Skip to content

chore: add vouch system for first-time contributors#375

Merged
johntmyers merged 4 commits intomainfrom
chore/vouch-system
Mar 16, 2026
Merged

chore: add vouch system for first-time contributors#375
johntmyers merged 4 commits intomainfrom
chore/vouch-system

Conversation

@johntmyers
Copy link
Collaborator

@johntmyers johntmyers commented Mar 16, 2026

Summary

Add a vouch system that gates first-time external contributor PRs behind maintainer approval. Inspired by Ghostty's contributor trust model. Org members and collaborators bypass automatically.

Changes

  • vouch-check.yml — auto-closes PRs from unvouched users (bots exempted)
  • vouch-command.yml — handles /vouch command in Discussion comments, appends username to .github/VOUCHED
  • .github/VOUCHED — flat-file allowlist of approved contributor usernames
  • .github/DISCUSSION_TEMPLATE/vouch-request.yml — structured template for vouch requests
  • CONTRIBUTING.md — added "The Critical Rule", "AI Usage", "First-Time Contributors", and "Finding Work" sections
  • AGENTS.md — added Vouch System section and updated PR conventions
  • .github/CODEOWNERS — added ownership for VOUCHED file
  • .github/ISSUE_TEMPLATE/config.yml — added vouch request as first contact link

Manual Setup Required

After merge, a repo admin needs to:

  1. Enable GitHub Discussions (Settings > General > Features)
  2. Create a "Vouch Request" discussion category (General type, not Announcement)
  3. Label some issues good-first-issue to populate the link in CONTRIBUTING.md

Testing

  • mise run pre-commit passes
  • Reviewed by principal-engineer-reviewer agent for security, race conditions, and edge cases
  • E2E validation planned with test contributors post-merge

Checklist

  • Follows Conventional Commits
  • Commits are signed off (DCO)
  • Architecture docs updated (AGENTS.md)

@johntmyers
chore: add vouch system for first-time contributors
3c41eb1 
Add a trust gate that auto-closes PRs from unvouched external
contributors. Org members and collaborators bypass automatically.
Maintainers vouch users by commenting /vouch on a Vouch Request
discussion, which appends the username to .github/VOUCHED.

Also adds AI usage policy and good-first-issue guidance to
CONTRIBUTING.md.

Signed-off-by: John Myers <johntmyers@users.noreply.github.com>
@johntmyers johntmyers self-assigned this Mar 16, 2026
@johntmyers
refactor: use mitchellh/vouch action instead of hand-rolled workflows
5fae18e 
Replace custom vouch-check and vouch-command workflow scripts with
the mitchellh/vouch GitHub Actions. Handles bot exemption, race
conditions, denouncement, and the .td file format out of the box.

Signed-off-by: John Myers <johntmyers@users.noreply.github.com>
@johntmyers
chore: simplify vouch request template to what and why
adf335e 
Signed-off-by: John Myers <johntmyers@users.noreply.github.com>
@johntmyers
chore: remove redundant AI-generated prose warning
45c761d 
Signed-off-by: John Myers <johntmyers@users.noreply.github.com>
@johntmyers johntmyers merged commit a4e2c91 into main Mar 16, 2026
9 checks passed
@johntmyers johntmyers deleted the chore/vouch-system branch March 16, 2026 22:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@drew drew drew approved these changes

@pimlock pimlock pimlock approved these changes

Assignees

@johntmyers johntmyers

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@johntmyers @drew @pimlock