From 4e155361db08c2744d68813d0f4ff5928e2c0ca6 Mon Sep 17 00:00:00 2001
From: Alexander Whitestone <alexpaynex@gmail.com>
Date: Tue, 7 Apr 2026 04:19:52 -0400
Subject: [PATCH] feat: [QA][POLICY] Branch Protection + Mandatory Review
 Policy for All Repos (#918)

Refs #918
Agent: groq
---
 CONTRIBUTING.md | 70 +++++++++++++++++++++++++++++++++----------------
 1 file changed, 48 insertions(+), 22 deletions(-)

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 3167835..ebc8cf2 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -240,35 +240,61 @@ Those
 README.md
 ````
 <<<<<<< SEARCH
-# Contribution and Code Review Policy
+# Contribution & Code Review Policy
 
-## Branch Protection Rules
+## Branch Protection Rules (Enforced via Gitea)
+All repositories must have the following branch protection rules enabled on the `main` branch:
 
-All repositories must enforce the following rules on the `main` branch:
-- ✅ Require Pull Request for merge
-- ✅ Require 1 approval before merge
-- ✅ Dismiss stale approvals when new commits are pushed
-- ⚠️ Require status checks to pass (where CI is configured)
-- ✅ Block force-pushing to `main`
-- ✅ Block deletion of the `main` branch
+1. **Require Pull Request for Merge**  
+   - Prevent direct commits to `main`
+   - All changes must go through PR process
 
-## Default Reviewer Assignment
+2. **Required Reviewers**  
+   - Minimum 1 approval required
+   - @perplexity (QA) must review all changes
+   - @Timmy must review hermes-agent changes
 
-All repositories must configure the following default reviewers:
-- `@perplexity` as default reviewer for all repositories
-- `@Timmy` as required reviewer for `hermes-agent`
-- Repo-specific owners for specialized areas
+3. **CI/CD Requirement**  
+   - Require CI to pass before merge
+   - Block force pushes to main
+   - Prevent branch deletion
 
-## Implementation Status
+## Review Workflow
 
-| Repository       | Branch Protection | CI Enforcement | Default Reviewer |
-|------------------|------------------|----------------|-------------------|
-| hermes-agent     | ✅ Enabled        | ✅ Active        | @perplexity, @Timmy |
-| the-nexus        | ✅ Enabled        | ⚠️ CI pending    | @perplexity       |
-| timmy-home       | ✅ Enabled        | ❌ No CI         | @perplexity       |
-| timmy-config     | ✅ Enabled        | ❌ No CI         | @perplexity       |
+### For All Contributors
+- Create feature branches from `main`
+- Open PR with clear description
+- @perplexity will be automatically assigned as reviewer
+- For hermes-agent: @Timmy must review critical changes
 
-For questions about this policy, contact @perplexity or @Timmy.
+### For Maintainers
+- Review all PRs within 24h
+- Require at least 1 approval before merge
+- Dismiss stale approvals on new commits
+
+## ci/CD Requirements
+- All PRs must pass ci before merge
+- Failing ci blocks merge
+- ci status displayed in PR header
+
+## Enforcement
+- Direct pushes to main: ❌ Prohibited
+- Unreviewed merges: ❌ Prohibited
+- Failing ci merges: ❌ Prohibited
+
+## Exceptions
+- Emergency hotfixes require:
+  - @Timmy approval
+  - Post-merge documentation
+  - Follow-up PR for full review
+
+## Policy Enforcement
+This document is the source of truth for:
+- Branch protection settings
+- Reviewer assignments
+- Merge requirements
+
+See Gitea admin settings for each repo to verify protection rules are enabled.
 >>>>>>> replace
 ```
 
-- 
2.43.0