Apache-3 BidOps · Docs · 01
Capability statement schema
Source-of-truth shape of the Apache-3 company profile that drives the public capability statement and every generated bid artifact.
The Apache-3 capability statement is auto-generated from a single source of truth: scripts/_fixtures/apache3-profile.ts in this repo, which mirrors the live Supabase org + company_profiles rows.
Organization (org table)
| Field | Type | Example |
|---|---|---|
id |
uuid | 00000000-0000-0000-0000-000000000001 |
slug |
text | apache-3-inc |
legal_name |
text | APACHE-3 INC |
public_name |
text | Apache-3 Inc. |
uei |
text | JQMHLJNNJYN1 |
cage_code |
text | 8DFR5 |
primary_naics |
text | 541519 |
address |
text | 118 E COMMERCIAL ST STE 2, OBERLIN, KS 67749-2138 USA |
website |
text | https://apache3.com |
created_at |
timestamptz | 2019-06-24T00:00:00.000Z |
Profile (company_profiles table)
| Field | Type | Notes |
|---|---|---|
pocs |
jsonb | Government business POC + alternate POC objects |
business_statuses |
text[] | SDVOSB / VOSB / Native American-Owned / etc. |
services |
CompanyServiceItem[] |
{ category: string, summary: string } |
differentiators |
text[] | Short claims Apache-3 stands behind |
leadership_bios |
CompanyLeadershipBio[] |
{ name, title, summary } |
relevant_experience |
CompanyExperienceItem[] |
{ context, summary } |
approved_claims |
text[] | Claims explicitly allowed in generated artifacts |
needs_verification_claims |
text[] | Claims that require human review before submission |
forbidden_claims |
text[] | Claims explicitly NOT allowed (federal trainer, FedRAMP, cleared instructors, CPARS rating) |
standard_boilerplate |
text | Reusable language block |
updated_at |
timestamptz |
How the schema is enforced
The scripts/score-bundle.ts deterministic scorer checks every generated artifact for:
- Affirmative use of forbidden claims (regex match against
forbidden_claimspatterns) - Hard-coded dollar thresholds without
[VERIFY]annotation - Truncation mid-sentence
- Missing typed signature block on RFI/RFQ/sources-sought
- Required contact tokens (
s@apache-3.com,apache3.com)
CI fails on any fail-severity finding. Warnings are surfaced but don't block.
Updating the profile
Edit scripts/_fixtures/apache3-profile.ts (or the live Supabase row). Re-run node --import tsx scripts/generate-capability-statement.ts --copy-to-apache3com to regenerate the public-facing PDF.
The same profile drives every generated bid artifact — there is no separate "marketing" copy of Apache-3's profile.