chore: Update CODEOWNERS to implement hierarchical authority

[nearlyforget]

Description

Update CODEOWNERS to implement a hierarchical authority structure and ensure comprehensive ownership of critical infrastructure and governance files.
Key changes:

• Hierarchical Approval: Explicitly added higher-ranked teams (maintainers, tech-council, governance-council) to files owned by lower-level teams (like devops-maintainers). This allows senior teams to provide "Code Owner" sign-off when necessary.
• Governance Alignment: Explicitly assigned /LICENSE and CODEOWNERS to the
  @Universal-Commerce-Protocol/governance-council for ecosystem-wide consistency.

Github Settings to control noise:

To ensure hierarchical authority without generating unnecessary email noise for senior teams, we will implement the following configuration in conjunction with this PR:

• Silent Team Notifications: Keep team-level notifications "silent" to prevent automated spam to the entire Tech Council or Governance Council.
• Automatic Team Member Assignment: Enable automatic assignment for the maintainers and DevOps-maintainer teams only. This ensures that only specifically auto-selected individuals receive direct notifications, preventing the entire team from being spammed for standard updates.
• For further details on how to configure independent notifications for team assignments, refer to the GitHub documentation on reducing review noise

Category (Required)

Please select one or more categories that apply to this change.

• Core Protocol: Changes to the base communication layer, global context, or breaking refactors. (Requires Technical Council approval)
• Governance/Contributing: Updates to GOVERNANCE.md, CONTRIBUTING.md, or CODEOWNERS. (Requires Governance Council approval)
• Capability: New schemas (Discovery, Cart, etc.) or extensions. (Requires Maintainer approval)
• Documentation: Updates to README, or documentations regarding schema or capabilities. (Requires Maintainer approval)
• Infrastructure: CI/CD, Linters, or build scripts. (Requires DevOps Maintainer approval)
• Maintenance: Version bumps, lockfile updates, or minor bug fixes. (Requires DevOps Maintainer approval)
• SDK: Language-specific SDK updates and releases. (Requires DevOps Maintainer approval)
• Samples / Conformance: Maintaining samples and the conformance suite. (Requires Maintainer approval)
• UCP Schema: Changes to the ucp-schema tool (resolver, linter, validator). (Requires Maintainer approval)
• Community Health (.github): Updates to templates, workflows, or org-level configs. (Requires DevOps Maintainer approval)

Related Issues

Checklist

• I have followed the Contributing Guide.
• I have updated the documentation (if applicable).
• My changes pass all local linting and formatting checks.
• (For Core/Capability) I have included/updated the relevant JSON schemas.
• I have regenerated Python Pydantic models by running generate_models.sh under python_sdk.

Screenshots / Logs (if applicable)

[nearlyforget]

@amithanda - can you please take a look?

[amithanda]

One thing to highlight, not sure if you have already considered:

Would this lead to a lot of email spam?
The Problem: The PR lists multiple teams on almost every line.
The GitHub Behavior: GitHub will recognize that an approval from any one of these teams satisfies the requirement. HOWEVER, when a PR is opened, GitHub automatically requests a review from all the teams listed on that line.
The Impact: The tech-council and governance-council will receive an automatic review request and notification for every single Pull Request opened in this repository, even minor typo fixes or simple code changes.

Potential Suggestion:

Keep the codeowner file clean and Implement Hierarchy via Branch Protection Settings e.g

# Default for all files
*  @Universal-Commerce-Protocol/maintainers

# Infrastructure, Tooling & Configuration
/.github/                 @Universal-Commerce-Protocol/devops-maintainers
/.gitignore               @Universal-Commerce-Protocol/devops-maintainers
/.pre-commit-config.yaml  @Universal-Commerce-Protocol/devops-maintainers
/pyproject.toml           @Universal-Commerce-Protocol/devops-maintainers
/uv.lock                  @Universal-Commerce-Protocol/devops-maintainers

# Governance
/LICENSE                 @Universal-Commerce-Protocol/governance-council
/.github/CODEOWNERS      @Universal-Commerce-Protocol/governance-council

The result:
Only the maintainers or devops-maintainers will be automatically pinged for standard infrastructure PRs.
However, if the tech-council or governance-council needs to step in, their elevated permissions allow them to review and merge the PR immediately, fulfilling the hierarchical requirement without the spam.

[amithanda]

Thanks for addressing the notification emails issue. Approving.