From 9b053354c182471d19430a80d228d79fac4abadc Mon Sep 17 00:00:00 2001
From: Mark Stacey <markjstacey@gmail.com>
Date: Wed, 4 Dec 2024 16:51:14 -0330
Subject: [PATCH 1/6] chore: Update CODEOWNERS to remove owner from some files

The CODEOWNERS file has been updated to remove owners from key files
that are frequently updated by multiple teams. Certain files that are
validated as part of the release process have also been unset, as there
are no risks with teams updating them in PRs.

Lastly, ownership of the CODEOWNERS file itself was moved to the
extension security team (it was accidentally set to privacy reviewers).
---
 .github/CODEOWNERS | 21 +++++++++++++++++++--
 1 file changed, 19 insertions(+), 2 deletions(-)

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index b0f8f1abe46b..edf6808c8ce0 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -1,4 +1,6 @@
 # Lines starting with '#' are comments.
+
+# GUIDELINES:
 # Each line is a file pattern followed by one or more owners.
 # Owners bear a responsibility to the organization and the users of this
 # application. Repository administrators have the ability to merge pull
@@ -7,8 +9,23 @@
 # follows all policies or without full understanding of the impact of
 # those changes on build, release and publishing outcomes.
 
+# All files are owned by extension platform by default.
 *                                    @MetaMask/extension-platform
-development/                         @MetaMask/extension-platform
+
+# These files/directories are intentionally left unassigned because they are
+# reviewed/checked during the release process:
+attribution.txt
+CHANGELOG.md
+
+# These files/directories are intentionally left unassigned because they are
+# changed frequently by many teams:
+coverage.json
+package.json
+yarn.lock
+app/scripts/metamask-controller.js
+
+# LavaMoat policy changes are reviewed by either the extension platform team or
+# the supply chain team.
 lavamoat/                            @MetaMask/extension-platform @MetaMask/supply-chain
 
 # The offscreen.ts script file that is included in the offscreen document html
@@ -45,7 +62,7 @@ privacy-snapshot.json                @MetaMask/extension-privacy-reviewers
 # of contributors. Modifications to this file result in a modification of
 # that agreement and can only be approved by those with the knowledge
 # and responsibility to publish libraries under the MetaMask name.
-.github/CODEOWNERS                   @MetaMask/extension-privacy-reviewers
+.github/CODEOWNERS                   @MetaMask/extension-security-team
 
 # For now, restricting approvals inside the .devcontainer folder to devs
 # who were involved with the Codespaces project.

From fdb7941808bee4fd07af48c759e891e63b1d2d82 Mon Sep 17 00:00:00 2001
From: Mark Stacey <markjstacey@gmail.com>
Date: Wed, 4 Dec 2024 18:21:11 -0330
Subject: [PATCH 2/6] Improve comment about LavaMoat policy review

---
 .github/CODEOWNERS | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index edf6808c8ce0..350bfa7476b8 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -24,8 +24,10 @@ package.json
 yarn.lock
 app/scripts/metamask-controller.js
 
-# LavaMoat policy changes are reviewed by either the extension platform team or
-# the supply chain team.
+# LavaMoat policy changes can highlight security risks. Teams are encouraged to
+# audit these changes on their own, and leave their analysis in a comment.
+# These codeowners will review this analysis, and review the policy changes in
+# further detail if warranted.
 lavamoat/                            @MetaMask/extension-platform @MetaMask/supply-chain
 
 # The offscreen.ts script file that is included in the offscreen document html

From 948d7b13490ee5eda15a07070aa62bdd3425d24a Mon Sep 17 00:00:00 2001
From: Mark Stacey <markjstacey@gmail.com>
Date: Wed, 4 Dec 2024 18:25:14 -0330
Subject: [PATCH 3/6] Slightly improve wording

---
 .github/CODEOWNERS | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 350bfa7476b8..7c3b0a86fee8 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -13,7 +13,7 @@
 *                                    @MetaMask/extension-platform
 
 # These files/directories are intentionally left unassigned because they are
-# reviewed/checked during the release process:
+# reviewed/validated during the release process:
 attribution.txt
 CHANGELOG.md
 

From 0275f5d12634a94ca7d0c3414394558dba90c12c Mon Sep 17 00:00:00 2001
From: Mark Stacey <markjstacey@gmail.com>
Date: Thu, 5 Dec 2024 09:31:42 -0330
Subject: [PATCH 4/6] Remove owners from locales, and metamask-controller tests

---
 .github/CODEOWNERS | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 7c3b0a86fee8..3d06cc8fcb12 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -22,7 +22,10 @@ CHANGELOG.md
 coverage.json
 package.json
 yarn.lock
+app/_locales
 app/scripts/metamask-controller.js
+app/scripts/metamask-controller.test.js
+app/scripts/metamask-controller.actions.test.js
 
 # LavaMoat policy changes can highlight security risks. Teams are encouraged to
 # audit these changes on their own, and leave their analysis in a comment.

From 550596467a94da98da94e876e1dcc11419e04831 Mon Sep 17 00:00:00 2001
From: Mark Stacey <markjstacey@gmail.com>
Date: Thu, 5 Dec 2024 09:34:30 -0330
Subject: [PATCH 5/6] Temporarily restore `extension-devs` team for LavaMoat
 policies

---
 .github/CODEOWNERS | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 3d06cc8fcb12..569dbe43ad9c 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -31,7 +31,7 @@ app/scripts/metamask-controller.actions.test.js
 # audit these changes on their own, and leave their analysis in a comment.
 # These codeowners will review this analysis, and review the policy changes in
 # further detail if warranted.
-lavamoat/                            @MetaMask/extension-platform @MetaMask/supply-chain
+lavamoat/                            @MetaMask/extension-devs @MetaMask/supply-chain
 
 # The offscreen.ts script file that is included in the offscreen document html
 # file is responsible, at present, for loading the snaps execution environment

From 44bb5b23c7f0c64b7e33993ca9fccbc2deb85880 Mon Sep 17 00:00:00 2001
From: Mark Stacey <markjstacey@gmail.com>
Date: Thu, 5 Dec 2024 11:31:46 -0330
Subject: [PATCH 6/6] Remove owners from `*` files

We will revisit the idea of the platform team owning more code in a
future PR.
---
 .github/CODEOWNERS | 18 ------------------
 1 file changed, 18 deletions(-)

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 569dbe43ad9c..cf5735607658 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -9,24 +9,6 @@
 # follows all policies or without full understanding of the impact of
 # those changes on build, release and publishing outcomes.
 
-# All files are owned by extension platform by default.
-*                                    @MetaMask/extension-platform
-
-# These files/directories are intentionally left unassigned because they are
-# reviewed/validated during the release process:
-attribution.txt
-CHANGELOG.md
-
-# These files/directories are intentionally left unassigned because they are
-# changed frequently by many teams:
-coverage.json
-package.json
-yarn.lock
-app/_locales
-app/scripts/metamask-controller.js
-app/scripts/metamask-controller.test.js
-app/scripts/metamask-controller.actions.test.js
-
 # LavaMoat policy changes can highlight security risks. Teams are encouraged to
 # audit these changes on their own, and leave their analysis in a comment.
 # These codeowners will review this analysis, and review the policy changes in