microsoft · danielmeppiel · May 12, 2026
@@ -80,7 +80,7 @@ writes a runtime-specific MCP config file. The schemas differ; the
 | GitHub Copilot CLI | `~/.copilot/mcp-config.json` | global | JSON `mcpServers` |
 | VS Code (Copilot) | `.vscode/mcp.json` | project | JSON `servers` |
 | Claude Code | `.mcp.json` (project) or `~/.claude.json` (`-g`) | both | JSON `mcpServers` |
-| Cursor | `.cursor/mcp.json` | project (only if `.cursor/` exists) | JSON `mcpServers` |
+| Cursor | `.cursor/mcp.json` | project (only if `.cursor/` exists) | JSON `mcpServers` (Cursor-native schema: `type: stdio` / `type: http`) |
 | Codex CLI | `~/.codex/config.toml` | global | TOML `[mcp_servers.*]` |
 | Gemini CLI | `.gemini/settings.json` | project (only if `.gemini/` exists) | JSON `mcpServers` |
 | OpenCode | `opencode.json` | project (only if `.opencode/` exists) | JSON `mcp` |

@@ -293,6 +293,8 @@ manifest:
 
 Detect files in governance directories that are not tracked by APM.
 
+A file is "tracked by APM" only if it was produced by an installed plugin. Pre-existing files that APM did not deploy are counted as unmanaged even if they reside in a governed directory.
+
 ### `action`
 
 | Value | Behavior |
@@ -422,7 +424,7 @@ A child policy can only tighten constraints — never relax them:
 | `max_depth` | `min(parent, child)` |
 | `mcp.self_defined` | Escalates: `allow` < `warn` < `deny` |
 | `manifest.scripts` | Escalates: `allow` < `deny` |
-| `unmanaged_files.action` | Escalates: `ignore` < `warn` < `deny` |
+| `unmanaged_files.action` | Escalates: `ignore` < `warn` < `deny`. Omitting `unmanaged_files` in the child is treated as "no opinion" -- the parent value is preserved unchanged. |
 | `source_attribution` | `parent OR child` — either enables it |
 | `trust_transitive` | `parent AND child` — both must allow it |
 

@@ -184,14 +184,16 @@ export ADO_APM_PAT=your_ado_pat
 apm install dev.azure.com/myorg/myproject/myrepo
 ```
 
-ADO is always auth-required. Uses 3-segment paths (`org/project/repo`). No `ADO_HOST` equivalent - always use FQDN syntax:
+ADO is always auth-required. Uses 3-segment paths (`org/project/repo`). No `ADO_HOST` equivalent - always use FQDN syntax. Both the shorthand (`dev.azure.com/...`) and full HTTPS URL (`https://dev.azure.com/...`) forms are accepted:
 
 ```bash
 apm install dev.azure.com/myorg/myproject/myrepo#main
+apm install https://dev.azure.com/myorg/myproject/_git/myrepo  # full URL also accepted
 apm install mycompany.visualstudio.com/org/project/repo  # legacy URL
 
 # Sub-path inside an ADO repo, pinned to a tag (use the _git form for sub-paths):
 apm install dev.azure.com/myorg/myproject/_git/myrepo/instructions/security#v2.0
+apm install https://dev.azure.com/myorg/myproject/_git/myrepo/instructions/security#v2.0
 ```
 
 If your ADO project or repository name contains spaces, URL-encode them as `%20`: