Vendor Sources
This page separates official vendor primitives from GoingNinja platform conventions. Each row makes that split explicit. Community signals and forum pressure tests belong in audits, not in normative platform claims.
1. Official Primitive Vs Platform Convention
| Surface | Official primitive | GoingNinja use and boundary |
|---|---|---|
| OpenAI / ChatGPT | general assistant surface for answers, writing, brainstorming, search, data analysis, and code collaboration: ChatGPT overview | Convention: use ChatGPT as a discussion and explanation surface when shaping a product or teaching the system. Not claimed: chat output becomes repo truth on its own. |
| OpenAI / Codex | public coding-agent surfaces for repo-aware engineering work: Codex developer overview, Codex product page | Convention: the builder lane is a platform role. In the current proof, a Codex-backed builder surface fills that role and receives AGENTS.md explicitly at session start until a committed wrapper exists. Not claimed: only Codex can fill the builder lane or that Codex auto-loads AGENTS.md like Claude Code loads CLAUDE.md. |
| Anthropic / Claude | general assistant surface for writing, analysis, and problem solving: Meet Claude | Convention: use Claude as a reasoning and explanation surface; final repo truth still belongs in versioned files. Not claimed: Claude chat becomes the durable operating state of a repo. |
| Anthropic / Claude Code | CLAUDE.md memory, @file imports, .claude/settings.json: Claude Code memory, Claude Code settings |
Convention: CLAUDE.md stays thin and imports shared repo truth; permissions stay in .claude/settings.json. Not claimed: CLAUDE.md becomes the canonical policy manual. |
| Mistral / API platform | account, workspace, API key, models, and server-side chat completion primitives: Create an organization, Manage workspaces & API keys, First API request, Models, API reference | Convention: the public wiki assistant currently uses one live Mistral chat model behind a repo-grounded retrieval layer. Not claimed: Mistral replaces repo truth, audit lanes, or unrestricted web search. |
| Google / Gemini Apps | general Gemini assistant surface across web, mobile, Chrome, and connected apps: Gemini Apps Help, Use and manage connected apps in Gemini | Convention: use Gemini chat surfaces for discussion or exploration, not as the durable state of the repo. Not claimed: connected-app chat state replaces repo state or CI state. |
| Google / Gemini CLI | GEMINI.md, settings, checkpointing, workflow integration: official Google Gemini CLI repository |
Convention: GEMINI.md stays thin and .gemini/settings.json defines how Gemini receives repo context. Not claimed: vendor-side automatic file discovery beyond the documented settings and repo contract. |
| GitHub | workflow semantics, status checks, merge gates: GitHub Actions workflows, About status checks | Convention: PR audits run before merge and rendered state runs after merge on main. Not claimed: GitHub alone defines platform policy. |
| GitHub Actions writer authority | workflows can run with elevated repository permissions, including contents: write for a controlled job |
Convention: post-merge-state.yml treats CI on main as the trusted writer for rendered Markdown state. Not claimed: feature branches or review jobs rewrite rendered state. |
| Cloudflare Access | self-hosted applications, allow policies, application-level login enforcement | Convention: manual, preview, and operator surfaces default to Cloudflare Access. Not claimed: Cloudflare Access replaces product authentication. |
| Resend | verified sending domains and server-side email delivery primitives: Send email, Domains introduction | Convention: root access notifications may use Resend when a verified sender and runtime key are configured. Not claimed: email delivery is available without a verified sender domain or runtime secret. |
| Vercel | Git-based deployments, custom domains, deployment protection | Convention: product runtime defaults to Vercel; protected previews can sit behind Cloudflare Access or Vercel deployment protection. Not claimed: raw *.vercel.app URLs are canonical user-facing surfaces. |
| Neon | CLI project and database creation | Convention: provider-backed bootstrap uses Neon as the default Postgres path today. Not claimed: Neon is required forever. |
| W3C APG + Material 3 | modal dialog accessibility and sheet presentation patterns: WAI-ARIA modal dialog pattern, Material bottom sheets, Material side sheets | Convention: the wiki assistant uses a real dialog/sheet pattern, a compact assistant header, a single onboarding card, and a fixed composer area. Not claimed: the assistant invents a new navigation or chat pattern per page. |
| macOS Keychain | OS-managed secret storage and access controls | Convention: the current single-operator credential store is Keychain-backed via security and the global provider loader. Not claimed: this is already a team-wide cloud secret platform. |
Official vendor behavior and platform convention must stay separate or the documentation becomes untrustworthy.
2. Vendor Drift Risk
| Surface | If vendor behavior changes | What breaks first | Current mitigation |
|---|---|---|---|
CLAUDE.md auto-load |
Claude stops auto-loading repo memory files | the thin Claude adapter becomes incomplete | verify startup behavior against vendor docs; if it regresses, front the shared contract with explicit imports |
.claude/settings.json behavior |
Claude settings schema changes | permission and env expectations drift | keep settings minimal and vendor-specific |
GEMINI.md handling |
Gemini context loading changes | Gemini may lose part of repo context | keep explicit context config in .gemini/settings.json |
| current proof builder instruction surfaces | Codex instruction entrypoints change | the current builder startup contract becomes less direct | keep AGENTS.md explicit and keep wrapper attachment isolated once implemented |
| GitHub Actions semantics | workflow or status-check behavior changes | PR gating and post-merge rendering drift | keep deterministic checks small and isolated |
| Claude or Gemini headless execution flags | interactive CLIs change non-interactive behavior or exit semantics | review steps hang or stop working in CI | keep headless CI execution as an explicit proof item and isolate wrapper logic |
| Cloudflare Pages + Access order | custom-domain and Access behavior changes | protected manual or preview rollout can break during hostname attachment | attach the custom domain first, then enable Access, and keep the current live domain until verified |
| macOS Keychain command behavior | security output or access semantics change |
global provider loader breaks | keep the loader small, registry-driven, and isolated in goingninja-os |
3. Tooling Boundary
The platform also depends on these official CLIs for bootstrap:
| CLI | Why it matters | Current boundary |
|---|---|---|
gh |
GitHub repo creation and remote wiring | local bootstrap is proven; live repo creation and remote wiring are proven_live; see Workflow And Proof |
vercel |
project creation and local linking | local bootstrap is proven; live project creation and linking are proven_live; see Workflow And Proof |
neonctl |
project and database creation | local bootstrap is proven; live project and database creation remain open in the proof backlog |
security |
Keychain-backed secret retrieval on macOS | shell-independent provider loading is proven locally; cross-platform secret storage is still open |
These are not optional implementation details. They are part of the current provider-backed bootstrap contract.