Engineering standards
Engineering practice anchored on international standards. Structured branch and commit discipline, AI-assisted development with mandatory human review on security-critical paths.
AI-assisted development discipline
- AI agents operate under a defined operating standard covering planning, execution, communication, and review.
- Mandatory human review on security-critical paths.
- No auto-merge to main; every change goes through MR with structured review template.
- CI activation requires explicit owner authorisation.
Lifecycle and governance
- Branch strategy, commit standards, MR workflow, and review protocol.
- Per-project local conventions for project-specific norms.
- Session-level changelog discipline for audit continuity.
- Decision Record Template for architectural choices.
Tech stack
VitestPlaywrightpytestPHPUnitMochaBiomecargo-denyGitLab CIGitHub Actions
Standards
ISO/IEC 12207 — software lifecycle processesISO/IEC 25010 — software quality modelISO/IEC 29148 — requirements engineeringISO/IEC 42010 — architecture descriptionIEEE 1012 — verification and validationIEEE 730 — software quality assuranceNIST SP 800-53 — security and privacy controlsOWASP ASVS — application security verification