Site
Project docs and landing pages
The static site published at opencompliancefoundation.com. This is the public explanatory layer, not the whole codebase.
GitHub Organization
The public work lives in GitHub, not only on this website.
If you want to inspect the project seriously, start with the public GitHub organization. The site explains the system; the repositories hold the publishable source, specs, examples, schemas, validators, and Lean corridor.
Canonical public repos
Governance
Charter, conflicts, and sponsor rules
The foundation-facing documents that explain how meaning stays public and why sponsors do not buy semantics.
Open governance repoSpecs
Normative public artifacts
The public artifact contracts, mapping methodology, control-boundary metadata, source-availability notes, exact-anchor review pilots, actor trust-policy registry, and the machine-readable framework priority and coverage layer.
Examples
Synthetic ExampleCo corridors
Replay bundles, transparency logs, witness receipts, lifecycle packs, synthetic verification corridors, and the versioned public verifier release bundle.
Conformance
Executable checks
The public validators and conformance vectors that keep the synthetic bundles, schemas, and OSCAL projections consistent.
Open conformance repoEvidence Schema
Typed claim envelopes
The public schema surface for typed evidence claims, actor and signer metadata, trust-policy references, provenance, freshness, and control-mapped payloads.
Lean 4 Controls
Public proof corridor
The buildable Lean 4 package that defines the narrow technical proof slice, imports LegalLean, and keeps proof, defeat, and judgment boundaries explicit.
Open Lean repoOrganization
Browse everything from one root
The quickest external entry point is the organization root if you want issues, stars, repo metadata, and the public project map in one place.
Open GitHub orgWhat each repo is for
Read Order
- Start with `site` for the product thesis, trust boundary, and roadmap.
- Then read `public-artifacts` and `repositories` here so you understand which repo carries which surface.
- Open `specs` next if you want the most normative public definitions, including the framework-priority and framework-coverage files.
- Open `showcase` on this site first if you want the fastest company-level walkthrough before diving into raw artifacts.
- Open `examples`, `conformance`, and the verifier-release page together if you want replayable synthetic bundles, the ExampleCo showcase meta-pack, the public verifier bundle, and the validators that check them.
- Open `verify-workbench` if you want the smallest serious local browser surface for the deterministic Verify API rather than reading raw JSON only.
- Open `evidence-schema` and `lean4-controls` if you want the typed claim surface, the current public proof corridor, and the new LegalLean-backed boundary layer.
Boundary
The public organization is intentionally smaller than the private working repository. That is part of the safety model. The point is to publish what others can inspect and improve without leaking private experiments, secrets, or customer-specific state.
The safest reading is: the website tells you what exists, the GitHub repos show you exactly what has been published, and the docs should never imply more than the public repos can support.
Machine discovery
Crawlers
This site ships an allow-all robots.txt, a sitemap.xml, plus both llms.txt and llm.txt so search engines and LLM-oriented crawlers can find the pages and the GitHub organization entry points cleanly.
Canonical source
The canonical public home is opencompliancefoundation.com. The legacy opencompliance.aguilar-pelaez.co.uk hostname now redirects here at the Cloudflare edge.
Runnable bundle
The public source is not only prose and JSON fixtures any more. There is now a versioned verifier bundle in the public examples surface that can rerun the current synthetic corridors outside the private working repo, and it now includes the local browser workbench as well.