GoalOS v10: unify public site, docs, assets, QUEBEC.AI seal, and release system

[MontrealAI]

Motivation

• Create a single, reviewable public foundation for GoalOS / Proof Gradient with a single source of truth for product, pricing, versions, claims, and public pages.
• Canonicalize the public site shell, enforce bilingual institutional copy and safe-boundary language, and ensure the QUEBEC.AI ⚜️✨ seal is used consistently across the site and metadata.
• Prevent accidental publication of paid/private delivery artifacts while preserving public AEP standards and Cloud MVP proof material.
• Add an automated, maintainable release/validation system so site pages, docs, assets and manifests are reproducible and CI-checked.

Description

• Added docs/data/goalos_catalog.yml as the single source of truth and generated product/taxonomy tables and CSVs to match it.
• Implemented a build/release generator at scripts/build_goalos_v10_release.py and validation scripts scripts/validate_goalos_catalog.py, scripts/validate_docs_tables_figures.py, and scripts/check_no_paid_artifacts.py.
• Built a unified public site under site/ with a canonical shell, site/index.html, bilingual product/workshop/pricing/services/standards pages, a brand/visual-system page, favicon/app icons, site.webmanifest, and site/assets/goalos-sovereign-v10.css/.js.
• Copied and classified public assets into site/assets/brand/ and produced site/assets/brand-assets-v10.json (manifest with SHA256, sizes, inferred roles and alt text); ensured assets/quebecaisealv5.png is used as seal, favicon, apple-touch icon and Open Graph image.
• Created Mermaid source figures and accessible SVG exports under docs/figures/, regenerated tables under docs/tables/, and updated many docs (README.md, docs/GOALOS_REPO_AUDIT.md, and others) to reflect v10.
• Archived sensitive/paid-looking pages and assets into site/_archive/before_goalos_public_site_release_v10_2026-06-07/ and removed them from active public paths.
• Added GitHub Actions workflows: GoalOS Public Site Release v10, Validate GoalOS Public Site v10, Validate GoalOS Docs, Tables, and Figures, and Check No Paid Artifacts that run the build and validators and (optionally) the Cloud MVP Node test before deploying Pages.

Testing

• Ran PYTHONPATH=. pytest and observed 72 passed, 3 warnings, indicating unit test coverage of core code paths succeeded.
• Ran make test / python -m unittest discover -s tests -v and observed 56 unittest tests passed.
• Executed the Cloud MVP Node test node site/app/goalos-cloud-mvp/tests/enterprise-core.test.mjs and observed it passed (MVP proof checks succeeded).
• Executed validation scripts python scripts/check_no_paid_artifacts.py, python scripts/validate_docs_tables_figures.py, and python scripts/validate_goalos_catalog.py and observed all validations passed.
• Performed Python compile checks python -m py_compile on new scripts and they compiled without syntax errors.

Notes / Limitations:

• No browser screenshot tooling was available in the environment (chromium/playwright missing), so visual screenshot validation was skipped and documented in the audit.
• Mermaid CLI was not installed locally, so .mmd sources were committed and lightweight SVG renderings (text-based placeholders) were generated and documented; full SVG exports can be regenerated in CI or a dev environment with Mermaid installed.
• GitHub Pages deployment must be confirmed in Actions; the workflows are included and will run the same validators during release.

---

Codex Task

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 2947c9c2bb

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Scan the relative path for paid/private markers

When a paid/private artifact is placed in a flagged directory with a generic basename, such as site/examples/internal-approval-memo/index.html or site/paid/delivery.html, this guard now passes because it searches only p.name (index.html/delivery.html) instead of the relative path. That defeats the new paid-artifact workflow for the same directory-based materials this release archives out of the active site, so the check should apply the blocked regex to rel as well as the basename.

Useful? React with 👍 / 👎.