@jagilber-org/index-server 1.26.11 → 1.27.0

package/CHANGELOG.md

@@ -6,7 +6,31 @@ The format is based on Keep a Changelog and this project adheres to Semantic Ver
 
 ## [Unreleased]
 
-## [1.26.11] - 2026-04-30
+## [1.27.0] - 2026-04-30
+
+### Changed (BREAKING)
+
+- **Rate limiting is now opt-in** and consolidated behind a single environment variable, `INDEX_SERVER_RATE_LIMIT` (#270).
+  - `INDEX_SERVER_RATE_LIMIT=0` (default, or unset) — rate limiting is **disabled**.
+  - `INDEX_SERVER_RATE_LIMIT=N` (positive integer) — enforces **N requests per minute** with a fixed 60-second window.
+  - Bulk import/export/backup/restore routes (`/api/admin/maintenance/normalize`, `/api/admin/maintenance/backup`, `/api/admin/maintenance/backups`, `/api/admin/maintenance/restore`, `/api/charts/export`, `/api/sqlite/backup`, `/api/sqlite/restore`, `/api/sqlite/export`) are **unconditionally exempt**, so dashboard bulk operations no longer trigger 429 responses.
+  - The 429 response body shape simplifies to `{ error, message, retryAfterSeconds, timestamp }`. The previous `tier` field (global vs. mutation) has been removed; there is now a single tier.
+
+### Removed (BREAKING)
+
+The following environment variables have been **removed with no back-compat aliases**. Replace them with `INDEX_SERVER_RATE_LIMIT`:
+
+| Removed variable | Replacement |
+|------------------|-------------|
+| `INDEX_SERVER_DISABLE_RATE_LIMIT` | unset / `INDEX_SERVER_RATE_LIMIT=0` (default) |
+| `INDEX_SERVER_DISABLE_USAGE_RATE_LIMIT` | unset / `INDEX_SERVER_RATE_LIMIT=0` (default) |
+| `INDEX_SERVER_RATE_LIMIT_MAX` | `INDEX_SERVER_RATE_LIMIT=<N>` |
+| `INDEX_SERVER_RATE_LIMIT_WINDOW_MS` | _removed; window is fixed at 60 seconds_ |
+| `INDEX_SERVER_RATE_LIMIT_MUTATION_MAX` | _removed; single tier only_ |
+
+Also removed: `DashboardHttpConfig.rateLimitEnabled / rateLimitWindowMs / rateLimitMax / rateLimitMutationMax` (replaced by `rateLimitPerMinute: number`); `ApiRoutesOptions.rateLimit` (replaced by `rateLimitPerMinute?: number`); `AdminConfig.serverSettings.rateLimit` reduced to `{ perMinute: number }`.
+
+
 
 ### Fixed
 

package/dist/config/dashboardConfig.d.ts

@@ -15,10 +15,17 @@ interface DashboardHttpConfig {
     verboseLogging: boolean;
     mutationEnabled: boolean;
     adminApiKey?: string;
-    rateLimitEnabled: boolean;
-    rateLimitWindowMs: number;
-    rateLimitMax: number;
-    rateLimitMutationMax: number;
+    /**
+     * Dashboard HTTP API rate limit, in requests per minute.
+     *
+     * - `0` (default) disables rate limiting entirely (HTTP API + usage tracking).
+     * - Any positive integer N enforces N requests/min globally with a fixed
+     *   60-second window. Bulk import/export/backup/restore routes are
+     *   unconditionally exempt regardless of this value.
+     *
+     * Configured via the `INDEX_SERVER_RATE_LIMIT` environment variable.
+     */
+    rateLimitPerMinute: number;
     tls: DashboardTlsConfig;
 }
 interface DashboardAdminConfig {

package/dist/config/dashboardConfig.js

@@ -36,10 +36,7 @@ function parseDashboardConfig(mutationEnabled, instructionsBaseDir) {
             verboseLogging: (0, envUtils_1.getBooleanEnv)('INDEX_SERVER_VERBOSE_LOGGING'),
             mutationEnabled,
             adminApiKey: process.env.INDEX_SERVER_ADMIN_API_KEY || undefined,
-            rateLimitEnabled: !(0, envUtils_1.getBooleanEnv)('INDEX_SERVER_DISABLE_RATE_LIMIT'),
-            rateLimitWindowMs: Math.max(1, (0, configUtils_1.numberFromEnv)('INDEX_SERVER_RATE_LIMIT_WINDOW_MS', 60_000)),
-            rateLimitMax: Math.max(0, (0, configUtils_1.numberFromEnv)('INDEX_SERVER_RATE_LIMIT_MAX', 100)),
-            rateLimitMutationMax: Math.max(0, (0, configUtils_1.numberFromEnv)('INDEX_SERVER_RATE_LIMIT_MUTATION_MAX', 20)),
+            rateLimitPerMinute: Math.max(0, (0, configUtils_1.numberFromEnv)('INDEX_SERVER_RATE_LIMIT', 0)),
             tls: {
                 enabled: (0, envUtils_1.getBooleanEnv)('INDEX_SERVER_DASHBOARD_TLS'),
                 certPath: process.env.INDEX_SERVER_DASHBOARD_TLS_CERT || undefined,

package/dist/dashboard/client/admin.html

@@ -1,29 +1,29 @@
 <!DOCTYPE html>
 <html lang="en">
 <head>
-    <meta name="dashboard-build-version" content="1.26.11-9badd8dd">
+    <meta name="dashboard-build-version" content="1.27.0-9badd8dd">
     <meta charset="UTF-8">
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <title>Index Server Admin</title>
-    <link rel="stylesheet" href="css/admin.css?v=1.26.11-9badd8dd">
-    <script defer src="js/admin.utils.js?v=1.26.11-9badd8dd"></script>
-    <script defer src="js/admin.auth.js?v=1.26.11-9badd8dd"></script>
-    <script defer src="js/admin.overview.js?v=1.26.11-9badd8dd"></script>
-    <script defer src="js/admin.sessions.js?v=1.26.11-9badd8dd"></script>
-    <script defer src="js/admin.monitor.js?v=1.26.11-9badd8dd"></script>
-    <script defer src="js/admin.graph.js?v=1.26.11-9badd8dd"></script>
+    <link rel="stylesheet" href="css/admin.css?v=1.27.0-9badd8dd">
+    <script defer src="js/admin.utils.js?v=1.27.0-9badd8dd"></script>
+    <script defer src="js/admin.auth.js?v=1.27.0-9badd8dd"></script>
+    <script defer src="js/admin.overview.js?v=1.27.0-9badd8dd"></script>
+    <script defer src="js/admin.sessions.js?v=1.27.0-9badd8dd"></script>
+    <script defer src="js/admin.monitor.js?v=1.27.0-9badd8dd"></script>
+    <script defer src="js/admin.graph.js?v=1.27.0-9badd8dd"></script>
     <script defer src="js/marked.umd.js"></script>
-    <script defer src="js/admin.instructions.js?v=1.26.11-9badd8dd"></script>
-    <script defer src="js/admin.logs.js?v=1.26.11-9badd8dd"></script>
-    <script defer src="js/admin.maintenance.js?v=1.26.11-9badd8dd"></script>
-    <script defer src="js/admin.config.js?v=1.26.11-9badd8dd"></script>
-    <script defer src="js/admin.performance.js?v=1.26.11-9badd8dd"></script>
-    <script defer src="js/admin.instances.js?v=1.26.11-9badd8dd"></script>
-    <script defer src="js/admin.embeddings.js?v=1.26.11-9badd8dd"></script>
-    <script defer src="js/admin.messaging.js?v=1.26.11-9badd8dd"></script>
-    <script defer src="js/admin.sqlite.js?v=1.26.11-9badd8dd"></script>
-    <script defer src="js/admin.boot.js?v=1.26.11-9badd8dd"></script>
-    <script defer src="js/admin.feedback.js?v=1.26.11-9badd8dd"></script>
+    <script defer src="js/admin.instructions.js?v=1.27.0-9badd8dd"></script>
+    <script defer src="js/admin.logs.js?v=1.27.0-9badd8dd"></script>
+    <script defer src="js/admin.maintenance.js?v=1.27.0-9badd8dd"></script>
+    <script defer src="js/admin.config.js?v=1.27.0-9badd8dd"></script>
+    <script defer src="js/admin.performance.js?v=1.27.0-9badd8dd"></script>
+    <script defer src="js/admin.instances.js?v=1.27.0-9badd8dd"></script>
+    <script defer src="js/admin.embeddings.js?v=1.27.0-9badd8dd"></script>
+    <script defer src="js/admin.messaging.js?v=1.27.0-9badd8dd"></script>
+    <script defer src="js/admin.sqlite.js?v=1.27.0-9badd8dd"></script>
+    <script defer src="js/admin.boot.js?v=1.27.0-9badd8dd"></script>
+    <script defer src="js/admin.feedback.js?v=1.27.0-9badd8dd"></script>
 </head>
 <body>
     <div class="admin-container admin-root">
@@ -879,10 +879,10 @@
             }
         }
 
-        // Graph logic was extracted to js/admin.graph.js?v=1.26.11-9badd8dd
+        // Graph logic was extracted to js/admin.graph.js?v=1.27.0-9badd8dd
         // Functions available globally: reloadGraphMermaid, initGraphScopeDefaults, copyMermaidSource, toggleGraphEdit, applyGraphEdit, cancelGraphEdit, refreshDrillCategories, loadDrillInstructions, clearSelections
 
-        <!-- overview functions moved to js/admin.overview.js?v=1.26.11-9badd8dd -->
+        <!-- overview functions moved to js/admin.overview.js?v=1.27.0-9badd8dd -->
 
         // Lightweight overview-level maintenance display (optional)
         // Intentionally minimal to avoid blocking overview rendering.
@@ -1067,7 +1067,7 @@
         }
 
         // --- Backup / Restore ---
-        // Extracted to js/admin.maintenance.js?v=1.26.11-9badd8dd
+        // Extracted to js/admin.maintenance.js?v=1.27.0-9badd8dd
 
         async function performBackup() {
             try {
@@ -1133,7 +1133,7 @@
         }
 
                 async function loadConfiguration() {
-                    // Primary implementation in js/admin.config.js?v=1.26.11-9badd8dd (loaded via defer).
+                    // Primary implementation in js/admin.config.js?v=1.27.0-9badd8dd (loaded via defer).
                     // This inline fallback only fires if the external script failed to load.
                     if (window.__configExternalLoaded) return;
                     try {
@@ -1193,10 +1193,10 @@
                         return false;
                 }
 
-        // Monitoring functions moved to js/admin.monitor.js?v=1.26.11-9badd8dd
+        // Monitoring functions moved to js/admin.monitor.js?v=1.27.0-9badd8dd
 
         // ===== Log Viewer =====
-        // Extracted to js/admin.logs.js?v=1.26.11-9badd8dd
+        // Extracted to js/admin.logs.js?v=1.27.0-9badd8dd
 
         // ===== Instruction Management =====
         let instructionEditing = null;
@@ -1693,7 +1693,7 @@
             setInterval(fetchResourceTrends, 10000);
         })();
 
-        // Instruction management logic extracted to js/admin.instructions.js?v=1.26.11-9badd8dd
+        // Instruction management logic extracted to js/admin.instructions.js?v=1.27.0-9badd8dd
         // Functions exposed globally: loadInstructions, renderInstructionList, editInstruction, saveInstruction, deleteInstruction, etc.
 
         function startAutoRefresh() {

package/dist/dashboard/server/AdminPanelConfig.d.ts

@@ -11,8 +11,7 @@ export interface AdminConfig {
         enableVerboseLogging: boolean;
         enableMutation: boolean;
         rateLimit: {
-            windowMs: number;
-            maxRequests: number;
+            perMinute: number;
         };
     };
     indexSettings: {

package/dist/dashboard/server/AdminPanelConfig.js

@@ -23,8 +23,7 @@ class AdminPanelConfig {
                 enableVerboseLogging: !!serverHttp?.verboseLogging,
                 enableMutation: runtimeConfig.mutation.enabled,
                 rateLimit: {
-                    windowMs: 60000,
-                    maxRequests: 100
+                    perMinute: serverHttp?.rateLimitPerMinute ?? 0
                 }
             },
             indexSettings: {

package/dist/dashboard/server/ApiRoutes.d.ts

@@ -8,10 +8,11 @@
 import { Router } from 'express';
 export interface ApiRoutesOptions {
     enableCors?: boolean;
-    rateLimit?: {
-        windowMs: number;
-        max: number;
-    };
+    /**
+     * Optional override for the rate-limit (requests per 60s window).
+     * `0` disables. When omitted, falls back to `httpCfg.rateLimitPerMinute`.
+     */
+    rateLimitPerMinute?: number;
 }
 export declare function createApiRoutes(options?: ApiRoutesOptions): Router;
 export default createApiRoutes;

package/dist/dashboard/server/ApiRoutes.js

@@ -49,11 +49,41 @@ const runtimeConfig_js_1 = require("../../config/runtimeConfig.js");
 const index_js_1 = require("./routes/index.js");
 const ensureLoadedMiddleware_js_1 = require("./middleware/ensureLoadedMiddleware.js");
 const logger_js_1 = require("../../services/logger.js");
+/**
+ * Path prefixes whose endpoints are *unconditionally* exempt from the dashboard
+ * HTTP rate limiter. These are bulk-shaped, operator-driven operations
+ * (backup, restore, import/export, normalize) where the size of a single
+ * request — not the *frequency* of requests — is the natural cost driver.
+ *
+ * Matching is done with `req.path.startsWith(prefix)` against the path *as
+ * mounted on the /api router* (so prefixes do not include the leading "/api").
+ *
+ * Note: the MCP tool surface (index_import / index_export / promote_from_repo
+ * / restore handlers) is already outside this HTTP limiter, so no entries are
+ * needed for those.
+ */
+const BULK_EXEMPT_PREFIXES = [
+    '/admin/maintenance/normalize',
+    '/admin/maintenance/backup', // covers backup, backup/import, backup/:id, backup/:id/export
+    '/admin/maintenance/backups', // covers backups, backups/prune
+    '/admin/maintenance/restore',
+    '/charts/export',
+    '/sqlite/backup', // covers /sqlite/backup and /sqlite/backups
+    '/sqlite/restore',
+    '/sqlite/export',
+];
+function isBulkExempt(reqPath) {
+    for (const prefix of BULK_EXEMPT_PREFIXES) {
+        if (reqPath === prefix || reqPath.startsWith(prefix + '/'))
+            return true;
+    }
+    return false;
+}
 function createApiRoutes(options = {}) {
     const router = (0, express_1.Router)();
     const metricsCollector = (0, MetricsCollector_js_1.getMetricsCollector)();
     const httpCfg = (0, runtimeConfig_js_1.getRuntimeConfig)().dashboard.http;
-    const rateLimitOpts = options.rateLimit ?? { windowMs: httpCfg.rateLimitWindowMs, max: httpCfg.rateLimitMax };
+    const perMinute = options.rateLimitPerMinute ?? httpCfg.rateLimitPerMinute;
     // CORS middleware (if enabled)
     // Security: only allow loopback origins (localhost, 127.0.0.1, [::1]) to prevent
     // cross-origin attacks. No wildcard (*) origins; credentials are not exposed.
@@ -71,53 +101,28 @@ function createApiRoutes(options = {}) {
     }
     // JSON middleware
     router.use(express_1.default.json());
-    const rateLimitEnabled = httpCfg.rateLimitEnabled;
-    if (rateLimitEnabled && rateLimitOpts.max > 0 && rateLimitOpts.windowMs > 0) {
-        // Global rate limit for all routes (reads + mutations)
+    // Rate limit (single tier, fixed 60s window). Disabled when perMinute === 0.
+    // Bulk routes (backup/restore/import/export/normalize) are unconditionally
+    // exempt via BULK_EXEMPT_PREFIXES — see `skip` below.
+    if (perMinute > 0) {
+        const windowMs = 60_000;
         router.use((0, express_rate_limit_1.default)({
-            windowMs: rateLimitOpts.windowMs,
-            max: rateLimitOpts.max,
+            windowMs,
+            max: perMinute,
             standardHeaders: true,
             legacyHeaders: true,
             validate: { ip: false },
-            skip: (req) => req.method === 'OPTIONS',
+            skip: (req) => req.method === 'OPTIONS' || isBulkExempt(req.path),
             keyGenerator: (req) => {
                 const clientIp = req.ip || req.socket.remoteAddress;
                 return clientIp ? (0, express_rate_limit_1.ipKeyGenerator)(clientIp) : 'unknown';
             },
             handler: (_req, res) => {
-                const retryAfter = Number(res.getHeader('Retry-After') || Math.ceil(rateLimitOpts.windowMs / 1000));
+                const retryAfter = Number(res.getHeader('Retry-After') || Math.ceil(windowMs / 1000));
                 res.status(429).json({
                     error: 'Too Many Requests',
                     message: `Rate limit exceeded. Try again in ${retryAfter} second(s).`,
                     retryAfterSeconds: retryAfter,
-                    tier: 'global',
-                    timestamp: Date.now(),
-                });
-            },
-        }));
-        // Stricter rate limit for mutation endpoints (POST/PUT/PATCH/DELETE).
-        // Defaults to runtimeConfig httpCfg.rateLimitMutationMax (env-configurable),
-        // bounded by the global per-window cap so mutation-tier never exceeds global.
-        const mutationMax = Math.max(1, Math.min(httpCfg.rateLimitMutationMax, rateLimitOpts.max));
-        router.use((0, express_rate_limit_1.default)({
-            windowMs: rateLimitOpts.windowMs,
-            max: mutationMax,
-            standardHeaders: true,
-            legacyHeaders: false,
-            validate: { ip: false },
-            skip: (req) => req.method === 'OPTIONS' || req.method === 'GET' || req.method === 'HEAD',
-            keyGenerator: (req) => {
-                const clientIp = req.ip || req.socket.remoteAddress;
-                return `mutation:${clientIp ? (0, express_rate_limit_1.ipKeyGenerator)(clientIp) : 'unknown'}`;
-            },
-            handler: (_req, res) => {
-                const retryAfter = Number(res.getHeader('Retry-After') || Math.ceil(rateLimitOpts.windowMs / 1000));
-                res.status(429).json({
-                    error: 'Too Many Requests',
-                    message: `Mutation rate limit exceeded. Try again in ${retryAfter} second(s).`,
-                    retryAfterSeconds: retryAfter,
-                    tier: 'mutation',
                     timestamp: Date.now(),
                 });
             },

package/dist/dashboard/server/routes/index.js

@@ -106,19 +106,21 @@ function renderPanelMarkdownHtml(name, markdown) {
  * Called once during DashboardServer construction after middleware is set up.
  */
 function mountDashboardRoutes(app, ctx) {
-    // Build a per-route rate limiter using the same dashboard.http.rateLimit*
-    // configuration as the /api router. Re-uses the same window/max so behavior
-    // is consistent across the dashboard. Disabled if rateLimitEnabled is false.
+    // Build a per-route rate limiter using the same dashboard.http.rateLimit
+    // configuration as the /api router. Re-uses the same per-minute cap so
+    // behavior is consistent across the dashboard. Disabled when
+    // rateLimitPerMinute === 0 (the default).
     const httpCfg = (0, runtimeConfig_js_1.getRuntimeConfig)().dashboard.http;
+    const perMinute = httpCfg.rateLimitPerMinute;
     const dashboardLimiter = (0, express_rate_limit_1.default)({
-        windowMs: Math.max(1, httpCfg.rateLimitWindowMs),
-        max: Math.max(1, httpCfg.rateLimitMax),
+        windowMs: 60_000,
+        max: perMinute > 0 ? perMinute : 1,
         standardHeaders: true,
         legacyHeaders: false,
         validate: { ip: false },
-        skip: () => !httpCfg.rateLimitEnabled,
+        skip: () => perMinute <= 0,
         handler: (_req, res) => {
-            const retryAfter = Number(res.getHeader('Retry-After') || Math.ceil(httpCfg.rateLimitWindowMs / 1000));
+            const retryAfter = Number(res.getHeader('Retry-After') || 60);
             res.status(429).json({
                 error: 'Too Many Requests',
                 message: `Rate limit exceeded. Try again in ${retryAfter} second(s).`,
@@ -222,8 +224,8 @@ function mountDashboardRoutes(app, ctx) {
             res.status(404).send('Screenshot not found');
         }
     });
-    // API sub-routes (mounted at /api). Rate limits sourced from runtimeConfig
-    // (INDEX_SERVER_RATE_LIMIT_*) — see ApiRoutes.createApiRoutes.
+    // API sub-routes (mounted at /api). Rate limit sourced from runtimeConfig
+    // (INDEX_SERVER_RATE_LIMIT) — see ApiRoutes.createApiRoutes.
     app.use('/api', (0, ApiRoutes_js_1.createApiRoutes)({ enableCors: ctx.enableCors }));
     // Back-compat: legacy tests expect /tools.json at dashboard root
     app.get('/tools.json', (_req, res) => {

package/dist/services/handlers.dashboardConfig.js

@@ -46,8 +46,7 @@ exports.FLAG_REGISTRY = [
     { name: 'INDEX_SERVER_VISIBILITY_DIAG', category: 'tracing', description: 'Force core trace level for visibility diagnostics.', stability: 'diagnostic', default: 'off', type: 'boolean', since: '1.1.1' },
     { name: 'INDEX_SERVER_FILE_TRACE', category: 'tracing', description: 'Promote index file events to trace level (files).', stability: 'diagnostic', default: 'off', type: 'boolean', since: '1.1.1' },
     // Usage & metrics
-    { name: 'INDEX_SERVER_DISABLE_RATE_LIMIT', category: 'usage', description: 'Disable all rate limiting (dashboard HTTP API and usage tracking). Rate limiting is enabled by default.', stability: 'stable', default: 'off', type: 'boolean', since: '1.1.3' },
-    { name: 'INDEX_SERVER_DISABLE_USAGE_RATE_LIMIT', category: 'usage', description: '(Deprecated) Legacy per-subsystem override to disable usage rate limit.', stability: 'diagnostic', default: 'off', type: 'boolean', since: '1.1.1' },
+    { name: 'INDEX_SERVER_RATE_LIMIT', category: 'usage', description: 'Dashboard HTTP API and usage-tracking rate limit, in requests per minute. 0 (default) disables rate limiting. Bulk import/export/backup/restore routes are unconditionally exempt.', stability: 'stable', default: '0', type: 'number', since: '1.27.0' },
     { name: 'INDEX_SERVER_DISABLE_USAGE_CLAMP', category: 'usage', description: 'Disable initial usage count clamp logic.', stability: 'diagnostic', default: 'off', type: 'boolean', since: '1.1.1' },
     { name: 'INDEX_SERVER_USAGE_FLUSH_MS', category: 'usage', description: 'Override usage flush debounce interval.', stability: 'diagnostic', default: '75', type: 'number', since: '1.1.1' },
     // Validation / schema

package/dist/services/indexContext.js

@@ -36,7 +36,6 @@ const features_1 = require("./features");
 const atomicFs_1 = require("./atomicFs");
 const classificationService_1 = require("./classificationService");
 const ownershipService_1 = require("./ownershipService");
-const envUtils_1 = require("../utils/envUtils");
 const runtimeConfig_1 = require("../config/runtimeConfig");
 const factory_1 = require("./storage/factory");
 const migrationEngine_1 = require("./storage/migrationEngine");
@@ -202,11 +201,11 @@ function restoreLastUsedInvariant(e) {
 const USAGE_RATE_LIMIT_PER_SECOND = 10; // max increments per id per second
 const usageRateLimiter = new Map();
 function checkUsageRateLimit(id) {
-    // Rate limiting is enabled by default. Set INDEX_SERVER_DISABLE_RATE_LIMIT=1 to disable all rate limiting.
-    if ((0, envUtils_1.getBooleanEnv)('INDEX_SERVER_DISABLE_RATE_LIMIT'))
-        return true;
-    // Legacy per-subsystem override (backward compat / deterministic tests).
-    if ((0, envUtils_1.getBooleanEnv)('INDEX_SERVER_DISABLE_USAGE_RATE_LIMIT'))
+    // Rate limiting is opt-in. INDEX_SERVER_RATE_LIMIT=0 (default) or unset
+    // disables both the dashboard HTTP limiter and this usage limiter.
+    // Any positive integer enables both.
+    const rl = Number(process.env.INDEX_SERVER_RATE_LIMIT);
+    if (!Number.isFinite(rl) || rl <= 0)
         return true;
     const now = Date.now();
     const windowStart = Math.floor(now / 1000) * 1000; // 1-second windows

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@jagilber-org/index-server",
-  "version": "1.26.11",
+  "version": "1.27.0",
   "mcpName": "io.github.jagilber-org/index-server",
   "description": "MCP instruction indexing server for AI assistant governance — search, CRUD, schema validation, usage tracking, and cross-repo knowledge promotion.",
   "publishConfig": {