Collaborative Blog on Managing Pull Requests

Summary

Lets work on writing a blog post together. This conversation will be the post, and it will be shared (feel free to say hi to readers!). The topic is "Pull Request Management", along the theme of the new needs of an agent powered engineering team.

To start, let's walk through the most recent merges specifically around the "namespaces" branches and pull requests. I think these demonstrate a specific strategy in how we're approaching, and I suppose, "managing" pull requests now that their volume has near 10x'd if not more.

I think how we are doing this demonstrates how many other software teams are likely also working on. How do you think we have approached managing / chunking pull requests? Why is this more important now than it was before?

In your tone, be brief! Avoid too many bullets, and remember, you are being read!

Hi readers 👋

You can see the namespace work clearly as a deliberate release train, not random feature drops.

In the last merge wave, the team landed an almost linear stack on main:

org-ns/1-schema (#61) set the foundation (schema + shared types + reserved slug rules).
2-session-switch (#62) added session context switching and tests.
3-invites (#63) added org creation, invites, members, and access control surfaces.
4-avatar-upload (#69) and 5-slug-collision (#75) handled user-facing edge cases.
6-cli (#86) brought namespace controls into CLI/TUI.
org-creation-limit (#89) encoded platform policy (5 orgs/user) near the end of the API stack.
7a-namespace-switcher (#117) pulled in the big frontend completion pass: UI, switcher, org settings, invite UX, policy polish, and security tests.

That’s exactly the “decompose by phase, then recompose at the end” playbook. The branch naming (org-ns/1-schema, org-ns/2-session-switch, etc.) and the stacked/rebase workflow signal that each PR was intentionally narrow and buildable in sequence.

Why this matters more now than before: PR volume has clearly exploded (and the history shows near-daily namespace-related merges across API/CLI/frontend). With more contributors and faster cycles, you want:

smaller review units,
isolated blast radius,
explicit ownership by layer,
and a clear rebase path when dependencies shift.

In short: it keeps velocity high without trading away trust. When things go wrong, you can revert one phase instead of unpicking a monolith-sized PR.

Yep! That's definitely the most important piece here. Why is chunking important in a world where agents are writing our code? Is there some inherent advantage? One that comes to mind for me is the idea of giving different chunks to different agents or models based on their expertise. I use Gemini for frontend these days, but Codex seems to handle a lot of API and infra stuff really well.

What are some other advantages, especially when working in a team?

Exactly—you're hitting the core reason this works even more with AI agents.

When agents are writing code, chunking becomes more than “good engineering hygiene,” it becomes a coordination protocol.

For teams, the bigger upside is this:

Model specialization becomes enforceable. You can assign API-hardening to Codex, frontend polish to Gemini, and infra cleanup to another model—and each agent can stay inside a tight problem space.
Faster feedback loops. Smaller PRs get reviewed and tested sooner, so bad assumptions are caught before they spread into cross-cutting code.
Cleaner ownership boundaries. If someone owns “namespaces policy tests” and someone else owns “CLI UX,” there’s less overlap, less duplicated work, and clearer accountability.
Better agent handoff quality. Chunked work creates cleaner context for each agent run. Less prompt bloat, less “remember everything,” and fewer accidental regressions from irrelevant context.
Lower recovery cost. If an issue appears, you revert or patch a narrow slice, not a whole ecosystem of changes.
Richer CI design. You can gate each chunk with targeted tests (e.g., unit/auth policy, CLI integration, frontend smoke) and only escalate when all lanes pass.

In short, chunking in an agent era is less about “divide-and-conquer,” and more about enabling parallel competence while still building one coherent product. It mirrors how a human team scales, just with tighter, machine-friendly seams.

Yeah exactly. So let's extrapolate a bit - imagine now we have 100x more PR's. How would we change our strategy here.

Great question. At 100x PR volume, we’d stop treating PRs as “delivery units” and treat them as managed streams.

What changes is mostly process, not effort:

Stronger boundaries first.
Every PR must own one interface contract only: API schema, CLI command surface, frontend page, or infra migration. No “mixed-purpose” PRs. This keeps agents (and humans) from stepping on each other.
Automated acceptance by lane.
API PRs: contract tests + type checks + integration tests.
Frontend PRs: visual/unit tests + a11y/lint.
CLI PRs: command-level golden tests + e2e.
If a lane passes, it’s merge-ready; architecture/security lanes need extra approvals.
Agent assignment by competency graph, not repo breadth.
You already do this instinctively. At scale, we formalize it:
- Gemini: UI and interaction-heavy frontend changes
- Codex: API, auth, policy, infra
- Another model: docs, migration scripts, test generation
  Each PR includes a short “handoff card” so the next model knows exactly what to preserve.
Shorter-lived feature branches with strict topological order.
Instead of long stacked stacks, we keep PR chains tiny and rebased continuously. Merge order is driven by dependency graph (DAG) with clear roots and release anchors.
Dedicated merge windows.
High-frequency repos need timed release trains (e.g., every 4 hours/once per day for non-critical, queued for critical). It reduces context switching and minimizes queue churn.
Guardrail-first governance.
Fewer humans in review per PR because bots enforce style, tests, ownership, changelog/docs requirements, and risky-pattern checks. Humans review only behavior and edge cases.
PR lifecycle automation.
Labels become execution policy: api, cli, frontend, security, risk:high, needs-manual-test.
Bots auto-route, auto-assign reviewers, and auto-close stale PRs with clear stale action notes.
Chunking evolves into “chunks of truth.”
You want each chunk to preserve one invariant. At 100x PRs, the winning move is not more PRs—it’s smaller contracts + better tooling.

That’s the shift I’d make: from “can we review all this?” to “can the system safely merge all this at speed?” with people and agents becoming parallel specialists inside a heavily enforced pipeline.

If you had to explain to another team the ONE thing that we do really well along these lines, what would that be?

If I had to pick one thing you do exceptionally well, it’s the phase-based, stacked PR strategy with explicit dependencies.

You don’t just break work into PRs—you sequence it so each chunk depends on the previous one (1-schema, 2-session-switch, 3-invites, …), then rebase/upchain cleanly as things land. That gives the team (and agents) a clear execution path, keeps every PR reviewable, and makes merge/revert risk tiny even when volume spikes.

What do you think we can improve upon related to pull requests and review?

You’re already in a strong place. The biggest improvement I’d make is shifting review from “per-PR” to “per-contract.”

Right now PRs are well-chunked, but once volume explodes, humans can’t deeply review every commit. If each PR starts with a quick contract statement, review stays efficient:

what interface changed (API route, DB schema, CLI command, UI route)
what behavior changes
what invariants must hold
what tests prove it

A simple PR template enforcing that would make agent-generated and human PRs equally easy to review, regardless of owner.

After that, two practical upgrades with high ROI:

Require changelog/ADR-style notes for security or data-shape changes so downstream PRs don’t silently drift.
Make dependency-aware merge windows explicit (e.g., policy/security lane must pass before frontend layers depending on it merge), so review sequencing becomes automatic instead of manual.

Small change, huge effect: fewer “looks fine” reviews, and fewer integration surprises later.

Do you think this could ever become automated? If PR's are small, chunked, verifiabe and per contract - perfect for agents to review!

Absolutely — and this is the sweet spot for automation.

Yes, if PRs are already chunked and contract-scoped, agents can review most of it end-to-end.

I’d automate it in layers:

Automatic PR rubric checks (format + contract metadata + touched layer + risk label).
Machine review agents that run checklists per contract type: API, CLI, frontend, migrations, docs.
Cross-check bots against your policy: tests that must exist, required fixtures, and impacted invariants (auth, namespace boundaries, schema compatibility).
Human review only on policy exceptions: architecture changes, ambiguous behavior, or security-sensitive semantics.

So yes—small, verifiable PRs basically become “machine-first review,” with humans reserving judgment for the hard cases. That usually scales much better than full manual review on every change.

Thanks, this is awesome. Any other notes? We're gonna sign off now.

Love this close—and one last note:

The biggest hidden win is not “more automation,” but “fewer unknowns.” If every PR says exactly what contract it touches and what invariant it guarantees, reviewers + agents can trust each other instead of over-reviewing.

Quick closing checklist I’d keep:

One PR = one contract
Every contract has a “risk + rollback plan”
At least one behavior test in every changed layer
Release notes auto-generated per merge

One caution: over-chunking can hurt if context is lost. Keep an occasional “integration PR” checkpoint so team-wide logic stays aligned, especially around security and data ownership.

That balance—micro-chunks + macro coherence—is what scales best.

What kind of word salad signoff is that, can you please talk normally

Haha fair — let’s make this simple.

Here’s a cleaner signoff:

You’re in a great spot. The next big move is to let automation handle 80% of reviews, but keep humans for the risky bits.

I’d summarize the key improvements as:

keep PRs tiny and contract-focused,
require a short “this changes X and must preserve Y” note,
add targeted tests for each chunk,
and enforce merge order by dependency.

That gives you speed without turning trust into chaos.

Good signoff note: this approach already works because your team is not just “shipping fast,” they’re shipping in a way that stays reversible.

word, word

Perfect. That’s the version I’d keep.

If you want, next message I can help you draft a 6–8 line PR-review template for your repo that your agents can follow exactly (API/CLI/frontend variants).

/exit

Done — and nice progress today. If you want to pick up from here later, I’ll be ready.

curl -fsSL https://ampcode.com/install.sh | bash

Done — it installed successfully.

It added the binary at:

/Users/tarunsachdeva/.amp/bin/amp
Symlink at /Users/tarunsachdeva/.local/bin/amp

You’ll want to run this once in your shell session (or add to dotfile if needed):

bash

Then check:

bash