From 68e1835aa8f111e2410389d47b842097b23f29f0 Mon Sep 17 00:00:00 2001 From: James Ross Date: Fri, 22 May 2026 20:44:40 -0700 Subject: [PATCH] docs: require direct-main authorization evidence --- CHANGELOG.md | 3 ++- docs/procedures/DIRECT-MAIN-EXCEPTION-LOG.md | 3 +++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 5b99238c..34a1729c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -422,7 +422,8 @@ Applied, Rejected, Obstructed}` with receipt evidence and typed contract docs-only direct-main exception for the Echo graph model checkpoint, including authorization context, exact commits, validation, changed files, and the future rule to prefer PRs unless an emergency or docs-only fast path is - explicitly authorized. + explicitly authorized. Future exception records must also cite explicit + authorizer identity and authorization evidence. - `docs/design/built-in-echo-graph-data-model.md` defines Echo's native graph ontology for future optic admission, authority, transaction atomicity, receipts, witnessed readings, footprint addressing, transaction-local object diff --git a/docs/procedures/DIRECT-MAIN-EXCEPTION-LOG.md b/docs/procedures/DIRECT-MAIN-EXCEPTION-LOG.md index dd252b30..986dc5b6 100644 --- a/docs/procedures/DIRECT-MAIN-EXCEPTION-LOG.md +++ b/docs/procedures/DIRECT-MAIN-EXCEPTION-LOG.md @@ -76,6 +76,9 @@ a maintainer. Even for docs-only direct pushes: - state the exception before pushing; +- record the explicit authorizer identity and authorization evidence, such as a + link or citation to the issue, PR comment, thread, or chat log where the + exception was approved; - run the relevant docs validation; - record exact commits and changed files; - confirm no source/runtime code was touched;