Skip to content

feat(codeowners): define repository code owners#6

Merged
mrmaloof merged 1 commit into
mainfrom
feature/codeowners
Jun 26, 2026
Merged

feat(codeowners): define repository code owners#6
mrmaloof merged 1 commit into
mainfrom
feature/codeowners

Conversation

@mrmaloof

@mrmaloof mrmaloof commented Jun 24, 2026

Copy link
Copy Markdown
Contributor

Description

Define CODEOWNERS for DataKind's .github repo

Asana Task

UDTSTECH-1563 - Implement required codeowners for .github

Deployment Readiness*

Testing

Describe or check:

  • Created or updated unit, feature, and/or integration tests
  • Typical manual testing in the local env browser, dev pipeline, etc.

Deployment Notes

Describe or check:

  • No special deployment steps required

Rollback Plan

Describe or check:

  • Standard revert is sufficient (git revert)

Reviewer Guidance / Questions*

Screenshots / Testing Evidence*

SOC 2 Change Management Checklist

  • None of the below are true in this code
  • New roles/permissions are introduced without review and approval by the product manager
  • Hardcoded credentials, secrets, or API keys are present in this code
  • Secrets are being managed outside of the approved secrets management process (e.g., GitHub Secrets, environment variables)
  • PII or sensitive data handling is introduced or changed without being reviewed against our data classification policy
  • Sensitive data is written to logs
  • Input validation and sanitization is missing
  • An unnecessary attack surface has been introduced (e.g., unused endpoints, open ports, debug modes left enabled)
  • Common vulnerabilities have been introduced in the code (inc. any dependencies added or updated)
  • No review for common vulnerabilities has been conducted
  • Not tested in a non-production environment
  • Breaking changes to existing APIs or integrations with downstream consumers being notified
  • Performance impact has not been considered or acceptable
  • Appropriate audit logging is missing for any security-relevant actions introduced by this change
  • Log entries contain sensitive or PII data
  • All existing tests do not pass locally (./vendor/bin/pest)

Provide justification if you are submitting a PR with any boxes checked other than the first.

Reminder for Reviewers: By approving this PR you are confirming that you have reviewed the code for correctness, security, and compliance with our engineering and SOC 2 standards. Do not approve PRs where SOC 2 checklist items are checked without documented justification.

*Optional

@mrmaloof mrmaloof requested a review from rachelauryn June 24, 2026 21:54
@mrmaloof mrmaloof merged commit 857358b into main Jun 26, 2026
@mrmaloof mrmaloof deleted the feature/codeowners branch June 26, 2026 19:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rachelauryn rachelauryn rachelauryn approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mrmaloof @rachelauryn