v0.1.0 publish surfaces — docs, adopter README, public-readiness CI gates

.github/workflows/ci.yml

@@ -25,12 +25,16 @@ jobs:
       # had landed undetected through PRs #8 and #9.
       - name: Install ripgrep (for stale-reference gate)
         run: brew install ripgrep
+      - name: Install gitleaks (for public-readiness gate)
+        run: brew install gitleaks
       - run: pnpm -F schemas build
       - run: git diff --exit-code -- packages/schemas/dist/
       - run: pnpm typecheck
       - run: pnpm -r test
       - run: pnpm -F core test config-resolver
       - run: node packages/core/cli.mjs validate-contracts
+      - name: Secret scan (gitleaks full history)
+        run: gitleaks detect --no-banner --source . --log-opts="--all"
       # Documented-invocation parity smoke test. The 2026-05-22 cocoder-cli
       # bin-symlink miss surfaced post-merge because the documented
       # `pnpm exec cocoder ...` form was never CI-tested — the previous
@@ -70,5 +74,11 @@ jobs:
           fi
       - name: Public readiness placeholder
         run: |
-          test -f LICENSE
-          test -f NOTICE
+          set -e
+          test -s LICENSE
+          test -s NOTICE
+          grep -qi 'CoBuilder' NOTICE
+          grep -qi 'extract' NOTICE
+          test -s docs/faq.md
+          grep -qi 'commercial use' docs/faq.md
+          grep -Eqi 'zero (analytics|telemetry)|no telemetry' docs/faq.md

ARCHITECTURE.md

@@ -1,41 +1,45 @@
-# CoCoder Architecture (Draft)
+# CoCoder Architecture
 
-**Status:** Draft — Refine (Sub-Playbook A audit remediation in flight; Sub-Playbook E dogfood ramp proven end-to-end)  
-**Last verified:** 2026-05-22 (Sub-Playbook E exercised the four-zone storage model, multi-workspace concurrency, and config-resolver semantics across 4 autonomous orchestrated runs; 110/110 tests pass; repo published to `BadGuyFranco/cocoder`)
+**Status:** v0.1 release candidate  
+**Last verified:** 2026-05-28 (Mermaid storage-zone diagram reviewed for render clarity; public doc references rechecked in Sub-Playbook D publish pass)
 
 ## Mental Model
 
 CoCoder has **four storage zones** that must never be conflated. Two live in the CoCoder install repo; two live in any application repo where a user runs `cocoder init`.
 
 ```mermaid
 flowchart TB
-  subgraph install ["CoCoder install (git repo — tracked)"]
+  subgraph install ["CoCoder install repo (tracked)"]
     Core[packages/core — CLI, contracts, launch]
     Dash[packages/oz-dashboard]
+    Docs[docs/]
     Tpl[templates/workspace-cocoder]
   end
 
-  subgraph installLocal ["CoCoder/local/ — GITIGNORED"]
+  subgraph installLocal ["CoCoder/local/ (gitignored)"]
     Oz[Oz state + workspaces registry]
     Wsps[workspaces/ — per-ws install-side state]
     Prefs[Models, accounts, secrets, audit, roots]
   end
 
-  subgraph wsA ["Workspace A repo"]
-    CA[cocoder/ — priorities, memory, ADRs]
-    CALA[cocoder/local/ — GITIGNORED]
+  subgraph wsA ["Application workspace A"]
+    CA[cocoder/ — tracked governance]
+    CALA[cocoder/local/ — gitignored overrides]
   end
 
-  subgraph wsB ["Workspace B repo"]
-    CB[cocoder/]
-    CBLB[cocoder/local/]
+  subgraph wsB ["Application workspace B"]
+    CB[cocoder/ — tracked governance]
+    CBLB[cocoder/local/ — gitignored overrides]
   end
 
+  Dash --> Oz
   Oz --> Core
   Core --> CA
   Core --> CB
   Prefs --> Oz
   Prefs --> Core
+  Tpl --> CA
+  Tpl --> CB
 ```
 
 | Zone | Location | Tracked in git? | Purpose |
@@ -243,8 +247,8 @@ Normal adopters get workspace customization by default. CoCoder product improvem
 
 ## References
 
-- CoBuilder orchestration: `infrastructure/cobuilder-build/orchestration/ARCHITECTURE.md`
-- Design language: `marketing/brand/design-brief.md` (Fusion palette — adapt for CoCoder branding)
+- CoBuilder orchestration: historical upstream extraction reference retained in `NOTICE`
+- Design language: [`docs/oz-design-brief.md`](./docs/oz-design-brief.md)
 - ADR index: `cocoder/decisions/README.md`
 - Dogfood meta-project: `cocoder/AGENTS.md`
 - Active priorities: `cocoder/PRIORITIES.md`

README.md

@@ -1,54 +1,99 @@
 # CoCoder
 
-> **Status:** v0.1 in progress — **not yet usable by adopters.** Foundation, dogfood orchestration, and audit-finding remediation are landing first; full personas, workspace template, Oz dashboard, and onboarding docs follow in Sub-Playbooks B, C, and D. See [`cocoder/PRIORITIES.md`](./cocoder/PRIORITIES.md) for the live state.
+CoCoder is an open, local-first AI coding orchestration framework for solo builders and small teams. It packages the proven CoBuilder orchestration runtime as a reusable CLI, workspace template, persona contract system, and local Oz dashboard.
 
-CoCoder is an open, local-first AI coding orchestration framework for solo builders and small teams. It extracts the proven CoBuilder orchestration runtime into a reusable CLI, workspace structure, and local control plane.
+Use it when you want AI coding sessions to start from explicit priorities, bounded write scopes, durable evidence, and repeatable result artifacts instead of ad hoc chat threads.
+
+## What v0.1 includes
+
+- A `cocoder` CLI for workspace setup, launch composition, lane startup, contract validation, and local audit checks.
+- A tracked `cocoder/` workspace structure for priorities, session logs, ADRs, tickets, memory, standards, routes, profiles, and personas.
+- A workspace template created by `cocoder init`.
+- Oz, a loopback-only browser dashboard for workspace registration, priority launch, run listing, and run inspection.
+- Public docs for first launch, orchestration, personas, configuration, Oz, freshness policy, and FAQ.
+- Apache-2.0 licensing with CoBuilder extraction attribution in `NOTICE`.
+
+## Requirements
+
+- macOS first for v0.1
+- Node.js version from `.nvmrc`
+- pnpm 10.x
+- tmux
+- At least one configured model CLI adapter named by the selected profile
+
+## Quick Start
+
+Install CoCoder:
+
+```sh
+git clone <CoCoder-repo-url> ~/dev/CoCoder
+cd ~/dev/CoCoder
+pnpm install
+pnpm -F cocoder-cli build
+pnpm exec cocoder validate-contracts
+export COCODER_HOME="$PWD"
+```
+
+Initialize an application workspace outside the CoCoder install:
+
+```sh
+mkdir -p ~/dev/my-app
+cd ~/dev/my-app
+git init
+pnpm --dir "$COCODER_HOME" exec cocoder init \
+  --workspace-root "$PWD" \
+  --cocoder-home "$COCODER_HOME"
+```
+
+Then follow [`docs/getting-started.md`](./docs/getting-started.md) for the full path from clean clone to first CLI or Oz launch.
 
 ## Mental Model
 
 CoCoder has two public surfaces and two private surfaces:
 
 - The CoCoder install repo contains the engine, schemas, templates, docs, and dashboard source.
 - `<CoCoder>/local/` stores install-private preferences, workspace registry data, audit logs, and secrets.
-- Each application repo gets a tracked `cocoder/` workspace folder for priorities, ADRs, tickets, memory, and standards.
-- Each application repo also gets ignored `cocoder/local/` overrides for machine-local settings.
+- Each application repo gets a tracked `cocoder/` workspace folder for priorities, ADRs, tickets, memory, standards, and persona contracts.
+- Each application repo also gets ignored `cocoder/local/` overrides for machine-local settings and secrets.
 
-Git updates the engine and templates. Ignored `local/` directories preserve user preferences.
+Git updates the engine and templates. Ignored `local/` directories preserve operator preferences and run records.
 
-## Requirements
-
-- macOS first for v0.1
-- Node 20 LTS
-- pnpm
-- tmux and iTerm2 for orchestrated sessions
-- User-installed model CLIs such as Codex, Claude, Grok, Gemini, or Kimi
+For the full storage-zone model, see [`ARCHITECTURE.md`](./ARCHITECTURE.md). For commercial use, telemetry, trademark, and sync guidance, see [`docs/faq.md`](./docs/faq.md).
 
-## Current Build Status
+## Documentation
 
-The active build is tracked in [cocoder/PRIORITIES.md](./cocoder/PRIORITIES.md). Sub-Playbook A is implementing the foundation: monorepo scaffold, config resolver, path portability, install preferences, and the extracted core baseline.
+- [`docs/getting-started.md`](./docs/getting-started.md) - clean-clone to first launch.
+- [`docs/orchestration.md`](./docs/orchestration.md) - runs, dispatch, evidence, and result artifacts.
+- [`docs/personas.md`](./docs/personas.md) - core role contracts and write capability.
+- [`docs/configuration.md`](./docs/configuration.md) - install/workspace config, path resolution, and terminal invocation.
+- [`docs/oz.md`](./docs/oz.md) - dashboard overview and troubleshooting.
+- [`docs/oz-launch.md`](./docs/oz-launch.md) - command-by-command Oz launch flow.
+- [`docs/oz-security-checklist.md`](./docs/oz-security-checklist.md) - local daemon security checklist.
+- [`docs/freshness-policy.md`](./docs/freshness-policy.md) - doc verification stamps and release-candidate audit cadence.
 
 ## Local Development
 
 ```sh
 pnpm install
 pnpm -F schemas build
 pnpm -F core test
-node packages/core/cli.mjs validate-contracts
+pnpm -F oz-dashboard test
+pnpm exec cocoder validate-contracts
 ```
 
 The public CLI package builds a `cocoder` binary:
 
 ```sh
 pnpm -F cocoder-cli build
-packages/cocoder-cli/bin/cocoder config get
+pnpm exec cocoder config get
 ```
 
 ## Contributing
 
-CoCoder is solo-maintained early-stage OSS. Outside contributions are welcome on the terms documented in [`CONTRIBUTING.md`](./CONTRIBUTING.md). For open-ended questions and design discussions use [Discussions](https://github.com/BadGuyFranco/cocoder/discussions); for bugs and concrete proposals use [Issues](https://github.com/BadGuyFranco/cocoder/issues). For security reports see [`SECURITY.md`](./SECURITY.md) — never file a public issue for a vulnerability.
+CoCoder is solo-maintained early-stage OSS. Outside contributions are welcome on the terms documented in [`CONTRIBUTING.md`](./CONTRIBUTING.md). For open-ended questions and design discussions use [Discussions](https://github.com/BadGuyFranco/cocoder/discussions); for bugs and concrete proposals use [Issues](https://github.com/BadGuyFranco/cocoder/issues). For security reports see [`SECURITY.md`](./SECURITY.md) - never file a public issue for a vulnerability.
 
 Behavior expectations: [`CODE_OF_CONDUCT.md`](./CODE_OF_CONDUCT.md).
 
 ## License
 
-Apache-2.0. See [`LICENSE`](./LICENSE) and [`NOTICE`](./NOTICE). The orchestration core under `packages/core/` is mechanically extracted from upstream CoBuilder (independent OSS); attribution requirements live in `NOTICE`.
+Apache-2.0. See [`LICENSE`](./LICENSE) and [`NOTICE`](./NOTICE). The orchestration core under `packages/core/` is mechanically extracted from upstream CoBuilder; attribution requirements live in `NOTICE`.

cocoder/PRIORITIES.md

@@ -15,7 +15,7 @@ Slim index of active and archived priorities. Open a priority's folder for detai
 
 | Slug | Description | Status | Canon | Owner | Blocked on |
 |---|---|---|---|---|---|
-| [`v0.1-foundation`](./priorities/v0.1-foundation/README.md) | Ship CoCoder v0.1 — extraction, Oz MVP, docs, public publish | Active | Expand — **Sub-Playbook D activated**; D Solve next. Suite **335/335** (+ dashboard 8/8). | Bob + founder | **Next:** D Solve. B/C Refines parallel (founder). |
+| [`v0.1-foundation`](./priorities/v0.1-foundation/README.md) | Ship CoCoder v0.1 — extraction, Oz MVP, docs, public publish | Active | Expand — **Sub-Playbook D doc + CI-gate authoring COMPLETE on branch `v0.1-publish`** (run 1wna3uxq). Only founder release (merge → CI → `v0.1.0` tag) remains. | Bob + founder | **Next (founder):** review `v0.1-publish` → merge to `main` (CI = D-S2 Class A) → tag `v0.1.0`. B/C Refines parallel (founder). |
 
 ## Draft
 
@@ -46,7 +46,7 @@ Slim index of active and archived priorities. Open a priority's folder for detai
 3. **Sub-Playbook B activation** — Witness/Interrogate/Solve-target for adopter onboarding (workspace template + `cocoder init` + getting-started doc). Multi-session work; the marquee remaining v0.1 deliverable.
 
 **Recommended next-session ordering:** Item 1 → Item 2 (in batches) → Item 3 (Witness/Interrogate only). The completion plan has an appendix with a verbatim resume prompt for fresh-session pickup. **Done = ticket 0001 closed, M4 free-wins all `[x]` or marked deferred-to-v0.2, Sub-Playbook B Witness populated + Status flipped to Active.**
-**Status:** Active — Refine. Sub-Playbook F Complete 2026-05-23. Sub-Playbook B Expand merged (PR #33 → `9bf2433`). Sub-Playbook C Expand complete 2026-05-23 (PRs #42–#47 → `f46dcff`). **Sub-Playbook D activated 2026-05-24** (Witness/Interrogate/Solve-target). B/C Refines parallel-tracked (founder). Suite **335/335** (+ oz-dashboard **8/8**). See [`priorities/v0.1-foundation/README.md`](./priorities/v0.1-foundation/README.md).
+**Status:** Active — Refine. Sub-Playbook F Complete 2026-05-23. Sub-Playbook B Expand merged (PR #33 → `9bf2433`). Sub-Playbook C Expand complete 2026-05-23 (PRs #42–#47 → `f46dcff`). **Sub-Playbook D doc + CI-gate authoring COMPLETE 2026-05-27 (run 1wna3uxq) on branch `v0.1-publish`** (off `main`, Option A disentangle): D-M1.7 ARCHITECTURE verify, D-M1.8 README adopter rewrite, D-M2.1 dogfood-evidence, D-S2 CI gates (gitleaks + LICENSE/NOTICE + faq) all landed; D-S1 internal-proxy + external stranger test both removed from v0.1 scope (founder). **Only the founder release remains:** review `v0.1-publish` → merge to `main` (triggers CI = D-S2 Class A) → tag `v0.1.0` + release notes (PD-Q6=A). v0.4 control-plane work stays on `oz-control-plane-design`. Local Class B checks green; Class A pending CI on `main`. B/C Refines parallel-tracked (founder). See [`priorities/v0.1-foundation/README.md`](./priorities/v0.1-foundation/README.md).
 
 ### [v0.2-adapter-extensibility](./priorities/v0.2-adapter-extensibility/README.md)
 **Owner:** Bob + founder

cocoder/SESSION_LOG.md

@@ -14,6 +14,20 @@ Append-only log of work sessions. New entries at the **top**. One entry per mean
 
 ---
 
+## 2026-05-27 — **v0.1 publish surfaces complete on clean branch `v0.1-publish` (Option A disentangle); D-S1 removed; ready for founder release**
+
+**Persona:** Oscar (lead) + Bob (builder, codex) | **Priority:** v0.1-foundation | **Plan:** [`plans/2026-05-21-docs-publish.plan.md`](./priorities/v0.1-foundation/plans/2026-05-21-docs-publish.plan.md) | **Run:** 1wna3uxq
+
+**Outcomes:**
+- **Founder chose Option A (disentangle):** ship v0.1 from a clean branch off `main` so the `v0.1.0` tag contains only v0.1, not the v0.4 control-plane work entangled on `oz-control-plane-design`. Verified the split is clean — `main` already holds the full v0.1 product baseline (A/B/C/E/F + cross-link docs + README/ARCHITECTURE/ci.yml/LICENSE/NOTICE); the only delta was the 6 D-M1 docs + ADR-0001 §6 fix + remaining D work.
+- Created **`v0.1-publish`** off `main`. Oscar carried governance + the ADR-0001 §6 fix (`f83110a`); Bob brought the 6 authored D-M1 docs over (byte-identical to source, verified) and landed **D-M1.7** (ARCHITECTURE verify), **D-M1.8** (README adopter rewrite, banner removed), **D-M2.1** (`docs/dogfood-evidence.md`), **D-S2** (ci.yml gitleaks + LICENSE/NOTICE + faq gates) as `68feb24`. Also scrubbed one machine-specific `/Volumes/...` literal from a schemas test fixture to keep the stale-ref gate green.
+- **Founder scope decisions this run:** D-S1 internal-proxy readiness **removed** from v0.1 ("I'll dogfood on my own projects — not a v0.1 concern"); `v0.1.0` tag stays a founder release action. D-S2 green-on-main is Class A only after CI runs; local Class B (gitleaks 104-commit clean, `check-doc-refs` 0 missing, public-readiness-ok) all pass. One sandbox socket-bind `EPERM` blocks full-suite Class A locally.
+- Unrelated dirty `packages/oz-dashboard/src/pages/PrioritiesPage.tsx` preserved untouched/unstaged throughout.
+
+**Next:** **Founder release sequence** — review `v0.1-publish`, merge to `main` (triggers CI = D-S2 Class A proof), then tag `v0.1.0` + release notes (PD-Q6=A). Merging `v0.1-publish` then later `oz-control-plane-design` to `main` will need governance-file (PRIORITIES.md/SESSION_LOG) conflict resolution — expected cost of the disentangle.
+
+---
+
 ## 2026-05-24 — **Sub-Playbook D activated (Witness/Interrogate/Solve-target); PD-Q1..PD-Q7 answered**
 
 **Persona:** AI (Bob) | **Priority:** v0.1-foundation | **Plan:** [`priorities/v0.1-foundation/plans/2026-05-21-docs-publish.plan.md`](./priorities/v0.1-foundation/plans/2026-05-21-docs-publish.plan.md)

cocoder/decisions/0001-storage-and-license.md

@@ -23,7 +23,7 @@ CoCoder must be public OSS with user preferences that survive upstream updates,
 
 5. **Oz:** Master orchestration persona; no separate brand. UI uses Fusion design tokens only.
 
-6. **Platform v0.1:** macOS-first (iTerm2 + `.command` wrappers); git clone + pnpm distribution.
+6. **Platform v0.1:** macOS-first (iTerm2 + `.command` wrappers); git clone + pnpm distribution.[^platform-v01-update]
 
 7. **Multi-workspace:** Per-workspace tmux socket namespace, managed by Oz registry.
 
@@ -34,3 +34,5 @@ CoCoder must be public OSS with user preferences that survive upstream updates,
 - Document multi-machine sync of `local/` via filesystem sync, not git.
 - MPL/custom license FAQ deferred; Apache FAQ covers commercial use of CoCoder as a tool.
 - Talia/Quinn split documented in ADR-0002 (persona boundaries).
+
+[^platform-v01-update]: **Updated 2026-05-27 (D-M1.9; founder chose option (i) — inline footnote, not a new ADR amendment).** The `.command` wrapper mechanism in decision 6 above was retired per ticket [`0001-cocoder-command-wrapper-decision`](../tickets/closed/0001-cocoder-command-wrapper-decision.md) (Path B). v0.1 launch surfaces are terminal-only: the `cocoder` CLI plus the Oz orchestration launcher. macOS-first and git-clone/pnpm distribution are unchanged.