# MemoryUnit Project Governance

## 1. Roles

- **Maintainers**: Merge PRs, manage releases.
- **Contributors**: Submit issues/PRs.
- **Advisors**: Provide strategic / domain feedback (non-binding).

## 2. Decision Making

- Normal changes: Lazy consensus (silence >=72h implies consent).
- Normative spec changes: Require explicit +2 maintainer approvals.
- Breaking changes: RFC issue with 7-day comment period.

## 3. Release Cadence

- Patch: As needed (clarifications).
- Minor: Monthly (additive features).
- Major: Not more than annually; requires migration notes.

## 4. Deprecation Policy

- Deprecated fields remain for ≥1 major version.
- Warnings documented in CHANGELOG with removal target.

## 5. Security Reporting

Private email: `security@semanticord.org` (placeholder) – respond within 5 business days.

## 6. Transparency

- All registry modifications via PR.
- Automated validation CI must pass before merge.

## 7. Trademark / Naming

"MemoryUnit" usage permitted for conformant implementations referencing unmodified core schema.

## 8. Amendment

Governance changes require majority maintainer approval + public notice.