@desplega.ai/agent-swarm 1.94.0 → 1.96.0

package/README.md

@@ -127,7 +127,7 @@ Check [our templates](https://templates.agent-swarm.dev) for a quick start.
 - **Workflow engine with Human-in-the-Loop** — DAG-based automation with approval gates, retries, and structured I/O. [Workflows →](https://docs.agent-swarm.dev/docs/concepts/workflows)
 - **Scheduled & recurring tasks** — cron-based automation for standing work. [Scheduling →](https://docs.agent-swarm.dev/docs/concepts/scheduling)
 - **Durable script workflows** — launch background script runs, inspect their journals, and track them from the dashboard when a one-shot `script-run` is too small. [Guide →](https://docs.agent-swarm.dev/docs/guides/script-workflow-runs)
-- **Harness & LLM agnostic** — run with Claude Code, Claude Bridge, OpenAI Codex, pi-mono, Devin, Claude Managed Agents, raw LLMs, or opencode. Tasks, schedules, and workflow agent-task nodes can use portable `modelTier` intent (`smol`, `regular`, `smart`, `ultra`) and resolve it per worker/provider at run time. [Harness config →](https://docs.agent-swarm.dev/docs/guides/harness-configuration) · [Add a new provider →](https://docs.agent-swarm.dev/docs/guides/harness-providers)
+- **Harness & LLM agnostic** — run with Claude Code, Claude Bridge, OpenAI Codex, pi-mono (Anthropic, OpenRouter, or Amazon Bedrock), Devin, Claude Managed Agents, raw LLMs, or opencode. Tasks, schedules, and workflow agent-task nodes can use portable `modelTier` intent (`smol`, `regular`, `smart`, `ultra`) and resolve it per worker/provider at run time. [Harness config →](https://docs.agent-swarm.dev/docs/guides/harness-configuration) · [Add a new provider →](https://docs.agent-swarm.dev/docs/guides/harness-providers)
 - **Follow-up continuity across all harnesses** — child tasks inherit a bounded prior-task context preamble built from the task chain, so continuity survives restarts and works the same across every provider. [Task lifecycle →](https://docs.agent-swarm.dev/docs/concepts/task-lifecycle)
 - **Skills & MCP servers** — reusable procedural knowledge, bundled skill reference files, and per-agent MCP servers with scope cascade. [MCP tools →](https://docs.agent-swarm.dev/docs/reference/mcp-tools)
 - **External tool-router access** — the `x` command and `swarm_x` MCP tool let humans and agents execute approved third-party routes such as Composio without baking bespoke MCP servers first. [CLI →](https://docs.agent-swarm.dev/docs/reference/cli) · [Composio →](https://docs.agent-swarm.dev/docs/integrations/composio)
@@ -140,7 +140,7 @@ Check [our templates](https://templates.agent-swarm.dev) for a quick start.
 
 Need help? Contact us at [contact@desplega.sh](mailto:contact@desplega.sh).
 
-**Prerequisites:** [Docker](https://docker.com) and a [Claude Code](https://docs.anthropic.com/en/docs/claude-code) OAuth token (`claude setup-token`).
+**Prerequisites:** [Docker](https://docker.com) and at least one supported harness credential. The default quick start assumes a [Claude Code](https://docs.anthropic.com/en/docs/claude-code) OAuth token (`claude setup-token`), but pi-mono / Bedrock, Codex, Devin, and other provider setups are also supported.
 
 The fastest way is the onboarding wizard — it collects credentials, picks presets, and generates a working `docker-compose.yml`:
 
@@ -154,7 +154,7 @@ Prefer manual setup? Clone and run with Docker Compose:
 git clone https://github.com/desplega-ai/agent-swarm.git
 cd agent-swarm
 cp .env.docker.example .env
-# edit .env — set API_KEY and CLAUDE_CODE_OAUTH_TOKEN
+# edit .env — set API_KEY plus the credential for your chosen harness (for example CLAUDE_CODE_OAUTH_TOKEN)
 docker compose -f docker-compose.example.yml --env-file .env up -d
 ```
 

package/openapi.json

@@ -2,7 +2,7 @@
   "openapi": "3.1.0",
   "info": {
     "title": "Agent Swarm API",
-    "version": "1.94.0",
+    "version": "1.96.0",
     "description": "Multi-agent orchestration API for Claude Code, Codex, and Gemini CLI. Enables task distribution, agent communication, and service discovery.\n\nMCP tools are documented separately in [MCP.md](./MCP.md)."
   },
   "servers": [
@@ -981,6 +981,51 @@
                           "post_task"
                         ],
                         "default": "boot"
+                      },
+                      "bedrock": {
+                        "type": [
+                          "object",
+                          "null"
+                        ],
+                        "properties": {
+                          "region": {
+                            "type": "string"
+                          },
+                          "probedAt": {
+                            "type": "number"
+                          },
+                          "ready": {
+                            "type": "boolean"
+                          },
+                          "models": {
+                            "type": "array",
+                            "items": {
+                              "type": "object",
+                              "properties": {
+                                "id": {
+                                  "type": "string"
+                                },
+                                "name": {
+                                  "type": "string"
+                                }
+                              },
+                              "required": [
+                                "id",
+                                "name"
+                              ]
+                            },
+                            "default": []
+                          },
+                          "error": {
+                            "type": "string"
+                          }
+                        },
+                        "default": null,
+                        "required": [
+                          "region",
+                          "probedAt",
+                          "ready"
+                        ]
                       }
                     },
                     "required": [

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@desplega.ai/agent-swarm",
-  "version": "1.94.0",
+  "version": "1.96.0",
   "description": "Multi-agent orchestration for Claude Code, Codex, Gemini CLI, and other AI coding assistants",
   "license": "MIT",
   "author": "desplega.sh <contact@desplega.sh>",
@@ -108,13 +108,14 @@
     "@ai-sdk/openai": "^3.0.41",
     "@anthropic-ai/sdk": "^0.93.0",
     "@asteasolutions/zod-to-openapi": "^8.0.0",
+    "@aws-sdk/client-bedrock": "3.1048.0",
     "@desplega.ai/business-use": "^0.4.2",
     "@desplega.ai/localtunnel": "^2.2.0",
-    "@inkjs/ui": "^2.0.0",
-    "@linear/sdk": "^77.0.0",
     "@earendil-works/pi-agent-core": "^0.79.1",
     "@earendil-works/pi-ai": "^0.79.1",
     "@earendil-works/pi-coding-agent": "^0.79.1",
+    "@inkjs/ui": "^2.0.0",
+    "@linear/sdk": "^77.0.0",
     "@modelcontextprotocol/sdk": "^1.25.1",
     "@openai/codex-sdk": "^0.139.0",
     "@opencode-ai/sdk": "^1.16.2",

package/src/be/boot-scrub-logs.ts

@@ -0,0 +1,76 @@
+/**
+ * One-time boot-scrub: retroactively sanitize session_logs rows that contain
+ * sensitive patterns (structural regex matches) which pre-date the defense-in-
+ * depth scrub added to createSessionLogs / task persistence paths.
+ *
+ * Idempotent: already-scrubbed rows are no-ops (scrubSecrets is idempotent).
+ * Uses seed_state to avoid re-scanning on subsequent boots.
+ */
+
+import { scrubSecrets } from "../utils/secret-scrubber";
+import { getDb } from "./db";
+
+const SCRUB_KEY = "boot-scrub-logs-v2";
+const BATCH_SIZE = 500;
+
+export async function runBootScrubLogs(): Promise<void> {
+  const db = getDb();
+
+  const done = db
+    .prepare<{ key: string }, [string, string]>(
+      "SELECT key FROM seed_state WHERE kind = ? AND key = ?",
+    )
+    .get("maintenance", SCRUB_KEY);
+
+  if (done) return;
+
+  // ESCAPE '!' makes ! the escape character so !_ matches a literal underscore
+  // instead of the LIKE single-char wildcard. Without this, '%npm_%' matches
+  // any row containing "npm" + any char (e.g. "npm install"), drowning real
+  // token rows when a LIMIT is applied.
+  const rows = db
+    .prepare<{ id: string; content: string }, []>(
+      `SELECT id, content FROM session_logs
+       WHERE content LIKE '%lin!_oauth!_%' ESCAPE '!'
+          OR content LIKE '%lin!_api!_%' ESCAPE '!'
+          OR content LIKE '%npm!_%' ESCAPE '!'
+          OR content LIKE '%ATATT%'`,
+    )
+    .all();
+
+  if (rows.length === 0) {
+    markDone(db);
+    return;
+  }
+
+  console.log(`[boot-scrub-logs] starting: ${rows.length} candidate rows`);
+
+  const update = db.prepare("UPDATE session_logs SET content = ? WHERE id = ?");
+  let scrubbed = 0;
+
+  for (let i = 0; i < rows.length; i += BATCH_SIZE) {
+    const batch = rows.slice(i, i + BATCH_SIZE);
+    const tx = db.transaction(() => {
+      for (const row of batch) {
+        const cleaned = scrubSecrets(row.content);
+        if (cleaned !== row.content) {
+          update.run(cleaned, row.id);
+          scrubbed++;
+        }
+      }
+    });
+    tx();
+  }
+
+  markDone(db);
+  console.log(`[boot-scrub-logs] complete: scanned=${rows.length} scrubbed=${scrubbed}`);
+}
+
+function markDone(db: ReturnType<typeof getDb>) {
+  db.run(
+    `INSERT INTO seed_state (kind, key, seededHash, seededAt)
+     VALUES ('maintenance', ?, 'done', datetime('now'))
+     ON CONFLICT (kind, key) DO UPDATE SET seededHash = 'done', seededAt = datetime('now')`,
+    [SCRUB_KEY],
+  );
+}

package/src/be/db.ts

@@ -2100,7 +2100,7 @@ export function completeTask(id: string, output?: string): AgentTask | null {
   if (!row) return null;
 
   if (output) {
-    row = taskQueries.setOutput().get(output, id);
+    row = taskQueries.setOutput().get(scrubSecrets(output), id);
   }
 
   if (row && oldTask) {
@@ -2141,7 +2141,8 @@ export function failTask(id: string, reason: string): AgentTask | null {
   }
 
   const finishedAt = new Date().toISOString();
-  const row = taskQueries.setFailure().get(reason, finishedAt, id);
+  const scrubbedReason = scrubSecrets(reason);
+  const row = taskQueries.setFailure().get(scrubbedReason, finishedAt, id);
   if (row && oldTask) {
     try {
       createLogEntry({
@@ -2150,7 +2151,7 @@ export function failTask(id: string, reason: string): AgentTask | null {
         agentId: row.agentId ?? undefined,
         oldValue: oldTask.status,
         newValue: "failed",
-        metadata: { reason },
+        metadata: { reason: scrubbedReason },
       });
     } catch {}
     try {
@@ -2496,21 +2497,22 @@ export function deleteTask(id: string): boolean {
 }
 
 export function updateTaskProgress(id: string, progress: string): AgentTask | null {
-  const row = taskQueries.setProgress().get(progress, id);
+  const scrubbedProgress = scrubSecrets(progress);
+  const row = taskQueries.setProgress().get(scrubbedProgress, id);
   if (row) {
     try {
       createLogEntry({
         eventType: "task_progress",
         taskId: id,
         agentId: row.agentId ?? undefined,
-        newValue: progress,
+        newValue: scrubbedProgress,
       });
     } catch {}
     try {
       import("../workflows/event-bus").then(({ workflowEventBus }) => {
         workflowEventBus.emit("task.progress", {
           taskId: id,
-          progress,
+          progress: scrubbedProgress,
           agentId: row.agentId,
         });
       });
@@ -2791,6 +2793,7 @@ export function createLogEntry(entry: {
   metadata?: Record<string, unknown>;
 }): AgentLog {
   const id = crypto.randomUUID();
+  const metaJson = entry.metadata ? JSON.stringify(entry.metadata) : null;
   const row = logQueries
     .insert()
     .get(
@@ -2799,8 +2802,8 @@ export function createLogEntry(entry: {
       entry.agentId ?? null,
       entry.taskId ?? null,
       entry.oldValue ?? null,
-      entry.newValue ?? null,
-      entry.metadata ? JSON.stringify(entry.metadata) : null,
+      entry.newValue ? scrubSecrets(entry.newValue) : null,
+      metaJson ? scrubSecrets(metaJson) : null,
     );
   if (!row) throw new Error("Failed to create log entry");
   return rowToAgentLog(row);
@@ -9437,6 +9440,7 @@ type McpServerRow = {
   headers: string | null;
   envConfigKeys: string | null;
   headerConfigKeys: string | null;
+  extraAuthorizeParams: string | null;
   authMethod: string | null;
   isEnabled: number;
   version: number;
@@ -9468,6 +9472,7 @@ function rowToMcpServer(row: McpServerRow): McpServer {
     headers: row.headers,
     envConfigKeys: row.envConfigKeys,
     headerConfigKeys: row.headerConfigKeys,
+    extraAuthorizeParams: row.extraAuthorizeParams,
     authMethod: (row.authMethod as McpServer["authMethod"]) ?? "static",
     isEnabled: row.isEnabled === 1,
     version: row.version,
@@ -9506,6 +9511,7 @@ export interface McpServerInsert {
   headers?: string;
   envConfigKeys?: string;
   headerConfigKeys?: string;
+  extraAuthorizeParams?: string;
 }
 
 export function createMcpServer(data: McpServerInsert): McpServer {
@@ -9517,9 +9523,9 @@ export function createMcpServer(data: McpServerInsert): McpServer {
       `INSERT INTO mcp_servers (
         id, name, description, scope, ownerAgentId, transport,
         command, args, url, headers,
-        envConfigKeys, headerConfigKeys,
+        envConfigKeys, headerConfigKeys, extraAuthorizeParams,
         isEnabled, version, createdAt, lastUpdatedAt
-      ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, 1, 1, ?, ?) RETURNING *`,
+      ) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, 1, 1, ?, ?) RETURNING *`,
     )
     .get(
       id,
@@ -9534,6 +9540,7 @@ export function createMcpServer(data: McpServerInsert): McpServer {
       data.headers ?? null,
       data.envConfigKeys ?? null,
       data.headerConfigKeys ?? null,
+      data.extraAuthorizeParams ?? null,
       now,
       now,
     );
@@ -9596,6 +9603,10 @@ export function updateMcpServer(
     sets.push("headerConfigKeys = ?");
     params.push(updates.headerConfigKeys ?? null);
   }
+  if (updates.extraAuthorizeParams !== undefined) {
+    sets.push("extraAuthorizeParams = ?");
+    params.push(updates.extraAuthorizeParams ?? null);
+  }
   if (updates.isEnabled !== undefined) {
     sets.push("isEnabled = ?");
     params.push(updates.isEnabled ? 1 : 0);
@@ -9617,6 +9628,7 @@ export function updateMcpServer(
     "headers",
     "envConfigKeys",
     "headerConfigKeys",
+    "extraAuthorizeParams",
     "transport",
   ];
   if (configFields.some((f) => (updates as Record<string, unknown>)[f] !== undefined)) {

package/src/be/migrations/094_mcp_extra_authorize_params.sql

@@ -0,0 +1,4 @@
+-- Extra OAuth authorize-request params, applied at authorize time only.
+-- JSON object string of flat string->string pairs, e.g. {"access_type":"offline","prompt":"consent"}.
+-- NULL (default) => authorize URL is unchanged from today. Provider-agnostic.
+ALTER TABLE mcp_servers ADD COLUMN extraAuthorizeParams TEXT;