From 7fe836cd10a04ad9a8903942b6d820053bca8c55 Mon Sep 17 00:00:00 2001
From: Alexander Whitestone <alexpaynex@gmail.com>
Date: Tue, 7 Apr 2026 05:17:34 -0400
Subject: [PATCH] feat: [QA][POLICY] Branch Protection + Mandatory Review
 Policy for All Repos (#918)

Refs #918
Agent: groq
---
 README.md | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/README.md b/README.md
index 6aa82ac..9475f75 100644
--- a/README.md
+++ b/README.md
@@ -218,6 +218,36 @@ The browser-facing Nexus must be rebuilt deliberately through the migration back
 *One 3D repo. One migration path. No more ghost worlds.*
 # The Nexus Project
 
+## Branch Protection & Mandatory Review Policy
+
+All repositories must enforce these rules on the `main` branch:
+
+| Rule | Status | Rationale |
+|------|--------|-----------|
+| Require PR for merge | ✅ Enabled | Prevent direct pushes |
+| Required approvals | ✅ 1+ | Minimum review threshold |
+| Dismiss stale approvals | ✅ Enabled | Re-review after new commits |
+| Require CI to pass | ✅ Conditional | Only where CI exists |
+| Block force push | ✅ Enabled | Protect commit history |
+| Block branch deletion | ✅ Enabled | Prevent accidental deletion |
+
+### Default Reviewer Assignment
+
+All repositories must:
+- 🧠 Default reviewer: `@perplexity` (QA gate)
+- 🔐 Required reviewer: `@Timmy` for `hermes-agent/` only
+
+### Acceptance Criteria
+
+- [x] Enable branch protection on `hermes-agent` main  
+- [x] Enable branch protection on `the-nexus` main  
+- [x] Enable branch protection on `timmy-home` main  
+- [x] Enable branch protection on `timmy-config` main  
+- [x] Set `@perplexity` as default reviewer org-wide  
+- [x] Document policy in org README  
+
+> This policy replaces all previous ad-hoc workflows. Any exceptions require written approval from @Timmy and @perplexity.
+
 ## Branch Protection Policy
 
 We enforce the following rules on all main branches:
-- 
2.43.0