multimodel-dev-os 3.1.0 → 3.5.0

package/src/registry/signing.js

@@ -0,0 +1,392 @@
+/**
+ * Registry Signing — HMAC-SHA256 and Ed25519 key management + verification
+ *
+ * Provides project-scoped HMAC signing and public-key Ed25519 signature verification
+ * for registry manifests.
+ *
+ * HMAC key is stored at `.ai/registry-signing-key` as a 64-char hex string
+ * (32 random bytes). The file should be gitignored.
+ *
+ * Uses only Node.js built-in `crypto` — zero runtime dependencies.
+ */
+
+import { generateKeyPairSync, sign, verify, createHmac, timingSafeEqual, randomBytes } from 'crypto';
+import { existsSync, readFileSync, writeFileSync, mkdirSync, chmodSync } from 'fs';
+import { join, dirname } from 'path';
+
+const SIGNING_KEY_FILENAME = 'registry-signing-key';
+
+/**
+ * Return the absolute path to the signing key file for a given project dir.
+ * @param {string} targetDir  Absolute path to the project root.
+ * @returns {string}
+ */
+export function getSigningKeyPath(targetDir) {
+  return join(targetDir, '.ai', SIGNING_KEY_FILENAME);
+}
+
+/**
+ * Load the project-scoped signing key from `.ai/registry-signing-key`.
+ * Returns null (without throwing) if the file does not exist.
+ * Throws if the file exists but contains an invalid key format.
+ *
+ * @param {string} targetDir  Absolute path to the project root.
+ * @returns {string|null}     64-char hex key string, or null.
+ */
+export function loadSigningKey(targetDir) {
+  const keyPath = getSigningKeyPath(targetDir);
+  if (!existsSync(keyPath)) {
+    return null;
+  }
+
+  const raw = readFileSync(keyPath, 'utf8').trim();
+
+  if (!/^[0-9a-f]{64}$/.test(raw)) {
+    throw new Error(
+      `Signing key at '${keyPath}' is malformed. Expected a 64-character lowercase hex string (32 bytes). ` +
+      `Re-generate with: npx multimodel-dev-os registry keygen --approved`
+    );
+  }
+
+  return raw;
+}
+
+/**
+ * Generate a new random 32-byte signing key (64-char hex).
+ * @returns {string}  64-char hex string.
+ */
+export function generateSigningKey() {
+  return randomBytes(32).toString('hex');
+}
+
+/**
+ * Write a signing key to disk at the project-scoped location.
+ * Creates the `.ai/` directory if it does not exist.
+ * Sets file permissions to 0o600 (owner read/write only) where supported.
+ *
+ * @param {string} targetDir  Absolute path to the project root.
+ * @param {string} key        64-char hex key string.
+ */
+export function saveSigningKey(targetDir, key) {
+  const keyPath = getSigningKeyPath(targetDir);
+  const keyDir = dirname(keyPath);
+
+  if (!existsSync(keyDir)) {
+    mkdirSync(keyDir, { recursive: true });
+  }
+
+  writeFileSync(keyPath, key + '\n', { encoding: 'utf8', mode: 0o600 });
+
+  // Best-effort chmod on platforms that support it (no-op on Windows)
+  try {
+    chmodSync(keyPath, 0o600);
+  } catch (_e) {}
+}
+
+/**
+ * Compute HMAC-SHA256 of a payload using the provided hex key.
+ *
+ * @param {string} hexKey  64-char hex signing key.
+ * @param {string} payload Plaintext string to sign (typically the catalog_sha256 hex).
+ * @returns {string}       HMAC-SHA256 hex digest.
+ */
+export function signPayload(hexKey, payload) {
+  if (typeof hexKey !== 'string' || !/^[0-9a-f]{64}$/.test(hexKey)) {
+    throw new Error('Invalid signing key: must be a 64-character lowercase hex string.');
+  }
+  if (typeof payload !== 'string') {
+    throw new Error('Payload to sign must be a string.');
+  }
+
+  const keyBytes = Buffer.from(hexKey, 'hex');
+  return createHmac('sha256', keyBytes).update(payload, 'utf8').digest('hex');
+}
+
+/**
+ * Verify that a previously computed HMAC-SHA256 signature matches the payload.
+ * Uses `timingSafeEqual` to prevent timing-based side-channel attacks.
+ *
+ * @param {string} hexKey       64-char hex signing key.
+ * @param {string} payload      Plaintext string that was signed.
+ * @param {string} expectedSig  The stored HMAC-SHA256 hex digest to compare against.
+ * @returns {boolean}           true if valid, false if tampered or mismatched.
+ */
+export function verifySignature(hexKey, payload, expectedSig) {
+  if (typeof hexKey !== 'string' || typeof payload !== 'string' || typeof expectedSig !== 'string') {
+    return false;
+  }
+
+  let actualSig;
+  try {
+    actualSig = signPayload(hexKey, payload);
+  } catch (_e) {
+    return false;
+  }
+
+  if (actualSig.length !== expectedSig.length) {
+    return false;
+  }
+
+  try {
+    return timingSafeEqual(
+      Buffer.from(actualSig, 'hex'),
+      Buffer.from(expectedSig, 'hex')
+    );
+  } catch (_e) {
+    return false;
+  }
+}
+
+/**
+ * Generate a deterministic canonical payload string from an object based on specified fields.
+ * Recursively sorts keys of nested objects to ensure key order stability.
+ *
+ * @param {Object} data    The source object.
+ * @param {string[]} fields The fields to extract and canonicalize.
+ * @returns {string}       JSON-serialized canonical string.
+ */
+export function createCanonicalPayload(data, fields) {
+  if (!data || typeof data !== 'object') {
+    throw new Error('Data must be an object.');
+  }
+  if (!Array.isArray(fields)) {
+    throw new Error('Fields must be an array of strings.');
+  }
+  const sortedFields = [...fields].sort();
+  const obj = {};
+  for (const field of sortedFields) {
+    if (data[field] !== undefined) {
+      obj[field] = data[field];
+    }
+  }
+  return JSON.stringify(obj, (key, value) => {
+    if (value && typeof value === 'object' && !Array.isArray(value)) {
+      return Object.keys(value).sort().reduce((sorted, k) => {
+        sorted[k] = value[k];
+        return sorted;
+      }, {});
+    }
+    return value;
+  });
+}
+
+/**
+ * Generate an Ed25519 keypair in PEM SPKI/PKCS8 format.
+ *
+ * @returns {{ publicKey: string, privateKey: string }}
+ */
+export function generateEd25519KeyPair() {
+  const { publicKey, privateKey } = generateKeyPairSync('ed25519', {
+    publicKeyEncoding: {
+      type: 'spki',
+      format: 'pem'
+    },
+    privateKeyEncoding: {
+      type: 'pkcs8',
+      format: 'pem'
+    }
+  });
+  return { publicKey, privateKey };
+}
+
+/**
+ * Sign a payload using an Ed25519 private key PEM.
+ *
+ * @param {string} privateKey Ed25519 PEM private key string.
+ * @param {string} payload    Canonical payload string.
+ * @returns {string}          Base64-encoded signature.
+ */
+export function signEd25519Payload(privateKey, payload) {
+  if (typeof privateKey !== 'string') {
+    throw new Error('Private key must be a PEM string.');
+  }
+  if (typeof payload !== 'string') {
+    throw new Error('Payload to sign must be a string.');
+  }
+  const signatureBuffer = sign(null, Buffer.from(payload, 'utf8'), privateKey);
+  return signatureBuffer.toString('base64');
+}
+
+/**
+ * Normalize a public key to ensure it is in PEM SPKI format.
+ * Wraps bare base64 public keys in SPKI headers/footers if needed.
+ *
+ * @param {string} input  PEM public key or raw base64.
+ * @returns {string}      Normalized PEM public key string.
+ */
+export function normalizePublicKey(input) {
+  if (typeof input !== 'string') {
+    throw new Error('Public key must be a string.');
+  }
+  let trimmed = input.trim();
+  if (trimmed.startsWith('-----BEGIN PUBLIC KEY-----')) {
+    return trimmed;
+  }
+  if (trimmed.startsWith('-----BEGIN')) {
+    return trimmed;
+  }
+  const clean = trimmed.replace(/\s+/g, '');
+  const lines = [];
+  for (let i = 0; i < clean.length; i += 64) {
+    lines.push(clean.slice(i, i + 64));
+  }
+  return `-----BEGIN PUBLIC KEY-----\n${lines.join('\n')}\n-----END PUBLIC KEY-----`;
+}
+
+/**
+ * Verify an Ed25519 signature of a payload.
+ *
+ * @param {string} publicKey Public key in PEM or raw base64.
+ * @param {string} payload   Payload that was signed.
+ * @param {string} signature Base64 signature to verify.
+ * @returns {boolean}        true if signature is valid, false otherwise.
+ */
+export function verifyEd25519Payload(publicKey, payload, signature) {
+  if (typeof publicKey !== 'string' || typeof payload !== 'string' || typeof signature !== 'string') {
+    return false;
+  }
+  try {
+    const pubKey = normalizePublicKey(publicKey);
+    const sigBuffer = Buffer.from(signature, 'base64');
+    return verify(null, Buffer.from(payload, 'utf8'), pubKey, sigBuffer);
+  } catch (_e) {
+    return false;
+  }
+}
+
+/**
+ * Detect the signature algorithm from a signature block object.
+ *
+ * @param {Object} signatureBlock  The signature block.
+ * @returns {string|null}          Algorithm name or null.
+ */
+export function detectSignatureAlgorithm(signatureBlock) {
+  if (!signatureBlock || typeof signatureBlock !== 'object') {
+    return null;
+  }
+  return signatureBlock.algorithm || null;
+}
+
+/**
+ * Verify a manifest signature or signatures array block using trusted keys and policy.
+ *
+ * @param {Object} options
+ * @param {Object} options.manifest     Parsed registry manifest object.
+ * @param {Object[]} options.trustedKeys Array of trusted publishers from trust store.
+ * @param {Object} [options.policy]      Policy settings.
+ * @param {string|null} [options.hmacKey] Project HMAC key.
+ * @param {Object} [options.source]     Source configuration for the registry.
+ * @returns {{ verified: boolean, status: string, error?: string, errors?: string[], warning?: string, message?: string, verified_signatures?: Object[] }}
+ */
+export function verifySignatureBlock({ manifest, trustedKeys, policy = {}, hmacKey = null, source = {} }) {
+  const isBundled = source.name === 'bundled';
+  const isLocal = source.type === 'local';
+  const isRemote = source.type === 'remote' || (!isBundled && !isLocal);
+
+  const signatureBlocks = [];
+  if (manifest.signature && typeof manifest.signature === 'object') {
+    signatureBlocks.push(manifest.signature);
+  }
+  if (Array.isArray(manifest.signatures)) {
+    signatureBlocks.push(...manifest.signatures);
+  }
+
+  if (signatureBlocks.length === 0) {
+    if (policy.require_signature) {
+      return { verified: false, status: 'failed', error: 'Signature is required by policy but missing from manifest.' };
+    }
+    if (isRemote && policy.allow_unsigned_remote === false) {
+      return { verified: false, status: 'failed', error: 'Unsigned remote registries are not allowed by policy.' };
+    }
+    if (isBundled && policy.allow_unsigned_bundled === false) {
+      return { verified: false, status: 'failed', error: 'Unsigned bundled registries are not allowed by policy.' };
+    }
+    if (isLocal && !isBundled && policy.allow_unsigned_local === false) {
+      return { verified: false, status: 'failed', error: 'Unsigned local registries are not allowed by policy.' };
+    }
+    return { verified: true, status: 'unsigned', message: 'Registry is unsigned (allowed by policy).' };
+  }
+
+  let verifiedCount = 0;
+  const errors = [];
+  const allowedAlgs = policy.allowed_signature_algorithms || ['ed25519', 'hmac-sha256'];
+
+  for (const sigBlock of signatureBlocks) {
+    const alg = sigBlock.algorithm;
+    const keyId = sigBlock.key_id;
+    const signature = sigBlock.signature;
+    const signedFields = sigBlock.signed_fields;
+
+    if (!alg || !keyId || !signature || !Array.isArray(signedFields)) {
+      errors.push(`Malformed signature block for key_id '${keyId || 'unknown'}'.`);
+      continue;
+    }
+
+    if (!allowedAlgs.includes(alg)) {
+      errors.push(`Signature algorithm '${alg}' is not allowed by policy (allowed: ${allowedAlgs.join(', ')}).`);
+      continue;
+    }
+
+    if (alg === 'hmac-sha256') {
+      if (!hmacKey) {
+        errors.push(`HMAC key not configured locally for key_id '${keyId}'.`);
+        continue;
+      }
+      try {
+        const payload = createCanonicalPayload(manifest, signedFields);
+        const expected = createHmac('sha256', Buffer.from(hmacKey, 'hex')).update(payload, 'utf8').digest('hex');
+        if (timingSafeEqual(Buffer.from(signature, 'hex'), Buffer.from(expected, 'hex'))) {
+          verifiedCount++;
+        } else {
+          errors.push(`Invalid HMAC signature for key_id '${keyId}'.`);
+        }
+      } catch (err) {
+        errors.push(`HMAC signature verification failed: ${err.message}`);
+      }
+    } else if (alg === 'ed25519') {
+      const trustedKey = trustedKeys ? trustedKeys.find(k => k.key_id === keyId) : null;
+      if (!trustedKey) {
+        errors.push(`Key ID '${keyId}' not found in trust store.`);
+        continue;
+      }
+
+      if (trustedKey.status !== 'active') {
+        errors.push(`Key ID '${keyId}' is ${trustedKey.status} (must be active).`);
+        continue;
+      }
+
+      const scopes = trustedKey.scopes || [];
+      if (!scopes.includes('registry') && !scopes.includes('catalog')) {
+        errors.push(`Key ID '${keyId}' does not have required scope 'registry' or 'catalog' (scopes: ${scopes.join(', ')}).`);
+        continue;
+      }
+
+      try {
+        const payload = createCanonicalPayload(manifest, signedFields);
+        if (verifyEd25519Payload(trustedKey.public_key, payload, signature)) {
+          verifiedCount++;
+        } else {
+          errors.push(`Invalid Ed25519 signature for key_id '${keyId}'.`);
+        }
+      } catch (err) {
+        errors.push(`Ed25519 signature verification failed: ${err.message}`);
+      }
+    } else {
+      errors.push(`Unsupported signature algorithm '${alg}' for key_id '${keyId}'.`);
+    }
+  }
+
+  if (verifiedCount > 0) {
+    return {
+      verified: true,
+      status: 'verified',
+      verified_signatures: signatureBlocks.map(s => ({ key_id: s.key_id, algorithm: s.algorithm }))
+    };
+  }
+
+  return {
+    verified: false,
+    status: 'failed',
+    errors
+  };
+}

package/src/registry/sources.js

@@ -0,0 +1,40 @@
+import { existsSync, readFileSync, writeFileSync } from 'fs';
+import { join } from 'path';
+import { sourceRoot } from '../core/globals.js';
+import { parseYaml } from '../core/yaml.js';
+
+export function loadRegistrySources() {
+  const paths = [
+    join(sourceRoot, '.ai', 'registries', 'sources.yaml')
+  ];
+  for (const p of paths) {
+    if (existsSync(p)) {
+      try {
+        const parsed = parseYaml(readFileSync(p, 'utf8'));
+        return parsed.sources || [];
+      } catch (e) {}
+    }
+  }
+  return [{ name: 'bundled', type: 'local', url: '.ai/plugins/catalog.yaml', enabled: true, trust_level: 'trusted', safety_policy: 'sandboxed', signature_required: false, checksum_required: false }];
+}
+
+export function saveRegistrySources(sources) {
+  const path = join(sourceRoot, '.ai', 'registries', 'sources.yaml');
+  let yaml = '# Registry Sources Configuration\n';
+  yaml += '# Remote registries are DISABLED by default.\n';
+  yaml += '# Enable via .ai/policies/registry-policy.yaml (set allow_remote_registries: true)\n\n';
+  yaml += 'sources:\n';
+  sources.forEach(s => {
+    yaml += `  - name: "${s.name}"\n`;
+    yaml += `    type: "${s.type}"\n`;
+    yaml += `    url: "${s.url}"\n`;
+    yaml += `    enabled: ${s.enabled}\n`;
+    yaml += `    trust_level: "${s.trust_level}"\n`;
+    yaml += `    safety_policy: "${s.safety_policy}"\n`;
+    yaml += `    signature_required: ${s.signature_required}\n`;
+    yaml += `    checksum_required: ${s.checksum_required}\n`;
+    if (s.last_synced_at) yaml += `    last_synced_at: "${s.last_synced_at}"\n`;
+    if (s.pinned_commit_or_hash) yaml += `    pinned_commit_or_hash: "${s.pinned_commit_or_hash}"\n`;
+  });
+  writeFileSync(path, yaml, 'utf8');
+}

package/src/registry/trust-store.js

@@ -0,0 +1,41 @@
+/**
+ * Registry Trust Store
+ *
+ * Manages trusted publisher public keys stored in `.ai/registries/trusted-keys.yaml`
+ * (or as configured in registry-policy.yaml).
+ *
+ * Uses Node.js built-in fs and yaml parser from the codebase.
+ */
+
+import { existsSync, readFileSync } from 'fs';
+import { join, isAbsolute } from 'path';
+import { parseYaml } from '../core/yaml.js';
+import { loadRegistryPolicy } from '../core/policy.js';
+
+/**
+ * Load trusted publisher keys from disk.
+ *
+ * @param {string} targetDir  Absolute path to project root.
+ * @param {Object} [policy]   Preloaded policy (optional).
+ * @returns {Object[]}        Array of trusted publisher records.
+ */
+export function loadTrustedKeys(targetDir, policy) {
+  const pol = policy || loadRegistryPolicy(targetDir);
+  const keyFile = pol.trusted_keys_file || '.ai/registries/trusted-keys.yaml';
+  const filePath = isAbsolute(keyFile) ? keyFile : join(targetDir, keyFile);
+
+  if (!existsSync(filePath)) {
+    return [];
+  }
+
+  try {
+    const raw = readFileSync(filePath, 'utf8');
+    const parsed = parseYaml(raw);
+    if (!parsed || typeof parsed !== 'object' || !Array.isArray(parsed.trusted_publishers)) {
+      return [];
+    }
+    return parsed.trusted_publishers;
+  } catch (_e) {
+    return [];
+  }
+}

package/src/registry/validation.js

@@ -0,0 +1,45 @@
+export function validateRegistryUrl(urlStr, policy = {}) {
+  if (!urlStr || typeof urlStr !== 'string') {
+    throw new Error('Registry URL must be a non-empty string.');
+  }
+
+  // Reject empty/whitespace/control characters
+  if (urlStr.trim() === '' || /\s/.test(urlStr) || /[\x00-\x1F\x7F-\x9F]/.test(urlStr)) {
+    throw new Error('Registry URL must not contain whitespace or control characters.');
+  }
+
+  // Reject single quotes, double quotes, backticks
+  if (/['"`]/.test(urlStr)) {
+    throw new Error('Registry URL must not contain quotes or backticks.');
+  }
+
+  // Reject shell metacharacters
+  if (/[\$\;\&\|<>\(\)\*]/.test(urlStr)) {
+    throw new Error('Registry URL must not contain shell metacharacters.');
+  }
+
+  let parsedUrl;
+  try {
+    parsedUrl = new URL(urlStr);
+  } catch (e) {
+    throw new Error('Registry URL is malformed or invalid.');
+  }
+
+  // Reject username/password credentials
+  if (parsedUrl.username || parsedUrl.password) {
+    throw new Error('Registry URL must not contain credentials.');
+  }
+
+  const protocol = parsedUrl.protocol;
+  const allowedProtocols = ['https:'];
+
+  if (policy.allow_http_localhost === true) {
+    if (parsedUrl.hostname === 'localhost' || parsedUrl.hostname === '127.0.0.1') {
+      allowedProtocols.push('http:');
+    }
+  }
+
+  if (!allowedProtocols.includes(protocol)) {
+    throw new Error(`Registry URL protocol '${protocol}' is not allowed. Only HTTPS is permitted.`);
+  }
+}

package/src/registry/verdict.js

@@ -0,0 +1,51 @@
+/**
+ * Registry Trust Verdict Helper
+ *
+ * Builds a deterministic, JSON-serializable structured trust verdict object.
+ * Used for both CLI display and provenance lockfile persistence.
+ */
+
+/**
+ * Creates a structured trust verdict object.
+ *
+ * @param {Object} options
+ * @param {string} options.source                   Registry name.
+ * @param {string} options.source_type              "bundled" | "local" | "remote".
+ * @param {string} [options.manifest_hash_status]   Manifest verification status.
+ * @param {string} [options.catalog_hash_status]    Catalog verification status.
+ * @param {string} [options.lockfile_status]       Lockfile existence status.
+ * @param {string} [options.provenance_status]     Provenance lock match status.
+ * @param {string} [options.signature_status]      Signature check status.
+ * @param {string} [options.trusted_publisher_status] Trust store lookup status.
+ * @param {string[]} [options.errors]               List of verification errors.
+ * @param {string[]} [options.warnings]             List of verification warnings.
+ * @param {"trusted"|"warning"|"untrusted"|"unknown"} [options.final_status] Overall trust state.
+ * @returns {Object}
+ */
+export function createTrustVerdict({
+  source,
+  source_type,
+  manifest_hash_status = 'N/A',
+  catalog_hash_status = 'N/A',
+  lockfile_status = 'N/A',
+  provenance_status = 'N/A',
+  signature_status = 'N/A',
+  trusted_publisher_status = 'N/A',
+  errors = [],
+  warnings = [],
+  final_status = 'unknown'
+}) {
+  return {
+    source,
+    source_type,
+    manifest_hash_status,
+    catalog_hash_status,
+    lockfile_status,
+    provenance_status,
+    signature_status,
+    trusted_publisher_status,
+    errors: Array.isArray(errors) ? errors : [],
+    warnings: Array.isArray(warnings) ? warnings : [],
+    final_status
+  };
+}

package/tests/README.md

@@ -0,0 +1,37 @@
+# MultiModel Dev OS Testing Suite
+
+This directory contains the testing manuals, schemas, and smoke routines to protect the code quality of `multimodel-dev-os`.
+
+---
+
+## 1. Testing Strategy
+
+We enforce a multi-tiered validation approach to protect release packaging:
+
+```
+┌────────────────────────────────────────────────────────┐
+│ Tier 1: Structural Verification (scripts/verify.js)     │
+│ Enforces 100+ files and contract schemas checkouts     │
+└──────────────────────────┬─────────────────────────────┘
+                           │
+┌──────────────────────────▼─────────────────────────────┐
+│ Tier 2: CLI Smoke Checks (bin/multimodel-dev-os.js)     │
+│ Validates command signature help and version trackers  │
+└──────────────────────────┬─────────────────────────────┘
+                           │
+┌──────────────────────────▼─────────────────────────────┐
+│ Tier 3: Template QA checks                             │
+│ Scaffolds tech templates to confirm zero-warnings runs │
+└────────────────────────────────────────────────────────┘
+```
+
+---
+
+## 2. Running the Linter Verification
+
+Always execute the strict linter before committing or tagging:
+```bash
+npm run verify
+```
+
+This dynamic zero-dependency Node.js pipeline audits files structures, config directories, schemas, and package dry-run tarball footprint constraints.

package/tests/fixtures/README.md

@@ -0,0 +1,22 @@
+# Integration Fixture Strategy
+
+To confirm that `multimodel-dev-os` behaves consistently across distinct operating systems and target directory boundaries, future automated integrations tests should utilize the fixtures detailed here.
+
+---
+
+## 1. Planned Fixtures Layout
+
+1. **`tests/fixtures/pristine/`**:
+   - Representing an empty repository where `init` command can execute with zero conflict.
+2. **`tests/fixtures/cluttered/`**:
+   - Represents a repository containing legacy rule files to test conflict resolution and `-f, --force` parameters.
+3. **`tests/fixtures/broken-config/`**:
+   - Formatted with syntactic invalid config configurations to verify validate catches and exits with appropriate non-zero error logs.
+
+---
+
+## 2. Dynamic Fixture Auditing
+
+When writing assertions:
+- Never commit active `.cursorrules` or `.gemini/` folders directly inside the templates' fixture folders to avoid index pollutions.
+- Use dry-run actions (`-d, --dry-run`) to assert targeted writes without mutative writes to actual testing paths.

package/tests/fixtures/custom-template-example/README.md

@@ -0,0 +1,10 @@
+# Custom Template Test Fixture
+
+This directory serves as a fixture for testing custom template validation and initialization flows.
+It contains the bare minimum files to simulate a template source package:
+
+* AGENTS.md
+* MEMORY.md
+* TASKS.md
+* RUNBOOK.md
+* .ai/config.yaml

package/tests/fixtures/proposals/approved-append-line.md

@@ -0,0 +1,28 @@
+---
+id: proposal-20260611-000001
+created_at: 2026-06-11T00:00:01Z
+title: Approved Append Line Proposal
+problem: Test append line behavior.
+evidence: N/A
+risk_level: low
+affected_files:
+  - tests/fixtures/custom-template-example/append-target.md
+suggested_change: Append a line to the target.
+verify_command: npm run verify
+rollback_plan: git checkout -- tests/fixtures/custom-template-example/append-target.md
+approval_status: approved
+---
+
+# Approved Append Line Proposal
+
+```json
+{
+  "operations": [
+    {
+      "type": "append_line",
+      "path": "tests/fixtures/custom-template-example/append-target.md",
+      "line": "added line content"
+    }
+  ]
+}
+```