shardwire

This page lists releases for the shardwire package.

npm: shardwire · Also see @shardwire/react if you use the hooks package.

2.0.1

• SHARDWIRE_DOCS canonical URLs in packages/shardwire/src/utils/docs-links.ts now match the beginner-first docs site (e.g. Troubleshooting, Getting started, reference deep-links for bot/app setup). No change to runtime TypeScript APIs.

2.0.0

• Breaking: engines.node is now >=22.0.0 for shardwire (and this repo’s @shardwire/react, website app, and examples). Aligns with native globalThis.WebSocket for connectBotBridge and Web Crypto for request IDs; upgrade Node before upgrading the package.
• No intentional changes to the public TypeScript API beyond the supported runtime matrix.

1.9.3

Patch release for Vite / browser action calls.

• Request IDs: createRequestId / createConnectionId now use globalThis.crypto.randomUUID or getRandomValues only — no node:crypto import — so shardwire/client bundles no longer pull Node’s crypto module (fixes Vite externalize / resolve warnings and broken app.actions.* in the browser).

1.9.2

Patch release for browser and Vite app bridges.

• connectBotBridge now uses globalThis.WebSocket (WHATWG) instead of importing the ws package, so client bundles no longer hit broken ws browser shims (WebSocket is not a constructor).
• Node.js 22+ is required for app processes (native globalThis.WebSocket). See Troubleshooting — Node.js 22+.
• Declaration emit: replaced NodeJS.Timeout / interval types with ReturnType<typeof setTimeout> / setInterval where needed so shardwire/client .d.ts builds cleanly.

1.9.1

Patch release for browser bundlers (Vite, and similar) that pre-bundle discord.js optional dependencies such as zlib-sync.

• Added shardwire/client — same app bridge + DX + workflows + shared types as the root export, without the bot-side createBotBridge / discord.js graph.
• BOT_INTENT_BITS / BotIntentName: derive intent names and bit values from discord-api-types GatewayIntentBits (aligned with discord.js) so catalog and diagnosis code do not need a discord.js import.

1.9.0

Minor release focused on adoption documentation, diagnostics ergonomics, and an optional React companion package.

• Added formatShardwireDiagnosis(report, options?) and FormatShardwireDiagnosisOptions for readable diagnosis output (CI logs, deploy logs, strict-startup failures).
• Regenerated reference docs for the new formatter symbols.
• Documentation (historical): incremental adoption guides, recipes (moderation, interactions, analytics, music), operations notes, slash registration guidance, and advanced product notes — the current narrative docs are the smaller set under /docs (Getting started, How it works, Tutorial, Guides, Troubleshooting); deep detail lives in Reference.
• TypeScript: set ignoreDeprecations to "6.0" in packages/shardwire/tsconfig.json so declaration emit stays stable on TypeScript 6.x.

1.8.0

Minor release focused on broad Discord surface expansion and release polish.

• Added built-in events: messageReactionRemoveAll, messageReactionRemoveEmoji, guildUpdate, typingStart, and webhooksUpdate.
• Added built-in actions: sendDirectMessage, pinMessage, unpinMessage, bulkDeleteMessages, fetchChannel, fetchThread, fetchGuild, and unbanMember.
• Added subscription filter keys: messageId, interactionId, and emoji.
• Extended runtime, diagnostics metadata, app action bindings, and generated reference docs to cover the expanded catalog.
• Bumped package version to 1.8.0 (semver minor for additive API surface).
• Refreshed workspace dependencies to latest compatible versions and verified current GitHub Actions workflow major versions.
• Updated Shardwire skill docs/references/evals to align with the new built-in event/action/filter catalog.

1.7.1

Patch release focused on docs-domain migration polish and publish readiness.

• Removed legacy project-site /shardwire website base-path assumptions so deployment works from custom-domain root (https://shardwire.js.org/).
• Updated canonical docs URL configuration and generated/runtime reference links to the custom domain.
• Updated package and repository homepages/readmes to the new docs domain.
• Updated the Shardwire skill and its reference notes to point to the custom-domain docs routes.

1.7.0

Minor release focused on full voice-surface coverage and publish readiness polish.

• Added built-in event: voiceStateUpdate with normalized BridgeVoiceState payloads.
• Added built-in actions: moveMemberVoice, setMemberMute, setMemberDeaf, and setMemberSuppressed.
• Added subscription filter key: voiceChannelId for voiceStateUpdate event routing.
• Extended runtime + diagnostics/catalog metadata to include voice intents, capability discovery, and subscription matching semantics.
• Regenerated reference docs for new voice event/data and action models.
• Updated skill references and docs guidance to include voice event/action/filter coverage.

1.6.1

Patch release: include package metadata in the npm tarball.

• Added README.md and LICENSE under packages/shardwire/ so npm publish ships a readme and license from the package root (the registry page no longer shows “This package does not have a README”).

1.6.0

• Documentation site migrated to Next.js + Fumadocs with generated API reference under /docs/reference/.
• IDE hovers: public exports carry @see links to their reference pages on the docs site.
• Added docsReferenceAbsoluteUrl / routing helpers in reference-doc-url.ts (kept in sync with the reference generator).
• Website changelog page and expanded docs URL map in SHARDWIRE_DOCS (packages/shardwire/src/utils/docs-links.ts).
• TypeScript: set ignoreDeprecations to "5.0" so declaration emit (tsup DTS) works on TypeScript 6.x.

1.5.1

Patch release focused on reliability and docs after the docs-site / monorepo migration.

• Fixed reconnect behavior so exponential backoff no longer resets on socket open before auth succeeds.
• Added stable troubleshooting links in runtime and config errors (See: https://shardwire.js.org/docs/troubleshooting/#… — anchor IDs match headings on the Troubleshooting page).
• Added an Errors documentation section with anchor-based remediation for common failures.
• Updated deployment configuration and canonical docs URL handling.
• Hardened CI and publish workflows for the workspace layout and restored docs build checks in CI.
• Aligned workspace formatting with workspace-local ignore rules for generated artifacts.

1.5.0

• Added defineShardwireApp(...) for a small app manifest: required events / actions, optional per-event filters, optional name (defaults to shardwire-app). The manifest is intentionally not a general config object — keep transport, secrets, intents, and startup policy elsewhere.
• Added generateSecretScope(manifest) to derive minimum SecretPermissions (events / actions lists) for scoped bot secrets.
• Added diagnoseShardwireApp(manifest, negotiated, options?) for structured reports: manifest-required events and actions vs negotiation, manifest-declared filter keys, runtime subscriptions vs manifest.events / manifest.filters, optional botIntents, optional unused_negotiated_* warnings for extra granted events or actions, and optional expectedScope (emits severity: 'error' only when negotiation is broader than that explicit maximum). report.ok is false only when at least one issue has severity: 'error'; warnings never set report.ok to false (same rule as strict startup).
• Added strict startup: await app.ready({ strict: true, manifest, botIntents?, expectedScope? }) runs diagnosis after authentication and throws ShardwireStrictStartupError on severity: 'error' issues only (not on unused_negotiated_* warnings); botIntents is required in strict mode when manifest events require gateway intents.
• Exported ShardwireStrictStartupError alongside existing bridge errors.
• Updated examples to use manifests, generateSecretScope (scoped bot allow in production-style samples), app.ready({ strict: true, botIntents }), and app.explainCapability / app.preflight where relevant.
• Diagnosis contract rules: runtime subscriptions must target manifest.events, and any subscription filter keys must be declared under manifest.filters for that event. Filter viability checks apply only to manifest-declared keys. Surplus negotiation is unused_negotiated_* warnings only; expectedScope is the explicit opt-in for hard failures on “too broad.”
• Filter diagnosis semantics: filter_key_never_populated renamed to filter_key_absent_from_event_metadata — only when a catalog key is never supplied on the bridge’s subscription-matching metadata for that event (structurally impossible to match). Narrow filters that merely match infrequently are out of scope. EVENT_SUBSCRIPTION_METADATA_KEYS replaces SUBSCRIPTION_FILTER_KEYS_POPULATED_BY_EVENT (the old name remains as a deprecated alias).

1.4.5

• Added app.catalog() for static discovery of built-in events (with intent hints), actions, and subscription filter keys.
• Added app.explainCapability(...) to inspect whether an event or action is built-in and allowed by the current negotiated bridge.
• Added app.preflight(desired?) for startup diagnostics (connection, transport hints, desired vs negotiated capabilities, subscription mismatches) without throwing on capability issues alone.
• Added structured details on FORBIDDEN action results when an action is not in negotiated capabilities; BridgeCapabilityError now carries optional details (including requiredIntents for disallowed event subscriptions).
• Exported getShardwireCatalog() for the same static catalog without an app instance.
• Added workflow helpers: deferThenEditInteractionReply, deferUpdateThenEditInteractionReply, and createThreadThenSendMessage.

1.4.0

• Added built-in events: channelCreate, channelUpdate, channelDelete, and messageBulkDelete.
• Added built-in actions: timeoutMember, removeMemberTimeout, createChannel, editChannel, deleteChannel, createThread, and archiveThread.
• Extended subscription filters with channelType, parentChannelId, and threadId (plus richer message and interaction metadata: channelType and parentChannelId on BridgeMessage, BridgeDeletedMessage, and BridgeInteraction when the runtime resolves the channel).

1.3.0

• Added check:changelog script and wired it into verify and the publish workflow so the current package version cannot remain marked (unreleased) in the root changelog file.
• Replaced a broken SECURITY.md README link with in-README vulnerability reporting and secret rotation guidance.
• Added startup lifecycle documentation and expanded transport, idempotency, and metrics notes in the README.
• Added optional bridge server.idempotencyScope (connection | secret) and server.idempotencyTtlMs for cross-connection idempotent retries.
• Surfaced Discord rate-limit retry_after as details.retryAfterMs on SERVICE_UNAVAILABLE failures and forwarded discordStatus, discordCode, and retryAfterMs to metrics.onActionComplete when present.
• Added integration coverage for secret-scoped idempotency, action queue timeouts, interaction and read actions, maxPayloadBytes enforcement, and DiscordAPIError 429 mapping.
• Added operational documentation and production-style examples with matching npm scripts.

1.2.0

• Added built-in events: guildCreate, guildDelete, guildMemberUpdate, threadCreate, threadUpdate, and threadDelete.
• Added subscription filters for interactionCreate: customId and interactionKind.
• Added interaction lifecycle actions: deferUpdateInteraction, editInteractionReply, deleteInteractionReply, updateInteraction, and showModal.
• Added query and read actions: fetchMessage and fetchMember.
• Expanded message input and payload normalization with component support and richer send and edit parity fields.
• Added best-effort action idempotency via idempotencyKey on app action calls.
• Added bridge-side action backpressure controls: server.maxConcurrentActions and server.actionQueueTimeoutMs.
• Added bridge-side connection and authentication safeguards: server.maxConnections and auth rate limiting.
• Added optional app metrics hook (metrics.onActionComplete) and richer structured action and error details.
• Added shard-aware event envelopes by populating shardId when available.
• Strengthened release and CI quality gates with lint and coverage in verify, Node version alignment, changelog and version checks, and npm provenance publishing.

1.1.0

• Added messageReactionAdd and messageReactionRemove built-in events, including normalized reaction payload types and subscription filtering support.
• Added addMessageReaction and removeOwnMessageReaction built-in app actions with runtime support in the default discord.js adapter.
• Expanded Discord alignment by deriving supported bot intent names from discord.js GatewayIntentBits and using discord.js Events constants for runtime event binding.
• Improved action error mapping in the discord.js runtime adapter so Discord API failures are surfaced as structured FORBIDDEN, NOT_FOUND, and INVALID_REQUEST results where applicable.
• Updated event capability gating so interactionCreate is available without requiring the Guilds intent.
• Removed unused secret-scope helper exports and fixed app capability validation when negotiated event capabilities are empty.
• Updated README, examples, and integration references for reaction intents, events, actions, and current intent requirements.

1.0.0

• Breaking: Replaced the generic host and consumer WebSocket bridge API with a Discord-first public API centered on createBotBridge(...) and connectBotBridge(...).
• Breaking: Removed the public generic command and event abstractions, schema adapter exports, and legacy host and consumer examples from the package surface.
• Added built-in Discord event streaming for ready, interactionCreate, messageCreate, messageUpdate, messageDelete, guildMemberAdd, and guildMemberRemove.
• Added built-in app action APIs for messaging, interaction replies, deferrals, follow-ups, moderation, and member role changes.
• Added negotiated bridge capabilities based on bot intents and optional scoped secrets.
• Added app-driven event subscriptions with optional guildId, channelId, userId, and commandName filters.
• Added a token-first Discord runtime with normalized JSON payload types backed by internal discord.js integration.
• Removed Discord interaction callback tokens from serialized BridgeInteraction payloads sent to apps.
• Tightened secret handling to reject duplicate configured secret values and ambiguous value-only authentication matches.
• Replaced package examples, tests, and skill metadata to match the Discord-first direction.