diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 3565676..a0c4b23 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -46,15 +46,24 @@ The subject is **lowercase** after the colon. Title Case prose (`Add the thing`) ### Solo-owner merge policy -This repo runs with a single code owner (`* @constk` in `CODEOWNERS`). GitHub forbids a PR author from approving their own PR, so the standard "1 code-owner review" gate cannot be satisfied without an admin override. While in this state, the **intended workflow is**: +> **Transitional — only while this repo has a single code owner.** Standard practice is a code-owner review on every PR. The flow below exists because GitHub forbids self-approval, so a single-owner repo cannot satisfy the "1 code-owner review" gate any other way. The exemption is **removed** the moment a second collaborator with merge rights joins. + +This repo currently runs with a single code owner (`* @constk` in `CODEOWNERS`). While in this state, the intended merge command is: ```sh gh pr merge --admin --squash --delete-branch ``` -…for `feat:` / `fix:` / `chore:` PRs, and `--admin --merge` (preserves history) for `release:` PRs. The `enforce_admins: false` line in `.github/branch-protection/{develop,main}.json` is the documented escape hatch — admin merge here is the policy, not a deviation from it. +…for `feat:` / `fix:` / `chore:` PRs, and `--admin --merge` (preserves history) for `release:` PRs. The `enforce_admins: false` line in `.github/branch-protection/{develop,main}.json` is the documented escape hatch — admin merge here is the documented single-owner workaround, not bypass of the gates (every required status check still has to pass). + +**When the exemption ends.** As soon as a second collaborator with merge rights is onboarded: + +1. Drop the `--admin` flag from the merge command and adopt standard PR review. +2. Remove this entire subsection. +3. Update `CODEOWNERS` to add the new collaborator. +4. Flip `enforce_admins` to `true` in the branch-protection JSON for both branches. Leaving it `false` would keep the admin-bypass door open even after the single-owner workaround is no longer needed — defeats the point of removing the workaround. -When a second collaborator joins, drop the `--admin` flag and adopt standard PR review. Update this section + `CODEOWNERS` in the same PR. +All four changes land in a single PR. ## Line endings (Windows clones) diff --git a/pyproject.toml b/pyproject.toml index 701f7a5..c7affac 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [project] name = "harness-python-react" -version = "0.2.13" +version = "0.2.14" description = "Production-quality LLM-driven coding harness — Python (FastAPI) backend, Vite + React + TypeScript frontend." readme = "README.md" requires-python = ">=3.14" diff --git a/uv.lock b/uv.lock index 1d71286..851edd4 100644 --- a/uv.lock +++ b/uv.lock @@ -337,7 +337,7 @@ wheels = [ [[package]] name = "harness-python-react" -version = "0.2.13" +version = "0.2.14" source = { virtual = "." } dependencies = [ { name = "fastapi" },