Purpose
To define a standardized branching and merge strategy for all repositories, ensuring clean history, safe releases, and predictable collaboration.
Scope
- Applies to all repositories (backend, frontend, mobile, shared libraries).
- Used by all developers and leads.
- Covers branch naming, merge rules, and protection policies.
Principles
- Clarity – Branch names must clearly indicate purpose and linked ticket.
- Stability –
main(ormaster) always represents a deployable production state. - Traceability – All commits must trace back to a ticket or documented change.
- Collaboration – PR reviews are mandatory before merge.
- Consistency – All projects must follow this strategy unless an exception is approved.
Branching Rules
Primary Branches
| Branch | Purpose | Rules |
main | Production-ready code | Protected, only merged via PR with approvals |
develop | Integration branch for features | Staging builds; PR merges only |
release/* | Pre-production stabilization | Bug fixes, final QA, version bump |
Supporting Branches
| Type | Naming Convention | Purpose | Example |
| Feature | feature/<ticket-key>-<slug> | New features | feature/WEB-142-export-csv |
| Bugfix | bugfix/<ticket-key>-<slug> | Non-hotfix bug | bugfix/API-88-login-500 |
| Hotfix | hotfix/<ticket-key>-<slug> | Urgent prod fix | hotfix/BUG-301-null-ref |
| Spike | spike/<ticket-key>-<slug> | Research/POC | spike/ARCH-12-ratelimit |
| Chore | chore/<ticket-key>-<slug> | Non-functional task | chore/DEV-19-upgrade-node |
Merge Rules
Pull Requests
- PRs required for all merges.
- Must include:
- Ticket link (Jira/ClickUp).
- Clear description (what/why).
- Testing notes (unit, integration, manual).
- PR Template (auto-populated per repo).
Approvals
| Change Type | Required Approvals |
| Small (≤200 LOC) | 1 peer reviewer |
| Medium (200–600 LOC) | 1 peer + Tech Lead |
| Large (>600 LOC) | 2 peers + Tech Lead |
| Critical (security, infra) | Tech Lead + Security/DevOps |
Merge Strategy
- Default: Squash and merge (clean history).
- Alternative (monorepos): Merge commit if needed for dependency tracking.
- Hotfixes: Cherry-picked into
main→ back-merged intodevelop.
Protected Branch Rules
- No direct commits to
mainordevelop. - CI checks (lint, tests, build) must pass before merge.
- Feature branches auto-deleted post-merge.
Governance
- Enforcement: Branch protection rules enforced at repo level.
- Audit: Quarterly audit of merge history for compliance.
- Exceptions: Must be approved by Tech Lead + CTO.
- Training: All new devs trained during onboarding (EPIC 1 – Doc 1).