Stella Ops Project Governance

Lazy Consensus • Maintainer Charter • Transparent Veto

Scope – applies to all repositories under
https://git.stella-ops.org/stella-ops/* unless a sub‑project overrides it with its own charter approved by the Core Maintainers.

1 · Decision‑making workflow 🗳️

Lazy‑consensus – silence = approval once the timer elapses.

• Veto ‑1 must include a concrete concern and a path to resolution.
• After 3 unresolved vetoes the PR escalates to a Maintainer Summit call.

2 · Maintainer approval thresholds 👥

Approval is recorded via Git forge review or a signed commit trailer
Signed-off-by: <maintainer>.

3 · Becoming (and staying) a Maintainer 🌱

1. 3 + months of consistent, high‑quality contributions.
2. Nomination by an existing Maintainer via issue.
3. 7‑day vote – needs ≥ ⅔ majority “+1”.
4. Sign MAINTAINER_AGREEMENT.md and enable 2FA.
5. Inactivity > 6 months → automatic emeritus status (can be re‑activated).

4 · Release authority & provenance 🔏

• Every tag is co‑signed by at least one Security Maintainer.
• CI emits a signed SPDX SBOM + Cosign provenance.
• Release cadence is fixed – see public Road‑map.
• Security fixes may create out‑of‑band x.y.z‑hotfix tags.

5 · Escalation lanes 🚦

6 · Contribution etiquette 🤝

• Draft PRs early – CI linting & tests help you iterate.
• “There are no stupid questions” – ask in Matrix #dev.
• Keep commit messages in imperative mood (Fix typo, Add SBOM cache).
• Run the pre‑commit hook locally before pushing.

7 · Licence reminder 📜

Stella Ops is AGPL‑3.0‑or‑later. By contributing you agree that your patches are released under the same licence.

Appendix A – Maintainer list 📇

(Generated via scripts/gen-maintainers.sh – edit the YAML, not this section directly.)