dohertj2/CBDD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
CBDD/docs/access.md

1.1 KiB
Raw Permalink Blame History

Access And Permissions

Roles

  • Maintainer: merge authority, release authority, incident ownership.
  • Reviewer: approves pull requests and validates architecture/security impact.
  • Contributor: proposes changes through pull requests.
  • Consumer: integrates published package versions in downstream applications.

Least-Privilege Model

  • Limit maintainer privileges to required release and incident responders.
  • Use reviewer role for routine code review and documentation updates.
  • Restrict package publishing credentials to release maintainers.

Approval Workflow

  1. Contributor opens pull request.
  2. Reviewer validates tests, documentation, and risk impact.
  3. Maintainer approves merge for high-risk or release-impacting changes.
  4. Release maintainer publishes approved release artifacts.

Periodic Access Review

  1. Review maintainer and publisher access quarterly.
  2. Remove inactive accounts and obsolete credentials.
  3. Confirm access ownership in repository settings and package feed controls.

Emergency Access

  • Temporary elevated access requires a tracked incident issue.
  • Remove temporary access immediately after incident closure.
Reference in New Issue View Git Blame Copy Permalink