Skip to content

Fix PoliCheck non-inclusive language findings#580

Merged
nmetulev merged 4 commits into
mainfrom
chiaramooney/policheck-fixes
Jun 17, 2026
Merged

Fix PoliCheck non-inclusive language findings#580
nmetulev merged 4 commits into
mainfrom
chiaramooney/policheck-fixes

Conversation

@chiaramooney

@chiaramooney chiaramooney commented Jun 16, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Summary

Resolves SEV1 and SEV2 PoliCheck compliance findings for inclusive language.

Changes

  • .github/workflows/post-metrics-comment.yml: whitelist to allowlist
  • .github/skills/pr-review/SKILL.md: origin/master / master to origin/main
  • src/winapp-CLI/WinApp.Cli/Services/MsixService.cs: Sanity check to Validation check
  • src/winapp-CLI/WinApp.Cli.Tests/GetWinappPathCommandTests.cs: Sanity check to Precondition check

Excluded (false positives / exceptions)

  • CIEnvironmentDetectorForTelemetry.cs: third-party Jenkins URL containing master (external reference)
  • DotNetServiceTests.cs / BaseCommandTests.cs: dummy in test utilities (excluded per policy: test files not shipped)

Compliance

ADO: https://microsoft.visualstudio.com/os/_workitems/edit/62727007

@chiaramooney
Fix PoliCheck non-inclusive language findings
30ab7e2 
- Replace 'whitelist' with 'allowlist' in post-metrics-comment.yml
- Replace 'master' with 'main' in pr-review SKILL.md
- Replace 'Sanity check' with 'Validation check' in MsixService.cs
- Replace 'Sanity check' with 'Precondition check' in test code

Resolves SEV1 and SEV2 PoliCheck compliance findings.
ADO: https://microsoft.visualstudio.com/os/_workitems/edit/62727007

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Copilot AI review requested due to automatic review settings June 16, 2026 17:00
Copilot AI reviewed Jun 16, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates a small set of comments/docs/strings to address PoliCheck SEV1/SEV2 inclusive language findings across GitHub workflow content, PR-review skill guidance, and CLI/test wording.

Changes:

  • Replaces “whitelist” terminology with “allowlist” in a workflow security-model comment.
  • Updates “Sanity check” wording to “Validation check” / “Precondition check” in CLI service and tests.
  • Edits the pr-review skill’s base-branch guidance to remove master wording (but currently introduces an internal inconsistency; see comment).

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

File Description
.github/workflows/post-metrics-comment.yml Inclusive-language tweak in a security-model comment (“allowlist”).
.github/skills/pr-review/SKILL.md Inclusive-language update to branch-name guidance (needs a functional fallback adjustment).
src/winapp-CLI/WinApp.Cli/Services/MsixService.cs Renames a comment from “Sanity check” to “Validation check”.
src/winapp-CLI/WinApp.Cli.Tests/GetWinappPathCommandTests.cs Updates an assertion message to “Precondition check”.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread .github/skills/pr-review/SKILL.md
@chiaramooney
Use origin/HEAD as fallback instead of duplicating origin/main
45f215e 
The previous fix replaced origin/master with origin/main, creating a
duplicate. Use origin/HEAD which resolves to whatever the remote default
branch is, providing a functional fallback.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@github-actions

github-actions Bot commented Jun 16, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Build Metrics Report

Binary Sizes

Artifact Baseline Current Delta
CLI (ARM64) 31.49 MB 31.49 MB 📈 +0.5 KB (+0.00%)
CLI (x64) 31.82 MB 31.83 MB 📈 +0.5 KB (+0.00%)
MSIX (ARM64) 13.23 MB 13.23 MB 📉 -0.2 KB (-0.00%)
MSIX (x64) 14.05 MB 14.05 MB 📈 +0.3 KB (+0.00%)
NPM Package 27.52 MB 27.52 MB 📈 +0.6 KB (+0.00%)
NuGet Package 27.62 MB 27.62 MB 📉 -0.0 KB (-0.00%)
VS Code Extension 20.34 MB 20.34 MB 📈 +0.6 KB (+0.00%)

Test Results

1198 passed, 1 skipped out of 1199 tests in 404.8s (-21.4s vs. baseline)

Test Coverage

17.3% line coverage, 36.3% branch coverage · ✅ no change vs. baseline

CLI Startup Time

43ms median (x64, winapp --version) · ✅ no change vs. baseline

Updated 2026-06-17 01:46:21 UTC · commit eb9b6bf · workflow run

@chiaramooney
Enable PoliCheck in ADO pipelines
2b4a29a 
Add PoliCheck SDL scanning to CI and release pipelines via 1ES
Pipeline Template sdl parameters. Configured to break on Warning
severity to catch SEV1 and SEV2 inclusive language violations.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@chiaramooney chiaramooney requested a review from nmetulev June 16, 2026 21:37
@nmetulev nmetulev merged commit c5705fc into main Jun 17, 2026
22 checks passed
@nmetulev nmetulev deleted the chiaramooney/policheck-fixes branch June 17, 2026 18:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@nmetulev nmetulev nmetulev approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@chiaramooney @nmetulev @zateutsch