This is the first tagged release of Resolvd. The product has been running in private dogfooding for months — v0.1.0 is the line where the schema, the CLI workflow, and the install path are all stable enough to share.
This post is a lap around the parts that are most likely to surprise you in a good way.
Email-to-ticket, end-to-end
Email is still where most issues start. Resolvd makes it a first-class transport.
Send a message to the connected mailbox with #PREFIX in the subject — #WEB Login button crashes lands in the project with prefix WEB. Body is signature-stripped, the reply-above-this-line marker cuts quoted history, CC addresses matching active vendor contacts auto-attach, and dedup checks for an open ticket from the same submitter with an identical title in the last 7 days (appended as a comment instead of a duplicate ticket).
For helpdesk inboxes — support@yourcompany.com style — scope the connected mailbox to a single project. Inbound mail with no #PREFIX auto-creates tickets there. One mailbox, one queue.
How to use: Admin → Email backends → connect an account via OAuth → toggle Monitor inbox. For helpdesk routing, scope the account to one project under Project scope.
Screenshot: add later
Vendor CRM, in the ticket
Companies and contacts live next to your tickets — no second tool, no Salesforce shrug. Each company is scoped to a project and carries an optional domain for inbound sender matching. Contacts get encrypted under standard mode, with email also HMAC’d into a blind index for inbound webhook lookup.
Vendor-visible comments fire outbound email per attached contact, rendered through admin-editable templates. Vendor replies thread back into the same ticket via the inbound parser. Generic mailboxes (support@, helpdesk@, noreply@) are rejected at write time to prevent reply loops.
How to use: Admin → Companies → New. Add contacts, attach to tickets, mark a comment “Share with vendor” to send.
Screenshot: add later
Encryption at rest
encryption_settings.mode controls behaviour. Off (plaintext, default), Standard (server-managed AES-256-GCM envelope encryption with per-row data keys), or Vault (customer-held key, browser-derived — schema supports it; UI flow ships later).
Sensitive columns under standard mode: ticket title / description / notes, comment bodies, audit values, attachment names + on-disk file bytes, vendor company / contact details, OAuth refresh tokens, SMTP passwords, inbound queue subject + body. An HMAC blind index on tickets.title_blind_idx keeps word-equality search working under encryption.
Honest scope: outbound email content goes in cleartext to recipients (unavoidable — recipient has no key). This is server-side discipline, not E2EE.
How to use: generate RESOLVD_MASTER_KEY, set in .env, force-recreate the backend, flip the mode in encryption_settings, run the backfill script. Full runbook in the README.
Screenshot: add later
JIT support access
Users with role Support are blocked on every API request until an admin approves an active grant. Time-bounded (1–14 days, default 3), read-only by default, every fine-grained access (ticket views, attachment downloads) lands in support_access_log.
The mental model: a deposit box with a key the admin hands over for a fixed window. Lapsed grants go silent; revocations are immediate.
How to use: invite a user with role Support. They file an access request from the locked dashboard. Admin → Support access → approve with TTL. Audit trail at Admin → Support access → Access log.
Screenshot: add later
Authentication you can mix
Microsoft Entra ID, Google OAuth (Workspace + consumer), and local Argon2 accounts can all be enabled at once. TOTP MFA enforceable per role. Lockout after 8 failed attempts. Recovery codes generated on enrollment.
First boot of a fresh install with local auth enabled shows a Create Admin Account form. First user becomes Admin; subsequent users are invited or arrive via SSO.
How to use: runtime config at Admin → Authentication. Env vars supply credentials only — toggles live in the database.
Screenshot: add later
Source-available, free to self-host
Resolvd is licensed under FSL-1.1-ALv2 — free to self-host, fork, modify, audit, and use internally for commercial work. Each release converts to Apache 2.0 two years after publication. The catch: you can’t resell Resolvd as a hosted SaaS during the 2-year non-compete window.
Hosted plans exist for teams that don’t want to run a server. Same code in both directions; data is portable in either direction at any time.
Full changelog
v0.1.0 on GitHub has the complete commit list. This post covers the headline features at the initial release; later minor releases bring manual Notify Vendor gating, the markdown editor, bulk edit, ticket merge, NATO phonetic readback, browser push, and more — see follow-up posts.