From f3e09ecc2ce727416ef1cd5bd414a26d54a3fbee Mon Sep 17 00:00:00 2001
From: ChesnoTech <263363000+ChesnoTech@users.noreply.github.com>
Date: Tue, 24 Mar 2026 12:37:02 +0300
Subject: [PATCH] Set up Git Flow: branch protection, PR template, contributing
 guide

- Protected main: require PR + CI (PHP Lint, Frontend Build, Docker)
- Protected develop: require PR + CI (PHP Lint, Frontend Build)
- Updated PR template with Git Flow branch types and testing checklist
- Rewrote CONTRIBUTING.md with full Git Flow workflow, branch naming,
  and development setup instructions
- Repo is now public (BSL licensed)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 .github/pull_request_template.md |  42 ++++++++-----
 CONTRIBUTING.md                  | 102 +++++++++++++++++++++++++------
 2 files changed, 111 insertions(+), 33 deletions(-)

diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
index c7451d1..85875c7 100644
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@@ -1,28 +1,38 @@
 ## Summary
-
 <!-- Brief description of what this PR does -->
 
-## Changes
+## Branch Type
+- [ ] `feature/` — New feature (→ develop)
+- [ ] `fix/` — Bug fix (→ develop)
+- [ ] `hotfix/` — Urgent production fix (→ main + develop)
+- [ ] `release/` — Release prep (→ main + develop)
+- [ ] `docs/` — Documentation only
+- [ ] `ci/` — CI/CD changes
 
+## Changes
+-
 -
 
-## Component(s) affected
-
-- [ ] Activation Client (PowerShell)
+## Components Affected
+- [ ] Activation Client (PS1 / CMD)
 - [ ] Admin Panel (React frontend)
-- [ ] API Backend (PHP)
-- [ ] Docker / Deployment
+- [ ] API Backend (PHP controllers)
 - [ ] Database / Migrations
+- [ ] License Server (Cloudflare Worker)
+- [ ] Docker / Deployment
 - [ ] CI / GitHub Actions
-- [ ] Documentation
-
-## Testing
 
-- [ ] `cd frontend && npm test` passes
-- [ ] `php -l` on changed PHP files
-- [ ] Docker stack starts cleanly
-- [ ] Tested manually in browser / on workstation
+## Testing Checklist
+- [ ] `cd frontend && npm test` — 14 tests pass
+- [ ] `npm run build` — no TypeScript errors
+- [ ] PHP lint: `docker compose exec web php -l <file>`
+- [ ] Docker stack starts cleanly (`docker compose up -d`)
+- [ ] New i18n keys added to `en.json` + `ru.json`
+- [ ] New admin actions added to `api-contracts.test.ts`
+- [ ] Tested in browser / on workstation
 
-## Screenshots (if UI changes)
+## Screenshots
+<!-- If UI changes, paste before/after screenshots -->
 
-<!-- Paste before/after screenshots here -->
+## Related Issues
+<!-- Closes #123, Fixes #456 -->
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 4fd787e..f104458 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -1,34 +1,95 @@
-# Contributing
+# Contributing to KeyGate
+
+## Git Flow Branching Strategy
+
+```
+main (production)         ←── tagged releases (v2.1.0, v2.2.0)
+  ↑ PR (require CI green)      Protected: no direct push
+develop (integration)     ←── all features merge here first
+  ↑ PR (require CI green)      Protected: no direct push
+feature/my-feature        ←── one branch per feature/fix
+hotfix/urgent-fix         ←── branch from main → merge to main + develop
+release/v2.2.0            ←── branch from develop → merge to main + develop
+```
+
+### Branch Types
+
+| Prefix | Base Branch | Merges Into | Purpose |
+|--------|------------|-------------|---------|
+| `feature/` | develop | develop | New features |
+| `fix/` | develop | develop | Bug fixes |
+| `hotfix/` | main | main + develop | Urgent production fixes |
+| `release/` | develop | main + develop | Release preparation |
+| `docs/` | develop | develop | Documentation only |
+| `ci/` | develop | develop | CI/CD changes |
+
+### Workflow
+
+```bash
+# 1. Create a feature branch
+git checkout develop
+git pull origin develop
+git checkout -b feature/my-new-feature
+
+# 2. Work on your branch
+git add -A && git commit -m "Add new widget controller"
+
+# 3. Push and create PR
+git push origin feature/my-new-feature
+gh pr create --base develop --title "Add widget feature"
+
+# 4. CI must pass before merge (PHP Lint + Frontend Build & Test)
+
+# 5. Release flow (when ready to ship):
+git checkout develop
+git checkout -b release/v2.2.0
+# Update VERSION.php, then PR to main
+gh pr create --base main --title "Release v2.2.0"
+# After merge, tag: git tag v2.2.0 && git push origin v2.2.0
+```
+
+### Branch Naming Examples
+
+```
+feature/add-technician-export
+feature/dpk-xml-parser
+fix/login-session-timeout
+fix/key-pool-alert-email
+hotfix/activation-crash-win11
+release/v2.2.0
+```
 
 ## Development Setup
 
 ```bash
-# Clone and start
-git clone https://github.com/ChesnoTech/OEM_Activation_System.git
-cd OEM_Activation_System
+# Clone
+git clone https://github.com/ChesnoTech/KeyGate.git
+cd KeyGate
 cp .env.example .env         # Edit with your passwords
-docker compose up -d          # Start backend stack
+
+# Start Docker stack
+docker compose up -d
 
 # Frontend dev server
 cd FINAL_PRODUCTION_SYSTEM/frontend
 npm install
 npm run dev                   # http://localhost:5173
-```
-
-## Branch Strategy
 
-- `main` — production-ready, CI must pass
-- `develop` — active development, merge to main when stable
-- Feature branches — branch from `develop`, PR back to `develop`
+# Run tests
+npm test                      # 14 tests across 3 suites
+```
 
 ## Before Submitting a PR
 
-- [ ] `cd FINAL_PRODUCTION_SYSTEM/frontend && npm test` — all tests pass
-- [ ] `php -l your-file.php` — no syntax errors on changed PHP files
-- [ ] Translations added to both `i18n/en.json` and `i18n/ru.json`
-- [ ] New routes wrapped in `<RequirePermission>`
-- [ ] Use `jsonResponse()` not `echo json_encode()`
-- [ ] Use prepared statements for all SQL queries
+- [ ] `cd frontend && npm test` — all 14 tests pass
+- [ ] `npm run build` — no TypeScript errors
+- [ ] `docker compose exec web php -l <file>` — PHP lint
+- [ ] Docker stack starts cleanly
+- [ ] New translations in `en.json` + `ru.json`
+- [ ] New actions in `api-contracts.test.ts`
+- [ ] No `echo json_encode()` — use `jsonResponse()`
+- [ ] No `Get-WmiObject` — use `Get-CimInstance`
+- [ ] Admin password remains `Admin2024!` in dev
 
 ## Code Style
 
@@ -38,7 +99,14 @@ npm run dev                   # http://localhost:5173
 | JSON response | `jsonResponse(['success' => true])` | `echo json_encode(...)` |
 | File includes | `require_once __DIR__ . '/../config.php'` | `require_once '../config.php'` |
 | Error messages | `'An error occurred'` + `error_log($e)` | `$e->getMessage()` to client |
+| WMI (PS1) | `Get-CimInstance Win32_BaseBoard` | `Get-WmiObject Win32_BaseBoard` |
+| Race conditions | `$pdo->beginTransaction()` | Check-then-insert without TX |
 
 ## Adding a New Feature
 
 See the full guide in [CLAUDE.md](CLAUDE.md#contributing-guide).
+
+## License
+
+KeyGate is licensed under the Business Source License 1.1.
+See [LICENSE](LICENSE) for details.