a3c8ca462c
CRITICAL SECURITY FIX:
Removed 226 internal and sensitive files from git tracking to protect
the public tractatus-framework repository from exposing confidential
development information, server details, and internal strategies.
SCOPE:
This cleanup separates the INTERNAL repository (tractatus) from the
PUBLIC repository (tractatus-framework on GitHub).
REMOVED DIRECTORIES (entire):
- .claude/ (framework session state, metrics, archives)
- governance/ (internal operational governance)
- For Claude Web/ (internal development specs)
- scripts/hook-validators/ (internal enforcement)
- scripts/framework-components/ (internal components)
- docs/planning/, docs/testing/, docs/outreach/
- docs/stripe-analysis/, docs/economist-analysis/
- docs/framework-incidents/, docs/deployment-logs/
- docs/analysis-archive-2025-10/
REMOVED ROOT FILES:
- CLAUDE_*.md, ClaudeWeb*.md (internal development)
- PITCH-*.md (internal pitch documents)
- PHASE-*.md, MEETING_NOTES*.md (internal planning)
- SESSION*.md, OPTIMAL_NEXT_SESSION*.md (session handoffs)
- ARCHIVE_SUMMARY*.md, CLOSEDOWN*.* (session archives)
- EXECUTIVE_BRIEF*.md (internal briefs)
- Tractatus-Website-Complete-Specification*.md (internal specs)
- UI_TRANSFORMATION_PROJECT_PLAN.md, SITE_IMPROVEMENT_PRIORITIES.md
- SCHEDULED_TASKS.md, TRACTATUS_BRAND_SYSTEM.md
- .stripe-ids.json, .rsyncignore (sensitive/deployment)
- deployment-output.txt, migration-output.txt (logs)
- ECONOMIST_LETTER*.docx, PERPLEXITY_USER_PROMPT.txt (correspondence)
REMOVED SCRIPTS:
- scripts/deploy-*.sh (contain server IPs)
- scripts/session-init.js, scripts/check-session-pressure.js
- scripts/analyze-violations.js
- scripts/hook-validators/*.js (5 files)
- scripts/framework-components/*.js
REMOVED DOCS (96 files):
- docs/SESSION*.md, docs/session-handoff-*.md
- docs/DEPLOYMENT*.md, docs/MULTI_PROJECT*.md
- docs/DOCUMENT_AUDIT*.md, docs/DOCUMENT_*.md
- docs/BLOG-POST-OUTLINES.md
- docs/PHASE-*.md, docs/STRIPE_*.md, docs/KOHA*.md
- docs/SECURITY_AUDIT*.md, docs/FRAMEWORK_FAILURE*.md
- docs/BENCHMARK*.md, docs/IMPLEMENTATION_PROGRESS*.md
- docs/BOOTSTRAPPING*.md, docs/GOVERNANCE-RULE-LIBRARY.md
- docs/SIMULATION*.md, docs/API_MEMORY*.md
ADDED PROTECTIONS:
1. Comprehensive .gitignore (172 lines)
- Blocks all internal directories
- Blocks all internal file patterns
- Prevents accidental commits
2. PUBLIC_REPO_CHECKLIST.md
- Security verification checklist
- Weekly maintenance procedures
- Clear guidelines for public vs internal
REMAINING PUBLIC FILES: 6,435
- src/: 85 (open source services)
- tests/: 35 (unit/integration tests)
- public/: 178 (website frontend)
- scripts/: 111 (public utilities)
- docs/: 107 (public documentation)
- root: 13 (README, LICENSE, package.json, configs)
VERIFICATION:
✓ No server IPs
✓ No SSH keys or credentials
✓ No payment system secrets
✓ No internal planning documents
✓ No session handoffs or development logs
✓ No deployment scripts with production details
RESULT:
Public tractatus-framework repository now contains ONLY:
- Open source code
- Public documentation
- Implementation guides
- Apache 2.0 licensed content
Internal tractatus repository (local) retains ALL files for development.
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
189 lines
7.2 KiB
Markdown
189 lines
7.2 KiB
Markdown
# PUBLIC REPOSITORY CHECKLIST
|
|
|
|
**Repository:** tractatus-framework (GitHub Public)
|
|
**Purpose:** Open source implementation for external developers
|
|
**Last Security Audit:** 2025-10-21
|
|
|
|
---
|
|
|
|
## ✅ What SHOULD Be in Public Repo
|
|
|
|
### Code (Open Source)
|
|
- ✅ `src/` - All framework services and application code
|
|
- ✅ `tests/` - Unit and integration tests
|
|
- ✅ `public/` - Website frontend (HTML, CSS, JS, assets)
|
|
- ✅ `scripts/` - Public utility scripts (migrations, generators, utilities)
|
|
|
|
### Documentation (Public)
|
|
- ✅ `README.md` - World-class implementer-focused documentation
|
|
- ✅ `LICENSE` - Apache 2.0 license
|
|
- ✅ `CODE_OF_CONDUCT.md` - Community guidelines
|
|
- ✅ `SETUP_INSTRUCTIONS.md` - Installation guide
|
|
- ✅ `NOTICE` - Attribution notices
|
|
- ✅ `docs/markdown/` - Published documentation
|
|
- ✅ `docs/case-studies/` - Public case studies (educational)
|
|
- ✅ `docs/api/` - API reference documentation
|
|
- ✅ `docs/architecture/` - Architecture diagrams and explanations
|
|
|
|
### Configuration (Public)
|
|
- ✅ `.env.example` - Example environment variables
|
|
- ✅ `.env.test` - Test environment configuration
|
|
- ✅ `.gitignore` - Git ignore patterns
|
|
- ✅ `.eslintrc.json` - ESLint configuration
|
|
- ✅ `jest.config.js` - Jest test configuration
|
|
- ✅ `tailwind.config.js` - Tailwind CSS configuration
|
|
- ✅ `package.json` - Node dependencies
|
|
- ✅ `package-lock.json` - Dependency lock file
|
|
|
|
---
|
|
|
|
## ❌ What MUST NOT Be in Public Repo
|
|
|
|
### Internal Directories (Entire)
|
|
- ❌ `.claude/` - Framework session state, metrics, archives
|
|
- ❌ `governance/` - Internal operational governance documents
|
|
- ❌ `For Claude Web/` - Internal development specifications
|
|
- ❌ `umami-local/` - Analytics local setup
|
|
- ❌ `docs/planning/` - Internal project planning
|
|
- ❌ `docs/testing/` - Internal test reports
|
|
- ❌ `docs/outreach/` - Internal marketing/outreach
|
|
- ❌ `docs/stripe-analysis/` - Internal payment analysis
|
|
- ❌ `docs/economist-analysis/` - Internal research analysis
|
|
- ❌ `docs/framework-incidents/` - Internal incident reports
|
|
- ❌ `docs/deployment-logs/` - Internal deployment records
|
|
- ❌ `docs/analysis-archive-*/` - Internal analysis archives
|
|
|
|
### Internal Development Documents
|
|
- ❌ `CLAUDE.md` - Internal Claude Code instructions
|
|
- ❌ `CLAUDE_*.md` - Internal development guides
|
|
- ❌ `ClaudeWeb*.md` - Internal web development specs
|
|
- ❌ `PRE_APPROVED_COMMANDS.md` - Internal command whitelist
|
|
- ❌ `BACKEND_FRONTEND_MAPPING.md` - Internal architecture docs
|
|
|
|
### Session & Planning Documents
|
|
- ❌ `SESSION*.md` - Session handoffs
|
|
- ❌ `OPTIMAL_NEXT_SESSION*.md` - Session startup prompts
|
|
- ❌ `ARCHIVE_SUMMARY*.md` - Session archives
|
|
- ❌ `CLOSEDOWN*.md` / `*.txt` - Session closedowns
|
|
- ❌ `MEETING_NOTES*.md` - Internal meeting notes
|
|
|
|
### Internal Planning
|
|
- ❌ `PITCH-*.md` - Internal pitch documents
|
|
- ❌ `PHASE-*.md` - Internal phase planning
|
|
- ❌ `EXECUTIVE_BRIEF*.md` - Internal executive briefs
|
|
- ❌ `TRACTATUS_BRAND_SYSTEM.md` - Internal branding
|
|
- ❌ `UI_TRANSFORMATION_PROJECT_PLAN.md` - Internal UI planning
|
|
- ❌ `SITE_IMPROVEMENT_PRIORITIES.md` - Internal priorities
|
|
- ❌ `SCHEDULED_TASKS.md` - Internal task scheduling
|
|
- ❌ `Tractatus-Website-Complete-Specification*.md` - Internal specs
|
|
|
|
### Internal Scripts
|
|
- ❌ `scripts/deploy-*.sh` - Deployment scripts (contain server details)
|
|
- ❌ `scripts/session-init.js` - Framework session initialization
|
|
- ❌ `scripts/check-session-pressure.js` - Session monitoring
|
|
- ❌ `scripts/analyze-violations.js` - Violation analysis
|
|
- ❌ `scripts/hook-validators/` - Pre-action hook validators
|
|
- ❌ `scripts/framework-components/` - Framework enforcement components
|
|
- ❌ `scripts/reset-admin-password.js` - Admin utilities
|
|
|
|
### Internal Docs Files
|
|
- ❌ `docs/DEPLOYMENT*.md` - Deployment documentation
|
|
- ❌ `docs/MULTI_PROJECT*.md` - Multi-project governance
|
|
- ❌ `docs/DOCUMENT_AUDIT*.md` - Internal audits
|
|
- ❌ `docs/DOCUMENT_OPTIMIZATION*.md` - Internal optimization
|
|
- ❌ `docs/DOCUMENT_REORGANIZATION*.md` - Internal reorganization
|
|
- ❌ `docs/DOCUMENT_SECURITY*.md` - Internal security docs
|
|
- ❌ `docs/BLOG-POST-OUTLINES.md` - Internal content planning
|
|
- ❌ `docs/PHASE-*.md` - Phase planning documents
|
|
- ❌ `docs/STRIPE_*.md` - Payment integration internals
|
|
- ❌ `docs/KOHA*.md` - Donation system internals
|
|
- ❌ `docs/SECURITY_AUDIT*.md` - Internal security audits
|
|
- ❌ `docs/FRAMEWORK_FAILURE*.md` - Internal incident analysis
|
|
- ❌ `docs/BENCHMARK*.md` - Internal performance benchmarks
|
|
- ❌ `docs/IMPLEMENTATION_PROGRESS*.md` - Internal progress tracking
|
|
- ❌ `docs/BOOTSTRAPPING*.md` - Internal bootstrapping docs
|
|
- ❌ `docs/GOVERNANCE-RULE-LIBRARY.md` - Internal rule library
|
|
- ❌ `docs/SIMULATION*.md` - Internal simulations
|
|
- ❌ `docs/SESSION*.md` - Session documentation
|
|
- ❌ `docs/API_MEMORY*.md` - Internal API memory research
|
|
- ❌ `docs/HOOKS*.md` - Internal hook documentation
|
|
|
|
### Sensitive Files
|
|
- ❌ `*.key` - Encryption keys
|
|
- ❌ `*.pem` - SSL certificates
|
|
- ❌ `*.p12` / `*.pfx` - Certificate bundles
|
|
- ❌ `.stripe-ids.json` - Payment IDs
|
|
- ❌ `.rsyncignore` - Deployment patterns
|
|
- ❌ `ADMIN_LOGIN_INSTRUCTIONS.md` - Admin credentials
|
|
- ❌ `.admin-credentials.local` - Admin credentials
|
|
- ❌ `secrets/` - Secrets directory
|
|
- ❌ `credentials/` - Credentials directory
|
|
|
|
### Build Artifacts & Temporary Files
|
|
- ❌ `deployment-output.txt` - Deployment logs
|
|
- ❌ `migration-output.txt` - Migration logs
|
|
- ❌ `closedown prompt` - Session closedown prompts
|
|
- ❌ `old claude md file` - Old backups
|
|
- ❌ `PERPLEXITY_USER_PROMPT.txt` - Research prompts
|
|
- ❌ `ECONOMIST_LETTER_*.docx` - External correspondence
|
|
- ❌ `/tmp/*.md` - Temporary markdown files
|
|
- ❌ `Screenshot*.png` - Screenshots
|
|
- ❌ `*.backup` / `*.bak` - Backup files
|
|
|
|
---
|
|
|
|
## 🔒 Security Verification Checklist
|
|
|
|
Before pushing to public GitHub, verify:
|
|
|
|
- [ ] No server IP addresses in any file
|
|
- [ ] No SSH key references or paths
|
|
- [ ] No API keys or credentials
|
|
- [ ] No payment system IDs or secrets
|
|
- [ ] No internal meeting notes or strategy docs
|
|
- [ ] No session handoffs or development logs
|
|
- [ ] No deployment scripts with production details
|
|
- [ ] No internal planning or pitch documents
|
|
- [ ] `.gitignore` is comprehensive and up-to-date
|
|
- [ ] All files contain only public-appropriate content
|
|
|
|
---
|
|
|
|
## 📊 Current Repository Stats
|
|
|
|
**Total tracked files:** 6,435
|
|
- `src/`: 85 files
|
|
- `tests/`: 35 files
|
|
- `public/`: 178 files (mostly assets)
|
|
- `scripts/`: 111 files
|
|
- `docs/`: 107 files
|
|
- `root`: 13 files
|
|
|
|
**Last cleaned:** 2025-10-21
|
|
**Files removed:** 226 internal/sensitive files
|
|
|
|
---
|
|
|
|
## 🔄 Weekly Maintenance
|
|
|
|
As per **inst_062**, the README.md requires weekly review. Use this checklist:
|
|
|
|
**Every Monday:**
|
|
1. Review README.md for accuracy
|
|
2. Update "Last Updated" date if material changes made
|
|
3. Verify all links still work
|
|
4. Check for new internal files that shouldn't be public
|
|
5. Run: `git ls-files | grep -E "(CLAUDE|SESSION|PITCH|PHASE|MEETING|governance|\.claude)"` → should return nothing
|
|
|
|
---
|
|
|
|
## 📝 Notes
|
|
|
|
- The **internal repository** (`tractatus`) contains ALL files for development
|
|
- The **public repository** (`tractatus-framework`) is a SUBSET for open source
|
|
- .gitignore ensures accidental commits of internal files are prevented
|
|
- Use `git status` before pushing to verify no internal files are staged
|
|
|
|
---
|
|
|
|
**Last Updated:** 2025-10-21
|