Every team I've been on has cobbled together some sort of combination of GitHub branch protections and custom scripts to make sure that PRs conform to organization policies and best practices.

Things like:

- When {X} file is changed, require review from team {Y}

- When a new db migration is added, ensure that a special set of tests pass

- Require multiple approvals when the PR is very large

- Add a special label to PRs that include breaking changes

- Allow emergencies / hotfixes to break glass and bypass all of the above

Most teams tend to start out with a little script running in GitHub actions to enforce all of these policies but it tends to get out of hand and become hard to maintain. PRs that should require scrutiny slip through the cracks, and others that should be allowed through are unnecessarily blocked.

That's why I made GitGuard (https://gitguard.dev/)

GitGuard lets you write and maintain these policies in a custom DSL so simple it looks like pseudocode. The policies are checked on every single PR nearly instantly (no need to wait for a GitHub actions runner) and the results are reported in plain english.

Right now policies can make simple assertions about PR metadata and take some stateful actions (adding labels, requesting review) but I'd love to hear more from HN about how GitGuard could be even more useful.