Enhanced .gitignore to protect:
- Configuration files with secrets (config.yaml, .env files)
- Mastodon credential files (*_clientcred.secret, *_usercred.secret)
- API keys and tokens (*.key, *.token, *.pem, credentials.json)
- Database files (may contain user data)
- Backup files (may contain sensitive data)
- LLM API key directories (.llm/, .openai/, .anthropic/)
Added SECURITY.md documentation covering:
- Where secrets are stored
- What is/isn't committed to git
- Best practices for credential management
- Production secret management options
- What to do if secrets are accidentally committed
- Pre-commit hook examples
- Security audit checklist
Verified all patterns with test suite - all sensitive files properly ignored.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Govbot is an AI-powered governance bot that interprets natural language
constitutions and facilitates collective decision-making across social
platforms.
Core features:
- Agentic architecture with constitutional reasoning (RAG)
- Platform-agnostic design (Mastodon, Discord, Telegram, etc.)
- Action primitives for flexible governance processes
- Temporal awareness for multi-day proposals and voting
- Audit trail with constitutional citations
- Reversible actions with supermajority veto
- Works with local (Ollama) and cloud AI models
Platform support:
- Mastodon: Full implementation with streaming, moderation, and admin skills
- Discord/Telegram: Platform abstraction ready for implementation
Documentation:
- README.md: Architecture and overview
- QUICKSTART.md: Getting started guide
- PLATFORMS.md: Platform implementation guide for developers
- MASTODON_SETUP.md: Complete Mastodon deployment guide
- constitution.md: Example governance constitution
Technical stack:
- Python 3.11+
- SQLAlchemy for state management
- llm CLI for model abstraction
- Mastodon.py for Mastodon integration
- Pydantic for configuration validation
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
