molecule-ai/molecule-core
36
0
Fork 2
Code Issues 13 Pull Requests 25 Actions Packages Projects Releases Wiki Activity
09e99a09c6
molecule-core/docs/incidents/INCIDENT_LOG.md
Hongming Wang 28bf11fb85 docs(security): move sensitive runbooks to private internal repo 
Three changes to stop ferrying sensitive content through our public
monorepo. All content already imported to Molecule-AI/internal (private)
— see linked PRs below.

Contained full security audit cycle records with CWE references,
file:line pointers to historical vulnerabilities, and severity
ratings. None of that belongs in a public repo.

→ Moved to Molecule-AI/internal/security/incident-log.md (PR #20).
  Monorepo file becomes a 17-line stub pointing at the internal
  location. Future incidents land in the internal file only.

Had AWS account ID `004947743811` and IAM role name
`MoleculeStagingProvisioner` embedded. Even though the fleet
described isn't actually running (see state note), these
identifiers are account-specific and don't belong in public git.

→ Removed both values, replaced with generic references + a pointer
  to Molecule-AI/internal/runbooks/canary-fleet.md (PR #21) where
  the actual identifiers live. Any future rotation touches the
  internal file, no public-git-history rewrite needed.

Contained the full ops runbook: bootstrap script output, per-tenant
SG backfill loop with live SG IDs, customer slug names
(hongmingwang). Useful content but too specific for a public repo.

→ Moved to Molecule-AI/internal/runbooks/workspace-terminal.md
  (PR #22). Monorepo file becomes a 30-line public summary of what
  the feature does + pointers to code, so external readers /
  self-hosters still get the design story.

Marketing briefs, SEO plans, campaign copy, research dossiers, and
internal product designs (hermes-adapter-plan, medo-integration,
cognee-*) are the next batches. See docs policy doc coming next to
set team expectations.

Net removal: ~820 lines from public git going forward.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-22 22:39:23 +00:00

19 lines
756 B
Markdown
Raw Blame History

# Incident Log — moved
> **This file moved to the internal repo on 2026-04-22.**
>
> Content now lives at **`Molecule-AI/internal/security/incident-log.md`**
> (private — Molecule AI org members only).
>
> Why moved: incident records contain CWE references, file:line
> pointers to historical vulnerabilities, and severity ratings. None
> of that belongs in a public repo.
>
> **If you're adding a new incident:** write it in the internal repo,
> not here. Don't recreate a public incident log.
>
> **If you need a historical entry:** check the internal repo first.
> Everything up to 2026-04-22 was copied over. Git history for this
> file in the public monorepo still contains the original content
> (not rewritten — descriptive, no credentials).
Reference in New Issue View Git Blame Copy Permalink