feat(registry): simplify trust/quarantine + add edit endpoint (MCP-1072) (#594)

Provenance is now informational only: servers added from any registry —
official or custom — follow the global quarantine default. Drop the
custom-origin quarantine-forcing in add_from_registry and the config
validation that forbade skip_quarantine for custom-origin servers.

Simplify provenance to two plain values (official/custom) and normalize
legacy official/trusted | custom/unverified strings on read so existing
config.db / mcp_config.json keep working. Fix the REST list projection
that hard-coded the old 'official/trusted' literal for the trusted flag.

Add PUT /api/v1/registries/{id} (handleEditRegistrySource) + EditRegistrySourceRef
to update a custom registry (name/url/servers-url), mirroring the
add/remove-source cross-surface error pattern (registry_not_found,
registry_shadows_builtin, invalid_registry_url, registries_locked). Add
'mcpproxy registry edit <id>' CLI + cliclient.EditRegistrySource, regen
OpenAPI, and update docs.

Related MCP-1072

Author: Dumbris

cmd/mcpproxy/registry_cmd.go

@@ -30,6 +30,9 @@ var (
 	registryAddSourceProto string // MCP-866
 	registryAddSourceID    string
 	registryAddSourceName  string
+	registryEditName       string // MCP-1072
+	registryEditURL        string
+	registryEditServersURL string
 )
 
 // GetRegistryCommand builds the `registry` command group (spec 070): a single
@@ -57,15 +60,16 @@ Typical flow:
   mcpproxy upstream approve weather-mcp          # approve once you trust it
 
 Add your own registry source (any official modelcontextprotocol/registry v0.1 endpoint):
-  mcpproxy registry add-source https://registry.example.com   # custom/unverified
+  mcpproxy registry add-source https://registry.example.com   # tagged "custom"
+  mcpproxy registry edit my-reg --url https://new.example.com  # update a custom source
 
-'registry add' and 'registry add-source' talk to the running mcpproxy daemon.
-'list' and 'search' use the daemon when available and otherwise read the
+'registry add', 'add-source', 'edit' and 'remove' talk to the running mcpproxy
+daemon. 'list' and 'search' use the daemon when available and otherwise read the
 registries directly.`,
 	}
 
 	cmd.PersistentFlags().StringVarP(&registryConfigPath, "config", "c", "", "Path to MCP configuration file")
-	cmd.AddCommand(newRegistryListCmd(), newRegistrySearchCmd(), newRegistryAddCmd(), newRegistryAddSourceCmd(), newRegistryRemoveCmd())
+	cmd.AddCommand(newRegistryListCmd(), newRegistrySearchCmd(), newRegistryAddCmd(), newRegistryAddSourceCmd(), newRegistryEditCmd(), newRegistryRemoveCmd())
 	return cmd
 }
 
@@ -150,15 +154,14 @@ func registryRemoveErrorOutput(err error) error {
 func newRegistryAddSourceCmd() *cobra.Command {
 	cmd := &cobra.Command{
 		Use:   "add-source <https-url>",
-		Short: "Add a custom MCP registry source (quarantine-always)",
+		Short: "Add a custom MCP registry source",
 		Long: `Add your own MCP server registry — any https endpoint implementing the
 official modelcontextprotocol/registry v0.1 protocol (the same protocol shipped
 by Copilot/VS Code/Azure).
 
-The added source is ALWAYS tagged custom/unverified: there is no allowlist you
-can add yourself into. Every server you discover and add through a custom source
-lands quarantined and can never skip quarantine — review and approve it once you
-trust it:
+The added source is tagged "custom" (informational). Servers you discover and
+add through it follow the global quarantine default like any other server, so
+with quarantine enabled (the default) they land quarantined for review:
   mcpproxy registry search <query> -r <id>
   mcpproxy registry add <id> <serverId>
   mcpproxy upstream approve <name>`,
@@ -199,7 +202,7 @@ trust it:
 			}
 
 			fmt.Printf("✅ Added registry source '%s' (%s)\n", reg.ID, reg.Provenance)
-			fmt.Printf("⚠️  This is a third-party, unverified registry — its servers are always quarantined until you approve them.\n")
+			fmt.Printf("⚠️  This is a third-party registry — with quarantine enabled, servers you add from it are quarantined until you approve them.\n")
 			fmt.Printf("   Search it with: mcpproxy registry search <query> -r %s\n", reg.ID)
 			return nil
 		},
@@ -210,6 +213,92 @@ trust it:
 	return cmd
 }
 
+func newRegistryEditCmd() *cobra.Command {
+	cmd := &cobra.Command{
+		Use:   "edit <id>",
+		Short: "Edit a user-added custom registry source",
+		Long: `Update a custom MCP registry source you previously added with
+'registry add-source'. Use 'registry list' to see the ids.
+
+Only custom registries can be edited — the shipped built-in registries cannot.
+Provide one or more of --name, --url, --servers-url; omitted fields are left
+unchanged. Changing --url re-derives the servers URL unless --servers-url is
+also given.
+
+  mcpproxy registry edit my-reg --url https://new.example.com
+  mcpproxy registry edit my-reg --name "My Registry"`,
+		Args: cobra.ExactArgs(1),
+		RunE: func(_ *cobra.Command, args []string) error {
+			registryID := args[0]
+
+			cfg, err := loadRegistryConfig()
+			if err != nil {
+				return outputError(clioutput.NewStructuredError(clioutput.ErrCodeConfigNotFound, err.Error()).
+					WithRecoveryCommand("mcpproxy doctor"), clioutput.ErrCodeConfigNotFound)
+			}
+
+			// edit MUST go through the daemon: the registry list lives on the
+			// runtime config snapshot and is updated copy-on-write via UpdateConfig.
+			if !shouldUseUpstreamDaemon(cfg.DataDir) {
+				return outputError(clioutput.NewStructuredError(clioutput.ErrCodeConnectionFailed,
+					"editing a registry source requires a running mcpproxy daemon").
+					WithGuidance("Start the daemon, then retry").
+					WithRecoveryCommand("mcpproxy serve"), clioutput.ErrCodeConnectionFailed)
+			}
+
+			ctx, cancel := registryContext()
+			defer cancel()
+
+			client := cliclient.NewClient(socket.DetectSocketPath(cfg.DataDir), nil)
+			reg, err := client.EditRegistrySource(ctx, registryID, registryEditName, registryEditURL, registryEditServersURL)
+			if err != nil {
+				return registryEditErrorOutput(err)
+			}
+
+			outputFormat := ResolveOutputFormat()
+			if outputFormat == "json" || outputFormat == "yaml" {
+				formatter, _ := GetOutputFormatter()
+				out, _ := formatter.Format(reg)
+				fmt.Println(out)
+				return nil
+			}
+
+			fmt.Printf("✅ Updated registry source '%s'\n", reg.ID)
+			return nil
+		},
+	}
+	cmd.Flags().StringVar(&registryEditName, "name", "", "New registry display name")
+	cmd.Flags().StringVar(&registryEditURL, "url", "", "New base/servers https URL")
+	cmd.Flags().StringVar(&registryEditServersURL, "servers-url", "", "New servers-collection URL (overrides the derived one)")
+	return cmd
+}
+
+// registryEditErrorOutput maps a *cliclient.RegistryAddError from an edit op to
+// a structured CLI error with edit-specific guidance (MCP-1072).
+func registryEditErrorOutput(err error) error {
+	var addErr *cliclient.RegistryAddError
+	if !errors.As(err, &addErr) {
+		return outputError(clioutput.NewStructuredError(clioutput.ErrCodeOperationFailed, err.Error()), clioutput.ErrCodeOperationFailed)
+	}
+
+	switch addErr.Code {
+	case "registry_not_found":
+		return outputError(clioutput.NewStructuredError(clioutput.ErrCodeServerNotFound, addErr.Message).
+			WithGuidance("Check the ids with 'mcpproxy registry list' — only custom registries can be edited"), clioutput.ErrCodeServerNotFound)
+	case "registry_shadows_builtin":
+		return outputError(clioutput.NewStructuredError(clioutput.ErrCodeInvalidInput, addErr.Message).
+			WithGuidance("Built-in registries cannot be edited"), clioutput.ErrCodeInvalidInput)
+	case "invalid_registry_url":
+		return outputError(clioutput.NewStructuredError(clioutput.ErrCodeInvalidInput, addErr.Message).
+			WithGuidance("Provide a valid https URL"), clioutput.ErrCodeInvalidInput)
+	case "registries_locked":
+		return outputError(clioutput.NewStructuredError(clioutput.ErrCodeOperationFailed, addErr.Message).
+			WithGuidance("Registry changes are disabled by policy (registries_locked)"), clioutput.ErrCodeOperationFailed)
+	default:
+		return outputError(clioutput.NewStructuredError(clioutput.ErrCodeOperationFailed, addErr.Message), clioutput.ErrCodeOperationFailed)
+	}
+}
+
 func newRegistryListCmd() *cobra.Command {
 	return &cobra.Command{
 		Use:   "list",

docs/api/rest-api.md

@@ -549,10 +549,19 @@ List configured registries.
 
 Add a user-supplied custom registry source. JSON body:
 `{ "url": "https://…", "protocol": "…", "id": "…", "name": "…" }` (only `url`
-required). The source is always tagged `custom/unverified`. Errors share a stable
+required). The source is always tagged `custom`. Errors share a stable
 code: `invalid_registry_url` (400), `registries_locked` (403),
 `registry_shadows_builtin` / `duplicate_registry` (409).
 
+#### PUT /api/v1/registries/{id}
+
+Edit a user-added custom registry source. JSON body:
+`{ "name": "…", "url": "https://…", "servers_url": "https://…" }` (all optional;
+an omitted/empty field is left unchanged). Returns `data.registry` echoing the
+updated entry. Built-in registries are refused with `registry_shadows_builtin`
+(409); an unknown id returns `registry_not_found` (404); a non-https url returns
+`invalid_registry_url` (400); a `registries_locked` policy returns 403.
+
 #### DELETE /api/v1/registries/{id}
 
 Remove a user-added custom registry source. Returns `data.registry` echoing the
@@ -566,8 +575,8 @@ Search a registry's servers (`?search=`, `?tag=`, `?limit=`).
 
 #### POST /api/v1/registries/{id}/servers/{serverId}/add
 
-Add a server from a registry as a quarantined upstream. Optional JSON body
-carries only overrides (never a config blob):
+Add a server from a registry as an upstream (quarantined per the global default).
+Optional JSON body carries only overrides (never a config blob):
 
 ```json
 { "name": "github-mcp", "env": { "GITHUB_TOKEN": "…" }, "enabled": true }

docs/registries.md

@@ -12,7 +12,7 @@ available via the `search_servers` / `list_registries` MCP tools, the
 | `reference` | Reference Servers | `builtin/reference` | no | Curated `@modelcontextprotocol` servers, **shipped in-binary** so the basics work offline. |
 | `docker-mcp-catalog` | Docker MCP Catalog | `custom/docker` | no | Signed-container MCP server inventory. |
 
-The shipped default set is exactly these **three** official/trusted entries. Earlier
+The shipped default set is exactly these **three** official, built-in entries. Earlier
 versions also shipped `pulse`, `smithery`, `fleur`, `azure-mcp-demo`, and
 `remote-mcp-servers` as defaults; these were removed. They are pruned from an
 existing `mcp_config.json` on load (genuinely user-added custom registries are never
@@ -35,23 +35,28 @@ Every registry carries a **provenance** tag:
 
 | Provenance | Meaning |
 |---|---|
-| `official/trusted` | A shipped, built-in default (the three above). |
-| `custom/unverified` | Any registry the user added at runtime, or any non-default ID in `mcp_config.json`. |
+| `official` | A shipped, built-in default (the three above). |
+| `custom` | Any registry the user added at runtime, or any non-default ID in `mcp_config.json`. |
 
 Trust is **derived, not asserted** — it comes solely from whether the registry ID
-is one of the shipped defaults. Writing `"provenance": "official/trusted"` into a
+is one of the shipped defaults. Writing `"provenance": "official"` into a
 custom `mcp_config.json` entry has no effect; mcpproxy recomputes provenance on
 every merge. **There is no allowlist a user can add themselves into.**
 
-Consequences for `custom/unverified` registries:
+Provenance is **informational only** (it no longer changes quarantine behavior):
 
-- Servers discovered through them are **always quarantined** on add, regardless of
-  the global quarantine default — and they can **never** set `skip_quarantine`
-  (enforced in config validation *and* at server-add time). A server's origin is
+- Servers discovered through **any** registry — official or custom — follow the
+  **global quarantine default** like everything else. With quarantine enabled (the
+  secure default) a newly added server lands quarantined for review; provenance no
+  longer force-quarantines or forbids `skip_quarantine`. A server's origin is still
   recorded on its config as `source_registry_id` / `source_registry_provenance`
   and surfaced in the approval/quarantine view.
 - The `list_registries` output (MCP, REST, CLI) includes `provenance` and a
-  `trusted` boolean so a UI can show a one-time third-party-registry warning.
+  `trusted` boolean (derived `official == trusted`) so a UI can show a one-time
+  third-party-registry warning.
+- **Migration:** earlier builds persisted the two-word tags `official/trusted` /
+  `custom/unverified`; these are normalized to `official` / `custom` on read, so
+  an existing `config.db` / `mcp_config.json` keeps working unchanged.
 
 ### Adding your own registry source
 
@@ -65,7 +70,7 @@ mcpproxy registry add-source https://registry.example.com --id acme --name "Acme
 ```
 
 The ID is derived from the host when omitted; `--protocol` defaults to
-`modelcontextprotocol/registry`. The source is always tagged `custom/unverified`.
+`modelcontextprotocol/registry`. The source is always tagged `custom`.
 This requires a running daemon — the registry list is updated copy-on-write on the
 runtime config snapshot and persisted to `mcp_config.json`.
 
@@ -88,7 +93,7 @@ The Web UI maps each code to an actionable message.
 ### Removing a registry source
 
 `mcpproxy registry remove <id>` deletes a custom registry you added earlier. Only
-`custom/unverified` registries can be removed — the shipped built-in defaults are
+`custom` registries can be removed — the shipped built-in defaults are
 refused via the same shadow guard as add-source. Removing a source does not touch
 any upstream servers you already added from it.
 
@@ -109,6 +114,31 @@ Errors share a stable code across surfaces: `registry_not_found` (404),
 `registry_shadows_builtin` (409, built-in cannot be removed),
 `registries_locked` (403).
 
+### Editing a registry source
+
+`mcpproxy registry edit <id>` updates a custom registry you added earlier — its
+display name, base URL, or servers-collection URL. Only `custom` registries can be
+edited; the shipped built-in defaults are refused via the same shadow guard as
+add/remove-source. Omitted flags leave the existing value unchanged. Changing
+`--url` re-derives the servers URL unless `--servers-url` is also given.
+
+```bash
+mcpproxy registry edit acme --url https://new.acme.example.com   # change the URL
+mcpproxy registry edit acme --name "Acme Corp"                   # change the display name
+```
+
+Like add/remove-source, this requires a running daemon — the change is applied
+copy-on-write on the runtime config snapshot and persisted to `mcp_config.json`.
+
+Equivalent surfaces:
+
+- **REST:** `PUT /api/v1/registries/{id}` with `{ "name": "…", "url": "https://…", "servers_url": "https://…" }` (all optional) → `{ "registry": { … } }` echoing the updated entry.
+- **CLI:** `mcpproxy registry edit <id> [--name … --url … --servers-url …]`.
+
+Errors share a stable code across surfaces: `registry_not_found` (404),
+`registry_shadows_builtin` (409, built-in cannot be edited),
+`invalid_registry_url` (400), `registries_locked` (403).
+
 ### Enterprise: `registries_locked` (stub)
 
 Setting `"registries_locked": true` in `mcp_config.json` disables runtime registry

internal/cliclient/client.go

@@ -1962,3 +1962,58 @@ func (c *Client) RemoveRegistrySource(ctx context.Context, id string) (*contract
 	}
 	return &apiResp.Data.Registry, nil
 }
+
+// EditRegistrySource updates a user-added custom registry source via the daemon
+// (MCP-1072). PUT /api/v1/registries/{id} → data.registry. Empty fields are left
+// unchanged. On failure it returns a *RegistryAddError carrying the stable
+// cross-surface code (registry_not_found, registry_shadows_builtin,
+// registries_locked, invalid_registry_url).
+func (c *Client) EditRegistrySource(ctx context.Context, id, name, sourceURL, serversURL string) (*contracts.RegistrySummary, error) {
+	body := contracts.EditRegistrySourceRequest{Name: name, URL: sourceURL, ServersURL: serversURL}
+	bodyBytes, err := json.Marshal(body)
+	if err != nil {
+		return nil, fmt.Errorf("failed to marshal request: %w", err)
+	}
+
+	u := c.baseURL + "/api/v1/registries/" + url.PathEscape(id)
+	req, err := http.NewRequestWithContext(ctx, http.MethodPut, u, bytes.NewReader(bodyBytes))
+	if err != nil {
+		return nil, fmt.Errorf("failed to create request: %w", err)
+	}
+	req.Header.Set("Content-Type", "application/json")
+	c.prepareRequest(ctx, req)
+
+	resp, err := c.httpClient.Do(req)
+	if err != nil {
+		return nil, fmt.Errorf("failed to call edit-registry-source API: %w", err)
+	}
+	defer resp.Body.Close()
+
+	respBytes, err := io.ReadAll(resp.Body)
+	if err != nil {
+		return nil, fmt.Errorf("failed to read response: %w", err)
+	}
+
+	var apiResp struct {
+		Success   bool                              `json:"success"`
+		Data      *contracts.EditRegistrySourceData `json:"data"`
+		Error     string                            `json:"error"`
+		Code      string                            `json:"code"`
+		RequestID string                            `json:"request_id"`
+	}
+	if err := json.Unmarshal(respBytes, &apiResp); err != nil {
+		return nil, fmt.Errorf("failed to parse response (status %d): %s", resp.StatusCode, string(respBytes))
+	}
+
+	if !apiResp.Success || resp.StatusCode != http.StatusOK {
+		msg := apiResp.Error
+		if msg == "" {
+			msg = fmt.Sprintf("API returned status %d", resp.StatusCode)
+		}
+		return nil, &RegistryAddError{Code: apiResp.Code, Message: msg, RequestID: apiResp.RequestID}
+	}
+	if apiResp.Data == nil {
+		return nil, fmt.Errorf("daemon returned success with no registry data")
+	}
+	return &apiResp.Data.Registry, nil
+}