Releases: palantir/policy-bot
v1.35.0
Add support for required approval conditions (#752)
Policies can now define required approval conditions. These are similar to predicates, but instead of controlling if a rule is skipped, they control if the rule is pending or approved. You can use any of the existing predicate types as a required condition. See the new Designing Policies section of the README for additional information about this feature.
Other Changes
- Update dependencies and build tools
Full Changelog: v1.34.1...v1.35.0
v1.34.1
v1.34.0
Add Prometheus metrics endpoint (#738)
Policy Bot now exposes Prometheus-style metrics at the /api/metrics path. Users can add labels or adjust summary quantiles using the server configuration file. Policy Bot continues to supports DogStatsD metrics, which are now described in the configuration example.
Other Changes
- Suppress health check requests in logs and metrics (#737)
- Minor dependency upgrades
Full Changelog: v1.33.0...v1.34.0
v1.33.0
Add policy simulation API (#725)
The Simulation API provides a way to test new policies against existing pull requests or see how a policy would behave if different conditions were true. This is most useful when developing new policies but may also help when integrating Policy Bot with other systems.
See the README for details on how to use the API and which conditions can be simulated.
Other Changes
- Line modification conditions now support the equals (
=) operator (#712 by @RoryDoherty) - The OAuth2 callback URL is now set using the
public_urlserver option instead of theHostheader (#730 by @KnisterPeter) - Update dependencies and build tools
Full Changelog: v1.32.0...v1.33.0
Contributors
Assets 3
v1.32.0
Add the ability to expand reviewers in the details UI (#656)
When the expand_required_reviewers option is set in the server configuration, the Policy Bot UI will expand organizations, teams, and permissions into the list of users who can approve each rule. This can make it easier for users to know who they should ask for reviews.
This feature is disabled by default because it can leak otherwise private information about the membership of teams and organizations. See the README for more information and only enable this feature in trusted environments, like with corporate GitHub Enterprise server.
Other Changes
- Allow requesting a custom number of reviewers when using
random-usersmode (#636 by @AtzeDeVries) - Update UI colors to match the latest Blueprint styles (#657)
- Enable long-term caching for frontend assets (#663)
- Improve the implementation of the "Hide Skipped Rules" toggle (#658)
- Build with Go 1.21.4
- Update dependencies and build tools
Full Changelog: v1.31.0...v1.32.0
Contributors
Assets 3
v1.31.0
Re-implement invalidate_on_push using supported APIs (#602, #612)
The invalidate_on_push option now uses the creation timestamps of commit statuses to estimate the push time instead of the deprecated and removed pushedDate GraphQL field. This should work in most practical cases, but may ignore some approvals that occur immediately after a push. See the README for more details.
The do_not_load_commit_pushed_date option introduced in version 1.30.0 is now deprecated. While the option is still recognized in configuration files, it has no effect.
Other Changes
Contributors
Assets 3
v1.30.0
Add a server option to avoid loading pushed dates (#599)
In Github 2023-07-01, the Github.com V4 API no longer returns pushedDate for commits. Policy bot now supports an option do_not_load_commit_pushed_date to avoid loading data that is no longer returned.
See #598 for more details
Other Changes
- Exclude policy-bot pages from search indexing (#588)
- Update dependencies and build tools
v1.29.0
Add support for SSH signatures (#504)
The has_valid_signatures and has_valid_signatures_by predicates now check the validity of SSH commit signatures. Contributed by @fpoussin.
Other Changes
- Improve review dismissal behavior for policies where only some rules set
invalidate_on_pushtotrue(#577) - Update dependencies and build tools
Compatibility ⚠️
If you use Policy Bot with GitHub Enterprise, we now require GitHub Enterprise 3.7 or later due to the use of GraphQL queries that select SSH signature fields. Version v1.28.0 is the last release that supports GitHub Enterprise 3.6 and older.
Contributors
Assets 3
v1.28.0
Add support for merge queues (#554)
Policy Bot now responds to the webhook events used by GitHub merge queues. If the repository defines a policy, all pull requests in the merge queue are automatically approved. Contributed by @devinburnette.
