Lab: open.ts web UI uses force:true pullExtension, same data-loss family as #126

Problem

src/cli/commands/open.ts:185 calls pullExtension with force: true inside the web UI's server-side callback (comment explicitly says: "Force overwrite — the web UI has no stdin to answer the 'overwrite existing files?' prompt, so we always install non-interactively and let the latest version win").

If a user has local edits under .swamp/pulled-extensions/<name>/ and the web UI triggers an install (e.g. clicking 'install' on an extension page, or the UI auto-installing a dependency), those edits are silently overwritten with no prompt or warning — same data-loss family as swamp-club#121 and swamp-club#126, different trigger (web UI non-interactive install rather than auto-resolve or auto-update).

Scope of affected code

src/cli/commands/open.ts:185 — force: true in the web UI's pullExtension callback

Suggested fix direction

Once swamp-club#126 lands the filesChecksum anchor and detectLocalEdits pattern, the web UI path can adopt the same check: before firing the force install, compute the on-disk digest, compare to the stored anchor, and if they differ return an HTTP error (e.g. 409 Conflict) with a body that directs the user to run swamp extension pull <name> --force from the terminal. The web UI renders that as a user-visible message in the install flow.

Context

Discovered during swamp-club#126 adversarial review (ADV-3). Explicitly out of scope of #126 so that the auto-update fix can ship with tight scope. Tracking separately here. Similar treatment to #126's treatment of #121 (sibling issues in the same data-loss family, fixed independently with a shared anchor mechanism).

Add swamp data delete command to remove a data artifact by model and name

add `swamp doctor extensions` subcommand for on-demand extension load diagnostics

AI agent skipped adversarial review step before smoke testing extension code

Better Auth rejects requests on hostnames not in hardcoded trustedOrigins (signup/signin broken on non-canonical hosts)

Local extension models in extensions/models are not discovered in fresh repo tutorial flow

ticket 1138 not clear - can we still use github?

Drag Windows into the Swamp

Add `swamp extension test` command to run built-in extension tests with coverage

swamp repo init --tool kiro does not create .kiro/settings/cli.json

Support multi-agent repo initialization (multiple --tool targets)

CLI dumps 300-line Cliffy Command object on unknown flags / subcommands

Docs: repository-configuration.md missing defaultDriver / defaultDriverConfig

Server-side parse query params on /lab/all so refresh preserves multi-filter URLs

fast-path sidecar TOCTOU: post-op HEAD can record generation from a concurrent writer's push, masking their data on next sync

Scorer should honour files/deno.json imports so bare specifiers resolve

@swamp/gcs-datastore: same minutes-slow zero-diff sync cliff as lab/164; mirror fingerprint fast path

cleanup for repoDriver

swamp datastore sync is minutes-slow at 4k-file scale even with zero-diff; outer 300s timeout fires

swamp-extension-publish skill: add quality rubric check before push

New @swamp extension: extension quality rubric checker for CI

swamp-extension-quality and swamp-extension-publish skills don't guide zod import map resolution for scorer

swamp repo upgrade deletes extension model source files

Add repo-level `defaultDriver` to `.swamp.yaml`

User report extensions registered lazily are silently skipped during method execution

swamp extension install: datastore push hangs ~8.5m then crashes with Deno TLS panic (tls_wrap.rs:1918 unwrap on None)

Add a preflight diagnostic for AI-tool audit integrations (so upstream CLI changes stop breaking us silently)

audit record --from-hook silently drops input from kiro-cli postToolUse hooks

codegen pipelines don't detect _lib/*.ts changes so manifest CalVer never bumps

Link to namespace extensions listing from profile pages

Trailing slash on /extensions/@<namespace>/ returns 404

No way to browse all extensions belonging to a collective by URL

DatastoreProvider.resolveCachePath declared optional but silently required at runtime

Accept-invite link returns HTML instead of JSON, breaking collective join

additionalFiles flatten to basenames on push and lack a runtime access API, creating a source-vs-pulled layout mismatch

Extension search returns inflated results for quoted phrase queries

Docs: document jsr:/https: imports and non-local pinning convention in user-facing manual

First-class jsr: specifier support in extension bundler

Cross-extension code sharing via manifest exports field

Extension models: document/resolve implicit-any in execute parameters when imported by test files

extension yank: allow unyank and version-specific yanks

extension source add does not discover brand new types — only overrides already-pulled types

Add light mode to swamp.club and swamp open UI

Add 'swamp open' command to open the swamp.club web UI

Add light mode to swamp.club website

Datastore sync surfaces opaque errors from extensions verbatim — no status code or body preview

@swamp/s3-datastore: first-attempt 403 masked as "UnknownError" from AWS SDK deserializer

Extension auto-resolve reports "already_installed" for truncated pulled-extension trees

Email delivery for mention notifications

Auto-update WARN is silent in --json mode (logger suppresses non-fatal)

open.ts web UI uses force:true pullExtension, same data-loss family as #126

Port bundle_freshness (content-fingerprint cache invalidation) to reports / drivers / datastores / vaults loaders

Mentions and notifications system for issues

Datastore auto-update in resolve_datastore.ts uses force:true, risking silent overwrite of local edits

Per-repo user-extension bundle cache doesn't invalidate on source changes

Adding methods to in-body `methods:{}` on `export const model` doesn't re-register

User extensions silently dropped when base type not yet registered at scan time

Footer floats when page content is shorter than viewport

workflow validate can silently overwrite local edits to pulled extensions via force-pull in auto-resolver

Extension pull should namespace files by extension to prevent filename collisions

Update CLAUDE.md co-author instructions to use swamp-club issue author lookup

Add swamp issue get CLI command to fetch issue details

swamp-club API: include issue author in GET /api/v1/lab/issues/{number} response

Install command curl-pipe-sh overflows the component on swamp.club homepage

'Assigned to me' overlaps 'Privacy policy' on short viewports

Collapsible left rail and repositionable right rail in Lab

Usernames aren't linked to their profile pages

Filter lab issues by author (opened by user)

Add skills extension type for bundling agent/human guidance documents

Remove traffic lights in column 2 of /lab

Multi-select combo filtering on /lab

data gc skips version-count GC when no lifetime-expired data exists

Content filter should identify the flagged word or phrase

Bog flow: text rendering and layout issues

Flow modal: text rendering issues

Normalize text sizing across issue list and detail views

Description 'Show more' button appears even when text fits

Inline editing: click-to-edit fields instead of pencil icons

Persist lab filter selection in localStorage

Update how-to guide with swamp-extension-publish skill

Fix incorrect favicon in Google search results