[BRE-1360] Update Branching doc for new branch protection rules

[brandonbiete]

🎟️ Tracking

https://bitwarden.atlassian.net/browse/BRE-1360

📔 Objective

GitHub Rulesets have been enabled such that documentation surrounding release candidate and emergency releases need to be updated with these rules in mind.

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation
  team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed
  issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[github-actions]

Checkmarx One – Scan Summary & Details – 56ce3126-b7f3-483b-b4eb-61a8dc8072c9

New Issues (1)

Checkmarx found the following issues in this Pull Request

#	Severity	Issue	Source File / Package	Checkmarx Insight
1		CVE-2026-21884	Npm-react-router-5.3.4	details Recommended version: 7.12.0 Description: A XSS vulnerability exists in in React Router's "" API in Framework Mode when using the "getKey/storageKey" props during Server-... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package

[withinfocus]

Grammar and style.

[cloudflare-workers-and-pages]

Deploying contributing-docs with    Cloudflare Pages

Latest commit:	88286a1
Status:	✅  Deploy successful!
Preview URL:	https://89cff693.contributing-docs.pages.dev
Branch Preview URL:	https://bre-1360-update-branching-do.contributing-docs.pages.dev

View logs

[claude]

Claude finished @brandonbiete's task in 2m 28s —— View job

---

Code Review Summary

Status: APPROVED ✓

This PR successfully updates the branching documentation to reflect new GitHub Ruleset requirements for release candidate and hotfix branches.

Changes Reviewed

Added: Branch protection requirements section (lines 160-167)

• Clearly documents that rc, hotfix-rc, and hotfix-rc-* branches become protected after initial push
• Accurately lists the three requirements: PR workflow, approval, and code owner review
• Well-positioned between the rc branch workflow and hotfix sections

Updated: Hotfix workflow clarification (lines 182-184)

• Clarifies that initial hotfix branch can be pushed directly with first cherry-pick
• Documents that subsequent cherry-picks require PRs due to branch protection
• Maintains logical flow with existing content

Review Assessment

Documentation Quality:

• ✓ Follows style guide (heading capitalization, concise bullets, action-oriented language)
• ✓ Grammar and style polished (all withinfocus suggestions incorporated)
• ✓ Clear, accurate technical content
• ✓ Appropriate for Bitwarden-internal audience (respects access: bitwarden frontmatter)

Completeness:

• ✓ No test changes required (documentation only)
• ✓ Content aligns with stated objective (BRE-1360)
• ✓ No security, correctness, or maintainability concerns

Previous Review Feedback

All grammar and style suggestions from @withinfocus have been successfully incorporated through 5 co-authored commits:

• Fixed heading capitalization
• Removed unnecessary comma
• Improved bullet point parallelism and conciseness
• Standardized number formatting ("one" vs "1")
• Simplified phrasing ("Code owner review" vs "Code owner review required")

Recommendation

APPROVED - This PR is ready to merge. The documentation accurately reflects the new branch protection rules and follows all Bitwarden documentation standards.

---

Review conducted by Claude Code following Bitwarden code review standards