Make a Change
Standard Flow
Section titled “Standard Flow”- Start from
main. - Keep the change focused on one component or workflow.
- Read the relevant service/package instructions before editing.
- Update docs when behavior, APIs, commands, config, examples, or operations change.
- Run targeted tests first, then broader checks when shared boundaries changed.
- Open a pull request with the problem, solution, validation, and risk notes.
Choose the Area
Section titled “Choose the Area”| Area | Common sources |
|---|---|
| Runtime CLI | apps/runtime, packages/engine, runtime tests. |
| Web console | apps/web, Admin SDK, web console tests. |
| API | apps/api, migrations, Admin package, API tests. |
| Coordinator | apps/coordinator, Coordinator tests, SDK tests. |
| STS/Gateway/Audit | services/*, Go tests, operations docs. |
| SDKs/connectors | packages/*, language-specific tests, interoperability fixtures. |
| Infra | infra/docker, infra/helm, Postgres/Redis scripts. |
| Docs | docs/src/content/docs, docs/astro.config.mjs, generated docs pages. |
Command Boundary
Section titled “Command Boundary”Do not add top-level runtime CLI commands for zones, policies, grants, audit, agents, delegation, or Control. Human workflows belong to the web console; automation belongs to Control/Admin APIs.
Security Reports
Section titled “Security Reports”Do not discuss suspected vulnerabilities in public issues. Use GitHub private advisories or the email path in Report a Vulnerability.
Next Step
Section titled “Next Step”Use Validate Changes to choose the narrowest useful test command before opening a pull request.

