Safe Public Documentation Gates

Milestone: Public documentation and website roadmap Milestone 0.

This document defines the safe verification path for public docs and website

migration work.

Current Risk

make docs-check is not a safe default command for this work. It can trigger

the broad documentation and generated API path through the compiler, and that

path has already been observed to break or endanger the user session.

Until that command has a bounded resource profile, public docs work must use the

specific gates in this document.

Safe Milestone 0 Gates

Use:

make public-docs-milestone-0-check

This runs only:

• make public-docs-inventory-check;
• make public-site-route-check;
• make public-docs-safe-gates-check;
• make static-site-remote-inventory-check.

These checks:

• inspect Markdown and TSV metadata only;
• do not compile 0x0 source;
• do not invoke make docs-check;
• do not run broad compiler sweeps;
• do not mutate remote servers;
• fail fast on missing required milestone artifacts.

Gate Ownership

tools/public-docs-inventory-check.sh owns:

• source inventory validation;
• route manifest validation;
• safe-gate policy validation;
• remote inventory artifact validation.

tools/public-site-link-check.sh owns:

• bounded link validation for existing site/*.html pages;
• manifest and redirect sanity checks.

Heavy Or Unsafe Commands

These commands must not be presented as default public docs checks until their

resource behavior is fixed or explicitly bounded:

• make docs-check;
• broad compiler sweeps;
• parallel library compilation;
• unbounded site crawlers;
• unbounded registry smoke runs;
• deployment commands that mutate remote static roots without a dry run.

Remote Safety

Remote inventory may use:

ssh -o BatchMode=yes -o ConnectTimeout=8 deploy@138.197.233.77 '<read-only command>'

Allowed read-only operations:

• hostname, id, date;
• find with shallow -maxdepth;
• reading nginx/caddy/apache config snippets;
• counting files under known static roots;
• recording root paths and domain bindings.

Disallowed in inventory:

• cp, mv, rm, rsync, scp;
• package manager commands;
• service restarts;
• config edits;
• certificate renewal;
• permission changes.

Publication Rule

No static site may be published until later milestones produce:

• local release bundle;
• checksum manifest;
• remote dry-run report;
• rollback instructions;
• smoke checks for public URLs.