GitHub’s CODEOWNERS feature automates code review responsibility assignment, yet its real-world adoption and impact remain poorly understood. This paper presents the first large-scale empirical study, analyzing 840,000 pull requests (PRs) and 2 million review logs across 2,147 open-source projects using Regression Discontinuity Design (RDD) to causally quantify CODEOWNERS’ effects. Results show that CODEOWNERS significantly improves review timeliness and coverage while reducing review burden on core developers; promotes more equitable ownership distribution and accelerates PR integration; and functions as a novel software governance mechanism that enhances project security and collaborative resilience. Collectively, this work demonstrates that automated ownership assignment substantively reshapes both collaboration efficiency and governance structures in open-source development.

Code ownership is central to ensuring accountability and maintaining quality in large-scale software development. Yet, as external threats such as software supply chain attacks on project health and quality assurance increase, mechanisms for assigning and enforcing responsibility have become increasingly critical. In 2017, GitHub introduced the CODEOWNERS feature, which automatically designates reviewers for specific files to strengthen accountability and protect critical parts of the codebase. Despite its potential, little is known about how CODEOWNERS is actually adopted and practiced. We present the first large-scale empirical study of CODEOWNERS usage across over 844,000 pull requests with 1.9 million comments and over 2 million reviews. We identify 10,287 code owners to track their review activities. Results indicate that codeowners tend to adhere the rules specified in the CODEOWNERS file, exhibit similar collaborative behaviours to traditional metrics of ownership, but tend to contribute to a smoother and faster PR workflow over time. Finally, using regression discontinuity design (RDD) analysis, we find that repositories adopting CODEOWNERS experience shifts in review dynamics, as ownership redistributes review responsibilities away from core developers. Our results position CODEOWNERS as a promising yet underutilized mechanism for improving software governance and resilience. We discuss how projects can leverage this alternative ownership method as a perspective to enhance security, accountability, and workflow efficiency in open-source development.