AR: Agent Registry & Marketplace - Publish and Fork

[rgu855]

Summary

Self-serve publish & fork for the Commonly agent marketplace. Users can publish agent manifests under their own namespace (@username/name), version them, fork published manifests, and manage lifecycle (unpublish/delete/deprecate). This is effectively ADR-001 Phase 2 for marketplace operations — the first dual-write path between Installable (canonical) and AgentRegistry (compat shim).

Design doc: docs/design/marketplace-publish-fork.md

Changes

New file: backend/routes/marketplace-api.ts (+603 lines)

9 endpoints under /api/marketplace:

Endpoint	Method	Auth	Description
/publish	POST	✅	Publish new manifest or push new version
/publish/:id	DELETE	✅	Soft-delete (unpublish) — hides from browse, existing installs unaffected
/manifests/:id	DELETE	✅	Hard delete — only if 0 active installations (live count, not cached)
/fork	POST	✅	Snapshot-copy a manifest into your namespace
/publish/:id/deprecate	POST	✅	Mark a specific version as deprecated
/browse	GET	❌	Browse published manifests (filter by kind/category/q, sort, paginated)
/manifests/:id	GET	❌	Full manifest detail (readme, components, versions, fork lineage)
/manifests/:id/forks	GET	❌	List all forks of a manifest (paginated)
/mine	GET	✅	User's own manifests (including unpublished)

Key implementation details:

• Dual-write shim: syncToAgentRegistry(installable, action) maps Installable fields to AgentRegistry on every write. Write order: AR first (load-bearing), then Installable. Failure matrix from §6c.1 implemented.
• Namespace validation: @scope must match req.user.username (server-enforced). Bare names reserved for builtins.
• Runtime mapping: ComponentRuntime (7 values) → manifest.runtime.type (3 values) via RUNTIME_MAP.
• Route ordering: forks sub-route registered before detail route to prevent wildcard (*) param from consuming /forks.
• Username resolution: JWT auth only sets req.user = { id } (no username), so resolveUsername() falls back to a DB lookup.

Schema changes: backend/models/Installable.ts

• installableId regex relaxed: /^[a-z0-9-]+(\/[a-z0-9-]+)?$/ → /^(@[a-z0-9-]+\/)?[a-z0-9-]+$/
• Added forkedFrom?: { installableId, version, forkedAt } (fork lineage)
• Added readme?: string (long-form description for detail page)
• Added stats.forkCount (default 0)
• Added indexes: forkedFrom.installableId, text search on name + description + marketplace.tags

Schema changes: backend/models/AgentRegistry.ts

• agentName regex relaxed: /^[a-z0-9-]+$/ → /^(@[a-z0-9-]+\/)?[a-z0-9-]+$/

Install route: backend/routes/registry/install.ts

• Relaxed inline agentName regex to match the schema change
• Added status guard: rejects installs when agent.status === 'unpublished' (HTTP 410)

Server wiring: backend/server.ts

• Mounted marketplace-api router at /api/marketplace (alongside existing marketplace router — no path conflicts)

Test fix: backend/__tests__/unit/models/installable.test.ts

• Updated test installableId values from old scope/name format to new format (bare-name for builtins, @scope/name for marketplace)

Validation

Input validation (§6e)

Field	Rule	Enforced
installableId	Required, @username/name for user manifests, max 64 chars	✅
name	Required, max 100 chars	✅
description	Max 500 chars	✅
version	Required	✅
kind	Required, enum: agent/app/skill/bundle	✅
scope	instance rejected for user manifests	✅
readme	Max 50,000 chars	✅
components	Max 50 per manifest	✅
Namespace	@scope must match authed user's username	✅

Manual API testing (local Docker Compose)

All 9 endpoints tested end-to-end against real MongoDB:

Test	Result
Publish new manifest (@testuser/my-agent v1.0.0)	✅ 201 Created
Push new version (v2.0.0)	✅ 200 OK, version appended
Idempotent re-publish (v1.0.0 again)	✅ 200 OK, no-op
Fork manifest (@testuser/my-agent-fork)	✅ 201, forkedFrom recorded
Deprecate version (v1.0.0)	✅ deprecated: true
Browse published manifests	✅ items returned, versions[] excluded from projection
Manifest detail	✅ full doc with readme, components, versions
List forks of manifest	✅ fork returned
My manifests	✅ publisher's manifests returned
Unpublish (soft delete)	✅ status → unpublished
Hard delete (0 installs)	✅ document removed from both tables
Verify deleted returns 404	✅
Dual-write: AR has correct data	✅ agentName, latestVersion, runtime.type all match
Validation: name > 100 chars	✅ 400 rejected
Validation: invalid kind	✅ 400 rejected
Auth: JWT-based auth resolves username from DB	✅

Automated tests

Test Suites: 15 passed, 15 total (registry + install + installable + marketplace)
Tests:       40 passed, 40 total

Key suites:

• installable.test.ts — 12/12 pass (updated installableId formats for new regex)
• self-serve-install.test.js — 5/5 pass (ADR-006 flow unaffected)
• marketplace.official.test.js — 1/1 pass (existing browse unaffected)
• registry.runtime-tokens.test.js — 6/6 pass (token flow unaffected)
• All other registry tests — pass

Regression checks

• Existing GET /api/marketplace/official endpoint: unaffected (separate router, no path conflicts)
• Existing POST /api/registry/install flow: works — dual-write ensures AR has the data, status guard added for unpublished manifests
• Existing 18 seeded agents: unaffected — bare names match both old and new regex
• ADR-006 self-serve webhook install: unaffected — 5/5 integration tests pass
• Agent runtime tokens: unaffected — 6/6 tests pass

Architecture notes

• Why dual-write? AgentRegistry is the sole runtime catalog today. The install flow reads it exclusively. Until ADR-001 Phase 3 switches reads to Installable, we must keep both in sync.
• Why AR first? If only one write succeeds, an installable-but-not-browsable manifest is better than a browsable-but-not-installable one.
• Why snapshot fork? Git semantics — fork diverges freely, no forced upstream sync. Simpler model, avoids upstream-push complexity.
• Why source: 'marketplace' for forks? ADR-001's template source means admin-cloned templates, not user-to-user forks. Both source and fork are published catalog entries.

Follow-up work (not in scope)

• Semver validation on version strings
• Per-component type/runtime validation
• Express body-parser 1MB limit on marketplace routes
• Reconciliation cron for Installable ↔ AgentRegistry drift (§6c.1)
• Frontend marketplace UI
• ADR-001 Phase 3: switch install read path from AgentRegistry to Installable

🤖 Generated with Claude Code

[samxu01]

Structurally sound RFC — good precedents cited, explicit failure matrix, and clear open questions. Requesting changes because several concrete claims and field mappings conflict with the existing Installable / AgentRegistry schemas and would block implementation as written.

P0 (blockers):

• §5.3 namespace regex doesn't match either existing schema's field constraints — first publish would fail Mongoose validation.
• §6c.2 asserts AgentRegistry.agentName accepts arbitrary strings; the schema's regex explicitly rejects @ and /.
• §6c.3 maps unpublish to AR status: 'deprecated' when 'unpublished' is already a valid enum value.
• §6b / §6c.3: install route changes are understated — a status guard plus (probably) input-validation relaxation are required, not zero changes.

P1 (worth tightening before coding):

• "Latest" version resolution and Installable.version scalar update rules undefined.
• NFR-2 "identical content" needs a concrete hashing spec.
• stats.activeInstalls === 0 hard-delete guard races against new installs.
• §6c.4 field map skips the hardest three cases (runtime, persona.systemPrompt, categories shape).
• Fork request version semantics ambiguous (forks-from-old-version vs. initial-version-of-fork).
• Fork source: 'marketplace' vs ADR-001 'template' unreconciled.
• HTTP 207 is unconventional; prefer 201 + warnings payload.

Strengths worth keeping: write-ordering rationale in §6c.1, lifecycle sync table in §6c.3, server-enforced namespace ownership, and identity-continuity callouts.

---

Generated by Claude Code