[codex] docs: add OpenCoven IP protection records#51
Merged
Conversation
There was a problem hiding this comment.
Pull request overview
Adds repository-root IP/provenance/security policy documentation intended to record OpenCoven’s IP posture and disclosure process, and extends contributor guidance with DCO/patent terms.
Changes:
- Adds
PATENTSwith a patent non-assertion pledge and prior-art framing. - Adds
PROVENANCE.mdto document origin/publication records and architectural concept provenance. - Adds
SECURITY.mdand extendsCONTRIBUTING.mdwith security reporting and contribution terms.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 11 comments.
| File | Description |
|---|---|
| SECURITY.md | Introduces a security policy and reporting guidance. |
| PROVENANCE.md | Adds an origin/provenance record intended as a timestamped public statement. |
| PATENTS | Adds patent non-assertion pledge and prior-art notice language. |
| CONTRIBUTING.md | Appends DCO/patent-related contribution terms to existing contributing guidance. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+20
to
+24
| - OpenCoven core harness and routing logic | ||
| - OpenTrust memory and session substrate | ||
| - Authentication and identity handling | ||
| - Agent sandbox and execution boundaries | ||
| - Any mechanism that could allow one agent or user to access another's context |
|
|
||
| ## Origin | ||
|
|
||
| **OpenCoven** was created by **Valentina Alexander** (`@BunsDev`) and first published publicly on **April 27, 2026** under the MIT License. |
Comment on lines
+15
to
+16
| - License: MIT (https://opensource.org/licenses/MIT) | ||
| - Repository creation date: **2026-04-27** (verifiable via GitHub API: `https://api.github.com/repos/OpenCoven/coven`) |
| - License: MIT (https://opensource.org/licenses/MIT) | ||
| - Repository creation date: **2026-04-27** (verifiable via GitHub API: `https://api.github.com/repos/OpenCoven/coven`) | ||
|
|
||
| This repository has no fork parent. It is an original work with no upstream source repository. |
Comment on lines
+24
to
+26
| ### 1. The Familiar Identity Model | ||
| **First appeared:** `coven-cli/src/familiar_identity.rs`, commit history from 2026-04-27 | ||
|
|
|
|
||
| ## Non-Assertion Pledge | ||
|
|
||
| The OpenCoven maintainers pledge not to assert any patent claims — now held or later acquired — against any person or organization that uses, implements, or builds upon the architectural patterns, protocols, or mechanisms described in this repository or its documentation, provided that use is consistent with the MIT License terms. |
Comment on lines
+169
to
+172
| ## OpenCoven DCO and Patent Terms | ||
|
|
||
| Thank you for your interest in contributing. OpenCoven is MIT licensed and community-driven. We want contributing to be easy, open, and safe for everyone. | ||
|
|
Comment on lines
+173
to
+176
| ## Developer Certificate of Origin (DCO) | ||
|
|
||
| OpenCoven uses the **Developer Certificate of Origin (DCO) v1.1** for all contributions. This is a lightweight mechanism — not a CLA — that asks you to certify that you have the right to submit what you're submitting. | ||
|
|
Comment on lines
+17
to
+22
| | Concept | First committed | Repository | | ||
| |---|---|---| | ||
| | Familiar identity model | 2026-04-27 | github.com/OpenCoven/coven | | ||
| | Agent spawn harness | 2026-04-27 | github.com/OpenCoven/coven | | ||
| | Multi-agent familiar substrate | 2026-04-27 | github.com/OpenCoven/coven | | ||
| | Graded approval tier model | 2026-06-19 | The Familiar Contract spec | |
Comment on lines
+9
to
+13
| - The familiar identity model: a named, role-scoped agent persona resolved from a configuration manifest and attached to a session | ||
| - The agent spawn harness: a structured dispatch pattern that validates and routes process execution through a defined set of primitives | ||
| - The multi-agent orchestration substrate: composable, purpose-scoped agents ("familiars") coordinating through structured routing with shared session context | ||
| - The session memory and continuity substrate (OpenTrust): durable, portable agent memory and session state with provenance tracking | ||
| - The graded approval tier model: auto → familiar-review → human-review → human-required escalation for agent actions affecting protected resources |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds the OpenCoven root IP protection and disclosure documents:
PATENTS: patent non-assertion pledge and prior-art noticePROVENANCE.md: origin and publication recordCONTRIBUTING.md: DCO and patent contribution terms, merged with any existing repo guidanceSECURITY.md: responsible disclosure policy, merged with any existing repo guidanceValidation
PATENTS,PROVENANCE.md,CONTRIBUTING.md,SECURITY.mdgit diff --checkpassed locally