Document and enforce source name requirements

[cpuguy83]

Sources are written to the file system using the provided input from yaml. We should have a set of rules to define what is a valid source name in order to prevent weird behaviors/breakages due to characters that won't play nice with the filesystem.

An example is path separators (/). Quotes (single or double) are also likely to cause some issues without escaping.

I think yaml gives us at least some safety, e.g. you can't put a control character in there, but even this should be validated beyond just the yaml parser.