# RetrieX Config Source Audit Patch

This patch starts the YAML-only migration with a non-invasive diagnostic layer. It does not change retrieval, prompt generation, commerce parsing, shop matching, SSE behavior, or any answer logic.

## Added

- `App\Config\ConfigSourceAuditProvider`
- `mto:agent:config:audit-source`

## Purpose

The audit makes remaining PHP defaults visible before we remove them. It scans:

- `config/retriex/*.yaml` parameter paths
- `src/Config/*Config.php` constants
- config helper calls with fallback arguments, for example `stringList('x', self::DEFAULT)` or `int('x', 3)`
- constructor defaults that still act as PHP fallbacks

## Usage

```bash
php bin/console mto:agent:config:audit-source
php bin/console mto:agent:config:audit-source --details
php bin/console mto:agent:config:audit-source --json
```

## Interpretation

- `yaml_with_php_fallback`: the YAML path exists, but PHP still has a fallback argument. This is ready for a later conversion to required YAML access.
- `php_fallback_if_yaml_missing_or_invalid`: PHP still supplies a default and no matching YAML path was found. This must be migrated before the fallback can be removed.
- `php_only`: constants without an injected YAML config parameter. These must be classified as either technical guardrails or values that should move to YAML.

## Migration rule for the next patches

Do not remove PHP defaults yet. First migrate every still-needed value into YAML, then convert fallback helpers to required YAML accessors in small class groups.

## Validation performed for this patch

```bash
php -l src/Config/ConfigSourceAuditProvider.php
php -l src/Command/ConfigSourceAuditCommand.php
```

Both files are syntactically valid. Full Symfony command execution was not performed in this ZIP workspace because `vendor/` is not included in the uploaded archive.