You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
docs(standards): README is .adoc by default + agent-commit signing note (#430)
## Summary
Two owner-directed canon corrections to `.claude/CLAUDE.md`
(2026-06-26).
### 1. README is `.adoc` by default (`843812c`)
Corrects the short-lived `da1ee5e` "README must be Markdown (not
AsciiDoc) (#427)" reversal, which contradicted the rest of the estate
tooling (`rhodibot` deletes stub `README.md` to keep `.adoc`;
contractiles accept `README.adoc`). New rule, per owner directive:
- README is **`.adoc` by default** everywhere, with **exactly two `.md`
exceptions**:
- `hyperpolymath/hyperpolymath` — the GitHub **profile** repo (profile
READMEs render only `README.md`).
- `hyperpolymath/boj-server` — listed in external MCP directories
(Glama), which show AsciiDoc as raw markup.
### 2. Commit-signing note (`887a8ee`)
Documents (ground-truthed) that "Unverified" on agent commits is
**platform-managed and non-blocking** — git's `gpg.ssh.program` points
at Anthropic's `environment-manager` shim, wired once globally; there is
no per-repo/per-container key chore. Prevents future agents (and the
advisory stop-hook) from chasing it or attempting key surgery.
## Notes
- Docs-only; no code or tooling changes.
- Commits show as Unverified due to the platform signing situation
documented in commit 2 (non-blocking).
🤖 Generated with [Claude Code](https://claude.com/claude-code)
https://claude.ai/code/session_018Auxpj3daisp3kTcurBZ8t
---
_Generated by [Claude
Code](https://claude.ai/code/session_018Auxpj3daisp3kTcurBZ8t)_
---------
Co-authored-by: Claude <noreply@anthropic.com>
-**README must be `.md`, not `.adoc`.** README renders in GitHub community-health, the GitHub profile page (profile READMEs *only* render `README.md`), and external MCP directories (Glama) — all of which show AsciiDoc as raw markup. Keep `README.md`; do not keep a `README.adoc` alongside it. (This replaces the earlier `.adoc`-primary-with-Glama-carve-out rule for README.)
169
+
- All docs must be `.adoc` (AsciiDoc), **including `README.adoc`** — this is the estate default. GitHub renders AsciiDoc natively on the repo page, so the README, its community-health view, and the file-list tab bar all display correctly.
170
+
- GitHub-required `.md` (must be Markdown): SECURITY.md, CONTRIBUTING.md, CODE_OF_CONDUCT.md, CHANGELOG.md. (README is **not** in this list — see the README rule below.)
171
+
-**README is `.adoc` by default, with exactly two `.md` exceptions:**
172
+
*`hyperpolymath/hyperpolymath` — the GitHub **profile** repo; profile READMEs render *only*`README.md`, never `.adoc`.
173
+
*`hyperpolymath/boj-server` — surfaced in external MCP directories (Glama), which show AsciiDoc as raw markup.
174
+
Everywhere else keep `README.adoc` and do **not** add a `README.md` alongside it. (This supersedes the short-lived 2026-06 "README must be `.md`" reversal, which was wrong: estate tooling — e.g. `rhodibot` — already treats `.adoc` as primary and deletes any stub `README.md`.)
172
175
- No duplicate formats for the `.adoc`-primary docs (if `ARCHITECTURE.adoc` etc. exists, don't also have `.md`)
173
176
174
177
### Security Requirements
@@ -252,4 +255,42 @@ Distinct from TS/RS policy: JavaScript is *allowed* where AffineScript cannot re
|`**/deps/**`, `**/node_modules/**`| vendored package-manager dep | Vendored deps. | Never — vendored upstream. |
254
257
|`**/out/**`, `**/lib/js/**`, `**/.deno/**`| compiled output | AS / RS / Deno-cache compile output. | Never — compiler output, not source. |
255
-
|`**/vscode/**`, `**/extensions/vscode/**`| editor-host extension entry | VSCode extension entry points (often shipped as compiled `.js` even when authored as `.ts`). | When AS VSCode-extension API binding ships (top-50 roadmap). |
258
+
|`**/vscode/**`, `**/extensions/vscode/**`| editor-host extension entry | VSCode extension entry points (often shipped as compiled `.js` even when authored as `.ts`). | When AS VSCode-extension API binding ships (top-50 roadmap). |
259
+
260
+
---
261
+
262
+
## Commit Signing in Agent Environments — "Unverified" is not an action item
263
+
264
+
**Do not chase "Unverified" / "no signature" on agent commits, and do not put
265
+
signing keys into containers or repos to fix it.** In the managed Claude-Code
266
+
execution environment, commit signing is **platform-mediated and already wired
267
+
once, globally** — there is no per-repo or per-container key chore, and no
268
+
estate-wide key rollout to do.
269
+
270
+
How it actually works (ground-truthed 2026-06-26):
271
+
272
+
- The container's global git config already sets, for *every* repo:
0 commit comments