Skip to content

PUBLIC_REPO_CHECKLIST.md

Latest commit

 

History

History
242 lines (167 loc) · 6.36 KB

PUBLIC_REPO_CHECKLIST.md

File metadata and controls

242 lines (167 loc) · 6.36 KB

🔒 Public Repository Security & Cleanup Checklist

⚠️ CRITICAL SECURITY FIXES (DO FIRST)

1. Remove Exposed Credentials

DANGER: .env file contains real database credentials and secrets

  • Database password: AVNS_u0QEXX6UwNkqNd0ob11
  • TimescaleDB credentials: tsdbadmin:pro9zdeicmhxn0ax
  • Secret key: v}opX)P=?V9c_{FbL?,7i5[k:dQ8WBQ5

ACTIONS REQUIRED:

  • NEVER commit the .env file (it's gitignored, but check git history)
  • Rotate all credentials immediately:
    • Change Aiven database password
    • Change TimescaleDB password
    • Generate new SECRET_KEY
  • Remove from git history if previously committed

2. Clean Git History

  • Check if .env was ever committed: git log --all --full-history -- .env
  • If yes, use BFG Repo-Cleaner or git filter-branch to remove

3. Frontend Environment Files

  • Check frontend/.env.production and frontend/.env.development for secrets
  • Ensure they only contain non-sensitive config

🧹 CLEANUP TASKS

1. Remove Development Artifacts

# Files to remove before going public:
rm -rf __pycache__/
rm -rf app/__pycache__/
rm -rf api/__pycache__/  
rm -rf tests/__pycache__/
rm -rf alembic/__pycache__/
rm *.log
rm *.db
rm frontend/vite.log
rm frontend/serve.log

2. Clean Up Root Directory

Files that should be removed or renamed:

  • import_household_data.log - DELETE
  • migration.log - DELETE
  • test_sensor_api.db - DELETE
  • github_discussion_proposal.md - MOVE to docs/
  • github_discussion_clean.md - MOVE to docs/
  • GITHUB_DISCUSSION_READY.md - MOVE to docs/

📝 DOCUMENTATION IMPROVEMENTS

1. Enhance README.md

Current README is good but needs improvements for public audience:

  • Add clear project description for newcomers
  • Add "Why this project?" section
  • Include architecture diagram
  • Add demo/screenshot section
  • Improve installation instructions
  • Add troubleshooting section
  • Add contribution guidelines link

2. Create Missing Files

  • LICENSE - Add appropriate open source license
  • CONTRIBUTING.md - Guidelines for contributors
  • CODE_OF_CONDUCT.md - Community guidelines
  • SECURITY.md - Security policy for reporting issues
  • .github/ISSUE_TEMPLATE/ - Issue templates
  • .github/PULL_REQUEST_TEMPLATE.md - PR template

3. Organize Documentation

Create proper docs structure:

docs/
├── ARCHITECTURE.md          # System architecture
├── API_DOCUMENTATION.md     # API reference  
├── DEPLOYMENT_GUIDE.md      # Deployment instructions
├── DEVELOPMENT_SETUP.md     # Local development setup
├── TROUBLESHOOTING.md       # Common issues and solutions
├── discussions/             # GitHub discussion proposals
│   ├── timeseries_analytics.md
│   └── future_features.md
└── diagrams/               # Architecture diagrams

🔧 CODE QUALITY IMPROVEMENTS

1. Environment Configuration

  • Update .env.example to be more comprehensive
  • Add .env.production.example for production deployments
  • Add environment validation in app/core/config.py

2. Security Hardening

  • Review CORS settings in production
  • Add rate limiting configuration
  • Review database connection security
  • Add security headers configuration

3. Code Organization

  • Ensure all Python files have proper docstrings
  • Add type hints where missing
  • Run code formatting: black . and isort .
  • Fix any linting issues

🚀 GITHUB REPOSITORY SETUP

1. Repository Settings

  • Add comprehensive repository description
  • Add relevant topics/tags: python, graphql, timescaledb, iot, sensors, fastapi
  • Set up GitHub Pages for documentation (optional)
  • Configure branch protection rules

2. GitHub Features

  • Enable Discussions
  • Enable Security Advisories
  • Enable Dependency Alerts
  • Set up GitHub Actions CI/CD (optional)

3. Community Files

  • Add issue templates for bug reports, feature requests
  • Add pull request template
  • Create project wiki (optional)

📊 MONITORING & ANALYTICS

1. Repository Insights

  • Set up code scanning (GitHub Advanced Security)
  • Enable dependency scanning
  • Monitor repository traffic and clones

2. Documentation Analytics

  • Track which docs are most accessed
  • Monitor issue patterns for documentation improvements

✅ PRE-PUBLICATION CHECKLIST

Security Verification

  • All credentials removed/rotated
  • No API keys or secrets in code
  • .env files properly configured as examples
  • Git history clean of sensitive data

Code Quality

  • All tests passing: pytest
  • Code formatted: black . && isort .
  • No linting errors: flake8
  • Documentation complete and accurate

Repository Presentation

  • README.md comprehensive and welcoming
  • All community files present (LICENSE, CONTRIBUTING, etc.)
  • Clean project structure
  • No development artifacts (logs, cache files, etc.)

Legal & Compliance

  • Appropriate license chosen and applied
  • No copyright violations in code/documentation
  • Dependencies properly attributed

🎯 POST-PUBLICATION TASKS

1. Community Building

  • Create initial GitHub Discussion
  • Share on relevant communities (Reddit, HackerNews, etc.)
  • Write blog post about the project
  • Create demo video/screenshots

2. Maintenance Setup

  • Set up automated dependency updates (Dependabot)
  • Create release workflow
  • Monitor and respond to issues/PRs promptly
  • Regular documentation updates

🚨 EMERGENCY PROCEDURES

If sensitive data is accidentally exposed:

  1. Immediately make repository private
  2. Rotate all exposed credentials
  3. Clean git history using BFG Repo-Cleaner
  4. Notify users if data breach occurred
  5. Review and improve security processes

📈 SUCCESS METRICS

Track these metrics post-publication:

  • Stars and forks
  • Issue/PR engagement
  • Documentation page views
  • Community discussions
  • Adoption by other developers

REMEMBER: Once public, assume everything in your repository will be seen by everyone. When in doubt, err on the side of caution!