Skip to content

Rewrite README for public hardening#1

Closed
s00ly wants to merge 1 commit into
mainfrom
agent/readme-open-source
Closed

Rewrite README for public hardening#1
s00ly wants to merge 1 commit into
mainfrom
agent/readme-open-source

Conversation

@s00ly

@s00ly s00ly commented Jul 15, 2026

Copy link
Copy Markdown
Owner

What changed

  • Rebrands the public project as NomadPosting while documenting the legacy IVPN_* prototype prefix.
  • Leads with the dry-run-only safety boundary and removes claims that could imply working live privacy protection.
  • Adds a concise purpose, privacy/non-goal table, evidence-backed status matrix, contributor hardening tracks, and orange/purple/graphite target architecture.
  • Replaces the broken fresh-clone build path with verified Bash and PowerShell dry-run commands.
  • Corrects the relay-review and full-database-encryption overclaims.
  • Links the newly enabled private vulnerability reporting channel and records the successful Linux CI race run.
  • States the licensing gap plainly: public source is not legally open source until the owner selects a license.

Why

The original README was credible but optimized for auditors rather than first-time contributors. It also used an internal prototype name, buried the contribution path, and overstated two controls. This rewrite aims to attract privacy and security reviewers through a memorable purpose, concrete work, and honest evidence rather than hype.

Verification

  • GitHub Markdown API rendered the README successfully.
  • Every relative README link resolves locally.
  • The documented development configuration passed go run ./cmd/ivpn --check with a fresh generated key and temporary database.
  • go test -count=1 ./...
  • go vet ./...
  • go mod verify
  • gofmt -l cmd internal returned no files.
  • Credential-pattern scan returned no matches.

Maintainer decision still required

Select an OSI-approved license before describing the repository as open source or accepting code contributions. AGPL-3.0-or-later is the reciprocal freedom-tech option; Apache-2.0 is the adoption-first option.

@s00ly s00ly closed this Jul 15, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant