Swamp Go Brr
@magistr/swamp-go-brrv2026.06.12.1
01README
Autonomous merkle-DAG development loop, driver-free. Three models:
gobrr— a PURE DAG state machine: a Run aggregate over a dynamic Task DAG (implement | verify) with a scheduler (lease TTL/heartbeat/reap, concurrency gate, stall), dynamic follow-up expansion, a state machine, and run caps. It never touches the filesystem.source-integration— the host code-ownership / allowlist-ACL actor:build_workorder(read the allowlist file slice into the leaf prompt, no-clone) andapply(parse the @@EDIT envelope, apply each task as a per-task base-isolated jj change behind a realpath-anchored allowlist ACL, return host-observed changedPaths + a secret-scrubbed diff).docker-verify— the deterministic green gate: runs the host-pinned verify command to completion in a hardened, network-less, token-less container against the read-only applied tree and returns the raw exit code. Each leaf runsclaude --printin a Firecracker microVM via the @magistr/firecracker fabric (no-clone). The agent drives the loop inline (next -> build_workorder -> fabric.submit/poll -> apply -> docker-verify -> report); there is no driver script.
02Release Notes
Merge pull request #12 from umag/feat/swamp-go-brr-package
feat(swamp-go-brr): publish @magistr/swamp-go-brr 2026.06.12.1 (driver-free loop)
03Models
@magistr/swamp-go-brr/gobrrv2026.06.12.1extensions/models/gobrr.ts
fn start(intake: string)
Start a run: record the human intake + the host-pinned RunConfig (verifyCommand, verifyInputs, repoScope, caps).
| Argument | Type | Description |
|---|---|---|
| intake | string |
fn seed_tasks(tasks: array)
Add tasks to the DAG (batch). Derives each gate from writeAllowlist ∩ verifyInputs (rejects a mixed allowlist) and rejects a dependency cycle.
| Argument | Type | Description |
|---|---|---|
| tasks | array |
fn next(owner: string)
Lease the next ready task to `owner` (or report all-green / halt). Reaps expired leases, propagates blocked, enforces caps.
| Argument | Type | Description |
|---|---|---|
| owner | string |
fn report(taskId: string, owner: string, verifyExitCode: number)
Report a leased task's WorkResult + the deterministic verify exit code. Greens ONLY on verifyExitCode===0; rejects out-of-allowlist / verifyInputs hunks; parse-fail → infra_error.
| Argument | Type | Description |
|---|---|---|
| taskId | string | |
| owner | string | |
| verifyExitCode | number |
fn add_followup(parentId: string, owner: string, spec: string, writeAllowlist: array)
Insert a follow-up the leased parent depends on (untrusted request: repoScope-bound, depth-capped, cycle-rejected).
| Argument | Type | Description |
|---|---|---|
| parentId | string | |
| owner | string | |
| spec | string | |
| writeAllowlist | array |
fn heartbeat(taskId: string, owner: string, vmId?: string)
Renew a task's lease and record its vmId (owner keeps the lease alive while the VM runs).
| Argument | Type | Description |
|---|---|---|
| taskId | string | |
| owner | string | |
| vmId? | string |
fn hydrate()
Write a compact summary of the run (counts, halt reason + options, leased VMs, stall culprits, cost estimate).
fn abort(reason: string)
Halt the run (any non-terminal state). Records leased vmIds for the driver to destroy.
| Argument | Type | Description |
|---|---|---|
| reason | string |
fn complete()
Mark the run complete (requires all tasks done) and emit the final report.
Resources
run(infinite)— Authoritative Run aggregate — the Task DAG + scheduler state.
summary(infinite)— Compact hydrate summary — derived from `run`, cheap to read.
decision(infinite)— The most recent next() decision — which task to run, or why halted.
@magistr/swamp-go-brr/docker-verifyv2026.06.12.1extensions/models/docker_verify.ts
Global Arguments
| Argument | Type | Description |
|---|---|---|
| sshHost | string | Docker host running the applied tree (SSH) |
| sshUser | string | SSH username |
fn verify(image: string, treePath: string, verifyCommand: string, user: string, pidsLimit: number, memory: string, cpus: string)
Run the host-pinned verify command once to completion in a hardened, network-less, token-less container against the read-only applied tree; return the raw exit code (the green gate).
| Argument | Type | Description |
|---|---|---|
| image | string | |
| treePath | string | |
| verifyCommand | string | |
| user | string | |
| pidsLimit | number | |
| memory | string | |
| cpus | string |
Resources
result(infinite)— The verify run result: { exitCode, stdout }. exitCode is the gate.
@magistr/swamp-go-brr/source-integrationv2026.06.12.1extensions/models/source_integration.ts
Global Arguments
| Argument | Type | Description |
|---|---|---|
| jjPath | string | jj binary (PATH-resolved by default) |
fn build_workorder(taskId: string, spec: string, writeAllowlist: array, repoScope: string, practices: string, nonce: string)
Read the allowlist's existing files from repoScope (realpath-anchored, DENY-guarded, secret-scrubbed) and assemble the leaf WorkOrder prompt instructing the @@EDIT envelope. No clone — the file slice goes inline; the caller submits with gitRepoUrl=''.
| Argument | Type | Description |
|---|---|---|
| taskId | string | |
| spec | string | |
| writeAllowlist | array | |
| repoScope | string | |
| practices | string | |
| nonce | string |
fn apply(repoScope: string, base: string, tasks: array)
Fan-out apply of N completed leaves, each as a PER-TASK ISOLATED jj change off the COMMON BASE (siblings, never stacked) so each task's tree gates in isolation. Parses the @@EDIT envelope, enforces the allowlist/DENY/caps + realpath ACL, writes regular files only, runs the mode-aware re-walk tripwire, and returns per-task {changeId, host-observed changedPaths, scrubbed diff, failureKind?}.
| Argument | Type | Description |
|---|---|---|
| repoScope | string | |
| base | string | the common base change id all task changes branch from |
| tasks | array |
Resources
workorder(infinite)— A built leaf WorkOrder prompt (the inline file slice + practices + @@EDIT instructions).
applied(infinite)— Per-task apply results: { taskId -> {changeId, changedPaths, diff, failureKind?} }. changedPaths are HOST-OBSERVED (jj diff), never agent-declared.
04Stats
A
92 / 100
Downloads
0
Archive size
39.0 KB
- Has README or module doc2/2earned
- README has a code example1/1earned
- README is substantive0/1missing
- Most symbols documented1/1earned
- No slow types (deprecated)1/1earned
- Dependencies pass trust audit2/2earned
- Has description1/1earned
- Platform support declared (or universal)2/2earned
- License declared1/1earned
- Verified public repository2/2earned
Repository
https://github.com/umag/swamp-workspace05Platforms
06Labels