForUserIntent();
-  const preferences = await promptForUserPreferences();
+
+  const { userIntent, preferences, hasPrefillIntent } = await collectIntentAndPreferences(
+    options.preferencesPrefill
+  );
 
   const configPrefs = {
     intent: userIntent,
@@ -138,6 +285,9 @@ async function handleInteractiveConfigGeneration(options) {
     enableMCP: preferences.mcp,
     enableABAC: preferences.abac,
     enableRBAC: preferences.rbac,
+    enableOpenAPIGeneration: hasPrefillIntent
+      ? options.preferencesPrefill?.enableOpenAPIGeneration !== false
+      : true,
     debug: options.debug === true
   };
 
@@ -222,62 +372,43 @@ async function handleConfigurationReview(dataplaneUrl, authConfig, sessionId, sy
  * @returns {Promise<Object>} Collected state (source, credential, preferences) for wizard.yaml save
  */
 async function doWizardSteps(appKey, dataplaneUrl, authConfig, sessionId, flowOpts, state) {
-  const { mode, systemIdOrKey, platforms, debug } = flowOpts;
-  const { sourceType, sourceData } = await handleInteractiveSourceSelection(
-    dataplaneUrl, sessionId, authConfig, platforms
+  const { platforms, prefill } = flowOpts;
+
+  const { sourceType, sourceData } = await resolveWizardSourcePhase(
+    dataplaneUrl,
+    sessionId,
+    authConfig,
+    platforms,
+    prefill
   );
-  state.source = { type: sourceType };
-  if (sourceType === 'openapi-file') state.source.filePath = sourceData;
-  else if (sourceType === 'openapi-url') state.source.url = sourceData;
-  else if (sourceType === 'mcp-server') state.source.serverUrl = JSON.parse(sourceData).serverUrl;
-  else if (sourceType === 'known-platform') state.source.platform = sourceData;
+  applySourceSelectionToState(state, sourceType, sourceData);
 
   const openapiSpec = await handleOpenApiParsing(dataplaneUrl, authConfig, sourceType, sourceData);
-  const credentialAction = await promptForCredentialAction();
-  const configCredential = await resolveCredentialConfig(dataplaneUrl, authConfig, credentialAction);
-  state.credential = configCredential;
-  const credentialIdOrKey = await handleCredentialSelection(dataplaneUrl, authConfig, configCredential);
+  const credentialIdOrKey = await resolveWizardCredentialPhase(dataplaneUrl, authConfig, prefill, state);
 
   const detectedType = await handleTypeDetection(dataplaneUrl, authConfig, openapiSpec);
+  const prefillEntityName = prefill?.source?.entityName;
   const entityName = openapiSpec && sourceType !== 'known-platform'
-    ? await handleEntitySelection(dataplaneUrl, authConfig, openapiSpec) : null;
-  const genResult = await handleInteractiveConfigGeneration({
-    dataplaneUrl,
-    authConfig,
-    mode,
-    openapiSpec,
-    detectedType,
-    credentialIdOrKey,
-    systemIdOrKey,
-    sourceType,
-    sourceData,
-    entityName: entityName || undefined,
-    appName: appKey,
-    debug,
-    systemDisplayName: flowOpts.systemDisplayName
-  });
-  const { systemConfig, datasourceConfigs, systemKey, preferences: savedPrefs } = genResult;
-  state.preferences = savedPrefs || {};
-
-  const finalConfigs = await handleConfigurationReview(
+    ? await handleEntitySelection(dataplaneUrl, authConfig, openapiSpec, prefillEntityName) : null;
+  if (entityName && state.source) {
+    state.source.entityName = entityName;
+  }
+  return completeWizardGenerateReviewSave({
+    appKey,
     dataplaneUrl,
     authConfig,
     sessionId,
-    systemConfig,
-    datasourceConfigs,
-    { appKey, debug }
-  );
-  if (!finalConfigs) return null;
-
-  await handleFileSaving(
-    appKey,
-    finalConfigs.systemConfig,
-    finalConfigs.datasourceConfigs,
-    systemKey || appKey,
-    dataplaneUrl,
-    authConfig
-  );
-  return state;
+    state,
+    flowOpts,
+    genInput: {
+      openapiSpec,
+      detectedType,
+      credentialIdOrKey,
+      sourceType,
+      sourceData,
+      entityName: entityName || undefined
+    }
+  });
 }
 
 async function runWizardStepsAfterSession(appKey, dataplaneUrl, authConfig, sessionId, flowOpts) {
@@ -317,7 +448,7 @@ async function runWizardStepsAfterSession(appKey, dataplaneUrl, authConfig, sess
  * @returns {Promise<void>} Resolves when wizard flow completes
  */
 async function executeWizardFlow(appKey, dataplaneUrl, authConfig, flowOpts = {}) {
-  const { mode, systemIdOrKey, configPath, debug, systemDisplayName } = flowOpts;
+  const { mode, systemIdOrKey, configPath, debug, systemDisplayName, prefill } = flowOpts;
 
   if (debug) {
     logger.log(chalk.gray(`[DEBUG] Wizard debug mode enabled for app: ${appKey}`));
@@ -333,7 +464,8 @@ async function executeWizardFlow(appKey, dataplaneUrl, authConfig, flowOpts = {}
     platforms,
     configPath,
     debug: flowOpts.debug,
-    systemDisplayName
+    systemDisplayName,
+    prefill
   });
   if (!state) return;
 
@@ -348,6 +480,11 @@ async function executeWizardFlow(appKey, dataplaneUrl, authConfig, flowOpts = {}
  * @param {string} [appName] - App name (for log message)
  * @returns {Promise<Object|null>} Loaded config or null
  */
+/**
+ * Load wizard.yaml when present. Returns full valid config, or invalid-but-parsed config for interactive prefill.
+ *
+ * @returns {Promise<{ valid: true, config: Object } | { valid: false, config: Object, errors: string[] } | null>}
+ */
 async function loadWizardConfigIfExists(configPath, appName) {
   if (!configPath) return null;
   const displayPath = appName ? `integration/${appName}/wizard.yaml` : configPath;
@@ -360,10 +497,16 @@ async function loadWizardConfigIfExists(configPath, appName) {
     const result = await validateWizardConfig(configPath, { validateFilePaths: false });
     if (result.valid && result.config) {
       logger.log(chalk.green(`Loaded saved state from ${displayPath}. Resuming with saved choices.`));
-      return result.config;
+      return { valid: true, config: result.config };
     }
     if (result.errors?.length) {
-      logger.log(chalk.yellow(`Loaded ${displayPath} but it has errors; prompting for missing fields.`));
+      logger.log(chalk.yellow(
+        `Loaded ${displayPath} but it does not fully validate; prefilling from file where possible.`
+      ));
+      result.errors.forEach(err => logger.log(chalk.gray(`  • ${err}`)));
+    }
+    if (result.config) {
+      return { valid: false, config: result.config, errors: result.errors || [] };
     }
   } catch (e) {
     logger.log(chalk.gray(`Could not load wizard config from ${displayPath}: ${e.message}`));
@@ -470,15 +613,16 @@ async function handleWizardWithSavedConfig(options, loadedConfig, displayPath) {
 }
 
 async function handleWizardInteractive(options) {
+  const prefill = options.wizardPrefill;
   const allowAddDatasource = !options.app;
   const mode = allowAddDatasource ? await promptForMode(undefined, true) : 'create-system';
   const resolved = mode === 'create-system'
-    ? await resolveCreateNewPath(options, null)
-    : await resolveAddDatasourcePath(options, null);
+    ? await resolveCreateNewPath(options, prefill || null)
+    : await resolveAddDatasourcePath(options, prefill || null);
   if (!resolved) return;
   const { appKey, configPath, dataplaneUrl, authConfig } = resolved;
   const systemIdOrKey = mode === 'add-datasource' ? resolved.systemIdOrKey : undefined;
-  const systemDisplayName = options.systemDisplayName || options.displayName ||
+  const systemDisplayName = options.systemDisplayName || options.displayName || prefill?.systemDisplayName ||
     (mode === 'create-system' ? humanizeAppKey(appKey) : undefined);
   try {
     await executeWizardFlow(appKey, dataplaneUrl, authConfig, {
@@ -486,7 +630,8 @@ async function handleWizardInteractive(options) {
       systemIdOrKey,
       configPath,
       debug: options.debug,
-      systemDisplayName
+      systemDisplayName,
+      prefill: prefill || undefined
     });
     logger.log(chalk.gray(`To change settings, edit integration/${appKey}/wizard.yaml and run: aifabrix wizard ${appKey}`));
   } catch (error) {
@@ -504,9 +649,12 @@ async function handleWizard(options = {}) {
     return await handleWizardSilent(options);
   }
   logger.log(chalk.blue('\n\uD83E\uDDD9 AI Fabrix External System Wizard\n'));
-  const loadedConfig = await loadWizardConfigIfExists(options.configPath, options.app);
-  if (loadedConfig) {
-    return await handleWizardWithSavedConfig(options, loadedConfig, displayPath);
+  const loadResult = await loadWizardConfigIfExists(options.configPath, options.app);
+  if (loadResult?.valid && loadResult.config) {
+    return await handleWizardWithSavedConfig(options, loadResult.config, displayPath);
+  }
+  if (loadResult?.config && loadResult.valid === false) {
+    return await handleWizardInteractive({ ...options, wizardPrefill: loadResult.config });
   }
   return await handleWizardInteractive(options);
 }

package/lib/generator/wizard-prompts.js

@@ -324,17 +324,22 @@ async function promptForExistingCredentialInput() {
  * @function promptForUserIntent
  * @returns {Promise<string>} User intent
  */
+const WIZARD_INTENT_MAX_LENGTH = 1000;
+
 async function promptForUserIntent() {
   const { intent } = await inquirer.prompt([
     {
       type: 'input',
       name: 'intent',
-      message: 'Describe your primary use case (any text):',
+      message: `Describe your primary use case (max ${WIZARD_INTENT_MAX_LENGTH} characters):`,
       default: 'general integration',
       validate: (input) => {
         if (!input || typeof input !== 'string' || input.trim().length === 0) {
           return 'Intent is required';
         }
+        if (input.length > WIZARD_INTENT_MAX_LENGTH) {
+          return `Intent must be ${WIZARD_INTENT_MAX_LENGTH} characters or fewer`;
+        }
         return true;
       }
     }
@@ -437,6 +442,7 @@ async function promptForRunWithSavedConfig() {
 const secondary = require('./wizard-prompts-secondary');
 
 module.exports = {
+  WIZARD_INTENT_MAX_LENGTH,
   promptForMode,
   promptForSystemIdOrKey,
   promptForExistingSystem,

package/lib/generator/wizard.js

@@ -32,6 +32,35 @@ function toKeySegment(str) {
   return sanitized || 'default';
 }
 
+/**
+ * Align authentication.security kv:// namespaces and credentialKey with the final system key.
+ * Dataplane normalizes this before respond; when appName overrides a spec-derived key (e.g.
+ * OpenAPI title "Companies"), the builder still must rewrite nested auth so it matches env.template.
+ *
+ * @param {Object|null|undefined} authentication - authentication block from dataplane
+ * @param {string} systemKey - Final external system key (integration app name)
+ * @param {string} [authDisplayName] - Credential display name (typically title-cased app name)
+ */
+function normalizeAuthenticationToSystemKey(authentication, systemKey, authDisplayName) {
+  if (!authentication || typeof authentication !== 'object') return;
+  authentication.credentialKey = `${systemKey}-cred`;
+  const security = authentication.security;
+  if (security && typeof security === 'object') {
+    for (const k of Object.keys(security)) {
+      const v = security[k];
+      if (typeof v === 'string' && v.startsWith('kv://')) {
+        const rest = v.slice(5);
+        const idx = rest.indexOf('/');
+        const suffix = idx >= 0 ? rest.slice(idx + 1) : '';
+        security[k] = suffix ? `kv://${systemKey}/${suffix}` : `kv://${systemKey}`;
+      }
+    }
+  }
+  if (authDisplayName) {
+    authentication.displayName = authDisplayName;
+  }
+}
+
 /**
  * Generate files from dataplane-generated wizard configurations
  * @async
@@ -182,6 +211,11 @@ async function prepareWizardContext(appName, systemConfig, datasourceConfigs) {
   const originalSystemKey = systemConfig.key || finalSystemKey;
   const appDisplayName = appName.replace(/-/g, ' ').replace(/\b\w/g, l => l.toUpperCase());
   const updatedSystemConfig = { ...systemConfig, key: finalSystemKey, displayName: appDisplayName };
+  normalizeAuthenticationToSystemKey(
+    updatedSystemConfig.authentication,
+    finalSystemKey,
+    appDisplayName
+  );
   const originalPrefix = `${originalSystemKey}-`;
   const updatedDatasourceConfigs = datasourceConfigs.map(ds => {
     let newKey;

package/lib/schema/wizard-config.schema.json

@@ -184,7 +184,7 @@
           "type": "string",
           "description": "User intent (any descriptive text, e.g., 'sales-focused CRM integration')",
           "minLength": 1,
-          "maxLength": 500
+          "maxLength": 1000
         },
         "fieldOnboardingLevel": {
           "type": "string",

package/lib/utils/external-readme.js

@@ -137,11 +137,43 @@ function rbacOptionalFilename(normalizedExt) {
   return normalizedExt === '.yaml' || normalizedExt === '.yml' ? 'rbac.yaml' : 'rbac.json';
 }
 
+/**
+ * Word-wraps plain description text for Markdown (MD013 ~80 columns). Keeps blank
+ * lines between paragraphs.
+ * @param {string} text - Raw description
+ * @param {number} [maxLen=80] - Target max line length
+ * @returns {string}
+ */
+function wrapPlainTextForMarkdown(text, maxLen = 80) {
+  if (!text || typeof text !== 'string') return text;
+  const blocks = text.split(/\n\s*\n/);
+  const wrapped = blocks.map((block) => {
+    const flat = block.replace(/\s+/g, ' ').trim();
+    if (!flat) return '';
+    const words = flat.split(' ');
+    const lines = [];
+    let current = '';
+    for (const w of words) {
+      const candidate = current ? `${current} ${w}` : w;
+      if (candidate.length <= maxLen) {
+        current = candidate;
+      } else {
+        if (current) lines.push(current);
+        current = w;
+      }
+    }
+    if (current) lines.push(current);
+    return lines.join('\n');
+  });
+  return wrapped.filter(Boolean).join('\n\n');
+}
+
 function buildExternalReadmeContext(params = {}) {
   const appName = params.appName || params.systemKey || 'external-system';
   const systemKey = params.systemKey || appName;
   const displayName = params.displayName || formatDisplayName(systemKey);
-  const description = params.description || `External system integration for ${systemKey}`;
+  const rawDescription = params.description || `External system integration for ${systemKey}`;
+  const description = wrapPlainTextForMarkdown(rawDescription);
   const systemType = params.systemType || 'openapi';
   const fileExt = params.fileExt !== undefined ? params.fileExt : '.json';
   const normalizedExt = fileExt && fileExt.startsWith('.') ? fileExt : `.${fileExt || 'json'}`;
@@ -186,13 +218,25 @@ function loadExternalReadmeTemplate() {
  * @param {Object} params - Context parameters
  * @returns {string} README content
  */
+/**
+ * Collapses 3+ consecutive newlines to 2 (fixes MD012 from Handlebars spacing).
+ * @param {string} md - Markdown body
+ * @returns {string}
+ */
+function collapseConsecutiveBlankLines(md) {
+  if (!md || typeof md !== 'string') return md;
+  return md.replace(/\n{3,}/g, '\n\n');
+}
+
 function generateExternalReadmeContent(params = {}) {
   const template = loadExternalReadmeTemplate();
   const context = buildExternalReadmeContext(params);
-  return template(context);
+  return collapseConsecutiveBlankLines(template(context));
 }
 
 module.exports = {
   buildExternalReadmeContext,
-  generateExternalReadmeContent
+  generateExternalReadmeContent,
+  wrapPlainTextForMarkdown,
+  collapseConsecutiveBlankLines
 };

package/lib/utils/urls-local-registry.js

@@ -175,6 +175,54 @@ function mergeBuilderDirIntoRegistry(merged, builderDir) {
   }
 }
 
+/**
+ * True when getBuilderRoot() resolves to the same path as AIFABRIX_BUILDER_DIR (authoritative override).
+ * @param {string|null} resolvedEffective
+ * @param {string|null} envResolved
+ * @returns {boolean}
+ */
+function effectiveBuilderMatchesEnvVar(resolvedEffective, envResolved) {
+  return Boolean(envResolved && resolvedEffective && resolvedEffective === envResolved);
+}
+
+/**
+ * Builder dirs to scan in order; later merges overwrite registry keys from earlier dirs.
+ * When `AIFABRIX_BUILDER_DIR` is set and differs from projectRoot/builder, env builder root is merged last.
+ * Otherwise projectRoot/builder is merged last so explicit refresh roots override getBuilderRoot().
+ *
+ * @param {string} root - Resolved project root passed to refresh
+ * @param {string|null} effectiveBuilderDir - pathsUtil.getBuilderRoot()
+ * @returns {string[]}
+ */
+function getOrderedBuilderDirsForRegistryScan(root, effectiveBuilderDir) {
+  const legacyBuilderDir = path.join(root, 'builder');
+  let resolvedLegacy;
+  let resolvedEffective;
+  try {
+    resolvedLegacy = path.resolve(legacyBuilderDir);
+    resolvedEffective = effectiveBuilderDir ? path.resolve(effectiveBuilderDir) : null;
+  } catch {
+    return [legacyBuilderDir];
+  }
+  const envRaw = process.env.AIFABRIX_BUILDER_DIR && String(process.env.AIFABRIX_BUILDER_DIR).trim();
+  const envResolved = envRaw ? path.resolve(envRaw) : null;
+  // Only treat env as authoritative when getBuilderRoot() is actually that path. Otherwise a stray
+  // AIFABRIX_BUILDER_DIR on CI (or Jest mocking getBuilderRoot to a temp dir) must not force
+  // [legacy, effective] — that order lets the real checkout builder overwrite the mocked root last.
+  const effectiveMatchesEnvVar = effectiveBuilderMatchesEnvVar(resolvedEffective, envResolved);
+
+  if (effectiveBuilderDir && resolvedEffective && resolvedEffective === resolvedLegacy) {
+    return [legacyBuilderDir];
+  }
+  if (effectiveMatchesEnvVar && effectiveBuilderDir && resolvedEffective && resolvedEffective !== resolvedLegacy) {
+    return [legacyBuilderDir, effectiveBuilderDir];
+  }
+  if (effectiveBuilderDir && resolvedEffective && resolvedEffective !== resolvedLegacy) {
+    return [effectiveBuilderDir, legacyBuilderDir];
+  }
+  return [legacyBuilderDir];
+}
+
 /**
  * Merge scan results into registry (does not remove stale keys).
  * @param {string|null} projectRoot - getProjectRoot() or null (same semantics as projectRoot || getProjectRoot())
@@ -188,19 +236,13 @@ function refreshUrlsLocalRegistryFromBuilder(projectRoot) {
   }
   // Published npm tarball omits builder/ under the package root (.npmignore). Global installs must
   // still refresh from the real builder tree (AIFABRIX_BUILDER_DIR or integration base + builder).
-  const legacyBuilderDir = path.join(root, 'builder');
-  const effectiveBuilderDir = pathsUtil.getBuilderRoot();
-  const builderDirs = [legacyBuilderDir];
+  let effectiveBuilderDir = null;
   try {
-    if (
-      effectiveBuilderDir &&
-      path.resolve(effectiveBuilderDir) !== path.resolve(legacyBuilderDir)
-    ) {
-      builderDirs.push(effectiveBuilderDir);
-    }
+    effectiveBuilderDir = pathsUtil.getBuilderRoot();
   } catch {
-    /* ignore path resolution errors */
+    effectiveBuilderDir = null;
   }
+  const builderDirs = getOrderedBuilderDirsForRegistryScan(root, effectiveBuilderDir);
   for (const builderDir of builderDirs) {
     mergeBuilderDirIntoRegistry(merged, builderDir);
   }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aifabrix/builder",
-  "version": "2.44.4",
+  "version": "2.44.5",
   "description": "AI Fabrix Local Fabric & Deployment SDK",
   "main": "lib/index.js",
   "bin": {

package/templates/applications/miso-controller/env.template

@@ -28,8 +28,12 @@ SKIP_FIRST_TIME_SETUP=false
 # Optional custom controller key for onboarding (default: miso-controller)
 ONBOARDING_CONTROLLER_KEY=miso-controller
 
-# Optional infrastructure name override for onboarding (default: from INFRASTRUCTURE_NAME or aifabrix)
-ONBOARDING_INFRASTRUCTURE_NAME=
+# Infrastructure/service name used by controller/onboarding flows
+INFRASTRUCTURE_NAME=aifabrix
+
+# Azure region (required for first-time onboarding: controller record / provisioning metadata).
+# Use the region you deploy to (e.g. westeurope, eastus, northeurope). Single env name: LOCATION.
+LOCATION=westeurope
 
 # Required for admin user creation during onboarding
 # Password for the initial administrator user (username: admin)
@@ -319,10 +323,6 @@ MISO_ENVIRONMENT=miso
 MISO_CLIENTID=kv://miso-controller-client-idKeyVault
 MISO_CLIENTSECRET=kv://miso-controller-client-secretKeyVault
 
-# Allowed origins for CORS validation (comma-separated)
-# Use wildcards for ports: http://localhost:*
-MISO_ALLOWED_ORIGINS=http://localhost:*,url://host-public,url://host-private,url://dataplane-host-public,url://dataplane-host-private
-
 # Evaluation mode (optional .env override of DB controller.configuration.evaluation):
 # When true (default if DB omits flag), infra deploy may coerce :envKey to `miso` — e2e poll on `dev` can 404.
 # Set false locally to force path envKey to match deploy + GET .../deployments/:id.