john/tractatus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tractatus/PUBLIC_REPO_CHECKLIST.md
TheFlow 2298d36bed fix(submissions): restructure Economist package and fix article display 
- Create Economist SubmissionTracking package correctly:
  * mainArticle = full blog post content
  * coverLetter = 216-word SIR— letter
  * Links to blog post via blogPostId
- Archive 'Letter to The Economist' from blog posts (it's the cover letter)
- Fix date display on article cards (use published_at)
- Target publication already displaying via blue badge

Database changes:
- Make blogPostId optional in SubmissionTracking model
- Economist package ID: 68fa85ae49d4900e7f2ecd83
- Le Monde package ID: 68fa2abd2e6acd5691932150

Next: Enhanced modal with tabs, validation, export

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-24 08:47:42 +13:00

190 lines
7.3 KiB
Markdown
Raw Blame History

# PUBLIC REPOSITORY CHECKLIST
**Repository:** tractatus-framework (GitHub Public)
**Purpose:** Open source implementation for external developers
**Last Security Audit:** 2025-10-21
---
## ✅ What SHOULD Be in Public Repo
### Code (Open Source)
-`src/` - All framework services and application code
-`tests/` - Unit and integration tests
-`public/` - Website frontend (HTML, CSS, JS, assets)
-`scripts/` - Public utility scripts (migrations, generators, utilities)
### Documentation (Public)
-`README.md` - World-class implementer-focused documentation
-`LICENSE` - Apache 2.0 license
-`CODE_OF_CONDUCT.md` - Community guidelines
-`SETUP_INSTRUCTIONS.md` - Installation guide
-`NOTICE` - Attribution notices
-`docs/markdown/` - Published documentation
-`docs/case-studies/` - Public case studies (educational)
-`docs/api/` - API reference documentation
-`docs/architecture/` - Architecture diagrams and explanations
### Configuration (Public)
-`.env.example` - Example environment variables
-`.env.test` - Test environment configuration
-`.gitignore` - Git ignore patterns
-`.eslintrc.json` - ESLint configuration
-`jest.config.js` - Jest test configuration
-`tailwind.config.js` - Tailwind CSS configuration
-`package.json` - Node dependencies
-`package-lock.json` - Dependency lock file
---
## ❌ What MUST NOT Be in Public Repo
### Internal Directories (Entire)
-`.claude/` - Framework session state, metrics, archives
-`governance/` - Internal operational governance documents
-`For Claude Web/` - Internal development specifications
-`umami-local/` - Analytics local setup
-`docs/planning/` - Internal project planning
-`docs/testing/` - Internal test reports
-`docs/outreach/` - Internal marketing/outreach
-`docs/stripe-analysis/` - Internal payment analysis
-`docs/economist-analysis/` - Internal research analysis
-`docs/framework-incidents/` - Internal incident reports
-`docs/deployment-logs/` - Internal deployment records
-`docs/analysis-archive-*/` - Internal analysis archives
### Internal Development Documents
-`CLAUDE.md` - Internal Claude Code instructions
-`CLAUDE_*.md` - Internal development guides
-`ClaudeWeb*.md` - Internal web development specs
-`PRE_APPROVED_COMMANDS.md` - Internal command whitelist
-`BACKEND_FRONTEND_MAPPING.md` - Internal architecture docs
### Session & Planning Documents
-`SESSION*.md` - Session handoffs
-`OPTIMAL_NEXT_SESSION*.md` - Session startup prompts
-`ARCHIVE_SUMMARY*.md` - Session archives
-`CLOSEDOWN*.md` / `*.txt` - Session closedowns
-`MEETING_NOTES*.md` - Internal meeting notes
### Internal Planning
-`PITCH-*.md` - Internal pitch documents
-`PHASE-*.md` - Internal phase planning
-`EXECUTIVE_BRIEF*.md` - Internal executive briefs
-`TRACTATUS_BRAND_SYSTEM.md` - Internal branding
-`UI_TRANSFORMATION_PROJECT_PLAN.md` - Internal UI planning
-`SITE_IMPROVEMENT_PRIORITIES.md` - Internal priorities
-`SCHEDULED_TASKS.md` - Internal task scheduling
-`Tractatus-Website-Complete-Specification*.md` - Internal specs
### Internal Scripts
-`scripts/deploy-*.sh` - Deployment scripts (contain server details)
-`scripts/session-init.js` - Framework session initialization
-`scripts/check-session-pressure.js` - Session monitoring
-`scripts/analyze-violations.js` - Violation analysis
-`scripts/hook-validators/` - Pre-action hook validators
-`scripts/framework-components/` - Framework enforcement components
-`scripts/reset-admin-password.js` - Admin utilities
### Internal Docs Files
-`docs/DEPLOYMENT*.md` - Deployment documentation
-`docs/MULTI_PROJECT*.md` - Multi-project governance
-`docs/DOCUMENT_AUDIT*.md` - Internal audits
-`docs/DOCUMENT_OPTIMIZATION*.md` - Internal optimization
-`docs/DOCUMENT_REORGANIZATION*.md` - Internal reorganization
-`docs/DOCUMENT_SECURITY*.md` - Internal security docs
-`docs/BLOG-POST-OUTLINES.md` - Internal content planning
-`docs/PHASE-*.md` - Phase planning documents
-`docs/STRIPE_*.md` - Payment integration internals
-`docs/KOHA*.md` - Donation system internals
-`docs/SECURITY_AUDIT*.md` - Internal security audits
-`docs/FRAMEWORK_FAILURE*.md` - Internal incident analysis
-`docs/BENCHMARK*.md` - Internal performance benchmarks
-`docs/IMPLEMENTATION_PROGRESS*.md` - Internal progress tracking
-`docs/BOOTSTRAPPING*.md` - Internal bootstrapping docs
-`docs/GOVERNANCE-RULE-LIBRARY.md` - Internal rule library
-`docs/SIMULATION*.md` - Internal simulations
-`docs/SESSION*.md` - Session documentation
-`docs/API_MEMORY*.md` - Internal API memory research
-`docs/HOOKS*.md` - Internal hook documentation
### Sensitive Files
-`*.key` - Encryption keys
-`*.pem` - SSL certificates
-`*.p12` / `*.pfx` - Certificate bundles
-`.stripe-ids.json` - Payment IDs
-`.rsyncignore` - Deployment patterns
-`ADMIN_LOGIN_INSTRUCTIONS.md` - Admin credentials
-`.admin-credentials.local` - Admin credentials
-`secrets/` - Secrets directory
-`credentials/` - Credentials directory
### Build Artifacts & Temporary Files
-`deployment-output.txt` - Deployment logs
-`migration-output.txt` - Migration logs
-`closedown prompt` - Session closedown prompts
-`old claude md file` - Old backups
-`PERPLEXITY_USER_PROMPT.txt` - Research prompts
-`ECONOMIST_LETTER_*.docx` - External correspondence
-`/tmp/*.md` - Temporary markdown files
-`Screenshot*.png` - Screenshots
-`*.backup` / `*.bak` - Backup files
---
## 🔒 Security Verification Checklist
Before pushing to public GitHub, verify:
- [ ] No server IP addresses in any file
- [ ] No SSH key references or paths
- [ ] No API keys or credentials
- [ ] No payment system IDs or secrets
- [ ] No internal meeting notes or strategy docs
- [ ] No session handoffs or development logs
- [ ] No deployment scripts with production details
- [ ] No internal planning or pitch documents
- [ ] `.gitignore` is comprehensive and up-to-date
- [ ] All files contain only public-appropriate content
---
## 📊 Current Repository Stats
**Total tracked files:** 6,435
- `src/`: 85 files
- `tests/`: 35 files
- `public/`: 178 files (mostly assets)
- `scripts/`: 111 files
- `docs/`: 107 files
- `root`: 13 files
**Last cleaned:** 2025-10-21
**Files removed:** 226 internal/sensitive files
**.gitignore:** 193 lines (comprehensive protection)
---
## 🔄 Weekly Maintenance
As per **inst_062**, the README.md requires weekly review. Use this checklist:
**Every Monday:**
1. Review README.md for accuracy
2. Update "Last Updated" date if material changes made
3. Verify all links still work
4. Check for new internal files that shouldn't be public
5. Run: `git ls-files | grep -E "(CLAUDE|SESSION|PITCH|PHASE|MEETING|governance|\.claude)"` → should return nothing
---
## 📝 Notes
- The **internal repository** (`tractatus`) contains ALL files for development
- The **public repository** (`tractatus-framework`) is a SUBSET for open source
- .gitignore ensures accidental commits of internal files are prevented
- Use `git status` before pushing to verify no internal files are staged
---
**Last Updated:** 2025-10-21
Reference in a new issue View git blame Copy permalink