v1.38.2

Re-release of 1.38.0

Add option to ignore edited comments on the server (#977)

Policy Bot now supports server side configuration to ignore edited commits and improve the overall security posture of a running instance.

Other Changes

• Use zero value by default for comments edited time when simulating PR status (#978)
• Minor dependency and build tool updates

Full Changelog: v1.37.0...v1.38.2

v1.38.1

Re-release of 1.38.0

Add option to ignore edited comments on the server (#977)

Policy Bot now supports server side configuration to ignore edited commits and improve the overall security posture of a running instance.

Other Changes

• Use zero value by default for comments edited time when simulating PR status (#978)
• Minor dependency and build tool updates

Full Changelog: v1.37.0...v1.38.1

v1.38.0

Add option to ignore edited comments on the server (#977)

Policy Bot now supports server side configuration to ignore edited commits and improve the overall security posture of a running instance.

Other Changes

• Use zero value by default for comments edited time when simulating PR status (#978)
• Minor dependency and build tool updates

Full Changelog: v1.37.0...v1.38.0

v1.37.0

Add file creation and deletion predicates (#935, #938)

The file_added, file_not_added, file_deleted, and file_not_deleted predicates allow writing policies that change when the PR introduces or removes specific files. Contributed by @dblinkhorn.

Add server option for strict review dismissals (#942)

By default, Policy Bot only dismisses a review if it no longer satisfies all rules. When rules have different invalidate_on_push settings, this means a review may remain because it still satisfies one rule while no longer satisfying another. If the new strict_review_dismissal option is enabled in the server configuration, Policy Bot will dismiss a review if it no longer satisfies any rule. This may be more intuitive for users, depending on how policies are constructed. Contributed by @devinburnette.

Other Changes

• Support marshaling Policy Bot configuration types to YAML (#796, by @iainlane)
  Note that these Go types are not part of Policy Bot's public API and may change in any version
• Add debug logging for check_run events (#966)
• Minor dependency and build tool updates

Full Changelog: v1.36.5...v1.37.0

v1.36.5

Fixes

• Respect the post_insecure_status_checks option when handling merge group events (#933 by @mglazer)

Other Changes

• Build with Go 1.24 (#932)
• Minor dependency and build tool updates

Full Changelog: v1.36.4...v1.36.5

v1.36.4

Fixes

• Fix error when rendering the details page for a disapproved pull request (#885)

Other Changes

• Retry loading configuration in certain error conditions (#887 by @nikola-jokic)
• Minor dependency and build tool updates

Full Changelog: v1.36.3...v1.36.4

v1.36.3

Fixes

• Correctly count changed files in pull requests that include renames (#875 by @dblinkhorn)

Other Changes

• Minor dependency and build tool updates

Full Changelog: v1.36.2...v1.36.3

v1.36.2

Fixes

• Fix issue where dismissed approvals do not trigger a rule evaluation (#866 )
• Ignore Workflow Run Events that are sent by a different repository than the source repository (#861 by @iainlane )

Other Changes

• Minor dependency updates

Full Changelog: v1.36.1...v1.36.2

v1.36.1

Fixes

• Fix GitHub API errors caused by submitting duplicate requested reviewers (#856 by @FraBle)

Other Changes

• Build with Go 1.23
• Update dependencies and build tools

Full Changelog: v1.36.0...v1.36.1

v1.36.0

Add the no_changed_files predicate (#756)

The no_changed_files predicate is the negation of the changed_files predicate and allows users to write rules that apply when files are not changed. Contributed by @erikburt.

Add the has_status predicate (#789)

The new has_status predicate replaces has_successful_status (which is now deprecated) and allows matching conclusions other than success. This is most useful to write rules that also accept skipped and neutral statuses from check runs. Contributed by @iainlane.

Add the has_workflow_result predicate (#794)

The has_workflow_result predicate is similar to has_status, but matches on the result of a full GitHub Actions workflow. This can be preferable to matching on check runs for workflows that have top-level conditions or for workflows that have many jobs. Contributed by @iainlane.

Fixes

• Fix an issue where Policy Bot could incorrectly detect other statuses as its own (#801)
• Avoid trying to load check run results from other repositories (#807 by @iainlane)
• The base path from the server's public URL is now included in OAuth2 redirect URLs (#806)
• Fix an issue where Policy Bot could use out-of-date check run results in evaluation (#823)

Other Changes

• Server administrators can now disable shared policy lookups (#812 by @iainlane)
• Avoid unnecessary GitHub API requests for rules that do not require approval (#808 by @iainlane)
• Update dependencies and build tools

Full Changelog: v1.35.0...v1.36.0