Skip to content

feat: add explainable path-specific policies#8

Merged
Hayal08 merged 2 commits into
mainfrom
feature/explainable-policies
Jun 6, 2026
Merged

feat: add explainable path-specific policies#8
Hayal08 merged 2 commits into
mainfrom
feature/explainable-policies

Conversation

@Hayal08

@Hayal08 Hayal08 commented Jun 6, 2026

Copy link
Copy Markdown
Owner

What changed?

  • Add explainable risk score breakdowns to CLI, JSON, Job Summary, and PR comments
  • Add path-specific limits and test requirements
  • Add advisory mode for gradual non-blocking adoption
  • Validate numeric thresholds and nested path rule configuration
  • Expose policy-passed as an Action output

Why?

Teams need to understand why a pull request is risky, apply stricter rules to sensitive areas, and roll out policy without immediately blocking contributors.

How was it tested?

  • 24 unit tests pass locally
  • JSON and human-readable CLI reports verified locally
  • Composite Action smoke test will exercise the updated Action

Closes #5
Closes #6

@github-actions

github-actions Bot commented Jun 6, 2026
edited
Loading

Copy link
Copy Markdown

PR Sheriff report

Policy: Passed | Risk: HIGH (74/100)

Changed files Changed lines Tests changed
9 317 yes
Risk score breakdown
Changed lines Changed files Sensitive files Cap adjustment Total
+31 +18 +25 0 74

Sensitive files

  • .github/workflows/ci.yml

@Hayal08 Hayal08 merged commit 9153a22 into main Jun 6, 2026
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Show the risk score breakdown in JSON output Validate that numeric thresholds are non-negative integers

1 participant

@Hayal08