security(github): add CODEOWNERS

[UnbornAztecKing]

Summary

• Add module-level code owners for /indexer, /protocol, and /proto.
• Keep repo-wide default ownership with @dydxprotocol/backend.
• Assign @dydxprotocol/security as owners for /.github and /CODEOWNERS.
• Improve PR routing and enforce security oversight on governance files.

Details

• Ownership
  • Default: "*" → @dydxprotocol/backend (unchanged).
  • Modules:
    • /indexer/ → @dydxprotocol/indexer-code-owners
    • /protocol/ → @dydxprotocol/protocol-code-owners
    • /proto/ → @dydxprotocol/proto-code-owners
  • Security policy:
    • /.github/ and /CODEOWNERS → @dydxprotocol/security
• Notes: Leading slashes anchor to repo root; trailing slashes target directories and contents. Specific entries appear after the wildcard so they take precedence.

Risk & Impact

• Low risk: affects review/approval routing only; no runtime impact.
• Possible change in required reviewers for affected paths.
• Ensure all referenced GitHub teams exist and have appropriate permissions.

Testing

• No code/tests changed; relies on GitHub CODEOWNERS enforcement.
• Behavior verifiable by opening test PRs touching each path.

Reviewer Notes

• Double-check team slugs: indexer-/protocol-/proto-code-owners and security exist and are correct.
• Confirm desired precedence and path scopes (/indexer/, /protocol/, /proto/, /.github/, /CODEOWNERS).

Summary by CodeRabbit

• Chores
  • Updated internal code ownership and security policy assignments for repository organization and maintenance purposes.

---

Note: This release contains no user-facing changes. The update is an internal administrative configuration to enhance development processes and code governance.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

📝 Walkthrough

Walkthrough

The pull request adds CODEOWNERS file entries to establish code ownership across multiple repository directories, designating @dydxprotocol/backend as default owner and assigning specific teams to /indexer/, /protocol/, /proto/ directories and @dydxprotocol/security to .github/ directory.

Changes

Cohort / File(s)	Summary
CODEOWNERS Configuration CODEOWNERS	Added ownership assignments for repo root patterns, /indexer/, /protocol/, /proto/, and .github/ directories with corresponding team designations.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• move CODEOWNERS file #2097: Also modifies the CODEOWNERS file to assign @dydxprotocol/backend as owners, establishing similar ownership patterns for the repository.

Suggested labels

protocol

Poem

🐰 A bunny hops through directories neat,
Assigning owners—oh what a feat!
Backend builders, security keepers too,
Each coder knows just what to do,
With CODEOWNERS mapping the way,
The rabbit approves—hip hip hooray! 🎉

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'security(github): add CODEOWNERS' clearly and specifically summarizes the main change—adding CODEOWNERS configuration for security and code ownership management.
Description check	✅ Passed	The description includes Summary, Details, Risk & Impact, and Testing sections with comprehensive explanations, but is missing the Author/Reviewer Checklist section and Test Plan section specified in the template.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch security-audit-code-owners

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}