Restructure Policy into per-repository restrictions and overrides#194
Merged
Conversation
Replace the ordered Rule list with a repeated RepositoryPolicy, one entry
per repository the policy constrains (in practice "hexpm" and the org's own
repository). Each entry has:
* restriction — baseline advisory_min_severity / retirement_reasons /
cooldown limits applied to every release in the repository
* overrides — per-package ALLOW/DENY with an optional requirement
For each candidate release the client matches the entry for its repository,
then evaluates overrides (most specific requirement wins; ALLOW bypasses the
restriction, DENY blocks), then the restriction. An ALLOW override is exempt
from the restriction; everything else in the repository is subject to it. The
Filter, Rule, oneof action, and Availability messages are gone.
Restriction imports package.proto and types advisory_min_severity and
retirement_reasons as the AdvisorySeverity and RetirementReason enums rather
than bare uint32, so the values are symbolic. This is wire-identical to
uint32 (proto2 enums encode as varints) and still decodes unknown future
values as integers.
visibility is unchanged. Regenerate hex_pb_policy.erl and update the policy
test fixtures.
maennchen
approved these changes
Jun 9, 2026
maennchen
reviewed
Jun 16, 2026
get_policy required repo_organization and errored without it, forcing clients that store the full repository URL (with /repos/<org> already baked in) to strip the suffix back off to satisfy it. Build the URL through the shared build_url path like get_package: repo_organization still inserts /repos/<org> when set, and clients that bake it into repo_url reach the same resource with the field unset.
maennchen
approved these changes
Jun 16, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Replace the ordered Rule list with a repeated RepositoryPolicy, one entry per repository the policy constrains (in practice "hexpm" and the org's own repository). Each entry has:
For each candidate release the client matches the entry for its repository, then evaluates overrides (most specific requirement wins; ALLOW bypasses the restriction, DENY blocks), then the restriction. An ALLOW override is exempt from the restriction; everything else in the repository is subject to it. The Filter, Rule, oneof action, and Availability messages are gone.
visibility is unchanged. Regenerate hex_pb_policy.erl and update the policy test fixtures.
Also see hexpm/specifications#62.