Valinor

governance.config.yml

governance.config.yml is the per-repo dial that tunes how Valinor governs a repo. It is scaffolded by init from your flags and read by the gates to resolve severities, the merge policy, and repo settings. It is validated by a Zod schema — an invalid value fails closed at parse.

Top-level fields

  • Name
    profile
    Type
    enum (required)
    Description

    technical-app · marketing-site · bizdev-proposal · library. The governance profile.

  • Name
    stack
    Type
    string (required)
    Description

    The repo's stack (e.g. node-ts, nextjs). Drives stack-conditional gates.

  • Name
    deploy
    Type
    string (optional)
    Description

    The deploy target, when relevant.

  • Name
    autonomy
    Type
    object
    Description

    The merge-automation dial. docs: hitl | auto-merge. code_merge: hitl | auto-staging | auto-main. Authoritative over the branch-protection review count.

  • Name
    adoption
    Type
    object
    Description

    The strictness/scope dial (orthogonal to autonomy). maturity: greenfield | actively-developed | mature | deep-legacy. mode: strict | new-code | advisory. baseline: a baseline file path (required in new-code mode).

  • Name
    gates
    Type
    record
    Description

    Per-concern gate config. Each entry is either a boolean (false disables the gate) or an object carrying severity (error | warn | off) plus gate-specific keys (e.g. dependency-health's failOn / denylist). Unknown keys are preserved; a mis-typed severity fails closed at parse.

  • Name
    repo_settings
    Type
    object
    Description

    GitHub repo settings to verify/sync (e.g. delete_branch_on_merge, allow_auto_merge), each with a value, a verify flag, and a reason.

Example

The shape Valinor uses on itself (consumer #0 — full strictness from commit 1):

governance.config.yml

profile: library
stack: node-ts
autonomy:
  docs: hitl
  code_merge: auto-main
adoption:
  maturity: greenfield
  mode: strict
gates:
  claims-verify: true
  branch-protection-check: true
  # per-concern severity dials:
  docs-coverage:
    severity: error
  research-ledger:
    severity: off
repo_settings:
  delete_branch_on_merge:
    value: true
    verify: false
    reason: "admin-write-gated field; off-state is self-evident"
  allow_auto_merge:
    value: true
    verify: false
    reason: "auto-merge being disabled is immediately visible"

autonomy (merge automation) and adoption (strictness/scope) are orthogonal — one governs how a change merges, the other governs how strict the gates are. They move independently.

The gate severities here are read by the CI gate commands and the governance gate commands.

Was this page helpful?