#339
extension unyank needs -y/--yes flag for non-interactive use
sjust now
#338
Step key parsing in execution_service uses naive split(":") and silently truncates colon-containing step names
k21m ago
#337
Workflow-scope report artifacts unreachable via `swamp data get --workflow`
k32m ago
#336
Add --stdin support to method run and workflow run for Unix pipe composition
3h ago
#335
Docs: add run namespace to CEL expressions reference
s2h ago
#334
Fix invalidate-then-reconcile sequencing in doctor extensions; failure-mode RowStates unreachable in sourceDetails
s1h ago
#333
doctor extensions invalidateAll does not trigger fingerprint recheck for existing Indexed rows
4h ago
#332
Extension failure recording has dual write paths (legacy buildIndex vs W3 reconcile)
4h ago
#331
Expose workflow run ID in CEL so resource keys can be run-scoped
s4h ago
#330
Add `swamp doctor workflows` subcommand to surface workflow YAML parse errors during preflight
6h ago
#329
Add 'swamp issue comment' command for updating existing issues
s4h ago
#328
Close #327 — fixed in 20260511.160514.0-sha.9d03b09a
12h ago
#327
Nested workflow task fails with 'Bad resource ID' when workflowIdOrName uses @collective/ prefix
s10h ago
#326
Detect stale skill directories and prompt for repo upgrade
21h ago
#325
Improve skill trigger routing for cross-model edge cases
21h ago
#324
Add type search for driver, datastore, and report kinds
s10h ago
#323
Surface ReconcileFromDisk dryRun transitions in swamp doctor extensions
1d ago
#322
Docs: update doctor extensions reference for W6 aggregate-state rendering + repair flags
s21h ago
#321
swamp issue: check if reporter is on an outdated binary before opening
1d ago
#320
Implement W6: swamp doctor extensions aggregate-state rendering + repair surface (extension catalog rearchitecture)
s22h ago
#319
extension pull fails referencing removed source after extension source rm
s1d ago
#318
Investigate whether allExtensionMethodsAttached guard can be removed via registration-path consolidation
s20h ago
#317
Trace context is lost: CLI ignores inbound TRACEPARENT and raw driver doesn't propagate active context into in-process methods
s1d ago
#316
swamp model create --global-arg KEY=VALUE doesn't coerce strings to z.number() schemas
s1d ago
#315
swamp model create --global-arg KEY=VALUE doesn't coerce strings to z.number() schemas
1d ago
#314
swamp issue get should rate-limit unauthenticated users instead of blocking
1d ago
#313
swamp issue get should not require authentication
s1d ago
#312
telemetry: emit child entries for follow-up action method invocations
2d ago
#311
Publish release-candidate / unstable extension versions
2d ago
#310
extension source rm leaves stale @local/. rows in catalog, blocking later pulls of registry types
s1d ago
#309
extension push drops binaries: field from re-emitted archive manifest.yaml
s1d ago
#308
macOS launchd autoupdate (club.swamp.autoupdate) silently fails — binary stays stale
s1d ago
#307
Clicking @hivemq/honeycomb extension card on /extensions shows 'Something went wrong'
1d ago
#306
Docs: Update model-definitions.md and workflows.md for direct type execution
s1d ago
#305
Docs: document binaries manifest field in extension-manifest.md
s2d ago
#304
Add an official @swamp/ssh extension for general-purpose SSH (brownfield-friendly)
3d ago
#303
Accept and display binaries field from extension push metadata
s2d ago
#302
Direct type execution: collapse model create + method run into one command
s2d ago
#301
Per-method telemetry events for workflow runs
k3d ago
#300
Workflow run liveness: orphaned 'running' records when originating CLI process dies mid-run
3d ago
#299
Provide a CLI-shape primer for AI agents to reduce rediscovery overhead
s3d ago
#298
quality rubric: don't penalize extensions whose upstream constrains them to a single platform
s4d ago
#297
Extension update rejects multiple .ts files extending the same target type within one local extension (regression)
4d ago
#296
swamp extension push deadlocks when invoked from inside a swamp workflow step
s4d ago
#295
Collective-scoped auth keys + OIDC federation for CI publishing
4d ago
#294
forEach self.* in modelIdOrName not resolved in runtime execution path
s4d ago
#293
Award leaderboard points for referrals and collective invites
4d ago
#292
Add agent harness detection and AiTool to telemetry
k4d ago
#291
Workflow-level runtime expressions (env.*, vault.*) not resolved in driverConfig — docker driver receives literal ${{ ... }} strings
12h ago
#290
Implement W5: Per-fingerprint import URLs + subprocess test harness (extension catalog rearchitecture)
s1d ago
#289
swamp config set crashes with YAML serialization error
s4d ago
#288
datastore compact: VACUUM fails in compiled binary (SQLITE_LIMIT_ATTACHED=0)
s4d ago
#287
Repo-level version gating: minSwampVersion high-water mark for team consistency
4d ago
#286
Docs: document self.* expressions in modelIdOrName during forEach
s5d ago
#285
Docs: How-to guide for background autoupdating
s4d ago
#284
Manifest version bumps silently ignored for existing local extension aggregates
s4d ago
#283
materialiseExtensions misclassifies pulled rows when manifest name collides with a pulled extension
s5d ago
#282
Local extension edits don't reliably trigger rebundle
5d ago
#280
Missing unique indexes on user.email and user.username allow duplicate users
k4d ago
#279
Resolve self.* expressions in modelIdOrName during forEach expansion
s5d ago
#278
discord-bot double-sends sign_up notifications
k5d ago
#277
Discord bot sends duplicate signup notifications
5d ago
#276
Add 'swamp workflow list' as alias for 'swamp workflow search'
s5d ago
#275
Add 'swamp auth status' as alias for 'swamp auth whoami'
s5d ago
#274
Extension bundle cache does not invalidate on source edits
s5d ago
#273
extension pull fails on @local/[email protected] phantom-claim collision when local repo has its own extension
s5d ago
#272
Lab search by numeric issue ID returns no results
s5d ago
#271
W3 sourceToRow writes empty source_mtime — should carry filesystem mtime through Source entity
s4d ago
#270
Warm-start rebundleAndUpdateCatalog should respect terminal RowStates set by reconcile
4d ago
#269
Implement W4: KindAdapter + unified loader (extension catalog rearchitecture)
s4d ago
#268
Docs: add vault read-secret command to reference manual
s6d ago
#267
Extension layer garbage collection: prune catalog rows + evict orphaned bundles
1d ago
#266
Docs: document workflow concurrency limits in reference manual
s6d ago
#265
Locally-sourced extension: source_mtime updates without regenerating stale bundle
s5d ago
#264
Extension push: allow shipping executable host helpers (bin/mudroom blocker)
s2d ago
#263
Vault expressions silently deliver __SWAMP_VSEC__ sentinels under the docker driver
s6d ago
#262
First-class shell-shim support for extensions, with registry-level visibility
6d ago
#261
Local extension model bundles don't rebuild when source changes (no rebuild CLI; manual cache delete breaks the runner)
s5d ago
#260
Configurable concurrency limits for workflow fan-out (forEach, parallel jobs/steps)
s6d ago
#258
feat(security): redact sensitive method arg values from audit log
s6d ago
#257
docs: document swamp datastore compact and GC WAL behaviour
7d ago
#256
UAT: swamp datastore compact reclaims WAL and catalog space
5d ago
#255
Plan v4 step 9 literal test untestable under current catalog PK semantics
7d ago
#254
Cross-process concurrency stress for W2 lifecycle services
s6d ago
#253
UAT additions for W2 lifecycle services (Install/Remove/Upgrade)
6d ago
#252
Implement W3: ReconcileFromDisk + freshness-as-aggregate-query (extension catalog rearchitecture)
s6d ago
#251
doctor extensions repair: clean catalog-only orphans
6d ago
#250
Extensions should be able to ship Claude Code skills
s7d ago
#249
Pre-existing TOCTOU windows in YAML repo walkers (findAll directory level + findById)
s6d ago
#248
`swamp datastore setup` migration is not resumable / leaves the repo in a partial state on failure
s5d ago
#247
Built-in models must honor AbortSignal so --timeout works in practice
s6d ago
#246
Reader-lock or lock-free read path for data list/get/search/query
s6d ago
#245
data search: surface jobTag alongside workflowTag and stepTag (follow-up to #237)
s7d ago
#244
global-arg silently strips unknown keys; should reject via strict Zod schema
s7d ago
#242
redmine extension: adopt state machine patterns from @magistr for agent-driven workflows
7d ago
#241
performance degrades significantly with large SQLite catalog
s7d ago
#240
summarise: timeout/hang on repos with many workflow runs
s7d ago
#239
extension quality/fmt fail on pulled extensions (path mismatch)
s5d ago
#238
vault: add read-secret CLI command for agent-driven secret retrieval
s6d ago
#237
data query: stepName and jobName fields always empty in CEL results
s7d ago
#236
Extension ecosystem: shared utility library, version sync tooling, and HTTP resilience patterns
7d ago
#235
Agentic CLI improvements: --json stdout isolation, array inputs, and --repo-dir consistency
s7d ago
#234
data delete fails with "Directory not empty (os error 39)" when concurrent writes are active
s7d ago
#233
Extract LockfileRepository (W2 prequel for swamp-club#231)
s7d ago
#232
Extend DatastoreSyncService.markDirty() with optional relPath argument
k7d ago
#231
Implement W2: Lifecycle services own the catalog write (extension catalog rearchitecture)
s7d ago
#230
data·delete logger double-quotes the data name in log output
s7d ago
#229
DDD: refactor data services to depend on domain-side ports instead of infrastructure types
s7d ago
#228
Detect AWS CredentialsProviderError in @swamp/aws-sm-vault and prepend SSO-expiration hint
s5d ago
#227
Opt-in background autoupdate for the swamp binary (configurable cadence + risk tolerance)
s4d ago
#226
Detect AWS CredentialsProviderError in summarizeSyncError and prepend SSO-expiration hint
s7d ago
#225
S3 datastore hydrate has no fallback for buckets without .datastore-index.json
s7d ago
#224
S3 datastore stale-lock retry loop never evicts orphan locks left by swamp processes that panic at shutdown
s8d ago
#223
Implement W1b: Repository and RowState (extension catalog rearchitecture)
s7d ago
#222
Redundant push after pullChanged: localMtime clobbered by pullIndex(forceRemote)
s8d ago
#221
Docs: update datastore-configuration manual after #220 setup-hydration fix lands
s8d ago
#220
workflow run search returns empty after S3 datastore setup, despite run YAMLs in datastore
s8d ago
#219
CLI crashes with exit 134 (Rust panic in tls_wrap.rs) after successful command output
s7d ago
#218
S3 datastore global lock enters infinite stale-lock loop after interrupted workflow
s8d ago
#217
swamp-extension-model skill: include description field in upgrades quickref
s8d ago
#216
swamp-extension-model skill: include field in upgrades quickref
8d ago
#215
Adversarial UAT test: missing cached bundle with intact catalog should self-recover
5d ago
#214
Port importBundleByPath ENOENT fallback to datastore/driver/vault/report loaders
6d ago
#213
`swamp datastore setup` (filesystem→S3 migration) panics in deno Node TLS layer mid-migration
7d ago
#212
swamp model type describe fails with 'No such file' instead of rebundling when bundle is missing
k10d ago
#211
Implement W1: Repository and RowState (extension catalog rearchitecture)
s8d ago
#210
feat: swamp extension verify — opaque extension-lifecycle verification primitive
10d ago
#209
Schema-invalid extensions loop in rebundle path: catalog row never updates after first failed validation
s10d ago
#208
swamp model type search is slow (~8s) and re-bundles all extensions on every call
s10d ago
#207
Per-extension layout migration drops Claude skill from @magistr/good-planning
s11d ago
#206
swamp extension outdated crashes on empty repo (Stream ended...)
s11d ago
#205
Docs: extension install/pull/update sync-to-manifest behaviour
11d ago
#204
Add process-level install lock around installExtension
s11d ago
#203
Docs: extension commands reference
s11d ago
#202
swamp extension install/pull does not prune source files dropped between versions, causing catalog to re-index orphans
s11d ago
#201
Catalog retains stale source-file entries when extension version drops a file; no native prune/repair
5d ago
#200
Document and surface a native cache-refresh path so agents stop doing cache surgery
5d ago
#199
swamp should warn when installed extensions are outdated
s11d ago
#198
Catalog retains stale source-file entries when extension version drops a file; no native prune/repair
11d ago
#197
Document and surface a native cache-refresh path so agents stop doing cache surgery
11d ago
#196
swamp should warn when installed extensions are outdated
11d ago
#195
Skill/prompt guidance: prefer the bundled deno when no system deno is on PATH
s10d ago
#194
Vault backend backed by GitHub Actions Secrets (read via gh token)
s4d ago
#193
Re-enable Windows tests as deno compile for Windows lands
10d ago
#192
swamp-club extension card no longer exposes @ns/slug as contiguous text
k11d ago
#191
Docs: multi-tool repo support
s11d ago
#190
swamp vault: vendor-specific annotations (e.g. 1Password notesPlain, tags, custom fields)
12d ago
#189
swamp model method run: --foreach to fan out across instances
13d ago
#188
swamp workflow validate: actionable error messages and template scaffolds
13d ago
#187
swamp CLI cold-start latency (~5–7 s per invocation) compounds in workflows that shell out
13d ago
#186
Workflow tasks should support ephemeral model instances (modelType + globalArgs) so workflows are zero-prereq
13d ago
#185
CEL expression evaluator throws 'Unhandled node type: string'
s12d ago
#184
cli: agents need to add ripples (comments) to issues via the CLI
s12d ago
#183
quality: models and additionalFiles paths resolve relative to different directories
s12d ago
#182
quality: has-readme/has-license miss additionalFiles in subdirectories
s12d ago
#181
Add swamp data delete command to remove a data artifact by model and name
s8d ago
#180
add `swamp doctor extensions` subcommand for on-demand extension load diagnostics
s12d ago
#179
AI agent skipped adversarial review step before smoke testing extension code
s14d ago
#178
Better Auth rejects requests on hostnames not in hardcoded trustedOrigins (signup/signin broken on non-canonical hosts)
k14d ago
#177
Local extension models in extensions/models are not discovered in fresh repo tutorial flow
s14d ago
#176
ticket 1138 not clear - can we still use github?
14d ago
#175
Drag Windows into the Swamp
s14d ago
#174
Add `swamp extension test` command to run built-in extension tests with coverage
6d ago
#173
swamp repo init --tool kiro does not create .kiro/settings/cli.json
s14d ago
#172
Support multi-agent repo initialization (multiple --tool targets)
s8d ago
#171
CLI dumps 300-line Cliffy Command object on unknown flags / subcommands
s15d ago
#170
Docs: repository-configuration.md missing defaultDriver / defaultDriverConfig
ks12d ago
#169
Server-side parse query params on /lab/all so refresh preserves multi-filter URLs
k1d ago
#168
fast-path sidecar TOCTOU: post-op HEAD can record generation from a concurrent writer's push, masking their data on next sync
s17d ago
#167
Scorer should honour files/deno.json imports so bare specifiers resolve
s17d ago
#166
@swamp/gcs-datastore: same minutes-slow zero-diff sync cliff as lab/164; mirror fingerprint fast path
s17d ago
#165
cleanup for repoDriver
k18d ago
#164
swamp datastore sync is minutes-slow at 4k-file scale even with zero-diff; outer 300s timeout fires
s18d ago
#163
swamp-extension-publish skill: add quality rubric check before push
s18d ago
#162
New @swamp extension: extension quality rubric checker for CI
s18d ago
#161
swamp-extension-quality and swamp-extension-publish skills don't guide zod import map resolution for scorer
s18d ago
#160
swamp repo upgrade deletes extension model source files
s18d ago
#159
Add repo-level `defaultDriver` to `.swamp.yaml`
k18d ago
#158
User report extensions registered lazily are silently skipped during method execution
s18d ago
#157
swamp extension install: datastore push hangs ~8.5m then crashes with Deno TLS panic (tls_wrap.rs:1918 unwrap on None)
s18d ago
#156
Add a preflight diagnostic for AI-tool audit integrations (so upstream CLI changes stop breaking us silently)
s17d ago
#155
audit record --from-hook silently drops input from kiro-cli postToolUse hooks
19d ago
#154
codegen pipelines don't detect _lib/*.ts changes so manifest CalVer never bumps
17d ago
#153
Link to namespace extensions listing from profile pages
s19d ago
#152
Trailing slash on /extensions/@<namespace>/ returns 404
s19d ago
#151
No way to browse all extensions belonging to a collective by URL
s19d ago
#150
DatastoreProvider.resolveCachePath declared optional but silently required at runtime
s19d ago
#147
Accept-invite link returns HTML instead of JSON, breaking collective join
s20d ago
#146
additionalFiles flatten to basenames on push and lack a runtime access API, creating a source-vs-pulled layout mismatch
s19d ago
#145
Extension search returns inflated results for quoted phrase queries
s20d ago
#144
Docs: document jsr:/https: imports and non-local pinning convention in user-facing manual
s20d ago
#143
First-class jsr: specifier support in extension bundler
s20d ago
#142
Cross-extension code sharing via manifest exports field
16d ago
#141
Extension models: document/resolve implicit-any in execute parameters when imported by test files
s21d ago
#140
extension yank: allow unyank and version-specific yanks
s21d ago
#139
extension source add does not discover brand new types — only overrides already-pulled types
s21d ago
#138
Add light mode to swamp.club and swamp open UI
5d ago
#137
Add 'swamp open' command to open the swamp.club web UI
11d ago
#136
Add light mode to swamp.club website
11d ago
#135
Datastore sync surfaces opaque errors from extensions verbatim — no status code or body preview
s21d ago
#134
@swamp/s3-datastore: first-attempt 403 masked as "UnknownError" from AWS SDK deserializer
21d ago
#133
Extension auto-resolve reports "already_installed" for truncated pulled-extension trees
21d ago
#131
Email delivery for mention notifications
5d ago
#130
Auto-update WARN is silent in --json mode (logger suppresses non-fatal)
s22d ago
#129
open.ts web UI uses force:true pullExtension, same data-loss family as #126
s22d ago
#128
Port bundle_freshness (content-fingerprint cache invalidation) to reports / drivers / datastores / vaults loaders
s22d ago
#127
Mentions and notifications system for issues
s22d ago
#126
Datastore auto-update in resolve_datastore.ts uses force:true, risking silent overwrite of local edits
s24d ago
#125
Per-repo user-extension bundle cache doesn't invalidate on source changes
s24d ago
#124
Adding methods to in-body `methods:{}` on `export const model` doesn't re-register
s18d ago
#123
User extensions silently dropped when base type not yet registered at scan time
s24d ago
#122
Footer floats when page content is shorter than viewport
s21d ago
#121
workflow validate can silently overwrite local edits to pulled extensions via force-pull in auto-resolver
s24d ago
#120
Extension pull should namespace files by extension to prevent filename collisions
s25d ago
#119
Update CLAUDE.md co-author instructions to use swamp-club issue author lookup
s26d ago
#118
Add swamp issue get CLI command to fetch issue details
s6d ago
#117
swamp-club API: include issue author in GET /api/v1/lab/issues/{number} response
s26d ago
#116
Install command curl-pipe-sh overflows the component on swamp.club homepage
s26d ago
#115
'Assigned to me' overlaps 'Privacy policy' on short viewports
s26d ago
#114
Collapsible left rail and repositionable right rail in Lab
k26d ago
#113
Usernames aren't linked to their profile pages
k26d ago
#112
Filter lab issues by author (opened by user)
k26d ago
#111
Add skills extension type for bundling agent/human guidance documents
s27d ago
#110
Remove traffic lights in column 2 of /lab
ks25d ago
#109
Multi-select combo filtering on /lab
k26d ago
#108
data gc skips version-count GC when no lifetime-expired data exists
k28d ago
#107
Content filter should identify the flagged word or phrase
k28d ago
#106
Bog flow: text rendering and layout issues
k26d ago
#101
Flow modal: text rendering issues
k26d ago
#99
Normalize text sizing across issue list and detail views
k28d ago
#98
Description 'Show more' button appears even when text fits
k28d ago
#97
Inline editing: click-to-edit fields instead of pencil icons
ks21d ago
#96
Persist lab filter selection in localStorage
k17d ago
#95
Update how-to guide with swamp-extension-publish skill
s28d ago
#94
Fix incorrect favicon in Google search results
29d ago
#93
Missing section on user profile page for wendy
s29d ago
#92
Extension skills missing repository initialization and publishing prerequisites
s29d ago
#91
Vault CEL expressions replaced with VaultSecretBag sentinels after model type upgrade
k29d ago
#90
Audit: modelRegistry.get() without ensureTypeLoaded() in YAML repository save() paths
s29d ago
#89
Cross-model expression validator fails on lazy-loaded types — modelRegistry.get() bypasses ensureTypeLoaded
1mo ago
#88
forEach.in with data.latest() throws misleading 'got: object' error for unresolved Promise
s29d ago
#86
issue-lifecycle models should support --assignee for swamp.club issues
s1mo ago
#85
Driver capability registry: declare richer execution capabilities at driver design time
s5d ago
#84
Consolidate MethodReportContext construction — manual and workflow report paths build contexts divergently
s28d ago
#83
Workflow-level workspace for docker driver: stateful multi-step workflows
s5d ago
#82
"OG Swamper" badge inconsistent
k1mo ago
#81
Workflow-scope user extension reports don't execute: getAll() excludes lazy-loaded reports
s1mo ago
#80
Improve skill trigger routing accuracy across models
s27d ago
#66
Add GitHub Copilot IDE support
s26d ago
#65
Phase 1: /feed — judge-gated content stream
k19d ago
#64
Add reactions and Giphy integration to comments
26d ago
#63
Architecture violation: search route imports directly from lib/infrastructure
s1mo ago
#62
Introduce domain events to formalize the telemetry-to-consumer pipeline
26d ago
#61
Refactor: move telemetry track() calls from route handlers to application services
s1mo ago
#59
Reindex path feeds error events to consumer, bypassing filtering
s1mo ago
#58
Custom swamp-themed avatar generator with daily rerolls
5d ago
#57
Profile content links with scoring for community contributions
19d ago
#56
Score extension pull events for extension authors
s1mo ago
#55
Score daily sign-in events with streak multiplier
s1mo ago
#54
Score sign_up events in the telemetry pipeline
19d ago
#53
Score extension publish events in the telemetry pipeline
s1mo ago
#52
Add 'award' telemetry event type for arbitrary score grants
5d ago
#51
Bug: authenticated pulls always shows 0 on profile page
25d ago
#50
Decouple identity_map from main app: username renames via event, not shared DB
26d ago
#49
Optimise MongoDB Search Queries
26d ago
#48
Transactional emails on login with google/similar
26d ago
#47
Add rate limiting to send-verification-email endpoint
26d ago
#46
Add authentication or rate limiting to check-verified endpoint
26d ago
#45
swamp data query for morning-message in hello-world tutorial returns nothing.
a1mo ago
#44
Document vault migrate command in reference docs
s1mo ago
#43
Locks on long running actions
1mo ago
#42
issue-lifecycle skill: improve resumption and close-out guidance
s1mo ago
#41
deprovision: firewall deletion fails with resource_in_use immediately after server delete
s18d ago
#40
swamp workflow validate should check step inputs against method's required arguments
s1mo ago
#39
data.latest() returns null when new data written while _catalog.db is already marked populated
a1mo ago
#38
Bundle cache fallback silently skipped when source and bundle have equal mtimes
s1mo ago
#37
Add vault migrate command to move secrets between vaults
s1mo ago
#35
Consolidate method execution paths — workflow steps and manual runs build MethodContext divergently
k1mo ago
#33
CatalogStore constructor runs createSchema before migrateIfNeeded; v1→v2 upgrade fails on existing repos
a1mo ago
#32
discord-bot poller double-processes events with >1 replica
1mo ago
#31
datastore sync: clean up zombie _catalog.db* entries from remote index and S3 bucket
1mo ago
#30
datastore sync --push runs pushChanged() twice per invocation (coordinator dedup)
1mo ago
#29
datastore sync --push fails on _catalog.db-wal: catalog SQLite DB lives inside the S3 sync cache
1mo ago
#28
.swamp/datastore-bundles/ leaks into deno lint and deno fmt scans
1mo ago
#27
deno run audit task missing --allow-env flag
1mo ago
#26
Error when submitting a new issue manually
1mo ago
#25
Green text on issue details is a lot
1mo ago
#24
evals/promptfoo: bump hono and @hono/node-server to clear 6 dependabot alerts
1mo ago
#21
issue-lifecycle: COMMENTED PR review can overwrite a prior decisive state in fetchPrReviews
19d ago
#20
Add agent-constraints/ for issue-lifecycle skill
19d ago
#19
@swamp/aws/ec2: auto-generated models lack list, tag, and factory-compatible update methods
1mo ago
#18
@swamp/digitalocean/space-key stores secret in plaintext - should mark as sensitive
1mo ago
#17
Add Azure provider pipeline to codegen
8d ago
#16
feat: Namespace.so execution driver for remote workload execution
1mo ago
#15
Add macOS Keychain vault type
26d ago
#14
Add uniform bucket-level IAM support to @swamp/gcp/storage
1mo ago
#13
Expand DataRecord with first-class provenance fields; remove all hidden scoping from data access
a1mo ago
#12
feat: Private extensions
1mo ago
#11
Workflow execution repeats #1091: cross-model CEL expression validation fails for unresolved types
s24d ago
#10
context.readModelData returns different results depending on invocation context (manual vs workflow)
s24d ago
#9
Handle sensitive fields gracefully when no vault is configured
s1mo ago
#8
Vault reads for model global arguments are cached at workflow start, making in-workflow token refresh ineffective
26d ago
#7
feat: approval gates for workflow steps and jobs
26d ago
#6
Install script: curl fails TLS verification for swamp.club (certificate chain)
16d ago
#5
Extension Patches: contribution workflow for community extensions
5d ago
#4
Feature: swamp issue for extensions — bug reports, security disclosures, and author notifications
s20d ago
#3
Support 'swamp <app> run' as containerized entrypoint for easy onboarding
1mo ago
#2
Persistent runner / server mode to eliminate per-invocation CLI startup overhead
17d ago
#1
feat: add support for Nix via a flake
21d ago
← Back to list5/8/2026, 12:36:14 PM
01Issue
FeatureClosedSwamp CLI
AssigneesNone
#295 Collective-scoped auth keys + OIDC federation for CI publishing
Opened by bixu · 5/8/2026
Problem
Today, swamp extension push authenticates with an API key tied to a user account. swamp auth whoami confirms this — the apiKey field maps to a single user (apiKeyId is just a label).
This is operationally fragile when a collective (e.g. @hivemq, @swamp) wants to publish extensions from CI:
- Personal key in shared CI. Whoever mints the key has their personal credential sitting in a GitHub Actions secret. If they leave the org, rotate their personal token, or lose access, every CI publish silently breaks.
- No principle of least privilege. A user key carries the publishing rights of every collective that user belongs to. We can't scope a CI key to "only @hivemq" — if the user is also in
@borgand@bixu, the key transitively grants those too. - Long-lived secret in repo settings. GitHub Actions secrets are durable, hard to rotate cleanly, and can leak via misconfigured workflows or compromised actions.
Proposed solution
Two related additions, ordered by impact:
1. Collective-scoped API keys
Allow minting an API key whose principal is a collective, not a user. Key minting requires the user to currently be a maintainer of that collective; the resulting key is owned by the collective and survives membership changes. Scope is bounded to that collective's namespace — @hivemq/*, nothing else.
swamp auth key create --collective hivemq --name "github-actions-publish"
# returns: hc_xxx (collective-scoped, can only push @hivemq/*)Other maintainers of the collective can list/rotate/revoke the key.
2. OIDC federation (ideal end state)
Eliminate the long-lived secret entirely. Mirror the pattern AWS/GCP/Azure already support for GitHub Actions:
- Collective owner registers a trust policy on swamp.club, e.g.
collective: hivemq issuer: https://token.actions.githubusercontent.com sub: repo:hivemq/swamp-extensions:ref:refs/heads/main - CI workflow requests an OIDC token via
id-token: write. swamp auth federate --oidc-token "$OIDC_TOKEN"exchanges it for a short-lived (e.g. 15-minute) credential scoped to the collective.swamp extension pushuses that credential — no static secrets in repo settings.
Reference for the pattern: GitHub's OIDC integration guide and AWS's configure-aws-credentials action.
Why now
We just hit a publish hang against swamp.club that ran for 6 hours before GitHub's max-execution timeout killed it (hivemq/swamp-extensions run 25510761754). The fix involves a swamp auth whoami cred check on PRs — but that check is meaningful only because the credential is a personal user key that can go bad in ways that don't reflect the collective's intent. Federated, collective-scoped credentials would make most of that defensive plumbing unnecessary.
Alternatives considered
- Service-account user. Mint a "fake" user (
hivemq-ci) and use its key. Works today, but is a workaround — service accounts in swamp aren't a first-class concept, and the key still has all the rotation/least-privilege problems above. - Signed manifest uploads. Sign manifests with a collective-owned keypair, no API key needed for push. More invasive on the protocol side; OIDC federation is the same idea with established infrastructure.
02Bog Flow
Closed
No activity in this phase yet.
03Sludge Pulse