-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathCODEOWNERS
More file actions
30 lines (25 loc) · 1.21 KB
/
CODEOWNERS
File metadata and controls
30 lines (25 loc) · 1.21 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
# CODEOWNERS — Required reviewers for security-sensitive paths.
#
# This file enforces human review on paths where a malicious or accidental
# change could compromise repository security, exfiltrate secrets, or bypass
# the agentic review controls that this repo exists to demonstrate.
#
# The most critical paths are the pull_request_target workflows
# (pr-loop.yml, pr-resolve.yml) which run with a write-capable GITHUB_TOKEN
# and access to repository secrets. Any change to them — or to the scripts
# they execute (scripts/review/) — must be reviewed by a repo admin.
#
# Do not remove or loosen these rules without a documented security review.
# This file is itself protected below — removing it also requires approval.
# Workflows and CI — run with GITHUB_TOKEN and repository secrets
.github/ @AlexKantor87
# All pipeline scripts — review, coding agent, build scripts
scripts/ @AlexKantor87
# Kosli controls — flow templates, Rego policies, attestation types
kosli/ @AlexKantor87
# Application code
src/ @AlexKantor87
# Project configuration
CLAUDE.md @AlexKantor87
pyproject.toml @AlexKantor87
Dockerfile @AlexKantor87