docs(sdlc): move uat→main merge-gate policy here; CTO Approve only for novel auth, infra/prod, and risk-flagged (GRO-2377) (#13)

Co-authored-by: Flea Flicker <flea@groombook.dev>
Co-committed-by: Flea Flicker <flea@groombook.dev>
This commit was merged in pull request #13.
This commit is contained in:
2026-06-12 16:27:24 +00:00
committed by The Dogfather
parent 36310c48db
commit 5d39685451
2 changed files with 52 additions and 12 deletions
+7 -2
View File
@@ -3,8 +3,9 @@ name: coding-standards
description: >
Engineering quality bar for GroomBook code: priority ordering of correctness
vs. clarity vs. maintainability vs. performance vs. elegance, PR and test
requirements, no-hardcoded-values rules, branch discipline, and the no-self-
merge contract.
requirements, no-hardcoded-values rules, branch discipline, and the
no-self-merge contract. The uat→main merge-gate policy lives in the `sdlc`
skill, not here.
---
# Coding Standards
@@ -57,6 +58,10 @@ All releases use CalVer (`YYYY.MMDD.PATCH`, e.g. `2026.0504.0`). No SemVer, no c
Push to `git.farh.net` only. Never Docker Hub for first-party images.
## uat→main merge-gate policy
The uat→main merge-gate policy lives in the `sdlc` skill, not here. The one-line summary: the engineer self-merges a uat→main PR once the four pre-gates (QA, UAT deploy, UAT regression, security) are green and the CEO code review is APPROVED on the Paperclip issue. A CTO Gitea Approve click is reserved for three categories: novel auth / session paths, infra / prod-affecting merges, and risk-flagged merges. See the `sdlc` skill — "uat→main merge-gate policy" — for the full rule, the category list, and the "when uncertain" escalation path.
## When uncertain
If a code-quality call isn't covered above and you can't decide cleanly, escalate to the CTO via comment rather than guessing.