Skip to content

feat: add plugin-based policy engine with shadow mode#29

Merged
digitarald merged 1 commit intomainfrom
digitarald/policy-engine
Feb 22, 2026
Merged

feat: add plugin-based policy engine with shadow mode#29
digitarald merged 1 commit intomainfrom
digitarald/policy-engine

Conversation

@digitarald
Copy link
Copy Markdown
Owner

@digitarald digitarald commented Feb 22, 2026

Summary

Introduces a new plugin-based policy engine that runs alongside the existing readiness system in shadow mode for safe validation before becoming the default.

New modules (src/services/policy/)

Module Purpose
types.ts Signal, Recommendation, Grade, PolicyContext interfaces
compiler.ts Compiles policy configs into executable plugin chains
loader.ts Loads and validates plugin chains from policy sources
engine.ts Executes plugins, computes scores and grades
adapter.ts Bridges engine reports to legacy ReadinessReport format
shadow.ts Shadow mode logging for comparison with legacy path

Changes to existing code

  • readiness.ts — adds optional shadow mode and engine field on ReadinessReport; refactors isConfigSourced tracking for clarity
  • utils/fs.ts — clarifies validateCachePath caller responsibilities in comment
  • README.md — documents new policy/ directory and links plugin authoring guide

Key design decisions

  • Shadow mode: The engine runs in parallel with the legacy path — no user-facing behavior changes until validated
  • Backward compatible: The engine field on ReadinessReport is optional, so existing CLI and VS Code extension consumers are unaffected
  • Security: Config-sourced policies remain restricted to JSON-only (no dynamic imports)
  • Error resilience: Plugin errors are caught per-stage and recorded as warnings without halting the pipeline

Testing

  • 7 new test files with comprehensive coverage
  • All 440 tests pass
  • Plugin authoring documentation in docs/plugins.md

feat: add plugin-based policy engine with shadow mode
e7f58d3 
Introduce a new plugin-based policy engine that runs alongside the
existing readiness system in shadow mode for safe validation.

New modules in src/services/policy/:
- types.ts: Signal, Recommendation, Grade, PolicyContext interfaces
- compiler.ts: compiles policy configs into executable plugin chains
- loader.ts: loads and validates plugin chains from policy sources
- engine.ts: executes plugins, computes scores and grades
- adapter.ts: bridges engine reports to legacy ReadinessReport format
- shadow.ts: shadow mode logging for comparison with legacy path

Changes to existing code:
- readiness.ts: adds optional 'shadow' mode and 'engine' field on
  ReadinessReport; refactors isConfigSourced tracking for clarity
- utils/fs.ts: clarifies validateCachePath caller responsibilities
- README.md: documents new policy/ directory and links plugin guide

Includes comprehensive test coverage (7 new test files, all 440 tests
pass) and plugin authoring documentation in docs/plugins.md.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@digitarald digitarald self-assigned this Feb 22, 2026
@digitarald digitarald merged commit 067e675 into main Feb 22, 2026
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@digitarald digitarald

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@digitarald