Faramesh Docs
Registry guides

Contribute to the registry

Publish a policy pack from existing rules in about 30 minutes. No maintainer access required for community artifacts.

This guide takes you from existing governance rules (for example Stripe refund limits you already enforce) to a published policy pack in the faramesh-registry catalog. Maintainers sign official artifacts; community contributors open a PR and consumers pin your publisher key.

Time: about 30 minutes if you already have FPL or can translate your rules.

You need: faramesh CLI, a GitHub account, and a fork of faramesh-registry.

Fork and clone (5 min)

Terminal
git clone https://github.com/<your-user>/faramesh-registry.git
cd faramesh-registry

Copy an existing policy pack (2 min)

Terminal
cp -r catalog/artifacts/policies/faramesh/stripe/1.0.0 \
      catalog/artifacts/policies/faramesh/<your-pack>/1.0.0

Replace <your-pack> with a short name (acme-payments, support-refunds, etc.).

Edit policy.fpl (15 min)

File: catalog/artifacts/policies/faramesh/<your-pack>/1.0.0/policy.fpl

Translate your rules into FPL. Minimal example:

policy.fpl
pack "acme-payments" {
  version = "1.0.0"

  agent "payments-bot" {
    default deny

    rules {
      permit stripe/refund if amount < $500
      defer  stripe/refund if amount >= $500
      deny   stripe/payouts
    }

    rate_limit "stripe/*": 10 per minute
  }
}

Run validation from the registry root:

Terminal
./scripts/validate-catalog.sh

Fix any errors before continuing.

Register in the catalog index (3 min)

File: catalog/catalog.json

Add an entry under policies (copy an existing block and change ids):

catalog.json
{
  "id": "policies/faramesh/acme-payments/1.0.0",
  "path": "artifacts/policies/faramesh/acme-payments/1.0.0",
  "trust_tier": "community",
  "publisher": "your-github-org-or-user"
}

Add README.md beside the artifact describing what the pack does and required provider config.

Validate and open a PR (5 min)

Terminal
./scripts/validate-catalog.sh
git checkout -b add-policy-acme-payments
git add catalog/
git commit -m "registry: add acme-payments policy pack 1.0.0"
git push -u origin HEAD

Open a pull request against faramesh/faramesh-registry. Describe:

  • What tools and effects the pack governs
  • Example import line consumers will use
  • Any external dependencies (Vault paths, Stripe, etc.)

Official maintainers run signing after merge. Community packs stay trust_tier: "community" until promoted.

Consume your pack

In a project governance.fms:

governance.fms
import "github.com/faramesh/faramesh-registry/policies/faramesh/acme-payments@1.0.0"

trust {
  key "your-publisher-key-id" = "BASE64_PUBLIC_KEY_FROM_README"
}
Terminal
faramesh check
faramesh dev

Community vs official

CommunityOfficial (faramesh)
SigningPR only; consumers pin your keySigned with registry Ed25519 key
trust_tiercommunityofficial
ReviewMaintainer review on PRMaintainer team

Catalog overview

How the GitHub catalog is organized and how the CLI resolves imports.

Using registry providers

Import signed provider binaries from the GitHub catalog and wire them in governance.fms.

On this page

Fork and clone (5 min)Copy an existing policy pack (2 min)Edit policy.fpl (15 min)Register in the catalog index (3 min)Validate and open a PR (5 min)Consume your packCommunity vs officialRelated