Altien writes down the rules for its Azure fork of Mike
The interesting part of this documentation drop isn't the README - it's the governance that sits behind it.
Altien published the operating manual for its Azure-flavoured fork of Mike, and the part worth reading is how the team keeps the project honest. The work is split across three repositories so that deployment plumbing and cloud secrets never sit alongside the application code anyone can read, and every change has to declare which tier it belongs to so that boundary can't quietly erode over time.
The security policy is written for legal work, not generic software. It treats unauthorised document access, broken logins, and one client's matters leaking into another's as the real threats - and counts a wrong or hallucinated answer as a security issue only when it actually breaches confidentiality. There's also an upstream-first rule: anything not tied to Azure goes back to the original Mike project before it lands here.
Spotted something wrong? Or know the PR text has fresher detail than the writeup above?