# Codex Project Notes

## Project

`PROJECT_NAME` is `PROJECT_DESCRIPTION`

Repository:

```text
REPOSITORY_OWNER/REPOSITORY_NAME
```

## Commands

Use these commands as the source of truth:

```text
LINT_COMMAND
TEST_COMMAND
BUILD_COMMAND
AUDIT_COMMAND
README_COMMAND
```

If a command does not exist, document the closest safe alternative. Do not invent commands that cannot run.

Project build, test, audit, package, installer, dependency setup, and release commands must run on Gitea Ubuntu runners only. Supported labels are `ubuntu-latest`, `ubuntu-24.04`, and `ubuntu-22.04` on `global-runner-1`, `global-runner-2`, and `global-runner-3`.

Local checks are limited to lightweight validation that does not install dependencies or create build artifacts.

## Stack

```text
PROJECT_STACK
```

Package manager or build tool:

```text
PACKAGE_MANAGER
```

## Build Artifacts

Release artifacts are produced in:

```text
ARTIFACT_OUTPUT_DIRECTORY
```

Expected files:

```text
ARTIFACT_NAME
```

## Security Rules

- Do not commit secrets, tokens, `.env` files, certificates, or private keys.
- Treat generated credentials as sensitive.
- Prefer local generation and local processing for user data.
- Keep dependency audit results visible in CI where possible.
- Do not add external network calls unless the feature explicitly requires them.

## Release Rules

Before a release:

1. run the release checklist,
2. verify CI is green on a supported Gitea Ubuntu runner,
3. verify download links,
4. update README and changelog,
5. verify release artifacts exclude Codex kit metadata such as `AGENTS.md`, `.codex/`, `blueprint.md`, `blueprint.json`, template workflows, and agent handoff notes unless the user explicitly wants those shipped,
6. create a tag,
7. create the release through Gitea Actions or the Gitea API.

Do not create releases unless the user explicitly asks for a release.