# 24 — Engineering Process & Hiring

## Branching & releases

- Trunk-based development on `main`.
- Short-lived feature branches (≤ 3 days).
- Squash merge with a one-line summary that lands in CHANGELOG.
- Tags `vX.Y.Z` cut from `main`.
- Release cadence: API and dashboard daily; mobile weekly OTA, biweekly store.
- Hotfixes: branch from the release tag, fix, tag a patch, deploy.

## Pull request rules

- Small enough to review in 30 minutes.
- 1 reviewer minimum; 2 for security-sensitive paths.
- Author cannot merge their own PR.
- PR template includes: what, why, screenshots, test plan, rollback plan, audit/permission impact.
- All PRs must pass typecheck, lint, test, build.

## Code review principles

- Be kind; review code, not people.
- Suggest with examples ("consider X because Y") rather than assertions.
- Block only on correctness, security, or principle violations; nitpicks are non-blocking suggestions.
- Reviewers check: tests cover the change, audit logs added for new mutations, permissions declared, error states handled.

## Architecture decisions

- Significant decisions land as **ADRs** (`docs/templates/adr-template.md`). Each ADR is short, dated, and immutable.
- Significant changes propose an **RFC** (`docs/templates/rfc-template.md`) before implementation; reviewers nominated; comment period 3–5 business days.
- Reversible decisions don't need an ADR; document them in the PR description.

## Testing strategy

- Unit tests for pure logic (validators, money math, RBAC checks).
- Integration tests for module routes against a real Postgres (testcontainers).
- E2E: Playwright on web, Maestro / Detox on mobile, smoke flows only.
- A non-skippable RBAC fixture verifies cross-partner isolation (see `19-security-and-compliance.md`).

## Performance budget

- API write paths p95 ≤ 800 ms; read paths ≤ 400 ms.
- Mobile cold start p75 ≤ 2.5 s on a mid-range Android.
- Web LCP ≤ 2.5 s on Slow 3G.
- Bundle budgets: web landing ≤ 200 KB JS gzip; mobile JS bundle ≤ 4 MB.

## Tech debt

- We allocate ~20% of each sprint to debt and tooling.
- Debt is logged in the issue tracker with `tag:debt`.
- Quarterly review by senior engineering decides cleanup or accept.

## Hiring plan (first 12 months)

| Role | Count | When | Notes |
|---|---|---|---|
| Lead Mobile Engineer | 1 | T-12 weeks | RN + native bridges |
| Senior Backend Engineer | 2 | T-12 / T-6 | NestJS, Prisma |
| Senior Frontend Engineer | 1 | T-6 | Dashboard + Website |
| SRE / Platform Engineer | 1 | T-2 | Observability, IaC |
| Senior Designer | 1 | T-12 | Mobile + brand |
| Product Manager | 1 | T-12 | Travelers; CPO covers Partners until M+6 |
| Partner Success Manager | 1 | T-2 | Onboarding & CSM |
| Support Lead | 1 | T-2 | Tickets, escalation |
| QA Engineer | 1 | M+3 | Test infra |
| Senior Security Engineer | 1 | M+6 | Pre-SOC2 |
| Senior Data Engineer | 1 | M+6 | Warehouse + dbt |

## Career ladders

- Three-track ladder: Individual Contributor (E2–E7), Manager (M1–M3), Architect (Staff–Distinguished).
- Levels defined by impact, ambiguity handled, and mentoring; published internally.
- Performance review cycles biannually; 360 inputs feed each review.

## Operating cadences

- **Daily:** standup per pod, written async by default.
- **Weekly:** product review, roadmap sync, on-call handover.
- **Biweekly:** release retro, design crit.
- **Monthly:** all-hands, security review, finance review.
- **Quarterly:** strategy review, postmortem of the quarter, hiring plan update.

## Documented assumptions

- We staff for the next two phases, not five.
- Senior hires in P1 set the tooling expectations; juniors join from P3.
- Outsourcing is acceptable for non-core surfaces (e.g. the marketing site can use a contractor template).