From a6ce5c3f34d4caa30c1c12b5c0e0489984773328 Mon Sep 17 00:00:00 2001
From: Adam DeHaven <2229946+adamdehaven@users.noreply.github.com>
Date: Fri, 17 Jan 2025 11:29:20 -0500
Subject: [PATCH] docs(security): approvals and releases (#2576)

---
 README.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/README.md b/README.md
index 6af64f1785..db6f8e55ca 100644
--- a/README.md
+++ b/README.md
@@ -33,3 +33,11 @@ This will trigger the Commitizen interactive prompt for building your commit mes
 #### Enforcing Commit Format
 
 [Lefthook](https://github.com/evilmartians/lefthook) is used to manage Git Hooks within the repo. A `commit-msg` hook is automatically setup that enforces commit message stands with `commitlint`, see [`lefthook.yaml`](./lefthook.yaml).
+
+### Approvals and Releases
+
+- All pull requests require review and approval from authorized team members.
+- Automated approvals through workflows are strictly prohibited.
+  - There is an exception for automated pull request approvals originating from generated dependency updates that satisfy status checks and other requirements.
+- Protected branches require at least one approval from code owners.
+- All status checks must pass before a pull request may be merged.