i-repo 2.10.1 → 2.12.0

package/dist/commands/auth.js

@@ -9,6 +9,7 @@ import { IReporterClient } from "../sdk/index.js";
 import { getConfig, getConfigWithSource, clearStoredCredentials, } from "../config/store.js";
 import { getUserConfigPath, getProjectConfigPath, getLocalConfigPath, findProjectRoot, } from "../config/scoped-store.js";
 import { assertEndpointAllowed, persistCredentials } from "../config/client.js";
+import { fingerprintEndpoint } from "../config/endpoint-fingerprint.js";
 import { logHttp } from "../core/logger.js";
 import { printSuccess, printError, printWarning, printInfo, printDetails, printInteractionHint, withSpinner, t, } from "../ui/index.js";
 import { t as tr } from "../i18n/index.js";
@@ -202,6 +203,11 @@ authCommand
                 ? `Available ${t.dim(`[${passwordSrc}]`)}`
                 : t.muted("Not set"),
         };
+        // 現テナントの権威ある指紋。DC が config を読み直して自前指紋化する経路を
+        // CLI 自己申告に置換できる導線 (SCHEMA.md §2.5a、reports の provenance と同一規則)。
+        if (endpoint) {
+            display["Fingerprint"] = fingerprintEndpoint(endpoint);
+        }
         // Config file paths
         display["User config"] = getUserConfigPath();
         const projPath = getProjectConfigPath();

package/dist/commands/reports/get.js

@@ -1,5 +1,6 @@
 import { formatOutput } from "../../ui/formatters/index.js";
 import { getContract } from "../../contracts/registry.js";
+import { buildProvenance } from "../../config/provenance.js";
 import { assertNumericId, handleError } from "../../core/errors.js";
 import { t as tr } from "../../i18n/index.js";
 export function registerReportsGet(parent, getClient) {
@@ -29,6 +30,8 @@ export function registerReportsGet(parent, getClient) {
                 quietField: contract.quietField,
                 render: contract.render,
                 envelope: contract.envelope ?? undefined,
+                // 実際に叩いた接続先を機械可読で自己申告 (SCHEMA.md §2.5a)
+                provenance: contract.includeProvenance ? buildProvenance(globalOpts) : undefined,
             });
         }
         catch (error) {

package/dist/commands/reports/list.js

@@ -1,6 +1,7 @@
 import { PublicStatus, EditStatus } from "../../sdk/index.js";
 import { formatOutput } from "../../ui/formatters/index.js";
 import { getContract } from "../../contracts/registry.js";
+import { buildProvenance } from "../../config/provenance.js";
 import { handleError } from "../../core/errors.js";
 import { choiceOption, collectSystemKeys, parseChoiceList, parseDateTime, parseLabelId, parseNumericList, } from "../shared-options.js";
 const editStatusMap = {
@@ -52,6 +53,8 @@ export function registerReportsList(parent, getClient) {
                 quietField: contract.quietField,
                 render: contract.render,
                 envelope: contract.envelope ?? undefined,
+                // 実際に叩いた接続先を機械可読で自己申告 (SCHEMA.md §2.5a)
+                provenance: contract.includeProvenance ? buildProvenance(globalOpts) : undefined,
             });
         }
         catch (error) {

package/dist/commands/schema.d.ts

@@ -27,6 +27,8 @@ export interface SchemaRow {
     quietField?: string;
     /** 表示ラベル変換（table/json/csv のみ適用。ndjson は生コード値） */
     labels?: Record<string, Record<string, string>>;
+    /** ndjson 封筒に接続来歴 provenance を付与するか（SCHEMA.md §2.5a） */
+    provenance?: boolean;
 }
 /** query（recordType / コマンドパス / コマンド語）で契約を絞り込んで行を組む */
 export declare function buildSchemaRows(query?: string): SchemaRow[];

package/dist/commands/schema.js

@@ -43,6 +43,7 @@ export function buildSchemaRows(query) {
         columns: c.columns,
         quietField: c.quietField,
         labels: c.render,
+        provenance: c.includeProvenance ? true : undefined,
     }));
 }
 export const schemaCommand = new Command("schema")

package/dist/config/client.d.ts

@@ -14,6 +14,7 @@
  */
 import { IReporterClient } from "../sdk/index.js";
 import type { ConfigScope } from "./scoped-store.js";
+import type { Provenance } from "./provenance.js";
 export interface CreateClientOptions {
     endpoint?: string;
     user?: string;
@@ -76,3 +77,14 @@ export declare function persistCredentials(args: {
  * CLI flags -> environment variables -> config store (scoped) -> interactive prompt.
  */
 export declare function createClient(opts?: CreateClientOptions): Promise<IReporterClient>;
+/**
+ * Like createClient(), but also returns the provenance of the connection it
+ * resolved (endpoint + fingerprint + user + resolution source). Thin wrapper:
+ * createClient remains the single source of truth for credential resolution and
+ * stays unchanged for backward compatibility. The password is never surfaced in
+ * provenance. See ./provenance.ts and docs/SCHEMA.md §2.5a.
+ */
+export declare function createClientWithProvenance(opts?: CreateClientOptions): Promise<{
+    client: IReporterClient;
+    provenance: Provenance;
+}>;

package/dist/config/client.js

@@ -18,6 +18,7 @@ import { logHttp } from "../core/logger.js";
 import { ConfigError } from "../core/errors.js";
 import { getConfig, setConfig } from "./store.js";
 import { getConfigPath, getUserConfigPath } from "./scoped-store.js";
+import { buildProvenance, resolveEndpointUser } from "./provenance.js";
 /** Env var that opts in to plain-http on ANY host (including public ones). */
 export const INSECURE_ENV = "IREPO_ALLOW_INSECURE";
 /** Whether the user has explicitly opted in to insecure (plain http) endpoints. */
@@ -137,8 +138,10 @@ let cachedPassword;
  * CLI flags -> environment variables -> config store (scoped) -> interactive prompt.
  */
 export async function createClient(opts = {}) {
-    const endpoint = opts.endpoint || process.env.IREPO_ENDPOINT || getConfig("endpoint");
-    const user = opts.user || process.env.IREPO_USER || getConfig("user");
+    // Endpoint/user resolution is shared with buildProvenance() so provenance can
+    // never drift from the connection this client actually uses. Password is
+    // resolved here only (never surfaced in provenance).
+    const { endpoint, user } = resolveEndpointUser(opts);
     let password = opts.password || process.env.IREPO_PASSWORD || cachedPassword || getConfig("password");
     if (!endpoint) {
         // 素の Error だと exit 1 (unknown) に落ちて exit code 契約
@@ -176,3 +179,14 @@ export async function createClient(opts = {}) {
         onHttp: logHttp,
     });
 }
+/**
+ * Like createClient(), but also returns the provenance of the connection it
+ * resolved (endpoint + fingerprint + user + resolution source). Thin wrapper:
+ * createClient remains the single source of truth for credential resolution and
+ * stays unchanged for backward compatibility. The password is never surfaced in
+ * provenance. See ./provenance.ts and docs/SCHEMA.md §2.5a.
+ */
+export async function createClientWithProvenance(opts = {}) {
+    const client = await createClient(opts);
+    return { client, provenance: buildProvenance(opts) };
+}

package/dist/config/endpoint-fingerprint.d.ts

@@ -0,0 +1,28 @@
+/**
+ * Normalize an endpoint URL for identity comparison (endpoint.rs::normalize).
+ * Empty/whitespace-only input returns "" so callers can treat it as "unresolved"
+ * (fail-closed) rather than fingerprinting a blank.
+ */
+export declare function normalizeEndpoint(raw: string): string;
+/**
+ * SHA-256 hex (64 chars) of the normalized endpoint — the "which server" id.
+ * Byte-identical to data-connect's `endpoint::fingerprint`. Returns "" when the
+ * endpoint is unresolved (normalize → ""), so an unset endpoint never collides
+ * with a real one.
+ */
+export declare function fingerprintEndpoint(url: string): string;
+/**
+ * Masked host for readable display (`scheme://host[:non-default-port]`), dropping
+ * userinfo, path, query and fragment. Port-stripping is NOT applied here and case
+ * is preserved — mirrors data-connect's `endpoint::mask_host`.
+ */
+export declare function maskEndpointHost(url: string): string;
+/**
+ * A human-readable, secret-free rendering of an endpoint for provenance display:
+ * `scheme://host[:port]/path`, preserving case verbatim but **dropping every place
+ * a credential can hide** — `userinfo@`, the query string and the fragment. Lets
+ * provenance carry the real endpoint without leaking secrets embedded in the URL
+ * (no-secret invariant). A scheme-less fragment keeps its host/path but still has
+ * query/fragment stripped.
+ */
+export declare function safeEndpointDisplay(url: string): string;

package/dist/config/endpoint-fingerprint.js

@@ -0,0 +1,117 @@
+/**
+ * Endpoint identity helpers — the byte-for-byte contract shared with consumers.
+ *
+ * `fingerprintEndpoint` MUST produce the same hex as data-connect's
+ * `endpoint::fingerprint` (src-tauri/src/endpoint.rs). Consumers persist these
+ * fingerprints (e.g. data-connect's connector.db endpoint_fp columns); any drift
+ * in the normalization rule would make existing rows fail-closed and "lose"
+ * already-delivered data. The rule is therefore FROZEN — this is a verbatim port
+ * of the current endpoint.rs::normalize, not an "improved" one. See docs/SCHEMA.md
+ * for the canonical published spec and src/__tests__/endpoint-fingerprint.test.ts
+ * for the ported cross-language test vectors that guard the two implementations.
+ *
+ * Normalization (verbatim port of endpoint.rs::normalize):
+ *   trim → lowercase the WHOLE url (path included) → split scheme on first "://"
+ *   → split authority/path on first "/" → drop userinfo (right of last "@") →
+ *   strip default port (exact ":443" for https / ":80" for http; non-default
+ *   kept) → trim trailing "/" from path (drop if empty) → reassemble.
+ *
+ * Footnote: a host that is non-ASCII (IDN) could lowercase differently between
+ * Rust `to_lowercase` and JS `toLowerCase`. i-Reporter endpoints are ASCII, so
+ * this is a documented non-issue rather than a divergence in practice.
+ */
+import { createHash } from "node:crypto";
+/**
+ * Normalize an endpoint URL for identity comparison (endpoint.rs::normalize).
+ * Empty/whitespace-only input returns "" so callers can treat it as "unresolved"
+ * (fail-closed) rather than fingerprinting a blank.
+ */
+export function normalizeEndpoint(raw) {
+    const lowered = raw.trim().toLowerCase();
+    if (lowered === "")
+        return "";
+    // scheme split on the FIRST "://"
+    const schemeIdx = lowered.indexOf("://");
+    const scheme = schemeIdx >= 0 ? lowered.slice(0, schemeIdx) : undefined;
+    const rest = schemeIdx >= 0 ? lowered.slice(schemeIdx + 3) : lowered;
+    // authority / path split on the FIRST "/"
+    const slashIdx = rest.indexOf("/");
+    const authority = slashIdx >= 0 ? rest.slice(0, slashIdx) : rest;
+    const rawPath = slashIdx >= 0 ? rest.slice(slashIdx + 1) : undefined;
+    // userinfo@host:port → host:port (split on the LAST "@")
+    const atIdx = authority.lastIndexOf("@");
+    let hostPort = atIdx >= 0 ? authority.slice(atIdx + 1) : authority;
+    // default-port removal: exact suffix match, scheme-gated (non-default kept).
+    if (scheme === "https" && hostPort.endsWith(":443")) {
+        hostPort = hostPort.slice(0, -":443".length);
+    }
+    else if (scheme === "http" && hostPort.endsWith(":80")) {
+        hostPort = hostPort.slice(0, -":80".length);
+    }
+    // trim ALL trailing slashes (Rust trim_end_matches('/')); drop empty path.
+    let path;
+    if (rawPath !== undefined) {
+        const trimmed = rawPath.replace(/\/+$/, "");
+        path = trimmed === "" ? undefined : trimmed;
+    }
+    let out = "";
+    if (scheme !== undefined)
+        out += `${scheme}://`;
+    out += hostPort;
+    if (path !== undefined)
+        out += `/${path}`;
+    return out;
+}
+/**
+ * SHA-256 hex (64 chars) of the normalized endpoint — the "which server" id.
+ * Byte-identical to data-connect's `endpoint::fingerprint`. Returns "" when the
+ * endpoint is unresolved (normalize → ""), so an unset endpoint never collides
+ * with a real one.
+ */
+export function fingerprintEndpoint(url) {
+    const normalized = normalizeEndpoint(url);
+    if (normalized === "")
+        return "";
+    return createHash("sha256").update(normalized, "utf8").digest("hex");
+}
+/**
+ * Masked host for readable display (`scheme://host[:non-default-port]`), dropping
+ * userinfo, path, query and fragment. Port-stripping is NOT applied here and case
+ * is preserved — mirrors data-connect's `endpoint::mask_host`.
+ */
+export function maskEndpointHost(url) {
+    const trimmed = url.trim();
+    const schemeIdx = trimmed.indexOf("://");
+    const scheme = schemeIdx >= 0 ? trimmed.slice(0, schemeIdx) : undefined;
+    const rest = schemeIdx >= 0 ? trimmed.slice(schemeIdx + 3) : trimmed;
+    const sepIdx = rest.search(/[/?#]/);
+    const authority = sepIdx >= 0 ? rest.slice(0, sepIdx) : rest;
+    const atIdx = authority.lastIndexOf("@");
+    const hostPort = atIdx >= 0 ? authority.slice(atIdx + 1) : authority;
+    return scheme !== undefined ? `${scheme}://${hostPort}` : hostPort;
+}
+/**
+ * A human-readable, secret-free rendering of an endpoint for provenance display:
+ * `scheme://host[:port]/path`, preserving case verbatim but **dropping every place
+ * a credential can hide** — `userinfo@`, the query string and the fragment. Lets
+ * provenance carry the real endpoint without leaking secrets embedded in the URL
+ * (no-secret invariant). A scheme-less fragment keeps its host/path but still has
+ * query/fragment stripped.
+ */
+export function safeEndpointDisplay(url) {
+    const trimmed = url.trim();
+    const schemeIdx = trimmed.indexOf("://");
+    if (schemeIdx < 0) {
+        // No authority section (no userinfo to scrub); just drop query/fragment.
+        return trimmed.split(/[?#]/)[0];
+    }
+    const scheme = trimmed.slice(0, schemeIdx);
+    const rest = trimmed.slice(schemeIdx + 3);
+    const sepIdx = rest.search(/[/?#]/);
+    const authority = sepIdx >= 0 ? rest.slice(0, sepIdx) : rest;
+    // Keep only the path (from the first "/" up to "?"/"#"); query/fragment dropped.
+    const path = sepIdx >= 0 && rest[sepIdx] === "/" ? rest.slice(sepIdx).split(/[?#]/)[0] : "";
+    const atIdx = authority.lastIndexOf("@");
+    const hostPort = atIdx >= 0 ? authority.slice(atIdx + 1) : authority;
+    return `${scheme}://${hostPort}${path}`;
+}

package/dist/config/provenance.d.ts

@@ -0,0 +1,43 @@
+/** Where a credential value was resolved from (machine-readable contract). */
+export type ResolvedFrom = "flag" | "env" | "config-user" | "config-project" | "config-local";
+export interface Provenance {
+    /**
+     * The endpoint actually used, userinfo-stripped (no secret). Pre-normalization
+     * so humans see their real casing/port/path; the fingerprint below is the
+     * canonical identity.
+     */
+    endpoint: string;
+    /** SHA-256 of the normalized endpoint — byte-identical to DC's fingerprint. */
+    endpointFingerprint: string;
+    /** The resolved user (never the password). */
+    user: string;
+    /** Where the *endpoint* was resolved from. "" when no endpoint is configured. */
+    resolvedFrom: ResolvedFrom | "";
+}
+/**
+ * Machine-readable resolution source for a credential key. Mirrors the
+ * human-facing `resolveSource()` in commands/auth.ts but emits stable contract
+ * tokens (`config-user`/`config-project`/`config-local`) instead of display
+ * labels — the two share the same getConfigWithSource() lookup.
+ */
+export declare function resolveSourceMachine(key: "endpoint" | "user" | "password", flagValue?: string): ResolvedFrom | "";
+export interface BuildProvenanceOptions {
+    endpoint?: string;
+    user?: string;
+}
+/**
+ * Resolve endpoint + user from flag → env → config. The single source of truth
+ * for this chain: both createClient() and buildProvenance() call it, so the
+ * provenance reported alongside a result can never drift from the connection the
+ * request was actually made on. Password is resolved separately by createClient.
+ */
+export declare function resolveEndpointUser(opts?: BuildProvenanceOptions): {
+    endpoint: string | undefined;
+    user: string | undefined;
+};
+/**
+ * Build the provenance for the connection these options resolve to. Uses the
+ * shared resolveEndpointUser() chain; resolvedFrom reports the *endpoint*'s source
+ * (the tenant-identifying value).
+ */
+export declare function buildProvenance(opts?: BuildProvenanceOptions): Provenance;

package/dist/config/provenance.js

@@ -0,0 +1,67 @@
+/**
+ * Per-invocation provenance — the CLI's self-report of which connection it
+ * actually used. Lets consumers (e.g. data-connect) trust the CLI's own
+ * statement of "endpoint + fingerprint + user + where it came from" instead of
+ * re-reading global config and re-fingerprinting it themselves (the path where
+ * app belief and CLI reality drift apart). See docs/SCHEMA.md §2.5a.
+ *
+ * Resolution mirrors createClient() exactly (flag → env → config), so the
+ * provenance reported alongside a result describes the same connection the
+ * request was made on. Secrets (password) are never carried here.
+ */
+import { getConfig, getConfigWithSource } from "./store.js";
+import { fingerprintEndpoint, safeEndpointDisplay } from "./endpoint-fingerprint.js";
+/**
+ * Machine-readable resolution source for a credential key. Mirrors the
+ * human-facing `resolveSource()` in commands/auth.ts but emits stable contract
+ * tokens (`config-user`/`config-project`/`config-local`) instead of display
+ * labels — the two share the same getConfigWithSource() lookup.
+ */
+export function resolveSourceMachine(key, flagValue) {
+    if (flagValue)
+        return "flag";
+    const envMap = {
+        endpoint: process.env.IREPO_ENDPOINT,
+        user: process.env.IREPO_USER,
+        password: process.env.IREPO_PASSWORD,
+    };
+    if (envMap[key])
+        return "env";
+    const info = getConfigWithSource(key);
+    switch (info.source) {
+        case "user":
+            return "config-user";
+        case "project":
+            return "config-project";
+        case "local":
+            return "config-local";
+        default:
+            return "";
+    }
+}
+/**
+ * Resolve endpoint + user from flag → env → config. The single source of truth
+ * for this chain: both createClient() and buildProvenance() call it, so the
+ * provenance reported alongside a result can never drift from the connection the
+ * request was actually made on. Password is resolved separately by createClient.
+ */
+export function resolveEndpointUser(opts = {}) {
+    return {
+        endpoint: opts.endpoint || process.env.IREPO_ENDPOINT || getConfig("endpoint"),
+        user: opts.user || process.env.IREPO_USER || getConfig("user"),
+    };
+}
+/**
+ * Build the provenance for the connection these options resolve to. Uses the
+ * shared resolveEndpointUser() chain; resolvedFrom reports the *endpoint*'s source
+ * (the tenant-identifying value).
+ */
+export function buildProvenance(opts = {}) {
+    const { endpoint, user } = resolveEndpointUser(opts);
+    return {
+        endpoint: endpoint ? safeEndpointDisplay(endpoint) : "",
+        endpointFingerprint: fingerprintEndpoint(endpoint ?? ""),
+        user: user ?? "",
+        resolvedFrom: resolveSourceMachine("endpoint", opts.endpoint),
+    };
+}

package/dist/contracts/registry.d.ts

@@ -26,6 +26,12 @@ export interface CommandContract {
     quietField?: string;
     /** 表示ラベル変換（table/json/csv のみ。ndjson には適用されない） */
     render?: RenderMap;
+    /**
+     * true のとき ndjson 封筒に接続来歴（provenance）を付与する。
+     * 「どの endpoint/指紋/user・解決ソースで叩いたか」を機械可読で自己申告し、
+     * 消費側が config を読み直して自前指紋化する経路を不要化する（SCHEMA.md §2.5a）。
+     */
+    includeProvenance?: boolean;
 }
 /**
  * 出力契約の正本。コマンド実装はここから getContract() で引く

package/dist/contracts/registry.js

@@ -19,6 +19,7 @@ export const contracts = [
         columns: ["type", "itemId", "name", "editStatus", "revNo", "registTime", "updateTime"],
         quietField: "itemId",
         render: { type: typeLabels, editStatus: editStatusLabels },
+        includeProvenance: true,
     },
     {
         command: "reports get",
@@ -28,6 +29,7 @@ export const contracts = [
             idField: "topId",
         },
         quietField: "topId",
+        includeProvenance: true,
     },
 ];
 /** コマンドパスで契約を引く。未登録は実装バグなので明示エラー */

package/dist/plugins/dispatch.js

@@ -14,6 +14,8 @@ import { accessSync, constants, readdirSync, statSync } from "node:fs";
 import { homedir } from "node:os";
 import { delimiter, isAbsolute, join } from "node:path";
 import { getConfig } from "../config/store.js";
+import { fingerprintEndpoint } from "../config/endpoint-fingerprint.js";
+import { resolveSourceMachine } from "../config/provenance.js";
 /** Prefix every plugin executable must carry. */
 export const PLUGIN_PREFIX = "i-repo-";
 const isWin = process.platform === "win32";
@@ -246,6 +248,19 @@ export function buildPluginEnv(ctx, opts = {}) {
         env.IREPO_TIMEOUT = String(timeout);
     env.IREPO_QUIET = quiet ? "1" : "";
     env.IREPO_PLUGIN_API = "1";
+    // Provenance of the resolved i-Reporter endpoint, computed CLI-side — the CLI
+    // is the single source of truth for the fingerprint; plugins must echo these,
+    // never fingerprint themselves (would break the frozen rule). Authoritative:
+    // scrub any inherited value first (a PATH binary must not be able to spoof its
+    // own provenance via env), then set only when the endpoint actually resolves.
+    // Absence ⇒ "unknown" (consumers treat it fail-closed, never as a match).
+    delete env.IREPO_ENDPOINT_FINGERPRINT;
+    delete env.IREPO_ENDPOINT_RESOLVED_FROM;
+    const endpointFingerprint = endpoint ? fingerprintEndpoint(String(endpoint)) : "";
+    if (endpointFingerprint) {
+        env.IREPO_ENDPOINT_FINGERPRINT = endpointFingerprint;
+        env.IREPO_ENDPOINT_RESOLVED_FROM = resolveSourceMachine("endpoint", ctx.endpoint);
+    }
     return env;
 }
 /**

package/dist/ui/formatters/envelope.d.ts

@@ -8,6 +8,7 @@
  * render, which converts codes to human labels). Applied only for
  * `--format ndjson`. See ./index.ts and docs/SCHEMA.md.
  */
+import type { Provenance } from "../../config/provenance.js";
 /** Attachment carried by reference only — never the bytes (docs/SCHEMA.md). */
 export interface Attachment {
     kind: string;
@@ -58,6 +59,12 @@ export interface Envelope {
     idempotencyKey?: string;
     systemKeys: Record<string, string>;
     attachments: Attachment[];
+    /**
+     * Per-invocation connection provenance (endpoint/fingerprint/user/source),
+     * constant across a stream. Present only when the command opts in
+     * (CommandContract.includeProvenance). Never carries a secret. See SCHEMA.md §2.5a.
+     */
+    provenance?: Provenance;
     /** The complete, authoritative canonical record — verbatim, nothing dropped. */
     values: Record<string, unknown>;
     /** Promoted identifier under the field name from spec.idField, and headroom. */
@@ -78,10 +85,12 @@ export interface StreamEnd {
     count: number;
     /** "complete" on normal termination. Headroom for future streaming emitters. */
     status: "complete" | "aborted";
+    /** Same provenance as the records, so a consumer can read it from one line. */
+    provenance?: Provenance;
 }
 export declare const DEFAULT_SCHEMA_VERSION = "1.0";
 /** Build the stream-end trailer closing an envelope stream of `count` records. */
-export declare function buildStreamEnd(count: number, spec: Pick<EnvelopeSpec, "schemaVersion">, status?: StreamEnd["status"]): StreamEnd;
+export declare function buildStreamEnd(count: number, spec: Pick<EnvelopeSpec, "schemaVersion">, status?: StreamEnd["status"], provenance?: Provenance): StreamEnd;
 /**
  * Wrap one canonical record in the stable ndjson envelope.
  *
@@ -89,4 +98,4 @@ export declare function buildStreamEnd(count: number, spec: Pick<EnvelopeSpec, "
  * - `values` is a shallow clone of the whole record — verbatim, authoritative.
  *   Envelope-level fields are projections of `values`; duplication is intentional.
  */
-export declare function buildEnvelope(record: Record<string, unknown>, spec: EnvelopeSpec): Envelope;
+export declare function buildEnvelope(record: Record<string, unknown>, spec: EnvelopeSpec, provenance?: Provenance): Envelope;

package/dist/ui/formatters/envelope.js

@@ -11,12 +11,13 @@
 export const DEFAULT_SCHEMA_VERSION = "1.0";
 const DEFAULT_SYSTEM_KEY_COUNT = 5;
 /** Build the stream-end trailer closing an envelope stream of `count` records. */
-export function buildStreamEnd(count, spec, status = "complete") {
+export function buildStreamEnd(count, spec, status = "complete", provenance) {
     return {
         schemaVersion: spec.schemaVersion ?? DEFAULT_SCHEMA_VERSION,
         recordType: "stream-end",
         count,
         status,
+        ...(provenance !== undefined ? { provenance } : {}),
     };
 }
 /**
@@ -26,7 +27,7 @@ export function buildStreamEnd(count, spec, status = "complete") {
  * - `values` is a shallow clone of the whole record — verbatim, authoritative.
  *   Envelope-level fields are projections of `values`; duplication is intentional.
  */
-export function buildEnvelope(record, spec) {
+export function buildEnvelope(record, spec, provenance) {
     const schemaVersion = spec.schemaVersion ?? DEFAULT_SCHEMA_VERSION;
     // Resolve the identifier from one or more candidate fields (first present,
     // non-empty wins). Emit it under that field's own name. If none are present,
@@ -61,6 +62,7 @@ export function buildEnvelope(record, spec) {
             : {}),
         systemKeys: collectSystemKeys(record, spec),
         attachments: spec.attachmentsFrom?.(record) ?? [],
+        ...(provenance !== undefined ? { provenance } : {}),
         values: { ...record },
     };
 }

package/dist/ui/formatters/index.d.ts

@@ -1,5 +1,6 @@
 import type { RenderMap } from "./renderers.js";
 import type { EnvelopeSpec } from "./envelope.js";
+import type { Provenance } from "../../config/provenance.js";
 /** Supported output formats (single source of truth for flag/config validation). */
 export declare const OUTPUT_FORMATS: readonly ["table", "json", "csv", "ndjson"];
 export type OutputFormat = (typeof OUTPUT_FORMATS)[number];
@@ -16,6 +17,11 @@ export interface FormatOptions {
     render?: RenderMap;
     /** When set, ndjson records are wrapped in the stable envelope (docs/SCHEMA.md). */
     envelope?: EnvelopeSpec;
+    /**
+     * Per-invocation connection provenance. When set (and an envelope is applied),
+     * it is added to every envelope record and the stream-end trailer. ndjson only.
+     */
+    provenance?: Provenance;
 }
 /**
  * Format and print data to stdout based on the given options.

package/dist/ui/formatters/index.js

@@ -52,12 +52,12 @@ export function formatOutput(data, options) {
         if (options.envelope) {
             const arr = Array.isArray(data) ? data : data == null ? [] : [data];
             const spec = options.envelope;
-            const emitted = formatNdjson(arr.map((r) => buildEnvelope(r, spec)));
+            const emitted = formatNdjson(arr.map((r) => buildEnvelope(r, spec, options.provenance)));
             // Terminal trailer: lets downstream distinguish "complete" from a broken
             // pipe and verify count — absence means the stream was truncated (§2.6).
             // Count = lines actually written (a serialization-failed record is
             // reported on stderr and excluded, keeping the count verifiable).
-            formatNdjson(buildStreamEnd(emitted, spec));
+            formatNdjson(buildStreamEnd(emitted, spec, "complete", options.provenance));
             return;
         }
         formatNdjson(data);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "i-repo",
-  "version": "2.10.1",
+  "version": "2.12.0",
   "description": "Modern CLI for ConMas i-Reporter - Built for humans and AI",
   "type": "module",
   "bin": {

package/plugins/i-repo-archive

@@ -44,7 +44,7 @@ async function loadBuiltins() {
 }
 
 const PLUGIN = "i-repo-archive";
-const VERSION = "0.5.7";
+const VERSION = "0.6.0";
 const PLUGIN_API = "1";
 const defaultArchiveRoot = () => join(homedir(), ".i-repo", "archives");
 
@@ -616,9 +616,11 @@ async function createArchive(options) {
 
   // Completion marker written last: its absence marks an incomplete bundle.
   const receiptPath = join(archivePath, "receipts", "archive.json");
+  const provenance = endpointProvenance();
   await writeJsonFile(receiptPath, {
     jobId, count: records.length,
     producedBy: { plugin: PLUGIN, version: VERSION }, // 来歴: stdout だけでなく archive.json にも残す
+    ...(provenance ? { provenance } : {}), // 接続来歴も stdout receipt と同一値で残す
     ...extras,
   });
   savedFiles.push(receiptPath);
@@ -898,11 +900,29 @@ async function pullArchiveBundle(options, backend) {
 
 // ── receipts (SCHEMA.md §6) ─────────────────────────────────────────────────
 
+// 接続来歴: CLI(dispatch) が precomputed して env で渡した値を echo するだけ。指紋は
+// 計算しない（CLI が正本＝凍結規則の第2実装を作らない。SCHEMA.md §2.5a/§6）。
+// IREPO_ENDPOINT_FINGERPRINT が無い＝endpoint 未解決 → provenance を省略（不明＝
+// fail-closed; 消費側は空/不在を「一致」と解釈しない契約）。
+function endpointProvenance() {
+  const endpointFingerprint = process.env.IREPO_ENDPOINT_FINGERPRINT;
+  if (!endpointFingerprint) return undefined;
+  return {
+    endpoint: process.env.IREPO_ENDPOINT || "",
+    endpointFingerprint,
+    user: process.env.IREPO_USER || "",
+    resolvedFrom: process.env.IREPO_ENDPOINT_RESOLVED_FROM || "",
+  };
+}
+
 function emitReceipt(phase, jobId, count, failedCount, verified, extras) {
+  const provenance = endpointProvenance();
   process.stdout.write(JSON.stringify({
     schemaVersion: "1.0", recordType: "receipt", plugin: PLUGIN,
     producedBy: { plugin: PLUGIN, version: VERSION },
-    phase, jobId, count, failedCount, verified, ...extras,
+    phase, jobId, count, failedCount, verified,
+    ...(provenance ? { provenance } : {}),
+    ...extras,
   }) + "\n");
 }