cps-assurance/CODEOWNERS at main · rmednitzer/cps-assurance · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# CODEOWNERS — cps-assurance
#
# Maps review requirements from CONTRIBUTING.md to GitHub code owners.
# GitHub will automatically request reviews from the appropriate owners
# when a pull request modifies matching paths.
#
# Ownership is intentionally broad (repository owner) because named roles
# (safety engineer, CISO, OT security lead) map to people, not GitHub
# accounts. Organisations adopting this framework should replace
# @rmednitzer with team slugs matching their review matrix:
#
#   @org/safety-engineering   — hazard, safety-constraint, SSI registers
#   @org/ot-security          — threat, zone-conduit registers, SSI register
#   @org/compliance           — product register, traceability, policies
#   @org/safety-management    — policies, templates, checklists

# Default owner — all files
*                                       @rmednitzer

# Policies — require legal + safety manager + CISO review
/policies/                              @rmednitzer

# Registers — safety-critical, require domain-specific review
/registers/hazard-register.md           @rmednitzer
/registers/safety-constraint-register.md @rmednitzer
/registers/threat-register.md           @rmednitzer
/registers/zone-conduit-register.md     @rmednitzer
/registers/ssi-register.md             @rmednitzer
/registers/traceability-manifest.md     @rmednitzer
/registers/product-register.md          @rmednitzer

# Schemas — changes affect validation; require careful review
/schemas/                               @rmednitzer

# Scripts and CI — infrastructure changes
/scripts/                               @rmednitzer
/.github/                               @rmednitzer
/Makefile                               @rmednitzer