Establish repo standards

[yajo]

I've seen OCA/repo-maintainer-conf#55 so IMHO it's good to open this other issue from the plan, so we can discuss it further.

Content policy

The owners for content/module folder (or event just content) should be IMHO a new specific "docs-maintainers" PSC. These users would usually be functional people. They should be in charge of reviewing and even merging PRs. Functional people criteria about docs is IMHO more relevant than devs' in this case.

They can use Decap CMS tooling to review and merge PRs.

Technical details such as commit messages don't matter in this folder. Those are auto-generated by Decap CMS, and are mostly irrelevant. Git is just a database in this context, and you don't write commits for your database changes, right? (Don't read this, Dolt 😆). Even if you did, the main goal of this repo is lowering the contribution barrier for functionals, so we have to be less picky about these kind of technical details.

Security

This is a static site, so there's not much attack surface in this folder. Still, someone could push malicious <script> or <iframe> tags. That would pass easily unnoticed for functional owners.

We should set up some pre-commit hook or similar that forbids such abuses. Or maybe we can just configure hugo somehow to forbid or escape insecure contents.

Non-content policy

The rest of the repo still contains many configurations needed for Netlify, Hugo theming, structure, or just standard repo boilerplate. The PSCs in charge should be still technical people. Probably from https://github.com/orgs/OCA/teams/community-maintainers.

Implementation

This makes the repo policies quite different from almost any other OCA repo. I think we can set up a CODEOWNERS file to handle that.