# CODEOWNERS for morethanadiagnosis-hub
#
# This file defines code ownership and automated review routing.
# GitHub will automatically request reviews from the listed owners when files are changed.
#
# Syntax: [path pattern] @owner1 @owner2 @team-name
#
# For more info: https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners

# ==============================================================================
# DEFAULT OWNERS
# ==============================================================================
# All files require at least one review unless more specific rules apply
* @fullsizemalt

# ==============================================================================
# OPENSPEC GOVERNANCE
# ==============================================================================
# OpenSpec core files require architecture and compliance sign-off
/openspec/project.md @fullsizemalt
/openspec/ai-commands.md @fullsizemalt
/openspec/README.md @fullsizemalt

# All proposals require initial review from program leads
/openspec/changes/ @fullsizemalt

# Proposal template changes require broad consensus
/openspec/templates/ @fullsizemalt

# ==============================================================================
# OPENSPEC SPECS (Applied/Approved Specifications)
# ==============================================================================
# Architecture specs require architecture and security review
/openspec/specs/architecture.md @fullsizemalt

# Privacy/compliance specs MUST be reviewed by compliance and security teams
/openspec/specs/privacy-compliance.md @fullsizemalt
/openspec/specs/data-model.md @fullsizemalt
/openspec/specs/migration-wix.md @fullsizemalt

# Accessibility specs require accessibility specialist review
/openspec/specs/accessibility.md @fullsizemalt

# Feature specs require relevant domain owners
/openspec/specs/feature-*.md @fullsizemalt

# ==============================================================================
# GITHUB WORKFLOWS & CONFIGURATION
# ==============================================================================
# Changes to CI/CD, automation, and GitHub config require infra review
/.github/workflows/ @fullsizemalt
/.github/CODEOWNERS @fullsizemalt
/.github/pull_request_template.md @fullsizemalt
/.github/ISSUE_TEMPLATE/ @fullsizemalt

# ==============================================================================
# MOBILE PLATFORMS
# ==============================================================================
# Android changes require mobile and accessibility review
/android/ @fullsizemalt
/android/**/accessibility/ @fullsizemalt

# iOS changes require mobile and accessibility review
/ios/ @fullsizemalt
/ios/**/Accessibility/ @fullsizemalt

# React Native/Expo (if used) requires mobile review
/mobile/ @fullsizemalt
/app/ @fullsizemalt

# ==============================================================================
# WEB PLATFORM
# ==============================================================================
# Web frontend changes require web and accessibility review
/web/ @fullsizemalt
/frontend/ @fullsizemalt
/src/components/ @fullsizemalt

# Accessibility-specific web components require accessibility review
/web/**/accessibility/ @fullsizemalt
/web/**/a11y/ @fullsizemalt
/src/components/**/*Accessible* @fullsizemalt

# ==============================================================================
# BACKEND & APIs
# ==============================================================================
# API changes require backend and security review
/api/ @fullsizemalt
/backend/ @fullsizemalt
/server/ @fullsizemalt

# Authentication/authorization changes require security review
/api/auth/ @fullsizemalt
/backend/auth/ @fullsizemalt
/server/middleware/auth* @fullsizemalt

# Data access and models require data and compliance review
/api/models/ @fullsizemalt
/backend/models/ @fullsizemalt
/server/db/ @fullsizemalt
/database/ @fullsizemalt
/migrations/ @fullsizemalt

# ==============================================================================
# COMPLIANCE-SENSITIVE AREAS
# ==============================================================================
# PHI/PII handling code requires compliance AND security review
/**/*phi* @fullsizemalt
/**/*pii* @fullsizemalt
/**/*health* @fullsizemalt
/**/*medical* @fullsizemalt
/**/*hipaa* @fullsizemalt
/**/*gdpr* @fullsizemalt

# Logging and telemetry (must not leak PHI/PII)
/**/logging/ @fullsizemalt
/**/telemetry/ @fullsizemalt
/**/analytics/ @fullsizemalt

# Data export/import (DSR workflows)
/**/export/ @fullsizemalt
/**/import/ @fullsizemalt
/**/migration/ @fullsizemalt

# ==============================================================================
# DESIGN SYSTEM & ACCESSIBILITY COMPONENTS
# ==============================================================================
# Design system changes require design and accessibility review
/design-system/ @fullsizemalt
/packages/ui/ @fullsizemalt
/shared/components/ @fullsizemalt

# ==============================================================================
# DOCUMENTATION
# ==============================================================================
# User-facing documentation requires accessibility review (plain language)
/docs/ @fullsizemalt
/README.md @fullsizemalt
/CONTRIBUTING.md @fullsizemalt

# API documentation requires backend review
/docs/api/ @fullsizemalt

# ==============================================================================
# INFRASTRUCTURE & SECURITY
# ==============================================================================
# Infrastructure as code requires infra and security review
/terraform/ @fullsizemalt
/infrastructure/ @fullsizemalt
/.infra/ @fullsizemalt
/k8s/ @fullsizemalt
/kubernetes/ @fullsizemalt

# Docker configurations require infra review
/Dockerfile* @fullsizemalt
/docker-compose*.yml @fullsizemalt
/.dockerignore @fullsizemalt

# Security configurations require security review
/security/ @fullsizemalt
/.security/ @fullsizemalt
/SECURITY.md @fullsizemalt

# Dependency changes (potential security impact)
/package.json @fullsizemalt
/package-lock.json @fullsizemalt
/yarn.lock @fullsizemalt
/Gemfile @fullsizemalt
/Gemfile.lock @fullsizemalt
/Pipfile @fullsizemalt
/requirements.txt @fullsizemalt
/build.gradle @fullsizemalt
/Podfile @fullsizemalt

# ==============================================================================
# TESTING
# ==============================================================================
# Accessibility test changes require accessibility review
/**/*.a11y.test.* @fullsizemalt
/**/*.accessibility.test.* @fullsizemalt
/tests/accessibility/ @fullsizemalt
/e2e/accessibility/ @fullsizemalt

# ==============================================================================
# NOTES FOR FUTURE EXPANSION
# ==============================================================================
# As the team grows, replace @fullsizemalt with actual team handles:
# - @morethanadiagnosis/accessibility-team
# - @morethanadiagnosis/compliance-team
# - @morethanadiagnosis/security-team
# - @morethanadiagnosis/mobile-team
# - @morethanadiagnosis/web-team
# - @morethanadiagnosis/backend-team
# - @morethanadiagnosis/data-team
# - @morethanadiagnosis/infra-team