Toxic/Robocopy_Overhaul
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Codex repository baseline

Browse Source
This commit is contained in:
ToxicCrzay270
2026-05-15 00:42:11 +02:00
commit 6807660ddb
11 changed files with 461 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
.codex/project.md Normal file
View File

@@ -0,0 +1,76 @@
# Codex Project Notes
## Project
`Robocopy_Overhaul` is a Codex-ready repository baseline for a Robocopy overhaul project.
Repository:
```text
Toxic/Robocopy_Overhaul
```
Remote:
```text
https://git.wilkensxl.de/Toxic/Robocopy_Overhaul.git
```
## Commands
No stack-specific commands are defined yet.
Use this section as the source of truth once the project has implementation code:
```text
lint: PENDING
test: PENDING
build: PENDING
audit: PENDING
readme: manual README
```
Do not invent commands that cannot run.
## Stack
```text
PENDING
```
Package manager or build tool:
```text
PENDING
```
## Build Artifacts
Release artifacts are not defined yet.
Expected files:
```text
PENDING
```
## Security Rules
- Do not commit secrets, tokens, `.env` files, certificates, or private keys.
- Treat generated credentials as sensitive.
- Prefer local generation and local processing for user data.
- Keep dependency audit results visible in CI where possible after a stack is chosen.
- Do not add external network calls unless the feature explicitly requires them.
## Release Rules
Before a release:
1. run the release checklist,
2. verify CI is green,
3. verify download links,
4. update README and changelog,
5. create a tag,
6. create the release.
Do not create releases unless the user explicitly asks for a release.

48
.gitignore vendored Normal file
View File

@@ -0,0 +1,48 @@
# Dependencies
node_modules/
vendor/
.venv/
venv/
__pycache__/
# Build outputs
dist/
build/
out/
release/
target/
bin/
obj/
# Logs and temporary files
*.log
*.tmp
*.temp
.cache/
.turbo/
.vite/
.pytest_cache/
# Local environment and secrets
.env
.env.*
!.env.example
*.pem
*.key
*.pfx
*.p12
*.crt
*.cer
*.token
secrets/
# OS and editor files
.DS_Store
Thumbs.db
.idea/
.vscode/
*.swp
*.swo
# Local template source
codex-agent-repository-kit/

51
AGENTS.md Normal file
View File

@@ -0,0 +1,51 @@
# Agent Instructions
## Project
Robocopy_Overhaul: Codex-ready repository baseline for a Robocopy overhaul project.
## Repository Rules
- Start by reading `AGENTS.md` and `.codex/project.md`.
- Keep changes scoped to the user's request.
- Prefer existing project patterns once application code exists.
- Do not commit secrets, `.env` files, private keys, certificates, or tokens.
- Do not rewrite history or run destructive git commands unless explicitly requested.
- Do not create a release unless explicitly requested.
- Check the working tree before editing and before finishing. Preserve unrelated user changes.
- If `GITEA_TOKEN` is available locally, use it only for read-only Gitea API checks such as private repository metadata, package-read visibility, and Actions run status. Never print, commit, or store the token.
- Repository cleanup automation must be non-destructive if added later.
- Dependency, compliance, and release dry-run automation must report findings only unless the user explicitly asks for write actions.
## Commands
No stack-specific commands are defined yet.
When code is added, update this file and `.codex/project.md` with the real commands for:
```text
lint
test
build
audit
```
## Artifacts
No release artifact output directory is defined yet.
## Security Notes
- Review `docs/security-review.md` before release work.
- Treat generated credentials and config files as sensitive.
- Keep external network calls documented.
- Prefer local processing for user data.
- Keep CI publishing secrets in repository or organization secrets, not in tracked files.
- Ensure `.gitignore` covers local config, build outputs, logs, temporary files, and secret material for the detected stack.
## Finish Checklist
- `git diff --check` passes when the directory is a Git repository.
- The cheapest reliable verification command has been run, or the reason it could not run is documented.
- README, changelog, security review, and release checklist are updated when the change touches release behavior.
- `docs/agent-handoff.md` is updated when work is interrupted, risky, or spans multiple sessions.

7
CHANGELOG.md Normal file
View File

@@ -0,0 +1,7 @@
# Changelog
All notable changes to this project are documented here.
## Unreleased
- Added Codex Agent Repository Kit baseline files.

41
CONTRIBUTING.md Normal file
View File

@@ -0,0 +1,41 @@
# Contributing
## Working Rules
- Keep changes scoped to the issue or user request.
- Prefer existing project patterns once application code exists.
- Do not commit secrets, generated credentials, local `.env` files, or private keys.
- Do not create releases unless explicitly requested.
- Preserve unrelated user changes.
## Before Committing
Run the cheapest reliable verification commands for this project. No stack-specific commands are defined yet.
When the directory is a Git repository, also run:
```bash
git diff --check
```
If a command cannot run, document why in the final response or handoff notes.
## Pull Requests
Pull requests should include:
- summary of changes,
- verification performed,
- known risks or skipped checks,
- artifact/download notes when relevant.
## Releases
Before release work, update:
```text
CHANGELOG.md
docs/release-checklist.md
docs/security-review.md
README.md
```

60
README.md Normal file
View File

@@ -0,0 +1,60 @@
# Robocopy_Overhaul
Codex-ready repository baseline for a Robocopy overhaul project.
<p align="center"><img src="https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/rainbow.png" alt="-----------------------------------------------------" width="100%"></p>
## Overview
This repository has been prepared with the Codex Agent Repository Kit. The current state is a documentation and agent-context baseline; implementation code, stack choice, build commands, and release artifacts are still pending.
<p align="center"><img src="https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/rainbow.png" alt="-----------------------------------------------------" width="100%"></p>
## Repository Baseline
| Area | State |
| --- | --- |
| Repository | `Toxic/Robocopy_Overhaul` |
| Remote | `https://git.wilkensxl.de/Toxic/Robocopy_Overhaul.git` |
| Agent context | `AGENTS.md` and `.codex/project.md` |
| Security policy | `SECURITY.md` and `docs/security-review.md` |
| Release process | `CHANGELOG.md`, `docs/release-checklist.md`, and `docs/release-notes.md` |
| Ignore rules | `.gitignore` covers common generated files, logs, local config, and secret material |
| CI | Not configured until a concrete stack and commands exist |
<p align="center"><img src="https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/rainbow.png" alt="-----------------------------------------------------" width="100%"></p>
## Development
No build, lint, test, or audit command is defined yet.
When implementation code is added, update:
```text
AGENTS.md
.codex/project.md
README.md
docs/security-review.md
docs/release-checklist.md
```
<p align="center"><img src="https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/rainbow.png" alt="-----------------------------------------------------" width="100%"></p>
## Security
Security posture:
| Area | State |
| --- | --- |
| Secrets | Secrets must not be committed |
| Dependency audit | Pending until dependencies exist |
| User data | Prefer local processing |
| External services | Document any external network calls |
See `SECURITY.md` and `docs/security-review.md`.
<p align="center"><img src="https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/rainbow.png" alt="-----------------------------------------------------" width="100%"></p>
## Release
Release readiness is tracked in `docs/release-checklist.md`. Do not create tags, packages, or releases until the project has implementation code and the user explicitly asks for release work.

21
SECURITY.md Normal file
View File

@@ -0,0 +1,21 @@
# Security Policy
## Supported Versions
| Version | Supported |
| --- | --- |
| Latest | Yes |
## Reporting A Vulnerability
Report security issues privately to the project owner.
Do not include secrets, production data, or private credentials in public issues.
## Project Security Principles
- Keep secrets out of the repository.
- Prefer local processing for user data.
- Document external network calls.
- Keep release artifacts reproducible through CI once CI exists.
- Run dependency audits before releases once dependencies exist.

40
docs/agent-handoff.md Normal file
View File

@@ -0,0 +1,40 @@
# Agent Handoff
Use this file when a task spans multiple sessions, has unresolved follow-up work, or changes release behavior.
## Current State
```text
Codex repository baseline added. Implementation code, stack, commands, CI, and release artifacts are still pending.
```
## Changes Made
- Added agent context files.
- Added repository security and release documentation.
- Added baseline README and ignore rules.
## Verification
| Check | Result |
| --- | --- |
| `git diff --check` | Pending until the directory is a Git repository |
| lint | Not available |
| test | Not available |
| build | Not available |
## Open Questions
- Which implementation stack should Robocopy_Overhaul use?
- Which build, test, lint, and audit commands should become authoritative?
- Should Gitea CI workflows be added after the stack is known?
## Next Steps
- Add implementation code.
- Update `AGENTS.md` and `.codex/project.md` with real commands and artifact paths.
- Add CI workflows once commands can run.
## Risks
- No code-level security or release behavior can be validated until implementation exists.

35
docs/release-checklist.md Normal file
View File

@@ -0,0 +1,35 @@
# Release Checklist
## Version
- [ ] Version number updated.
- [ ] Changelog updated.
- [ ] README updated.
## Quality
- [ ] Working tree is clean.
- [ ] Lint/type checks pass or are documented as unavailable.
- [ ] Tests pass or missing tests are documented.
- [ ] Build succeeds in CI once CI exists.
## Security
- [ ] Security review is current.
- [ ] Dependency audit is clean or documented once dependencies exist.
- [ ] No secrets are committed.
- [ ] Release artifacts do not contain local config files.
## Artifacts
- [ ] Artifacts are uploaded if the project produces artifacts.
- [ ] Download links work if downloads are published.
- [ ] Package registry links work if used.
- [ ] Installer/portable/archive naming is clear if applicable.
## Release
- [ ] Git tag created.
- [ ] Release notes written.
- [ ] Release published.
- [ ] Post-release download smoke test completed.

28
docs/release-notes.md Normal file
View File

@@ -0,0 +1,28 @@
# Robocopy_Overhaul Unreleased
## Downloads
No release artifacts are published yet.
## Highlights
- Added Codex Agent Repository Kit baseline files.
## Security
- Dependency audit: not applicable until dependencies exist.
- Secret handling: baseline `.gitignore` excludes common local config and secret files.
- External network calls: no project implementation exists yet.
## Verification
| Check | Result |
| --- | --- |
| lint | Not available |
| test | Not available |
| build | Not available |
| Artifact download | Not available |
## Notes
This repository is not release-ready until implementation code, commands, CI, and artifacts are defined.

54
docs/security-review.md Normal file
View File

@@ -0,0 +1,54 @@
# Security Review
## Scope
Project:
```text
Robocopy_Overhaul
```
Reviewed version or commit:
```text
Baseline before implementation code.
```
## Code Patterns Checked
- [x] No `eval` in project source. No project source exists yet.
- [x] No dynamic `Function` constructor. No project source exists yet.
- [x] No unsafe HTML injection. No project source exists yet.
- [x] No unexpected shell execution. No project source exists yet.
- [x] No unexpected external network calls. No project source exists yet.
- [x] No secrets committed in baseline files.
- [x] No unsafe file writes outside expected user-selected paths. No project source exists yet.
## Dependency Review
Command:
```text
PENDING: no dependency manifest exists yet.
```
Result:
```text
Not applicable for the baseline.
```
## Runtime Review
- [ ] Least-privilege runtime configuration. Pending until runtime exists.
- [ ] External URLs documented. Pending until implementation exists.
- [ ] Local data storage documented. Pending until implementation exists.
- [x] Sensitive data is not persisted by baseline files.
## Release Notes
Known residual risks:
```text
No implementation risk has been reviewed yet because no application code exists.
```