Skip to main content

Governance

Repository governance standards, policies, and content lifecycle rules.

Repository Governance

How the repository is structured, how work flows through it, and how automation enforces quality and consistency.

  • Type: doc | Lifecycle: active | Created: 2026-04-09 | Last reviewed: 2026-04-09
  • Tags: policy, process, standards

ADR Template

Canonical Architecture Decision Record template, filename convention, and required sections.

  • Type: doc | Lifecycle: active | Created: 2026-04-09 | Last reviewed: 2026-04-09
  • Tags: adr, policy, standards

Content Contract

Validation specification and authoring guide defining what all content in the Engineering Journal must comply with.

  • Type: doc | Lifecycle: active | Created: 2026-04-09 | Last reviewed: 2026-04-09
  • Tags: policy, process, standards

Content Lifecycle Model

Canonical lifecycle model defining the allowed states and transition rules for all content in the Engineering Journal.

  • Type: doc | Lifecycle: active | Created: 2026-04-09 | Last reviewed: 2026-04-09
  • Tags: lifecycle, policy, standards

Frontmatter Schema

Canonical frontmatter schema for all content in the Engineering Journal — deterministic and CI-enforced.

  • Type: doc | Lifecycle: active | Created: 2026-04-09 | Last reviewed: 2026-04-09
  • Tags: policy, standards, taxonomy

Lifecycle UI Behavior

Defines how lifecycle states are rendered visually in the Docusaurus site — banners, colors, and implementation details.

  • Type: doc | Lifecycle: active | Created: 2026-04-09 | Last reviewed: 2026-04-09
  • Tags: lifecycle, policy, standards

Plugin Policy

Approved plugin allowlist, principles for adding new plugins, and extension guidelines for the Docusaurus site.

  • Type: doc | Lifecycle: active | Created: 2026-04-09 | Last reviewed: 2026-04-15
  • Tags: policy, process, standards

Build Environment

Pinned tool versions and build reproducibility requirements.

  • Type: doc | Lifecycle: active | Created: 2026-04-17 | Last reviewed: 2026-04-17
  • Tags: process, standards

Content Taxonomy

Canonical taxonomy defining all allowed domains and tags for content in the Engineering Journal.

  • Type: doc | Lifecycle: active | Created: 2026-04-09 | Last reviewed: 2026-04-09
  • Tags: policy, standards, taxonomy

Canary Tokens

Registry of planted canary tokens for intrusion detection.

  • Type: doc | Lifecycle: active | Created: 2026-04-17 | Last reviewed: 2026-04-17
  • Tags: authentication, standards

Cloudflare Security Posture

Documents the Cloudflare security configuration for chrisnewcomb.name including WAF, DDoS, bot protection, and Zero Trust readiness.

  • Type: doc | Lifecycle: active | Created: 2026-04-18 | Last reviewed: 2026-04-18
  • Tags: authentication, standards

Web Security Configuration

Security headers, CSP, DNS hardening, and TLS configuration for chrisnewcomb.name via Cloudflare.

  • Type: doc | Lifecycle: active | Created: 2026-04-18 | Last reviewed: 2026-04-18
  • Tags: authentication, standards

Signed Commits Policy

Requirements and setup guide for GPG or SSH signed commits on all branches.

  • Type: doc | Lifecycle: active | Created: 2026-04-18 | Last reviewed: 2026-04-18
  • Tags: policy, standards

Vulnerability Disclosure Process

Formal process for reporting, triaging, and resolving security vulnerabilities in this repository.

  • Type: doc | Lifecycle: active | Created: 2026-04-18 | Last reviewed: 2026-04-18
  • Tags: policy, standards

Secret Rotation Schedule

Tracks all secrets used in the repository with last rotation date and rotation policy.

  • Type: doc | Lifecycle: active | Created: 2026-04-18 | Last reviewed: 2026-04-18
  • Tags: policy, standards

Network Egress Audit

Documents and validates every external domain that CI workflows access.

  • Type: doc | Lifecycle: active | Created: 2026-04-18 | Last reviewed: 2026-04-18
  • Tags: policy, standards

Threat Model

Formal threat model documenting attack surfaces, threat actors, blast radius, and mitigations for the engineering journal repository and site.

  • Type: doc | Lifecycle: active | Created: 2026-04-18 | Last reviewed: 2026-04-18
  • Tags: process, standards

Incident Response Runbook

Step-by-step playbooks for security incidents specific to this repository's architecture.

  • Type: doc | Lifecycle: active | Created: 2026-04-18 | Last reviewed: 2026-04-18
  • Tags: process, standards