v0.2.2 – --dry-run everywhere

🚢🪵 Shiplog v0.2.2 – --dry-run everywhere

This is a baby patch that extends --dry-run to all commands that would result in git mutation. Instead of performing the action, these commands print what they would have done when --dry-run is present.

v0.2.1 – Dry Run

🚢🪵 Shiplog v0.2.1 – Dry Run

🫲 ALL HANDS ON DECK! 🫱

In my haste to release v0.2.0, I neglected to add a --dry-run mode to git shiplog run. This rapid follow-up is to address this oversight.

Release type: Feature release

This feature release introduces the new --dry-run flag for git shiplog run, letting teams rehearse deployments safely without mutating the journal.

⚓ Highlight

🧪 Dry-Run Preview — git shiplog run --dry-run

Plan a maintenance step or incident response without firing the actual command. The new --dry-run flag formats the invocation, previews exactly what would be logged, and exits 0 without executing or touching the journal.

$ git shiplog run \
    --dry-run \
    --service deploy \
    --reason "Canary toggle" \
    -- env ./scripts/flip-canary staging
ℹ️ shiplog run --dry-run: would execute: env ./scripts/flip-canary staging

• No command side effects and no Git notes are created.
• Bosun-enabled terminals (see the Bosun CLI styling tool docs) receive a styled “Dry Run” card; otherwise the CLI prints the same message once.
• Successful dry runs exit 0 for scripting ease; malformed input or unknown commands still return non-zero.

🧭 Upgrade Notes

• No trailer changes or schema updates
• Existing automation keeps working.
• New dry-run behavior is documented in docs/features/run.md and the command reference so teams can adopt it immediately.
• Tests covering both the preview path and the standard execution flow run in the Dockerized Bats matrix.

🚦Please, Enjoy

Why are you still reading this when you could be downloading v0.2.1?!

When you want confidence before the real maneuver: Shiplog now lets you practice the tack ⛵️ before committing it to the log.

🚢🪵

v0.2.0 – Salty Logs

🚢🪵 Shiplog v0.2.0 – Salty Logs

Deployment Logs in Git, Trust Roster View, Automation Enhancements, and JSON Schema.

🗣️ Raise the colors and man the rigging! 

TLDR

Change	New?	Impact
git shiplog run	🆕	Automatically Capture and Store Ops Logs in Git
git shiplog trust show	🆕	View Trust Roster
git shiplog append	🆕	Automation-Friendly Append
JSON Schema	🆕	Official Shapes = Stop Guessing

---

What is Shiplog?

Shiplog is a git-native tool that transforms Git itself into an immutable, append-only, conflict-free journal. It operates completely outside of your normal branches, letting you use Git as a distributed, secure data structure. Think of it as a Git primitive that allows you to build an immutable ledger for free! No extra services or software required.

Why Use It? (A Verifiable Source of Truth)

Your Git repository is already the source of truth for your code. Why rely on half a dozen separate, ephemeral logging services to track your operational history?

Shiplog gives you an auditable, cryptographically-signed deployment journal that lives right alongside your code. It eliminates the need to "do archeology" during a live incident.

Unlike traditional logs that get scattered or lost, Shiplog commits your operational history with:

• Cryptographic Signatures: Know exactly who approved or executed an operation.
• Structured Data: Log execution details, exit codes, and metadata.
• Zero Vendor Lock-in: It's just Git.

For security, Shiplog uses an allow list to restrict which SSH or GPG keys are permitted to update the ledger. This ensures that your deployment history remains a secure and verifiable source of truth.

---

v0.2.0 – Introducing: automatic log capture, easy trust roster viewer, and automation enhancements

This release delivers new tools that wrap arbitrary shell commands, automatically capturing their output and writing it to the Shiplog ledger. 

It also includes a tool to view your repo's trust roster, and some automation enhancements.

Who Should Upgrade?

• DevOps/SRE teams running production deployments
• Compliance-driven orgs needing auditable operation logs
• CI/CD pipeline authors wanting structured deployment metadata
• Anyone tired of deployment history scattered across tools

---

🏴‍☠️ Highlights

🪵 Command Wrapping & Forensics – git shiplog run

Wrap any shell command to automatically journal its full execution. Capture the exit code, duration, and output (stdout/stderr) and commit it straight into your Git repo as structured, auditable data.

The new git shiplog run command wraps your execution, captures the command output via tee, and—BOOM—writes everything directly into your journal.

$ git shiplog run \
      --service deploy \
      --reason "Smoke test" \
      --region us-west-2 \
      --cluster prod-a \
      --namespace frontend \
      -- env printf hi
  hi
  Deploy: deploy <none> → prod/us-west-2/prod-a/frontend
  Reason: Smoke test
  Status: SUCCESS (0s) @ 2025-09-30T02:14:18Z
  Seq:    7 (parent 1f6d81d, trust 217be22, anchor (none))
The resulting journal entry gives you full, structured metadata:

$ git shiplog show --json | jq '.run'
{
  "argv": ["env","printf","hi"],
  "cmd": "env printf hi",
  "exit_code": 0,
  "status": "success",
  "duration_s": 0,
  "started_at": "2025-09-30T02:14:18Z",
  "finished_at": "2025-09-30T02:14:18Z",
  "log_attached": true
}

Command output is automatically preserved as a Git Note under refs/_shiplog/notes/logs, ensuring complete history:

$ git notes --ref=refs/_shiplog/notes/logs show HEAD
2025-09-30T02:14:18Z    stdout    hi

Why this matters

When production is on fire, you need forensic precision. git shiplog run captures exactly what ran, when, and with what result, without requiring you to rewrite your entire deployment pipeline.

---

🤝 Trust Roster & Compliance – git shiplog trust show

Inspect and audit the cryptographic authority for your journal. Shiplog uses signed entries to guarantee integrity. This new command lets you see exactly who has the keys to write to the logbook.

$ git shiplog trust show
Trust ID: shiplog-trust-root
Threshold: 1
Allowed signers: 1
Maintainers:
- Shiplog Tester <shiplog-tester@example.com> [root]
Signers:
- shiplog-tester@example.com (ssh-ed25519)

Export the raw roster data with the --json flag, making automated compliance audits trivial:

$ git shiplog trust show --json | jq '{id, threshold, maintainers}'
{
  "id": "shiplog-trust-root",
  "threshold": 1,
  "maintainers": [
    {
      "name": "Shiplog Tester",
      "email": "shiplog-tester@example.com",
      "role": "root",
      "revoked": false
    }
  ]
}

Why this matters

In regulated industries, accountability is non-negotiable. Shiplog provides cryptographic proof of who performed the deployment, and trust show makes that proof transparent and instantly auditable.

---

🤖 CI/CD Automation – git shiplog append

Post entries non-interactively and attach custom structured data. This is your new best friend for CI/CD pipelines and scripting.

$ printf '{"checks":{"canary":"green"}}' \
| git shiplog append \
        --env prod \
        --service deploy \
        --status success \
        --reason "Post-release smoke" \
        --json -
Record: deploy <none> → prod/us-west-2/prod-a/deploy
Reason: Post-release smoke
Status: SUCCESS (0s) @ 2025-09-30T02:18:50Z

Your custom JSON payload merges flawlessly into Shiplog's entry trailer:

$ git shiplog show --json | jq '{status, why, checks}'
{
  "status": "success",
  "why": {
    "reason": "Post-release smoke",
    "ticket": null
  },
  "checks": {
    "canary": "green"
  }
}

No more environment variable juggling or interactive prompts. Just a simple --json (or --json-file payload.json) flag and you're done.

---

📋 Structured Entry Schema

Stop guessing, start building. The full JSON schema for journal trailers (including the new run block) is now officially published. This enables downstream consumers and tooling to build against a guaranteed contract.

See the full specification: read the docs

---

⚓ Upgrade Notes

No breaking changes! Your existing journals remain seaworthy.

---

Behavior Updates

• Namespace now defaults to the journal name when SHIPLOG_NAMESPACE isn't set (e.g., writing to the "staging" journal yields namespace "staging").
• git shiplog run and git shiplog append now populate SHIPLOG_EXTRA_JSON internally.

For Hook Authors 🛠️

[!important] Attention Hook Authors: If you've written custom hooks, ensure they merge JSON data rather than overwriting the trailer. run and append now add their own structured data, and your hooks must preserve it.

---

🎤 The Real Value Proposition

You know what's truly revolutionary? Your complete, auditable deployment history lives inside the same repo as your code.

There are no external services. No vendor lock-in. No API keys to manage. No monthly bills.

It's just git, doing what it does best:

• The journal is immutable.
• The entries are cryptographically signed.
• The history is append-only.
• It's all standard Git refs—meaning you can fetch, push, clone, and verify using the tools you already have.

That's the real innovation here.

v0.1.0–MVP

Shiplog MVP is Here!

Boom. The first official release of Shiplog—your deployment black box recorder.

Shiplog's core idea is simple: every deployment event becomes a tiny, cryptographically signed Git commit. This allows you to create an auditable, tamper-evident ledger of your releases without any new infrastructure or dashboards.

Warning

This build is rough, but it works... The UX for configuring your setup is not the greatest, but if you poke around in docs and you're determined, you can get up and running.

Roadmap

I'm releasing this build so I can dogfood it on other personal projects. The next release, Alpha, will be much more stable, polished, and ready for early adopters.

To learn more about the plans I have in store for Shiplog, please see the Roadmap.

Basic idea is:

• MVP (this release) - basics work, I can dogfood this on other projects.
• Alpha (coming soon) - polished UX, better support for repos hosted on GitHub.
• Beta - all features complete, ready to be battle tested
• v1.0.0 - battle tested, trusted, most bugs fixed

✨ Highlights

• Core CLI: A complete command-line interface for writing, showing, and verifying deployment logs.
• Policy-as-Code: Store signing and author allowlist policies directly in Git (.shiplog/policy.json).
• Built-in Security: Support for SSH- or GPG-signed entries, with per-environment signing rules.
• Zero Infrastructure: Shiplog lives entirely in your Git repository under protected refs (refs/_shiplog/*).
• Structured Data: Each entry contains a JSON trailer for easy parsing by external tools and dashboards.
• Rich Documentation: Comprehensive guides on GitHub hosting, security, and a full command reference.

🚀 Get Started

Warning

This MVP release is really not intended for public use, but if you're really interested, give it a shot. If you find bugs, open an issue. Contributions accepted conditionally at this time.

The easiest way to get started is by installing the CLI and using the new setup wizard... But it's still pretty rough.

Install the CLI

git clone https://github.com/flyingrobots/shiplog.git "$HOME/.shiplog"
export PATH="$HOME/.shiplog/bin:$PATH"

Setup Your Repository

Run the new non-interactive setup wizard. It will configure your repository with a .shiplog/policy.json file and sync the trust refs.

# Set up a balanced policy with a team allowlist
git shiplog setup --strictness balanced --authors "you@example.com teammate@example.com"

# Set up a strict policy for the 'prod' environment
git shiplog setup --strictness strict --strict-envs "prod"

Record a Deployment

# Write a deployment entry (signed or unsigned based on your policy)
git shiplog write --service web --reason "MVP release"

# Use non-interactive mode for CI/CD pipelines
SHIPLOG_BORING=1 git shiplog --yes write prod --service web --reason "MVP release"

⚙️ New and Improved

Interactive write Command

The git shiplog write command now offers interactive prompts for a better user experience. You can also prefill or skip these prompts using new flags, making it more flexible for both manual and automated use. The auto-push behavior is now enabled by default.

Simplified show Command

git shiplog show now defaults to displaying the latest entry in your journal ref, making it a powerful go-to for immediate debugging. You can also get JSON-only output with --json and --json-compact.

Enhanced verify Command

The git shiplog verify command now scans an entire journal, checks signatures and author allowlists, and provides a clear summary. It exits with a non-zero code on violations, which is perfect for CI checks.

Unified policy and setup

The git shiplog policy command has been enhanced and there's a new git shiplog setup wizard to streamline configuration. These commands make it easier to define your security policy and bootstrap trust.

🚨 Breaking Changes & Upgrade Notes

Policy Precedence: Policy files are now read from the Git ref first, not the working file. This ensures the enforced policy is what's been reviewed and approved.

Interactive Prompts: Interactive prompts now fall back to POSIX if Bosun is not installed, so Bosun is no longer a hard requirement.

show Default Behavior: git shiplog show now defaults to showing the latest entry in the environment's journal ref, not the current branch head.

Upgrade Path: If you're upgrading from a pre-release version, simply git pull in your cloned ~/.shiplog directory and re-source your shell.

Warning

⚠️ Known Issues
This build is far from perfect... Here's some big annoying issues.

GitHub Ref Protection: Protecting custom refs (refs/_shiplog/*) on GitHub requires using Rulesets. If you need to enforce a policy using older Branch Rules, consider using the branch namespace mode (git shiplog refs root set refs/heads/_shiplog).

Shell Variable Issue: Some older shell installations may throw an "unbound variable" error. Re-pulling the latest CLI version will fix this.

⏭️ What's Next

• shiplog doctor command to check local signing readiness and policy wiring.
• A shiplog run wrapper to automatically capture logs from any command.
• Per-path author allowlists and a plugins framework.

Stoked to reach this milestone!