12.4 Code Ownership

Code Ownership

Relevant source files

The following files were used as context for generating this wiki page:

• .github/CODEOWNERS
• .github/workflows/workflow-sanity.yml

Purpose and Scope

This document defines the code ownership structure for the ZeroClaw repository, specifying which team members are responsible for reviewing and approving changes to different subsystems. Code ownership is enforced through GitHub's CODEOWNERS mechanism, which automatically assigns reviewers to pull requests based on modified file paths.

For information about the PR review process and criteria, see Contributing. For details about CI/CD workflows that enforce quality gates, see CI/CD Workflows.

---

Ownership Model Overview

ZeroClaw uses a path-based ownership model with three core maintainers, each responsible for specific subsystems based on their domain expertise. The ownership structure prioritizes security-critical components, infrastructure configuration, and documentation quality.

Ownership Hierarchy

graph TB
    root["Repository Root<br/>@theonlyhennygod"]
    
    subgraph "High-Risk Surfaces"
        security["src/security/**<br/>@willsarg"]
        runtime["src/runtime/**<br/>@theonlyhennygod"]
        memory["src/memory/**<br/>@theonlyhennygod<br/>@chumyin"]
        github["/.github/**<br/>@theonlyhennygod"]
        cargo["Cargo.toml<br/>Cargo.lock<br/>@theonlyhennygod"]
    end
    
    subgraph "CI Infrastructure"
        workflows["/.github/workflows/**<br/>@theonlyhennygod<br/>@willsarg"]
        codeql["/.github/codeql/**<br/>@willsarg"]
        dependabot["/.github/dependabot.yml<br/>@willsarg"]
    end
    
    subgraph "Documentation"
        docs["docs/**<br/>@chumyin"]
        agents_md["AGENTS.md<br/>@chumyin"]
        claude_md["CLAUDE.md<br/>@chumyin"]
        contrib_md["CONTRIBUTING.md<br/>@chumyin"]
        pr_workflow["docs/pr-workflow.md<br/>@chumyin"]
        reviewer["docs/reviewer-playbook.md<br/>@chumyin"]
    end
    
    subgraph "Security Overrides"
        security_md["SECURITY.md<br/>@willsarg"]
        actions_policy["docs/actions-source-policy.md<br/>@willsarg"]
        ci_map["docs/ci-map.md<br/>@willsarg"]
    end
    
    root --> security
    root --> runtime
    root --> memory
    root --> github
    root --> cargo
    
    root --> workflows
    root --> codeql
    root --> dependabot
    
    root --> docs
    root --> agents_md
    root --> claude_md
    root --> contrib_md
    root --> pr_workflow
    root --> reviewer
    
    docs --> security_md
    docs --> actions_policy
    docs --> ci_map

Loading

Sources: .github/CODEOWNERS:1-29

---

Core Maintainers

GitHub Handle	Primary Responsibility	Secondary Areas
@theonlyhennygod	Default owner, runtime, memory, GitHub infrastructure, dependency management	CI/CD workflows
@willsarg	Security subsystem, CI/CD workflows, security documentation	CodeQL configuration, Dependabot
@chumyin	Documentation, governance, contributor guides	Memory backend documentation

---

Path-Based Ownership Rules

Security-Critical Components

The security subsystem requires approval from @willsarg for all changes. This includes authentication, authorization, encryption, and security policy enforcement.

Owned Paths:

• /src/security/** - All security implementation files
• /SECURITY.md - Security policy and vulnerability disclosure
• /docs/actions-source-policy.md - GitHub Actions security policy
• /docs/ci-map.md - CI/CD security documentation

Sources: .github/CODEOWNERS:5,26-28

---

Runtime and Core Infrastructure

Runtime adapters (native, Docker) and memory backends require approval from @theonlyhennygod, with additional review from @chumyin for memory subsystem changes.

Owned Paths:

• /src/runtime/** - RuntimeAdapter trait implementations
• /src/memory/** - Memory trait implementations (dual ownership)
• /.github/** - All GitHub configuration except specialized areas
• /Cargo.toml - Rust dependencies and project metadata
• /Cargo.lock - Dependency version lock file

Path Ownership Diagram

graph LR
    subgraph "src/"
        security_dir["security/"]
        runtime_dir["runtime/"]
        memory_dir["memory/"]
        other_src["*.rs files"]
    end
    
    subgraph ".github/"
        workflows_dir["workflows/"]
        codeql_dir["codeql/"]
        dependabot_file["dependabot.yml"]
        codeowners_file["CODEOWNERS"]
    end
    
    subgraph "Root Files"
        cargo_toml["Cargo.toml"]
        cargo_lock["Cargo.lock"]
        security_md["SECURITY.md"]
    end
    
    security_dir --> willsarg["@willsarg"]
    runtime_dir --> theonlyhennygod["@theonlyhennygod"]
    memory_dir --> theonlyhennygod
    memory_dir --> chumyin["@chumyin"]
    other_src --> theonlyhennygod
    
    workflows_dir --> theonlyhennygod
    workflows_dir --> willsarg
    codeql_dir --> willsarg
    dependabot_file --> willsarg
    codeowners_file --> theonlyhennygod
    
    cargo_toml --> theonlyhennygod
    cargo_lock --> theonlyhennygod
    security_md --> willsarg

Loading

Sources: .github/CODEOWNERS:6-10

---

CI/CD Infrastructure

CI/CD workflows require dual approval from both @theonlyhennygod and @willsarg to ensure both operational correctness and security policy compliance.

Owned Paths:

• /.github/workflows/** - All GitHub Actions workflow definitions
• /.github/codeql/** - CodeQL static analysis configuration
• /.github/dependabot.yml - Automated dependency updates

Workflow Sanity Enforcement:

The workflow-sanity.yml workflow enforces quality standards on workflow files:

Check	Implementation	Purpose
No Tabs	.github/workflows/workflow-sanity.yml:30-54	Prevents tab characters in YAML files (tabs cause parsing errors)
Actionlint	.github/workflows/workflow-sanity.yml:56-64	Validates workflow syntax and catches common mistakes
Path Triggers	.github/workflows/workflow-sanity.yml:5-13	Runs on .github/workflows/**, .github/*.yml, .github/*.yaml changes

Sources: .github/CODEOWNERS:12-15, .github/workflows/workflow-sanity.yml:1-65

---

Documentation and Governance

Documentation changes require approval from @chumyin, except for security-specific documentation which requires @willsarg approval (last-match-wins rule).

Owned Paths:

• /docs/** - General documentation (default owner: @chumyin)
• /AGENTS.md - Agent design patterns
• /CLAUDE.md - Claude-specific configuration
• /CONTRIBUTING.md - Contribution guidelines
• /docs/pr-workflow.md - PR process documentation
• /docs/reviewer-playbook.md - Review criteria and standards

Override Paths (require @willsarg approval):

• /SECURITY.md - Security policy
• /docs/actions-source-policy.md - GitHub Actions security policy
• /docs/ci-map.md - CI/CD architecture

Sources: .github/CODEOWNERS:17-28

---

Approval Workflow

Last-Match-Wins Semantics

GitHub's CODEOWNERS uses last-match-wins semantics, allowing specific paths to override broader patterns. This enables security overrides for documentation files.

Override Example:

graph TD
    pr["Pull Request Modifies<br/>docs/actions-source-policy.md"]
    
    match1["Pattern 1: /docs/**<br/>Owner: @chumyin"]
    match2["Pattern 2: /docs/actions-source-policy.md<br/>Owner: @willsarg"]
    
    result["Required Reviewer:<br/>@willsarg"]
    
    pr --> match1
    match1 --> match2
    match2 --> result
    
    style result fill:#f9f9f9,stroke:#333,stroke-width:2px

Loading

Precedence Order:

1. * @theonlyhennygod - Default fallback (line 2)
2. Path-specific rules (lines 5-23)
3. Security overrides (lines 26-28) - Takes precedence

Sources: .github/CODEOWNERS:25-28

---

Multi-Owner Paths

Some paths require approval from multiple owners. Changes to these paths must be reviewed by all specified owners before merging.

Dual Ownership Paths:

Path Pattern	Required Reviewers	Rationale
/src/memory/**	@theonlyhennygod, @chumyin	Memory backend implementation and documentation expertise
/.github/workflows/**	@theonlyhennygod, @willsarg	Operational correctness and security policy compliance

Approval Flow for CI/CD Changes:

sequenceDiagram
    participant dev as "Developer"
    participant pr as "Pull Request"
    participant henny as "@theonlyhennygod"
    participant will as "@willsarg"
    participant ci as "CI Required Gate"
    
    dev->>pr: "Modify .github/workflows/ci.yml"
    pr->>henny: "Auto-assign for operational review"
    pr->>will: "Auto-assign for security review"
    
    henny->>pr: "Approve (operational correctness)"
    will->>pr: "Approve (security policy compliance)"
    
    pr->>ci: "All required reviewers approved"
    ci->>pr: "Merge allowed"

Loading

Sources: .github/CODEOWNERS:7,13

---

Integration with PR Workflow

Code ownership integrates with the PR workflow defined in Contributing:

Definition of Ready (DoR):

• CODEOWNERS automatically assigns required reviewers based on modified paths
• Developer must ensure all CI checks pass before requesting review

Definition of Done (DoD):

• All required owners have approved the PR
• CI Required Gate (CI/CD Workflows) passes
• No merge conflicts with target branch

Review Assignment Logic:

flowchart TD
    pr_open["Pull Request Opened"]
    
    analyze["GitHub Analyzes<br/>Changed Files"]
    
    match_patterns["Match File Paths Against<br/>CODEOWNERS Patterns"]
    
    assign["Auto-Assign Reviewers<br/>Based on Ownership Rules"]
    
    check_multi{Multiple Owners<br/>for Any Path?}
    
    assign_all["Assign All Required<br/>Owners for Each Path"]
    
    assign_one["Assign Single Owner<br/>Per Path"]
    
    wait["Wait for Approvals"]
    
    check_all_approved{All Required<br/>Owners Approved?}
    
    merge_blocked["Merge Blocked"]
    merge_allowed["CI Required Gate<br/>Allows Merge"]
    
    pr_open --> analyze
    analyze --> match_patterns
    match_patterns --> assign
    assign --> check_multi
    
    check_multi -->|Yes| assign_all
    check_multi -->|No| assign_one
    
    assign_all --> wait
    assign_one --> wait
    
    wait --> check_all_approved
    check_all_approved -->|No| merge_blocked
    check_all_approved -->|Yes| merge_allowed
    
    merge_blocked --> wait

Loading

Sources: .github/CODEOWNERS:1-29

---

Ownership Responsibilities

Code Review Duties

Each owner is responsible for:

1. Reviewing assigned PRs within 48 hours (best effort)
2. Ensuring changes meet subsystem quality standards (see Testing)
3. Validating security implications for their domain
4. Maintaining documentation for owned subsystems
5. Coordinating with other owners for cross-cutting changes

Escalation Path

If changes span multiple subsystems and owners disagree on approach:

1. Discussion in PR comments - Primary resolution mechanism
2. Synchronous meeting - For complex technical decisions
3. Default owner tie-break - @theonlyhennygod has final decision authority as repository owner

---

Special Cases

Emergency Security Patches

Security vulnerabilities require expedited review:

1. @willsarg must review all security-related changes
2. Bypass normal review timeline - same-day review expected
3. Coordinate with affected subsystem owners after critical fixes merge
4. Publish security advisory (see /SECURITY.md process)

Dependency Updates

Dependabot PRs automatically assign @willsarg via /.github/dependabot.yml. These require:

1. Security advisory review - Check for CVEs and breaking changes
2. CI validation - All tests must pass
3. Lock file verification - Ensure Cargo.lock changes are correct

Sources: .github/CODEOWNERS:10,15

---

File Reference

The complete CODEOWNERS configuration is maintained at .github/CODEOWNERS with the following structure:

Line 2:    Default owner (*)
Lines 5-10:  High-risk surfaces (/src/security, /src/runtime, /src/memory, /.github, Cargo.*)
Lines 13-15: CI infrastructure (/.github/workflows, /.github/codeql, /.github/dependabot.yml)
Lines 18-23: Documentation (/docs, *.md files)
Lines 26-28: Security overrides (last-match-wins for /SECURITY.md, actions-source-policy.md, ci-map.md)

Sources: .github/CODEOWNERS:1-29

---