Code Owners

The Hook (The "Byte-Sized" Intro)

A junior developer changes the payment module. Nobody on the payments team is assigned to review. The PR gets merged by someone who's never seen that code. Three days later: production outage. CODEOWNERS prevents this — it automatically assigns the right reviewers based on which files are changed. Touch payments/, the payments team reviews. Always. Automatically.

📖 What is Code Owners?

A CODEOWNERS file that maps file paths to team members or groups, automatically assigning them as reviewers when those paths are changed in a PR.

Conceptual Clarity

How it works:

Step	What Happens
1. Developer opens a PR	Files changed are detected
2. GitHub checks CODEOWNERS	Matches changed paths to owners
3. Owners are auto-assigned	Added as required reviewers
4. Owners must approve	PR can't merge without their approval

CODEOWNERS syntax:

Pattern	Owner	Meaning
`*`	`@team-lead`	Default owner for everything
`*.js`	`@frontend-team`	All JavaScript files
`/docs/`	`@docs-team`	The docs directory
`src/payments/`	`@payments-team`	Payment module
`Dockerfile`	`@devops`	Specific file

Real-Life Analogy

CODEOWNERS is like an office building directory. Mail to Floor 3 goes to the finance department. Mail to Floor 7 goes to engineering. You don't need to know who handles what — the system routes to the right people.

Visual Architecture

flowchart LR PR["📋 PR Changes<br/>src/payments/api.js"] --> CODEOWNERS["📄 CODEOWNERS"] CODEOWNERS --> ASSIGNED["👥 @payments-team<br/>Auto-assigned"] ASSIGNED --> REVIEW["✅ Must approve"] style CODEOWNERS fill:#0f3460,stroke:#53d8fb,color:#53d8fb style REVIEW fill:#1b2d1b,stroke:#53d8fb,color:#53d8fb

Why It Matters

Expert review: Changes are always reviewed by the team that owns that code.
Automatic: No manual reviewer assignment needed.
Protection: Combined with branch protection, owners must approve.
Accountability: Clear ownership prevents "nobody's responsible" situations.

Code

bash

# ─── .github/CODEOWNERS ───
cat > .github/CODEOWNERS << 'EOF'
# Default owner
* @team-lead

# Frontend
*.js @frontend-team
*.tsx @frontend-team
src/components/ @frontend-team

# Backend
src/api/ @backend-team
src/services/ @backend-team

# Payments (critical path)
src/payments/ @payments-team @security-team

# Infrastructure
Dockerfile @devops
docker-compose.yml @devops
.github/workflows/ @devops

# Documentation
docs/ @docs-team
*.md @docs-team
EOF

git add .github/CODEOWNERS
git commit -m "chore: add CODEOWNERS for automatic review assignment"

# ─── File locations (any work) ───
# .github/CODEOWNERS
# CODEOWNERS (repo root)
# docs/CODEOWNERS

Key Takeaways

CODEOWNERS auto-assigns reviewers based on changed file paths.
Place in .github/CODEOWNERS, repo root, or docs/.
Last matching pattern wins — order matters (specific rules last).
Combine with branch protection to require code owner approval.

Interview Prep

Q: What is CODEOWNERS and why is it important? A: A file that maps file paths to team members or groups. When a PR changes files matching a pattern, the owners are automatically assigned as reviewers. Combined with branch protection, it ensures expert review for critical code paths.
Q: How does pattern matching work in CODEOWNERS? A: Patterns use glob syntax. The last matching pattern wins (like .gitignore). * matches all files, *.js matches JavaScript files, src/payments/ matches the payments directory. More specific patterns should come last.
Q: How do you enforce that code owners must approve? A: Enable "Require review from Code Owners" in branch protection rules. This makes the PR unmergeable without approval from at least one owner matched by the CODEOWNERS file.