Skip to content

docs: subdomain architecture, OpenAPI docs, security cleanup#12

Merged
realityinspector merged 2 commits intomainfrom
security/remove-private-refs
Mar 13, 2026
Merged

docs: subdomain architecture, OpenAPI docs, security cleanup#12
realityinspector merged 2 commits intomainfrom
security/remove-private-refs

Conversation

@realityinspector
Copy link
Collaborator

@realityinspector realityinspector commented Mar 13, 2026

Summary

  • README: Replaced Railway/private-repo references with subdomain architecture (flash.timepointai.com, pro.timepointai.com, clockchain.timepointai.com, etc.). Added cleaned-up Cloud Execution section. Updated Timepoint Suite table with subdomain URLs and repo links. Removed private repo rows.
  • AGENTS: Added subdomain architecture table, OpenAPI documentation section, and public repo security rule.
  • FRONT-END-SPEC: New file documenting dashboard API endpoints, auth flow (Flash SSO via token introspection), query parameters, CORS policy, and planned UI surfaces.

Security

  • Removed all references to private repo names (timepoint-pro-cloud-private, timepoint-web-app, timepoint-billing, etc.)
  • Removed Railway internal networking paths and auto-domains
  • Added explicit rule in AGENTS.md to prevent future leaks

Test plan

  • Verify README renders correctly on GitHub (table formatting, links)
  • Verify subdomain URLs resolve correctly
  • Confirm no remaining private repo/Railway references: grep -r "railway\|deploy-private\|pro-cloud-private" *.md

realityinspector and others added 2 commits March 13, 2026 10:50
@realityinspector @claude
security: remove private repo refs from public docs
914b655 
Remove private repo table entries (Web App, iPhone App, Billing, Landing),
Cloud Execution via Pro-Cloud section revealing Railway/internal service details,
and Pro-Cloud boundary references with internal env var names.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@realityinspector
docs: subdomain architecture, OpenAPI, security cleanup, front-end spec
c63dc6c 
- README: add Cloud Execution section with subdomain refs, update Suite table
  with subdomain URLs (flash/clockchain/pro/proteus.timepointai.com),
  remove private repo names and Railway internal references
- AGENTS: add subdomain architecture table, OpenAPI docs section,
  public repo security rule
- FRONT-END-SPEC: new file documenting dashboard API endpoints,
  auth flow (Flash SSO via token introspection), query parameters,
  CORS policy, and planned UI surfaces
@realityinspector realityinspector merged commit 19f602f into main Mar 13, 2026
1 of 5 checks passed
realityinspector pushed a commit that referenced this pull request Mar 15, 2026
Merge pull request #12 from timepointai/security/remove-private-refs
dffa417 
docs: subdomain architecture, OpenAPI docs, security cleanup
@realityinspector realityinspector deleted the security/remove-private-refs branch March 15, 2026 14:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@realityinspector