feat(config): store aube settings outside npmrc

[jdx]

Summary

• add a user-scoped aube config file at ~/.config/aube/config.toml for known aube-owned settings
• make aube config set/get/list/delete read and write that TOML config while keeping unknown registry/auth keys in .npmrc
• thread the new config source through settings resolution and preserve symlinked .npmrc files for remaining npmrc writes

Context

Addresses Discussions #513 and #516: aube-specific settings no longer need to be written into npm's user config, and .npmrc writes follow the symlink target instead of replacing the symlink.

Validation

• cargo test
• cargo clippy --all-targets -- -D warnings
• cargo fmt --check && cargo check
• isolated CLI smoke: aube config set minimum-release-age 2880 writes config.toml, aube config get minimum-release-age returns 2880, and stale minimumReleaseAge is removed from user .npmrc while registry config remains

This PR was generated by Codex.

---

Note

Medium Risk
Changes configuration read/write paths and precedence by introducing ~/.config/aube/config.toml, which can affect effective settings across many commands if ordering or key classification is wrong. Also adjusts .npmrc writes to follow symlink targets, touching auth-token storage paths.

Overview
Adds a new user-scoped TOML config (~/.config/aube/config.toml, XDG-aware) for known aube-owned settings, keeping registry/auth and unknown keys in .npmrc.

Updates aube config set/get/list/delete and the broader settings resolver to treat aubeConfig as an additional source (between .npmrc and workspace YAML), threads it through commands that build a ResolveCtx, and cleans up stale user .npmrc aliases when migrating a known setting to TOML.

Hardens .npmrc persistence by writing atomically to the symlink target (preserving symlinked dotfile setups), and refreshes generated CLI/docs/tests to reflect the new locations and precedence.

^{Reviewed by Cursor Bugbot for commit 57b8374. Bugbot is set up for automated code reviews on this repo. Configure here.}

[greptile-apps]

Greptile Summary

This PR introduces ~/.config/aube/config.toml as a user-scoped store for known aube-owned settings, keeping registry/auth keys in .npmrc, and hardens .npmrc persistence to follow symlink chains via canonicalize rather than a single read_link hop.

• aube config set/get/list/delete are updated to route known settings to the new TOML store and clean up stale .npmrc aliases on write; aube_config is wired into every ResolveCtx construction site across install, run, deploy, fetch, update, and rebuild.
• ResolveCtx gains an aube_config field; the codegen in build.rs adds aubeConfig as a valid source with runtime precedence cli > env > npmrc > aubeConfig > workspaceYaml.
• atomic_write already calls create_dir_all, so first-time writes to ~/.config/aube/ work without extra setup.

Confidence Score: 5/5

Safe to merge; the config split, symlink fix, and precedence wiring are all consistent with runtime behaviour and covered by new unit and integration tests.

The effective read/write precedence (user .npmrc beats aube config, project .npmrc beats both) is implemented correctly and confirmed by the new bats test. All error paths that could leave stale state now propagate with ? or emit tracing::warn!. The only finding is a doc-string walk-order description that is backwards relative to the actual insertion order, which does not affect runtime correctness.

The user-facing doc strings in mod.rs, aube.usage.kdl, and docs/cli/ describe the merged walk order as ~/.npmrc then user aube config, but the actual insertion order is reversed; worth correcting so users are not misled about which store wins on conflict.

Important Files Changed

Filename	Overview
crates/aube/src/commands/config/aube_config.rs	New module: TOML-backed aube config editor with load/set/remove/save; handles missing file gracefully and warns on parse errors via load_user_entries; atomic writes via aube_util.
crates/aube/src/commands/config/mod.rs	Threads aube_config into read_merged and user-location lookups; effective precedence (user_npmrc > aube_config) is correct and matches runtime, but doc strings describe the walk order backwards relative to actual insertion order.
crates/aube/src/commands/config/set.rs	Routes known aube settings to config.toml and cleans stale npmrc aliases; save and removal errors are properly propagated.
crates/aube/src/commands/config/delete.rs	Deletes from both config.toml and user .npmrc when applicable; success/error messages now correctly report the actual modified paths.
crates/aube/src/commands/npmrc.rs	save() now follows the full symlink chain via canonicalize before the atomic write, preserving symlinked dotfile setups; multi-hop test added.
crates/aube-settings/build.rs	Adds aubeConfig as a valid source in the codegen precedence table, mapping it to ctx.aube_config with the same accessor call shape as npmrc.
crates/aube-settings/src/values.rs	Adds aube_config field to ResolveCtx; default is empty slice; new unit test verifies aube_config is read between npmrc and workspaceYaml.
test/config.bats	Integration tests updated to verify config.toml write path; new test explicitly asserts user .npmrc wins over config.toml for get/list.

_{Reviews (3): Last reviewed commit: "[autofix.ci] apply automated fixes" | Re-trigger Greptile}

[cursor]

Cursor Bugbot has reviewed your changes and found 2 potential issues.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit e1613c3. Configure here.}