# Drift code ownership — used for automatic PR review requests.
# See: https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners

# Default owner for everything
* @mick-gsk

# Signal detectors
src/drift/signals/ @mick-gsk

# Scoring and aggregation
src/drift/scoring/ @mick-gsk

# Ingestion (AST, git, file discovery)
src/drift/ingestion/ @mick-gsk

# Tests and fixtures
tests/ @mick-gsk

# Documentation site
docs-site/ @mick-gsk

# Security-sensitive paths (require extra review attention)
SECURITY.md @mick-gsk
.github/workflows/security-hygiene.yml @mick-gsk
.github/workflows/codeql.yml @mick-gsk
.github/workflows/publish.yml @mick-gsk
.pre-commit-config.yaml @mick-gsk
.secrets.baseline @mick-gsk
src/drift/ingestion/ast_parser.py @mick-gsk
src/drift/ingestion/git_history.py @mick-gsk


# Agent-critical files (Paket 2B / ADR-094) — changes here can affect how an
# autonomous drift agent classifies findings or what it is allowed to do.
# Requiring maintainer review makes the human-approval gate bypass-resistant:
# the agent cannot grant itself a review, so these paths always wait for a human.
drift.agent.prompt.md @mick-gsk
drift.output.schema.json @mick-gsk
drift.schema.json @mick-gsk
src/drift/signal_registry.py @mick-gsk
src/drift/intent/handoff.py @mick-gsk
.github/workflows/drift-agent-gate.yml @mick-gsk
scripts/verify_gate_not_bypassed.py @mick-gsk
docs/decisions/ @mick-gsk
