Lab: Extension layer garbage collection: prune catalog rows + evict orphaned bundles

Problem

After W3 ships (#252), reconcile transitions Sources to terminal states (Tombstoned, OrphanedBundleOnly) but does not delete artifacts. Two classes of debris accumulate:

Catalog rows in Tombstoned state — extensions removed via extension rm, locals deleted from disk, or pre-rearchitecture legacy state. Take up bundle_types rows; invisible to type resolution; never deleted.
Bundle files in .swamp/<kind>-bundles/ with no catalog reference — left behind when sources are removed, replaced, or rebundled with a new fingerprint. Disk grows over the lifetime of the repo.

Today there is no user-facing way to clean either. The result: the extension layer leaks disk + metadata progressively over the lifetime of a swamp repo.

This issue supersedes swamp-club#251 (which scoped only to catalog-only orphans). The two cleanup classes share the user surface, the mental model, the safety story, and the pre-work decisions — folding them avoids near-duplicate sibling issues.

Scope

Cleanup operations

Prune catalog rows. Delete rows in Tombstoned state (or any terminal state where neither source nor bundle exists on disk). Operates on bundle_types table.
Evict orphaned bundle files. Delete files in .swamp/<kind>-bundles/ whose paths are not referenced by any bundle_path in the catalog.
(Conditional) Stale fingerprint version eviction — depends on pre-work decision #1 (bundle file naming convention). If deno bundle produces content-addressed names, every fingerprint change leaves a stale artifact and these need eviction too. If names overwrite-on-rebundle, this case doesn't exist.

User surface

swamp doctor extensions repair (or similar subcommand). Default mode is dry-run; explicit --apply to execute.

Logging

Every eviction logs what was removed and why. Structured fields for scripting.

Pre-work decisions to pin in the PR description

Bundle file naming convention. Verify whether deno bundle produces overwriting names or content-addressed names. Eviction policy depends:
- Overwrite-on-rebundle → only true orphans (no catalog reference) accumulate.
- Content-addressed → also evict stale fingerprint versions whose fingerprint no longer matches any current source_fingerprint.
Eviction trigger. Three options:
- Explicit user command (swamp doctor extensions repair). Safest.
- Synchronous on reconcile (fires when OrphanedBundleOnly transitions). Atomic but coupled.
- Background sweep (every Nth cold-start). Hands-off but harder to debug. Recommend: explicit user command for v1; revisit synchronous after reconcile is proven stable.
Hard delete vs trash directory. Recommend hard delete — recovery is "next reconcile rebundles from source." Trash adds complexity for marginal recovery benefit.
Default mode is dry-run. User must explicitly pass --apply to delete. Mirrors git clean -n semantics. Safety-first for a destructive operation.

Out of scope

Cache size reporting (swamp doctor extensions showing cache size) — diagnostic, separate concern.
Compression of bundle files.
Auto-eviction triggered by disk space pressure.
Migration of pre-W3 catalog state to new states (W3 already handles this via reconcile).

Success criteria

swamp doctor extensions repair --dry-run lists every cleanup-eligible row + file with reason.
swamp doctor extensions repair --apply performs the cleanup atomically.
Cleanup operations logged with structured fields.
Test coverage for each cleanup class:
- Tombstoned row pruning
- Orphaned bundle file eviction
- Stale fingerprint version eviction (if applicable per pre-work #1)
Idempotent: running --apply twice → second run is a no-op.
All existing tests pass on Linux + macOS (Windows not a merge gate per W-series precedent).

Suggested test additions

Seed catalog with 5 Tombstoned rows + 3 Indexed rows; --apply; assert 5 deleted, 3 remain.
Seed .swamp/model-bundles/ with 10 files (6 referenced by catalog, 4 not); --apply; assert 6 remain, 4 deleted.
Mixed corrupt case: catalog rows whose bundle_path references files that don't exist (separate from orphan). Pin behavior.
Dry-run safety: --dry-run followed by state check; assert nothing changed.
Idempotence: --apply twice; second run produces empty cleanup list.
Cross-platform: cleanup paths use @std/path, never hand-rolled path concatenation.

Auto-ship-on-merge constraint

Standard W-series gates: CI green, author smoke on real repo, reviewer smoke on different repo, diversity-matrix soak. Specific concerns for this issue:

Destructive operation: dry-run-by-default is a hard requirement. The --apply path must be tested explicitly with assertions on what survives.
Disk-state recovery: confirm "delete catalog db + reconcile rebuilds" still works post-eviction. Cleanup should never produce a state that reconcile can't recover from.

When to pick this up

After W4 merges. W4's KindAdapter unification might affect bundle file naming or locations; picking this up after W4 stabilizes the target.

If W6 takes the lead on this surface (doctor extensions aggregate-state rendering), this issue could fold into W6's scope rather than being a standalone workstream. Decision deferred to whoever drafts W6.

References

Supersedes: swamp-club#251 (catalog-only orphan repair — broader scope here)
Predecessors: #211 / #223 / #231 / #252 (W1+W2+W3 introduced and operationalized the Tombstoned and OrphanedBundleOnly states)
May be affected by: W4 (loader unification — bundle naming) and W5 (per-fingerprint URLs — bundle naming)
Design doc: design/extension-rearchitecture.md (open question: bundle cache eviction)

extension unyank needs -y/--yes flag for non-interactive use

Step key parsing in execution_service uses naive split(":") and silently truncates colon-containing step names

Workflow-scope report artifacts unreachable via `swamp data get --workflow`

Add --stdin support to method run and workflow run for Unix pipe composition

Docs: add run namespace to CEL expressions reference

Fix invalidate-then-reconcile sequencing in doctor extensions; failure-mode RowStates unreachable in sourceDetails

doctor extensions invalidateAll does not trigger fingerprint recheck for existing Indexed rows

Extension failure recording has dual write paths (legacy buildIndex vs W3 reconcile)

Expose workflow run ID in CEL so resource keys can be run-scoped

Add `swamp doctor workflows` subcommand to surface workflow YAML parse errors during preflight

Add 'swamp issue comment' command for updating existing issues

Close #327 — fixed in 20260511.160514.0-sha.9d03b09a

Nested workflow task fails with 'Bad resource ID' when workflowIdOrName uses @collective/ prefix

Detect stale skill directories and prompt for repo upgrade

Improve skill trigger routing for cross-model edge cases

Add type search for driver, datastore, and report kinds

Surface ReconcileFromDisk dryRun transitions in swamp doctor extensions

Docs: update doctor extensions reference for W6 aggregate-state rendering + repair flags

swamp issue: check if reporter is on an outdated binary before opening

Implement W6: swamp doctor extensions aggregate-state rendering + repair surface (extension catalog rearchitecture)

extension pull fails referencing removed source after extension source rm

Investigate whether allExtensionMethodsAttached guard can be removed via registration-path consolidation

Trace context is lost: CLI ignores inbound TRACEPARENT and raw driver doesn't propagate active context into in-process methods

swamp model create --global-arg KEY=VALUE doesn't coerce strings to z.number() schemas

swamp model create --global-arg KEY=VALUE doesn't coerce strings to z.number() schemas

swamp issue get should rate-limit unauthenticated users instead of blocking

swamp issue get should not require authentication

telemetry: emit child entries for follow-up action method invocations

Publish release-candidate / unstable extension versions

extension source rm leaves stale @local/. rows in catalog, blocking later pulls of registry types

extension push drops binaries: field from re-emitted archive manifest.yaml

macOS launchd autoupdate (club.swamp.autoupdate) silently fails — binary stays stale

Clicking @hivemq/honeycomb extension card on /extensions shows 'Something went wrong'

Docs: Update model-definitions.md and workflows.md for direct type execution

Docs: document binaries manifest field in extension-manifest.md

Add an official @swamp/ssh extension for general-purpose SSH (brownfield-friendly)

Accept and display binaries field from extension push metadata

Direct type execution: collapse model create + method run into one command

Per-method telemetry events for workflow runs

Workflow run liveness: orphaned 'running' records when originating CLI process dies mid-run

Provide a CLI-shape primer for AI agents to reduce rediscovery overhead

quality rubric: don't penalize extensions whose upstream constrains them to a single platform

Extension update rejects multiple .ts files extending the same target type within one local extension (regression)

swamp extension push deadlocks when invoked from inside a swamp workflow step

Collective-scoped auth keys + OIDC federation for CI publishing

forEach self.* in modelIdOrName not resolved in runtime execution path

Award leaderboard points for referrals and collective invites

Add agent harness detection and AiTool to telemetry

Workflow-level runtime expressions (env.*, vault.*) not resolved in driverConfig — docker driver receives literal ${{ ... }} strings

Implement W5: Per-fingerprint import URLs + subprocess test harness (extension catalog rearchitecture)

swamp config set crashes with YAML serialization error

datastore compact: VACUUM fails in compiled binary (SQLITE_LIMIT_ATTACHED=0)

Repo-level version gating: minSwampVersion high-water mark for team consistency

Docs: document self.* expressions in modelIdOrName during forEach

Docs: How-to guide for background autoupdating

Manifest version bumps silently ignored for existing local extension aggregates

materialiseExtensions misclassifies pulled rows when manifest name collides with a pulled extension

Local extension edits don't reliably trigger rebundle

Missing unique indexes on user.email and user.username allow duplicate users

Resolve self.* expressions in modelIdOrName during forEach expansion

discord-bot double-sends sign_up notifications

Discord bot sends duplicate signup notifications

Add 'swamp workflow list' as alias for 'swamp workflow search'

Add 'swamp auth status' as alias for 'swamp auth whoami'

Extension bundle cache does not invalidate on source edits

extension pull fails on @local/[email protected] phantom-claim collision when local repo has its own extension

Lab search by numeric issue ID returns no results

W3 sourceToRow writes empty source_mtime — should carry filesystem mtime through Source entity

Warm-start rebundleAndUpdateCatalog should respect terminal RowStates set by reconcile

Implement W4: KindAdapter + unified loader (extension catalog rearchitecture)

Docs: add vault read-secret command to reference manual

Extension layer garbage collection: prune catalog rows + evict orphaned bundles

Docs: document workflow concurrency limits in reference manual

Locally-sourced extension: source_mtime updates without regenerating stale bundle

Extension push: allow shipping executable host helpers (bin/mudroom blocker)

Vault expressions silently deliver __SWAMP_VSEC__ sentinels under the docker driver

First-class shell-shim support for extensions, with registry-level visibility

Local extension model bundles don't rebuild when source changes (no rebuild CLI; manual cache delete breaks the runner)

Configurable concurrency limits for workflow fan-out (forEach, parallel jobs/steps)

feat(security): redact sensitive method arg values from audit log

Workflow-level runtime expressions (env., vault.) not resolved in driverConfig — docker driver receives literal ${{ ... }} strings