Context
PR #121 documents the current maintainer-led model and explicitly avoids claiming two-person review, bus-factor, or access-continuity improvements while Registry Stack has one active maintainer.
This issue tracks the future policy work for the moment when the project has enough trusted maintainer capacity to make those claims honestly.
Scope
- Define the minimum public governance policy needed for access continuity and maintainer succession.
- Decide what can be documented publicly without exposing credentials, deployment details, or private recovery procedures.
- Define when required human review should become enforceable without blocking normal maintenance.
- Update
CONTRIBUTING.md, SECURITY.md, or another public governance document when the policy is real.
Done when
- The repository documents its current maintainer continuity posture truthfully.
- The docs describe the conditions required before enabling stricter review or succession guarantees.
- Any public policy avoids private operational details and does not imply unavailable maintainer capacity.
Non-goals
- Do not enable mandatory two-person review while there is only one available maintainer.
- Do not publish private account recovery, credential custody, or deployment access details.
Context
PR #121 documents the current maintainer-led model and explicitly avoids claiming two-person review, bus-factor, or access-continuity improvements while Registry Stack has one active maintainer.
This issue tracks the future policy work for the moment when the project has enough trusted maintainer capacity to make those claims honestly.
Scope
CONTRIBUTING.md,SECURITY.md, or another public governance document when the policy is real.Done when
Non-goals