Fizzy SDK: initial implementation

[jeremy]

Summary

Five-language SDK for the Fizzy API, modeled in Smithy with generated OpenAPI.

• Smithy model: 70 operations across 15 services (boards, cards, columns, comments, steps, reactions, notifications, tags, users, pins, uploads, webhooks, sessions, devices, identity)
• Go: oapi-codegen templates, two-tier service layer, Bearer + Cookie auth, magic link flow, retry/pagination/resilience/webhooks
• TypeScript: openapi-fetch client with middleware stack, service generators, resilience, webhook handler
• Ruby: Faraday client with lazy enumerator pagination, auth strategies, resilience, webhook verification (Ruby 3.2+)
• Swift: Zero-dependency SDK (Swift 6.0, iOS 16+/macOS 12+), code generator, webhook verification via CommonCrypto, 26 unit tests
• Kotlin: KMP (JVM target) with Ktor 3.x, builder DSL, streaming pagination via Flow, code generator
• Conformance: JSON test fixtures for auth, errors, idempotency, pagination, paths, retry, security, status codes
• CI: Test matrix, Smithy verification, conformance, rubric audit, security scanning, smoke tests, per-language release workflows

Auth supports both Bearer tokens (CLI/API) and Cookie-based sessions (mobile/web) with magic link (passwordless OTP) flow. OAuth deferred until Fizzy implements it.

Test plan

• make check passes locally (Smithy validation, all 5 language builds, Swift 26 tests, conformance, rubric audit)
• CI test matrix passes on GitHub Actions
• Smoke test against live Fizzy instance (manual dispatch, secrets-gated)

[Copilot]

Pull request overview

Initial implementation of a five-language SDK (Go, TypeScript, Ruby, Swift, Kotlin) for the Fizzy API, modeled in Smithy with generated OpenAPI. Includes auth strategies (Bearer + Cookie + magic link), retry/pagination/resilience patterns, webhook verification, conformance test fixtures, CI workflows, and per-language release pipelines.

Changes:

• Smithy model, traits, and OpenAPI generation pipeline with behavior model extraction
• Five SDK implementations (Go, TypeScript, Ruby, Swift, Kotlin) with shared patterns: auth, retry, pagination, caching, circuit breaker, hooks
• CI/CD: test matrix, conformance, security scanning, per-language release workflows, and conformance test fixtures

Reviewed changes

Copilot reviewed 149 out of 249 changed files in this pull request and generated 7 comments.

Show a summary per file

File	Description
spec/*	Smithy model, traits, and Gradle build for OpenAPI generation
scripts/*	Shell scripts for version sync, URL route generation, behavior model, service drift checks
go/*	Go SDK: client, auth, pagination, retry, resilience, hooks, caching, webhooks, security
ruby/*	Ruby SDK: Faraday client, auth strategies, pagination, resilience, hooks, webhooks, types generator
kotlin/*	Kotlin KMP SDK: Ktor client, auth, resilience, pagination, webhooks, code generator
conformance/*	JSON test fixtures for auth, errors, idempotency, pagination, retry, security
.github/*	CI workflows, Dependabot, release pipelines, prompt files
package.json	Root package.json for TypeScript SDK npm packaging
README.md, CONTRIBUTING.md, AGENTS.md	Documentation
rubric-audit.json	Rubric compliance audit results
.editorconfig, .mise.toml, LICENSE	Project configuration

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 880a09a174

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[Copilot]

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.