Repository readiness

Open-source launch should give early operators enough context to act safely.

This is the public repository gate for The Gateway: license, support scope, install evidence, contribution boundaries, and privacy claims must be clear before broad distribution.

Legal and release basics

Select and commit the license, publish a clear change summary, and make pre-launch status visible anywhere install expectations are set.

Operator path

Publish install, rollback and recovery, hardware matrix, route/DNS verification, fallback checks, and first-run evidence.

Trust boundaries

Keep support access explicit, time-limited, revocable, and logged. Document what support will not do.

Contribution intake

Use templates for bugs, installs, hardware reports, documentation fixes, PRs, security contact links, and the issue label guide.

Privacy posture

Explain how The Gateway helps verify routing, DNS, fallback, and leak behavior without promising anonymity by itself. Use the posture checklist.

Publication hygiene

Public copy stays focused on operator value, product readiness, support boundaries, privacy limits, and evidence.

Screenshot handling

Published screenshots use realistic synthetic values and note the claim each image supports.

Public story

Public copy stays focused on operator value, product readiness, support boundaries, privacy limits, and evidence before broad release.

Artifact hygiene

Published repository assets should avoid private notes, local paths, credentials, temporary hosts, and machine-specific assumptions.

Evidence handling

Require redaction for logs, screenshots, support bundles, topology, private hostnames, and account identifiers before public submission.

Security audit

Security checks report no unresolved high-severity issues before broad repository launch.

Repository hygiene

Public repository materials should avoid private notes, local paths, credentials, and machine-specific assumptions.

Ready to publish when

License, security policy, contribution guide, support policy, install guide, rollback guide, hardware matrix, issue templates, issue label guide, release checklist, security audit, build hygiene, and proof artifacts are present.

Do not publish when

Contact addresses are placeholders, install has not passed on a fresh machine, rollback is undocumented, or anonymity/privacy limits are vague.

Repository evidence

Public repository claims need operator screenshots beside install proof.

Redacted Gateway dashboard showing route, DNS, tunnel, device, and backup status cards — First run **Show the active posture.**
Supports the first-run evidence requirement without exposing private hostnames or topology.

Redacted Gateway DNS control screen — DNS proof **Show resolver behavior.**
Supports the repository claim that route and DNS verification are observable and repeatable.

Redacted Gateway devices inventory screen — Hardware scope **Show client grouping.**
Supports hardware and install reports by showing which device classes were actually in scope.

Next action

Close the public repository gates before broad launch.

Start with license selection, fresh-machine install evidence, rollback documentation, issue labels, contact privacy rules, and production contact endpoints.

Request install readiness review Open release checklist Open issue labels Review contact privacy Open install guide Open rollback recovery Open launch status Open production checklist Review support boundaries