v0.5.0 — OpenRouter adapter, repo knowledge loop, L0–L6 benchmarks

Highlights

• OpenRouter adapter — runs OpenSwarm's native agentic tool loop against any OpenRouter model, with OAuth PKCE (or OPENROUTER_API), ZDR (data_collection: deny) for non-OpenAI models, automatic Anthropic prompt caching, and reasoning-off for mechanical roles. (#63)
• LM Studio adapter — dedicated OpenAI-compatible endpoint with auto model selection. (#60)
• Repo knowledge loop — workers learn each repository across tasks: outcomes are stored as per-repo memories and recalled into future worker prompts. (#63)
• L0–L6 benchmark suite — synthetic L0–L5 with deterministic grading + L6 = real SWE-bench Lite instances graded by the official harness. Hybrid mode (frontier read-only diagnosis + lightweight implementer) resolved 3/3 attempted instances. See benchmarks/RUBRIC.md. (#63)

Harness hardening (from SWE-bench findings)

Working-directory injection, bash exit-code surfacing, raised compaction thresholds (fixes an infinite re-read loop), final-answer turn, no-edit guard, verification-file protection (protectedFiles), configurable bash timeout (bashTimeoutMs).

Other changes

• Worker success judged primarily by git diff (no structured JSON block required).
• Benchmark-driven default model routing: lightweight worker + frontier escalation; frontier planner/reviewer.
• Standalone mode: runs without Discord/Linear credentials.
• All repository docs are now English. (#65)

Full changelog: CHANGELOG.md

v0.4.4

Security re-publish

This is a re-publish of the 0.4.3 release. The npm tarball for 0.4.3 was uploaded before the protobufjs override merged into main, so end users installing 0.4.3 from npm still resolved the vulnerable protobufjs@6.11.4 and remained exposed to CVE-2026-41242 (critical RCE, CVSS 9.8). npm forbids re-publishing the same version, so this patch bump is the only way to ship the override to npm.

What's in 0.4.4 (vs. published 0.4.3)

• ✅ package.json overrides now actually present in the npm tarball — forces protobufjs to ^7.5.5 (resolved to 7.5.6) everywhere in the dependency tree.

Carried over from 0.4.3 (already on npm)

• Fixed ReferenceError: require is not defined crash in expandPath that broke every openswarm exec/run --path <absolute-path> invocation. (#52, reported by @shuklatushar226)
• Fixed the same ESM-incompatible lazy require('node:fs') pattern in src/automation/runnerState.ts.

Upgrade

npm install -g @intrect/openswarm@0.4.4

If you installed 0.4.3 from npm, upgrading to 0.4.4 is recommended to pick up the protobufjs CVE mitigation.

Full Changelog: v0.4.3...v0.4.4

v0.4.3

Fixed

• Fixed ReferenceError: require is not defined crash in expandPath that broke every openswarm exec/run --path <absolute-path> invocation. The package is ESM ("type": "module") but src/core/config.ts lazily called CommonJS require('node:path') to import resolve. Hoisted resolve into the top-level node:path import. (#52, reported by @shuklatushar226)
• Fixed the same ESM-incompatible lazy require('node:fs') pattern in src/automation/runnerState.ts (mkdirSync), which would have crashed on the first daily-pace directory creation.

Security

• Forced protobufjs to ^7.5.5 via package.json overrides to mitigate CVE-2026-41242 / GHSA-xq3m-2v4x-88gg (critical RCE via crafted protobuf descriptors, CVSS 9.8). The vulnerable copy was pulled in transitively through @xenova/transformers → onnxruntime-web → onnx-proto. OpenSwarm itself loads only trusted HuggingFace models, but the override removes the dependency-tree exposure entirely.

Upgrade

npm install -g @intrect/openswarm@0.4.3

Full Changelog: v0.4.2...v0.4.3

v0.4.2 — background daemon, env autoload, Linear pickup fixes

This release bundles every fix that landed during the v0.4.x cycle. v0.4.1 was pulled before tagging because cwd / version drift surfaced regressions fast, so the rollup ships as v0.4.2.

Highlights

1. Background daemon

• openswarm start detaches and returns immediately — no more terminal-pinned daemon.
• New subcommands: openswarm stop (graceful SIGTERM + PID cleanup), openswarm status (pid, uptime, log path).
• PID file at ~/.config/openswarm/openswarm.pid, logs at ~/.config/openswarm/logs/openswarm.log.
• --foreground / -F preserves the previous attached behavior for debugging or LaunchAgent / systemd.
• Stale PID file recovery + duplicate-start guard.

2. .env auto-load

The daemon used to silently disable Linear when launched from a non-interactive shell because LINEAR_TEAM_ID wasn't exported. loadEnvFile now runs before config and searches $OPENSWARM_ENV → dir of $OPENSWARM_CONFIG → cwd → ~/.config/openswarm → ~/.openswarm. Exported shell values still win.

3. cwd-agnostic config + version sync

• Config search: $OPENSWARM_CONFIG → ./config.{yaml,yml,json} → ~/.config/openswarm/config.{...} → ~/.openswarm/config.{...}.
• CLI --version and the startup banner read from package.json instead of a hardcoded 0.1.0.

4. Linear issue pickup actually works

Heartbeat was missing project-tagged issues even with the project enabled. Three independent bugs were silently dropping them:

• Case-sensitive path comparison — macOS / Windows treat AnalogModeling and analogModeling as the same directory; enabledProjects was matching byte-equal. Fixed in isProjectEnabled with platform-aware lowering.
• One team monopolizes the page — a single { team: { in: [...] } } query capped at first: 50 let the busiest team starve the rest. Now adaptive: one wide query first, fall back to per-team fan-out only when the first page saturates. Per-team cap raised 50 → 100.
• Heartbeat used full-mode resolution — 3 GraphQL resolver calls per issue (project + comments + labels) × ~200 issues × 4 HB/hour was tripping Linear's 3500 req/hr ceiling. Heartbeat now uses slim mode (project only).
• In Review was rejected as inactionable for decomposed tasks — getTaskReadiness only reactivated Todo or In Progress. Reviewer feedback on a decomposed task is now picked up.

5. Bundle @intrect/cxt for spawned workers

• Adds @intrect/cxt ^0.1.0 as a runtime dependency.
• Worker / planner CLI spawns get OpenSwarm's bundled node_modules/.bin prepended to PATH via buildWorkerEnv. The user's shell PATH and ~/.claude/* are untouched.
• Worker prompt templates (en/ko) advertise cxt so agents know they can call it for entity lookups, FTS search, and bad-smell scans.

Verification

Live verification ran against the daemon. After the pickup commit, heartbeat reaches Found 183 tasks from Linear (vs. the previous 99) and dispatches Todo / In Review tasks for enabled projects. Backlog-only projects still need manual promotion to Todo — that is the intended workflow.

Full Changelog: v0.4.0...v0.4.2

v0.4.0 — Agentic Tool Loop + Worker Context Enrichment

What's New

Agentic Tool Loop for GPT & Local Adapters

GPT와 Local(Ollama/LMStudio/llama.cpp) 어댑터가 이제 Claude CLI와 동등한 도구 사용 능력을 갖습니다.

• 5종 도구: read_file, write_file, edit_file, search_files, bash
• 에이전틱 루프: 도구 호출 → 실행 → 결과 피드백 → 반복 (최대 15턴)
• 안전장치: 파괴적 명령 차단, 경로 제한, 타임아웃
• Local 모델 자동 감지: gemma, llama3.1+, mistral, qwen 등 tool_use 지원 모델 자동 인식

Worker Prompt Context Enrichment

Worker가 첫 시도에서 더 정확하게 작업하도록 코드 컨텍스트를 자동 주입합니다.

• Knowledge Graph Impact Analysis: 영향받는 모듈, 의존 모듈, 테스트 파일 식별
• Code Registry Brief: 변경 대상 파일의 entity 상태 (deprecated, broken, warnings)
• 반복(iteration) 감소 → API 비용 절감

Architecture Change

Before: Claude = tools ✅ / GPT = text only / Local = text only
After:  Claude = tools ✅ / GPT = tools ✅  / Local = tools ✅

Files Changed

• src/adapters/tools.ts — 공통 도구 정의 + 실행기 (신규)
• src/adapters/agenticLoop.ts — 에이전틱 루프 엔진 (신규)
• src/adapters/gpt.ts — 에이전틱 루프 통합
• src/adapters/local.ts — 에이전틱 루프 통합 + tool_use 자동 감지
• src/locale/types.ts — WorkerContext 타입
• src/locale/prompts/en.ts, ko.ts — Worker 프롬프트 컨텍스트 섹션
• src/agents/worker.ts — 컨텍스트 전달 경로
• src/agents/pairPipeline.ts — collectWorkerContext() 수집 로직

v0.3.0 — Code Registry, BS Detector, Local Model Support

What's New

Code Entity Registry

• openswarm check --scan — Scan entire repo, auto-register functions/classes/types
• 8 languages: TypeScript, Python, Go, Rust, Java, C, C++, C#
• Test mapping: Auto-detect which entities have tests via import analysis
• Complexity scoring: LOC + nesting depth + param count → 0-10 scale
• Risk assessment: complexity × test coverage → low/medium/high
• openswarm check <file> — Instant file brief before editing
• openswarm annotate — Deprecate, tag, warn, note entities from CLI
• GraphQL API at :3847/graphql — Full CRUD + FTS5 search

Built-in BS Detector

• openswarm check --bs — Static analysis for bad code patterns
• CRITICAL: empty catch, except:pass, hardcoded secrets, debugger
• WARNING: as any, console.log, eval, TODO/FIXME, fake URLs
• Pipeline Guard: bsDetector: true in config.yaml (CRITICAL → blocks worker)
• Use with /loop for auto-remediation until CLEAN

Local Model Support (Ollama, LMStudio, llama.cpp)

• Single adapter supporting all OpenAI-compatible local servers
• Auto-detect: Ollama (:11434), LMStudio (:1234), llama.cpp (:8080)
• Tested: Gemma 4 e4b on both Ollama (15.9s) and LMStudio (11.3s)
• Model aliases: gemma4, llama3, mistral, qwen, deepseek, phi

Local Issue Tracker

• SQLite + GraphQL + Kanban web UI at :3847/issues
• Memory bridge: auto-link issues to long-term memory
• Optional Linear sync

GPT Adapter & OAuth

• OpenAI GPT models via OAuth PKCE flow
• openswarm auth login/status/logout

Code Quality

• BS Score: 9.9 → 1.9 (CRITICAL 12 → 0)
• All as any removed from registry module
• N+1 query optimization (batch loading)
• Proper DB row types (no more as any casts)

Stats

• 134 source files scanned
• 1,126 code entities registered
• 76 entities with test mapping
• 8 high-risk entities auto-detected

v0.2.2 — TUI Chat, Multi-Provider Adapters & Runner Hardening

Highlights

TUI Chat Interface

• Rich terminal chat UI inspired by Claude Code (feat(cli): add rich TUI chat interface)
• TUI launches by default when no subcommand given
• Improved streaming, multiline input, keyboard navigation, and thinking spinner

Multi-Provider Adapters

• Codex CLI adapter for worker and reviewer roles
• Dropped o-series model override for Codex adapter
• Pipeline support stages routed through CLI adapters

Autonomous Runner Hardening (v0.2.0)

• Task state rehydration from Linear comments
• Planner hierarchy sync with Linear state
• Stuck/failed issue tracking and escalation logic
• Quota tracker and task prefix logging
• Worktree PR creation fixes

Dashboard & Monitoring

• Optimized initial load performance
• Pipeline view in Tasks tab matching web dashboard
• PR review feedback automation and CI failure monitoring

Core Infrastructure

• TraceCollector with Span model
• RPS rate limiter for external API calls
• Linear API caching layer
• LanceDB memory compaction
• Project updater rewritten as PO agent with multi-signal health scoring

Fixes

• Security vulnerability patches (npm audit fix)
• Planner invalid model ID and error logging improvements
• PR processor custom repo-to-path mapping
• Haiku pre-check false rejection prevention

Chores

• Package renamed to @intrect/openswarm
• Internal tooling configs removed from public repo
• README overhauled with quick start and changelog

Full Changelog: v0.1.0...v0.2.2

v0.1.0 — Initial Public Release

OpenSwarm v0.1.0 — Initial Public Release

The first public release of OpenSwarm, an autonomous AI dev team orchestrator powered by Claude Code CLI.

Highlights

Core Architecture

• 9-layer modular architecture: core, agents, orchestration, automation, memory, discord, linear, github, support
• Autonomous Runner: Cron-driven heartbeat loop that fetches Linear issues, dispatches tasks, and manages agent lifecycle
• Decision Engine: Scope validation, rate limiting, priority-based task selection with configurable workflow mapping

Agent Pipeline

• Worker/Reviewer Pair Pipeline: Multi-iteration code generation with automated review cycles
• Agent Roles: Worker, Reviewer, Tester, Documenter, Auditor — each independently configurable
• Model Escalation: Automatic model upgrade (e.g., Haiku → Sonnet) after N iterations
• Stuck Detection: Detects and breaks out of infinite review loops

Integrations

• Discord Bot: Full command interface (!dev, !auto, !pair, !status, !schedule, etc.)
• Linear SDK: Issue fetching, state management, project mapping, and progress reporting
• GitHub CLI: CI monitoring, PR auto-improvement, merge conflict resolution

Intelligence

• Cognitive Memory: LanceDB vector store with Xenova/multilingual-e5-base embeddings (768D)
• Hybrid Retrieval: 0.55×similarity + 0.20×importance + 0.15×recency + 0.10×frequency
• Background Cognition: Memory decay, consolidation, contradiction detection, distillation
• Knowledge Graph: Static code analysis, dependency mapping, impact analysis

Developer Experience

• Rich TUI Chat: Claude Code inspired terminal interface with tabs, streaming, themed loading
• Web Dashboard: Real-time status on port 3847 with PR Processor monitoring
• CLI Commands: openswarm chat, openswarm run, openswarm init, openswarm start
• i18n: English and Korean locale support

Operations

• PR Auto-Improvement: Auto-fix CI failures, AI-powered merge conflict resolution, retry loop
• Dynamic Scheduling: Cron-based job scheduler with Discord management
• Long-Running Monitors: Track external processes and report completion
• Docker Support: docker compose up -d with state persistence

Tech Stack

Component	Technology
Runtime	Node.js 22+ (ESM)
Language	TypeScript (strict)
Agent Engine	Claude Code CLI (claude -p)
Task Mgmt	Linear SDK
Chat	Discord.js 14
Vector DB	LanceDB + Apache Arrow
Embeddings	Xenova/transformers
Scheduling	Croner
Config	YAML + Zod
Testing	Vitest
Linting	oxlint

Getting Started

git clone https://github.com/Intrect-io/OpenSwarm.git
cd OpenSwarm
npm install
cp config.example.yaml config.yaml
# Edit .env with DISCORD_TOKEN, LINEAR_API_KEY, etc.
npm run dev

License

MIT