This document defines the deterministic governance rules enforced by Tinkerflow-AI on every pull request.
- Trigger – On PR open, synchronize, or labeled with
governance/check. - Policy Check – Evaluate PR against policies defined in
config/policies.config.json. - Proof Generation – Generate cryptographic proof of compliance for each policy.
- Proof Verification – Verify generated proofs; any failure blocks merge.
- Feedback – Post results as a check run and optional PR comment.
- Merge Block – If any proof fails, the check run fails and merge is blocked.
- Auto-Approval – If all proofs pass and governance is strict, auto-approve.
- Override – Repository admins can override with
governance/overridelabel.
Traceability: All governance actions are logged and can be replayed.