Policy Bot Versions Save

Other Changes

• Fix potential re-request loop for team reviewers (#306)
• Skip reviewer assignment on events that can't change the assigned reviewers (#307)

Add signature verification predicates (#285)

Policies can now use the has_valid_signatures, has_valid_signatures_by, and has_valid_signatures_by_key to enable rules based on the GPG signatures of commits in the pull requests.

Add support for triage and maintain permissions (#294)

Policies can use the requires.permissions option to specify the minimum permission a collaborator must have to approve a rule. This option replaces the existing admins and write_collaborators options, which are now deprecated.

As a result of this change, policies that still use the admins and write_collaborators options will behave slightly differently:

• Rules that set write_collaborators: true can also be approved by users with maintain and admin permissions
• Rules that set admins: true and enable review requests will now request direct admins in addition members of admin teams

Other Changes

• Return a 404 error when trying to view details for a repository where policy-bot is not installed (#303)
• Include comparison expressions in policy validation (#300)
• Fix potential re-request loop for user reviewers (#302)
• Upgrade build dependencies

Other Changes

• Build with Go 1.16.3
• Clarify errors for title predicates (#275)
• Remove Bintray publishing and using GitHub Actions for CI (#278, #279)

Avoid updating state on closed PRs (#270)

• Skips updating the status check for evaluations on pull requests that are not in an "open" state. This will avoid the situation where policy-bot attempts to update the status for a PR which has been closed/merged, causing errors or confusion if successful.

Other Changes

• Add note to README about double quoted/plain YAML string escape characters (#273)
• Enable CodeQL vulnerability scanning (#271)

Update status check on details page evaluation (#265)

• When the detail page is opened and evaluation is run the status check will now be updated. This resolves a class of issues where the triggered evaluation fails due to a temporary error, yet loading the details page results in a success message once the error is resolved (and the failed status check remains).
• Increased detail in logging around missing commits error message.

Other Changes

• Fix static resource loading when Policy Bot's public URL contains path components (#260)

Add support for enforcing regex rules on PR Title (#256)

Adds functionality for disapproving pull requests which do not comply by defined title formatting requirements as mentioned in #244.

• A new predicate title is added for defining allowed (not_match) and disallowed (match) regex patterns on a pull request title.
• The disapproval policy is extended to allow predicates just as individual approval_rules do. However, whereas an approval rule may only allow approvals subject to passing predicates, the disapproval policy will only allow disapprovals subject to its own predicates all failing. Passing predicates on the disapproval policy will trigger a default disapproval, just as failing predicates on an approval rule will implicitly approve (pass).

Add support for handling review comments (#257)

Adds support for handling review comments like regular comments, thus allowing users to approve or disapprove without switching back to the "Conversation" tab of the pull request whilst reviewing the changes. Fixes #51.

Other Changes

• Add documentation about referring to GitHub Apps in users fields (#255)
• Document UI development setup (#252)

Improve reviewer assignment (#242)

Reviewer assignment now runs on all evaluations, meaning reviewers are correctly assigned when predicates change. Policy Bot will also re-request review if new approvals are needed after pushes. Otherwise, reviewers are requested once per rule and dismissed reviewers are not re-requested.

Add optional description field to rules (#251)

Approval rules can now have a description field that appears in the details UI when viewing the status of a pull request. Policies may use this field to explain what the rule is for or who needs to approve instead of putting this information in a long rule name.

Other Changes

• Reduce GitHub requests by skipping evaluation for webhook events that can't influence the result (#242)

Add from_branch predicate (#243)

Policies can now use the from_branch predicate to enable rules based on the source (head) branch of a pull request.

Other Changes

• Load the app name from GitHub, ignoring the options.app_name server configuration property (#233)
• Fix post-login redirects in certain conditions (#238)

Other Changes

• Fix author values for bot-authored pull requests (#231)