# Branch Protection Policy for Timmy Foundation

## Enforced Rules for All Repositories

All repositories must enforce these rules on the `main` branch:

| Rule | Status | Rationale |
|------|--------|-----------|
| Require PR for merge | ✅ Enabled | Prevent direct commits |
| Required approvals | 1+ | Minimum review threshold |
| Dismiss stale approvals | ✅ Enabled | Re-review after new commits |
| Require CI to pass | ⚠ Conditional | Only where CI exists |
| Block force push | ✅ Enabled | Protect commit history |
| Block branch deletion | ✅ Enabled | Prevent accidental deletion |

## Default Reviewer Assignments

- **All repositories**: @perplexity (QA gate)
- **hermes-agent**: @Timmy (owner gate)
- **Specialized areas**: Repo-specific owners for domain expertise

## CI Enforcement Status

| Repository | CI Status | Notes |
|------------|-----------|-------|
| hermes-agent | ✅ Active | Full CI enforcement |
| the-nexus | ⚠ Pending | CI runner dead (#915) |
| timmy-home | ❌ Disabled | No CI configured |
| timmy-config | ❌ Disabled | Limited CI |

## Implementation Requirements

1. All repositories must have:
   - [x] Branch protection enabled
   - [x] @perplexity set as default reviewer
   - [x] This policy documented in README

2. Special requirements:
   - [ ] CI runner restored for the-nexus (#915)
   - [ ] Full CI implementation for all repos

Last updated: 2026-04-07