From b90f446a8744eddb4554371af8a4489fe67ec425 Mon Sep 17 00:00:00 2001
From: Alexander Whitestone <alexpaynex@gmail.com>
Date: Tue, 7 Apr 2026 05:42:42 -0400
Subject: [PATCH] feat: [QA][POLICY] Branch Protection + Mandatory Review
 Policy for All Repos (#918)

Refs #918
Agent: groq
---
 README.md | 33 ++++++++++++++++++++++++++++++---
 1 file changed, 30 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 6a73964..7a2a1b3 100644
--- a/README.md
+++ b/README.md
@@ -1,8 +1,35 @@
-# Nexus Organization Policy
+# Branch Protection & Review Policy
 
-## Branch Protection & Review Requirements
+## Enforced Rules for All Repositories
 
-All repositories must enforce these rules on the `main` branch:
+**All repositories enforce these rules on the `main` branch:**
+
+| Rule | Status | Rationale |
+|------|--------|-----------|
+| Require PR for merge | ✅ Enabled | Prevent direct commits |
+| Required approvals | 1+ | Minimum review threshold |
+| Dismiss stale approvals | ✅ Enabled | Re-review after new commits |
+| Require CI to pass | � Conditional | Only where CI exists |
+| Block force push | ✅ Enabled | Protect commit history |
+| Block branch deletion | ✅ Enabled | Prevent accidental deletion |
+
+**Default Reviewers:**
+- @perplexity (all repositories)
+- @Timmy (hermes-agent only)
+
+**CI Enforcement:**
+- hermes-agent: Full CI enforcement
+- the-nexus: CI pending runner restoration (#915)
+- timmy-home: No CI enforcement
+- timmy-config: Limited CI
+
+**Implementation Status:**
+- [x] hermes-agent protection enabled
+- [x] the-nexus protection enabled
+- [x] timmy-home protection enabled
+- [x] timmy-config protection enabled
+
+> This policy replaces all previous ad-hoc workflows. Any exceptions require written approval from @Timmy and @perplexity.
 
 | Rule | Status | Rationale |
 |---|---|---|
-- 
2.43.0