Skip to content

chore(deprivatize): scrub private references for public release#2

Open
m-szymanska wants to merge 6 commits into
mainfrom
chore/deprivatize
Open

chore(deprivatize): scrub private references for public release#2
m-szymanska wants to merge 6 commits into
mainfrom
chore/deprivatize

Conversation

@m-szymanska

Copy link
Copy Markdown

Deprivatize pass + second-pass residual scrub for public-release hygiene.

A read-only leak audit over HEAD flagged residual private fingerprints that the
initial sweep missed; this PR removes them (genericized private-org paths /
bundle ids / build profiles). Re-audited clean afterward. Brand/product
identifiers (vetcoders, loctree, etc.) intentionally retained.

🤖 Generated with Claude Code

m-szymanska and others added 6 commits June 28, 2026 19:45
Delete AI-agent run artifacts and stale/superseded internal docs that
leak private workflow, operator paths, and codenames:
- mux-agent/docs/vc-agents-client-discovery-plan.md (run-frontmatter plan)
- tui-agent/audits/historical/* (vc-intents/vc-review run artifacts,
  superseded/completed next-steps audits)

Fix dangling references (mux-agent/AI_README.md) and drop the now-unused
audits/historical gitignore negations.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Strip real /Users/<name>/ home paths from docs, using ~ placeholders:
- mux-agent/docs/dev/guidelines.md (build root example)
- docs/plans/PLAN_22 (repo path)

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Remove author/licensor personal identities and private org/contact data,
collapsing to the collective Vetcoders identity:
- LICENSE, tui-agent/LICENSE: copyright holder -> Vetcoders
- mux-agent/LICENSE: licensor + contact email -> Vetcoders / hello@vetcoders.io
- mux-agent/Cargo.toml: authors -> Vetcoders
- mux-agent/src/runtime/heartbeat.rs: drop personal co-author header
- shell-agent/Makefile: signing identity -> generic placeholder
- mux-agent/CHANGELOG.md: drop personal author names and private org URLs

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Apply lowercase-default brand convention: Capital-first for proper-noun
prose/credits, lowercase for URLs/paths/identifiers.
- Cargo.toml, tui-agent/Cargo.toml: authors / repository URL
- shell-agent Swift view headers: credit lines
- tui-agent/tests/skill_launcher.rs: test fixture artifact paths
- .vibecrafted/GUIDELINES.md, mux-agent/docs/WIZARD.md: headings, paths,
  brand footers (drop LibraxisAI); WIZARD also drops removed-doc ref

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Replace the private "memex" service identifier with neutral examples in
docs and test fixtures (allowlisted rmcp-memex left intact):
- mux-agent/README.md: SLED_PATH example leaf
- tray-agent/src/handlers.rs: restart-service unit-test fixture

handlers.rs also lowercases the vetcoders GitHub URL in the help action.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Second-pass cleanup of references the initial sweep missed (private-org
paths / bundle ids / build profile). Genericized to neutral defaults.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request standardizes the organization name to lowercase 'vetcoders' across documentation, licenses, and configuration files, replaces absolute local paths with home directory shortcuts, and genericizes developer signing identities. The review feedback identifies a violation of workspace guidelines regarding the deletion of historical audit files and their corresponding .gitignore exceptions, and suggests a more flexible environment variable override for the DMG signing identity in the Makefile.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

I am having trouble creating individual review comments. Click here to see my feedback.

tui-agent/.gitignore (24-25)

high

Deleting the historical audit files and removing their .gitignore exceptions violates the workspace guidelines defined in .vibecrafted/GUIDELINES.md (lines 100-101), which explicitly state that deleting historical audit Markdown instead of preserving it under tui-agent/audits/historical/ is an anti-pattern.

Instead of deleting these historical records, they should be genericized/scrubbed of private references (similar to the other files in this PR) and retained, and these .gitignore exceptions should be kept.

shell-agent/Makefile (39)

medium

To make the signed DMG build process more flexible and avoid requiring developers to manually edit the Makefile to insert their signing identity, we can allow the SIGNING_IDENTITY environment variable to override the default placeholder value using shell parameter expansion.

	@SIGNING_IDENTITY="$${SIGNING_IDENTITY:-Developer ID Application: Your Name (TEAMID)}" ./scripts/build-dmg.sh

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: dc6c3028b4

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread shell-agent/Makefile

dmg-signed:
@SIGNING_IDENTITY="Developer ID Application: Maciej Gad (MW223P3NPX)" ./scripts/build-dmg.sh
@SIGNING_IDENTITY="Developer ID Application: Your Name (TEAMID)" ./scripts/build-dmg.sh

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Allow real signing identities for dmg-signed

For signed release builds, make dmg-signed now always exports this literal placeholder, while scripts/build-dmg.sh treats any non-- SIGNING_IDENTITY as a certificate that must exist in the keychain before proceeding. Because the recipe assignment also overrides SIGNING_IDENTITY=... make dmg-signed, a maintainer with a valid Developer ID cannot use this target without editing the Makefile; keep the private value out, but read the identity from a make/env variable instead.

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant