8c05a17067
- Add PR template with OpenSpec compliance checklist - Enforces spec-first workflow and lifecycle commands - Includes accessibility, privacy, security gates - Requires platform parity verification - Add CODEOWNERS for automated review routing - Routes a11y changes to accessibility reviewers - Routes PHI/PII changes to compliance + security - Routes API/backend changes to security reviewers - Placeholder @fullsizemalt (expand to teams later) - Add AI_HANDOFF.md for agent collaboration - Documents current session state and decisions - Provides context for future AI collaborators - Lists next steps and open questions
195 lines
7.2 KiB
Text
195 lines
7.2 KiB
Text
# CODEOWNERS for morethanadiagnosis-hub
|
|
#
|
|
# This file defines code ownership and automated review routing.
|
|
# GitHub will automatically request reviews from the listed owners when files are changed.
|
|
#
|
|
# Syntax: [path pattern] @owner1 @owner2 @team-name
|
|
#
|
|
# For more info: https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners
|
|
|
|
# ==============================================================================
|
|
# DEFAULT OWNERS
|
|
# ==============================================================================
|
|
# All files require at least one review unless more specific rules apply
|
|
* @fullsizemalt
|
|
|
|
# ==============================================================================
|
|
# OPENSPEC GOVERNANCE
|
|
# ==============================================================================
|
|
# OpenSpec core files require architecture and compliance sign-off
|
|
/openspec/project.md @fullsizemalt
|
|
/openspec/ai-commands.md @fullsizemalt
|
|
/openspec/README.md @fullsizemalt
|
|
|
|
# All proposals require initial review from program leads
|
|
/openspec/changes/ @fullsizemalt
|
|
|
|
# Proposal template changes require broad consensus
|
|
/openspec/templates/ @fullsizemalt
|
|
|
|
# ==============================================================================
|
|
# OPENSPEC SPECS (Applied/Approved Specifications)
|
|
# ==============================================================================
|
|
# Architecture specs require architecture and security review
|
|
/openspec/specs/architecture.md @fullsizemalt
|
|
|
|
# Privacy/compliance specs MUST be reviewed by compliance and security teams
|
|
/openspec/specs/privacy-compliance.md @fullsizemalt
|
|
/openspec/specs/data-model.md @fullsizemalt
|
|
/openspec/specs/migration-wix.md @fullsizemalt
|
|
|
|
# Accessibility specs require accessibility specialist review
|
|
/openspec/specs/accessibility.md @fullsizemalt
|
|
|
|
# Feature specs require relevant domain owners
|
|
/openspec/specs/feature-*.md @fullsizemalt
|
|
|
|
# ==============================================================================
|
|
# GITHUB WORKFLOWS & CONFIGURATION
|
|
# ==============================================================================
|
|
# Changes to CI/CD, automation, and GitHub config require infra review
|
|
/.github/workflows/ @fullsizemalt
|
|
/.github/CODEOWNERS @fullsizemalt
|
|
/.github/pull_request_template.md @fullsizemalt
|
|
/.github/ISSUE_TEMPLATE/ @fullsizemalt
|
|
|
|
# ==============================================================================
|
|
# MOBILE PLATFORMS
|
|
# ==============================================================================
|
|
# Android changes require mobile and accessibility review
|
|
/android/ @fullsizemalt
|
|
/android/**/accessibility/ @fullsizemalt
|
|
|
|
# iOS changes require mobile and accessibility review
|
|
/ios/ @fullsizemalt
|
|
/ios/**/Accessibility/ @fullsizemalt
|
|
|
|
# React Native/Expo (if used) requires mobile review
|
|
/mobile/ @fullsizemalt
|
|
/app/ @fullsizemalt
|
|
|
|
# ==============================================================================
|
|
# WEB PLATFORM
|
|
# ==============================================================================
|
|
# Web frontend changes require web and accessibility review
|
|
/web/ @fullsizemalt
|
|
/frontend/ @fullsizemalt
|
|
/src/components/ @fullsizemalt
|
|
|
|
# Accessibility-specific web components require accessibility review
|
|
/web/**/accessibility/ @fullsizemalt
|
|
/web/**/a11y/ @fullsizemalt
|
|
/src/components/**/*Accessible* @fullsizemalt
|
|
|
|
# ==============================================================================
|
|
# BACKEND & APIs
|
|
# ==============================================================================
|
|
# API changes require backend and security review
|
|
/api/ @fullsizemalt
|
|
/backend/ @fullsizemalt
|
|
/server/ @fullsizemalt
|
|
|
|
# Authentication/authorization changes require security review
|
|
/api/auth/ @fullsizemalt
|
|
/backend/auth/ @fullsizemalt
|
|
/server/middleware/auth* @fullsizemalt
|
|
|
|
# Data access and models require data and compliance review
|
|
/api/models/ @fullsizemalt
|
|
/backend/models/ @fullsizemalt
|
|
/server/db/ @fullsizemalt
|
|
/database/ @fullsizemalt
|
|
/migrations/ @fullsizemalt
|
|
|
|
# ==============================================================================
|
|
# COMPLIANCE-SENSITIVE AREAS
|
|
# ==============================================================================
|
|
# PHI/PII handling code requires compliance AND security review
|
|
/**/*phi* @fullsizemalt
|
|
/**/*pii* @fullsizemalt
|
|
/**/*health* @fullsizemalt
|
|
/**/*medical* @fullsizemalt
|
|
/**/*hipaa* @fullsizemalt
|
|
/**/*gdpr* @fullsizemalt
|
|
|
|
# Logging and telemetry (must not leak PHI/PII)
|
|
/**/logging/ @fullsizemalt
|
|
/**/telemetry/ @fullsizemalt
|
|
/**/analytics/ @fullsizemalt
|
|
|
|
# Data export/import (DSR workflows)
|
|
/**/export/ @fullsizemalt
|
|
/**/import/ @fullsizemalt
|
|
/**/migration/ @fullsizemalt
|
|
|
|
# ==============================================================================
|
|
# DESIGN SYSTEM & ACCESSIBILITY COMPONENTS
|
|
# ==============================================================================
|
|
# Design system changes require design and accessibility review
|
|
/design-system/ @fullsizemalt
|
|
/packages/ui/ @fullsizemalt
|
|
/shared/components/ @fullsizemalt
|
|
|
|
# ==============================================================================
|
|
# DOCUMENTATION
|
|
# ==============================================================================
|
|
# User-facing documentation requires accessibility review (plain language)
|
|
/docs/ @fullsizemalt
|
|
/README.md @fullsizemalt
|
|
/CONTRIBUTING.md @fullsizemalt
|
|
|
|
# API documentation requires backend review
|
|
/docs/api/ @fullsizemalt
|
|
|
|
# ==============================================================================
|
|
# INFRASTRUCTURE & SECURITY
|
|
# ==============================================================================
|
|
# Infrastructure as code requires infra and security review
|
|
/terraform/ @fullsizemalt
|
|
/infrastructure/ @fullsizemalt
|
|
/.infra/ @fullsizemalt
|
|
/k8s/ @fullsizemalt
|
|
/kubernetes/ @fullsizemalt
|
|
|
|
# Docker configurations require infra review
|
|
/Dockerfile* @fullsizemalt
|
|
/docker-compose*.yml @fullsizemalt
|
|
/.dockerignore @fullsizemalt
|
|
|
|
# Security configurations require security review
|
|
/security/ @fullsizemalt
|
|
/.security/ @fullsizemalt
|
|
/SECURITY.md @fullsizemalt
|
|
|
|
# Dependency changes (potential security impact)
|
|
/package.json @fullsizemalt
|
|
/package-lock.json @fullsizemalt
|
|
/yarn.lock @fullsizemalt
|
|
/Gemfile @fullsizemalt
|
|
/Gemfile.lock @fullsizemalt
|
|
/Pipfile @fullsizemalt
|
|
/requirements.txt @fullsizemalt
|
|
/build.gradle @fullsizemalt
|
|
/Podfile @fullsizemalt
|
|
|
|
# ==============================================================================
|
|
# TESTING
|
|
# ==============================================================================
|
|
# Accessibility test changes require accessibility review
|
|
/**/*.a11y.test.* @fullsizemalt
|
|
/**/*.accessibility.test.* @fullsizemalt
|
|
/tests/accessibility/ @fullsizemalt
|
|
/e2e/accessibility/ @fullsizemalt
|
|
|
|
# ==============================================================================
|
|
# NOTES FOR FUTURE EXPANSION
|
|
# ==============================================================================
|
|
# As the team grows, replace @fullsizemalt with actual team handles:
|
|
# - @morethanadiagnosis/accessibility-team
|
|
# - @morethanadiagnosis/compliance-team
|
|
# - @morethanadiagnosis/security-team
|
|
# - @morethanadiagnosis/mobile-team
|
|
# - @morethanadiagnosis/web-team
|
|
# - @morethanadiagnosis/backend-team
|
|
# - @morethanadiagnosis/data-team
|
|
# - @morethanadiagnosis/infra-team
|