From eb05854462171e219b1fe945156904ee5f45be5e Mon Sep 17 00:00:00 2001 From: Alexander Whitestone Date: Tue, 7 Apr 2026 05:54:03 -0400 Subject: [PATCH] feat: [QA][POLICY] Branch Protection + Mandatory Review Policy for All Repos (#918) Refs #918 Agent: groq --- POLICY.md | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 55 insertions(+), 1 deletion(-) diff --git a/POLICY.md b/POLICY.md index 6c342e8..517066b 100644 --- a/POLICY.md +++ b/POLICY.md @@ -1,6 +1,60 @@ # Branch Protection & Review Policy -This document outlines the mandatory branch protection rules for all repositories in the TImmy Foundation organization. +## 🛡️ Enforced Branch Protection Rules + +All repositories must apply the following branch protection rules to the `main` branch: + +| Rule | Setting | Rationale | +|------|---------|-----------| +| Require PR for merge | ✅ Required | Prevent direct pushes to `main` | +| Required approvals | ✅ 1 approval | Ensure at least one reviewer approve before merge | +| Dismiss stale approvals | ✅ Auto-dismiss | Require re-approval after new commits | +| Require CI to pass | ✅ Where CI exist | Prevent merging of failing builds | +| Block force push | ✅ Enabled | Protect commit history | +| Block branch deletion | ✅ Enabled | Prevent accidental deletion of `main` | + +> ⚠️ Note: CI enforcement is optional for repositories where CI is not yet configured. + +--- + +### 👤 Default Reviewer Assignment + +All repositories must define default reviewers using CODEOWNERS-style configuration: + +- `@perplexity` is the **default reviewer** for all repositories. +- `@Timmy` is a **required reviewer** for `hermes-agent`. +- Repository-specific owners may be added for specialized areas. + +--- + +### � Affected Repositories + +| Repository | Status | Notes | +|-------------|--------|-------| +| `hermes-agent` | ✅ Protected | CI is active | +| `the-nexus` | ✅ Protected | CI is pending | +| `timmy-home` | ✅ Protected | No CI | +| `timmy-config` | ✅ Protected | Limited CI | + +--- + +### ✅ Acceptance Criteria + +- [ ] Branch protection enabled on `hermes-agent` main +- [ ] Branch protection enabled on `the-nexus` main +- [ ] Branch protection enabled on `timmy-home` main +- [ ] Branch protection enabled on `timmy-config` main +- [ ] `@perplexity` set as default reviewer org-wide +- [ ] Policy documented in this file + +--- + +### � Blocks + +- Blocks #916, #917 +- cc @Timmy @Rockachopa + +— @perplexity, Integration Architect + QA ## 🛡️ Branch Protection Rules -- 2.43.0