Establish and maintain a stable governance baseline for the CommandLayer stack with explicit policy sequencing.
- Maintain authoritative mapping of repository purpose and interfaces in
STACK_MAP.md. - Enforce ownership boundaries for protocol, runtime, SDK, integrations, and organization-level controls.
- Define release order and gate criteria in
RELEASE_POLICY.md. - Require evidence records under
RELEASES/for each coordinated stack release event.
- Maintain versioning semantics in
VERSIONING.md. - Maintain compatibility matrix schema and governance rules in
COMPATIBILITY_MATRIX.md.
- Operate design-change intake and acceptance process in
RFC/README.md. - Record accepted governance decisions and rationale in
DECISION_LOG/.
- Operate recurring conformance and process audits via
AUDITS/README.md. - Track remediation ownership and closure evidence for each finding.
- Maintain reporting, triage, disclosure, and policy escalation controls in
SECURITY.md. - Ensure security-impacting policy changes route through RFC and audit checks.
Governance updates MUST progress in this order when a change spans multiple policy areas:
- RFC definition,
- decision acceptance,
- policy document update,
- compatibility and release policy alignment,
- audit evidence update.