cqrenet/astral
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

2 Releases 7 Tags

RSS Feed
  • v1.3.1 2c41eaca44
    Compare

    ASTRAL v1.3.1 Stable

    tomas.kracmar released this 2026-04-23 19:31:10 +00:00 | 0 commits to main since this release

    What's Changed

    Fixes:

    • PR AI narrative compaction: keep AI inline when only deterministic table is bulky
    • Restore pipeline now triggers for abandoned rejected PRs (not just merged)
    • New filter to restore intermittently omitted macOS shell scripts from baseline

    Infrastructure:

    • Add Gitea release automation script

    Commits

    • feat(filter): restore intermittently omitted macOS shell scripts from baseline
    • fix(queue_post_merge_restore): handle abandoned rejected PRs, not just merged
    • fix(update_pr_review_summary): keep AI inline when only deterministic table is bulky
    • feat(deploy): add Gitea release automation script

    Full changelog: v1.3.0...v1.3.1

    Downloads
  • v1.3.0 2c41eaca44
    Compare

    ASTRAL v1.3.0 Stable

    tomas.kracmar released this 2026-04-21 20:21:43 +00:00 | 0 commits to main since this release

    What's Changed

    New features:

    • Azure Function App change probe for event-driven backup triggering
    • Debouncer state machine (idle -> armed -> cooldown) prevents backup storms
    • Audit-log polling for Intune and Entra changes via Microsoft Graph
    • Queue-based pipeline trigger via Azure DevOps REST API

    Fixes:

    • probe_timer schedule_status key case sensitivity (Last vs last)

    Commits

    • docs: add change probe README and update onboarding/RELEASE for event-driven architecture
    • fix(queue_consumer): correct _repo_root() path for Azure sandbox
    • fix(probe_timer): use capitalized 'Last' key for schedule_status
    • docs: replace 'safety net' terminology with daily snapshot and reports
    • docs: regenerate README and security package for Change Probe
    • docs: add Change Probe architecture to AGENTS.md and clean up artifacts
    • feat: ASTRAL Change Probe — event-driven backup trigger
    • feat: compact PR static intro and move reviewer guide to thread
    • feat: filter Intune formatting-only JSON drift (key reordering, unicode escapes)
    • 2026.04.17_22.03 -- CQRE_Astral_Backupper (Entra)
    • 2026.04.18_13.01 -- CQRE_Astral_Backupper
    • fix: detect compact deterministic summary in early-return skip check
    • feat: proactive PR description compaction with deterministic summary thread
    • fix: handle null PR fields and enrich HTTP 400 diagnostics
    • fix: treat all Intune files without resourceId as non-resource instead of throwing
    • fix: tolerate missing drift branch during git fetch in PR automation scripts
    • chore: add commented-out debug steps to all pipeline YAMLs
    • 2026.04.17_15.09 -- Tomáš Kráčmar (Entra)
    • fix: flatten PowerShell file arrays in Intune commit step and add debug logging
    • fix: replace remaining PRAGUE_NOW/PRAGUE_HOUR references with LOCAL_NOW/LOCAL_HOUR
    • Update azure-pipelines-review-sync.yml for Azure Pipelines
    • Update azure-pipelines-restore.yml for Azure Pipelines
    • Update azure-pipelines.yml for Azure Pipelines
    • chore: sanitize for open-source release and rename prod-backup to tenant-state
    • Upgrade IntuneCD to 2.5.0 and enable enriched documentation
    • fix(pyright): resolve possibly-unbound and None-to-int errors in update_pr_review_summary.py
    • fix: prevent AI narrative from downgrading app identity risk
    • refactor: extract shared utilities, add CI test job, and deduplicate pipeline variables
    • Use plain-text formatting for automated PR comments
    • 2026.04.10_22.02 -- CQRE_Intune_Backupper (Entra)
    • 2026.04.08_10.03 -- CQRE_Intune_Backupper
    • 2026.04.07_22.00 -- CQRE_Intune_Backupper (Entra)
    • Fix rolling PR churn and preserve full AI reviews
    • 2026.04.04_16.02 -- CQRE_Intune_Backupper
    • 2026.04.03_22.02 -- CQRE_Intune_Backupper (Entra)
    • Fix rolling PR suppression and AI summary truncation
    • Fix rolling PR suppression and AI summary truncation
    • 2026.04.02_09.03 -- CQRE_Intune_Backupper
    • 2026.04.01_15.02 -- tomas.kracmar
    • 2026.04.01_14.27 -- Tomáš Kráčmar (Entra)
    • Keep automated review summary in PR description
    • Fix doc artifact gating and PR summary fallback
    • Fix Entra drift backup start handling
    • Refresh ASTRAL security review docs
    • Fix Graph additional properties lookup in backup pipeline
    • Update documentation and sharing materials
    • Delay PR reviewer notifications until summary is ready
    • Correct backup permission documentation
    • Refine security documentation positioning
    • Add security review documentation
    • Restore drift change author attribution
    • 2026.03.22_23.01 -- CQRE_Intune_Backupper (Entra)
    • 2026.03.18_23.02 -- CQRE_Intune_Backupper (Entra)
    • Move PR summary above reviewer actions
    • Bump PR summary version for compact refresh
    • Keep PR compact summaries section-aware
    • 2026.03.18_07.01 -- CQRE_Intune_Backupper
    • 2026.03.14_23.01 -- CQRE_Intune_Backupper (Entra)
    • Refresh PR summaries when prompt version changes
    • Improve PR drift source classification
    • Run PR summary update on drift sync builds
    • 2026.03.12_23.03 -- CQRE_Intune_Backupper (Entra)
    • 2026.03.12_19.28 -- Tomáš Kráčmar
    • Queue selective Intune restore for rejected policy paths
    • Prefer rebase merge strategy for rolling PR completion
    • 2026.03.12_16.01 -- CQRE_Intune_Backupper
    • Apply reviewer /reject decisions (intune)
    • 2026.03.12_15.15 -- cqre-Intune-5db7c9e0-e5d6-4bed-84d7-add3531d5ef9, Tomáš Kráčmar
    • Handle GPT-5 temperature compatibility in AOAI requests
    • Handle GPT-5 token parameter compatibility for AOAI calls
    • Increase AI retry timeouts for compact and minimal summary passes
    • Add minimal AI retry path for summary generation
    • Retry AI summary with compact payload after timeout
    • Refresh PR summary when previous AI fallback marker exists
    • Retry Azure OpenAI PR summary calls on transient timeouts
    • Resolve invalid group assignment targets during restore
    • Sanitize assignment target payloads to drop non-Graph fields
    • Capture IntuneCD exit code via direct redirect instead of PIPESTATUS
    • Fix IntuneCD exit capture by disabling ERR trap around tee
    • Reduce restore log noise by disabling IntuneCD verbose output
    • Add restore script version marker and stronger IntuneCD failure dump
    • Fix restore pipeline YAML indentation and script placement
    • Add line-level error trap in restore bash step
    • Improve restore failure diagnostics for IntuneCD step
    • Handle list-root JSON during restore payload normalization
    • Treat baselineRef sentinel values as empty in restore pipeline
    • Fix restore update by stripping assignment display labels
    • Fix restore pipeline Python compatibility for selective scope
    • Fix assignment scope inference for exclusion target changes
    • Add selective historical policy restore mode
    • Harden restore triggers and add historical baseline restore
    • 2026.03.11_21.00 -- CQRE_Intune_Backupper
    • Guard Intune Settings Catalog partial-export noise
    • Revert "Intune config as-built 2026.03.11"
    • Revert "2026.03.11_14.01 -- CQRE_Intune_Backupper (Entra)"
    • Stop committing Intune markdown docs to drift branch
    • Intune config as-built 2026.03.11
    • 2026.03.11_15.19 -- Tomáš Kráčmar
    • 2026.03.11_15.01 -- CQRE_Intune_Backupper (Entra)
    • Enforce residual Entra enrichment-noise gate
    • Filter Entra enrichment-only drift before commit
    • Harden backup pipelines and suppress Entra/Intune PR churn
    • 2026.03.11_13.33 -- Tomáš Kráčmar (Entra)
    • 2026.03.11_13.01 -- CQRE_Intune_Backupper
    • 2026.03.11_13.01 -- CQRE_Intune_Backupper (Entra)
    • 2026.03.10_17.54 -- Tomáš Kráčmar (Entra)
    • 2026.03.10_17.45 -- Tomáš Kráčmar (Entra)
    • 2026.03.10_17.40 -- Tomáš Kráčmar (Entra)
    • 2026.03.10_17.33 -- Tomáš Kráčmar
    • 2026.03.10_17.01 -- CQRE_Intune_Backupper
    • 2026.03.10_17.00 -- CQRE_Intune_Backupper (Entra)
    • 2026.03.10_16.39 -- Tomáš Kráčmar (Entra)
    • 2026.03.10_16.01 -- CQRE_Intune_Backupper (Entra)
    • 2026.03.10_16.00 -- CQRE_Intune_Backupper
    • Suppress transient Entra resolution noise in reviewer comments
    • Use temp script snapshot before baseline checkout in backup jobs
    • Add queue-time forceFullRun parameter for mode validation
    • Harden backup modes and add output validation gates
    • Apply reviewer /reject decisions (intune)
    • Reduce Entra drift noise and scope review-change detection
    • 2026.03.10_11.01 -- CQRE_Intune_Backupper
    • Fix rejected rolling PR suppression and enable remediation by default
    • 2026.03.09_23.10 -- CQRE_Intune_Backupper (Entra)
    • 2026.03.09_21.04 -- CQRE_Intune_Backupper (Entra)
    • Enable AI summaries in review-sync pipeline
    • Work around IntuneCD payloadJson restore bug for app configurations
    • Stabilize restore: ignore stderr and auto-exclude DeviceManagementSettings
    • Fix restore: stop passing max-workers to IntuneCD
    • Treat none/null excludeCsv placeholders as empty
    • Omit empty excludeCsv when queueing restore pipeline
    • Queue restore with YAML templateParameters instead of queue-time vars
    • Document where to grant Queue builds for restore pipeline
    • Add remediation queue permission diagnostics for 403 failures
    • Apply reviewer /reject decisions (intune)
    • Set git identity before auto /reject commit
    • Apply /reject decisions from resolved ticket threads too
    • Handle unresolved ADO macro vars for remediation pipeline settings
    • 2026.03.09_14.18 -- Tomáš Kráčmar
    • Stop overriding restore pipeline ID with empty YAML default
    • Run review-sync schedule every 20 minutes
    • Batch scheduled runs to avoid overlap on single worker
    • 2026.03.09_11.28 -- Tomáš Kráčmar (Entra)
    • Stabilize Entra light exports and keep AI in compact PR summaries
    • Improve Entra PR summary 400 diagnostics and compact retry
    • Handle no-merge-base diffs and skip unset post-merge restore ID
    • Clarify reviewer actions in rolling PR description
    • Add fast review sync pipeline and restore permission validation
    • Auto-queue restore after merged PRs with /reject decisions
    • Add reject-vote remediation and per-policy /reject PR decisions
    • Add auto-remediation flow for rejected rolling drift PRs
    • 2026.03.08_23.03 -- CQRE_Intune_Backupper (Entra)
    • 2026.03.08_12.13 -- Tomáš Kráčmar
    • Include plain-language policy change in ticket threads
    • Let REQUIRE_CHANGE_TICKETS come from pipeline vars and debug before summary
    • Use only REQUIRE_CHANGE_TICKETS for thread gate
    • Add pipeline var dump for change-ticket thread debugging
    • Add debug tracing for change-ticket thread sync
    • Support CHANGE_NEEDED alias for auto ticket threads
    • Simplify ticket workflow to per-policy PR threads
    • Switch change ticket gate to PR thread workflow
    • Add optional per-file change ticket gate for rolling PRs
    • 2026.03.08_09.46 -- Tomáš Kráčmar
    • Add assignment scope heuristics to PR AI summary
    • Detect assignment filter changes in AI review summary
    • 2026.03.08_09.25 -- Tomáš Kráčmar (Entra)
    • Improve PR summary readability with markdown structure
    • Improve AI summary robustness and token budget tuning
    • Handle structured Azure OpenAI responses with safe narrative fallback
    • Improve semantic diff to show concrete setting transitions
    • Document hardened PR summary behavior and payload guard
    • Harden automated PR summary generation
    • 2026.03.07_09.02 -- CQRE_Intune_Backupper (Entra)
    • Make Entra markdown output deterministic
    • 2026.03.07_07.00 -- CQRE_Intune_Backupper (Entra)
    • Exclude doc and report files from PR risk summary parsing
    • 2026.03.06_21.01 -- CQRE_Intune_Backupper (Entra)
    • 2026.03.06_19.01 -- CQRE_Intune_Backupper
    • 2026.03.06_19.00 -- CQRE_Intune_Backupper (Entra)
    • Fix YAML condition syntax for PR summary refresh jobs
    • Run Intune and Entra PR summary refresh jobs independently
    • Optimize Entra exports and harden Azure OpenAI endpoint handling
    • feat: add Azure OpenAI precheck and better deployment diagnostics
    • chore: exclude report/doc artifacts from AI PR analysis
    • fix: improve AI deployment error and de-risk doc files in PR summary
    • feat: add automated PR change summary with optional Azure OpenAI
    • chore: exclude generated reports from drift commits
    • 2026.03.06_13.35 -- Tomáš Kráčmar (Entra)
    • 2026.03.06_13.30 -- Tomáš Kráčmar
    • fix: ignore placeholder files in author resolution step
    • chore: reset prod-backup to new intune/entra/reports layout
    • Ignore IntuneCD Assignment Report in author resolution
    • Hard-cut workload layout to intune/entra/reports
    • Add live Entra export progress logs and timeout guard
    • Fix drift branch prep step to ignore benign git stderr
    • Implement rolling drift PR workflow and restore pipeline
    • 2026.03.05_15.00 -- CQRE_Intune_Backupper
    • 2026.03.05_14.00 -- CQRE_Intune_Backupper
    • 2026.03.05_13.01 -- CQRE_Intune_Backupper
    • 2026.03.05_08.43 -- Tomáš Kráčmar
    • Improve Entra export GUID resolution status
    • 2026.03.05_07.00 -- CQRE_Intune_Backupper
    • Add reports inventories and rename report output path
    • 2026.03.04_22.00 -- CQRE_Intune_Backupper
    • Add Entra app registrations and enterprise apps export
    • Add Entra baseline export and M365 scope expansion roadmap
    • 2026.03.04_12.19 -- Tomáš Kráčmar
    • 2026.03.04_02.00 -- CQRE_Intune_Backupper
    • 2026.03.04_01.01 -- CQRE_Intune_Backupper
    • 2026.03.03_19.59 -- Tomáš Kráčmar
    • Resolve Conditional Access GUID references to display names
    • Run backup hourly and gate full docs/tag flow to midnight Prague
    • Intune config as-built 2026.03.03

    Full changelog: 2026.03.03_19.30...v1.3.0

    Downloads