43 lines
1.2 KiB
Markdown
43 lines
1.2 KiB
Markdown
|
# Coding Rules (Local Source of Truth)
|
||
|
|
|
||
|
|
This repo uses a local ruleset instead of Qodo. The human-readable policy lives
|
||
|
|
here, and the machine-readable policy lives in `.agent/rules.yaml`.
|
||
|
|
|
||
|
|
## Goals
|
||
|
|
|
||
|
|
- Keep rules visible in git history.
|
||
|
|
- Avoid external dependencies for enforcement.
|
||
|
|
- Support future automation without blocking humans today.
|
||
|
|
|
||
|
|
## Rule Levels
|
||
|
|
|
||
|
|
- **error**: must comply
|
||
|
|
- **warning**: should comply
|
||
|
|
- **recommendation**: consider when relevant
|
||
|
|
|
||
|
|
## Scope
|
||
|
|
|
||
|
|
Rules apply to code and docs in this repo unless a rule explicitly limits scope.
|
||
|
|
|
||
|
|
## Core Rules
|
||
|
|
|
||
|
|
1. **No hardcoded secrets** (error)
|
||
|
|
- Never commit API keys, tokens, or passwords.
|
||
|
|
- Use environment variables and documented config files.
|
||
|
|
|
||
|
|
2. **Deterministic tooling** (warning)
|
||
|
|
- Prefer explicit versions and repeatable steps.
|
||
|
|
- Avoid hidden side effects in scripts.
|
||
|
|
|
||
|
|
3. **Readable operations** (warning)
|
||
|
|
- Operational docs must be actionable and concise.
|
||
|
|
- Avoid ambiguous instructions.
|
||
|
|
|
||
|
|
4. **Minimal coupling** (recommendation)
|
||
|
|
- Prefer small, composable modules over hidden global state.
|
||
|
|
|
||
|
|
## Enforcement
|
||
|
|
|
||
|
|
Automation should read `.agent/rules.yaml`. This document is the rationale and
|
||
|
|
human-facing source of truth.
|