Releases: palantir/policy-bot
v1.31.0
Re-implement invalidate_on_push using supported APIs (#602, #612)
The invalidate_on_push option now uses the creation timestamps of commit statuses to estimate the push time instead of the deprecated and removed pushedDate GraphQL field. This should work in most practical cases, but may ignore some approvals that occur immediately after a push. See the README for more details.
The do_not_load_commit_pushed_date option introduced in version 1.30.0 is now deprecated. While the option is still recognized in configuration files, it has no effect.
Other Changes
Contributors
Assets 3
v1.30.0
Add a server option to avoid loading pushed dates (#599)
In Github 2023-07-01, the Github.com V4 API no longer returns pushedDate for commits. Policy bot now supports an option do_not_load_commit_pushed_date to avoid loading data that is no longer returned.
See #598 for more details
Other Changes
- Exclude policy-bot pages from search indexing (#588)
- Update dependencies and build tools
v1.29.0
Add support for SSH signatures (#504)
The has_valid_signatures and has_valid_signatures_by predicates now check the validity of SSH commit signatures. Contributed by @fpoussin.
Other Changes
- Improve review dismissal behavior for policies where only some rules set
invalidate_on_pushtotrue(#577) - Update dependencies and build tools
Compatibility ⚠️
If you use Policy Bot with GitHub Enterprise, we now require GitHub Enterprise 3.7 or later due to the use of GraphQL queries that select SSH signature fields. Version v1.28.0 is the last release that supports GitHub Enterprise 3.6 and older.
Contributors
Assets 3
v1.28.0
Add support for merge queues (#554)
Policy Bot now responds to the webhook events used by GitHub merge queues. If the repository defines a policy, all pull requests in the merge queue are automatically approved. Contributed by @devinburnette.
Other Changes
Contributors
Assets 3
v1.27.4
Other Changes
- Support setting logging configuration with environment variables (#523)
- Hide skipped rules in the details UI by default (#536 by @kmark)
- Update dependencies and build tools
Full Changelog: v1.27.3...v1.27.4
Contributors
Assets 3
v1.27.3
v1.27.2
v1.27.1
Other Changes
- Skip review dismissal for reviews that do not match comment patterns (#485 by @devinburnette)
- Include rule approval methods in details view (#485 by @devinburnette)
- Improve formatting of required approvals in details view (#494)
- Fix pushed date loading for PRs with large merge commits (#493)
- Upgrade dependencies and build tooling
Full Changelog: v1.27.0...v1.27.1
Contributors
Assets 3
v1.27.0
Add option to allow non-author contributors (#457)
The new allow_non_author_contributor option allows approvals from contributors who are not the PR author. This avoids confusing behavior with the existing options, where allow_contributor also allows self-approval by the PR author. Contributed by @devinburnette.
Add repository predicate (#461)
The repository predicate allows enabling rules based on the repository that contains the pull request. This makes it easier to share policies between multiple repositories that may have slightly different rules. Contributed by @devinburnette.
Add option to use PR bodies for approval (#454)
The body_patterns approval method looks for matches in the pull request body, counting them as approvals from the PR author. In situations where self-approval is required, it may be more convenient to provide this when opening the PR instead of as a separate comment. Body approvals respect the existing ignore_edited_comments option. Contributed by @agirlnamedsophia.
Dismiss stale reviews (#463)
Policy Bot now attempts to dismiss stale GitHub reviews when they no longer apply to any rules. This can happen in several situations:
invalidate_on_pushis true and a new commit is pushedignore_edited_commentsis true and a review was editedgithub_review_comment_patternsis set and a review does not match any of the patterns
Contributed by @devinburnette.
Other Changes
- Fix detection of edited reviews and comments (#459 by @devinburnette)
- Build with Go 1.19 (#478)
- Upgrade dependencies and build tooling
Full Changelog: v1.26.0...v1.27.0
Contributors
Assets 3
v1.26.0
Fix issue with method defaults (#447)
Matched approval method defaults to documentation specifications so that when 'github_review' or 'comments' is specified, it doesn't interfere with the default value of the non-specified attribute.
Other Changes
- Add validation for public URLs by @bluekeyes in #422
- Standardize permission access by @bluekeyes in #426
- Render required permissions by @ylee088 in #425
- Fix or condition for the details section to render permissions. by @ylee088 in #427
- Add public_url env var to example config by @mogggggg in #438
- Fix permissions for codeql by @asvoboda in #441
- Fix commit caching for PRs with too many commits by @bluekeyes in #444
- Server config env documentation is wrong by @DepickereSven in #446
- Fix issue with method defaults by @shravan1k in #447
Dependency Upgrades
- Excavator: Manage go version by @svc-excavator-bot in #419
- Excavator: Updates godel plugins to latest versions by @svc-excavator-bot in #420
- Excavator: Update godel to latest version by @svc-excavator-bot in #424
- Excavator: Manage go module dependencies by @svc-excavator-bot in #428
- Excavator: Manage go version by @svc-excavator-bot in #430
- Excavator: Update godel to latest version by @svc-excavator-bot in #431
- Excavator: Updates godel plugins to latest versions by @svc-excavator-bot in #432
- Excavator: Manage go module dependencies by @svc-excavator-bot in #435
- Excavator: Update godel to latest version by @svc-excavator-bot in #433
- Excavator: Manage go module dependencies by @svc-excavator-bot in #437
- Excavator: Updates godel plugins to latest versions by @svc-excavator-bot in #440
- Bump shell-quote from 1.7.2 to 1.7.3 by @dependabot in #443
- Excavator: Manage go module dependencies by @svc-excavator-bot in #442
Full Changelog: v1.25.0...v1.26.0
