# Access And Permissions

## Roles

- Maintainer: merge authority, release authority, incident ownership.
- Reviewer: approves pull requests and validates architecture/security impact.
- Contributor: proposes changes through pull requests.
- Consumer: integrates published package versions in downstream applications.

## Least-Privilege Model

- Limit maintainer privileges to required release and incident responders.
- Use reviewer role for routine code review and documentation updates.
- Restrict package publishing credentials to release maintainers.

## Approval Workflow

1. Contributor opens pull request.
2. Reviewer validates tests, documentation, and risk impact.
3. Maintainer approves merge for high-risk or release-impacting changes.
4. Release maintainer publishes approved release artifacts.

## Periodic Access Review

1. Review maintainer and publisher access quarterly.
2. Remove inactive accounts and obsolete credentials.
3. Confirm access ownership in repository settings and package feed controls.

## Emergency Access

- Temporary elevated access requires a tracked incident issue.
- Remove temporary access immediately after incident closure.