A GitHub App that enforces approval policies on pull requests
Full Changelog: https://github.com/palantir/policy-bot/compare/v1.34.0...v1.34.1
Policy Bot now exposes Prometheus-style metrics at the /api/metrics
path. Users can add labels or adjust summary quantiles using the server configuration file. Policy Bot continues to supports DogStatsD metrics, which are now described in the configuration example.
Full Changelog: https://github.com/palantir/policy-bot/compare/v1.33.0...v1.34.0
The Simulation API provides a way to test new policies against existing pull requests or see how a policy would behave if different conditions were true. This is most useful when developing new policies but may also help when integrating Policy Bot with other systems.
See the README for details on how to use the API and which conditions can be simulated.
=
) operator (#712 by @RoryDoherty)public_url
server option instead of the Host
header (#730 by @KnisterPeter)Full Changelog: https://github.com/palantir/policy-bot/compare/v1.32.0...v1.33.0
When the expand_required_reviewers
option is set in the server configuration, the Policy Bot UI will expand organizations, teams, and permissions into the list of users who can approve each rule. This can make it easier for users to know who they should ask for reviews.
This feature is disabled by default because it can leak otherwise private information about the membership of teams and organizations. See the README for more information and only enable this feature in trusted environments, like with corporate GitHub Enterprise server.
random-users
mode (#636 by @AtzeDeVries)Full Changelog: https://github.com/palantir/policy-bot/compare/v1.31.0...v1.32.0
invalidate_on_push
using supported APIs (#602, #612)The invalidate_on_push
option now uses the creation timestamps of commit statuses to estimate the push time instead of the deprecated and removed pushedDate
GraphQL field. This should work in most practical cases, but may ignore some approvals that occur immediately after a push. See the README for more details.
The do_not_load_commit_pushed_date
option introduced in version 1.30.0 is now deprecated. While the option is still recognized in configuration files, it has no effect.
In Github 2023-07-01, the Github.com V4 API no longer returns pushedDate for commits. Policy bot now supports an option do_not_load_commit_pushed_date
to avoid loading data that is no longer returned.
See #598 for more details
The has_valid_signatures
and has_valid_signatures_by
predicates now check the validity of SSH commit signatures. Contributed by @fpoussin.
invalidate_on_push
to true
(#577)If you use Policy Bot with GitHub Enterprise, we now require GitHub Enterprise 3.7 or later due to the use of GraphQL queries that select SSH signature fields. Version v1.28.0 is the last release that supports GitHub Enterprise 3.6 and older.
Policy Bot now responds to the webhook events used by GitHub merge queues. If the repository defines a policy, all pull requests in the merge queue are automatically approved. Contributed by @devinburnette.
Full Changelog: https://github.com/palantir/policy-bot/compare/v1.27.3...v1.27.4
Full Changelog: https://github.com/palantir/policy-bot/compare/v1.27.2...v1.27.3