type: policy
status: active
timestamp: 2026-06-20
tags: [policy, repo, archive, allowlist, safety, family]

Repos never to archive

Allowlist of repos archive scripts MUST NOT touch

Repos never to archive

This allowlist is checked before any gh repo archive operation by any script under scripts/. Anything listed here is load-bearing in the chirag127/oriz* family — submodule, npm-published package, or critical dev tooling — and MUST NOT be archived even if GitHub stats (zero stars, no recent push) would otherwise mark it as a cleanup candidate.

The same logic that protects empty placeholder repos from deletion applies here: low GitHub activity is not a signal of low importance in this family. Most submodules are private-purpose code with audience of one (me) and zero stars by design.

gh repo archive is reversible (unlike delete), but archived repos lose Issues/PRs as a working surface, get an “Archived” banner that confuses anyone landing from a doc link, and break agents that expect the repo to be writable. The cost of archiving a load-bearing repo is real even if recoverable.

Generated from .gitmodules + npm + manual

Master

11 site submodules (all oriz-<name>-site)

oriz-urls-to-md-site is currently an empty slug reservation — see

.

Empty does not mean abandoned.

Package submodules (npm-published or shared library)

Active future submodules

MCP servers + dev tooling (npm-published, load-bearing across the family)

Brand / org-level

How to update this file

When a new repo joins the family — becomes a submodule, gets npm-published under chirag127, or becomes a critical dev-tool — add it here in the same chat / same PR that introduces the dependency. The self-update rule applies.

The

script (and any future archive scripts) reads this file as input by grepping for chirag127/<name> bullets, taking the union of every slug found, and refusing to archive anything in that set. Adding a new bullet here is the only way to extend the allowlist — there is no secondary list inside the script.

Defense in depth

The archive script also hard-skips any repo whose name starts with oriz-, regardless of whether it appears in this file. That double-coverage means:

  1. A new oriz-* repo that the agent forgot to add here is still protected.
  2. This file is the audit trail; the script’s oriz- prefix check is the belt-and-braces fallback.

If the two ever disagree (e.g. an oriz- repo is intentionally deprecated and should be archived), update both the script and this file in the same commit, with a one-line ## Removed from allowlist section here noting the slug, the date, and the authorising user message.

Cross-refs


Edit on GitHub · Back to index