# TODO

Intake buffer for ideas, issues, and unrefined tasks.

## Ideas

- Support for `.harborrc` config file in home directory
- Cache project/repo lists for faster tab completion
- Webhook management commands
- Robot account management
- Retention policy display
- Health check endpoint monitoring
- Multi-registry support (switch between registries)

## Deferred Admin Features

- `registries` - list configured registry endpoints
- `registry-create` - add registry endpoint
- `registry-test` - test registry connectivity
- `replication` - list replication rules/executions
- `groups` - user group management (LDAP/OIDC)

## Issues

(none currently open)

## Questions

- Should `--json` output be available on all commands?
- Should we support OIDC authentication?

## Debt

(none currently open)

## Resolved

### Issues (fixed in v0.1.1)

- SSL verification disabled globally → added `--verify-ssl` flag
- No timeout configuration for API calls → added `--timeout` flag
- Delete confirmation reads stdin → added TTY check, requires `--force` in non-interactive mode
- Partial digest matching fetches all artifacts → limited to first 100 artifacts

### Debt (fixed in v0.1.1)

- Error handling inconsistent across commands → added `output.py` with `print_error()`
- Some magic numbers (column widths, timeouts) → added `constants.py`

### Features (added in v0.1.2)

- Artifact cleanup command (`clean`) with filters: `--untagged`, `--older-than`, `--keep`
- Dry-run mode for cleanup preview (`--dry-run`)

### Features (added in v0.1.3)

- Admin commands: `system`, `gc`, `gc-run`, `users`
- User management: `user-create`, `user-delete`, `user-admin`, `user-passwd`
- Audit and security: `audit`, `audit-purge`, `cve-allow`, `scan-all`
- Pagination helper for admin endpoints
- Confirmation helper for destructive actions