Skip to content

Releases: sev7enITA/policywatcher

PolicyWatcher v3.5.1 Audit Operations

Choose a tag to compare

@sev7enITA sev7enITA released this 02 Jul 18:21

PolicyWatcher v3.5.1 Audit Operations

Maintenance and consolidation release for the 3.5 Confidence track.

Added

  • Append-only Admin Review Log for human review actions.
  • Persistent Dataset QA issue decisions through DatasetQaIssueReview.
  • Dataset QA actions: mark reviewed, ignore with reason, and reopen.
  • Review Log admin page with search and CSV export.
  • Dataset QA issue CSV export for auditor handoff.

Changed

  • Roadmap now distinguishes implemented controls, 3.5.1 additions, and later planned features.
  • Admin, README, showcase, trust page, changelog, and state-of-art docs updated to 3.5.1 Audit Operations.
  • API smoke test now verifies the Review Log endpoint.

Validation

  • npm run lint
  • npm run test
  • npm run test:coverage
  • npm run qa:dataset
  • npm run build
  • npm run api:smoke
  • npm audit --omit=dev

Known note

  • Dataset QA CLI still reports the known non-blocking Plaid legal-hub duplicate URL warning.
  • Codecov external upload still requires repository secret CODECOV_TOKEN.

PolicyWatcher v3.5.0 Confidence Release

Choose a tag to compare

@sev7enITA sev7enITA released this 02 Jul 12:51

PolicyWatcher 3.5.0 is the Confidence Release: a maintenance and consolidation release focused on truthfulness, dataset QA, evidence boundaries, and operational assurance.

Highlights:

  • Truth & Confidence Layer with policy data status, ingestion method, last-check timestamps, and check-log evidence.
  • Public Trust & Quality page with OpenSSF Best Practices project 13465, OpenSSF Scorecard, GitHub quality workflow badges, and non-certification wording.
  • Admin Dataset QA, KPI audit, explainability, metrics, database, cron, and encrypted-backup controls aligned to v3.5.
  • API smoke validation command: npm run api:smoke.
  • Hardened deployment headers, PostCSS override for CVE-2026-41305, and production build validation.
  • README Mermaid ingestion sequence fixed for GitHub rich rendering.

Validation run locally before publishing:

  • npm run lint
  • npm run test
  • npm run qa:dataset: 0 blockers, 1 Plaid legal-hub warning
  • npm run api:smoke: 24 passed, 0 failed
  • npm run build

Boundary: these badges and checks are operational quality evidence, not legal, regulatory, or security certification.