Expand description
Plugin registry resolution + one-command install (Batch H, item 78).
The plugin runtime already has the whole trust pipeline — Ed25519 trust roots, SHA-256 manifests, a hot-reloading plugin directory. The only missing verb was distribution: getting a signed artefact from a catalog onto disk where hot-reload picks it up. This module is that verb.
A registry is a JSON index listing {name, version, artifact, sha256, signature?}. install resolves an entry, fetches the artefact, checks its
SHA-256 against the index, optionally verifies an Ed25519 signature against a
trust root (reusing [SignatureVerifier]), and drops <name>.wasm (plus a
<name>.sig sidecar when signed) into the destination plugins directory.
Artefacts are resolved from local / file:// paths (a private registry
on a shared filesystem or an air-gapped mirror) or fetched over http://
(a mirror, or a localhost TLS-terminating proxy). Because the index is a
local trusted file, its sha256 makes a plain-HTTP fetch integrity-safe — so
no TLS stack is pulled in. https:// artefacts return a clear error pointing
at those options (a direct TLS client is the remaining follow-on).
Structs§
- Install
Report - What an
installproduced. - Registry
Entry - One installable artefact in a
RegistryIndex. - Registry
Index - A registry index file: a flat list of installable plugin artefacts.
- Verify
Report - What a
verifyproduced.
Functions§
- find_
entry - Find an entry by name (optionally pinned to an exact version).
- install
- Install a plugin from the registry into
dest_dir. - load_
index - Parse a registry index from disk.
- scaffold
- Scaffold a new plugin source skeleton under
dir/<name>/. - verify
- Verify a local plugin artefact already on disk (a pre-deploy / audit check,
distinct from
install): compute its SHA-256 and, when a trust root is given, check its Ed25519 signature. The signature is read fromsig_path, or a<name>.sigsidecar next to the artefact (the convention the loader uses:path.with_extension("sig")).