Install patterns
Three supported install flows. apm.yml pinning is the recommended path for
service repos — it’s the only flow CI can audit deterministically.
1. Pin in apm.yml (recommended)
Section titled “1. Pin in apm.yml (recommended)”Pin individual plugins to the current marketplace tag (v6.1.0 ships today).
Reproducible across every developer’s IDE, every PR check, and every
coding-agent run.
# <service-repo>/apm.ymldependencies:apm: - DevExpGbb/zava-agent-config/plugins/secure-baseline#v6.1.0 - DevExpGbb/zava-agent-config/plugins/code-kit#v6.1.0 - DevExpGbb/zava-agent-config/plugins/review-kit#v6.1.0 - DevExpGbb/zava-agent-config/plugins/release-kit#v6.1.0 # operate-kit, ideate-kit not needed → not pinnedThen:
apm installapm audit --ci2. One-shot CLI install
Section titled “2. One-shot CLI install”Install a plugin directly from the org/repo path. Good for spikes & experiments; not the path for production service repos because the pin isn’t recorded anywhere.
apm install DevExpGbb/zava-agent-config/plugins/code-kit#v6.1.03. Register the marketplace, then install by name
Section titled “3. Register the marketplace, then install by name”Register zava-agent-config as a marketplace once, then install any package
by short name. Useful when you’ll consume several packages and want compact
commands.
apm marketplace add DevExpGbb/zava-agent-configapm install code-kit@zava-agent-configapm install review-kit@zava-agent-configMarketplace registration & install syntax is documented upstream:
APM marketplaces guide Register a marketplace · Install from a marketplace
Which one should I pick?
Section titled “Which one should I pick?”| You are… | Use |
|---|---|
| A Zava service repo (storefront, checkout…) | apm.yml pin |
| Trying a plugin in a throwaway sandbox | One-shot CLI |
| Onboarding a new repo to the whole catalog | Marketplace + named pins |