# CODEOWNERS — Morphism Workspace
# See: https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/about-code-owners

# Default owner for everything
* @alawein

# Credential & secret paths (CRITICAL — owner review required)
.secrets/ @alawein
.secrets/**/*.env @alawein
.morphism/secrets/ @alawein
.morphism/access-control.yml @alawein
**/.env @alawein
**/.env.local @alawein
**/.env.*.local @alawein

# Security scripts
scripts/manage-secrets.sh @alawein
scripts/scan-credentials.sh @alawein
scripts/security-preflight.sh @alawein

# Webhook endpoints (credential-adjacent)
**/webhooks/ @alawein
**/api/webhooks/** @alawein

# CI/CD (controls deployment secrets)
.github/workflows/ @alawein

# Governance framework
morphism/ @alawein
.morphism/ @alawein
AGENTS.md @alawein
SSOT.md @alawein
GUIDELINES.md @alawein

# Git hooks, SSOT, and governance
.githooks/ @alawein
docs/ssot/ @alawein
docs/governance/ @alawein

# Runbooks
docs/runbooks/ @alawein

# Security workflow
.github/workflows/security.yml @alawein
