# Faultline Weekly Governance Digest

Generated: 2026-05-06T09:00:00Z  
Organization: Acme Payments  
Scope: 5 production Go repositories  
Recipients: VP Engineering, Platform Lead, Security Review

## Risk Changes Since Last Scan

- payments-api: +8.3 points. Primary drivers: churn, policy drift, stale suppressions.
- billing-worker: +5.7 points. Primary drivers: owner gap and incident correlation.
- audit-exporter: -3.1 points. Suppressions resolved and owner confidence improved.

## Owner Gaps

| Repository | Package | Signal | Recommended Review |
| --- | --- | --- | --- |
| payments-api | internal/payments/settlement | high centrality, unclear owner | Assign owning team |
| identity-gateway | internal/session | CODEOWNERS stale | Refresh CODEOWNERS |
| billing-worker | internal/retry | recent incident involvement | Owner review |

## Suppressions Expiring

| Repository | Finding | Owner | Expires | Status |
| --- | --- | --- | --- | --- |
| payments-api | FL-DEP-006 | platform-payments | 2026-05-20 | Review required |
| billing-worker | FL-COV-001 | billing-platform | 2026-05-24 | Review required |
| platform-base-go | FL-BOUNDARY-001 | platform-core | 2026-05-30 | Policy owner needed |

## Policy Drift

- platform/base-go policy pack drift detected in payments-api, billing-worker, and platform-base-go.
- Architecture boundary rule `handlers-must-not-import-storage` failed in 2 packages.
- Review recommended before the next platform governance meeting.

## Evidence Exports

- Latest audit export: available.
- Digest verification: sha256:sample-verified-digest.
- Source code uploaded: no.

## Next Actions

1. Review payments-api owner gaps with the payments platform owner.
2. Close or renew expiring suppressions with explicit owner and reason.
3. Re-run policy pack review after boundary fixes.
4. Generate a signed audit export for customer diligence if requested.