Roadmap — Now / Next / Later

[danielmeppiel]

Last updated: 20th April 2026

Public view of where APM is heading. Updated periodically by maintainers.

How this works: Roadmap priorities are shaped collaboratively by maintainers and community feedback. React with 👍 on linked issues to signal demand. File new ideas as Issues.

The roadmap is grouped by theme within each tier so the broader narrative is legible. Three coherent tracks are forming: (a) Multi-target deploy, (b) Supply chain integrity, (c) Marketplace federation, (d) Enterprise distribution.

---

Now

Multi-target deploy
• Multiple targets in apm.yml — single deploy spec, multi-target output (priority/high) #529
• Auto-create target directories on install — generalize beyond explicit --target (today: --target X creates the dir; goal: all configured targets)

Supply chain integrity
• Policy engine Phase 2 — install-time enforcement + required package injection (install pipeline refactor in #764 unblocks this)
• Semver pin ranges on dependencies (e.g., >=1.0.0 <2.0.0)

Marketplace federation
• Marketplace add source parity (Anthropic spec) — accept git URLs, local paths, and remote marketplace.json URLs (today: only owner/repo) #676
• Document marketplace.json schema #757

Configuration depth
• Extended MCP server configuration #20

Next

Multi-target deploy
• Auto-install on clone — git template / post-checkout hook so cloning an APM repo yields a ready-to-run agent setup
• Vendoring guidance + tooling — opinionated stance on whether deployed dirs (.github/, .claude/, .cursor/, …) should be committed or .gitignored, with recommended .gitignore snippet and apm install CI gate

Supply chain integrity — Audit & Policy v2
• Per-file content-hash in lockfile — promote the #762 per-file provenance into the lockfile schema for granular tamper detection
• apm audit --drift — first-class drift detector (today's workaround: unmanaged_files policy + apm audit --ci)
• apm audit --ci deployed-content verification — verify deployed file content, not just existence #684
• custom_checks for apm-policy — arbitrary subprocess validation hooks for license/readiness checks #519

Marketplace federation
• Marketplace authoring suite — apm marketplace generate (catalog from monorepo), apm marketplace publish (atomic per-package release), apm marketplace lint (schema validation). Single command from monorepo of N packages → fully-pinned, validated marketplace.json. Pairs with #757 and per-file content-hash #722

Enterprise distribution
• Persisted installer settings via apm config for self-update #667
• Air-gapped / GHE configurability in install.ps1 (Windows parity) #668

Personal scope
• User-level global config — dotfiles / ~/.config/apm/ for personal agent packages across machines

Later

• Devcontainer feature for one-line APM bootstrap in codespaces #717
• Scoop auto-update #245
• Windows Phase 3 — native packaging #244
• SSH shorthand for private repos #328

---

Recently shipped (v0.8.3 → v0.8.12)

• ✅ Local .apm/ integration during apm install — single-package projects no longer need a sub-package stub; project-root .apm/ deploys alongside declared dependencies, with local content winning on collision #626 #644 #715
• ✅ Transitive dependency materialization #114
• ✅ Content integrity hashing in lockfile — SHA-256 per package #315
• ✅ Container image distribution #326
• ✅ Multi-org manifest authorization #327
• ✅ Per-file content-hash provenance for stale-file cleanup safety — preserves user-edited files during install #666 #750 #762
• ✅ apm view + apm outdated commands — npm-parity for inspecting packages and comparing locked deps against remote refs (with -j parallel checks and SHA comparison for branch-pinned deps) #613
• ✅ Install pipeline modularization — apm_cli/install/ engine package with discrete phases, Strategy + Template Method patterns, typed InstallService (unblocks Policy Phase 2) #764
• ✅ Proxy-aware marketplace — apm marketplace browse/search/add/update route through registry proxy when PROXY_REGISTRY_URL is set; PROXY_REGISTRY_ONLY=1 blocks direct GitHub API calls (completes air-gapped story) #506 #617
• ✅ Symlink rejection across discovery and resolution — supply-chain hardening against symlink-based traversal #596
• ✅ -g global scope hardening — install/uninstall/hooks/marketplace all respect user-scope target dirs #542 #562 #566
• ✅ Hook integration — Windows path support, idempotent re-install, per-event de-dup #311 #609 #709
• ✅ GitHub Merge Queue + tiered CI — Tier 1 on PR (fast feedback), Tier 2 on merge_group only #770 #771
• ✅ AGENTS.md compiler routing for --target codex/opencode/minimal (was silent no-op) #766
• ✅ Auto-create target dir for explicit --target claude (foundation for full auto-create work) #763
• ✅ Configurable temp directory for corporate Windows environments #629

Previously shipped (v0.7.7 → v0.8.2)

• ✅ Native Cursor IDE integration — rules, agents, skills, hooks, MCP #301
• ✅ Native OpenCode integration — agents, commands, skills, MCP — inspired by @timvw #306
• ✅ Content security scanning + apm audit — hidden Unicode detection, Glassworm vector, SARIF/JSON/Markdown output #313 #321 #330
• ✅ Diff-aware apm install — manifest as source of truth, self-correcting drift #260
• ✅ Windows native support — Phase 1 & 2, cross-platform runtime, PowerShell helpers — by @sergio-sisternes-epam #227
• ✅ JFrog Artifactory VCS repository support — FQDN, transparent proxy, air-gapped mode — by @chkp-roniz #354
• ✅ ${input:...} variable resolution for MCP server configuration — by @sergio-sisternes-epam #344
• ✅ Local filesystem path dependencies #270
• ✅ Version pinning guidance and CLI visibility #340
• ✅ Lockfile renamed to apm.lock.yaml for IDE syntax highlighting #280
• ✅ Dependency path validation hardening #364
• ✅ File-level downloads from private repos via OS credential helpers #332
• ✅ GHE custom domain host preservation in lockfile #338
• ✅ Hooks as a first-class agent primitive #96
• ✅ Plugin management system #83
• ✅ apm pack / apm unpack — portable, target-specific bundles #218
• ✅ InstructionIntegrator — deploy .instructions.md to .github/instructions/ #112
• ✅ Generic git URL support — GitLab, Bitbucket, self-hosted #72 #133 #134
• ✅ Transitive MCP dependency propagation #121 #132
• ✅ Unified deployed_files manifest #163
• ✅ Performance optimization for deep dependency trees #171
• ✅ Microsoft Open Source org migration and compliance

[OrenMe]

This looks awesome!
How does this compare to the new plugin marketplace? I see there are many things here that improve workflows but there is some ambiguity

Would love to hear your thoughts

[danielmeppiel]

@OrenMe My point of view is that the plugin reference is a packaging standard. To APM that's just another packaging format for agent primitives. Current thinking is that "apm install" should work with plugins too, and add them as dependencies in the manifest.

[OrenMe]

Thanks for the explanation @danielmeppiel
Makes a lot of sense although I assume it will be challenging to support multiple packaging formats

I really love this project challenge - I see strange governance models hacks emerging due to lack of such a tool
Example:

1. Creating single repo with all tools and pulling it as git sub module - and then needing to re wire the path settings cause it is not standard for copilot in vscode and cli
2. Creating single repo with all tools and then creating a vscode workspace and pulling there the products/apps repos and the tools repo and then re wiring the copilot paths as well - and this is even worse IMO then option 1 cause the workspace config cannot be git managed

So this project really allows governance, distribution and versioning management

[danielmeppiel]

Roadmap refreshed — 19th March 2026

Major update to reflect where APM stands today after six releases (v0.7.7 → v0.8.2):

Now: Org-level policy engine (apm audit --ci --policy), multi-org authorization, security hardening.

New in Next (shaped by community feedback): semver pin ranges, auto-install on clone, auto-create target directories, container image distribution.

Recently shipped: Cursor + OpenCode native integration, content security scanning with Glassworm detection, diff-aware install, Windows native support, JFrog Artifactory, and more — see the updated list above.

As always, 👍 issues to signal demand. New ideas welcome as Issues.

[srid]

• Auto-install on clone — post-clone hook / git template integration
• Auto-create target directories on install (.cursor/, .opencode/, etc.)

I'd love to read more about this. Is there an issue or PR I can look at?

I maintain a custom justfile for this, but it'd be nice if there was single CLI I can use to get going.

---

Also a related question: is it recommended to vendor generated (.claude/, etc.) files in Git alongside the apm single-source-of-truth?