Public documentation repository for a repository control plane currently implemented in the private Project Invariant codebase.
This repository exists to describe the project boundary, architecture direction, current workflow surface, and publication status without exposing the private implementation.
This repository publishes documentation only. It does not publish the runtime, plugins, CLI source, configuration, or release artifacts.
Modern AI-assisted repository workflows are useful, but they are often difficult to inspect, constrain, and reproduce.
This project explores a different model: repository workflows executed through a more controlled control-plane layer, with explicit boundaries around workflow surface, operator entry points, and policy enforcement.
The goal of this repository is to document that direction publicly without implying that it is self-hostable from this repository.
This repository can currently describe, at a high level:
- the public/private boundary of the project
- the current workflow inventory
- architecture direction and operator surface boundaries
- publication limits and security boundary language
A typical governed workflow in the private implementation follows this shape:
request -> constrained workflow selection -> policy/API checks -> approval point where required -> reportable outcome
Review date: 2026-03-10
The private implementation currently includes:
- a core runtime and control-plane layer under internal
invariant/packages - plugin packs used by the runtime and product-layer assembly
- a
run_factoryapplication layer for repository workflows - internal operator surfaces for CLI, daemon, API, and HTTP control deck usage
- a pipeline catalog currently limited to:
repo_risk_reviewsafe_patch_applyconstrained_feature_impl_beta
Capability checks are enforced through policy and API boundaries, but they should not be interpreted as a complete sandbox or security boundary.
This repository intentionally does not provide:
- installation instructions
- quick start commands
- a runnable demo
- a public source mirror of the private implementation
- a claim that an external user can reproduce the internal environment from this repository alone
Executable artifacts, public sample contracts, or runnable examples may be published later. If they are, that will be stated explicitly here.
The private implementation still uses internal project and package naming associated with Project Invariant, including invariant/, apps/run_factory/, and plugin_packs/.
This public repository uses the neutral label repo-control-plane unless a concrete internal code identifier is necessary for accuracy.
docs/ARCHITECTURE.md- current architecture boundary for the private implementationdocs/STATUS.md- what is public here, what exists privately, and current limitationsdocs/DEMO.md- current demo boundary and what is not publicly runnableROADMAP.md- planned public documentation and publication work for this repository
See:
CONTRIBUTING.mdCODE_OF_CONDUCT.mdSECURITY.md
See LICENSE.