Commit Push Policy
Commit & Push Policy (this repo)
Section titled “Commit & Push Policy (this repo)”Pre-authorized workflow for this project. Overrides the global “commit/push only when asked” default.
Default — just do it
Section titled “Default — just do it”When work is complete and verified (typecheck/lint/build green, diff reviewed),
commit AND push to main directly, without asking. main is trunk: a push
auto-deploys the development env (reversible, low blast radius). Don’t pause for
push approval on normal work.
- Group changes into coherent commits, conventional messages, co-author footer.
- Pre-commit hooks (biome + secretlint) must pass; never bypass with
LEFTHOOK=0. - If something is genuinely risky or ambiguous, still flag it — “pre-authorized” means the push step, not skipping judgment on what goes in.
Exception — production deploy needs approval
Section titled “Exception — production deploy needs approval”Production ships ONLY by cutting a release tag vX.Y.Z (see deployment.md).
Creating or pushing a v* tag REQUIRES explicit user approval first. Never tag
a release on your own. State what will deploy, then wait for the go-ahead.