OC OpenCompliance
GitHub Organization

The public work lives in GitHub, not only on this website.

If you want to inspect the project seriously, start with the public GitHub organization. The site explains the system; the repositories hold the publishable source, specs, examples, schemas, validators, and Lean corridor.

GitHub organization Publication model Foundation model

Canonical public repos

Site

Project docs and landing pages

The static site published at opencompliancefoundation.com. This is the public explanatory layer, not the whole codebase.

Open site repo
Governance

Charter, conflicts, and sponsor rules

The foundation-facing documents that explain how meaning stays public and why sponsors do not buy semantics.

Open governance repo
Specs

Normative public artifacts

The public artifact contracts, mapping methodology, control-boundary metadata, source-availability notes, and exact-anchor review pilots.

Open specs repo
Examples

Synthetic ExampleCo corridors

Replay bundles, transparency logs, witness receipts, lifecycle packs, and synthetic verification corridors for public inspection.

Open examples repo
Conformance

Executable checks

The public validators and conformance vectors that keep the synthetic bundles, schemas, and OSCAL projections consistent.

Open conformance repo
Evidence Schema

Typed claim envelopes

The public schema surface for typed evidence claims, signer metadata, provenance, freshness, and control-mapped payloads.

Open schema repo
Lean 4 Controls

Public proof corridor

The buildable Lean 4 package that defines the narrow technical proof slice and keeps its proof boundaries explicit.

Open Lean repo
Organization

Browse everything from one root

The quickest external entry point is the organization root if you want issues, stars, repo metadata, and the public project map in one place.

Open GitHub org

What each repo is for

Read Order
  • Start with `site` for the product thesis, trust boundary, and roadmap.
  • Then read `public-artifacts` and `repositories` here so you understand which repo carries which surface.
  • Open `specs` next if you want the most normative public definitions.
  • Open `showcase` on this site first if you want the fastest company-level walkthrough before diving into raw artifacts.
  • Open `examples` and `conformance` together if you want replayable synthetic bundles, the ExampleCo showcase meta-pack, and the validators that check them.
  • Open `evidence-schema` and `lean4-controls` if you want the typed claim surface and the current public proof corridor.
Boundary

The public organization is intentionally smaller than the private working repository. That is part of the safety model. The point is to publish what others can inspect and improve without leaking private experiments, secrets, or customer-specific state.

The safest reading is: the website tells you what exists, the GitHub repos show you exactly what has been published, and the docs should never imply more than the public repos can support.

Machine discovery

Crawlers

This site ships an allow-all robots.txt, a sitemap.xml, plus both llms.txt and llm.txt so search engines and LLM-oriented crawlers can find the pages and the GitHub organization entry points cleanly.

Canonical source

The canonical public home is opencompliancefoundation.com. The legacy opencompliance.aguilar-pelaez.co.uk hostname now redirects here at the Cloudflare edge.