SecureIDE Workbench is maintained by Karunanidhi Mishra as an OSS-oriented enterprise product foundation.
- Keep the codebase useful for enterprise developers, not tutorial consumers.
- Preserve local setup clarity.
- Prefer provider adapters and OSS/self-hosted alternatives over direct paid-SaaS coupling.
- Never commit real secrets or customer data.
- Record proof for meaningful changes.
- Read
README.md. - Read
docs/DEVELOPER_ONBOARDING.md. - Read
docs/ARCHITECTURE_DEEP_DIVE.md. - Check
docs/PROVIDER_REPLACEMENT_PLAN.mdbefore changing provider integrations. - Check
docs/THREAT_MODEL.mdbefore changing sensitive data, access, provider, webhook, billing, or workflow paths. - Check
docs/AUDIT_OBSERVABILITY_PLAN.mdbefore adding or changing audit, logging, health, provider, webhook, worker, or admin behavior.
npm ciRun available scripts from package.json, especially lint, typecheck, test, and build when present.
Use the Docker proof runner from the control workspace when you need isolated command evidence.
- Explain what changed.
- List commands run.
- List any skipped checks and why.
- Mention provider, auth, billing, data, or deployment impact.
- Update docs when runtime, routes, env vars, or provider dependencies change.