Last updated

Internal Docs Accessibility Analysis

Question

Are the non-customer docs (internal planning docs) accessible externally?

Answer: YES, but only via GitHub - NOT via Redocly docs site

Current Situation

✅ Protected from Redocly Docs Site (platform.papr.ai)

Internal docs are NOT accessible via the customer-facing docs site.

How Redocly works:

  • Only files listed in sidebars.yaml appear on https://platform.papr.ai
  • Files not in sidebar are ignored by Redocly build
  • Internal docs (AUDIT-.md, POSITIONING-.md, etc.) are NOT in sidebars.yaml
  • Result: Customers visiting platform.papr.ai cannot see internal docs ✅

⚠️ Accessible via GitHub Repository

Internal docs ARE accessible via GitHub if the repo is public.

Current status:

  • Repository: https://github.com/Papr-ai/memory-dev-docs
  • Internal docs are tracked in git (not in .gitignore)
  • If repo is public, anyone can view these files on GitHub
  • If repo is private, only team members can access

Files currently in git:

  • AUDIT-ANSWERS.md
  • AUDIT-SUMMARY.md
  • QUICK-WINS-COMPLETE.md
  • VIDEO-AUDIO-AUDIT.md
  • And newly created docs (PAPR-ADVANTAGES-UPDATE.md, etc.)

Risk Assessment

Low Risk (Current State)

If internal docs contain:

  • ✅ Planning notes and strategy discussions
  • ✅ Documentation improvement plans
  • ✅ Internal decision-making process
  • ✅ Positioning rationale

Risk: Low - This shows thoughtful planning and transparency

Medium Risk

If internal docs contain:

  • ⚠️ Competitive intelligence
  • ⚠️ Pricing strategy details
  • ⚠️ Customer-specific information
  • ⚠️ Unannounced features or roadmap

Risk: Medium - Could reveal strategy to competitors

High Risk

If internal docs contain:

  • ❌ API keys or credentials
  • ❌ Customer data or PII
  • ❌ Security vulnerabilities
  • ❌ Proprietary algorithms

Risk: High - Security/compliance issue

Current Internal Docs Content Review

Based on the files we created:

  1. AUDIT-ANSWERS.md / AUDIT-SUMMARY.md

    • Content: Documentation audit and improvement plans
    • Risk: Low - Shows quality process

  2. PAPR-ADVANTAGES-UPDATE.md / POSITIONING-UPDATES-SUMMARY.md

    • Content: Positioning strategy and messaging
    • Risk: Low - Transparent about value prop

  3. REDDIT-REFERENCES-REMOVED.md

    • Content: Documentation cleanup notes
    • Risk: Low - Shows attention to detail

  4. FINAL-SUMMARY.md / NEW-DOCS-IMPLEMENTATION-GUIDE.md

    • Content: Documentation strategy and usage guides
    • Risk: Low - Helpful for open-source contributors

  5. QUICK-WINS-COMPLETE.md

    • Content: Task tracking
    • Risk: Low - Shows project management

  6. ENTERPRISE-FEEDBACK-ANALYSIS.md

    • Content: Feedback analysis (check for customer names/data)
    • Risk: Low-Medium - Depends on content

Recommendations

Option 1: Keep Internal Docs in Public Repo (Current State)

Pros:

  • Shows transparent, thoughtful process
  • Helpful for open-source contributors
  • Demonstrates quality documentation practices
  • No security risk if no sensitive data

Cons:

  • Competitors can see positioning strategy
  • Less control over narrative

Recommended if:

  • Repo is already public
  • Internal docs don't contain sensitive info
  • You want to show transparent process

Option 2: Move Internal Docs to .gitignore

Pros:

  • Internal docs stay truly internal
  • More control over what's public
  • Can include sensitive strategy discussions

Cons:

  • Lose version control history
  • Team needs to manage separately
  • Can't collaborate via GitHub

Recommended if:

  • Internal docs contain competitive strategy
  • You want complete control over narrative

Option 3: Use Private Repo for Internal Docs

Pros:

  • Version control maintained
  • Team collaboration via GitHub
  • Complete privacy

Cons:

  • Need separate repo
  • More complex workflow

Recommended if:

  • You have sensitive competitive info
  • You want version control + privacy

Option 4: Move to internal/ Folder + Update .gitignore

Pros:

  • Clear separation in repo structure
  • Easy to exclude from git
  • Can still keep locally for team

Cons:

  • Lose git history for internal docs
  • Need to document separately

Recommended if:

  • You want clean separation
  • Internal docs are for current context only

Immediate Actions

Check if Repo is Public or Private

# Visit the repo URL
open https://github.com/Papr-ai/memory-dev-docs

If you can access without login → Public (internal docs are visible)
If it requires login → Private (only team can see)

Option A: Keep as-is (if repo is private or docs are non-sensitive)

No action needed. Internal docs are:

  • ✅ Not on platform.papr.ai (Redocly)
  • ✅ Only on GitHub (public or private depending on repo)

Option B: Add to .gitignore (if you want them private)

# Add to .gitignore
cat >> .gitignore << 'EOF'

# Internal planning docs
AUDIT-*.md
*-SUMMARY.md
*-UPDATE.md
POSITIONING-*.md
REDDIT-REFERENCES-*.md
NEW-DOCS-*.md
DOCS-ORGANIZATION.md
QUICK-WINS-*.md
VIDEO-AUDIO-*.md
ENTERPRISE-FEEDBACK-*.md
CUSTOMER-FACING-DOCS-*.md
INTERNAL-DOCS-*.md
SETUP-COMPLETE.md
REDDIT-CLEANUP-*.md
internal/
EOF

# Remove from git (keeps local copies)
git rm --cached AUDIT-*.md *-SUMMARY.md *-UPDATE.md POSITIONING-*.md REDDIT-REFERENCES-*.md NEW-DOCS-*.md DOCS-ORGANIZATION.md QUICK-WINS-*.md VIDEO-AUDIO-*.md ENTERPRISE-FEEDBACK-*.md CUSTOMER-FACING-DOCS-*.md INTERNAL-DOCS-*.md SETUP-COMPLETE.md REDDIT-CLEANUP-*.md 2>/dev/null

# Commit
git commit -m "Remove internal planning docs from version control"

Option C: Move to Private Repo

# Create new private repo: memory-dev-docs-internal
# Move internal docs there
# Keep only customer-facing docs in public repo

Summary Table

LocationAccessibilityCurrent StatusRisk Level
platform.papr.ai (Redocly)❌ Not accessibleProtected by sidebars.yaml✅ Safe
GitHub repo (if public)✅ AccessibleFiles are in git⚠️ Depends on content
GitHub repo (if private)⚠️ Team onlyFiles are in git✅ Safe
Local only (gitignored)❌ Not accessibleNot in git✅ Safe

For most cases:

  1. Check if repo is public: Visit https://github.com/Papr-ai/memory-dev-docs

  2. If public + docs are non-sensitive: Keep as-is

    • Shows transparent process
    • No security risk
    • Helpful for community

  3. If public + docs contain strategy: Add to .gitignore

    • Keeps strategy internal
    • Maintains clean public repo

  4. If private: No action needed

    • Already protected
    • Only team can access

Current Risk Level: LOW ✅

Based on the internal docs we created:

  • No sensitive data (API keys, customer info, etc.)
  • Mostly positioning strategy and documentation planning
  • Shows thoughtful, transparent process
  • Could actually be beneficial if public (shows quality)

Recommendation: Keep as-is unless repo is public AND you want to keep positioning strategy private.

Quick Check Script

# Check if repo is public
curl -s https://github.com/Papr-ai/memory-dev-docs >/dev/null 2>&1
if [ $? -eq 0 ]; then
    echo "⚠️  Repo appears to be PUBLIC"
    echo "Internal docs are accessible at:"
    echo "https://github.com/Papr-ai/memory-dev-docs/blob/main/AUDIT-SUMMARY.md"
    echo ""
    echo "Consider adding to .gitignore if you want them private"
else
    echo "✅ Repo appears to be PRIVATE"
    echo "Internal docs are only accessible to team members"
fi

Bottom Line

Customer-facing docs (platform.papr.ai): ✅ Protected - Internal docs NOT accessible
GitHub repo: ⚠️ Depends on repo visibility (public vs private)
Current risk: ✅ Low - No sensitive data in internal docs
Action needed: Check repo visibility, decide if you want internal docs in git