Core concepts¶
This document explains the repo-standards model: what is copied, what is generated, what is reusable, and how drift is managed.
For how documentation and AI/editor rules stay aligned, see ai-rules-maintenance.md.
Core standard¶
The core standard applies to every repository that adopts this blueprint. It includes:
.repo-policy.yml— profile, commands, quality gates, release, deploy, and governance metadata- AI/editor instructions via Rulesync — canonical rules in
.rulesync/rules/*.md - Semantic PR titles / Conventional Commits
- Docs and governance files (
README.md,CONTRIBUTING.md,LICENSE, PR template) - Secret scanning (TruffleHog PR diff scanning)
- Repository health baseline (
.gitignore,.env.example,.editorconfig,SECURITY.md, and related files) - Dependabot for GitHub Actions, npm, and pip
Language/runtime tooling, deploy provider behavior, release automation, and strictness levels are modular — chosen via profile and .repo-policy.yml.
Profiles¶
A profile is a named starting point for .repo-policy.yml. Profiles encode typical language/runtime, deploy assumptions, and default commands. See profiles.md.
Profile detection is advisory. Once adopted, .repo-policy.yml is authoritative.
Modules¶
Modules are optional or phased capabilities layered on the core standard:
- Language/runtime CI (Node, Python)
- Release Please
- Reusable workflows vs copied templates
- Coverage thresholds (phased — report-only first)
- Dependency license scanning
- Devcontainers
Enable modules through .repo-policy.yml and the workflows you copy or call.
Copied templates¶
Templates in templates/ are copied into each application repository and customized. Early migrations typically copy workflows directly into .github/workflows/.
| Directory | Purpose |
|---|---|
templates/ |
Repo policy profiles, Dependabot, governance files, licenses |
templates/workflows/ |
GitHub Actions workflows (CI, release, docs, AI rules, semantic PR, secret scan) |
templates/licenses/ |
MIT and proprietary license templates |
templates/gitignore/ |
Language-specific .gitignore starters |
ai/rules/ |
Canonical AI/editor rules (copied to .rulesync/rules/) |
configs/ |
Starter configs: commitlint, pre-commit, ruff, .nvmrc |
Reusable workflows¶
Long-term, downstream repos should call reusable workflows from this standards repo via uses: instead of copying CI logic. Live callable workflows live in .github/workflows/*.reusable.yml. See template-drift.md.
Stable consumers should pin to a release tag (e.g. @v1.0.0). Use @main only for canary repos.
Generated files¶
Some files are generated by Rulesync and committed:
| Output | Source |
|---|---|
AGENTS.md |
Universal AI agent instructions |
.cursor/rules/*.mdc |
Cursor IDE rules |
.agents/rules/*.md |
Antigravity IDE rules |
.agents/memories/*.md |
Antigravity memories (when antigravity-ide target is enabled) |
Canonical source:
.repo-policy.yml
.rulesync/rules/*.md
What should NOT be committed¶
coverage/
htmlcov/
.coverage
dist/
node_modules/
.env
*.pem, id_rsa
Assessment reports¶
The assessor (scripts/assess_repo_standards.py) scores alignment with Repo Standard V1.0. Reports go to assessments/generated/ by default, or to --output-dir when supplied. See assessment-guide.md.
The detector (scripts/detect_repo_standard.py) is separate — it recommends a starting profile before adoption. It is read-only and advisory.
Drift management¶
Copied templates drift over time as canonical templates evolve. Mitigations:
- Reassess periodically with the assessor
- Migrate to reusable workflows once the standard stabilizes
- Track template drift — see
template-drift.md
| Approach | Pros | Cons |
|---|---|---|
| Copied templates | Fast to adopt, full customization | Drift over time, manual reassessment |
| Reusable workflows | Centralized logic, automatic updates | Less customization, requires stable standard |
Lifecycle table¶
| Item | Lifecycle | Notes |
|---|---|---|
.repo-policy.yml |
Copied and customized | Source of truth for repo profile, commands, gates, release, deploy |
.rulesync/rules/*.md |
Copied and customized | Canonical AI/editor source |
AGENTS.md |
Generated and committed | Generated by Rulesync |
.cursor/rules/*.mdc |
Generated and committed | Generated by Rulesync |
.agents/rules/*.md |
Generated and committed | Generated by Rulesync |
.agents/memories/*.md |
Generated and committed when enabled | Valid output for Antigravity target |
.github/workflows/*.yml |
Copied or reusable | Prefer reusable workflows after standard stabilizes |
assessments/generated/ |
Generated and ignored | Local assessor output |
assessments/examples/ |
Committed examples | Sanitized reference outputs |
Repository layout (standards repo)¶
| Directory | Purpose |
|---|---|
ai/rules/ |
Canonical AI/editor rules |
configs/ |
Starter configs |
docs/ |
Standard specification and guides |
templates/ |
Copyable templates |
profiles/ |
Profile definitions and detection rules |
scripts/ |
Assessment and detection tools |
assessments/ |
Reference examples and generated output location |
Phased enforcement¶
Phase 1 — Foundation¶
- Semantic PR title validation
- AI rules sync check
- Docs and governance files
- Secret scan
- Existing lint/test/build checks (report-only coverage)
Phase 2 — Automation¶
- Reusable workflows
- Dependabot
- Release Please (owns release PRs,
CHANGELOG.md, GitHub releases, and tags — seerelease-process.md) - Coverage reporting (still report-only)
Phase 3 — Strictness¶
- Coverage thresholds (only when stable)
- Stricter typechecking
- Deeper security scanning (CodeQL, dependency review)
Licensing¶
- Public/open-source repos should use an explicit open-source license (MIT is the default recommendation).
- Private/proprietary repos should use a proprietary/all-rights-reserved notice.
- Do not change license terms casually. The
.repo-policy.ymlvisibilityandlicensefields should match the chosen license.
License templates: templates/licenses/LICENSE-MIT.txt, templates/licenses/LICENSE-PROPRIETARY.txt.
Repository health files¶
Required for new repos¶
README.md
.repo-policy.yml
AGENTS.md
CONTRIBUTING.md
LICENSE or LICENSE.md
SECURITY.md
.github/PULL_REQUEST_TEMPLATE.md
.gitignore
.editorconfig
.env.example
Recommended during migration (not blockers)¶
SECURITY.md
.env.example
.editorconfig
issue templates (.github/ISSUE_TEMPLATE/)
ADR directory (docs/decisions/)
CODEOWNERS
devcontainer
license scanning
See repo-standard-v1.md for full health file requirements.