Groupsum builds governed developer systems for teams that need source-controlled truth, traceable delivery, and reusable operations.

Our public work focuses on two connected surfaces:

• ssot-registry is a portable single-source-of-truth system for features, claims, tests, evidence, ADRs, specs, frozen boundaries, and releases.
• markdown_workspace is the MdWrk workspace for markdown applications, native shells, extension contracts, distribution tooling, repository governance, and release automation.

Groupsum projects are designed around explicit records, reproducible checks, and durable repository workflows. The goal is simple: decisions, implementation scope, verification, and release state should be discoverable from the repo instead of scattered across chat, documents, and build logs.

ssot-registry provides a canonical .ssot/registry.json model plus CLI and Python surfaces for managing governed delivery records. It tracks features, tests, claims, evidence, issues, risks, ADRs, specs, boundaries, and releases as linked entities.

Use it when you need:

• a repository-native registry for product and engineering scope
• traceable links from decisions to specs, features, tests, evidence, and releases
• CLI-first workflows for validation, upgrades, graph exports, and certification gates
• portable governance that can be adopted by different repositories without rewriting the operating model

Start here:

python -m pip install ssot-registry
ssot --help
ssot-registry init . --repo-id repo:example --repo-name "Example" --version 0.1.0
ssot-registry validate . --write-report

Groupsum publishes installable SSOT Registry governance packs for teams that want reusable ADR and SPEC starting points without copying policy language by hand. Each pack is packaged as a Python project, supports Python 3.10 through 3.14, and is designed to synchronize reusable ADR/SPEC assets into downstream .ssot registries.

• seo-aeo-aieo-governance-pack supplies governed SEO, AEO, and AiEO decision/specification templates for search, answer-engine, and AI-engine optimization work.
• cache-freshness-governance-pack supplies HTTP caching and freshness governance templates for cache-control, ETag, CDN, invalidation, and stale-content policy surfaces.

• digital-signature-governance-pack supplies digital-signature, electronic-signature, timestamping, validation, archival, and assurance-language governance templates.
• privacy-governance-records-governance-pack supplies privacy governance record templates for notices, lawful basis, consent records, data subject rights, retention, privacy evidence, and regulatory accountability.
• data-catalog-lineage-contracts-governance-pack supplies data catalog and lineage contract templates for dataset ownership, field definitions, lineage records, transformation provenance, data quality, and evidence retention.

• web-app-analytics-governance-pack supplies web and app analytics templates for page views, screen views, sessions, engagement, ecommerce, data layers, client/server collection, and export validation.
• web-performance-rum-governance-pack supplies web performance and RUM templates for Core Web Vitals, Navigation Timing, Resource Timing, long tasks, performance observers, and real-user measurement evidence.
• event-behavioral-telemetry-governance-pack supplies event and behavioral telemetry templates for event naming, payload contracts, user actions, session context, timestamps, identifiers, and validation evidence.
• ga4-google-tagging-governance-pack supplies GA4 and Google tagging templates for event models, recommended events, parameters, Google tag deployment, consent mode, ecommerce events, and export expectations.

• url-query-attribution-foundations-governance-pack supplies URL query attribution templates for UTM parameters, query parsing, canonical campaign fields, redirect handling, referrer interaction, and attribution evidence.
• marketing-attribution-conversion-governance-pack supplies marketing attribution and conversion templates for campaign identifiers, conversion events, attribution windows, deduplication, offline conversions, and reporting controls.
• mobile-install-attribution-governance-pack supplies mobile install attribution templates for app install measurement, SKAdNetwork, Android attribution, deferred deep links, campaign parameters, and privacy-preserving attribution.
• ad-measurement-media-governance-pack supplies advertising and media measurement templates for OpenRTB, AdCOM, VAST, OMID, IAB measurement guidance, MRC controls, invalid traffic, and reporting policy.
• ad-supply-chain-transparency-governance-pack supplies supply-chain transparency templates for ads.txt, app-ads.txt, sellers.json, SupplyChain Object, buyers.json, DemandChain Object, and ads.cert.

• customer-identity-profile-governance-pack supplies customer identity and profile templates for identifier governance, profile stitching, resolution policy, account linking, consent-aware identity use, and profile lifecycle controls.
• customer-commerce-semantics-governance-pack supplies customer and commerce semantics templates for schema.org, GS1 identifiers, product entities, offer metadata, order events, and retail/customer data modeling.
• consent-privacy-signals-governance-pack supplies consent and privacy signal templates for GPC, TCF, consent mode, opt-out handling, privacy preference propagation, and jurisdiction-aware collection controls.
• audience-data-transparency-governance-pack supplies audience-data transparency templates for IAB data transparency, audience taxonomy, content taxonomy, segment provenance, recency, permitted use, and clean-room outputs.
• gs1-product-link-event-data-governance-pack supplies GS1 product link and event data templates for Digital Link, product identifiers, EPCIS-style event data, supply-chain context, and traceability records.

markdown_workspace contains MdWrk, a multi-package markdown platform covering web client delivery, native app shells, reusable packages, extension contracts, first-party extensions, third-party extension distribution tooling, and repository operations.

Use it when you need:

• governed markdown application infrastructure
• Electron and Capacitor shell delivery
• extension runtime contracts and distribution tooling
• repository conformance checks for docs, release notes, generated artifacts, and claim language

Start here:

npm run ci:governance

• Repositories should carry their own decisions, specs, scope, verification, and release evidence.
• Automation should read from durable files and typed records before relying on informal process.
• Public docs should give humans and machines direct answers, stable links, and concrete commands.
• Governance should make delivery clearer, not heavier.

• Organization: github.com/groupsum
• SSOT registry: github.com/groupsum/ssot-registry
• Governance packs: discovery and content, cache freshness, digital signature, privacy records, data catalog lineage, web app analytics, web performance RUM, event behavioral telemetry, GA4 Google tagging, URL query attribution, marketing attribution conversion, mobile install attribution, ad measurement media, ad supply chain transparency, customer identity profile, customer commerce semantics, consent privacy signals, audience data transparency, and GS1 product link event data
• MdWrk workspace: github.com/groupsum/markdown_workspace