Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.altnautica.com/llms.txt

Use this file to discover all available pages before exploring further.

The registry is gated by signature, not gated by review for every submission. Low-risk, OSS-licensed, signed-by-known-publisher plugins auto-publish. High-permission or vendor-binary plugins queue for human review. Either way you upload the same archive.
The hosted registry is on the roadmap and is not yet live. The submission contract on this page is the shape we will ship; the local-file-install and URL-install paths are the two channels available today, and they do not require a registry account.

Prerequisites

  1. A built and tested plugin (see Your first plugin).
  2. An Ed25519 publisher key (see Signing keys).
  3. A registry account with a registered publisher key id.
  4. A registry token (REGISTRY_TOKEN env var) for the REST API, or the equivalent web sign-in for the UI.

Step 1: Pack

./scripts/pack.sh my-plugin
Output: dist/<plugin-id>-<version>.adosplug. The archive is deterministic. Two pack runs against the same source tree produce byte-identical archives.

Step 2: Sign

ADOS_SIGNING_KEY=./keys/publisher.pem \
ADOS_SIGNING_KEY_ID=example-2026-A \
  ./scripts/sign.sh dist/com.example.foo-1.0.0.adosplug
Output: dist/com.example.foo-1.0.0.signed.adosplug. The signature covers the per-asset SHA-256 list and the root hash. The signer key id is stamped into the in-archive SIGNATURES file.

Step 3: Register your publisher key

Once per key. The registry needs the public half so it can verify your submitted archives. Web UI: log in at registry.ados.altnautica.com, open Account, Signing keys, Add key, paste the raw 32-byte hex public key, and pick a key id that matches ADOS_SIGNING_KEY_ID. REST: 
curl -X POST \
  -H "Authorization: Bearer $REGISTRY_TOKEN" \
  -F "key_id=example-2026-A" \
  -F "public_key_hex=$(cat keys/publisher.pub.hex)" \
  -F "valid_from=2026-04-30T00:00:00Z" \
  -F "valid_to=2027-12-31T23:59:59Z" \
  https://registry.ados.altnautica.com/v1/me/keys
The response includes the registered key id and the SHA-256 fingerprint shown to operators on the install dialog. To become a verified publisher (green badge in the catalog), follow registry.ados.altnautica.com/verify. It is a domain ownership proof plus six months of activity on the registry. Verified status is not required for submission; it just changes the operator-facing trust signal.

Step 4: Submit

REST upload: 
curl -X POST \
  -H "Authorization: Bearer $REGISTRY_TOKEN" \
  -F "archive=@dist/com.example.foo-1.0.0.signed.adosplug" \
  -F "repo_url=https://github.com/example/ados-foo" \
  -F "category=drivers" \
  -F "release_notes=@CHANGELOG.md" \
  https://registry.ados.altnautica.com/v1/plugins/submit
Web UI: Submit, Upload archive. Drop the file, fill the metadata form (repo URL, category, release notes), submit.

What happens server-side

  1. The registry validates the manifest against the JSON Schema. A schema failure rejects the submission immediately.
  2. The Ed25519 signature is verified against your registered public key. Mismatch rejects with the signer key id and fingerprint in the error body.
  3. The static analyzer runs over the agent half (Python source detection of subprocess, eval, os.system, undeclared requests / socket calls, file writes outside ctx.data_dir) and the GCS bundle (detection of eval, Function(), top.location, document.cookie, localStorage).
  4. The submission is routed to one of the states below.

Submission states

StateTriggerOperator action
pendingStatic analyzer is still running.Poll GET /v1/me/submissions/:id. Typical wait under 5 minutes.
auto_approvedRisk band Low or Medium, OSS license (GPL, Apache, MIT, BSD), all analyzer checks pass, signer is registered.Plugin is published. Visible in catalog within 60 seconds.
queued_for_reviewRisk band High or Critical, vendor-binary flag set, license is non-OSS, or the analyzer flagged a critical pattern.Wait for human review. Cadence is best-effort and depends on queue depth; the submission API exposes an estimated wait when available.
approvedReviewer accepted a queued submission.Plugin is published.
rejectedReviewer or analyzer rejected.Read the reasoning in the response, fix, resubmit.
Check status: 
curl -H "Authorization: Bearer $REGISTRY_TOKEN" \
  https://registry.ados.altnautica.com/v1/me/submissions

Manifest fields the analyzer reads

The analyzer relies on accurate manifest declarations. Fields that matter at submission time:
FieldWhy it matters
plugin.idMust match the directory and the archive name.
plugin.licenseDrives the OSS auto-approve gate.
plugin.sourceThe static analyzer diffs the archive against this repo at the declared tag. Discrepancies are flagged.
agent.permissionsDrives the risk band. Undeclared subprocess calls or network access in the source fail the analyzer.
gcs.permissionsSame as above for the GCS half.
agent.resourcescgroup limits applied at runtime.
assets[].sha256Verified during signature check. Mismatch rejects the submission.
signing.signer_key_idMust match a registered publisher key on your account.

Categories

Pick the closest match. The analyzer does not block on category choice, but the wrong category is a soft signal and can route a submission to review when it would have auto-published. 
drivers          (camera, gimbal, lidar, gps, esc, payload-actuator)
panels           (telemetry visualizations, mission overlays)
mission-tools    (planners, pattern generators, geofence helpers)
analytics        (post-flight, log replay, aggregate)
integrations     (third-party services, fleet management bridges)
utilities        (developer tools, log inspectors, diagnostics)

Resubmitting after rejection

Fix what the rejection reason called out. Bump the version (semver patch is fine for analyzer fixes). Re-run pack and sign. Submit the new archive. The previous submission stays in rejected state for the audit trail; the new submission gets its own state machine.

Withdrawal

To remove a published version: 
curl -X POST \
  -H "Authorization: Bearer $REGISTRY_TOKEN" \
  https://registry.ados.altnautica.com/v1/plugins/com.example.foo/1.0.0/withdraw
Withdrawal removes the version from search and the download endpoint. Already-installed copies keep running; operators see a “withdrawn by author” badge on the detail page. For active malicious-version recall, use revocation instead (see Revocation and incidents).

See also