From 17677e6f3c687f4f4908206a0b56ff1c5ef9e5c3 Mon Sep 17 00:00:00 2001
From: cotta-dev <kobatatsu0514@gmail.com>
Date: Thu, 2 Apr 2026 23:40:36 +0900
Subject: [PATCH 1/2] chore: document branch workflow in CLAUDE.md

---
 CLAUDE.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/CLAUDE.md b/CLAUDE.md
index 971bbf2..a57b1f3 100644
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -37,3 +37,9 @@ configs/
 ## Release
 
 Tag push (`v*`) triggers GoReleaser via GitHub Actions → publishes `.deb` (amd64/arm64) to GitHub Releases.
+
+## Branch Workflow
+
+- **Always branch before pushing** — never push directly to `main`
+- **One feature per branch** — keep features isolated (e.g., `feat/xxx`, `fix/xxx`, `chore/xxx`)
+- Merge via PR on GitHub

From 90f25bc3171f8e1ea3ad36f2dd548af1533a95b9 Mon Sep 17 00:00:00 2001
From: cotta-dev <kobatatsu0514@gmail.com>
Date: Thu, 2 Apr 2026 23:47:21 +0900
Subject: [PATCH 2/2] chore: add no-confirm and security-check rules to branch
 workflow

---
 CLAUDE.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/CLAUDE.md b/CLAUDE.md
index a57b1f3..d38d1bb 100644
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -43,3 +43,5 @@ Tag push (`v*`) triggers GoReleaser via GitHub Actions → publishes `.deb` (amd
 - **Always branch before pushing** — never push directly to `main`
 - **One feature per branch** — keep features isolated (e.g., `feat/xxx`, `fix/xxx`, `chore/xxx`)
 - Merge via PR on GitHub
+- **No interactive confirmation needed** — create branch, implement, and push without asking
+- **Security checks are mandatory** — verify for security issues before making changes, before committing, and before pushing