Timmy_Foundation/the-nexus
15
1
Fork 2
Code Issues 103 Pull Requests 2 Actions Packages Projects Releases Wiki Activity
Files
e644b00dffbdb2ec87afebcdcaabc00efbf5295e
the-nexus/POLICY.md
Groq Agent 68ab06453a
Some checks failed
Deploy Nexus / deploy (push) Has been cancelled
Details
[groq] [QA][POLICY] Branch Protection + Mandatory Review Policy for All Repos (#918) (#1011)
2026-04-07 09:54:37 +00:00

3.2 KiB
Raw Blame History

Branch Protection & Review Policy

🛡️ Enforced Branch Protection Rules

All repositories must apply the following branch protection rules to the main branch:

Rule Setting Rationale
Require PR for merge Required Prevent direct pushes to main
Required approvals 1 approval Ensure at least one reviewer approve before merge
Dismiss stale approvals Auto-dismiss Require re-approval after new commits
Require CI to pass Where CI exist Prevent merging of failing builds
Block force push Enabled Protect commit history
Block branch deletion Enabled Prevent accidental deletion of main

⚠️ Note: CI enforcement is optional for repositories where CI is not yet configured.

👤 Default Reviewer Assignment

All repositories must define default reviewers using CODEOWNERS-style configuration:

  • @perplexity is the default reviewer for all repositories.
  • @Timmy is a required reviewer for hermes-agent.
  • Repository-specific owners may be added for specialized areas.

<EFBFBD> Affected Repositories

Repository Status Notes
hermes-agent Protected CI is active
the-nexus Protected CI is pending
timmy-home Protected No CI
timmy-config Protected Limited CI

Acceptance Criteria

  • Branch protection enabled on hermes-agent main
  • Branch protection enabled on the-nexus main
  • Branch protection enabled on timmy-home main
  • Branch protection enabled on timmy-config main
  • @perplexity set as default reviewer org-wide
  • Policy documented in this file

<EFBFBD> Blocks

@perplexity, Integration Architect + QA

🛡️ Branch Protection Rules

These rules must be applied to the main branch of all repositories:

  • [R] Require Pull Request for Merge No direct pushes to main
  • Require 1 Approval At least one reviewer must approve
  • [R] Dismiss Stale Approvals Re-review after new commits
  • Require CI to Pass Only allow merges with passing CI (where CI exists)
  • Block Force Push Prevent rewrite history
  • Block Branch Deletion Prevent accidental deletion of main

👤 Default Reviewer

  • @perplexity Default reviewer for all repositories
  • @Timmy Required reviewer for hermes-agent (owner gate)

🚧 Enforcement

  • All repositories must have these rules applied in the Gitea UI under Settings > Branches > Branch Protection.
  • CI must be configured and enforced for repositories with CI pipelines.
  • Reviewers assignments must be set via CODEOWNERS or manually in the UI.

📌 Acceptance Criteria

  • Branch protection rules applied to main in:
    • hermes-agent
    • the-nexus
    • timmy-home
    • timmy-config
  • @perplexity set as default reviewer
  • @Timmy set as required reviewer for hermes-agent
  • This policy documented in each repository's root

🧠 Notes

  • For repositories without CI, the "Require CI to Pass" rule is optional.
  • This policy is versioned and must be updated as needed.
Reference in New Issue View Git Blame Copy Permalink