i-repo 2.11.0 → 2.12.0

package/dist/plugins/dispatch.js

@@ -14,6 +14,8 @@ import { accessSync, constants, readdirSync, statSync } from "node:fs";
 import { homedir } from "node:os";
 import { delimiter, isAbsolute, join } from "node:path";
 import { getConfig } from "../config/store.js";
+import { fingerprintEndpoint } from "../config/endpoint-fingerprint.js";
+import { resolveSourceMachine } from "../config/provenance.js";
 /** Prefix every plugin executable must carry. */
 export const PLUGIN_PREFIX = "i-repo-";
 const isWin = process.platform === "win32";
@@ -246,6 +248,19 @@ export function buildPluginEnv(ctx, opts = {}) {
         env.IREPO_TIMEOUT = String(timeout);
     env.IREPO_QUIET = quiet ? "1" : "";
     env.IREPO_PLUGIN_API = "1";
+    // Provenance of the resolved i-Reporter endpoint, computed CLI-side — the CLI
+    // is the single source of truth for the fingerprint; plugins must echo these,
+    // never fingerprint themselves (would break the frozen rule). Authoritative:
+    // scrub any inherited value first (a PATH binary must not be able to spoof its
+    // own provenance via env), then set only when the endpoint actually resolves.
+    // Absence ⇒ "unknown" (consumers treat it fail-closed, never as a match).
+    delete env.IREPO_ENDPOINT_FINGERPRINT;
+    delete env.IREPO_ENDPOINT_RESOLVED_FROM;
+    const endpointFingerprint = endpoint ? fingerprintEndpoint(String(endpoint)) : "";
+    if (endpointFingerprint) {
+        env.IREPO_ENDPOINT_FINGERPRINT = endpointFingerprint;
+        env.IREPO_ENDPOINT_RESOLVED_FROM = resolveSourceMachine("endpoint", ctx.endpoint);
+    }
     return env;
 }
 /**

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "i-repo",
-  "version": "2.11.0",
+  "version": "2.12.0",
   "description": "Modern CLI for ConMas i-Reporter - Built for humans and AI",
   "type": "module",
   "bin": {

package/plugins/i-repo-archive

@@ -44,7 +44,7 @@ async function loadBuiltins() {
 }
 
 const PLUGIN = "i-repo-archive";
-const VERSION = "0.5.7";
+const VERSION = "0.6.0";
 const PLUGIN_API = "1";
 const defaultArchiveRoot = () => join(homedir(), ".i-repo", "archives");
 
@@ -616,9 +616,11 @@ async function createArchive(options) {
 
   // Completion marker written last: its absence marks an incomplete bundle.
   const receiptPath = join(archivePath, "receipts", "archive.json");
+  const provenance = endpointProvenance();
   await writeJsonFile(receiptPath, {
     jobId, count: records.length,
     producedBy: { plugin: PLUGIN, version: VERSION }, // 来歴: stdout だけでなく archive.json にも残す
+    ...(provenance ? { provenance } : {}), // 接続来歴も stdout receipt と同一値で残す
     ...extras,
   });
   savedFiles.push(receiptPath);
@@ -898,11 +900,29 @@ async function pullArchiveBundle(options, backend) {
 
 // ── receipts (SCHEMA.md §6) ─────────────────────────────────────────────────
 
+// 接続来歴: CLI(dispatch) が precomputed して env で渡した値を echo するだけ。指紋は
+// 計算しない（CLI が正本＝凍結規則の第2実装を作らない。SCHEMA.md §2.5a/§6）。
+// IREPO_ENDPOINT_FINGERPRINT が無い＝endpoint 未解決 → provenance を省略（不明＝
+// fail-closed; 消費側は空/不在を「一致」と解釈しない契約）。
+function endpointProvenance() {
+  const endpointFingerprint = process.env.IREPO_ENDPOINT_FINGERPRINT;
+  if (!endpointFingerprint) return undefined;
+  return {
+    endpoint: process.env.IREPO_ENDPOINT || "",
+    endpointFingerprint,
+    user: process.env.IREPO_USER || "",
+    resolvedFrom: process.env.IREPO_ENDPOINT_RESOLVED_FROM || "",
+  };
+}
+
 function emitReceipt(phase, jobId, count, failedCount, verified, extras) {
+  const provenance = endpointProvenance();
   process.stdout.write(JSON.stringify({
     schemaVersion: "1.0", recordType: "receipt", plugin: PLUGIN,
     producedBy: { plugin: PLUGIN, version: VERSION },
-    phase, jobId, count, failedCount, verified, ...extras,
+    phase, jobId, count, failedCount, verified,
+    ...(provenance ? { provenance } : {}),
+    ...extras,
   }) + "\n");
 }