fix(#99): post-merge cleanup from PR #1 Rex review#3
Merged
Conversation
…EL nit Post-merge cleanup after the Rex re-review of PR #1. Four blockers and one nit — all small, all correctness fixes, no scope creep. N1 — Default-mode contradiction (CRITICAL) Four files claimed single-project was the default, contradicting CLAUDE.md, README, onboarding.yaml, docs/multi-project.md, the site, and 7 of 8 new skills (which all say multi-project is the default). The commit message for ba892bc literally said "multi-project mode (default)". These four were the stragglers; they now align: - apexstack.projects.yaml.example: header comment rewritten to say this file is the registry for the default multi-project mode, single-project is the opt-in - workspace/README.md: section order swapped (multi-project first as the default, single-project second as opt-in), intro paragraph reworded, mode comments in the onboarding.yaml snippet flipped - projects/README.md: opening paragraph flipped so multi-project is described as the default - .claude/skills/projects/SKILL.md: mode detection table row order flipped (multi-project "or missing" is now default), sections swapped so multi-project comes first as the default, single-project moved below as opt-in, the "how to flip back" prompt reworded N2 — Roles count - README.md:166 — "20 software development roles" → "19" (actual count: 7 Engineering + 3 Product + 3 Design + 3 Security + 3 Data = 19) N3 — Site file count - site/index.html:956 — dropped the "79 files · " prefix from the tree header line to kill the drift-prone number entirely. The descriptive tagline "the runnable + portfolio layers added in v0.1" stays. Any time a file is added to the repo, the header no longer lies. Stale SENTINEL comment - golden-paths/pipelines/ci.yml:93 — the security section comment said "SENTINEL — Security Scanning" but the job itself is named "Shield: Security" (the Sentinel→Shield rename from PR #1). Fixed the comment to match. What's NOT in this commit - N4 (PR body "5 skills" + Sentinel/Scout in glossary) — GitHub PR bodies are immutable after merge, so this is recorded in the tracking issue as NOT FIXABLE. - Retroactive AgDRs — intentionally skipped per the CEO's call (v0.1 doesn't need them backfilled). Verification grep -n "20 software development roles" README.md → no hits grep -n "79 files" site/index.html → no hits grep -n "SENTINEL" golden-paths/pipelines/ci.yml → no hits grep for "single-project is the default" in the 4 N1 files → no hits Closes me2resh/apexscript-org#99 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
me2resh
approved these changes
Apr 8, 2026
atlas-apex
commented
Apr 8, 2026
atlas-apex
left a comment
Collaborator
Author
There was a problem hiding this comment.
Code Review: PR #3 — Delta review
Reviewed commit: 13d1b2374c85fea8f1b42368b7773d76b9644372
This is a delta review focused only on the blockers I flagged in the re-review of PR #1 (ba892bc).
Previous-blocker status
| ID | Description | Status |
|---|---|---|
| B4 | site/index.html:956 hard-coded 79 files tree header |
✅ FIXED — number dropped entirely (drift-proof fix, better than updating to 76) |
| N1 | Default-mode contradiction across 4 straggler files | ✅ FIXED — all 4 files flipped to "multi-project is the default, single-project is opt-in" |
| N2 | README.md:166 "20 software development roles" |
✅ FIXED — now reads "19" |
| N3 | Same as B4 (continuation) | ✅ FIXED — number killed, not just updated |
| nit | golden-paths/pipelines/ci.yml:93 stale # SENTINEL comment |
✅ FIXED — renamed to # SHIELD to match the shipped agent identity |
Verification grep results (all zero as promised)
grep -n "20 software development roles" README.md→ 0 hitsgrep -n "79 files" site/index.html→ 0 hitsgrep -n "SENTINEL" golden-paths/pipelines/ci.yml→ 0 hitsgrep -rE "single-project.{0,20}(is the|\(the|default)"across the 4 N1 files → 0 hitsREADME.mdstill reads19 software development rolesat line 166 ✅
No-new-contradictions check
Cross-checked every "multi-project" / "single-project" mention across the repo:
CLAUDE.md— untouched, still says multi-project is default ✅docs/multi-project.md— untouched, still says multi-project is default ✅onboarding.yaml—mode: multi-projectstill the active value ✅README.md— line 62 "✅ default" for multi-project, line 67 "Quick Start (multi-project — the default)", line 93mode: multi-project # default — leave as is— all consistent ✅site/index.htmlline 1123 "multi-project by default", line 1129mode: multi-project (default), line 1314 "ApexStack defaults to multi-project mode" — all consistent ✅- No stragglers remain. The repo now tells a single, unified "multi-project is the default" story across CLAUDE.md, README, onboarding.yaml, docs/multi-project.md, site/index.html, and all 8 relevant skills.
Scope discipline
- Exactly 7 files modified (matches PR body) ✅
- Diff stats: +59 / -57 — proportional to the fixes described, no drive-by reformatting ✅
.claude/hooks/*.shuntouched — verified all 6 hook scripts present and no diff. Permissive[A-Z]{2,10}-[0-9]+regex from PR #1 still in place ✅- No new features, no refactors ✅
Other checks
- AgDR: N/A — pure correctness cleanup, no new decisions. ✅
- Glossary: Present and substantive in the PR body. Covers default mode, opt-in mode, registry, ops repo, live working copy, N1–N4 numbering,
# SHIELD, and cross-repoCloses. Particularly appreciated the# SHIELDentry explaining the rename history — future archaeologists will thank you. ✅ - Cross-repo Closes:
Closes me2resh/apexscript-org#99is correctly formatted for the ops-repo issue tracking the cleanup.
Issues Found
None. This is a clean, focused, correctness-only cleanup that does exactly what was agreed with the CEO, nothing more. The decision to drop the 79 files count rather than update it to 76 is the right long-term call — the number would drift again on the next v0.2 directory add.
Suggestions
None blocking. One minor thought for a future cleanup (explicitly not for this PR): the 4 N1 files now all reference the multi-project default in slightly different wording ("(the default)", "(default)", "the default", "default"). Consistent phrasing would be nicer but is pure polish and not worth a follow-up PR on its own — fold it in whenever these files next get touched organically.
Verdict
COMMENT — all previous blockers fixed, no new issues, scope discipline intact. Deferring final approval to the CEO per the two-review rule.
🤖 Reviewed by Rex (Code Reviewer Agent)
📌 Reviewed commit: `13d1b2374c85fea8f1b42368b7773d76b9644372`
This was referenced Apr 11, 2026
This was referenced Apr 18, 2026
This was referenced May 15, 2026
Merged
4 tasks
me2resh
added a commit
that referenced
this pull request
May 20, 2026
…GES REQUESTED Rex's review of #344 surfaced a real correctness gap between AgDR-0049's Decision #4 claim and what the smoke test actually enforces. The leak-scan is a PATH-scan (catches files at framework-distinctive paths like _lib-portfolio-paths.sh) but is NOT a CONTENT-scan (doesn't catch SKILL.md prose mentioning /handover, or _lib-audit-history.sh calling portfolio_projects_dir). Several extracted files in audit-pack DO carry such prose references. Per the operator's chosen path (Rex's option a, honest-scope amend, not full refactor): acknowledge the limitation in the AgDR + add a "Known framework references" section to the audit-pack README so adopters know what they're looking at, while preserving the generated-not-forked contract (decision #3) that would be contradicted by content-scrubbing. Changes: - AgDR-0049 § Decision #4 rewritten — distinguishes path-leak guard (mechanically enforced) from content references (deliberate, funnel- pointer, graceful-degrade outside an apexyard fork). v2 may revisit if adopter friction surfaces. - marketplace/audit-pack/README.md — new "Known framework references" section enumerates the three concrete surfaces Rex found (SKILL.md prose hints, _lib-audit-history.sh portfolio_projects_dir fallback, broken relative links to upstream docs/agdr/). Frames each as intentional + funnel-pointer. Flags v2 as the escape hatch. - safety-hooks is unaffected — Rex confirmed graceful-degrades correctly. Smoke test unchanged (path-scan is the right shape for what it catches; the AgDR amend clarifies what it does and doesn't claim). Refs #321
atlas-apex
added a commit
that referenced
this pull request
May 20, 2026
* feat(#321): scaffold marketplace/audit-pack + safety-hooks layout - marketplace/audit-pack/ — extracted /launch-check + 8 deep-dive audit skills + _lib-audit-history.sh + _lib-read-config.sh + _lib-ops-root.sh + AI-crawler registry + 8 audit templates. Includes authored README and PLUGIN.json that pitch the full framework as the graduation path. - marketplace/safety-hooks/ — extracted 7 safety hooks (secrets / main push / git-add-all / pre-push / commit-refs / PR-title / branch-name) + _lib-tracker.sh (tracker-agnostic) + _lib-read-config.sh + _lib-ops-root.sh + _lib-extract-pr.sh + settings.snippet.json showing recommended hook wiring. Same funnel-pitching README and PLUGIN.json. - EXTRACTION_MANIFEST.json in each sub-pack records the upstream SHA and file inventory so the "generated, not forked" maintenance contract is auditable. - Strategic intent: a one-way discovery funnel from Claude Code marketplace users to full-framework adopters. The two sub-packs are genuinely self-contained — no portfolio model, no /handover, no role definitions — and pitch the full framework via the README without pressuring. Closes #321 * feat(#321): bin/extract-subpacks.sh + extraction smoke test - bin/extract-subpacks.sh — idempotent extraction script that copies the audit-pack + safety-hooks inventories from upstream HEAD into marketplace/<pack>/, writes EXTRACTION_MANIFEST.json with the upstream SHA, and supports --dry-run + --manifest-only for CI validation. Invokable both locally (operator debugging) and from the release-tag CI workflow. - .claude/hooks/tests/test_subpack_extraction.sh — smoke test that (a) runs extraction into a tmp dir, (b) asserts the file inventory matches the AgDR-0049 contract for both sub-packs, (c) scans for framework-distinctive paths that would indicate a leak (apexyard.projects.yaml, _lib-portfolio-paths.sh, /handover skill, /agdr skill, role definitions), (d) plants a deliberate leak token and asserts the scan catches it (proves the scan does work, not just exits 0 silently), and (e) verifies each sub-pack's authored marketplace files (PLUGIN.json, README, settings snippet) are present at the repo-root marketplace/. Refs #321 * feat(#321): release-tag extraction CI workflow - .github/workflows/extract-subpacks-on-release.yml — fires on every v* tag push (cut by /release) and on PRs touching extraction- relevant files. Runs bin/extract-subpacks.sh, then runs the smoke test, then uploads marketplace/ as a build artefact when the trigger is a release tag (90-day retention). - The publish step (push to Claude Code marketplace) remains a manual operator concern in v1 — the workflow's job summary lists the next steps with the tag name + upstream SHA so the operator can take the artefact from the run and push it to the marketplace with the right semver. - Per-PR mode catches contributors who break the extraction contract (e.g. an audit skill that adds a portfolio dependency) at PR time rather than at release time. See AgDR-0049 for the rationale on release-tag-driven vs every-PR auto-publish (the marketplace doesn't want a release per PR; every WIP commit landing on real users is the wrong shape). Refs #321 * docs: AgDR-0049 — marketplace sub-packs as framework funnel Records the strategic + maintenance decisions behind the two marketplace sub-packs (apexyard/audit-pack and apexyard/safety-hooks): - Two-sub-pack scope vs alternatives (single mega-plugin, more sub-packs in v1, /rex + /migrations sub-packs) - Generated-not-forked maintenance contract — sub-packs are extracted from upstream HEAD at release time, NOT separately maintained codebases; the framework stays single source of truth - Release-tag-driven CI workflow + manual operator publish step (release-tag-only in v1; automated publish deferred to v2) - Funnel direction is one-way (plugin → framework); the README pitches but does not pressure - Performance contract — same files serve both distribution channels; the smoke test mechanically asserts no framework- distinctive elements (portfolio registry, _lib-portfolio-paths.sh, /handover skill, role definitions) leak into the extracted output - Why /rex and /migrations are deferred — session-state convention and migration-ticket dependencies respectively don't survive extraction into a drop-in shape without losing the gate's value Closes #321 * fix: shellcheck SC2064 trap-expansion + markdownlint MD051 link-fragment slugs Two CI failures on initial #344 push: 1. shellcheck SC2064 in test_subpack_extraction.sh:34 — double-quoted trap expanded $TMP_ROOT at definition time rather than signal time. Swap inner/outer quoting (single quotes around the trap body, double quotes around the variable) so expansion is deferred. Cleanup now resolves the correct path even if TMP_ROOT is reassigned later. 2. markdownlint MD051 in both READMEs — link `#graduation-path-the-full-framework` doesn't match heading `## Graduation path — the full framework` because GFM slug-generation translates ` — ` (em-dash with spaces) to `--` (double dash). Swap the em-dash in the heading to a colon: the slug becomes `graduation-path-the-full-framework`, matching the existing link. Same fix in both audit-pack and safety-hooks READMEs. Refs #321 * docs: honest-scope amend AgDR-0049 + audit-pack README per Rex's CHANGES REQUESTED Rex's review of #344 surfaced a real correctness gap between AgDR-0049's Decision #4 claim and what the smoke test actually enforces. The leak-scan is a PATH-scan (catches files at framework-distinctive paths like _lib-portfolio-paths.sh) but is NOT a CONTENT-scan (doesn't catch SKILL.md prose mentioning /handover, or _lib-audit-history.sh calling portfolio_projects_dir). Several extracted files in audit-pack DO carry such prose references. Per the operator's chosen path (Rex's option a, honest-scope amend, not full refactor): acknowledge the limitation in the AgDR + add a "Known framework references" section to the audit-pack README so adopters know what they're looking at, while preserving the generated-not-forked contract (decision #3) that would be contradicted by content-scrubbing. Changes: - AgDR-0049 § Decision #4 rewritten — distinguishes path-leak guard (mechanically enforced) from content references (deliberate, funnel- pointer, graceful-degrade outside an apexyard fork). v2 may revisit if adopter friction surfaces. - marketplace/audit-pack/README.md — new "Known framework references" section enumerates the three concrete surfaces Rex found (SKILL.md prose hints, _lib-audit-history.sh portfolio_projects_dir fallback, broken relative links to upstream docs/agdr/). Frames each as intentional + funnel-pointer. Flags v2 as the escape hatch. - safety-hooks is unaffected — Rex confirmed graceful-degrades correctly. Smoke test unchanged (path-scan is the right shape for what it catches; the AgDR amend clarifies what it does and doesn't claim). Refs #321 --------- Co-authored-by: me2resh <ahmed.abdelaliem@gmail.com>
4 tasks
8 tasks
This was referenced May 24, 2026
osama-abu-baker
pushed a commit
to osama-abu-baker/apexyard
that referenced
this pull request
Jun 3, 2026
… SENTINEL nit (me2resh#3) Post-merge cleanup after the Rex re-review of PR #1. Four blockers and one nit — all small, all correctness fixes, no scope creep. N1 — Default-mode contradiction (CRITICAL) Four files claimed single-project was the default, contradicting CLAUDE.md, README, onboarding.yaml, docs/multi-project.md, the site, and 7 of 8 new skills (which all say multi-project is the default). The commit message for ba892bc literally said "multi-project mode (default)". These four were the stragglers; they now align: - apexstack.projects.yaml.example: header comment rewritten to say this file is the registry for the default multi-project mode, single-project is the opt-in - workspace/README.md: section order swapped (multi-project first as the default, single-project second as opt-in), intro paragraph reworded, mode comments in the onboarding.yaml snippet flipped - projects/README.md: opening paragraph flipped so multi-project is described as the default - .claude/skills/projects/SKILL.md: mode detection table row order flipped (multi-project "or missing" is now default), sections swapped so multi-project comes first as the default, single-project moved below as opt-in, the "how to flip back" prompt reworded N2 — Roles count - README.md:166 — "20 software development roles" → "19" (actual count: 7 Engineering + 3 Product + 3 Design + 3 Security + 3 Data = 19) N3 — Site file count - site/index.html:956 — dropped the "79 files · " prefix from the tree header line to kill the drift-prone number entirely. The descriptive tagline "the runnable + portfolio layers added in v0.1" stays. Any time a file is added to the repo, the header no longer lies. Stale SENTINEL comment - golden-paths/pipelines/ci.yml:93 — the security section comment said "SENTINEL — Security Scanning" but the job itself is named "Shield: Security" (the Sentinel→Shield rename from PR #1). Fixed the comment to match. What's NOT in this commit - N4 (PR body "5 skills" + Sentinel/Scout in glossary) — GitHub PR bodies are immutable after merge, so this is recorded in the tracking issue as NOT FIXABLE. - Retroactive AgDRs — intentionally skipped per the CEO's call (v0.1 doesn't need them backfilled). Verification grep -n "20 software development roles" README.md → no hits grep -n "79 files" site/index.html → no hits grep -n "SENTINEL" golden-paths/pipelines/ci.yml → no hits grep for "single-project is the default" in the 4 N1 files → no hits Closes me2resh/apexscript-org#99 Co-authored-by: me2resh <ahmed.abdelaliem@gmail.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Merged
4 tasks
me2resh
added a commit
that referenced
this pull request
Jun 5, 2026
* feat(#321): scaffold marketplace/audit-pack + safety-hooks layout - marketplace/audit-pack/ — extracted /launch-check + 8 deep-dive audit skills + _lib-audit-history.sh + _lib-read-config.sh + _lib-ops-root.sh + AI-crawler registry + 8 audit templates. Includes authored README and PLUGIN.json that pitch the full framework as the graduation path. - marketplace/safety-hooks/ — extracted 7 safety hooks (secrets / main push / git-add-all / pre-push / commit-refs / PR-title / branch-name) + _lib-tracker.sh (tracker-agnostic) + _lib-read-config.sh + _lib-ops-root.sh + _lib-extract-pr.sh + settings.snippet.json showing recommended hook wiring. Same funnel-pitching README and PLUGIN.json. - EXTRACTION_MANIFEST.json in each sub-pack records the upstream SHA and file inventory so the "generated, not forked" maintenance contract is auditable. - Strategic intent: a one-way discovery funnel from Claude Code marketplace users to full-framework adopters. The two sub-packs are genuinely self-contained — no portfolio model, no /handover, no role definitions — and pitch the full framework via the README without pressuring. Closes #321 * feat(#321): bin/extract-subpacks.sh + extraction smoke test - bin/extract-subpacks.sh — idempotent extraction script that copies the audit-pack + safety-hooks inventories from upstream HEAD into marketplace/<pack>/, writes EXTRACTION_MANIFEST.json with the upstream SHA, and supports --dry-run + --manifest-only for CI validation. Invokable both locally (operator debugging) and from the release-tag CI workflow. - .claude/hooks/tests/test_subpack_extraction.sh — smoke test that (a) runs extraction into a tmp dir, (b) asserts the file inventory matches the AgDR-0049 contract for both sub-packs, (c) scans for framework-distinctive paths that would indicate a leak (apexyard.projects.yaml, _lib-portfolio-paths.sh, /handover skill, /agdr skill, role definitions), (d) plants a deliberate leak token and asserts the scan catches it (proves the scan does work, not just exits 0 silently), and (e) verifies each sub-pack's authored marketplace files (PLUGIN.json, README, settings snippet) are present at the repo-root marketplace/. Refs #321 * feat(#321): release-tag extraction CI workflow - .github/workflows/extract-subpacks-on-release.yml — fires on every v* tag push (cut by /release) and on PRs touching extraction- relevant files. Runs bin/extract-subpacks.sh, then runs the smoke test, then uploads marketplace/ as a build artefact when the trigger is a release tag (90-day retention). - The publish step (push to Claude Code marketplace) remains a manual operator concern in v1 — the workflow's job summary lists the next steps with the tag name + upstream SHA so the operator can take the artefact from the run and push it to the marketplace with the right semver. - Per-PR mode catches contributors who break the extraction contract (e.g. an audit skill that adds a portfolio dependency) at PR time rather than at release time. See AgDR-0049 for the rationale on release-tag-driven vs every-PR auto-publish (the marketplace doesn't want a release per PR; every WIP commit landing on real users is the wrong shape). Refs #321 * docs: AgDR-0049 — marketplace sub-packs as framework funnel Records the strategic + maintenance decisions behind the two marketplace sub-packs (apexyard/audit-pack and apexyard/safety-hooks): - Two-sub-pack scope vs alternatives (single mega-plugin, more sub-packs in v1, /rex + /migrations sub-packs) - Generated-not-forked maintenance contract — sub-packs are extracted from upstream HEAD at release time, NOT separately maintained codebases; the framework stays single source of truth - Release-tag-driven CI workflow + manual operator publish step (release-tag-only in v1; automated publish deferred to v2) - Funnel direction is one-way (plugin → framework); the README pitches but does not pressure - Performance contract — same files serve both distribution channels; the smoke test mechanically asserts no framework- distinctive elements (portfolio registry, _lib-portfolio-paths.sh, /handover skill, role definitions) leak into the extracted output - Why /rex and /migrations are deferred — session-state convention and migration-ticket dependencies respectively don't survive extraction into a drop-in shape without losing the gate's value Closes #321 * fix: shellcheck SC2064 trap-expansion + markdownlint MD051 link-fragment slugs Two CI failures on initial #344 push: 1. shellcheck SC2064 in test_subpack_extraction.sh:34 — double-quoted trap expanded $TMP_ROOT at definition time rather than signal time. Swap inner/outer quoting (single quotes around the trap body, double quotes around the variable) so expansion is deferred. Cleanup now resolves the correct path even if TMP_ROOT is reassigned later. 2. markdownlint MD051 in both READMEs — link `#graduation-path-the-full-framework` doesn't match heading `## Graduation path — the full framework` because GFM slug-generation translates ` — ` (em-dash with spaces) to `--` (double dash). Swap the em-dash in the heading to a colon: the slug becomes `graduation-path-the-full-framework`, matching the existing link. Same fix in both audit-pack and safety-hooks READMEs. Refs #321 * docs: honest-scope amend AgDR-0049 + audit-pack README per Rex's CHANGES REQUESTED Rex's review of #344 surfaced a real correctness gap between AgDR-0049's Decision #4 claim and what the smoke test actually enforces. The leak-scan is a PATH-scan (catches files at framework-distinctive paths like _lib-portfolio-paths.sh) but is NOT a CONTENT-scan (doesn't catch SKILL.md prose mentioning /handover, or _lib-audit-history.sh calling portfolio_projects_dir). Several extracted files in audit-pack DO carry such prose references. Per the operator's chosen path (Rex's option a, honest-scope amend, not full refactor): acknowledge the limitation in the AgDR + add a "Known framework references" section to the audit-pack README so adopters know what they're looking at, while preserving the generated-not-forked contract (decision #3) that would be contradicted by content-scrubbing. Changes: - AgDR-0049 § Decision #4 rewritten — distinguishes path-leak guard (mechanically enforced) from content references (deliberate, funnel- pointer, graceful-degrade outside an apexyard fork). v2 may revisit if adopter friction surfaces. - marketplace/audit-pack/README.md — new "Known framework references" section enumerates the three concrete surfaces Rex found (SKILL.md prose hints, _lib-audit-history.sh portfolio_projects_dir fallback, broken relative links to upstream docs/agdr/). Frames each as intentional + funnel-pointer. Flags v2 as the escape hatch. - safety-hooks is unaffected — Rex confirmed graceful-degrades correctly. Smoke test unchanged (path-scan is the right shape for what it catches; the AgDR amend clarifies what it does and doesn't claim). Refs #321 --------- Co-authored-by: me2resh <ahmed.abdelaliem@gmail.com>
4 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Post-merge cleanup after Rex's re-review of PR #1 (merged 2026-04-08 as
3de84fa). Four blockers and one nit — all small, all correctness fixes, no scope creep.This PR is tracked in the apexscript-org issue tracker (the ApexStack ops repo) per the narrow exception that apexstack's coordination tickets live in apexscript-org. The fix PR itself lives here in
me2resh/apexstack. TheCloseskeyword below uses the cross-repo form.N1 — Default-mode contradiction (CRITICAL) — 4 files
Four files claimed single-project was the default, contradicting
CLAUDE.md,README.md,onboarding.yaml,docs/multi-project.md,site/index.html, and 7 of 8 new skills (which all say multi-project is the default). The commit message forba892bcliterally said "multi-project mode (default)". These four were the stragglers and now align:apexstack.projects.yaml.example— header comment rewritten to say this file is the registry for the default multi-project mode; single-project is the opt-inworkspace/README.md— section order swapped (multi-project first as the default, single-project second as opt-in), intro paragraph reworded, mode comments in the onboarding.yaml snippet flippedprojects/README.md— opening paragraph flipped so multi-project is described as the default.claude/skills/projects/SKILL.md— mode detection table row order flipped (mode: multi-project"or missing" is now default), sections swapped so multi-project comes first, single-project moved below as opt-in, the "flip back" prompt rewordedN2 — Roles count — 1 file
README.md:166— "20 software development roles" → 19. Actual: 7 Engineering + 3 Product + 3 Design + 3 Security + 3 Data = 19. The tree insite/index.htmlat line ~964 already correctly said 19.N3 — Site file count — 1 file
site/index.html:956— dropped the79 files ·prefix from the tree header line. The descriptive tagline "the runnable + portfolio layers added in v0.1" stays. Rather than updating 79 → 76 and having to update it again next time a file lands, killing the number outright is the long-term fix.Stale SENTINEL comment — 1 file
golden-paths/pipelines/ci.yml:93— the security section comment said# SENTINEL — Security Scanningbut the job itself is named"🛡️ Shield: Security"(the Sentinel→Shield rename landed in PR feat(#1): initial ApexStack project #1). One-line comment fix to match.What's NOT in this PR
Glossary
apexstack.projects.yamlsingle-project— the alternative, enabled by settingapexstack.mode: single-projectinonboarding.yaml, for teams governing exactly one repoapexstack.projects.yaml— the list of projects ApexStack manages in multi-project modegit cloned project underworkspace/<name>/, used when you want local git operations on a managed project. Gitignored in the ops repo.ba892bc, numbered sequentially to distinguish from the first review's B1-B6# SHIELDClosesCloses owner/repo#N— closes an issue in a different repo when a PR merges. Used here so a PR onme2resh/apexstackcloses an issue onme2resh/apexscript-org.Test plan
grep -n "20 software development roles" README.mdreturns no hitsgrep -n "79 files" site/index.htmlreturns no hitsgrep -n "SENTINEL" golden-paths/pipelines/ci.ymlreturns no hitsgrep -rE "single-project.{0,20}default" apexstack.projects.yaml.example workspace/README.md projects/README.md .claude/skills/projects/SKILL.mdreturns no hits where single-project is labelled default (only opt-in)cat docs/multi-project.mdstill reads coherently against the rest of the PR — no NEW contradictions introducedCloses me2resh/apexscript-org#99
🤖 Generated with Claude Code