Policy Bot Versions Save

A GitHub App that enforces approval policies on pull requests

v1.34.1

3 weeks ago

Other Changes

  • Correctly detect draft pull requests when handling certain webhook events (#742)

Full Changelog: https://github.com/palantir/policy-bot/compare/v1.34.0...v1.34.1

v1.34.0

1 month ago

Add Prometheus metrics endpoint (#738)

Policy Bot now exposes Prometheus-style metrics at the /api/metrics path. Users can add labels or adjust summary quantiles using the server configuration file. Policy Bot continues to supports DogStatsD metrics, which are now described in the configuration example.

Other Changes

  • Suppress health check requests in logs and metrics (#737)
  • Minor dependency upgrades

Full Changelog: https://github.com/palantir/policy-bot/compare/v1.33.0...v1.34.0

v1.33.0

1 month ago

Add policy simulation API (#725)

The Simulation API provides a way to test new policies against existing pull requests or see how a policy would behave if different conditions were true. This is most useful when developing new policies but may also help when integrating Policy Bot with other systems.

See the README for details on how to use the API and which conditions can be simulated.

Other Changes

  • Line modification conditions now support the equals (=) operator (#712 by @RoryDoherty)
  • The OAuth2 callback URL is now set using the public_url server option instead of the Host header (#730 by @KnisterPeter)
  • Update dependencies and build tools

Full Changelog: https://github.com/palantir/policy-bot/compare/v1.32.0...v1.33.0

v1.32.0

3 months ago

Add the ability to expand reviewers in the details UI (#656)

When the expand_required_reviewers option is set in the server configuration, the Policy Bot UI will expand organizations, teams, and permissions into the list of users who can approve each rule. This can make it easier for users to know who they should ask for reviews.

This feature is disabled by default because it can leak otherwise private information about the membership of teams and organizations. See the README for more information and only enable this feature in trusted environments, like with corporate GitHub Enterprise server.

Other Changes

  • Allow requesting a custom number of reviewers when using random-users mode (#636 by @AtzeDeVries)
  • Update UI colors to match the latest Blueprint styles (#657)
  • Enable long-term caching for frontend assets (#663)
  • Improve the implementation of the "Hide Skipped Rules" toggle (#658)
  • Build with Go 1.21.4
  • Update dependencies and build tools

Full Changelog: https://github.com/palantir/policy-bot/compare/v1.31.0...v1.32.0

v1.31.0

8 months ago

Re-implement invalidate_on_push using supported APIs (#602, #612)

The invalidate_on_push option now uses the creation timestamps of commit statuses to estimate the push time instead of the deprecated and removed pushedDate GraphQL field. This should work in most practical cases, but may ignore some approvals that occur immediately after a push. See the README for more details.

The do_not_load_commit_pushed_date option introduced in version 1.30.0 is now deprecated. While the option is still recognized in configuration files, it has no effect.

Other Changes

  • Allow changing the environment variable prefix used in configuration variables (#610 by @daleal)
  • Update dependencies and build tools

v1.30.0

9 months ago

Add a server option to avoid loading pushed dates (#599)

In Github 2023-07-01, the Github.com V4 API no longer returns pushedDate for commits. Policy bot now supports an option do_not_load_commit_pushed_date to avoid loading data that is no longer returned.

See #598 for more details

Other Changes

  • Exclude policy-bot pages from search indexing (#588)
  • Update dependencies and build tools

v1.29.0

11 months ago

Add support for SSH signatures (#504)

The has_valid_signatures and has_valid_signatures_by predicates now check the validity of SSH commit signatures. Contributed by @fpoussin.

Other Changes

  • Improve review dismissal behavior for policies where only some rules set invalidate_on_push to true (#577)
  • Update dependencies and build tools

Compatibility ⚠️

If you use Policy Bot with GitHub Enterprise, we now require GitHub Enterprise 3.7 or later due to the use of GraphQL queries that select SSH signature fields. Version v1.28.0 is the last release that supports GitHub Enterprise 3.6 and older.

v1.28.0

1 year ago

Add support for merge queues (#554)

Policy Bot now responds to the webhook events used by GitHub merge queues. If the repository defines a policy, all pull requests in the merge queue are automatically approved. Contributed by @devinburnette.

Other Changes

  • Build distributions for linux/arm64 (#556)
  • Fix regression with status updates for comments and reviews that disapprove a pull request (#567)
  • Build with Go 1.20 (#540)
  • Update dependencies and build tools

v1.27.4

1 year ago

Other Changes

  • Support setting logging configuration with environment variables (#523)
  • Hide skipped rules in the details UI by default (#536 by @kmark)
  • Update dependencies and build tools

Full Changelog: https://github.com/palantir/policy-bot/compare/v1.27.3...v1.27.4

v1.27.3

1 year ago

Other Changes

  • Increase maximum retry delay when loading commit pushed dates (#509)
  • Update dependencies

Full Changelog: https://github.com/palantir/policy-bot/compare/v1.27.2...v1.27.3