Update nexus: fix conflicts and sync local changes
This commit is contained in:
Shen Wei
@@ -1,60 +1,60 @@
|
||||
---
|
||||
title: "Pull Request Governance"
|
||||
type: concept
|
||||
tags: ["git", "code-review", "workflow", "delivery-traceability"]
|
||||
last_updated: 2026-04-25
|
||||
---
|
||||
|
||||
## Definition
|
||||
|
||||
Pull Request Governance(PR 治理)是通过标准化 PR 模板、安全审查要求、风险记录和强制审查流程,保护分支合并质量的工作流规范。
|
||||
|
||||
## Mandatory PR Scenarios
|
||||
|
||||
以下场景的合并**必须**经过 PR review:
|
||||
- 合并到 `main`
|
||||
- 合并到 `release/*`
|
||||
- 大型重构
|
||||
- 关键基础设施变更
|
||||
- 认证、授权、基础设施、敏感数据处理相关变更
|
||||
|
||||
## PR Template Structure
|
||||
|
||||
标准 PR 模板包含:
|
||||
|
||||
```markdown
|
||||
## What does this PR do?
|
||||
Implements **JIRA-214** by adding the SSO login flow...
|
||||
|
||||
## Jira Link
|
||||
- Ticket: JIRA-214
|
||||
- Branch: feature/JIRA-214-add-sso-login
|
||||
|
||||
## Change Summary
|
||||
- Add SSO callback controller and provider wiring
|
||||
- Add regression coverage for expired refresh tokens
|
||||
- Document the new login setup path
|
||||
|
||||
## Risk and Security Review
|
||||
- Auth flow touched: yes
|
||||
- Secret handling changed: no
|
||||
- Rollback plan: revert the branch and disable the provider flag
|
||||
|
||||
## Testing
|
||||
- Unit tests: passed
|
||||
- Integration tests: passed in staging
|
||||
- Manual verification: login and logout flow verified in staging
|
||||
```
|
||||
|
||||
## Security Discipline
|
||||
|
||||
- **No secrets in PR**:凭证、token、客户数据严禁出现在 PR 标题、描述或 diff 中
|
||||
- **Explicit validation scope**:明确说明哪些环节经过测试、哪些未经测试
|
||||
- **Security review mandatory**:认证、授权、基础设施、敏感数据处理变更必须经过安全审查
|
||||
|
||||
## Rollback Readiness
|
||||
|
||||
每个 PR 必须包含回滚计划,确保回滚操作低风险、低影响。
|
||||
|
||||
## Sources
|
||||
- [[project-management-jira-workflow-steward]]
|
||||
---
|
||||
title: "Pull Request Governance"
|
||||
type: concept
|
||||
tags: ["git", "code-review", "workflow", "delivery-traceability"]
|
||||
last_updated: 2026-04-25
|
||||
---
|
||||
|
||||
## Definition
|
||||
|
||||
Pull Request Governance(PR 治理)是通过标准化 PR 模板、安全审查要求、风险记录和强制审查流程,保护分支合并质量的工作流规范。
|
||||
|
||||
## Mandatory PR Scenarios
|
||||
|
||||
以下场景的合并**必须**经过 PR review:
|
||||
- 合并到 `main`
|
||||
- 合并到 `release/*`
|
||||
- 大型重构
|
||||
- 关键基础设施变更
|
||||
- 认证、授权、基础设施、敏感数据处理相关变更
|
||||
|
||||
## PR Template Structure
|
||||
|
||||
标准 PR 模板包含:
|
||||
|
||||
```markdown
|
||||
## What does this PR do?
|
||||
Implements **JIRA-214** by adding the SSO login flow...
|
||||
|
||||
## Jira Link
|
||||
- Ticket: JIRA-214
|
||||
- Branch: feature/JIRA-214-add-sso-login
|
||||
|
||||
## Change Summary
|
||||
- Add SSO callback controller and provider wiring
|
||||
- Add regression coverage for expired refresh tokens
|
||||
- Document the new login setup path
|
||||
|
||||
## Risk and Security Review
|
||||
- Auth flow touched: yes
|
||||
- Secret handling changed: no
|
||||
- Rollback plan: revert the branch and disable the provider flag
|
||||
|
||||
## Testing
|
||||
- Unit tests: passed
|
||||
- Integration tests: passed in staging
|
||||
- Manual verification: login and logout flow verified in staging
|
||||
```
|
||||
|
||||
## Security Discipline
|
||||
|
||||
- **No secrets in PR**:凭证、token、客户数据严禁出现在 PR 标题、描述或 diff 中
|
||||
- **Explicit validation scope**:明确说明哪些环节经过测试、哪些未经测试
|
||||
- **Security review mandatory**:认证、授权、基础设施、敏感数据处理变更必须经过安全审查
|
||||
|
||||
## Rollback Readiness
|
||||
|
||||
每个 PR 必须包含回滚计划,确保回滚操作低风险、低影响。
|
||||
|
||||
## Sources
|
||||
- [[project-management-jira-workflow-steward]]
|
||||
|
||||
Reference in New Issue
Block a user