vln-devsecops dashboard

Generated 2026-07-10T21:18:15Z

Tracked repos

53of 47 visible repos across 5 owners · 29 not yet tracked

Workflow health

4 failing repo(s)13 OK · 4 failing · 36 warnings
healthy / warning / failing distribution

Visibility

34private · 19 public
public / private mix

Manifest confirmation

39repos awaiting reconfirmation
confirmed / needs reconfirmation

Pending pull requests

10across 7 tracked repos · dependabot: 5, other: 5, release-please: 0

Shared modules

8tracked extraction items

Portfolio summary

Owners: VlinderSoftware: 14, blytkerchan: 11, cpp4theselftaught: 5, vln-devsecops: 14, vln-polaris: 9

Visible repos by owner: VlinderSoftware: 16, blytkerchan: 22, cpp4theselftaught: 2, vln-devsecops: 7, vln-polaris: 0

Categories: application: 24, automation: 1, books: 6, devsecops: 4, github-action: 6, infrastructure: 3, org-profile: 1, standards: 1, website: 1, website-app: 1, website-blog: 3, website-tool: 1, workspace: 1

Roles: active-app: 3, active-infra: 1, extract-shared-parts: 9, inventory-reference: 5, migrated: 16, target: 19

Open attention items

  • Break up the `doxchange` repository as a separate undertaking.
  • Bring all repos across `vln-devsecops`, `VlinderSoftware`, `vln-polaris`, `cpp4theselftaught`, and the in-scope personal namespace up to the agreed compliance baseline: Dependabot for supported ecosystems, lightweight CI where missing, and safe minor/patch Dependabot auto-approval or auto-merge where test coverage supports it.
  • Replace the current Python-generated static dashboard with a React frontend built on the same front-end stack as `doxchange`.
  • Make sure we have workspace repositories wherever they should exist across the portfolio, including books, blogs/websites, Cloudflare apps, devsecops, and doxchange apps.
  • Repair the `utils-system-cleanup` test baseline so the repository can safely enable Dependabot minor/patch auto-merge instead of staying gated on lint-only CI.
  • Roll the two-tier npm audit gate (`npm ci`, `npm audit --audit-level=moderate --omit=dev`, and `npm audit --audit-level=critical`) across the remaining Node-based repositories where the baseline is clean enough for it to be a useful CI signal.
  • Repos with failing latest workflow runs: vln-devsecops/actions-validate-coverage, VlinderSoftware/node-event-superschema, VlinderSoftware/cpp-event-superschema, VlinderSoftware/python-event-superschema
  • Repos without live API enrichment in this snapshot: vln-devsecops/github-runners, vln-devsecops/utils-system-cleanup, vln-devsecops/icon, vln-devsecops/guidance, vln-devsecops/infra ...

Failing repositories

Pending pull requests

Per-repo status matrix

Shortcuts: Alt+F focus filter, Alt+Shift+S cycle sort column, Alt+↑/Alt+↓ set sort direction, Alt+R reset view.

blytkerchan/applied-paranoia.com website-blog active-app dev green
completed / success
v20210827-1 unknown no live static-site infra pattern was extracted to terraform-modules//modules/aws/static_site but the repo is a live production site, not a legacy candidate
local infra should eventually migrate to consume the shared module
blytkerchan/arxiv-digest website-app extract-shared-parts main green
completed / success
none unknown no live PR
PR
blytkerchan/authority application target master unknown
unknown
none unknown no manifest-only authority management repository
default_branch corrected 2026-07-10 - manifest said main, repo actually uses master (confirmed live via gh api)
blytkerchan/blog-copy-editor website-tool extract-shared-parts dev unknown
unknown
none unknown no manifest-only package.json still has stale name/description copied from arxiv-digest ("name": "arxiv-digest") - not fixed here, out of scope for the compliance pass, flagged for the user
compliance baseline: Dependabot already present. ci_validate_worker.yml added 2026-07-10 (two-tier npm audit gate + wrangler deploy --dry-run; first run failed on Node 20, fixed to Node 22 for wrangler 4.x, now verified passing) and ci_dependabot_automerge.yml added gating minor/patch only. Partial because (a) DEPENDABOT_AUTOMERGE_TOKEN not yet provisioned for blytkerchan and (b) private repo on GitHub Free, so allow_auto_merge cannot be enabled regardless (accepted gap, see maintenance_notes)
blytkerchan/blytkerchan.github.io website-blog extract-shared-parts master green
completed / success
none unknown no live compliance baseline: Dependabot already present. ci_validate_jekyll.yml added 2026-07-10 (verified passing - bundle exec jekyll build) and ci_dependabot_automerge.yml added gating minor/patch only; public repo, so allow_auto_merge could be enabled once DEPENDABOT_AUTOMERGE_TOKEN is provisioned for blytkerchan - no plan-tier blocker here unlike the private repos
blytkerchan/book-apoptotic-cascade books extract-shared-parts main unknown
unknown
none unknown no manifest-only compliance baseline: Dependabot already present, ci.yml does a full pandoc/LaTeX book build (PDF/DOCX/EPUB/dyslexic PDF), not just lint; ci_dependabot_automerge.yml added 2026-07-10 gating minor/patch only. Partial because (a) DEPENDABOT_AUTOMERGE_TOKEN not yet provisioned for blytkerchan and (b) private repo on GitHub Free, so allow_auto_merge cannot be enabled regardless (accepted gap, see maintenance_notes)
blytkerchan/book-cpp4theselftaught books extract-shared-parts main unknown
unknown
none unknown no manifest-only compliance baseline: Dependabot already present, ci.yml does a full pandoc/LaTeX book build (PDF/DOCX/EPUB/dyslexic PDF), not just lint; ci_dependabot_automerge.yml added 2026-07-10 gating minor/patch only. Partial because (a) DEPENDABOT_AUTOMERGE_TOKEN not yet provisioned for blytkerchan and (b) private repo on GitHub Free, so allow_auto_merge cannot be enabled regardless (accepted gap, see maintenance_notes)
blytkerchan/book-git4theselftaught books inventory-reference master unknown
unknown
none unknown no manifest-only older tex-based book structure
useful as a legacy contrast to the newer automation-heavy books
blytkerchan/book-observer books extract-shared-parts main unknown
unknown
none unknown no manifest-only compliance baseline: Dependabot already present, ci.yml does a full pandoc/LaTeX book build (PDF/DOCX/EPUB/dyslexic PDF), not just lint; ci_dependabot_automerge.yml added 2026-07-10 gating minor/patch only. Partial because (a) DEPENDABOT_AUTOMERGE_TOKEN not yet provisioned for blytkerchan and (b) private repo on GitHub Free, so allow_auto_merge cannot be enabled regardless (accepted gap, see maintenance_notes)
blytkerchan/book-security4theselftaught books inventory-reference main unknown
unknown
none unknown no manifest-only older tex-based book structure
less obviously aligned with the newer pandoc automation stack
blytkerchan/workspace-books books inventory-reference dev unknown
unknown
none unknown no manifest-only umbrella workspace for book writing
useful for finding cross-book automation patterns
cpp4theselftaught/cpp4theselftaught.github.io website-blog extract-shared-parts master green
completed / success
none unknown no live compliance baseline: had no Dependabot or CI at all before 2026-07-10, same starting state blytkerchan.github.io was in. Added bundler + github-actions Dependabot, ci_validate_jekyll.yml (bundle exec jekyll build), and ci_dependabot_automerge.yml (pull_request_target from the start). First run failed - Gemfile.lock pins BUNDLED WITH 2.0.2, incompatible with Ruby 3.2 (String#untaint removed) - fixed by patching the pin with sed in the CI checkout only, not the committed lockfile; verified passing after. allow_auto_merge confirmed true, vulnerability alerts/automated security fixes enabled, DEPENDABOT_AUTOMERGE_TOKEN provisioned (new cpp4theselftaught-scoped PAT). Partial pending its own live Dependabot PR to observe an actual merge
cpp4theselftaught/depends application target master green
completed / success
none unknown no live CMake/Boost C++ dependency-tracking library
compliance baseline: only had a dead .travis.yml before 2026-07-10 (Travis CI stopped being usable for this kind of project long ago; it targeted gcc-4.9 through gcc-7 and clang-3.6 through 5.0, none available anywhere anymore). Replaced with ci_validate_cmake.yml (gcc+clang matrix on ubuntu-latest, cmake --build + ctest), verified passing on both compilers after initializing the exceptions/cmake submodules (both point to other VlinderSoftware repos, same-owner so no cross-repo auth wall). Added github-actions-only Dependabot (no vcpkg/conan manifest) and ci_dependabot_automerge.yml (pull_request_target from the start). allow_auto_merge confirmed true, vulnerability alerts/automated security fixes enabled, DEPENDABOT_AUTOMERGE_TOKEN provisioned (new cpp4theselftaught-scoped PAT). Partial pending its own live Dependabot PR to observe an actual merge
cpp4theselftaught/devcontainer devsecops target main unknown
unknown
none unknown no manifest-only compliance baseline: empty scaffold - only a README.md exists, no devcontainer.json/Dockerfile/source yet despite the name. Not-applicable until content lands; revisit then
cpp4theselftaught/robot-car application migrated master unknown
unknown
none unknown yes manifest-only robot car project with Raphael
compliance baseline: archived - same as actions-autoversion, GitHub blocks vulnerability-alerts/automated-security-fixes API changes on archived repos (422). No action unless unarchived
cpp4theselftaught/sudoku-solver application migrated master unknown
unknown
none unknown yes manifest-only compliance baseline: archived - same as actions-autoversion, GitHub blocks vulnerability-alerts/automated-security-fixes API changes on archived repos (422). No action unless unarchived
VlinderSoftware/app-lector application target dev unknown
unknown
none unknown no manifest-only multi-component app (frontend/lambda/worker/infra), same shape as VlinderSoftware/doxchange
compliance baseline: had no Dependabot or CI at all before 2026-07-10. Added Dependabot for all 5 ecosystems (npm/frontend, pip/lambda, pip/worker, pip/tests, terraform/infra, github-actions) and ci_validate_frontend.yml covering only the frontend component for now (type-check + build + vitest, verified passing with npm ci --legacy-peer-deps - @vitejs/plugin-react's published peerDependencies range lags vite 8.x but is actually compatible, confirmed 0 vulnerabilities and clean build/test). npm run lint was left out - no eslint.config.js exists at all, fails outright on ESLint 9's flat-config requirement, a pre-existing gap not papered over here. lambda/worker/infra CI is a follow-up; no automerge yet given how partial coverage still is
VlinderSoftware/cpp-event-superschema application target dev failing
completed / failure
none unknown no live C++ implementation of event superschema, linked from workspace-event-superschema
compliance baseline: CMake project (no vcpkg/conan manifest), ci.yml exists, dependabot.yml added 2026-07-10 (github-actions only) plus ci_dependabot_automerge.yml (pull_request_target from the start), DEPENDABOT_AUTOMERGE_TOKEN provisioned, allow_auto_merge confirmed true (public repo), vulnerability alerts/automated security fixes enabled. Partial pending its own live Dependabot PR to observe an actual merge
VlinderSoftware/cpp-jose application migrated dev green
completed / success
none unknown no live JOSE implementation in modern C++, known consumer of actions-msvc
compliance baseline: Dependabot already present (github-actions only), ci.yml exists, ci_dependabot_automerge.yml added 2026-07-10 (pull_request_target from the start), DEPENDABOT_AUTOMERGE_TOKEN provisioned, allow_auto_merge confirmed true (public repo), vulnerability alerts/automated security fixes enabled. Partial pending its own live Dependabot PR to observe an actual merge
VlinderSoftware/cs-event-superschema application target dev green
completed / success
none unknown no live C# implementation of event superschema, linked from workspace-event-superschema
compliance baseline: .NET project (nuget.config), ci.yml exists, dependabot.yml added 2026-07-10 (nuget + github-actions) plus ci_dependabot_automerge.yml (pull_request_target from the start). Real end-to-end proof: PR #2 (coverlet.collector bump) merged automatically via a genuinely dependabot-triggered run (forced with `@dependabot recreate`), confirming both the token and the pull_request_target fix work together. First repo in this batch confirmed complete via an observed run rather than config inspection
VlinderSoftware/doxchange application extract-shared-parts dev unknown
unknown
none unknown no manifest-only project-owned infra structure is the precedent for app-specific infra boundaries
infra directory contains reusable terraform modules and automation worth extracting
VlinderSoftware/node-cognitojwtvalidator application migrated dev unknown
unknown
none unknown no manifest-only validator for JWT tokens generated by Cognito
compliance baseline: same pattern as node-lambdahelpers - fixed and provisioned the same way 2026-07-10 (token swap + secrets: inherit + DEPENDABOT_AUTOMERGE_TOKEN secret). Capped at partial - private repo on GitHub Free, allow_auto_merge cannot be enabled (accepted gap, see maintenance_notes)
VlinderSoftware/node-dynamodbwrapper application migrated dev unknown
unknown
none unknown no manifest-only wrapper (in TypeScript) for Node for AWS DynamoDB
compliance baseline: same pattern as node-lambdahelpers - fixed and provisioned the same way 2026-07-10 (token swap + secrets: inherit + DEPENDABOT_AUTOMERGE_TOKEN secret). Capped at partial - private repo on GitHub Free, allow_auto_merge cannot be enabled (accepted gap, see maintenance_notes)
VlinderSoftware/node-event-superschema application target dev failing
completed / failure
none unknown no live Node.js implementation of event superschema, linked from workspace-event-superschema
compliance baseline: had no Dependabot or CI at all before 2026-07-10. Added npm + github-actions Dependabot, ci_validate_node.yml (build+test hard gate, verified passing; npm audit non-blocking since the prod dependency tree already has unresolved vulnerabilities via node-jose/node-forge/lodash/fast-uri/ajv, not a CI regression) and ci_dependabot_automerge.yml (pull_request_target from the start). allow_auto_merge confirmed true, DEPENDABOT_AUTOMERGE_TOKEN provisioned, vulnerability alerts/automated security fixes enabled. Partial pending its own live Dependabot PR to observe an actual merge; also test coverage is uneven (JWE/JWS paths at 0%), similar caveat to utils-system-cleanup
VlinderSoftware/node-lambdahelpers application migrated dev unknown
unknown
none unknown no manifest-only helpers for AWS Lambda
compliance baseline: Dependabot already present, full CI (build/eslint/formatting/unittestcoverage/cicd/deploy); ci_automerge.yml is a reusable (workflow_call) workflow, fixed 2026-07-10 to use secrets.DEPENDABOT_AUTOMERGE_TOKEN, with secrets: inherit added to the caller job in cicd.yml (custom secrets don't reach called workflows otherwise) and the secret provisioned (new VlinderSoftware-scoped PAT). Capped at partial because this is a private repo on GitHub Free, so allow_auto_merge cannot be enabled (accepted gap, see maintenance_notes)
VlinderSoftware/node-module-template devsecops migrated main unknown
unknown
none unknown no manifest-only template repo the node-lambdahelpers/node-cognitojwtvalidator/node-dynamodbwrapper/node-permissionvalidator family was cloned from - explains why their CI/automerge workflows are identical
compliance baseline: fixed and provisioned 2026-07-10 (token swap + secrets: inherit + DEPENDABOT_AUTOMERGE_TOKEN secret) ahead of its downstream repos, since they likely get re-synced from this template. Capped at partial - private repo on GitHub Free, allow_auto_merge cannot be enabled (accepted gap, see maintenance_notes)
VlinderSoftware/node-permissionvalidator application migrated main unknown
unknown
none unknown no manifest-only permission validation
repo description on GitHub currently reads "Validator for Cognito JWT tokens" - looks like a copy-paste leftover from node-cognitojwtvalidator, flagged for the user rather than changed here
VlinderSoftware/python-event-superschema application target dev failing
completed / failure
v1.0.0 unknown no live super-schema support for Python, linked from workspace-event-superschema
compliance baseline: pyproject.toml-based project, ci.yml exists, dependabot.yml added 2026-07-10 (pip + github-actions) plus ci_dependabot_automerge.yml (pull_request_target from the start), DEPENDABOT_AUTOMERGE_TOKEN provisioned, allow_auto_merge confirmed true. Mechanism proven end-to-end on the identically-configured cs-event-superschema (PR #2, see its entry), but not yet observed on this specific repo's own live PR (#3 open) - promote to complete once seen merging here too
VlinderSoftware/vlinder.ca website extract-shared-parts master unknown
unknown
none unknown no manifest-only current deployment extraction candidate is AWS-specific; future Azure or GCP patterns may belong in separate or more generalized automation
compliance baseline: had no Dependabot or CI at all before 2026-07-10. Added bundler + npm + github-actions Dependabot ecosystems and ci_validate_jekyll.yml (jekyll build + two-tier npm audit gate; verified passing via a real triggered run). Critical-level audit step is non-blocking - serverless-s3-sync is a deprecated/unsupported package already pulling in a critical-severity transitive vuln (minimist) today, not a regression; a real fix means replacing that dependency, out of scope here. No auto-merge yet - this is a live production site, holding off until the new CI has a track record
VlinderSoftware/workspace-event-superschema application inventory-reference dev green
completed / success
none unknown no live umbrella workspace linking cpp-event-superschema, cpp-jose, cs-event-superschema, node-event-superschema, paper-event-superschema (already tracked), and python-event-superschema as submodules, same pattern as blytkerchan/workspace-books
compliance baseline: had no Dependabot or CI at all before 2026-07-10. Added github-actions Dependabot and ci_validate_submodules.yml doing a real `submodules: recursive` checkout (verified passing) - confirmed all 6 linked submodules are public, unlike workspace-books, so no cross-repo auth wall applies here. allow_auto_merge confirmed true (public repo), vulnerability alerts/automated security fixes enabled. No automerge planned regardless (reference workspace, not a deployable)
vln-devsecops/.github org-profile target main unknown
no runs
none unknown yes live org profile repository for the public-facing organization README and shared org metadata
compliance baseline: only LICENSE/README/profile content, no package-manager ecosystem and nothing to run CI against; not-applicable rather than a gap
vln-devsecops/actions-autoversion github-action migrated main green
completed / success
v1.1.2 / v1.1 / v1 unknown yes live transferred directly from VlinderSoftware/autoversion
old location now redirects to the new repo
vln-devsecops/actions-build-paper github-action migrated dev green
completed / success
v1.1.3 / v1.1 / v1 unknown yes live transferred directly from blytkerchan/build-paper
old location now redirects to the new repo
vln-devsecops/actions-generate-licenses github-action migrated main green
completed / success
v1.2.11 / v1.2 / v1 unknown yes live transferred directly from VlinderSoftware/generate-licenses
old location now redirects to the new repo
vln-devsecops/actions-msvc github-action migrated dev green
completed / success
v1.0.2 / v1.0 / v1 unknown yes live transferred directly from blytkerchan/devsecops-setup-msvc
published action with existing v1 tag line
vln-devsecops/actions-validate-coverage github-action migrated main failing
completed / failure
v1.0.18 / v1.0 / v1 unknown yes live transferred directly from VlinderSoftware/validate-coverage
old location now redirects to the new repo
vln-devsecops/automation-books automation target dev unknown
unknown
none unknown no manifest-only initialized on dev with lightweight compliance workflows
intended home for shared book build and editorial automation
vln-devsecops/github-runners devsecops active-infra dev unknown
unknown
none unknown yes manifest-only self-hosted GitHub Actions runner infrastructure (terraform + packer)
transferred from VlinderSoftware/devsecops-gha-runner
vln-devsecops/guidance standards target main unknown
unknown
none unknown no manifest-only org-wide engineering standards, operational runbooks, and compliance scaffold
standards/repo-naming-convention.md — naming convention for all portfolio repos
vln-devsecops/icon github-action migrated main unknown
unknown
none unknown yes manifest-only repository for the org icon
compliance baseline: just README.md and icon.svg, no package-manager ecosystem and nothing to run CI against; not-applicable rather than a gap
vln-devsecops/infra infrastructure target main unknown
unknown
none unknown yes manifest-only org-level AWS infrastructure: GitHub OIDC trust, IAM roles for keyless CI/CD
github-oidc/ root module creates OIDC provider and 4 IAM roles
vln-devsecops/operations workspace target dev pending
in_progress / n/a
none baseline yes partial central devsecops workspace
tracks the broader org migration/extraction plan and the org-profile repository
vln-devsecops/terraform-modules infrastructure target main green
completed / success
v0.16.0 / v0.16 / v0 unknown yes live intended home for extracted reusable Terraform modules and infra patterns
modules at v0.7 (immutable v0.7.0); floating tags v0.7 and v0 current
vln-devsecops/utils-system-cleanup devsecops migrated dev unknown
unknown
none unknown yes manifest-only transferred from VlinderSoftware/devsecops-utils-system-cleanup
old location now redirects to the new repo
vln-polaris/fhcs-simulator application active-app dev unknown
unknown
none unknown no manifest-only simulator of a first-hop controlling station implementing AMP, part of the active Coppice ecosystem
compliance baseline: Dependabot already present, full CI (ci/docs/release/security workflows), dependabot-auto-merge.yml fixed 2026-07-10 to use secrets.DEPENDABOT_AUTOMERGE_TOKEN and the secret provisioned (new vln-polaris-scoped PAT); vulnerability alerts/automated security fixes enabled. Capped at partial because this is a private repo on GitHub Free, so allow_auto_merge cannot be enabled (accepted gap, see maintenance_notes)
vln-polaris/icon application migrated main unknown
unknown
none unknown no manifest-only just icon.svg plus a generate-icons.yml workflow (apt-installed inkscape/imagemagick, no package.json) that renders PNG/ICO sizes on push
compliance baseline: no npm/pip/etc. ecosystem to track (system packages installed via apt, not a Dependabot-supported manifest) - only github-actions Dependabot ecosystem applies, added 2026-07-10. No automerge needed/added (CI is an image-generation pipeline, not a merge gate). vulnerability alerts/automated security fixes enabled; capped at partial because this is a private repo on GitHub Free, so allow_auto_merge is moot here anyway (accepted gap, see maintenance_notes) - though no automerge is planned for this repo regardless
vln-polaris/node-coppice-lambdas-audit-fanout application target dev unknown
unknown
none unknown no manifest-only compliance baseline: empty scaffold - only README.md, .gitignore, and .github/copilot-instructions.md exist, no source code or package manifest yet. Not-applicable until code lands; revisit then
vln-polaris/node-coppice-lambdas-authorizer application target dev unknown
unknown
none unknown no manifest-only compliance baseline: empty scaffold - only README.md, .gitignore, and .github/copilot-instructions.md exist, no source code or package manifest yet. Not-applicable until code lands; revisit then
vln-polaris/node-coppice-lambdas-token-service application target dev unknown
unknown
none unknown no manifest-only compliance baseline: empty scaffold - only README.md, .gitignore, and .github/copilot-instructions.md exist, no source code or package manifest yet. Not-applicable until code lands; revisit then
vln-polaris/node-coppice-validate-jwt application target dev unknown
unknown
none unknown no manifest-only compliance baseline: empty scaffold - only README.md, .gitignore, and .github/copilot-instructions.md exist, no source code or package manifest yet. Not-applicable until code lands; revisit then
vln-polaris/playwright-coppice-e2e application target dev unknown
unknown
none unknown no manifest-only compliance baseline: empty scaffold - only README.md, .gitignore, and .github/copilot-instructions.md exist, no source code or package manifest yet. Not-applicable until code lands; revisit then
vln-polaris/terraform-aws-coppice infrastructure active-app dev unknown
unknown
none unknown no manifest-only canonical infra repo for the Coppice application; not an archive candidate
lambda callers migrated to vln-devsecops/terraform-modules//modules/aws/lambda (v0.4); local modules/lambda deleted
vln-polaris/workspace-coppice application inventory-reference dev unknown
unknown
none unknown no manifest-only umbrella workspace linking node-coppice-validate-jwt, the 3 node-coppice-lambdas-* repos, playwright-coppice-e2e, and terraform-aws-coppice (already tracked) as submodules, same pattern as blytkerchan/workspace-books
all 5 non-terraform submodules are currently empty scaffolds (see their own entries) - nothing substantive to validate here yet

Shared-platform view

Module status counts: deferred: 1, extracted: 7

Module Source repo Target path Status Provider Completed checks
rxmail VlinderSoftware/doxchange modules/aws/rxmail deferred aws none
deployment_bucket VlinderSoftware/doxchange modules/aws/deployment_bucket extracted aws static_checks_complete, terraform_test_complete, integration_test_complete, examples_complete, policy_checks_complete
dynamodb VlinderSoftware/doxchange modules/aws/dynamodb extracted aws static_checks_complete, terraform_test_complete, integration_test_complete, examples_complete, policy_checks_complete
lambda VlinderSoftware/doxchange modules/aws/lambda extracted aws static_checks_complete, terraform_test_complete, integration_test_complete, examples_complete, policy_checks_complete
lambda vln-polaris/terraform-aws-coppice modules/aws/lambda extracted aws static_checks_complete, terraform_test_complete, integration_test_complete, examples_complete, policy_checks_complete
lambda-at-edge VlinderSoftware/doxchange modules/aws/lambda-at-edge extracted aws static_checks_complete, terraform_test_complete, examples_complete, policy_checks_complete
mail VlinderSoftware/doxchange modules/aws/mail extracted aws static_checks_complete, terraform_test_complete, integration_test_complete, examples_complete, policy_checks_complete
static_site blytkerchan/applied-paranoia.com modules/aws/static_site extracted aws static_checks_complete, terraform_test_complete, examples_complete, policy_checks_complete

Operations run history

Adoption and migration view

Migration posture: this snapshot reflects the repo manifest and in-repo TODO list as of 2026-07-10T21:18:15Z. Remaining tracked follow-ups stay explicit in the prompt docs for archive cleanup and the shared Lambda@Edge gap.

The dashboard is intentionally static at publish time. Any richer cross-owner live API enrichment can be added later without changing the hosted security model.