akm-cli 0.8.0-rc1 → 0.8.0

package/dist/commands/search.js

@@ -1,3 +1,6 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at https://mozilla.org/MPL/2.0/.
 /**
  * `akm search` — entry point.
  *
@@ -9,11 +12,13 @@
  * Provider `search()` methods do not exist.
  */
 import { loadConfig } from "../core/config";
-import { UsageError } from "../core/errors";
+import { rethrowIfTestIsolationError, UsageError } from "../core/errors";
 import { appendEvent } from "../core/events";
+import { isTransientStashPath } from "../core/paths";
 import { bumpUtilityScoresBatch, closeDatabase, openExistingDatabase } from "../indexer/db";
 import { searchLocal } from "../indexer/db-search";
 import { resolveSourceEntries } from "../indexer/search-source";
+import { getCurrentWorkflowScopeKey } from "../workflows/scope-key";
 // Eagerly import source providers to trigger self-registration before the
 // indexer or path-resolution code runs.
 import "../sources/providers/index";
@@ -26,10 +31,42 @@ export async function akmSearch(input) {
     const normalizedQuery = query.toLowerCase();
     const searchType = input.type ?? "any";
     const limit = normalizeLimit(input.limit);
-    const source = parseSearchSource(input.source ?? "stash");
+    const parsedSource = parseSearchSource(input.source ?? "stash");
     const config = loadConfig();
-    const sources = resolveSourceEntries(undefined, config);
-    if (sources.length === 0) {
+    // Named-source filter: when --source is not a standard enum value, treat it
+    // as a named source from config.sources[].name. Validate early (before
+    // resolveSourceEntries, which can throw STASH_DIR_NOT_FOUND) so that a bad
+    // --source name always produces INVALID_SOURCE_VALUE regardless of stash state.
+    let namedSourceName;
+    let source;
+    if (parsedSource !== "stash" && parsedSource !== "registry" && parsedSource !== "both") {
+        namedSourceName = parsedSource;
+        // Check that the named source exists in the config before touching the stash.
+        const configSources = config.sources ?? [];
+        const foundInConfig = configSources.some((s) => s.name === namedSourceName) || configSources.some((s) => s.path === namedSourceName);
+        if (!foundInConfig) {
+            const validNames = configSources.map((s) => s.name).filter((n) => Boolean(n));
+            const hint = validNames.length > 0
+                ? `Known source names: ${validNames.join(", ")}`
+                : "No named sources are configured. Run `akm list` to see installed stashes.";
+            throw new UsageError(`Unknown source name: "${namedSourceName}". ${hint}`, "INVALID_SOURCE_VALUE");
+        }
+        source = "stash";
+    }
+    else {
+        source = parsedSource;
+    }
+    let allSources = resolveSourceEntries(undefined, config);
+    // When a named source was requested, narrow the sources list to just that entry.
+    // `resolveSourceEntries` sets `registryId` to `entry.name` for each config source.
+    if (namedSourceName !== undefined) {
+        const ns = namedSourceName;
+        allSources = allSources.filter((s) => s.registryId === ns || s.path === ns);
+        // allSources may still be empty if the configured source dir doesn't exist on
+        // disk (resolveSourceEntries skips non-existent dirs). Fall through to the
+        // zero-sources guard below which emits a friendly warning.
+    }
+    if (allSources.length === 0) {
         // stashDir: "" is a safe sentinel here — the response carries zero hits
         // and a warning, so no downstream code will try to use the empty path.
         const response = {
@@ -40,12 +77,15 @@ export async function akmSearch(input) {
             warnings: ["No stashes configured. Run `akm init` to create your working stash."],
             timing: { totalMs: Date.now() - t0 },
         };
-        logSearchEvent(query, response);
+        if (!input.skipLogging)
+            logSearchEvent(query, response, undefined, undefined, input.eventSource);
         return response;
     }
     // Primary stash directory — used for DB path lookups and as the default
     // stash root. Safe because the empty-sources case is handled above.
-    const stashDir = sources[0].path;
+    const stashDir = allSources[0].path;
+    // Expose the filtered source list to downstream search calls.
+    const sources = allSources;
     const filters = normalizeScopeFilters(input.filters);
     const includeProposed = input.includeProposed === true;
     const belief = input.belief ?? "all";
@@ -61,6 +101,12 @@ export async function akmSearch(input) {
             filters,
             includeProposed,
             beliefFilter: belief,
+            // When `--source <name>` narrowed the source list above, propagate
+            // that intent down to the database layer so FTS/vector hits from
+            // sources outside the narrowed set are filtered out post-ranking.
+            // Without this, the index (which spans every configured source)
+            // would leak hits from sources the caller did not request.
+            restrictToSources: namedSourceName !== undefined,
         });
     const registryResult = source === "stash" ? undefined : await searchRegistry(query, { limit, registries: config.registries });
     if (source === "stash") {
@@ -75,7 +121,8 @@ export async function akmSearch(input) {
             warnings: localResult?.warnings?.length ? localResult.warnings : undefined,
             timing: { totalMs: Date.now() - t0, rankMs: localResult?.rankMs, embedMs: localResult?.embedMs },
         };
-        logSearchEvent(query, response, undefined, localResult?.mode ?? "keyword");
+        if (!input.skipLogging)
+            logSearchEvent(query, response, undefined, localResult?.mode ?? "keyword", input.eventSource);
         return response;
     }
     const registryHits = (registryResult?.hits ?? []).map((hit) => {
@@ -109,7 +156,8 @@ export async function akmSearch(input) {
             warnings: registryResult?.warnings.length ? registryResult.warnings : undefined,
             timing: { totalMs: Date.now() - t0 },
         };
-        logSearchEvent(query, response);
+        if (!input.skipLogging)
+            logSearchEvent(query, response, undefined, undefined, input.eventSource);
         return response;
     }
     // source === "both"
@@ -126,7 +174,8 @@ export async function akmSearch(input) {
         warnings: warnings.length ? warnings : undefined,
         timing: { totalMs: Date.now() - t0 },
     };
-    logSearchEvent(query, response, undefined, localResult?.mode ?? "keyword");
+    if (!input.skipLogging)
+        logSearchEvent(query, response, undefined, undefined, input.eventSource);
     return response;
 }
 /**
@@ -162,13 +211,16 @@ function resolveEntryIds(db, hits) {
  * Per-entry events are recorded only for stash hits because registry hits
  * have no local entry_id to reference.
  */
-function logSearchEvent(query, response, existingDb, mode = "keyword") {
+function logSearchEvent(query, response, existingDb, mode = "keyword", eventSource = "user") {
     // Emit a structured event to events.jsonl so workflow-trace consumers
     // detect akm search invocations without relying on stdout scraping.
     const stashHits = response.hits.filter((h) => h.type !== "registry");
+    // D8: include registry hit refs so a show following a registry-only search generates a select event
+    const registryHitRefs = (response.registryHits ?? []).map((h) => `registry:${h.id}`);
+    const allResultRefs = [...stashHits.map((h) => h.ref), ...registryHitRefs];
     appendEvent({
         eventType: "search",
-        metadata: { query, hitCount: stashHits.length, resultRefs: stashHits.map((h) => h.ref), mode },
+        metadata: { query, hitCount: stashHits.length, resultRefs: allResultRefs, mode },
     });
     try {
         const db = existingDb ?? openExistingDatabase();
@@ -180,13 +232,23 @@ function logSearchEvent(query, response, existingDb, mode = "keyword") {
                     query,
                     entry_id: entryId,
                     entry_ref: ref,
+                    source: eventSource,
                 });
             }
             // Bump utility scores for all resolved entries (MemRL retrieval signal).
             // The indexer overwrites these at next reindex; bumps are temporary hints.
             const resolvedIds = resolved.map((r) => r.entryId).filter((id) => id !== undefined);
             if (resolvedIds.length > 0) {
-                bumpUtilityScoresBatch(db, resolvedIds, 1.0);
+                let scopeKey;
+                try {
+                    const stashPath = response.stashDir;
+                    const disabled = process.env.AKM_DISABLE_SCOPED_UTILITY === "1" || (stashPath && isTransientStashPath(stashPath));
+                    scopeKey = disabled ? undefined : getCurrentWorkflowScopeKey();
+                }
+                catch {
+                    // Non-fatal — fall back to global-only bumps on any error.
+                }
+                bumpUtilityScoresBatch(db, resolvedIds, 1.0, 0.1, scopeKey);
             }
             // Count registry hits separately so registry-only searches record a
             // non-zero resultCount. response.hits is always [] when source="registry".
@@ -202,6 +264,7 @@ function logSearchEvent(query, response, existingDb, mode = "keyword") {
                     resolvedCount: resolved.length,
                     mode,
                 }),
+                source: eventSource,
             });
         }
         finally {
@@ -209,7 +272,8 @@ function logSearchEvent(query, response, existingDb, mode = "keyword") {
                 closeDatabase(db);
         }
     }
-    catch {
+    catch (err) {
+        rethrowIfTestIsolationError(err);
         /* fire-and-forget */
     }
 }
@@ -220,6 +284,24 @@ function normalizeLimit(limit) {
     }
     return Math.min(Math.floor(limit), 200);
 }
+/**
+ * Parse the `--source` flag value.
+ *
+ * Accepts:
+ *   - `stash` (default) — search the local stash index only
+ *   - `registry`        — search remote registries only
+ *   - `both`            — search stash and registries
+ *   - `local`           — alias for `stash`
+ *   - Any named source from `config.sources[].name` — filters stash results to
+ *     that single source only. The named-source path is detected and resolved
+ *     inside `akmSearch`; this function returns the raw name so the caller can
+ *     pass it through to `akmSearch` which accepts `SearchSource | string`.
+ *
+ * Unknown values that are not a known enum AND not a named source will still
+ * produce an error inside `akmSearch` when the config lookup finds nothing.
+ * This allows the CLI to accept named sources without requiring config access
+ * at parse time.
+ */
 export function parseSearchSource(source) {
     if (source === "stash" || source === "registry" || source === "both")
         return source;
@@ -228,7 +310,10 @@ export function parseSearchSource(source) {
         return "stash";
     if (typeof source === "undefined")
         return "stash";
-    throw new UsageError(`Invalid value for --source: ${String(source)}. Expected one of: stash|registry|both`, "INVALID_SOURCE_VALUE");
+    // Pass through unknown strings — they may be valid named sources.
+    // `akmSearch` will validate against config.sources and throw a UsageError
+    // with a helpful message if the name isn't found.
+    return source;
 }
 export function parseBeliefFilterMode(value) {
     if (value === undefined || value === "all")

package/dist/commands/secret.js

@@ -0,0 +1,173 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at https://mozilla.org/MPL/2.0/.
+/**
+ * Secret asset type — whole-file secret storage.
+ *
+ * A `secret` holds a single SENSITIVE value used on its own for authentication
+ * (a PEM private key, an API token, a TLS cert, a service-account JSON): the
+ * ENTIRE file is the secret. There is no safe region to parse, so only the
+ * filename is ever surfaced. Where an `env` file holds a GROUP of related
+ * configuration and exposes key NAMES as metadata, a secret is ONE value and
+ * exposes nothing but its name — reach for `secret` when one value *is* the
+ * credential, and for `env` when loading a service's related configuration.
+ *
+ * Invariant: a secret's bytes must never be written to stdout, returned
+ * through the indexer / `akm show` renderer, or any structured output channel.
+ * The supported value-use paths are:
+ *
+ *   - `akm secret run <ref> <VAR> -- <cmd>` — value injected into the child
+ *     process env as `VAR=<value>` (see `readValue`).
+ *   - `akm secret path <ref>` — print the file path so a command can read it
+ *     itself (Docker `/run/secrets` + `_FILE` convention).
+ *
+ * Values are stored as raw bytes (no quoting, multi-line allowed) so they
+ * round-trip byte-exact, unlike env values which forbid literal newlines.
+ */
+import crypto from "node:crypto";
+import fs from "node:fs";
+import path from "node:path";
+import { probeLock, releaseLock, tryAcquireLockSync } from "../core/file-lock";
+// ── Write-lock helper ─────────────────────────────────────────────────────────
+/**
+ * Acquire an exclusive lock for the given secret path, run `fn`, then release.
+ * Mirrors the env write-lock: O_EXCL creation, 5s deadline, PID-based stale
+ * detection. A timeout is always a stale lock or a programming error, so we
+ * throw rather than silently proceeding.
+ */
+export function withSecretLock(secretPath, fn) {
+    const lockPath = `${secretPath}.lock`;
+    const deadline = Date.now() + 5000;
+    while (!tryAcquireLockSync(lockPath, String(process.pid))) {
+        const probe = probeLock(lockPath);
+        if (probe.state === "stale") {
+            releaseLock(lockPath);
+            continue;
+        }
+        if (Date.now() > deadline) {
+            const holderHint = probe.state === "held"
+                ? ` Lock file ${lockPath} is held by live PID ${probe.holderPid}.`
+                : ` Lock file ${lockPath} could not be inspected.`;
+            throw new Error(`Could not acquire secret lock for ${secretPath} after 5s.${holderHint} Retry once any other akm secret operation finishes, or remove the stale lock file.`);
+        }
+        if (typeof globalThis.Bun?.sleepSync ===
+            "function") {
+            globalThis.Bun.sleepSync(10);
+        }
+        else {
+            let spin = 0;
+            while (spin++ < 100_000) {
+                /* yield */
+            }
+        }
+    }
+    try {
+        return fn();
+    }
+    finally {
+        releaseLock(lockPath);
+    }
+}
+// ── Atomic byte write ──────────────────────────────────────────────────────────
+/**
+ * Atomically write `data` to `target` at mode 0600. Unlike `writeFileAtomic`
+ * in core/common (string content), this accepts a Buffer so secret bytes
+ * round-trip exactly — binary certs and CRLF/LF line endings are preserved.
+ */
+function writeSecretAtomic(target, data) {
+    const tmp = `${target}.tmp.${process.pid}.${crypto.randomBytes(8).toString("hex")}`;
+    const fd = fs.openSync(tmp, "w", 0o600);
+    try {
+        fs.writeSync(fd, data);
+        try {
+            fs.fdatasyncSync(fd);
+        }
+        catch {
+            // Best-effort durability; some pseudo-filesystems lack fdatasync.
+        }
+    }
+    finally {
+        fs.closeSync(fd);
+    }
+    fs.renameSync(tmp, target);
+    try {
+        const dirFd = fs.openSync(path.dirname(target), "r");
+        try {
+            fs.fsyncSync(dirFd);
+        }
+        finally {
+            fs.closeSync(dirFd);
+        }
+    }
+    catch {
+        // Directory fsync is unsupported on FAT / some FUSE mounts / Windows.
+    }
+}
+function ensureParentDir(filePath) {
+    const dir = path.dirname(filePath);
+    if (!fs.existsSync(dir))
+        fs.mkdirSync(dir, { recursive: true, mode: 0o700 });
+}
+// ── Public API ──────────────────────────────────────────────────────────────
+/**
+ * Walk a `secrets/` directory and return the POSIX-relative names of every
+ * secret file. Lock files (`*.lock`), sensitive markers (`*.sensitive`), and
+ * secrets with a sibling `<name>.sensitive` marker are excluded. The file
+ * bodies are NEVER read.
+ */
+export function listNames(secretsRoot) {
+    if (!fs.existsSync(secretsRoot))
+        return [];
+    const names = [];
+    const walk = (dir) => {
+        for (const entry of fs.readdirSync(dir, { withFileTypes: true })) {
+            const full = path.join(dir, entry.name);
+            if (entry.isDirectory()) {
+                walk(full);
+                continue;
+            }
+            if (!entry.isFile())
+                continue;
+            if (entry.name.endsWith(".lock") || entry.name.endsWith(".sensitive"))
+                continue;
+            // A sibling `<name>.sensitive` marker suppresses listing.
+            if (fs.existsSync(`${full}.sensitive`))
+                continue;
+            names.push(path.relative(secretsRoot, full).split(path.sep).join("/"));
+        }
+    };
+    walk(secretsRoot);
+    return names.sort();
+}
+/**
+ * Read a secret's raw bytes. Internal use only (for `secret run` / `secret
+ * path`). Callers MUST NOT write the returned value to stdout or any log.
+ */
+export function readValue(secretPath) {
+    return fs.readFileSync(secretPath);
+}
+/**
+ * Write (create or overwrite) a secret with the given raw bytes, atomically at
+ * mode 0600 under a write-lock. No quoting; multi-line / binary allowed.
+ */
+export function setSecret(secretPath, value) {
+    ensureParentDir(secretPath);
+    withSecretLock(secretPath, () => {
+        writeSecretAtomic(secretPath, value);
+    });
+}
+/**
+ * Remove a secret file (and its `.sensitive` marker, if present). Returns true
+ * if the secret existed.
+ */
+export function removeSecret(secretPath) {
+    return withSecretLock(secretPath, () => {
+        if (!fs.existsSync(secretPath))
+            return false;
+        fs.rmSync(secretPath);
+        const marker = `${secretPath}.sensitive`;
+        if (fs.existsSync(marker))
+            fs.rmSync(marker);
+        return true;
+    });
+}

package/dist/commands/self-update.js

@@ -1,3 +1,6 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at https://mozilla.org/MPL/2.0/.
 import * as childProcess from "node:child_process";
 import { createHash } from "node:crypto";
 import fs from "node:fs";

package/dist/commands/show.js

@@ -1,3 +1,6 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at https://mozilla.org/MPL/2.0/.
 /**
  * `akm show` — entry point.
  *
@@ -16,10 +19,11 @@
 import fs from "node:fs";
 import path from "node:path";
 import { parseAssetRef } from "../core/asset-ref";
+import { asNonEmptyString } from "../core/common";
 import { loadConfig } from "../core/config";
-import { NotFoundError, UsageError } from "../core/errors";
+import { NotFoundError, rethrowIfTestIsolationError, UsageError } from "../core/errors";
 import { appendEvent, readEvents } from "../core/events";
-import { parseFrontmatter, toStringOrUndefined } from "../core/frontmatter";
+import { parseFrontmatter } from "../core/frontmatter";
 import { closeDatabase, findEntryIdByRef, openExistingDatabase } from "../indexer/db";
 import { ensureIndex } from "../indexer/ensure-index";
 import { buildFileContext, buildRenderContext, getRenderer, runMatchers } from "../indexer/file-context";
@@ -141,7 +145,7 @@ export async function akmShowUnified(input) {
     }
     // Count prior shows of this ref before logging the current one.
     const priorShowCount = recentShowCount(ref);
-    logShowEvent(ref);
+    logShowEvent(ref, undefined, input.eventSource);
     if (priorShowCount >= 2) {
         // Agent has shown this same asset 3+ times — inject a loop-break hint.
         result.showLoopWarning = priorShowCount + 1;
@@ -179,7 +183,7 @@ function enforceScopeOrThrow(filePath, ref, scope) {
     for (const [key, expectedValue] of expected) {
         if (expectedValue === undefined)
             continue;
-        const actual = toStringOrUndefined(fm[`scope_${key}`]);
+        const actual = asNonEmptyString(fm[`scope_${key}`]);
         if (actual !== expectedValue) {
             throw new NotFoundError(`Asset "${ref}" exists but is out of scope (expected scope_${key}="${expectedValue}").`);
         }
@@ -191,21 +195,29 @@ function enforceScopeOrThrow(filePath, ref, scope) {
  */
 function recentShowCount(ref) {
     try {
-        const { events } = readEvents({ type: "show", ref });
+        const { events } = readEvents({
+            type: "show",
+            ref,
+            since: new Date(Date.now() - 60 * 60 * 1000).toISOString(),
+        });
         return events.length;
     }
     catch {
         return 0;
     }
 }
-function logShowEvent(ref, existingDb) {
+function logShowEvent(ref, existingDb, eventSource = "user") {
     // Emit a structured event to events.jsonl so workflow-trace consumers
     // detect akm show invocations without relying on stdout scraping.
     const parsed = parseAssetRef(ref);
     appendEvent({ eventType: "show", ref, metadata: { type: parsed.type, name: parsed.name } });
     // Detect if this show is a selection from a recent search result.
     try {
-        const { events: recentSearches } = readEvents({ type: "search" });
+        // D7: bound the query to the last 60 s so we never scan unbounded history
+        const { events: recentSearches } = readEvents({
+            type: "search",
+            since: new Date(Date.now() - 60_000).toISOString(),
+        });
         const cutoffMs = Date.now() - 60_000;
         const matchingSearch = [...recentSearches].reverse().find((e) => {
             if (!e.ts || new Date(e.ts).getTime() < cutoffMs)
@@ -235,6 +247,7 @@ function logShowEvent(ref, existingDb) {
                 event_type: "show",
                 entry_ref: ref,
                 entry_id: findEntryIdByRef(db, ref),
+                source: eventSource,
             });
         }
         finally {
@@ -242,7 +255,8 @@ function logShowEvent(ref, existingDb) {
                 closeDatabase(db);
         }
     }
-    catch {
+    catch (err) {
+        rethrowIfTestIsolationError(err);
         /* fire-and-forget */
     }
 }
@@ -316,7 +330,8 @@ export async function showLocal(input) {
                 const related = listRelatedPathsForFile(sourceStashDir, assetPath, 5, db);
                 return { total: related.length, hits: related };
             }
-            catch {
+            catch (err) {
+                rethrowIfTestIsolationError(err);
                 return { total: 0, hits: [] };
             }
             finally {
@@ -385,7 +400,7 @@ function buildSummaryResponse(full, assetPath) {
         const textContent = full.content ?? full.template ?? full.prompt;
         if (textContent && !description) {
             const parsed = parseFrontmatter(textContent);
-            description = toStringOrUndefined(parsed.data.description);
+            description = asNonEmptyString(parsed.data.description);
         }
     }
     const summary = {
@@ -432,15 +447,19 @@ export function normalizeShowArgv(argv) {
     const showArgs = [];
     for (let i = 0; i < rest.length; i++) {
         const arg = rest[i];
-        if (arg === "--quiet" || arg === "-q" || arg === "--for-agent" || arg === "--for-agent=true") {
+        if (arg === "--quiet" ||
+            arg === "-q" ||
+            arg === "--verbose" ||
+            arg === "--for-agent" ||
+            arg === "--for-agent=true") {
             globalFlags.push(arg);
             continue;
         }
-        if (arg.startsWith("--format=") || arg.startsWith("--detail=")) {
+        if (arg.startsWith("--format=") || arg.startsWith("--detail=") || arg.startsWith("--shape=")) {
             globalFlags.push(arg);
             continue;
         }
-        if (arg === "--format" || arg === "--detail") {
+        if (arg === "--format" || arg === "--detail" || arg === "--shape") {
             globalFlags.push(arg);
             if (rest[i + 1] !== undefined) {
                 globalFlags.push(rest[i + 1]);

package/dist/commands/source-add.js

@@ -1,9 +1,11 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at https://mozilla.org/MPL/2.0/.
 import fs from "node:fs";
 import path from "node:path";
 import { isHttpUrl, resolveStashDir } from "../core/common";
 import { getSources, loadConfig, loadUserConfig, saveConfig } from "../core/config";
 import { ConfigError, UsageError } from "../core/errors";
-import { warn } from "../core/warn";
 import { akmIndex } from "../indexer/indexer";
 import { upsertLockEntry } from "../integrations/lockfile";
 import { parseRegistryRef } from "../registry/resolve";
@@ -11,7 +13,6 @@ import { detectStashRoot } from "../sources/providers/provider-utils";
 import { syncFromRef } from "../sources/providers/sync-from-ref";
 import { ensureWebsiteMirror, validateWebsiteInputUrl } from "../sources/website-ingest";
 import { ensureWikiNameAvailable, validateWikiName } from "../wiki/wiki";
-import { auditInstallCandidate, deriveRegistryLabels, enforceRegistryInstallPolicy, formatInstallAuditFailure, } from "./install-audit";
 const VALID_OVERRIDE_TYPES = new Set(["wiki"]);
 export async function akmAdd(input) {
     const ref = input.ref.trim();
@@ -38,16 +39,13 @@ export async function akmAdd(input) {
     try {
         const parsed = parseRegistryRef(ref);
         if (parsed.source === "local") {
-            if (input.trustThisInstall) {
-                warn("--trust has no effect on local directory sources; the install audit is not run for local paths.");
-            }
             return addLocalSource(ref, parsed.sourcePath, stashDir, wikiName, input.name);
         }
     }
     catch {
         // Not a local ref — fall through to registry install
     }
-    return addRegistryStash(ref, stashDir, input.trustThisInstall, input.writable, wikiName);
+    return addRegistryStash(ref, stashDir, input.writable, wikiName);
 }
 export async function registerWikiSource(input) {
     const stashDir = resolveStashDir();
@@ -59,7 +57,6 @@ export async function registerWikiSource(input) {
         name,
         overrideType: "wiki",
         options: input.options,
-        trustThisInstall: input.trustThisInstall,
         writable: input.writable,
     });
 }
@@ -186,38 +183,14 @@ async function addWebsiteSource(ref, stashDir, name, options, wikiName) {
 }
 /**
  * Install a stash from a registry (npm, github, git) by dispatching to the
- * matching syncable provider, then running the post-sync install audit and
- * persisting the lock entry.
+ * matching syncable provider and persisting the lock entry.
  */
-async function addRegistryStash(ref, stashDir, trustThisInstall, writable, wikiName) {
+async function addRegistryStash(ref, stashDir, writable, wikiName) {
     const parsedRef = parseRegistryRef(ref);
     if (writable === true && parsedRef.source !== "git") {
         throw new ConfigError("writable: true is only supported on filesystem and git sources", "INVALID_CONFIG_FILE");
     }
-    // Pre-sync registry-policy enforcement uses just the parsed ref (no fetch needed),
-    // so we keep parity with the historical behavior where `enforceRegistryInstallPolicy`
-    // ran before `extractTarGzSecure` etc.
-    const config = loadConfig();
-    const synced = await syncFromRef(ref, { trustThisInstall, writable });
-    const registryLabels = deriveRegistryLabels({
-        source: synced.source,
-        ref: synced.ref,
-        artifactUrl: synced.artifactUrl,
-    });
-    enforceRegistryInstallPolicy(registryLabels, config, ref);
-    // Post-sync hook: install audit. Throws when blocked unless `--trust` is set
-    // (in which case the audit report still surfaces in the response).
-    const audit = auditInstallCandidate({
-        rootDir: synced.extractedDir,
-        source: synced.source,
-        ref: synced.ref,
-        registryLabels,
-        config,
-        trustThisInstall,
-    });
-    if (audit.blocked) {
-        throw new Error(formatInstallAuditFailure(synced.ref, audit));
-    }
+    const synced = await syncFromRef(ref, { writable });
     const replaced = (loadConfig().installed ?? []).find((entry) => entry.id === synced.id);
     const updatedConfig = upsertInstalledRegistryEntry({
         id: synced.id,
@@ -265,7 +238,6 @@ async function addRegistryStash(ref, stashDir, trustThisInstall, writable, wikiN
             cacheDir: synced.cacheDir,
             extractedDir: synced.extractedDir,
             installedAt: synced.syncedAt,
-            audit,
         },
         config: {
             sourceCount: getSources(updatedConfig).length,

package/dist/commands/source-clone.js

@@ -1,3 +1,6 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at https://mozilla.org/MPL/2.0/.
 import fs from "node:fs";
 import path from "node:path";
 import { makeAssetRef, parseAssetRef } from "../core/asset-ref";

package/dist/commands/source-manage.js

@@ -1,3 +1,6 @@
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this
+// file, You can obtain one at https://mozilla.org/MPL/2.0/.
 import path from "node:path";
 import { isRemoteUrl } from "../core/common";
 import { getSources, loadConfig, loadUserConfig, saveConfig } from "../core/config";