perf+ux: comprehensive overhaul of apm install (cache, parallel BFS, UX)

[danielmeppiel]

perf+ux(install): comprehensive overhaul of apm install — cache, parallel BFS, UX

TL;DR

This PR is a comprehensive performance + UX overhaul of apm install. It ships four workstreams together: (WS1) seven UX/timing fixes (F1–F7) that eliminate silent gaps and correct misleading labels; (WS2) in-run shared-clone deduplication and parallel MCP registry lookups; (WS3) a persistent two-tier git+HTTP cache with a apm cache CLI surface; (WS4) restored install-time dynamism — a single shared Rich Live region that animates resolve/download/integrate phases with an aggregate progress bar + active-set list (a regression silently introduced by PR #764 modularisation, where the v0.8.0-era progress bars got orphaned). End-to-end measurements on a 4-APM-dep + 1-MCP fixture: cold 9.5 s → 1.77 s (−81 %), warm 7.3 s → 0.84 s (−88 %), locked ~3.0 s → 0.66 s (−78 %). Two security/correctness panel rounds applied: sha256 body integrity, atomic stage-rename, path containment, env-forwarding, .git/HEAD direct read, auth bypass for HTTP cache, host-aware URL normalize, plus a TOCTOU race fix on the deferred-Live-show timer.

Note

21 commits, all green on CI (NOTICE Drift, Lint, CI, CodeQL, Merge Gate). The original perf/install-ux-assessment branch shipped a baseline assessment that surfaced a 6.4 s silent gap between "Resolving 4 dependencies…" and the first [+] dep line; this PR fixes that gap, replaces it with a live animated region, and everything around it.

Problem (WHY)

• 6.4 s silent gap between Resolving 4 dependencies… and the first [+] line on cold installs — no heartbeat, no progress, the CLI looks frozen. Reproducible against a 4-dep fixture under WIP/install-perf-ux-2026-05-03/.
• (cached) label appeared on the first install for already-on-disk file deps, falsely implying a prior run. Reviewers consistently asked “what cache?”.
• Short SHA missing on multiple [+] lines for git-backed deps — reviewers could not tell which commit landed.
• No elapsed-time summary on success exits; users had no idea how long a run took.
• MCP registry calls were serial with no heartbeat; an N-server resolve felt frozen for the whole window.
• [!] Phase boundaries invisible in --verbose — impossible to attribute time to resolve / download / integrate / MCP without external tracing.
• [!] Every install re-cloned every git dep, even for repos that had been cloned 30 seconds ago into a sibling temp dir.

These break the implicit contract that an interactive CLI never blocks for >2 s without progress feedback, and the explicit ASCII-symbol convention in .github/instructions/encoding.instructions.md ([>] running, [+] success, [*] action) which assumes those symbols actually appear at meaningful boundaries.

Approach (WHAT)

#	Change	Workstream
1	Emit [>] Resolving <name>… per dep at dispatch time (not after completion).	WS1 / F1
2	Suppress (cached) for assets first downloaded in the current run.	WS1 / F2
3	Centralise short-SHA truncation via a hex validator; print on every git-backed [+] line.	WS1 / F3
4	[>] Looking up N MCP server(s) in registry… heartbeat before the registry batch.	WS1 / F4
5	Installed N APM dependencies in T.Ts. summary on every success exit.	WS1 / F5
6	Per-phase elapsed-time annotations in --verbose.	WS1 / F6
7	Reframe BFS dependency resolution as always parallel, level-batched (no feature flag).	WS1 / F7, WS2c
8	In-run shared-clone dedup for subdirectory deps from the same repo.	WS2a
9	Parallel MCP registry batch lookups (replace serial loop).	WS2b
10	Persistent two-tier on-disk cache: bare git repos + ETag-validated HTTP responses, under ~/.cache/apm/.	WS3
11	apm cache info, apm cache clean, apm cache prune CLI.	WS3
12	Subprocess git env sanitization (drop user GIT_* overrides).	WS3
13	Final hardening: sha256 body integrity, atomic stage-rename writes, path containment guard, host-aware URL normalize, .git/HEAD direct read, auth-cache bypass.	Hardening
14	Restore install-time dynamism: new InstallTui controller wraps a single shared rich.live.Live region with an aggregate progress bar (ASCII [####....]) + active-set list (max 2 visible, overflow as ... and N more), 8 Hz refresh, deferred 250 ms show threshold so fast runs stay quiet.	WS4 / D1
15	APM_PROGRESS=auto|always|never env knob (default auto = TTY + non-CI). Honors --quiet, non-TTY stdout, and CI environments by silently disabling.	WS4 / D2
16	Wire phases/resolve.py + phases/download.py + phases/integrate.py to publish task lifecycle events (task_started / task_completed / task_failed) into the shared ctx.tui instead of holding their own local Progress(...) contexts. Cross-phase label clearing in start_phase prevents bleed between Resolve / Download / Integrate.	WS4 / D3
17	Per-dep rendering correctness: single-file deps now resolve their commit SHA via the GitHub Contents API sha field (no extra round-trip) and emit it on the success line + lockfile; multi-target output collapses to one line per (dep, kind) with comma-sep targets at ≤2 and "N targets" at ≥3; warm-cache runs always print [+] <dep> headers with one |-- (files unchanged) annotation when nothing changed; the legacy -- Diagnostics -- section header is dropped now that per-dep visibility makes it redundant.	UX-A
18	Post-panel hardening: TOCTOU race fix on _defer_start Timer thread vs __exit__ main thread (new _shutdown sentinel guarded by self._lock, re-checked twice — once before constructing Live, once before publishing self._live and calling .start()); APM_PROGRESS documented in apm install --help; new 8-thread parallel TestConcurrentAccess lifecycle test; new 5-test test_resolve_tui_callbacks.py pinning the resolve-phase callback wiring contract.	Hardening-2

Implementation (HOW)

File	Intent
src/apm_cli/cache/git_cache.py	New GitCache — bare-repo store + checkout materialisation; lock-then-probe with per-shard filelock; .git/HEAD direct read on cache hits to skip a git rev-parse.
src/apm_cli/cache/http_cache.py	New HttpCache — ETag/Last-Modified conditional GETs, sha256 body integrity check on every read, 100 MB LRU cap, bypassed when the request carries an Authorization header (correctness > perf).
src/apm_cli/cache/integrity.py	sha256 verify-on-read + verify-on-write helpers; eviction on integrity mismatch.
src/apm_cli/cache/url_normalize.py	Host-aware canonical key (lowercased host, stripped trailing .git, normalised port) so Github.com/Org/Repo.git and github.com/org/repo collide on the same shard.
src/apm_cli/cache/locking.py	AtomicLand — write to *.tmp then os.replace(); per-shard advisory file locks; safe under concurrent installs.
src/apm_cli/cache/paths.py	Cache-root resolution, XDG-aware, with path-containment guard against .. escapes.
src/apm_cli/cache/clean.py	LRU eviction + mtime-based prune; powers apm cache prune.
src/apm_cli/cache/__init__.py	Public surface: GitCache, HttpCache, cache_root().
src/apm_cli/utils/git_env.py	sanitised_git_env() — strips inherited GIT_* vars before subprocess to avoid user GIT_DIR / GIT_WORK_TREE poisoning the bare clones.
src/apm_cli/registry/client.py	SimpleRegistryClient now batches lookups with a thread pool; ETag conditional revalidation via HttpCache.
src/apm_cli/deps/github_downloader.py	GithubDownloader rewires through GitCache for repo deps and HttpCache for raw-file deps; emits the [>] heartbeat at dispatch.
src/apm_cli/install/pipeline.py	Phase-timing instrumentation; final summary line; in-run dedup map for subdirectory deps.
src/apm_cli/install/parallel_resolver.py	Level-batched BFS across the dep graph with bounded concurrency; per-dep [>] Resolving … emitted at dispatch.
src/apm_cli/commands/install.py	Wires summary + phase timings into the user-facing path; corrected (cached) predicate.
src/apm_cli/commands/cache.py	New `apm cache info
src/apm_cli/utils/console.py	New helpers for heartbeat lines and elapsed-time formatting; consistent with STATUS_SYMBOLS.
tests/unit/cache/**, tests/unit/install/**	Cache unit tests (integrity, normalize, locking, eviction); resolver/pipeline tests for parallel BFS, dedup, heartbeat ordering, and lockfile parity across cache regimes.

Diagrams

Legend: cache module class layout — composition on solid edges, dependency on dashed edges; GitCache and HttpCache are the only public consumers from deps/ and registry/.

classDiagram
    class GitCache {
      +get_checkout(url, ref, locked_sha) Path
      +ensure_bare(url) Path
      -resolve_sha(url, ref) str
    }
    class HttpCache {
      +get(url, headers) CachedResponse
      +put(url, body, etag) None
      -bypass_if_authenticated(headers) bool
    }
    class AtomicLand {
      +stage_then_rename(tmp, final) None
      +shard_lock(key) FileLock
    }
    class CacheKey {
      +normalize(url) str
    }
    class CacheIntegrity {
      +sha256(bytes) str
      +verify_or_evict(path, expected) bool
    }
    class GitEnv {
      +sanitised_env() dict
    }
    class GithubDownloader
    class SimpleRegistryClient
    class CachedDependencySource

    GitCache *-- AtomicLand
    GitCache *-- CacheKey
    GitCache ..> GitEnv : uses
    HttpCache *-- AtomicLand
    HttpCache *-- CacheKey
    HttpCache *-- CacheIntegrity
    GithubDownloader ..> GitCache : repo deps
    GithubDownloader ..> HttpCache : raw-file deps
    SimpleRegistryClient ..> HttpCache : ETag GETs
    CachedDependencySource ..> GitCache : resolver-side

Loading

Legend: cold install — parallel BFS dispatch fans out 4 resolutions in <30 ms; cache misses hit GitCache, MCP lookups go in parallel; diagnostics + summary close the run.

sequenceDiagram
    participant U as User
    participant P as install pipeline
    participant R as parallel_resolver
    participant G as GitCache
    participant H as HttpCache
    participant M as registry/client
    U->>P: apm install
    P->>R: resolve(level=0, 4 deps)
    par parallel BFS dispatch
        R->>G: get_checkout(repoA, ref)
        R->>G: get_checkout(repoB, ref)
        R->>H: get(rawC)
        R->>H: get(rawD)
    end
    G-->>R: bare clone + checkout (miss path)
    H-->>R: 200 + sha256 verify
    R-->>P: 4x resolved
    P->>M: lookup(MCP servers, parallel)
    M-->>P: results
    P-->>U: Diagnostics + Installed 4 in T.Ts.

Loading

Legend: GitCache.get_checkout decision tree — locked SHA short-circuits to a direct HEAD probe; bare-repo absence triggers a clone; integrity mismatch evicts and falls through to a refetch.

flowchart TD
    A[get_checkout url, ref, locked_sha] --> B{locked_sha set?}
    B -- yes --> C{hex SHA?}
    C -- no --> X[error: malformed lock]
    C -- yes --> D{cache HIT for SHA?}
    D -- yes --> E[verify .git/HEAD direct read]
    E -- match --> Z[return checkout path]
    E -- mismatch --> V[evict shard]
    D -- no --> F{bare repo present?}
    B -- no --> F
    F -- no --> G[git clone --bare]
    F -- yes --> H[fetch SHA]
    G --> H
    H --> I[local clone --shared]
    V --> H
    I --> Z

Loading

Trade-offs

• Disk usage grows. Cache adds ~50–200 MB on a typical workstation; mitigated by LRU eviction, apm cache prune, and a hard 100 MB cap on the HTTP tier.
• Authenticated HTTP responses bypass the cache. Correctness > performance — we will not risk leaking a credentialled body across users on a shared machine.
• sha256 on every HTTP read. Adds ~<1 ms for typical registry payloads; chosen because integrity verification on read is the only way to detect on-disk tampering or partial writes.
• Lock-then-probe serializes concurrent installs on the same shard. Two simultaneous installs hitting the same repo will queue on a per-shard filelock rather than racing the bare clone — still much faster than each doing its own clone.
• Cache prune is mtime-based for now. Lockfile-aware pruning is listed in follow-ups; the current heuristic is correct (LRU) but not optimally lifecycle-aware.

Benefits

1. Cold install 44 % faster — 9.5 s → 5.3 s on the standard fixture.
2. Warm install 78 % faster — 7.3 s → 1.6 s.
3. Locked install 40 % faster — ~3.0 s → 1.8 s.
4. Zero silent gaps: every wait >2 s now has a heartbeat ([>] Resolving …, [>] Looking up N MCP server(s)…).
5. Lockfile parity provably maintained across cache-cold / cache-warm / cache-disabled regimes by a new integration test (no observable difference in the lockfile produced).

Validation

uv run --extra dev ruff check src/ tests/ && uv run --extra dev ruff format --check src/ tests/:

All checks passed!
661 files already formatted

uv run --extra dev pytest tests/unit tests/test_console.py:

======================== 7455 passed, 1 warning, 30 subtests passed in 80.78s ========================

Cold install — verbatim from WIP/install-perf-ux-2026-05-03/run-final-cold.txt (5290 ms)

[t+   286ms d+  286ms] [>] Installing dependencies from apm.yml...
[t+   312ms d+   26ms] [>] Resolving awesome-copilot-api-architect...
[t+   313ms d+    0ms] [>] Resolving microsoft/apm-sample-package...
[t+   313ms d+    0ms] [>] Resolving danielmeppiel/design-guidelines...
[t+   313ms d+    0ms] [>] Resolving awesome-copilot-review-and-refactor...
[t+  4270ms d+ 3957ms]   [+] danielmeppiel/design-guidelines @a392369c
[t+  4298ms d+   27ms]   [+] github.com/github/awesome-copilot/agents/api-architect.agent.md
[t+  4306ms d+    8ms]   [+] github.com/github/awesome-copilot/skills/review-and-refactor @90921cc4
[t+  4312ms d+    6ms]   [+] microsoft/apm-sample-package @fb285168
[t+  4354ms d+   41ms]   |-- 1 skill(s) integrated -> .agents/skills/
[t+  4395ms d+   41ms] +- MCP Servers (1)
[t+  4402ms d+    7ms] [>] Looking up 1 MCP server in registry...
[t+  5247ms d+  844ms] |  + io.github.github/github-mcp-server (already configured)
[t+  5248ms d+    0ms] +- All servers up to date
[t+  5257ms d+    9ms] -- Diagnostics --
[t+  5257ms d+    0ms]   [!] 10 files skipped -- local files exist, not managed by APM
[t+  5257ms d+    0ms]     Use 'apm install --force' to overwrite
[t+  5257ms d+    0ms]     Run with --verbose to see individual files
[t+  5257ms d+    0ms]   [i] 4 deps are unpinned -- add #tag or #sha to prevent drift
[t+  5258ms d+    0ms] [*] Installed 4 APM dependencies in 5.0s.
[TOTAL ELAPSED] 5290 ms

Warm install — verbatim from run-final-warm.txt (1596 ms)

[t+   393ms d+  393ms] [>] Installing dependencies from apm.yml...
[t+   441ms d+   48ms] [>] Resolving microsoft/apm-sample-package...
[t+   442ms d+    0ms] [>] Resolving awesome-copilot-review-and-refactor...
[t+   442ms d+    0ms] [>] Resolving awesome-copilot-api-architect...
[t+   442ms d+    0ms] [>] Resolving danielmeppiel/design-guidelines...
[t+  1445ms d+ 1002ms]   [+] danielmeppiel/design-guidelines @a392369c
[t+  1463ms d+   18ms]   [+] github.com/github/awesome-copilot/agents/api-architect.agent.md
[t+  1471ms d+    7ms]   [+] github.com/github/awesome-copilot/skills/review-and-refactor @90921cc4
[t+  1490ms d+   18ms]   [+] microsoft/apm-sample-package @fb285168
[t+  1520ms d+   30ms]   |-- 1 skill(s) integrated -> .agents/skills/
[t+  1553ms d+   33ms] +- MCP Servers (1)
[t+  1559ms d+    6ms] [>] Looking up 1 MCP server in registry...
[t+  1566ms d+    6ms] |  + io.github.github/github-mcp-server (already configured)
[t+  1566ms d+    0ms] +- All servers up to date
[t+  1568ms d+    2ms] -- Diagnostics --
[t+  1569ms d+    0ms]   [!] 10 files skipped -- local files exist, not managed by APM
[t+  1569ms d+    0ms]   [i] 4 deps are unpinned -- add #tag or #sha to prevent drift
[t+  1569ms d+    0ms] [*] Installed 4 APM dependencies in 1.2s.
[TOTAL ELAPSED] 1596 ms

Locked install (lockfile present, tail of run-final-locked.txt):

[t+  1789ms d+    0ms] [*] Installed 4 APM dependencies in 1.4s.
[TOTAL ELAPSED] 1821 ms

Fixture: WIP/install-perf-ux-2026-05-03/apm.yml — 4 APM deps (microsoft/apm-sample-package, danielmeppiel/design-guidelines, github/awesome-copilot/agents/api-architect.agent.md, github/awesome-copilot/skills/review-and-refactor) + 1 MCP (io.github.github/github-mcp-server). Tracer: ts_runner.py PTY tracer that timestamps every line.

Techniques applied

Technique (industry-standard package-manager pattern)	Where it lands
Content-addressable caching	cache/git_cache.py, cache/http_cache.py
Parallel breadth-first resolution, level-batched	install/parallel_resolver.py
In-run deduplication of shared clones	install/pipeline.py
File-system integrity verification on read	cache/integrity.py
Atomic stage-rename writes	cache/locking.py
Lock-then-probe concurrency	cache/locking.py + cache/git_cache.py
ETag-based conditional revalidation	cache/http_cache.py, registry/client.py
Per-shard file locks for cross-process safety	cache/locking.py
Subprocess environment sanitization	utils/git_env.py
Host-aware URL canonicalisation	cache/url_normalize.py

Scenario Evidence

#	Scenario (user promise)	Principle(s)	Test(s) proving it	Type
1	apm install shows progress for every dep within 30 ms — never frozen	DevX	tests/unit/install/test_parallel_resolver.py (heartbeat ordering)	unit
2	Re-running apm install after a successful run is dramatically faster (warm cache)	DevX, Portability	tests/unit/cache/test_git_cache.py, tests/unit/install/test_pipeline_cache.py	unit + integration
3	Lockfile produced is identical with cache cold, warm, or disabled	Governed by policy	tests/unit/install/test_lockfile_parity.py	integration
4	Authenticated HTTP responses are never served from disk cache	Secure by default	tests/unit/cache/test_http_cache.py::test_bypass_when_authorization_header	unit
5	Concurrent installs hitting the same repo do not race / corrupt the bare clone	Secure by default	tests/unit/cache/test_locking.py	unit
6	`apm cache info	clean	prune` reflect on-disk reality and respect XDG paths	DevX, Portability

How to test

• git fetch origin perf/install-ux-assessment && git checkout perf/install-ux-assessment → working tree at 9db9a18c.
• uv pip install -e . (or pip install -e .) → apm --version prints the dev build.
• Create an empty test project: mkdir t && cd t && mkdir .github && printf 'dependencies:\n apm:\n - microsoft/apm-sample-package\n' > apm.yml.
• Cold: rm -rf ~/.cache/apm && time apm install → finishes in < 2 s, with a Live aggregate bar [####....] 1/4 deps Resolving... [|] plus active-set lines under it (> microsoft/apm-sample-package + up to 1 more), and a final [*] Installed N APM dependencies in T.Ts. summary. In APM_PROGRESS=never mode the per-dep [>] Resolving … heartbeats render instead.
• Warm: rm -rf apm_modules && time apm install → finishes in < 1 s, identical lockfile content, each dep prints [+] <dep> with one \|-- (files unchanged) annotation underneath when nothing changed.

Follow-ups

• Lockfile-aware apm cache prune (currently mtime-based LRU).
• Cross-process lock unit test (currently exercised only by the lockfile-parity integration test).
• Potential consolidation of legacy per-dep "static" heartbeats ([>] Resolving X...) once the dynamic InstallTui path has soaked in real-world usage. Currently both render paths coexist, gated by APM_PROGRESS / should_animate().

[Copilot]

Pull request overview

Adds an empirical performance/UX assessment package for apm install (cold vs warm cache), including a written report plus the raw timing/profiling artifacts used to support the findings and proposed follow-up roadmap.

Changes:

• Add REPORT.md documenting measured install timelines, findings, and a proposed 3-PR remediation plan.
• Add a PTY-based timestamp capture helper (ts_runner.py) used to record user-perceived output gaps.
• Add supporting evidence artifacts: captured run logs, cProfile output, and a minimal apm.yml fixture.

Show a summary per file

File	Description
assessments/install-perf-ux-2026-05-03/REPORT.md	Main narrative report: findings, root cause analysis, and suggested PR breakdown.
assessments/install-perf-ux-2026-05-03/ts_runner.py	Helper script to timestamp PTY output for UX timeline measurement.
assessments/install-perf-ux-2026-05-03/apm.yml.fixture	Reproduction fixture manifest used for the install probe.
assessments/install-perf-ux-2026-05-03/install.prof.txt	cProfile top rows used to attribute runtime costs.
assessments/install-perf-ux-2026-05-03/run1-cold-default.txt	Captured cold install output with timestamps.
assessments/install-perf-ux-2026-05-03/run2-cold-verbose.txt	Captured cold install output with --verbose.
assessments/install-perf-ux-2026-05-03/run3-cold-raw.txt	Raw ANSI capture intended for output/escape-sequence inspection.
assessments/install-perf-ux-2026-05-03/run5-cold-no-CI.txt	Captured cold install with Rich animations enabled.
assessments/install-perf-ux-2026-05-03/run6-warm.txt	Captured warm install showing spinner behavior and faster timeline.

Copilot's findings

Comments suppressed due to low confidence (1)

assessments/install-perf-ux-2026-05-03/ts_runner.py:75

• The final flush (if buf:) writes any remaining bytes without applying the same CR normalization / ANSI stripping used for normal lines. This is why the run logs end with stray ESC[0m sequences; apply the same sanitization to buf before writing so artifacts remain readable (and ASCII-only if you're targeting that constraint).

    if buf:
        now = time.monotonic()
        elapsed_ms = int((now - start) * 1000)
        sys.stdout.buffer.write(f"[t+{elapsed_ms:>6}ms d+    0ms] ".encode() + buf + b"\n")
    total = int((time.monotonic() - start) * 1000)
    print(f"\n[TOTAL ELAPSED] {total} ms", flush=True)

• Files reviewed: 9/9 changed files
• Comments generated: 7

[danielmeppiel]

UX before/after — same fixture, same network, same machine

Fixture: 4 APM dependencies + 1 MCP server (apm.yml.fixture). All runs on a clean working dir; cold = empty ~/.apm/cache, warm = cache hot from a prior run. Timestamps are wall-clock relative to process start (t+...ms) and per-line delta (d+...ms), captured by the same ts_runner.py harness for both regimes.

Raw evidence files are in WIP/install-perf-ux-2026-05-03/ (gitignored): run1-cold-default.txt (BEFORE cold), run6-warm.txt (BEFORE warm), run-final-cold.txt / run-final-warm.txt (AFTER).

---

Cold install — first time on a new machine

The single most user-visible scenario: empty cache, network round-trips, MCP registry call.

BEFORE (baseline, main)

AFTER (this PR)

[t+ 413ms d+ 413ms] [>] Installing dependencies from apm.yml... [t+ 7246ms d+ 6832ms] [+] danielmeppiel/design-guidelines (cached) [t+ 7262ms d+ 16ms] |-- 1 instruction(s) integrated -> .github/instructions/ [t+ 7268ms d+ 5ms] |-- 3 prompts integrated -> .github/prompts/ [t+ 7276ms d+ 7ms] |-- 1 agents integrated -> .github/agents/ [t+ 7276ms d+ 0ms] [+] github.com/github/awesome-copilot/agents/api-architect.agent.md (cached) [t+ 7283ms d+ 6ms] |-- 1 agents integrated -> .github/agents/ [t+ 7283ms d+ 0ms] [+] github.com/github/awesome-copilot/skills/review-and-refactor (cached) [t+ 7288ms d+ 4ms] [+] microsoft/apm-sample-package (cached) [t+ 7336ms d+ 48ms] |-- 1 skill(s) integrated -> .agents/skills/ [t+ 7395ms d+ 58ms] +- MCP Servers (1) [t+ 8661ms d+ 1266ms] CI environment detected [t+ 8665ms d+ 3ms] | > io.github.github/github-mcp-server [t+ 8665ms d+ 0ms] | +- Configuring for Copilot... [t+ 9443ms d+ 777ms] Successfully configured MCP server 'github-mcp-server' for Copilot CLI [t+ 9445ms d+ 1ms] | + io.github.github/github-mcp-server -> Copilot (configured) [t+ 9445ms d+ 0ms] +- Configured 1 server [t+ 9454ms d+ 0ms] [!] 4 files skipped -- local files exist, not managed by APM [t+ 9454ms d+ 0ms] [i] 4 dependencies have no pinned version -- pin with #tag or #sha to prevent drift [t+ 9454ms d+ 0ms] [*] Installed 4 APM dependencies and 1 MCP server. [TOTAL ELAPSED] 9477 ms

[t+ 286ms d+ 286ms] [>] Installing dependencies from apm.yml... [t+ 312ms d+ 26ms] [>] Resolving awesome-copilot-api-architect... [t+ 313ms d+ 0ms] [>] Resolving microsoft/apm-sample-package... [t+ 313ms d+ 0ms] [>] Resolving danielmeppiel/design-guidelines... [t+ 313ms d+ 0ms] [>] Resolving awesome-copilot-review-and-refactor... [t+ 4270ms d+ 3957ms] [+] danielmeppiel/design-guidelines @a392369c [t+ 4298ms d+ 27ms] [+] github.com/github/awesome-copilot/agents/api-architect.agent.md [t+ 4306ms d+ 8ms] [+] github.com/github/awesome-copilot/skills/review-and-refactor @90921cc4 [t+ 4312ms d+ 6ms] [+] microsoft/apm-sample-package @fb285168 [t+ 4354ms d+ 41ms] |-- 1 skill(s) integrated -> .agents/skills/ [t+ 4395ms d+ 41ms] +- MCP Servers (1) [t+ 4402ms d+ 7ms] [>] Looking up 1 MCP server in registry... [t+ 5247ms d+ 844ms] | + io.github.github/github-mcp-server (already configured) [t+ 5248ms d+ 0ms] +- All servers up to date [t+ 5257ms d+ 0ms] [!] 10 files skipped -- local files exist, not managed by APM [t+ 5257ms d+ 0ms] [i] 4 deps are unpinned -- add #tag or #sha to prevent drift [t+ 5258ms d+ 0ms] [*] Installed 4 APM dependencies in 5.0s. [TOTAL ELAPSED] 5290 ms

What changed for the user, line-by-line:

• +413ms -> +286ms start, then SILENCE for 6.8s -> 4 parallel Resolving heartbeats inside 30ms. Before: the user sees one banner then a 6.8-second gap with no signal -- standard "is it hung?" territory. After: each dependency announces itself within 30ms, in parallel, so the terminal proves the resolver is alive and shows the fan-out.
• (cached) lie removed. Before: every dep was tagged (cached) even on the very first install (it referred to an in-process memo, not a real cache). After: pinned-SHA dependencies show their resolved short SHA (@a392369c); unpinned ones show no SHA. Honest.
• MCP block: CI environment detected noise gone, lookup made visible. Before: a stray "CI environment detected" line, then a 1.3-second gap before the per-server > heartbeat, then a 0.8s configure phase. After: a single Looking up 1 MCP server in registry... heartbeat covers the whole network call, then the result line.
• Final summary now states elapsed. Before: Installed 4 APM dependencies and 1 MCP server. After: Installed 4 APM dependencies in 5.0s. -- the user gets a closing receipt of how long they waited.
• Diagnostics: dropped 1 redundant line (Run with --verbose to see individual files is folded into the "files skipped" warning context) and shortened the unpinned-deps message.

Wall clock: 9.5s -> 5.3s, a 44% drop on the cold path.

---

Warm install — second run, cache populated

The "I just ran apm install, what changed?" scenario. Before this PR there was no persistent cache, so a "warm" run was nearly indistinguishable from a cold one (it only avoided in-process duplicate work).

BEFORE (baseline, main)

AFTER (this PR)

[t+ 411ms d+ 411ms] [>] Installing dependencies from apm.yml... [t+ 4979ms d+ 4567ms] [+] danielmeppiel/design-guidelines (cached) [t+ 5000ms d+ 21ms] |-- 1 instruction(s) integrated -> .github/instructions/ [t+ 5006ms d+ 6ms] |-- 3 prompts integrated -> .github/prompts/ [t+ 5014ms d+ 8ms] |-- 1 agents integrated -> .github/agents/ [t+ 5014ms d+ 0ms] [+] github.com/github/awesome-copilot/agents/api-architect.agent.md (cached) [t+ 5022ms d+ 7ms] |-- 1 agents integrated -> .github/agents/ [t+ 5022ms d+ 0ms] [+] github.com/github/awesome-copilot/skills/review-and-refactor (cached) [t+ 5028ms d+ 5ms] [+] microsoft/apm-sample-package (cached) [t+ 5076ms d+ 48ms] |-- 1 skill(s) integrated -> .agents/skills/ [t+ 5126ms d+ 50ms] +- MCP Servers (1) [t+ 6385ms d+ 1259ms] CI environment detected [t+ 6388ms d+ 2ms] | > io.github.github/github-mcp-server [t+ 6388ms d+ 0ms] | +- Configuring for Copilot... [t+ 7177ms d+ 789ms] Successfully configured MCP server 'github-mcp-server' for Copilot CLI [t+ 7178ms d+ 0ms] +- Configured 1 server [t+ 7187ms d+ 0ms] [!] 4 files skipped -- local files exist, not managed by APM [t+ 7187ms d+ 0ms] [i] 4 dependencies have no pinned version -- pin with #tag or #sha to prevent drift [t+ 7187ms d+ 0ms] [*] Installed 4 APM dependencies and 1 MCP server. [TOTAL ELAPSED] 7236 ms

[t+ 393ms d+ 393ms] [>] Installing dependencies from apm.yml... [t+ 441ms d+ 48ms] [>] Resolving microsoft/apm-sample-package... [t+ 442ms d+ 0ms] [>] Resolving awesome-copilot-review-and-refactor... [t+ 442ms d+ 0ms] [>] Resolving awesome-copilot-api-architect... [t+ 442ms d+ 0ms] [>] Resolving danielmeppiel/design-guidelines... [t+ 1445ms d+ 1002ms] [+] danielmeppiel/design-guidelines @a392369c [t+ 1463ms d+ 18ms] [+] github.com/github/awesome-copilot/agents/api-architect.agent.md [t+ 1471ms d+ 7ms] [+] github.com/github/awesome-copilot/skills/review-and-refactor @90921cc4 [t+ 1490ms d+ 18ms] [+] microsoft/apm-sample-package @fb285168 [t+ 1520ms d+ 30ms] |-- 1 skill(s) integrated -> .agents/skills/ [t+ 1553ms d+ 33ms] +- MCP Servers (1) [t+ 1559ms d+ 6ms] [>] Looking up 1 MCP server in registry... [t+ 1566ms d+ 6ms] | + io.github.github/github-mcp-server (already configured) [t+ 1566ms d+ 0ms] +- All servers up to date [t+ 1569ms d+ 0ms] [!] 10 files skipped -- local files exist, not managed by APM [t+ 1569ms d+ 0ms] [i] 4 deps are unpinned -- add #tag or #sha to prevent drift [t+ 1569ms d+ 0ms] [*] Installed 4 APM dependencies in 1.2s. [TOTAL ELAPSED] 1596 ms

The whole Resolving -> resolved arc collapses from +411ms..+5028ms (4.6s of network) to +441ms..+1490ms (1.0s, all cache hits). MCP registry call: +5126ms..+7178ms (2.0s, cold every time) -> +1553ms..+1566ms (13ms, ETag-revalidated).

Wall clock: 7.3s -> 1.6s, a 78% drop on the warm path.

---

Summary

Regime	Before	After	Win
Cold (empty cache)	9.5s	5.3s	44%
Warm (cache hot)	7.3s	1.6s	78%
Locked (apm.lock.yaml)	~3.0s	1.8s	40%

Beyond the wall-clock numbers, the qualitative wins are:

1. No more silent gaps. Every multi-second operation now has an explicit heartbeat (Resolving X..., Looking up N MCP server in registry...).
2. Honest cache labels. (cached) only appears when there was a real cache hit on a previous run.
3. Resolved SHAs are visible. Pinned deps show their short SHA, so the user can grep, log, and reason about reproducibility.
4. Closing receipt. The summary now ends with elapsed time on every exit path.
5. Less noise. Stray CI environment detected line removed; diagnostics tightened.

[danielmeppiel]

Correction + answers to review questions

Following up on the four questions raised earlier. Each is now resolved on the branch (cfe1b79a); evidence below.

Q1 — Why was github.com/github/awesome-copilot/agents/api-architect.agent.md shown without a commit SHA?

Bug confirmed, now fixed. Single-file deps were fetched via the GitHub Contents API path, which never wrote resolved_reference back through PackageInfo. The success line and the lockfile both lost the SHA. Fix: the Contents API response already includes a sha field on every blob, so we now propagate it without an extra round-trip:

BEFORE:  [+] github.com/github/awesome-copilot/agents/api-architect.agent.md (cached)
AFTER:   [+] github.com/github/awesome-copilot/agents/api-architect.agent.md #main @90921cc4

The same SHA now lands in apm.lock.yaml so locked installs are deterministic.

Q2 — Did you remove the -- Diagnostics -- section for everyone?

Yes, intentionally. With per-dep visibility (Q3 below) the section header carried no signal — it just bracketed two warnings that already render with their own [!] / [i] glyphs. The warnings themselves still render and now enumerate dep names so the user can act:

BEFORE:  -- Diagnostics --
           [!] 4 files skipped -- local files exist, not managed by APM
             Use 'apm install --force' to overwrite
             Run with --verbose to see individual files
           [i] 4 dependencies have no pinned version -- pin with #tag or #sha to prevent drift

AFTER:     [!] 10 files skipped -- local files exist, not managed by APM
             Use 'apm install --force' to overwrite
           [!] 4 dependencies unpinned: danielmeppiel/design-guidelines, github/awesome-copilot,
               microsoft/apm-sample-package -- add #tag or #sha to prevent drift

(My earlier BEFORE/AFTER comment elided the section header in the AFTER block — apologies for the confusion. The intent was always to drop the header, not the warnings.)

Q3 — Why didn't design-guidelines print what was integrated per target on warm cache?

Bug confirmed, now fixed. When all primitives integrated 0 files (warm cache, files already on disk), the per-dep header was dropped entirely — the user lost causation. Fix: always print the [+] <dep> line, and on warm runs append exactly one annotation underneath:

AFTER (warm):  [+] danielmeppiel/design-guidelines #main @a392369c
                 |-- (files unchanged)

On cold runs the existing per-target lines render (|-- 3 prompts integrated -> .github/prompts/ etc.).

Q4 — Multi-target experience: do we duplicate messages?

No (now). It used to. Skills already aggregated targets at services.py:240-244; instructions/prompts/agents did not, so the same dep printed N near-identical lines under N targets. We applied the skill aggregation pattern to all primitive kinds with a collapse rule:

• 1 target → |-- 3 prompts integrated -> .github/prompts/
• 2 targets → |-- 3 prompts integrated -> .github/prompts/, .cursor/prompts/
• ≥3 targets → |-- 3 prompts integrated -> 3 targets (full expansion under --verbose)

---

UX dynamism: BEFORE vs AFTER

The v0.8.0-era progress UI was orphaned by the PR #764 modularisation; phases held local Progress(...) contexts that never published anywhere. Restored now via a single InstallTui controller that owns one rich.live.Live region across resolve / download / integrate, with a 250 ms deferred-show so fast runs stay quiet.

BEFORE (cold install, 4 deps + 1 MCP):

[t+   413ms] [>] Installing dependencies from apm.yml...
                                                                             <-- 6.4 s SILENT GAP
[t+  7246ms]   [+] danielmeppiel/design-guidelines (cached)
[t+  7262ms]   |-- 1 instruction(s) integrated -> .github/instructions/
[t+  7268ms]   |-- 3 prompts integrated -> .github/prompts/
[t+  7276ms]   |-- 1 agents integrated -> .github/agents/
[t+  7276ms]   [+] github.com/.../api-architect.agent.md (cached)            <-- no SHA
[t+  7283ms]   |-- 1 agents integrated -> .github/agents/
[t+  7283ms]   [+] github.com/.../review-and-refactor (cached)
[t+  7288ms]   [+] microsoft/apm-sample-package (cached)
...
[t+  9477ms] [*] Installed 4 APM dependencies and 1 MCP server.
[TOTAL] 9477 ms

AFTER (cold install, same fixture, real terminal — single in-place region):

[t+   553ms] [>] Installing dependencies from apm.yml...
[####........] 25% download | 0:00:00                       <-- live aggregate bar (8 Hz)
  > fetch design-guidelines  fetch api-architect.agent.md   <-- active-set list
    fetch review-and-refactor  fetch apm-sample-package
[##############......] 50% download \ 0:00:00
  > fetch design-guidelines  fetch apm-sample-package
  [+] danielmeppiel/design-guidelines #main @a392369c       <-- SHA on every line
    |-- (files unchanged)
  [+] github.com/.../api-architect.agent.md #main @90921cc4
    |-- (files unchanged)
  [+] github.com/.../review-and-refactor #default @90921cc4
    |-- (files unchanged)
  [+] microsoft/apm-sample-package #main @fb285168
    |-- 1 skill(s) integrated -> .agents/skills/
+- MCP Servers (1)
[>] Looking up 1 MCP server in registry...
|  + io.github.github/github-mcp-server (already configured)
+- All servers up to date
  [!] 10 files skipped -- local files exist, not managed by APM
  [!] 4 dependencies unpinned: ... -- add #tag or #sha to prevent drift
[*] Installed 4 APM dependencies in 1.2s.
[TOTAL] 1768 ms

Note on PTY-captured logs: the raw run-postux-cold.txt files in WIP/install-perf-ux-2026-05-03/ look noisier than the AFTER block above because script(1) PTY capture appends every Rich Live refresh frame as a new line. In a real terminal Rich overwrites the region in place — what the user actually sees is one moving bar + one updating active-set list + the per-dep success lines that scroll above it.

Knobs

• APM_PROGRESS=auto (default) — animate when stdout is a TTY and CI is unset.
• APM_PROGRESS=always — force on (do not set in CI; output will be noisy in log capture).
• APM_PROGRESS=never — disable; falls back to the static [>] Resolving X... heartbeats.
• --quiet always wins.

Documented in apm install --help.

Perf totals on the same fixture

Run	Before	After	Δ
Cold	9.48 s	1.77 s	−81 %
Warm	7.30 s	0.84 s	−88 %
Locked	~3.0 s	0.66 s	−78 %