MikeWatch Forks of the Mike legal-AI codebase, distilled for legal-tech readers
Home · cpatpa/PIP · this thread

cpatpa rebrands Mike as Piper Alderman's own in-house tool

The fork sheds its cloud dependencies and turns into something a firm can run entirely on infrastructure it controls.

infrastructuremulti-tenant

cpatpa has rebuilt Mike as PIP, an internal tool for the firm Piper Alderman. The defining move is ownership: rather than leaning on third-party cloud services for its database and document storage, the app now runs against a database the firm controls and keeps files as encrypted documents on its own servers, with a cloud-storage option left switched off by default. A guided installer walks an operator through standing the whole system up on a single Linux machine.

On top of that, the fork adds the scaffolding a multi-team firm actually needs: separate workspaces that wall off one practice group's projects from another's, an admin console covering user management, an AI-usage policy and an audit log, and lawyer profiles that capture jurisdictions and practice areas.

So what Firms that won't put client matters in someone else's cloud should look here - this is Mike reshaped for on-premises control.

View this fork on GitHub →

Spotted something wrong? Or know the PR text has fresher detail than the writeup above?

Commits in this thread

3 commits from cpatpa/PIP, oldest first. Source extracted verbatim from the harvested git log.

SHA Subject Author Date
c2bff6cc Rewrite README for PIP, document phases done and outstanding Claude 2026-05-15 ↗ GitHub
commit body 
Replaces the upstream Mike-era README with a PIP-shaped one:

  - Stack reflects the post-Phase-2 reality: Next.js 16 + Auth.js,
    Express + plain pg, Postgres-only (no Supabase anywhere).
  - Quick start covers the new requirements: createdb + BYPASSRLS,
    AUTH_SECRET on both sides, USER_API_KEYS_ENCRYPTION_SECRET,
    BOOTSTRAP_ADMIN_EMAIL, npm run migrate.
  - First-run notes call out the onboarding wizard, the canonical
    org system prompt, and Account > Custom Instructions.
  - Troubleshooting refreshed for the new boot-time checks
    (AUTH_SECRET, encryption secret, BYPASSRLS, RESEND_API_KEY).

Roadmap section is the canonical place to track progress: Phase 0,
Phase 1, and Phase 2 are listed under Done with a summary of what
shipped and the audit findings each phase closed. Phase 3-8 stay
under Outstanding and get pulled across as they complete.
Parked items called out separately.

The original upstream Supabase/R2-only setup instructions are gone.
0e619c23 Document Phase 9 (frontend completion + local LLM tools) Claude 2026-05-15 ↗ GitHub
aa20b742 Refresh README Claude 2026-05-15 ↗ GitHub
commit body 
- Move the Docker installer flow to the top under a "Deploying"
  section so operators see the supported path first. Rename the
  bare-metal flow to "Local development".
- Drop "Phase 5/6/7" markers from the Stack section since those
  features are now MVP, not phased work.
- Note that migration 0018 dropped the legacy shared_with JSONB
  columns (Phase 3 section + Parked list both said they were still
  there).
- Note Phase 9 added tool support to the local LLM adapter
  (Phase 6 section said it was missing).
- Note that the org_settings.allow_external_models gate is wired
  (Phase 6 section said it was a follow-up).
- Document the new STORAGE_DRIVER=local + STORAGE_ENCRYPTION_KEY
  env vars in the local-dev backend env example.
- Add Phase 11 (rebrand + cleanup) to the Done list.

Capture this thread into my fork

Download a single Markdown prompt that tells Claude how to port every commit above into your working tree — adapting paths and structure to match your repo. Run it via claude -p < capture-thread-367.md from inside the repo you want the changes in.

⬇ Download capture-thread-367.md