Ownerless Governance
This document is the canonical ownerless governance contract for this repository. It defines how repo-tracked governance works without relying on a standing human owner, maintainer team, or org membership to interpret or repair routine failures.Core Rule
Every governed surface must have:- one canonical source
- one deterministic validator
- one exact repair path
- one primary gate layer
Vocabulary
Gate Ownership Rules
Each governed surface must declare exactly one primary gate layer inoperations/governance/config/ownerless-governance-surfaces.json.
Allowed gate layers:
pre-commitpr-changedscheduledmanual
Repair Path Rules
- Every blocking failure must print:
- why it failed
- the re-check command
- the repair command
- Repair commands must be repo-backed commands that an OSS contributor or AI agent can run directly.
- If repair is not deterministic, the surface stays advisory until deterministic repair exists.
- Historical review-map files may remain archived for context, but they cannot act as an active routing or approval contract.
Rollout State Rules
Promotion to
blocking requires:
- one clean baseline run on the full governed surface
- changed-file PR simulation proving the scope is bounded
- exact repair output for every blocking failure mode
Production Approval Gate
Governance-sensitive PRs are controlled by the canonical approval policy at:operations/governance/config/governance-approval-policy.json
## Governance Approval
approval:governance-schemaapproval:governance-gateapproval:workflow-governanceapproval:governance-retirement
.allowlist edits or tracked deletions.
Surface Registry
The machine-readable surface registry lives at:operations/governance/config/ownerless-governance-surfaces.json
- governed globs
- canonical sources
- derived outputs
- validators
- repair commands
- gate layer
- rollout state
- network dependence
- ownerless readiness
operations/governance/config/** only.
OSS Contributor Loop
The ownerless contributor path is:- change canonical source or governed surface
- run or trigger the bounded validator
- read exact repair output
- run the repair command
- re-run the validator
- merge once the surface is green in its declared gate layer
Current Policy Connections
docs-guide/policies/source-of-truth-policy.mdxdefines canonical boundaries.docs-guide/policies/infrastructure-principles.mdxdefines the gate-layer model.operations/tests/unit/ownerless-governance.test.jsvalidates the manifest and ownerless language rules.operations/tests/unit/ai-tools-registry.test.jsvalidates the AI-tools registry surface declared in the ownerless manifest.operations/tests/unit/governance-approval-policy.test.jsvalidates the production governance approval contract and PR evidence rules.