Your own GitHub stars dashboard, optional Telegram notifier, and optional AI enrichment — deployed entirely on infrastructure you own. No central service, no shared backend, no key custody: StarLedger only ever uses your GitHub token, your Telegram bot, and (optionally) your Claude/Codex executor.
This is the reusable template. It ships clean — with example configs and setup checks, not anyone else's data. Generated from
F-e-u-e-r/starledgerbypnpm template:build.
-
Create your repo — click Use this template (or fork), making
<you>/starledger. -
Add the token — create a fine-grained PAT with Starring: Read-only and add it as the
STAR_SYNC_TOKENActions secret. Seedocs/setup/secrets.md. -
Enable Pages — Settings → Pages → Source = GitHub Actions; Settings → Actions → Workflow permissions = Read and write. See
docs/setup/github-pages.md. -
Check readiness:
pnpm install # Node >= 22 pnpm setup:doctor # tells you exactly what is missing (0 ready · 20 incomplete · 10 unsafe)
-
Deploy — Actions → Sync stars → Run workflow. The exporter commits
stars.json+dataset-meta.json, and Pages publishes your dashboard athttps://<you>.github.io/starledger/.
| Feature | Default | Enable |
|---|---|---|
| Stars dashboard (P0/P1) | on | Just run Sync stars. |
| Telegram notifier (P2) | off | Add Telegram secrets + config/notifier.yaml — docs/setup/notifier.md. |
| AI enrichment (P3) | off | config/ai.yaml + an external Claude/Codex executor — docs/setup/ai-executor.md. |
Scheduled automation is disabled by default in the template: the Sync stars,
Notify, and optional AI operational state workflows ship as manual-dispatch
only (their cron: is preserved as a comment) so nothing runs before you have
added secrets and explicitly enabled the matching feature. Re-enable them
deliberately once setup:doctor passes.
User-owned repo · user-owned GitHub token · user-owned Telegram bot/chat
Optional user-owned Claude/Codex executor (runs OUTSIDE this repo)
No central key custody · no shared OAuth · no shared database · no hosted SaaS
No ANTHROPIC_API_KEY / OPENAI_API_KEY / OAuth secret / database credential is
ever required. The AI model never runs in CI — an external executor opens an
artifact PR that the in-repo provenance gates verify.
docs/setup/secrets.md— which secrets, why, safe permissionsdocs/setup/github-pages.md— Pages + first deploydocs/setup/notifier.md— Telegram notifierdocs/setup/ai-executor.md— optional AI enrichmentdocs/setup/troubleshooting.md— common failuresdocs/setup/clean-room-validation.md— full zero-to-deploy checklist
Architecture specs: docs/P0-exporter-spec.md ·
docs/P1-dashboard-spec.md ·
docs/P2-notifier-spec.md ·
docs/P3-ai-spec.md ·
docs/P4-template-spec.md.
Apache-2.0 — see LICENSE.