Skip to content

OPEN_SOURCE_CHECKLIST.md

Latest commit

 

History

History
96 lines (67 loc) · 2.62 KB

OPEN_SOURCE_CHECKLIST.md

File metadata and controls

96 lines (67 loc) · 2.62 KB

Open Source Deployment Checklist

This checklist ensures the project is ready for open source release.

✅ Completed

  • .gitignore file created - Excludes sensitive files:

    • Service account JSON files
    • Environment variable files (.env)
    • Virtual environments (venv/)
    • Log files
    • IDE/editor files
    • Build artifacts

  • LICENSE file added - MIT License as specified in README

  • CONTRIBUTING.md created - Guidelines for contributors

  • SECURITY.md created - Security policy and reporting guidelines

  • README updated:

    • Removed hardcoded user paths
    • Removed all Firebase/cloud setup instructions
    • Updated for local-only setup
    • Added Contributing and Security sections

⚠️ Action Required Before Publishing

1. Verify Sensitive Files Are Not Committed

Before your first commit, verify these files are NOT tracked by git:

git status

Ensure these files are NOT listed (they should be ignored):

  • .env files
  • venv/ directory
  • *.log files
  • Any sensitive configuration files

2. Remove Sensitive Files from Git History (if already committed)

If any sensitive files were previously committed, remove them from git history:

# Remove from git cache (but keep local file)
git rm --cached .env
git rm --cached any-sensitive-files

# If files were committed in previous commits, you may need to rewrite history
# Use git filter-branch or BFG Repo-Cleaner for this

3. Review Code for Hardcoded Secrets

Search for any remaining hardcoded secrets:

# Check for any hardcoded secrets (should find none)
grep -r "private_key" --exclude-dir=venv --exclude-dir=.git .
grep -r "api[_-]?key" --exclude-dir=venv --exclude-dir=.git -i .

4. Test the Setup

  1. Clone the repository in a fresh directory
  2. Follow the setup instructions in README
  3. Verify everything works without the sensitive files

5. Update Repository Description

When publishing to GitHub/GitLab:

  • Add a clear description
  • Add relevant topics/tags
  • Set up branch protection rules for main/master
  • Enable security alerts (GitHub)

6. Optional: Add GitHub Templates

Consider adding:

  • Issue templates (bug report, feature request)
  • Pull request template

📝 Notes

  • The .gitignore file is comprehensive and should protect sensitive files
  • All sensitive files are already excluded from version control
  • Project is local-only - no cloud services required
  • Documentation is updated to guide new users
  • All Firebase/GCS dependencies have been removed

🚀 Ready to Publish

Once you've verified the above, your project is ready for open source release!