#544
Should be able to see all the issues I created by a filter "submitted by me"
8m ago
#543
Ability to change the email address associated with my Swamp Club Account
10m ago
#542
feat: giga-swamp phase 5 — CLI output + namespace management commands
s3h ago
#541
CI review jobs use two-dot diff that includes files the PR never touched
4h ago
#540
paths.base: manifest is not honored for workflows: — bundled workflows only resolve from repo root, blocking self-contained subdir layouts (sibling to #459)
s3h ago
#539
Lab profanity filter rejects legitimate CLI flag tokens via substring match
s4h ago
#538
Sign and notarize the swamp macOS binary
11h ago
#537
Add platform type to issue-lifecycle extension model Zod schema
s4h ago
#536
fix: datastoreSetupExtension() ignores namespace config on initial migration push/pull
s16h ago
#535
Remote execution: orchestrator/worker fan-out (replaces execution drivers)
17h ago
#534
swamp datastore sync --push creates global .datastore-index.json ignoring namespace config
s17h ago
#533
feat: S3/GCS extension namespace-scoped sync support
s4h ago
#532
Copy explicitGlobalArgs before mutation in resolveOrCreateDefinition
s20h ago
#531
vault.get() expressions in extension model globalArguments are not resolved at runtime
s17h ago
#530
swamp-issue skill should scrub secrets and org-specific data before submission
s18h ago
#529
workflow validate: trim stale 'skipped' label from model_not_found warning
s1d ago
#528
Add pi coding agent support
1d ago
#527
hashicorp-vault should read token from env
1d ago
#526
swamp-extension adversarial review skill needs mandatory mechanical verification checklist
s2h ago
#525
feat: giga-swamp phase 6 — Namespace-scoped sync
s20h ago
#524
swamp workflow validate emits misleading "Extension failed to load" warning when type resolves locally
s1d ago
#523
Add issue search/list command to discover existing issues
s1d ago
#522
Support vault-resolved private key content in transport auth (not just file paths)
s1d ago
#521
Workflow engine resolves extension methods against base type, ignoring extension-registered methods
s1d ago
#520
Per-model LockTimeoutError at 60s causes cascading failures under concurrent access
s1d ago
#519
Persistent, queryable workflow runs (status / cancel from any shell)
2d ago
#518
swamp repo upgrade: ERR_SQLITE_ERROR 'attempt to write a readonly database' during extension catalog schema migration
s1d ago
#517
workflow validate: fail on references to unknown model instances (typo'd modelIdOrName)
s1d ago
#516
feat: giga-swamp phase 4 — CEL cross-namespace queries
s2d ago
#515
Docs: document the extension push adversarial-review gate
s2d ago
#514
vault://local_encryption token does not round-trip correctly for GCP OAuth2 access tokens
s2d ago
#513
swamp issue: add ability to edit issue title and body after submission
s2d ago
#512
@swamp/gcp/iam: add WIF pool, provider, service account, and binding support
2d ago
#511
Support vault-sourced identity keys
s16h ago
#510
copy method reports success when scp exits non-zero (e.g. 255)
s2d ago
#509
Docs: TLS behind inspecting proxies / private CAs (system trust store, DENO_CERT, SSL_CERT_FILE)
1d ago
#508
Extension quality/adversarial-review: add a 'published-surface hygiene' check for real infra identifiers
2d ago
#507
Feed-post scoring is a direct domain write, not a consumer of feed_post_approved telemetry
2d ago
#506
workflow validate silently PASSES steps whose model type is a pulled extension (step-inputs skipped = false pass)
s2d ago
#505
extension quality fails to resolve bare specifiers — contradicts fmt no-import-prefix rule
s2d ago
#504
Allow global arguments in direct type execution (workflow fan-out)
s1d ago
#503
Bundled Deno does not honor the OS/system CA trust store
k2d ago
#502
Gator-approved feed post did not trigger Discord activity or profile points
k2d ago
#501
username_metrics projection backfill does not trigger re-scoring (stale UserScore for dormant users)
2d ago
#500
Enforce adversarial review gate before extension push
s2d ago
#499
support git forge / web namespaces for collectives
k3d ago
#498
Report type filtering in report search
k3d ago
#497
extension search: empty results from CLI despite known extensions
k3d ago
#496
workflow approve/resume cannot find suspended runs
s2d ago
#495
vault annotate --url fails with query params on @swamp/aws-sm
s2d ago
#494
datastore compact VACUUM fails with ERR_SQLITE_ERROR
s2d ago
#493
workflow approve/resume cannot find suspended run when using S3 datastore
s2d ago
#492
reindexByUsername re-strands pre-association history and wipes sign_in_dates
2d ago
#491
Telemetry never retroactively credits a device's pre-association history
k2d ago
#490
Docs: document swamp doctor secrets in manual reference doctor.md
s4d ago
#489
Docs: document 'swamp workflow resume --input' in manual reference
s4d ago
#488
Cloudflare codegen: manifest version bumps on every regeneration (README not deno-fmt-clean)
s4d ago
#487
Support dynamic host discovery from external sources
5d ago
#486
feat: giga-swamp phase 3 — Path resolver + per-namespace locking
s5d ago
#485
@swamp/ssh exec: string host selector only matches 'all', ignores host names and tags
s5d ago
#484
Add integration test for sensitive-arg guard on lazily-loaded extension types (follow-up to #480)
s5d ago
#483
Remediate existing definitions holding cleartext sensitive global arguments (follow-up to #480)
s4d ago
#482
Docs: document refusal of literal sensitive global arguments (follow-up to #480)
s5d ago
#481
Docs: update extension-trust reference for swamp-only default + lockfile version pinning (swamp-club#465)
s5d ago
#479
feat: giga-swamp phase 2 — Catalog schema v4 + repository interface
s5d ago
#477
Support for Custom CA's
k2d ago
#476
Cloudflare: support vault expressions for API credentials instead of env-var-only auth
s5d ago
#475
GCP: support vault expressions for credentials instead of env-var-only auth
5d ago
#474
AWS: support vault expressions for credentials instead of env-var/SDK-chain-only auth
5d ago
#473
DigitalOcean: support vault expressions for the API token instead of DO_API_TOKEN env var
s5d ago
#472
swamp model get does not redact `sensitive: true` fields (logs/reports/storage do)
s5d ago
#471
Support vault expressions for API token instead of env var
s5d ago
#470
UAT tests for manual_approval workflow commands
5d ago
#469
Document manual_approval workflow step type and suspend/approve/resume flow
s5d ago
#468
Stale extension bundles break after swamp upgrade
s5d ago
#467
Support --input flags on workflow resume for elevated permissions and runtime overrides
s4d ago
#466
Add HTTP approval endpoints to swamp serve for manual_approval steps
s20h ago
#464
feat: giga-swamp phase 1 — Namespace value object + config
s6d ago
#463
swamp serve scheduled workflows do not load repo extension registries
s5d ago
#462
ci: aws-check and gcp-check jobs take ~30min — rethink whether full model type-checking is needed per PR
s7d ago
#461
swamp CLI: send user/device identity on extension-registry HTTP calls
j6d ago
#460
Orphaned .swamp/ without .swamp.yaml marker is reported as plain 'Not a swamp repository' — partial/corrupt repo not detected
s6d ago
#459
paths.base: manifest is not honored for skills: — bundled skills only resolve from repo root, blocking multi-extension repos
s6d ago
#458
swamp data gc does not remove physical version directories from disk
s6d ago
#457
@swamp/aws/iam/role-policy: PolicyDocument schema says string but CloudControl expects JSONObject
s6d ago
#456
Docs: update autoupdating how-to for Linux privileged schedulers
s7d ago
#455
How-to: Define custom AI agent tools
s7d ago
#454
Workflow-scope report execution fails with `rawType.trim is not a function`
s7d ago
#453
version-drift check reads first `version:` literal, not export const model.version
s7d ago
#452
Support privileged autoupdate schedulers for root-owned binaries on Linux
s7d ago
#451
Docs: document LaunchDaemon autoupdate for root-owned macOS binaries
s7d ago
#450
Support deepAgents CLI/SDK as a target agent
7d ago
#449
macOS autoupdate LaunchAgent cannot update root-owned swamp binaries
s8d ago
#448
Telemetry admin reindex endpoint is gated on a defunct @systeminit.com email domain — permanently 403
s7d ago
#447
CLI telemetry forwards non-personally-resolvable identity for collective auth; distinct_id is per-machine, not per-repo
k8d ago
#446
Telemetry ingest only resolves personal API keys — collective-token events are unattributed, identity_map under-claims
k8d ago
#445
extension update/pull deadlocks when the repo's datastore is the extension being updated
s8d ago
#444
Docs: update datastore reference for lazy hydration, SyncContext, and SyncCapabilities
s8d ago
#443
Default hydrationStrategy to lazy after soak period
8d ago
#442
Make GCP CRUD methods factory-aware so list-discovered resources can be managed in-place
6d ago
#440
Datastore: lazy hydration with metadata-only setup and transparent content download
s8d ago
#439
Slim down extension search output now that extension info exists
s8d ago
#438
exec fails on macOS: ControlPath exceeds 104-byte Unix socket limit
s9d ago
#437
CSS effects on swamp.club (any page) cause high CPU
k9d ago
#436
Datastore extensions: only write dirty partition files on push
s9d ago
#435
Datastore extension benchmark suite for S3 and GCS
s9d ago
#434
GCS datastore: dirty sidecar, partitioned index, content hashing, and scoped sync
s9d ago
#433
Direct execution @type prefix fails for repo-local extension model types
s9d ago
#432
Support GitHub username in swamp.club profile to fix PR attribution
k9d ago
#431
dataRepository.getContent() fails in workflow-scope reports with 'type.toDirectoryPath is not a function'
s9d ago
#430
--json output is polluted by non-JSON content, breaking machine parsing
s9d ago
#429
Core repositories missing markDirty hook — scoped push only works on crash recovery
s10d ago
#428
Add extension info command for registry metadata
s9d ago
#427
Add extension transfer between collectives
4d ago
#426
Display extension deprecation state on swamp-club pages
s7d ago
#425
Add extension deprecation support to CLI
s7d ago
#424
swamp serve: extension bundle failure at startup is silently pinned, breaking scheduled workflows with permanent 'Unknown model type'
k10d ago
#423
vault put and read-secret use asymmetric path parsing; slash-put creates unreadable items
s10d ago
#422
Provide a Nix package for swamp (devbox / nixpkgs support)
11d ago
#421
Upgrade TUI graphics — better AI-generated ANSI or a Moebius hand-authored pipeline
11d ago
#420
Add assertVaultAnnotationExportConformance to @systeminit/swamp-testing
11d ago
#419
Add VaultAnnotationProvider conformance helpers to @systeminit/swamp-testing
s11d ago
#418
Vault annotations: --note/--notes flag inconsistency and UX improvements
s11d ago
#417
Docs: document VaultAnnotationProvider interface and extension opt-in pattern
s11d ago
#416
Add VaultAnnotationProvider support to @swamp/1password
s9d ago
#415
Add VaultAnnotationProvider support to @swamp/azure-kv
s9d ago
#414
Add VaultAnnotationProvider support to @swamp/aws-sm
s9d ago
#413
Harness detection invents env vars for kiro/opencode/codex
k12d ago
#412
Annotating vault items should be a first-class swamp operation
s11d ago
#411
workflow direct-execution inputs.* persist as globalArguments on auto-definitions and freeze on first run
s12d ago
#410
workflow-scope report's dataRepository.getContent returns null for data written in the same workflow run
s11d ago
#409
swamp-report skill references nonexistent `swamp model report` command
s12d ago
#408
@swamp/digitalocean — add domain-records model for /v2/domains/{domain_name}/records
s11d ago
#407
Docs: update extension scoring documentation for dependency-trust rubric factor
s12d ago
#406
Warn when a ${{ }} secret expression is single-quoted in a command/shell run: script
s12d ago
#405
Workflow validation should resolve modelType for direct-execution steps
s12d ago
#404
dbcluster state schema is missing DBClusterMembers (writer/reader, instance class)
s11d ago
#403
Add a list/discover method to dbcluster for enumerating clusters in a region
s8d ago
#402
Add dependency-trust rubric factor to server-side scorer (RUBRIC_VERSION 3)
s12d ago
#401
cloudidentity API calls fail with 'requires a quota project' — bundle doesn't send x-goog-user-project header
s12d ago
#400
Improve idempotency match field heuristic for auto-generated name resources (tagKeys, tagValues)
s6d ago
#399
@swamp/gcp/cloudresourcemanager/folders: create method has 5 blocking bugs (missing parent in body, LRO detection, post-LRO state, idempotency, projectId requirement)
s13d ago
#398
Add IAM policy management (setIamPolicy/getIamPolicy) on cloudresourcemanager resources; add custom-role CRUD to @swamp/gcp/iam
s13d ago
#397
@swamp/ssh exec method fails with 'ctx.createCelEnvironment is not a function'
13d ago
#396
Extension decision order should prefer @swamp/community extensions over local types
s11d ago
#395
Make wheelshop-style dependency trust-gating a core swamp feature
s12d ago
#394
swamp repo <unknown-subcommand> silently inits a nested repo (e.g. `swamp repo update`)
s13d ago
#393
Extension METHODS table truncates Method column; short names like apply/check wrap mid-word on /extensions/@swamp/ssh
s12d ago
#392
swamp extension rm leaves empty <kind>-bundles/<hash>/ dirs behind
s13d ago
#391
Pre-flight checks cannot access method arguments (check context omits methodArgs/unresolvedMethodArgs)
s13d ago
#390
swamp audit record --from-hook creates a stray .swamp datastore in the process cwd instead of resolving the repo root
s13d ago
#389
extension push publishes model files ending in _test.ts that no consumer can load
s13d ago
#388
Docs: document --extensions-dir / SWAMP_EXTENSIONS_DIR for worktree workflows
s13d ago
#387
No user feedback when model method run is waiting for lock acquisition
s14d ago
#386
issue-lifecycle: thank external contributors when issues are resolved
s13d ago
#385
Add swamp extension prune to clean up stale catalog entries
14d ago
#384
identity_map row not updated when user renames
s10d ago
#383
`swamp extension rm` leaves empty scaffold dirs behind
k14d ago
#382
Many CLI commands acquire global .datastore.lock unnecessarily, causing 60s LockTimeoutError under any concurrent writer
s14d ago
#381
swamp CLI commands fail silently or hang when invoked from git worktrees via SWAMP_REPO_DIR
s14d ago
#380
Datastore: lazy hydration for fast cold-start on first clone
9d ago
#379
S3 datastore: dirty sidecar, partitioned index, content hashing, and scoped sync
s9d ago
#378
Datastore sync: add SyncContext and SyncCapabilities framework contracts
s13d ago
#377
Terminal rendering breaks at large font sizes
s15d ago
#376
Expose cel-js Environment to extensions for custom CEL evaluation
a14d ago
#375
Add list/search as a factory method that produces many data artifacts (Drive files.list, gmail messages.list, etc.)
s8d ago
#374
files.get returns only minimal fields (id, name, kind, mimeType) because no 'fields' query parameter is sent
s15d ago
#373
ADC path uses wrong gcloud token store: 'gcloud auth print-access-token' instead of 'gcloud auth application-default print-access-token'
s15d ago
#372
Docs: update doctor reference and autoupdate how-to for new doctor install subcommand
s15d ago
#371
createModelTestContext: storedResources not used by readResource; readResource always returns null
s15d ago
#370
swamp-vault skill documents 'swamp vault read' but correct subcommand is 'read-secret'
s15d ago
#369
Add a manual_approval (pause) task type to workflow steps
s6d ago
#368
Autoupdate silently fails when swamp is installed system-wide via the official install.sh
s15d ago
#367
Missing 'parent' field in GlobalArgsSchema for several @swamp/gcp/* models causes get to fail
s15d ago
#366
bucket-policy GlobalArgsSchema requires Bucket and PolicyDocument, blocking workflow-YAML direct execution of get
s15d ago
#365
Report execute throws are advisory: workflow marked succeeded, exit 0, AND report output is discarded
s16d ago
#364
dataRepository.getContent rejects string type in production but docs and testing helper demonstrate strings
s16d ago
#363
bucket-policy StateSchema.PolicyDocument declared z.string() but CloudControl returns it as a parsed object
s15d ago
#362
Unified login input that detects email vs username by presence of '@'
k17d ago
#361
Introduce `swampd`: long-running local daemon for shared cache, secrets, and extensions
18d ago
#359
workflow validate: false "Missing required inputs" when method args are set in the model definition
k18d ago
#358
CEL and vault expressions not evaluated inside nested globalArguments fields
s14d ago
#357
@swamp/digitalocean: 30 of 33 model types fail with version mismatch error
s16d ago
#356
Add first-class Kilo Code tool support
7d ago
#355
Partitioned index for S3/GCS datastores (Phase 3)
18d ago
#354
Per-path dirty tracking in S3/GCS datastore extensions (Phase 2)
s19d ago
#353
Docs: update doctor extensions JSON reference to include warnings[] field
s20d ago
#352
Doctor kind-completed events should carry correct per-registry status
20d ago
#351
Surface type-extraction failures in doctor JSON output
s20d ago
#350
Scoped sync and capability-gated concurrency for datastores (Phase 1)
s20d ago
#349
Direct type execution fails for locally-defined extension types with pulled duplicates
s21d ago
#348
Scaffold new extensions to publish-ready quality (12/12) by default
s11d ago
#347
Add table width controls to swamp report get
s18d ago
#346
Add a markdown output mode to `swamp report get`
s20d ago
#345
Add a markdown output mode to swamp report get
21d ago
#344
swamp.club: 'Mark all read' link doesn't clear unread count on /inbox
s21d ago
#343
Official @swamp/ssh extension supporting multiple SSH transport styles
a14d ago
#342
W7 — unify extension failure surfaces; collapse registries.failures[] into sourceDetails[]
s20d ago
#341
Surface Tombstoned transitions in doctor extensions output
s21d ago
#340
Distinguish validation-throw from bundle-throw in reconcile catch; surface ValidationFailed in sourceDetails
s21d ago
#339
extension unyank needs -y/--yes flag for non-interactive use
s21d ago
#338
Step key parsing in execution_service uses naive split(":") and silently truncates colon-containing step names
k21d ago
#337
Workflow-scope report artifacts unreachable via `swamp data get --workflow`
k21d ago
#336
Add --stdin support to method run and workflow run for Unix pipe composition
s14d ago
#335
Docs: add run namespace to CEL expressions reference
s22d ago
#334
Fix invalidate-then-reconcile sequencing in doctor extensions; failure-mode RowStates unreachable in sourceDetails
s21d ago
#333
doctor extensions invalidateAll does not trigger fingerprint recheck for existing Indexed rows
22d ago
#332
Extension failure recording has dual write paths (legacy buildIndex vs W3 reconcile)
22d ago
#331
Expose workflow run ID in CEL so resource keys can be run-scoped
s22d ago
#330
Add `swamp doctor workflows` subcommand to surface workflow YAML parse errors during preflight
s21d ago
#329
Add 'swamp issue comment' command for updating existing issues
s22d ago
#328
Close #327 — fixed in 20260511.160514.0-sha.9d03b09a
22d ago
#327
Nested workflow task fails with 'Bad resource ID' when workflowIdOrName uses @collective/ prefix
s20d ago
#326
Detect stale skill directories and prompt for repo upgrade
s21d ago
#325
Improve skill trigger routing for cross-model edge cases
4d ago
#324
Add type search for driver, datastore, and report kinds
s22d ago
#323
Surface ReconcileFromDisk dryRun transitions in swamp doctor extensions
22d ago
#322
Docs: update doctor extensions reference for W6 aggregate-state rendering + repair flags
s22d ago
#321
swamp issue: check if reporter is on an outdated binary before opening
s21d ago
#320
Implement W6: swamp doctor extensions aggregate-state rendering + repair surface (extension catalog rearchitecture)
s22d ago
#319
extension pull fails referencing removed source after extension source rm
s23d ago
#318
Investigate whether allExtensionMethodsAttached guard can be removed via registration-path consolidation
s22d ago
#317
Trace context is lost: CLI ignores inbound TRACEPARENT and raw driver doesn't propagate active context into in-process methods
s23d ago
#316
swamp model create --global-arg KEY=VALUE doesn't coerce strings to z.number() schemas
s23d ago
#315
swamp model create --global-arg KEY=VALUE doesn't coerce strings to z.number() schemas
23d ago
#314
swamp issue get should rate-limit unauthenticated users instead of blocking
s14d ago
#313
swamp issue get should not require authentication
s23d ago
#312
telemetry: emit child entries for follow-up action method invocations
s15d ago
#311
Publish release-candidate / unstable extension versions
24d ago
#310
extension source rm leaves stale @local/. rows in catalog, blocking later pulls of registry types
s23d ago
#309
extension push drops binaries: field from re-emitted archive manifest.yaml
s23d ago
#308
macOS launchd autoupdate (club.swamp.autoupdate) silently fails — binary stays stale
s23d ago
#307
Clicking @hivemq/honeycomb extension card on /extensions shows 'Something went wrong'
23d ago
#306
Docs: Update model-definitions.md and workflows.md for direct type execution
s23d ago
#305
Docs: document binaries manifest field in extension-manifest.md
s24d ago
#304
Add an official @swamp/ssh extension for general-purpose SSH (brownfield-friendly)
21d ago
#303
Accept and display binaries field from extension push metadata
s24d ago
#302
Direct type execution: collapse model create + method run into one command
s24d ago
#301
Per-method telemetry events for workflow runs
k25d ago
#300
Workflow run liveness: orphaned 'running' records when originating CLI process dies mid-run
25d ago
#299
Provide a CLI-shape primer for AI agents to reduce rediscovery overhead
s25d ago
#298
quality rubric: don't penalize extensions whose upstream constrains them to a single platform
s26d ago
#297
Extension update rejects multiple .ts files extending the same target type within one local extension (regression)
26d ago
#296
swamp extension push deadlocks when invoked from inside a swamp workflow step
s26d ago
#295
Collective-scoped auth keys + OIDC federation for CI publishing
26d ago
#294
forEach self.* in modelIdOrName not resolved in runtime execution path
s26d ago
#293
Award leaderboard points for referrals and collective invites
26d ago
#292
Add agent harness detection and AiTool to telemetry
k26d ago
#291
Workflow-level runtime expressions (env.*, vault.*) not resolved in driverConfig — docker driver receives literal ${{ ... }} strings
j16d ago
#290
Implement W5: Per-fingerprint import URLs + subprocess test harness (extension catalog rearchitecture)
s23d ago
#289
swamp config set crashes with YAML serialization error
s26d ago
#288
datastore compact: VACUUM fails in compiled binary (SQLITE_LIMIT_ATTACHED=0)
s26d ago
#287
Repo-level version gating: minSwampVersion high-water mark for team consistency
26d ago
#286
Docs: document self.* expressions in modelIdOrName during forEach
s26d ago
#285
Docs: How-to guide for background autoupdating
s26d ago
#284
Manifest version bumps silently ignored for existing local extension aggregates
s26d ago
#283
materialiseExtensions misclassifies pulled rows when manifest name collides with a pulled extension
s26d ago
#282
Local extension edits don't reliably trigger rebundle
27d ago
#280
Missing unique indexes on user.email and user.username allow duplicate users
k26d ago
#279
Resolve self.* expressions in modelIdOrName during forEach expansion
s26d ago
#278
discord-bot double-sends sign_up notifications
k27d ago
#277
Discord bot sends duplicate signup notifications
27d ago
#276
Add 'swamp workflow list' as alias for 'swamp workflow search'
s27d ago
#275
Add 'swamp auth status' as alias for 'swamp auth whoami'
s27d ago
#274
Extension bundle cache does not invalidate on source edits
s26d ago
#273
extension pull fails on @local/.@0.0.0 phantom-claim collision when local repo has its own extension
s27d ago
#272
Lab search by numeric issue ID returns no results
s27d ago
#271
W3 sourceToRow writes empty source_mtime — should carry filesystem mtime through Source entity
s26d ago
#270
Warm-start rebundleAndUpdateCatalog should respect terminal RowStates set by reconcile
26d ago
#269
Implement W4: KindAdapter + unified loader (extension catalog rearchitecture)
s26d ago
#268
Docs: add vault read-secret command to reference manual
s27d ago
#267
Extension layer garbage collection: prune catalog rows + evict orphaned bundles
22d ago
#266
Docs: document workflow concurrency limits in reference manual
s27d ago
#265
Locally-sourced extension: source_mtime updates without regenerating stale bundle
s27d ago
#264
Extension push: allow shipping executable host helpers (bin/mudroom blocker)
s24d ago
#263
Vault expressions silently deliver __SWAMP_VSEC__ sentinels under the docker driver
s28d ago
#262
First-class shell-shim support for extensions, with registry-level visibility
28d ago
#261
Local extension model bundles don't rebuild when source changes (no rebuild CLI; manual cache delete breaks the runner)
s27d ago
#260
Configurable concurrency limits for workflow fan-out (forEach, parallel jobs/steps)
s28d ago
#258
feat(security): redact sensitive method arg values from audit log
s28d ago
#257
docs: document swamp datastore compact and GC WAL behaviour
29d ago
#256
UAT: swamp datastore compact reclaims WAL and catalog space
27d ago
#255
Plan v4 step 9 literal test untestable under current catalog PK semantics
28d ago
#254
Cross-process concurrency stress for W2 lifecycle services
s28d ago
#253
UAT additions for W2 lifecycle services (Install/Remove/Upgrade)
28d ago
#252
Implement W3: ReconcileFromDisk + freshness-as-aggregate-query (extension catalog rearchitecture)
s27d ago
#251
doctor extensions repair: clean catalog-only orphans
28d ago
#250
Extensions should be able to ship Claude Code skills
s28d ago
#249
Pre-existing TOCTOU windows in YAML repo walkers (findAll directory level + findById)
s28d ago
#248
`swamp datastore setup` migration is not resumable / leaves the repo in a partial state on failure
s27d ago
#247
Built-in models must honor AbortSignal so --timeout works in practice
s28d ago
#246
Reader-lock or lock-free read path for data list/get/search/query
s28d ago
#245
data search: surface jobTag alongside workflowTag and stepTag (follow-up to #237)
s29d ago
#244
global-arg silently strips unknown keys; should reject via strict Zod schema
s28d ago
#242
redmine extension: adopt state machine patterns from @magistr for agent-driven workflows
29d ago
#241
performance degrades significantly with large SQLite catalog
s29d ago
#240
summarise: timeout/hang on repos with many workflow runs
s29d ago
#239
extension quality/fmt fail on pulled extensions (path mismatch)
s27d ago
#238
vault: add read-secret CLI command for agent-driven secret retrieval
s27d ago
#237
data query: stepName and jobName fields always empty in CEL results
s29d ago
#236
Extension ecosystem: shared utility library, version sync tooling, and HTTP resilience patterns
s11d ago
#235
Agentic CLI improvements: --json stdout isolation, array inputs, and --repo-dir consistency
s29d ago
#234
data delete fails with "Directory not empty (os error 39)" when concurrent writes are active
s29d ago
#233
Extract LockfileRepository (W2 prequel for swamp-club#231)
s29d ago
#232
Extend DatastoreSyncService.markDirty() with optional relPath argument
k29d ago
#231
Implement W2: Lifecycle services own the catalog write (extension catalog rearchitecture)
s28d ago
#230
data·delete logger double-quotes the data name in log output
s29d ago
#229
DDD: refactor data services to depend on domain-side ports instead of infrastructure types
s29d ago
#228
Detect AWS CredentialsProviderError in @swamp/aws-sm-vault and prepend SSO-expiration hint
s27d ago
#227
Opt-in background autoupdate for the swamp binary (configurable cadence + risk tolerance)
s26d ago
#226
Detect AWS CredentialsProviderError in summarizeSyncError and prepend SSO-expiration hint
s29d ago
#225
S3 datastore hydrate has no fallback for buckets without .datastore-index.json
s29d ago
#224
S3 datastore stale-lock retry loop never evicts orphan locks left by swamp processes that panic at shutdown
s1mo ago
#223
Implement W1b: Repository and RowState (extension catalog rearchitecture)
s29d ago
#222
Redundant push after pullChanged: localMtime clobbered by pullIndex(forceRemote)
s1mo ago
#221
Docs: update datastore-configuration manual after #220 setup-hydration fix lands
s1mo ago
#220
workflow run search returns empty after S3 datastore setup, despite run YAMLs in datastore
s1mo ago
#219
CLI crashes with exit 134 (Rust panic in tls_wrap.rs) after successful command output
s29d ago
#218
S3 datastore global lock enters infinite stale-lock loop after interrupted workflow
s1mo ago
#217
swamp-extension-model skill: include description field in upgrades quickref
s1mo ago
#216
swamp-extension-model skill: include field in upgrades quickref
1mo ago
#215
Adversarial UAT test: missing cached bundle with intact catalog should self-recover
27d ago
#214
Port importBundleByPath ENOENT fallback to datastore/driver/vault/report loaders
27d ago
#213
`swamp datastore setup` (filesystem→S3 migration) panics in deno Node TLS layer mid-migration
29d ago
#212
swamp model type describe fails with 'No such file' instead of rebundling when bundle is missing
k1mo ago
#211
Implement W1: Repository and RowState (extension catalog rearchitecture)
s1mo ago
#210
feat: swamp extension verify — opaque extension-lifecycle verification primitive
1mo ago
#209
Schema-invalid extensions loop in rebundle path: catalog row never updates after first failed validation
s1mo ago
#208
swamp model type search is slow (~8s) and re-bundles all extensions on every call
s1mo ago
#207
Per-extension layout migration drops Claude skill from @magistr/good-planning
s1mo ago
#206
swamp extension outdated crashes on empty repo (Stream ended...)
s1mo ago
#205
Docs: extension install/pull/update sync-to-manifest behaviour
1mo ago
#204
Add process-level install lock around installExtension
s1mo ago
#203
Docs: extension commands reference
s1mo ago
#202
swamp extension install/pull does not prune source files dropped between versions, causing catalog to re-index orphans
s1mo ago
#201
Catalog retains stale source-file entries when extension version drops a file; no native prune/repair
27d ago
#200
Document and surface a native cache-refresh path so agents stop doing cache surgery
27d ago
#199
swamp should warn when installed extensions are outdated
s1mo ago
#198
Catalog retains stale source-file entries when extension version drops a file; no native prune/repair
1mo ago
#197
Document and surface a native cache-refresh path so agents stop doing cache surgery
1mo ago
#196
swamp should warn when installed extensions are outdated
1mo ago
#195
Skill/prompt guidance: prefer the bundled deno when no system deno is on PATH
s1mo ago
#194
Vault backend backed by GitHub Actions Secrets (read via gh token)
s26d ago
#193
Re-enable Windows tests as deno compile for Windows lands
1mo ago
#192
swamp-club extension card no longer exposes @ns/slug as contiguous text
k1mo ago
#191
Docs: multi-tool repo support
s1mo ago
#190
swamp vault: vendor-specific annotations (e.g. 1Password notesPlain, tags, custom fields)
12d ago
#189
swamp model method run: --foreach to fan out across instances
21d ago
#188
swamp workflow validate: actionable error messages and template scaffolds
7d ago
#187
swamp CLI cold-start latency (~5–7 s per invocation) compounds in workflows that shell out
7d ago
#186
Workflow tasks should support ephemeral model instances (modelType + globalArgs) so workflows are zero-prereq
21d ago
#185
CEL expression evaluator throws 'Unhandled node type: string'
s1mo ago
#184
cli: agents need to add ripples (comments) to issues via the CLI
s1mo ago
#183
quality: models and additionalFiles paths resolve relative to different directories
s1mo ago
#182
quality: has-readme/has-license miss additionalFiles in subdirectories
s1mo ago
#181
Add swamp data delete command to remove a data artifact by model and name
s29d ago
#180
add `swamp doctor extensions` subcommand for on-demand extension load diagnostics
s1mo ago
#179
AI agent skipped adversarial review step before smoke testing extension code
s1mo ago
#178
Better Auth rejects requests on hostnames not in hardcoded trustedOrigins (signup/signin broken on non-canonical hosts)
k1mo ago
#177
Local extension models in extensions/models are not discovered in fresh repo tutorial flow
s1mo ago
#176
ticket 1138 not clear - can we still use github?
1mo ago
#175
Drag Windows into the Swamp
s1mo ago
#174
Add `swamp extension test` command to run built-in extension tests with coverage
27d ago
#173
swamp repo init --tool kiro does not create .kiro/settings/cli.json
s1mo ago
#172
Support multi-agent repo initialization (multiple --tool targets)
s1mo ago
#171
CLI dumps 300-line Cliffy Command object on unknown flags / subcommands
s1mo ago
#170
Docs: repository-configuration.md missing defaultDriver / defaultDriverConfig
ks1mo ago
#169
Server-side parse query params on /lab/all so refresh preserves multi-filter URLs
k23d ago
#168
fast-path sidecar TOCTOU: post-op HEAD can record generation from a concurrent writer's push, masking their data on next sync
s1mo ago
#167
Scorer should honour files/deno.json imports so bare specifiers resolve
s1mo ago
#166
@swamp/gcs-datastore: same minutes-slow zero-diff sync cliff as lab/164; mirror fingerprint fast path
s1mo ago
#165
cleanup for repoDriver
k1mo ago
#164
swamp datastore sync is minutes-slow at 4k-file scale even with zero-diff; outer 300s timeout fires
s1mo ago
#163
swamp-extension-publish skill: add quality rubric check before push
s1mo ago
#162
New @swamp extension: extension quality rubric checker for CI
s1mo ago
#161
swamp-extension-quality and swamp-extension-publish skills don't guide zod import map resolution for scorer
s1mo ago
#160
swamp repo upgrade deletes extension model source files
s1mo ago
#159
Add repo-level `defaultDriver` to `.swamp.yaml`
k1mo ago
#158
User report extensions registered lazily are silently skipped during method execution
s1mo ago
#157
swamp extension install: datastore push hangs ~8.5m then crashes with Deno TLS panic (tls_wrap.rs:1918 unwrap on None)
s1mo ago
#156
Add a preflight diagnostic for AI-tool audit integrations (so upstream CLI changes stop breaking us silently)
s1mo ago
#155
audit record --from-hook silently drops input from kiro-cli postToolUse hooks
1mo ago
#154
codegen pipelines don't detect _lib/*.ts changes so manifest CalVer never bumps
1mo ago
#153
Link to namespace extensions listing from profile pages
s1mo ago
#152
Trailing slash on /extensions/@<namespace>/ returns 404
s1mo ago
#151
No way to browse all extensions belonging to a collective by URL
s1mo ago
#150
DatastoreProvider.resolveCachePath declared optional but silently required at runtime
s1mo ago
#147
Accept-invite link returns HTML instead of JSON, breaking collective join
s1mo ago
#146
additionalFiles flatten to basenames on push and lack a runtime access API, creating a source-vs-pulled layout mismatch
s1mo ago
#145
Extension search returns inflated results for quoted phrase queries
s1mo ago
#144
Docs: document jsr:/https: imports and non-local pinning convention in user-facing manual
s1mo ago
#143
First-class jsr: specifier support in extension bundler
s1mo ago
#142
Cross-extension code sharing via manifest exports field
1mo ago
#141
Extension models: document/resolve implicit-any in execute parameters when imported by test files
s1mo ago
#140
extension yank: allow unyank and version-specific yanks
s1mo ago
#139
extension source add does not discover brand new types — only overrides already-pulled types
s1mo ago
#138
Add light mode to swamp.club and swamp open UI
26d ago
#137
Add 'swamp open' command to open the swamp.club web UI
1mo ago
#136
Add light mode to swamp.club website
1mo ago
#135
Datastore sync surfaces opaque errors from extensions verbatim — no status code or body preview
s1mo ago
#134
@swamp/s3-datastore: first-attempt 403 masked as "UnknownError" from AWS SDK deserializer
1mo ago
#133
Extension auto-resolve reports "already_installed" for truncated pulled-extension trees
1mo ago
#131
Email delivery for mention notifications
27d ago
#130
Auto-update WARN is silent in --json mode (logger suppresses non-fatal)
s1mo ago
#129
open.ts web UI uses force:true pullExtension, same data-loss family as #126
s1mo ago
#128
Port bundle_freshness (content-fingerprint cache invalidation) to reports / drivers / datastores / vaults loaders
s1mo ago
#127
Mentions and notifications system for issues
s1mo ago
#126
Datastore auto-update in resolve_datastore.ts uses force:true, risking silent overwrite of local edits
s1mo ago
#125
Per-repo user-extension bundle cache doesn't invalidate on source changes
s1mo ago
#124
Adding methods to in-body `methods:{}` on `export const model` doesn't re-register
s1mo ago
#123
User extensions silently dropped when base type not yet registered at scan time
s1mo ago
#122
Footer floats when page content is shorter than viewport
s1mo ago
#121
workflow validate can silently overwrite local edits to pulled extensions via force-pull in auto-resolver
s1mo ago
#120
Extension pull should namespace files by extension to prevent filename collisions
s1mo ago
#119
Update CLAUDE.md co-author instructions to use swamp-club issue author lookup
s14d ago
#118
Add swamp issue get CLI command to fetch issue details
s27d ago
#117
swamp-club API: include issue author in GET /api/v1/lab/issues/{number} response
s1mo ago
#116
Install command curl-pipe-sh overflows the component on swamp.club homepage
s1mo ago
#115
'Assigned to me' overlaps 'Privacy policy' on short viewports
s1mo ago
#114
Collapsible left rail and repositionable right rail in Lab
k1mo ago
#113
Usernames aren't linked to their profile pages
k1mo ago
#112
Filter lab issues by author (opened by user)
k1mo ago
#111
Add skills extension type for bundling agent/human guidance documents
s1mo ago
#110
Remove traffic lights in column 2 of /lab
ks1mo ago
#109
Multi-select combo filtering on /lab
k1mo ago
#108
data gc skips version-count GC when no lifetime-expired data exists
k1mo ago
#107
Content filter should identify the flagged word or phrase
k1mo ago
#106
Bog flow: text rendering and layout issues
k1mo ago
#101
Flow modal: text rendering issues
k1mo ago
#99
Normalize text sizing across issue list and detail views
k1mo ago
#98
Description 'Show more' button appears even when text fits
k1mo ago
#97
Inline editing: click-to-edit fields instead of pencil icons
ks1mo ago
#96
Persist lab filter selection in localStorage
k1mo ago
#95
Update how-to guide with swamp-extension-publish skill
s1mo ago
#94
Fix incorrect favicon in Google search results
1mo ago
#93
Missing section on user profile page for wendy
s1mo ago
#92
Extension skills missing repository initialization and publishing prerequisites
s1mo ago
#91
Vault CEL expressions replaced with VaultSecretBag sentinels after model type upgrade
k1mo ago
#90
Audit: modelRegistry.get() without ensureTypeLoaded() in YAML repository save() paths
s1mo ago
#89
Cross-model expression validator fails on lazy-loaded types — modelRegistry.get() bypasses ensureTypeLoaded
1mo ago
#88
forEach.in with data.latest() throws misleading 'got: object' error for unresolved Promise
s1mo ago
#86
issue-lifecycle models should support --assignee for swamp.club issues
s1mo ago
#85
Driver capability registry: declare richer execution capabilities at driver design time
s27d ago
#84
Consolidate MethodReportContext construction — manual and workflow report paths build contexts divergently
s1mo ago
#83
Workflow-level workspace for docker driver: stateful multi-step workflows
s27d ago
#82
"OG Swamper" badge inconsistent
k1mo ago
#81
Workflow-scope user extension reports don't execute: getAll() excludes lazy-loaded reports
s1mo ago
#80
Improve skill trigger routing accuracy across models
s1mo ago
#66
Add GitHub Copilot IDE support
s1mo ago
#65
Phase 1: /feed — judge-gated content stream
k1mo ago
#64
Add reactions and Giphy integration to comments
1mo ago
#63
Architecture violation: search route imports directly from lib/infrastructure
s1mo ago
#62
Introduce domain events to formalize the telemetry-to-consumer pipeline
1mo ago
#61
Refactor: move telemetry track() calls from route handlers to application services
s1mo ago
#59
Reindex path feeds error events to consumer, bypassing filtering
s1mo ago
#58
Custom swamp-themed avatar generator with daily rerolls
27d ago
#57
Profile content links with scoring for community contributions
1mo ago
#56
Score extension pull events for extension authors
s1mo ago
#55
Score daily sign-in events with streak multiplier
s1mo ago
#54
Score sign_up events in the telemetry pipeline
1mo ago
#53
Score extension publish events in the telemetry pipeline
s1mo ago
#52
Add 'award' telemetry event type for arbitrary score grants
27d ago
#51
Bug: authenticated pulls always shows 0 on profile page
1mo ago
#50
Decouple identity_map from main app: username renames via event, not shared DB
1mo ago
#49
Optimise MongoDB Search Queries
1mo ago
#48
Transactional emails on login with google/similar
1mo ago
#47
Add rate limiting to send-verification-email endpoint
1mo ago
#46
Add authentication or rate limiting to check-verified endpoint
1mo ago
#45
swamp data query for morning-message in hello-world tutorial returns nothing.
a1mo ago
#44
Document vault migrate command in reference docs
s1mo ago
#43
Locks on long running actions
1mo ago
#42
issue-lifecycle skill: improve resumption and close-out guidance
s1mo ago
#41
deprovision: firewall deletion fails with resource_in_use immediately after server delete
s1mo ago
#40
swamp workflow validate should check step inputs against method's required arguments
s1mo ago
#39
data.latest() returns null when new data written while _catalog.db is already marked populated
a1mo ago
#38
Bundle cache fallback silently skipped when source and bundle have equal mtimes
s1mo ago
#37
Add vault migrate command to move secrets between vaults
s1mo ago
#35
Consolidate method execution paths — workflow steps and manual runs build MethodContext divergently
k1mo ago
#33
CatalogStore constructor runs createSchema before migrateIfNeeded; v1→v2 upgrade fails on existing repos
a1mo ago
#32
discord-bot poller double-processes events with >1 replica
1mo ago
#31
datastore sync: clean up zombie _catalog.db* entries from remote index and S3 bucket
1mo ago
#30
datastore sync --push runs pushChanged() twice per invocation (coordinator dedup)
1mo ago
#29
datastore sync --push fails on _catalog.db-wal: catalog SQLite DB lives inside the S3 sync cache
1mo ago
#28
.swamp/datastore-bundles/ leaks into deno lint and deno fmt scans
1mo ago
#27
deno run audit task missing --allow-env flag
1mo ago
#26
Error when submitting a new issue manually
1mo ago
#25
Green text on issue details is a lot
1mo ago
#24
evals/promptfoo: bump hono and @hono/node-server to clear 6 dependabot alerts
1mo ago
#21
issue-lifecycle: COMMENTED PR review can overwrite a prior decisive state in fetchPrReviews
1mo ago
#20
Add agent-constraints/ for issue-lifecycle skill
1mo ago
#19
@swamp/aws/ec2: auto-generated models lack list, tag, and factory-compatible update methods
1mo ago
#18
@swamp/digitalocean/space-key stores secret in plaintext - should mark as sensitive
1mo ago
#17
Add Azure provider pipeline to codegen
1mo ago
#16
feat: Namespace.so execution driver for remote workload execution
1mo ago
#15
Add macOS Keychain vault type
1mo ago
#14
Add uniform bucket-level IAM support to @swamp/gcp/storage
s11d ago
#13
Expand DataRecord with first-class provenance fields; remove all hidden scoping from data access
a1mo ago
#12
feat: Private extensions
5d ago
#11
Workflow execution repeats #1091: cross-model CEL expression validation fails for unresolved types
s1mo ago
#10
context.readModelData returns different results depending on invocation context (manual vs workflow)
s1mo ago
#9
Handle sensitive fields gracefully when no vault is configured
s1mo ago
#8
Vault reads for model global arguments are cached at workflow start, making in-workflow token refresh ineffective
1mo ago
#7
feat: approval gates for workflow steps and jobs
1mo ago
#6
Install script: curl fails TLS verification for swamp.club (certificate chain)
1mo ago
#5
Extension Patches: contribution workflow for community extensions
27d ago
#4
Feature: swamp issue for extensions — bug reports, security disclosures, and author notifications
s1mo ago
#3
Support 'swamp <app> run' as containerized entrypoint for easy onboarding
8d ago
#2
Persistent runner / server mode to eliminate per-invocation CLI startup overhead
1mo ago
#1
feat: add support for Nix via a flake
1mo ago
← Back to list6/1/2026, 12:28:45 AM
01Issue
BugTriagedSwamp CLI
Assigneesstack72
Relationships
#505 extension quality fails to resolve bare specifiers — contradicts fmt no-import-prefix rule
Opened by webframp · 5/31/2026
Description
swamp extension quality fails when an extension uses bare specifiers (e.g., import { z } from "zod") because the quality scorer extracts the extension tarball to a temp directory without a deno.json import map. The deno doc --json call in the temp dir cannot resolve the bare specifier.
This contradicts swamp extension fmt, which enforces the no-import-prefix lint rule requiring bare specifiers (rejecting "npm:zod@4"). It also contradicts swamp extension push --dry-run, which succeeds because the bundler resolves against the repo's deno.json.
Steps to Reproduce
- Create an extension with
import { z } from "zod"inmod.ts - Add a
deno.jsonat the repo root with{ "imports": { "zod": "npm:zod@4" } } - Run
swamp extension fmt manifest.yaml --check— passes - Run
swamp extension push manifest.yaml --dry-run— passes - Run
swamp extension quality manifest.yaml— fails with:
Warning Import "zod" not a dependency
hint: If you want to use the npm package, try running `deno add npm:zod`
error: Failed resolving 'zod' from '.../swamp_quality_.../extract/extension/models/mod.ts'Expected Behavior
quality should resolve bare specifiers the same way push does — either by generating a deno.json in the temp extraction directory from the manifest's dependency metadata, or by running deno doc against the bundled output instead of raw source.
Environment
- swamp version: 20260531.214843.0-sha.ec32aaab
- OS: macOS (Darwin 24.6.0)
- deno: $(deno --version | head -1)
Notes
The dependencies manifest field now validates that entries must include a slash (e.g., @collective/name), so it cannot be used as a workaround to declare npm deps for quality resolution purposes.
02Bog Flow
Triaged
Click a lifecycle step above to view its details.
03Sludge Pulse
Editable. Press Enter to edit.
webframp commented 6/1/2026, 12:17:38 AM
Follow-up: this also blocks push, not just quality.
The contradiction is tighter than originally reported:
pushenforcesno-import-prefix→ rejectsimport { z } from "npm:zod@4"- The scorer (and
quality) runsdeno docwithout an import map → rejectsimport { z } from "zod"
So there is currently no valid import specifier for zod that satisfies both the push linter and the scorer. The v2 publish at 2026.05.31.2 went through because the push linter was not yet enforcing no-import-prefix in that version, but the scorer still fails on it.
Workaround: publish with bare "zod" (passes push), accept the scorer failure, and wait for the fix.
webframp commented 6/1/2026, 12:19:57 AM
Confirmed this also affects the swamp.club post-publish scorer (the "Stats" panel on the extension page). After successfully pushing @twonines/coder-* extensions with bare "zod", the scorer shows:
deno doc failed (code 1): Warning Import "zod" not a dependency
So the contradiction is: push requires bare specifiers (no-import-prefix lint), but the post-publish scorer runs deno doc without an import map. No valid specifier satisfies both — extensions that push successfully still get a scorer failure on swamp.club.
Affected: all 5 @twonines/coder-* extensions at v2026.05.31.3.
keeb commented 6/1/2026, 12:35:07 AM
Triage: confirmed bug — root cause + decision needed
Classified as a bug (high confidence, not a regression). Handing the fix decision to @stack72.
Root cause
scoreExtensionTarball (src/domain/extensions/extension_rubric_scorer.ts:580-654) deliberately strips the extension's deno.json (STRIPPED_CONFIG_FILES, lines 545-552) and writes a hermetic CONTROLLED_DENO_JSON containing only { "nodeModulesDir": "auto" } with no imports map (lines 539-543). It then runs deno doc --json/--lint against the raw .ts source in that temp dir with no --config and no import map, so bare specifiers like zod can't resolve.
By contrast push's bundleExtension (src/domain/models/bundle.ts:340-344) passes --config <repo deno.json>, so the repo import map resolves the same bare specifiers — which is why push --dry-run and fmt (which requires bare specifiers via no-import-prefix) both pass while quality fails. They're genuinely contradictory today.
Not a regression: CONTROLLED_DENO_JSON has lacked an imports map since the quality command landed in #1218.
The catch: server-parity invariant
quality.ts:90-96 guarantees the local score matches what the swamp-club registry computes server-side, and the scorer explicitly mirrors swamp-club's DenoDocExtensionTarballAnalyzer. Since that analyzer applies the same strip-and-control-config hermeticity, the server fails on bare specifiers too — so a purely-local fix would make quality pass locally while the registry still fails, breaking parity. Whatever we pick likely needs a coordinated swamp-club change.
Three candidate approaches
- Local import map + swamp-club follow-up. Thread the already-discovered
denoConfigPath(extension_quality.ts:123-126) intoscoreExtensionTarballand merge the repodeno.jsonimportsinto the controlled config. Smallest change, fixes the command immediately; parity restored only once swamp-club mirrors it (file a follow-up there). - Embed a swamp-generated import map in the tarball. At push/prepare time capture the resolved external specifiers the extension actually imports and write a swamp-controlled map into the tarball; both the local mirror and swamp-club read it. Parity-preserving without needing the repo
deno.json; medium change here + swamp-club consumer change. - Manifest-declared npm/jsr deps. First-class npm/jsr dependency declaration in the manifest schema; both sides build the import map from the (trusted, validated) manifest. Most architecturally correct (and the reporter's first suggestion), largest blast radius: schema + validation + docs + swamp-club.
Note: the existing dependencies manifest field can't be used as a workaround — it validates that entries must contain a slash (@collective/name), so it can't express zod -> npm:zod@4.
The fork is mostly a parity-vs-blast-radius tradeoff, plus the swamp-club coordination call. Over to you, @stack72.
Sign in to post a ripple.