Skip to content

feat(policy): add unified policy-report (#208, rollout PR 9/12)#221

Merged
EffortlessSteven merged 1 commit into
mainfrom
feat/xtask-policy-report-20260511
May 12, 2026
Merged

feat(policy): add unified policy-report (#208, rollout PR 9/12)#221
EffortlessSteven merged 1 commit into
mainfrom
feat/xtask-policy-report-20260511

Conversation

@EffortlessSteven

Copy link
Copy Markdown
Member

Summary

Ninth PR in the 12-PR file-policy rollout. Adds cargo xtask policy-report — runs every advisory check and aggregates the seven *-report.json artifacts into a single target/policy/policy-report.{md,json}.

Issue

Closes #208. Consumes outputs from #217 (file-policy), #219 (gen/exec/dep), #220 (workflow/process/network). Refines #180. Tracks #109.

Headline on current main

| Area                  | Headline metric | Value         |
| Non-Rust file policy  | unreceipted     | 945           |
| Generated files       | _clean_         | 0 (universe)  |
| Executable files      | _clean_         | 0 (universe)  |
| Dependency surfaces   | _clean_         | 16 (universe) |
| Workflow surfaces     | _clean_         | 9 (universe)  |
| Process policy        | unknown_total   | 10            |
| Network policy        | _clean_         | 9 (universe)  |

The two non-clean rows are the documented expected state — 945 unreceipted is PR 2's deliberately-partial seed, 10 unknown commands are PR 8's grep-detector false positives.

Decisions

  • Advisory only — no --mode flag. Promotion to blocking belongs to PRs 10/11/12 (they tighten how CI invokes the individual sub-checks). Adding modes here would duplicate state.
  • Re-runs all sub-checks every invocation. Cost is small (sub-checks are a few hundred ms each); the aggregate always reflects current state, not stale prior-session artifacts.
  • Headline picks first non-zero metric from a priority list: unreceipted, invalid_policy_refs, unknown_total, missing_fields, expired, stale, unused. If everything is zero, emits a "clean" row keyed on the universe size.
  • Untyped JSON re-read for aggregation. Each sub-report has a different schema; lifting the summary block as serde_json::Value is simpler than maintaining seven typed deserializers.

Acceptance

  • cargo check --workspace --locked passes.
  • cargo clippy -p xtask --all-targets --locked -- -D warnings clean.
  • cargo fmt --all -- --check clean.
  • cargo xtask policy-report produces both artifacts (policy-report.md, policy-report.json).
  • Output reports 7 areas + 7 headline rows.

Follow-ups

Ninth PR in the 12-PR file-policy rollout. Adds `cargo xtask
policy-report` which runs every advisory check and aggregates the
results into target/policy/policy-report.{md,json}.

## Behavior

policy-report invokes each of the seven check functions in advisory
mode:

  check_file_policy::check
  checks::check_generated
  checks::check_executable_files
  checks::check_dependency_surfaces
  workflow_checks::check_workflow_surfaces
  workflow_checks::check_process_policy
  workflow_checks::check_network_policy

Each sub-check writes its own target/policy/*-report.json (as in
previous PRs). policy-report then reads back the seven JSON artifacts,
lifts each one's `summary` block, picks a headline metric per area
(unreceipted | invalid_policy_refs | unknown_total | missing_fields |
expired | stale | unused — first non-zero wins; falls back to a
universe-size-keyed "clean" row), and emits a unified MD + JSON.

## Decisions

- **Advisory only.** No --mode flag. Promotion to blocking is the job
  of PRs 10/11/12; they tighten CI's invocation of the individual
  checks. Adding modes here would duplicate state.

- **Re-run vs read-only.** policy-report always re-runs the sub-checks
  so the aggregated report reflects current state, not stale artifacts
  from a prior session. Cost is small — each sub-check is a few
  hundred ms.

- **Untyped JSON re-read for aggregation.** Each sub-report has a
  different schema. Lifting the `summary` block as `serde_json::Value`
  is simpler and more robust than maintaining seven typed deserializers
  in xtask. The headline metric is computed from the same Value.

## Acceptance

- cargo check --workspace --locked passes.
- cargo clippy -p xtask --all-targets --locked -- -D warnings clean.
- cargo fmt --all -- --check clean.
- `cargo xtask policy-report` ran on this branch:
    wrote unified policy-report (7 areas, 7 headline rows)
- target/policy/policy-report.md and target/policy/policy-report.json
  both produced.

Headline on current main:

  | Non-Rust file policy | unreceipted    | 945 |
  | Generated files      | _clean_        | 0 (universe) |
  | Executable files     | _clean_        | 0 (universe) |
  | Dependency surfaces  | _clean_        | 16 (universe) |
  | Workflow surfaces    | _clean_        | 9 (universe) |
  | Process policy       | unknown_total  | 10 |
  | Network policy       | _clean_        | 9 (universe) |

The two non-clean rows match the documented expected state: 945
unreceipted files because PR 2's seeded receipts intentionally cover
only a slice of the workspace, and 10 false-positive process tokens
because the PR 8 detector is grep-style (see #220 PR body OPEN
question).

## Out of scope

- PR 10 (#209) — wire the advisory checks into CI as a job and upload
  target/policy/ as an artifact.
- PR 11 (#210) — promote file/generated/executable/dependency/workflow
  checks to blocking.
- PR 12 (#211) — promote process/network checks to blocking.

Closes #208.
@gemini-code-assist

Copy link
Copy Markdown

Warning

You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again!

@chatgpt-codex-connector

Copy link
Copy Markdown

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.
To continue using code reviews, add credits to your account and enable them for code reviews in your settings.

@coderabbitai

coderabbitai Bot commented May 12, 2026

Copy link
Copy Markdown

Warning

Rate limit exceeded

@EffortlessSteven has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 28 minutes and 20 seconds before requesting another review.

You’ve run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 60fd908c-4f53-49ed-bf1e-317c76e8237d

📥 Commits

Reviewing files that changed from the base of the PR and between fa74193 and c2edef6.

📒 Files selected for processing (2)
  • xtask/src/main.rs
  • xtask/src/policy_report.rs
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feat/xtask-policy-report-20260511

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@factory-droid

factory-droid Bot commented May 12, 2026

Copy link
Copy Markdown

Droid finished @EffortlessSteven's task —— View job


Factory Droid Validation Complete

PR #221cargo xtask policy-report aggregator

Result: 1 candidate reviewed → 0 approved, 1 rejected (below bar)

Candidate Status Reason
Dead Assignment in workspace_root (line 243) rejected Pure code-quality nit; no correctness, safety, or contract implications

Validation summary: PR #221 adds cargo xtask policy-report to aggregate seven advisory check outputs into unified JSON/Markdown reports. The implementation is clean — no functional bugs, no security issues. The dead discard binding let _: &Path = &root on line 243 is a pure code-quality nit with no correctness, safety, or product-contract implications. Per review posture, it falls below the bar for a review comment.

Inspected surfaces: xtask/src/policy_report.rs (full file), xtask/src/main.rs (subcommand registration)

Residual risk: Registry ambiguity on cargo publish remains unaddressed (by design; Reconcile is a future PR).

No comments posted (candidate rejected).

@EffortlessSteven EffortlessSteven merged commit d77db14 into main May 12, 2026
20 checks passed
@EffortlessSteven EffortlessSteven deleted the feat/xtask-policy-report-20260511 branch May 12, 2026 01:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

feat(policy): add unified policy report (rollout PR 9/12)

1 participant