Developer Reference
Version Control
& SDLC
A comprehensive reference covering every stage of the software delivery lifecycle — from planning and branching strategy through CI/CD, governance, and post-deployment monitoring.
Section 01 · Planning & Issue Creation
Define work before touching code.
Every feature, fix, and experiment starts as a well-formed issue. Good issue hygiene is the highest-leverage investment a team can make — it eliminates ambiguity before it becomes rework.
Issue Types
User Story
A feature expressed from the user's perspective. Drives product value.
Definition of Ready
- Clear, unambiguous acceptance criteria in Given/When/Then format
- Story points estimated by the team doing the work
- All dependencies identified and unblocked
- Designs or wireframes attached (if UI work)
- No open questions that would block a developer from starting
- Fits comfortably within a single sprint
Acceptance Criteria (BDD)
Priority Levels
Production down or data loss. Fix immediately, all hands.
Core feature broken. Fix within current sprint.
Non-critical degradation. Next sprint or sooner.
Nice-to-have improvement. Scheduled as capacity allows.
Sprint Planning Cycle
Day 1
Sprint Planning
Team commits to backlog items
Daily
Daily Standup
Sync on blockers + progress
Day 5
Mid-Sprint Review
Early demo, course-correct
Day 10
Sprint Review
Demo to stakeholders
Day 10
Retrospective
Improve the process
Section 02 · Repository Foundations
Structure the repo before the first commit.
Config files, branch protections, and lock files are not boilerplate — they are the skeleton of a healthy codebase. Getting them right on day one costs minutes; fixing them later costs weeks.
Init Workflow
Key Config Files
Purpose
Tells Git which files and directories to never track — build artefacts, secrets, editor state, OS noise.
Example
# Dependencies node_modules/ .pnp .pnp.js # Build outputs dist/ .next/ out/ # Environment secrets .env .env.local .env.*.local # Editor .vscode/ .idea/ *.swp # OS .DS_Store Thumbs.db
Branch Protection Rules
Require pull request before merging
No direct pushes to the protected branch. All changes go through a PR.
Require approvals (min. 1)
At least one reviewer must approve before a PR can be merged.
Dismiss stale reviews on new push
Approvals reset when new commits are pushed — reviewers must re-approve.
Require status checks to pass
CI must be green. Define which workflows are required.
Require linear history
Disallows merge commits. Forces squash or rebase merges for a clean graph.
Monorepo vs Polyrepo
| Dimension | Monorepo | Polyrepo |
|---|---|---|
| Code sharing | Trivial — direct imports | Via published packages |
| Atomic changes | Single PR across projects | Coordinated multi-repo PRs |
| CI complexity | Affected-file detection needed | Simpler per-repo pipelines |
| Team autonomy | Shared tooling standards | Independent tech choices |
| Onboarding | One clone, everything works | Multi-repo mental overhead |
| Access control | Coarse-grained | Fine-grained per repo |
| Used by | Google, Meta, Vercel | Amazon, Netflix (historically) |
Lock Files by Ecosystem
Node / npm
package-lock.json
via npm
Node / Yarn
yarn.lock
via yarn
Node / pnpm
pnpm-lock.yaml
via pnpm
Python
requirements.txt / Pipfile.lock
via pip / pipenv
Rust
Cargo.lock
via cargo
Go
go.sum
via go mod
Section 03 · Branching Strategy
Branching is team choreography.
The branching model you choose dictates the pace and safety of your releases. There is no universal right answer — only the right fit for your team size, release cadence, and CI maturity.
Git Graph
GITFLOW
GITHUB FLOW
TRUNK-BASED
GitFlow
Strict, parallel-release model
Pros
Cons
Best For
Software with versioned, scheduled releases (SaaS, libraries)
Branch Naming Conventions
Feature
feature/PROJ-123-add-oauth
Bug Fix
bugfix/PROJ-456-fix-null-pointer
Hotfix
hotfix/v2.1.1-payment-null-fix
Release
release/v2.2.0
Chore
chore/update-dependencies
Spike
spike/PROJ-789-evaluate-redis
Branch Lifecycle
Create
git checkout -b feature/X
Develop
git add . && git commit
Sync
git rebase origin/main
Review
Open Pull Request
Merge
Squash & merge
Delete
git branch -d feature/X
Section 04 · Local Development Workflow
Master the four-area model.
Git manages three local areas plus the remote. Most confusion about git commands dissolves once you understand which areas each command moves data between.
The Four-Area Model
git clone
Copies remote to local repo and working directory in one step
Select Command
Conventional Commits
Pre-Commit Hooks
Catch JS/TS errors and enforce style rules before commit
Auto-format code — no more style debates in PRs
Prevent API keys and credentials entering the repo
Fail on TypeScript type errors before they hit CI
Run tests for changed files only — fast feedback loop
git stash Flow
Stash
git stash push -m 'WIP: add auth'
Saves uncommitted work to a temporary stack
Switch
git checkout hotfix/urgent
Work on something else with a clean directory
Restore
git stash pop
Re-applies the most recent stash entry
Interactive Rebase Operations
$ git rebase -i HEAD~4
git bisect — Binary Search for Bugs
Start
git bisect start
git bisect good v1.0
git bisect bad HEAD
Test Each Step
git bisect good
or
git bisect bad
Finish
Git identifies
the first bad
commit in O(log n)
Section 05 · Pushing & Remote Collaboration
Collaborate without breaking what others built.
Pushing code is a social act. Force-pushes, merge strategies, and conflict resolution patterns determine whether your team operates in flow or in fire-fighting mode.
Force Push: When and Never
Acceptable
Never
$ git push --force-with-lease origin feature/X
Safer: fails if remote has changed since your last fetch
Rebase vs Merge
Merge Commit
Creates a new merge commit that records the join point. History is non-linear but honest — it reflects what actually happened.
$ git merge feature/auth
Conflict Resolution: Step by Step
git pull origin main
Download latest changes
CONFLICT (content): Merge conflict in src/app.ts
Git marks conflicted files
git diff --name-only --diff-filter=U
Identify all conflicted files
Edit file, choose HEAD or incoming
Keep yours, theirs, or both
git add . && git commit
Mark conflicts resolved
Conflict Marker Format
<<<<<<< HEAD const timeout = 5000; ======= const timeout = 10000; >>>>>>> feature/retry-logic
Atomic Commit Principles
“One logical change per commit.” The unit of review is the commit, not the PR.
Revertability
One concern per commit means you can revert exactly the change that broke things — not unrelated code
Bisectability
git bisect works best when every commit is a consistent, buildable state
Review quality
Reviewers reason about one thing at a time — atomic commits reduce cognitive load
Changelog clarity
Conventional commits + atomic scope = automatic changelog that means something
Merge & Pull Request Process
How code moves from a feature branch into the shared trunk safely.
PR Lifecycle
PR Template Anatomy
CODEOWNERS Auto-Assignment
# .github/CODEOWNERS # Global owners — review everything * @team/platform # Backend — Python services /src/api/** @backend-lead @srini # Frontend — React components /src/ui/** @alice @bob # Infrastructure /infra/** @team/devops # Security-sensitive paths /src/auth/** @team/security
Review States
Merge Strategies
Creates a merge commit that unites the two histories.
PR Size Guide
Ideal. Fast review, low risk.
Good. Single responsibility, reviewable in one sitting.
Acceptable. Consider splitting if possible.
Avoid. Approval rubber-stamping risk is high.
Code Review Process
How teams verify correctness, share knowledge, and maintain quality standards.
Reviewer Checklist — 8 Dimensions
Comment Types
"`user.password` is being logged on line 42 — this is a security incident waiting to happen."
"nit: Could extract this into a `formatDate()` utility. Happy to merge as-is though."
"Why are we calling `getUser()` twice here? I may be missing context."
"Love how you handled the retry logic here — clean and robust."
Review SLA
Review Etiquette
CI/CD Pipeline
Automated verification and delivery — the heartbeat of modern software teams.
Environment Promotion Flow
How a software build travels from laptop to production safely.
Environment Ladder
Click an environment rung to see details.
Release Management
Versioning, tagging, changelog generation, and release ceremonies.
Semantic Version Calculator
v2.1.0Breaking change — incompatible API change. Consumers must update.
New feature — backwards-compatible addition. Safe to upgrade.
Bug fix — backwards-compatible fix. Always safe to upgrade.
Git Tag Anatomy
git tag -a v2.1.0 -m "Release 2.1.0"git tagGit tag command-aAnnotated tag (stored as full Git object with tagger, date, message)v2.1.0Version string — v prefix is convention, not enforced-m "…"Tag message — describes the release. Appears in `git tag -v`Release Candidates
Click to progress through the RC flow. Each RC gets deployed to staging and tested. Once all blockers are resolved, the final tag is cut.
Changelog from Conventional Commits
Hotfix Process
Release Train Calendar (2-week sprints)
11
Post-Deployment
Deployment is the beginning, not the end. Observability, incident response, and continuous learning close the loop.
Monitoring Stack
Application Performance Monitoring — traces, latency, throughput
Real-time exception capture, stack traces, user context
Centralised log storage, search, and alerting
Time-series data, dashboards, threshold alerts
Incident Response Flow
Alert fires in PagerDuty / Slack. On-call engineer acknowledges.
SLA / SLO Dashboard
A/B Test Result — Checkout Button Colour
Ship Variant B — statistically significant at p < 0.05
Feature Flag Cleanup Checklist
12
Documentation & Knowledge
Code that isn't documented is an asset with an expiry date. The best docs live in the same repo as the code they describe.
Documentation Types
OpenAPI / Swagger
Machine-readable API specification. Auto-generates SDKs, val…
Architecture Decision Records
Immutable record of a significant architectural choice, the …
Operational How-Tos
Step-by-step operator guides for routine tasks, deployments,…
Team Knowledge Base
Searchable, collaborative long-form knowledge. Onboarding, p…
Inline Documentation
JSDoc / docstrings explaining the 'why' not the 'what'. Auto…
Mermaid / PlantUML / D2
Version-controlled, diff-able architecture diagrams that liv…
Diagram-as-Code (Mermaid)
gitGraph commit id: "init" branch feature/auth checkout feature/auth commit id: "add login" commit id: "add OAuth" checkout main branch hotfix/typo commit id: "fix typo" checkout main merge hotfix/typo merge feature/auth
Documentation Quality Checklist
New Team Member — Week 1 Checklist
Day 1
Day 2–3
Week 1
13
Governance & Compliance
Git is your audit log. Every merge, every deploy, every config change is evidence — for your team and for your auditors.
Audit Trail
Compliance Evidence Collection
Access Control Matrix
License Compliance
Attribution only. Use freely in proprietary software.
Attribution + patent grant. Notice file required.
Derivative works must also be GPL. Copyleft.
Can link to LGPL library without GPL propagation.
Network use = distribution. Strongest copyleft.
Attribution. Non-endorsement clause (3-clause).
14
Team Communication & Notifications
The right signal to the right person at the right time. Too little: surprises. Too much: everyone ignores everything.
Integration Map
Notification Preferences Matrix
Deployment Announcement Template
*🚀 Deployed to Production* v2.15.0 *What shipped:* • Payment gateway v2 (Stripe + Apple Pay) • Checkout redesign — 22% fewer steps • Fix: null pointer in order history (hotfix #847) *Stats:* Pipeline: ✅ 847 tests passed | Build: 2m 34s Canary: 5% for 30min, no error rate change Rollout: 100% of traffic as of 09:45 UTC *Rollback:* `kubectl set image deploy/api api=app:v2.14.1` *Links:* Runbook | Grafana | Sentry | Release Notes *On-call:* @alice (primary) @bob (secondary)
On-Call Rotation
Alert Fatigue Prevention
Interactive Feature
Follow the Code
One feature. Eight milestones. From idea to production — every command, every artifact.
Issue Created
A bug or feature is captured in the backlog with acceptance criteria and priority.
Key Commands
$ gh issue create --title 'Add Apple Pay to checkout'$ gh issue view 847Artifacts
Interactive Feature
Branch Strategy Comparison
Click any strategy to see the full branching rules, workflow, and commands.
GitFlow
Scheduled releases, complex branching
GitHub Flow
Simple, CI/CD-first, one rule
Trunk-Based
Maximum velocity, feature flags, no branches
Interactive Feature
Git Command Reference
59+ commands across 6 categories. Click any command for full syntax, options, and examples.