re-ACK after a set time period

[eslerm]

When there is a long gap between ACK to main and promotion to main, the MIR Team and Security Team should have an opportunity to re-investigate a MIR.

I'm unsure where this rule should go. I propose that re-ACK is required for any ACK older than an LTS cycle:

An ACK from the MIR Team or Security Team which is older than two years must be re-acknowledged before promotion to main. The MIR Team or Security Team may choose to simply re-ACK or re-investigate the MIR.

[eslerm]

I may have not stated this well enough: this issue is about a package which has been conditionally approved by the MIR (and possibly Security) team, but incomplete and not yet in main. After a long period, say two-years, I believe the MIR needs to be re-reviewed for promotion in main even if the owning team resolves outstanding issues.

This type of promotion happened during lunar.

[cpaelzer]

For now, no one was willing or able to spend the extra resources - tagging it as won't fix until that changes

[eslerm]

We discussed this during today's meeting. The intent of this issue is to allow re-triaging MIR approvals which have gone "stale". After two years, if the owning team has not promoted a package after getting ACK, the MIR team should have the option to re-review the package again.

This is not about reviewing packages already in main like #17