Repos never to archive
Repos never to archive
This allowlist is checked before any gh repo archive operation by any
script under scripts/. Anything listed here is
load-bearing in the chirag127/oriz* family — submodule, npm-published
package, or critical dev tooling — and MUST NOT be archived even if
GitHub stats (zero stars, no recent push) would otherwise mark it as a
cleanup candidate.
The same logic that protects empty placeholder repos from deletion applies here: low GitHub activity is not a signal of low importance in this family. Most submodules are private-purpose code with audience of one (me) and zero stars by design.
gh repo archive is reversible (unlike delete), but archived repos
lose Issues/PRs as a working surface, get an "Archived" banner that
confuses anyone landing from a doc link, and break agents that expect
the repo to be writable. The cost of archiving a load-bearing repo is
real even if recoverable.
Generated from .gitmodules + npm + manual
Master
chirag127/oriz
11 site submodules (all oriz-<name>-site)
chirag127/homechirag127/blog-sitechirag127/ncertchirag127/lorechirag127/cards-sitechirag127/finance-tools-sitechirag127/journal-sitechirag127/dev-tools-sitechirag127/image-tools-sitechirag127/pdf-tools-sitechirag127/me
oriz-urls-to-md-site is currently an empty slug reservation — see
Empty does not mean abandoned.
Package submodules (npm-published or shared library)
chirag127/oriz-kit(mounted atpackages/oriz-ui)chirag127/firebase-initchirag127/auth-uichirag127/contact-formchirag127/sidebarchirag127/oriz-family
Active future submodules
chirag127/post-site(active submodule atpackages/oriz-omnipost)chirag127/oriz-lifestream(planned; will become a submodule when the lifestream service is wired)
MCP servers + dev tooling (npm-published, load-bearing across the family)
chirag127/envpact-mcp— secrets MCP server, listed in.mcp.jsoneverywherechirag127/envpact-cli— secrets CLI, used by the env-example sync workflowchirag127/secenv-mcp— predecessor MCP server for secrets, kept for back-compatchirag127/agentflow— parallel agent orchestrator used in dev
Brand / org-level
chirag127/oriz-family(already listed above; restated here for the family-wide grep).
How to update this file
When a new repo joins the family — becomes a submodule, gets
npm-published under chirag127, or becomes a critical dev-tool —
add it here in the same chat / same PR that introduces the
dependency. The
self-update rule applies.
The
script (and any future archive scripts) reads this file as input by
grepping for chirag127/<name> bullets, taking the union of every
slug found, and refusing to archive anything in that set. Adding a
new bullet here is the only way to extend the allowlist — there is no
secondary list inside the script.
Defense in depth
The archive script also hard-skips any repo whose name starts with
oriz-, regardless of whether it appears in this file. That
double-coverage means:
- A new
oriz-*repo that the agent forgot to add here is still protected. - This file is the audit trail; the script's
oriz-prefix check is the belt-and-braces fallback.
If the two ever disagree (e.g. an oriz- repo is intentionally
deprecated and should be archived), update both the script and
this file in the same commit, with a one-line ## Removed from allowlist section here noting the slug, the date, and the
authorising user message.
Cross-refs
- — canonical "empty but reserved" example
../rules/interaction/never-delete-empty-placeholder-repos.md— sibling rule, deletion side../rules/development/push-by-default.md— outward-effect carve-out that gatesgh repo archive../branding/repo-naming-suffixes.md— slug taxonomy this allowlist is built around- — first script that reads this file