TBD + SemVer Governance
Overview
Apply a strict trunk-based workflow with one long-lived default branch and gated releases. Treat every repository change as a short-lived branch plus pull request that passes all checks.
Non-Negotiable Rules
Enforce these rules in every recommendation and implementation:
- •Keep exactly one long-lived branch: the repository default branch.
- •Start each task branch from the latest commit on the default branch.
- •Open a pull request from the task branch into the default branch.
- •Run all required tests on the pull request.
- •Block merge if any required check fails.
- •Write all commit messages in Conventional Commits format.
- •After PR merge, run versioning pipeline to compute SemVer from Conventional Commits and create a tag on the merge commit.
- •Delete the task branch after successful merge.
- •On tag creation, run a release pipeline to build artifacts (for example container image and Kubernetes manifests).
- •Publish build outputs to target systems (for example image registry and Kubernetes cluster).
- •Install local commit-message checks to reject non-Conventional-Commit messages before they enter history.
Standard Agent Workflow
Use this sequence when executing work in a governed repository:
- •Detect whether
originpoints to GitHub. - •If repository is on GitHub, run
scripts/enforce_github_branch_protection.shbefore starting implementation. - •Detect default branch and fetch latest state.
- •Create a short-lived branch from
origin/<default-branch>head. - •Implement changes and tests in that branch only.
- •Validate locally (unit/integration/lint as repository defines).
- •Ensure every new commit message follows Conventional Commits.
- •Push branch and open PR to default branch.
- •Confirm CI checks are green before merge recommendation.
- •Merge with repository-approved strategy.
- •Delete merged branch.
- •Verify version-tag pipeline and release pipeline trigger and complete.
If default branch is unknown, determine it first and avoid assumptions.
Conventional Commits and SemVer Mapping
Use this release mapping:
- •
feat:increments MINOR. - •
fix:increments PATCH. - •
!marker orBREAKING CHANGE:footer increments MAJOR. - •Commits that do not affect public behavior (for example
chore,docs,test) do not increment by themselves unless repository policy says otherwise.
If multiple commit types exist since the last tag, apply highest precedence: MAJOR > MINOR > PATCH.
Local Enforcement Resources
Use bundled scripts for commit-message enforcement:
- •Run
scripts/install_git_hooks.shfrom repository root to installcommit-msghook. - •The hook runs
scripts/validate_conventional_commit.shand blocks invalid messages. - •For GitHub repositories, run
scripts/enforce_github_branch_protection.shto apply required branch protection automatically.
For CI guidance and branch protection defaults, read references/ci_cd_policy.md.