The argument: PowerShell and Chocolatey lack the enforcement plumbing every other major package ecosystem took for granted years ago. No lockfile. No moniker rules. VERIFICATION.txt is a norm, not a contract. Moderation doesn’t scale to internal repositories. The registries…