Skip to content

chore(docs): track only operator-facing docs (guides/runbooks/images/README); internal docs go local#695

Closed
remyluslosius wants to merge 2 commits into
mainfrom
chore/docs-local-except-guides
Closed

chore(docs): track only operator-facing docs (guides/runbooks/images/README); internal docs go local#695
remyluslosius wants to merge 2 commits into
mainfrom
chore/docs-local-except-guides

Conversation

@remyluslosius

Copy link
Copy Markdown
Contributor

GA docs policy change: the public repo ships only operator-facing docs; engineering/planning/internal docs become local-only.

Policy

.gitignore: docs/* ignored except docs/guides/, docs/runbooks/, docs/images/, and docs/README.md.

Changes

  • Moved STATUS.md -> docs/engineering/STATUS.md (now local/ignored).
  • Untracked 36 internal docs (kept on disk via git rm --cached): all of docs/engineering/, docs/architecture/, docs/INTRODUCTION.md, docs/KENSA_OPENWATCH_*, the vision/Q-plan docs, and the security reviews. They remain in local checkouts; they just leave the public repo.
  • De-linked the now-local docs from the tracked public docs (docs/README.md + guides + runbooks): markdown links to internal docs are flattened to plain text so the public guides ship with zero dead links. (Inline-code path mentions are non-links and left as-is.)

Scope

Docs + .gitignore only — no code touched. Tracked under docs/ after this: guides/, runbooks/, images/, README.md.

js-yaml@4.1.1 (transitive dev dependency via eslint -> @eslint/eslintrc and
openapi-typescript -> @redocly/openapi-core) is vulnerable to a
quadratic-complexity DoS in YAML merge-key handling
(GHSA-h67p-54hq-rp68, medium, availability-only, dev scope).

Pin via package.json 'overrides' to ^4.2.0 (the patched release); npm
dedups both consumers to 4.2.0. npm audit: 0 vulnerabilities; eslint + tsc
green. Not in the shipped SPA bundle.

Signed-off-by: Remylus Losius <remyluslosius@gonaibo.com>
GA docs policy: only docs/guides, docs/runbooks, docs/images and
docs/README.md remain tracked. Engineering/planning/architecture/vision
docs, security reviews, and STATUS.md are now local-only (gitignored).

- .gitignore: docs/* ignored except docs/{guides,runbooks,images} + README.md.
- Move STATUS.md -> docs/engineering/STATUS.md (now local).
- Untrack 36 internal docs (kept on disk via git rm --cached): all of
  docs/engineering/, docs/architecture/, docs/INTRODUCTION.md,
  docs/KENSA_OPENWATCH_*, the vision/Q-plan docs, and the security reviews.
- De-link the now-local docs from the tracked public docs (README + guides +
  runbooks) by flattening their markdown links to plain text, so the public
  guides ship with zero dead links. Inline-code path mentions (non-links) are
  left as-is.

Docs + .gitignore only; no code touched.

Signed-off-by: Remylus Losius <remyluslosius@gonaibo.com>
@github-actions github-actions Bot added documentation Improvements or additions to documentation size/XL labels Jun 26, 2026
remyluslosius added a commit that referenced this pull request Jun 27, 2026
…v launcher, guide review (#698)

* fix(frontend): bump js-yaml to >=4.2.0 (CVE-2026-53550, Dependabot #140)

js-yaml@4.1.1 (transitive dev dependency via eslint -> @eslint/eslintrc and
openapi-typescript -> @redocly/openapi-core) is vulnerable to a
quadratic-complexity DoS in YAML merge-key handling
(GHSA-h67p-54hq-rp68, medium, availability-only, dev scope).

Pin via package.json 'overrides' to ^4.2.0 (the patched release); npm
dedups both consumers to 4.2.0. npm audit: 0 vulnerabilities; eslint + tsc
green. Not in the shipped SPA bundle.

Signed-off-by: Remylus Losius <remyluslosius@gonaibo.com>

* chore(docs): track only operator-facing docs; internal docs go local

GA docs policy: only docs/guides, docs/runbooks, docs/images and
docs/README.md remain tracked. Engineering/planning/architecture/vision
docs, security reviews, and STATUS.md are now local-only (gitignored).

- .gitignore: docs/* ignored except docs/{guides,runbooks,images} + README.md.
- Move STATUS.md -> docs/engineering/STATUS.md (now local).
- Untrack 36 internal docs (kept on disk via git rm --cached): all of
  docs/engineering/, docs/architecture/, docs/INTRODUCTION.md,
  docs/KENSA_OPENWATCH_*, the vision/Q-plan docs, and the security reviews.
- De-link the now-local docs from the tracked public docs (README + guides +
  runbooks) by flattening their markdown links to plain text, so the public
  guides ship with zero dead links. Inline-code path mentions (non-links) are
  left as-is.

Docs + .gitignore only; no code touched.

Signed-off-by: Remylus Losius <remyluslosius@gonaibo.com>

* chore: move KEYS to security/; keep BACKLOG + SESSION_LOG local

- security/: new directory for the GPG release-signing public keyring.
  KEYS moved there; updated the two repo-path references (release.yml
  release-asset upload, RELEASING.md link). Operator commands
  (gpg/rpm --import KEYS) are unchanged — they import the file downloaded
  from the GitHub Release by basename, not a repo path.
- BACKLOG.md + SESSION_LOG.md: now gitignored (internal working docs go
  local, consistent with CLAUDE.md and the docs-local policy). Kept on disk.

LICENSE deliberately NOT moved to licensing/: it stays at the repo root so
GitHub license detection and SPDX/packaging conventions keep working
(a non-root LICENSE makes GitHub report 'no license detected').

Signed-off-by: Remylus Losius <remyluslosius@gonaibo.com>

* fix(dev): inject version ldflags in the dev launcher

scripts/openwatch.sh built dist/openwatch with a bare 'go build' (no
ldflags), so the dev app always reported version 'dev' (the
internal/version default) regardless of packaging/version.env — the
/settings/about page and '--version' showed the wrong version.

Inject Version/Commit/BuildTime the same way the Makefile does (sourced
from packaging/version.env + git rev-parse + date), so dev builds report
the real version (e.g. 0.2.0-rc.16). Verified: dev app now serves rc.16.

Signed-off-by: Remylus Losius <remyluslosius@gonaibo.com>

* docs(guides): apply final GA review state (truthfulness + internal-ref scrub + style)

Supersedes the interim guide de-linking from #695 with the full GA review:
truthfulness fixes, complete internal-reference removal (source paths, doc
names, escaping links), and the style-guide sweep across all 22 guides.

---------

Signed-off-by: Remylus Losius <remyluslosius@gonaibo.com>
@remyluslosius

Copy link
Copy Markdown
Contributor Author

Superseded by #698 (consolidated GA-prep merge to avoid the rebase cascade). The same changes landed there.

@remyluslosius remyluslosius deleted the chore/docs-local-except-guides branch June 27, 2026 02:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

documentation Improvements or additions to documentation size/XL

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant