Skip to content

epic: harden .github meta-repo — private visibility, community health gaps, full Claude Code sync #77

Description

@wcmchenry3-stack

Overview

The org's .github repo is currently public, exposing internal workflow logic, Claude Code hook scripts, policy enforcement configs, and org-internal automation. This epic tracks all work required to harden the repo and safely flip it to private.

GitHub's auto-serving of community health files requires a public .github repo, but the current setup already bypasses this via sync-community-health.yml (explicit push to each repo). Going private is safe IF the sync is complete and a separate public profile repo exists for the org homepage.

Gap Analysis

  • 3 missing community health files (CODE_OF_CONDUCT, CONTRIBUTING, SUPPORT)
  • Claude Code tooling is only ~40% synced — target repos get lint-on-edit.sh and plan-issues.md but NOT the PR gates (lint-gate.sh, policy-gate.sh) or the lint-review/policy-compliance agents
  • Root-level SECURITY.md, PULL_REQUEST_TEMPLATE.md, and ISSUE_TEMPLATE/ duplicate community-health/ (older, diverged versions) and should be deleted
  • No CODEOWNERS or dependabot.yml in .github/
  • README.md incorrectly claims files "auto-apply" to org repos

Child Issues

Phase 2 — Structural Cleanup (parallel, no dependencies)

Phase 3 — Org Profile (must complete before Phase 5)

Phase 4 — Audit (parallel)

Phase 5 — Privacy Change (final gate)

Dependency Graph

#78, #79, #80, #81, #82, #83, #84, #85  ←  all parallel, no dependencies
#86 (profile)                            ←  parallel, must finish before #89
#87 (audit)                              ←  parallel
#88                                      ←  blocked by #87
#89                                      ←  blocked by #78–#86 (all Phase 2 + profile)

Definition of Done

Plan Reference

Full plan: ~/.claude/plans/logical-beaming-hopper.md

Metadata

Metadata

Assignees

No one assigned

    Labels

    epicEpic tracking multiple child issuesinfrastructureCI/CD and tooling improvementspriority:highHigh priority - implement firstrepo:allApplies to all repos in orgsecuritySecurity-related issues and improvements

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions