From efcc78353095249d463b9bc4278ac2759aaba381 Mon Sep 17 00:00:00 2001 From: Brian Love Date: Mon, 22 Jun 2026 20:55:52 -0700 Subject: [PATCH] docs(contributing): make AI-review-comment handling an explicit convention The advisory AI review never blocks merge, so its comments can be silently inherited or ignored. Codify the team norm: before arming auto-merge, the author reads each AI comment and either addresses it in a follow-up commit or replies on the thread with the reason for deferring. A green/red review check says nothing about whether the comments were considered. Co-Authored-By: Claude Opus 4.8 (1M context) --- CONTRIBUTING.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 658337617..ac4e0532f 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -47,6 +47,12 @@ not a required check and never blocks a merge. A second workflow Scorecard's Code-Review check reads from the reviews API. The maintainer still merges every PR. +Because the review is advisory, **handling its comments is a convention, not a +gate**: before arming auto-merge, the author reads each AI comment and either +addresses it in a follow-up commit or replies on the thread with the reason for +deferring/declining. Don't merge past unread review comments — the check going +green (or red) says nothing about whether the comments were considered. + This credits Code-Review via automation rather than peer review, because the project is currently single-maintainer. OSSF documentation suggests automated/AI reviews may not be intended to count toward this check; the current