release: v2.2.0 — ESRP compliance, configurable security policies, hardening #11
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # AI-powered breaking change detector for the agent-governance-toolkit. | |
| # Critical for published PyPI packages — detects removed/renamed public APIs, | |
| # changed function signatures, modified exports in __init__.py, and changed | |
| # exception types. Posts findings as a PR comment with severity ratings. | |
| name: AI Breaking Change Detector | |
| on: | |
| pull_request_target: | |
| types: [opened, synchronize, reopened] | |
| branches: [main] | |
| paths: | |
| - "packages/*/src/**" | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| models: read | |
| jobs: | |
| detect-breaking-changes: | |
| name: API Compatibility Check | |
| runs-on: ubuntu-latest | |
| if: >- | |
| github.event.pull_request.draft == false && | |
| github.actor != 'dependabot[bot]' | |
| continue-on-error: true | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| fetch-depth: 0 | |
| - name: Run breaking change analysis | |
| uses: ./.github/actions/ai-agent-runner | |
| with: | |
| agent-type: breaking-change-detector | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| model: gpt-4o | |
| fallback-model: gpt-4o-mini | |
| max-tokens: "4000" | |
| context-mode: pr-diff | |
| output-mode: pr-comment | |
| custom-instructions: | | |
| You are an API compatibility analyzer for microsoft/agent-governance-toolkit. | |
| These packages are published to PyPI — breaking changes affect downstream users. | |
| Analyze the diff for: | |
| 1. **🔴 Removed/renamed** public functions, classes, or methods | |
| 2. **🔴 Changed function signatures** — removed params, changed types, new required params | |
| 3. **🔴 Removed/changed exports** in `__init__.py` files | |
| 4. **🔴 Changed exception types** — different exceptions raised | |
| 5. **🟡 Changed default values** — may alter existing behavior | |
| 6. **🟡 Changed return types** — may break callers | |
| 7. **🔵 New public API** — not breaking, but should be documented | |
| Classification: | |
| - 🔴 **BREAKING** — will break existing code | |
| - 🟡 **POTENTIALLY BREAKING** — may break depending on usage | |
| - 🔵 **ADDITIVE** — new API, not breaking | |
| If NO breaking changes found, say so clearly with ✅. | |
| Format: | |
| ## 🔍 API Compatibility Report | |
| ### Summary | |
| (brief overall assessment) | |
| ### Findings | |
| | Severity | Package | Change | Impact | | |
| |----------|---------|--------|--------| | |
| | 🔴 | agent-os | `PolicyEngine.evaluate()` removed `strict` param | Callers using `strict=True` will fail | | |
| ### Migration Guide | |
| (if breaking changes found, suggest migration steps) |