1
0
Fork
You've already forked tracker
0
No description
  • Elixir 92.9%
  • CSS 4.4%
  • Rust 1.6%
  • HTML 0.6%
  • JavaScript 0.3%
  • Other 0.1%
2026年07月11日 21:52:52 -04:00
.claude claude: drop plugins 2026年06月11日 11:46:36 -04:00
.epi dev: increase epi resources, disable debug auth to suppress warning 2026年04月03日 14:05:10 -04:00
.opencode dev: init opencode config 2026年06月07日 21:05:00 -04:00
.services dev: shrink epi instance and pg 2026年04月03日 14:05:07 -04:00
assets feat: copy-on-click feed icons; move feed reset to Settings 2026年06月11日 11:46:36 -04:00
config ingestion: replaced ReleaseCache GenServer with durable releases table 2026年07月11日 21:52:52 -04:00
lib web/channels: fixed Latest Release sort to compare DateTimes chronologically 2026年07月11日 21:52:52 -04:00
native/package_stream ingestion: tolerated packages.json teams entries without a shortName 2026年07月10日 08:18:06 -04:00
priv ingestion: replaced ReleaseCache GenServer with durable releases table 2026年07月11日 21:52:52 -04:00
scripts scripts: added one-off prune of pre-trk-345 non-comparison artifact zips 2026年07月10日 08:18:16 -04:00
spec refactor: enrich ReleaseCache with DateTime and full revisions 2026年04月14日 23:58:36 -04:00
test web/channels: fixed Latest Release sort to compare DateTimes chronologically 2026年07月11日 21:52:52 -04:00
.envrc dev: bind process-compose to workspace-unique unix socket 2026年05月25日 23:04:15 -04:00
.formatter.exs run channel loading through oban, and schedule it 2025年03月22日 08:52:25 -04:00
.gitignore feat: extend Change resource for PR lifecycle tracking 2026年04月22日 22:48:37 -04:00
.igniter.exs reinit ash 2025年03月06日 20:28:13 -05:00
.mcp.json dev: bootstrap agent setup with mcps 2026年03月30日 01:03:56 -04:00
AGENTS.md agents: be quieter on commits 2026年07月10日 08:18:11 -04:00
CLAUDE.md dev: bootstrap agent setup with mcps 2026年03月30日 01:03:56 -04:00
flake.lock flake.lock: Update 2026年07月10日 08:18:10 -04:00
flake.nix runtime: update elixir and otp 2026年06月16日 09:39:57 -04:00
justfile dev: get deps if none 2026年07月10日 08:17:48 -04:00
LICENSE.txt fix: add license 2026年03月30日 01:04:50 -04:00
mix.exs options: render markdown descriptions instead of literal syntax 2026年07月10日 08:18:13 -04:00
mix.lock options: render markdown descriptions instead of literal syntax 2026年07月10日 08:18:13 -04:00
README.md feat: prefix API tokens with trk_ for secret scanning 2026年06月07日 21:04:57 -04:00

Tracker

To start your Phoenix server:

  • Run mix setup to install and setup dependencies
  • Start Phoenix endpoint with mix phx.server or inside IEx with iex -S mix phx.server

Now you can visit localhost:6950 from your browser.

Ready to run in production? Please check our deployment guides.

Service accounts and API tokens

Tracker supports long-lived API bearer tokens for non-human callers. Service accounts are users with no GitHub identity; an admin creates one, then issues a token for it.

Create a service account

mix tracker.service_account.create \
 --actor <admin-github-username> \
 --name <account-name> \
 --roles <comma-separated-roles>

--actor is the github_username of an existing admin user. --name becomes service:<name> as the account's github_username. --roles is the comma-separated role list (e.g. user,maintainer); the token will inherit exactly these roles.

Issue a token for the service account

mix tracker.api_token.issue \
 --actor <admin-github-username> \
 --user service:<account-name> \
 --label <human-readable-label> \
 --expires-in <seconds>

--user accepts either a UUID or a github_username (including the service:* form). --label and --expires-in are optional (default lifetime is one year). The token is printed to stdout once — it cannot be retrieved later, only revoked.

Issued tokens are prefixed with trk_ so they're easy to grep for in logs and recognisable by secret scanners.

Revoke a token

mix tracker.api_token.revoke \
 --actor <admin-github-username> \
 --jti <jti>

The JTI is printed alongside the JWT when the token is issued.

Self-service for human users

Logged-in users can issue and revoke their own API tokens at /account/tokens. Service account management is admin-only and only available via the mix tasks above.

Using a token

GET /your/api/endpoint
Authorization: Bearer trk_<jwt>

Send the full prefixed token in the Authorization header. Pipe a route through TrackerWeb.Plug.BearerAuth to authenticate and TrackerWeb.Plug.RequireRole, role: :some_role to gate by role.

Learn more