Shift from passive documentation to active enforcement

4•iamalizaidi•1h ago

Hey everyone,

If you work on a scaling codebase, you know the struggle of keeping architectural context alive. Senior engineers make important decisions about how the code should be structured, but new hires often don't know that context exists and end up accidentally breaking critical systems.

To fix this, I built Decision Guardian. It is an open-source tool (running as a GitHub Action or local CLI) that shifts teams from passive documentation to active enforcement. What it exactly does: Instead of hoping developers read an external wiki, you document your architectural decisions in a simple Markdown file in your repository (e.g., .decispher/decisions.md). You map these decisions to specific files using glob patterns or advanced JSON rules (like regex or line-ranges).

When a developer opens a Pull Request that modifies those protected files, Decision Guardian automatically drops a structured comment directly into the code review, giving them the exact context and checklist they need before they merge.

Here is a real-world example of how it works:

Let's say your team has a strict rule about not breaking public API contracts.

The Setup: In your decisions.md file, you create a decision called DECISION-API-001: Public API Contract Protection and map it to the file pattern src/api/v1/*/*.ts.

The Trigger: A new developer submits a Pull Request that modifies src/api/v1/users.ts to change how a payload is formatted.

The Action: Decision Guardian instantly detects the match and posts a "Warning" comment on the PR stating: "Changes to v1 API routes affect external clients. Before merging: Update API documentation, notify integration partners, and consider a deprecation path".

Key Features:

You can categorize decisions by severity (Info, Warning, Critical).

If a developer violates a "Critical" decision, you can configure the tool to automatically fail the PR status check, preventing them from merging without approval. It runs entirely locally or in your CI/CD pipeline, guaranteeing your source code never leaves your repository. It essentially acts as an automated guardrail, telling your developers why a piece of code is sensitive the exact moment they try to change it.

You can check out the repo here: https://github.com/DecispherHQ/decision-guardian

Comments

btrettel•1h ago

Nice work. I made a similar (but much less capable) Python script [1] for my own use before and I can say that a tool like this is useful to keep the docs in sync with the code.

My script only detects whether a checksum for a segment of code doesn't match, using directives placed in the code (not a separate file as you've done). For example:

    #tripwire$ begin 094359D3 Update docs section blah if necessary.
    [...]
    #tripwire$ end

Also, my script knows nothing about pull requests and is basically a linter. So it's definitely not as capable.

[1] https://github.com/btrettel/flt/blob/main/py/tripwire.py

***

Edit: I just checked my notes. I might have got the idea for my script from this earlier Hacker News comment: https://news.ycombinator.com/item?id=25423514

DIY Ion-Exchange Membranes from Hardware Store Items [video]

Show HN: AxKeyStore – Zero-trust CLI secrets manager using your own GitHub repo

Trapped in MS Office

Show HN: Meet Alfonso: My OpenClaw Put on Public Discord

Show HN: Adversarial AI agents that debate and verify travel itineraries

CISA replaces acting director after a bumbling year on the job

Show HN: Yoagent – Build a coding agent CLI in 260 lines of Rust

How I Built a 'Journalist' AI Agent in VS Code to Replace Me

Ollama 0.17 ships native OpenClaw integration – security implications

The Air Force's new ICBM is nearly ready to fly, but there's nowhere to put it

Why Tehran's Two-Tiered Internet Is So Dangerous

Show HN: DiskFree – Find what's blocking your macOS disk and eject it

Skip drip emails when recipient has replied in Gmail

California vet clinic warns of AI scam targeting lost dogs

Externalizing Developers' Intuition as Code

Synchronized MIMD Computing [pdf]

Ask HN: Which nickname will President Trump choose for Claude?

LXD 6.7 Released with AMD GPU Passthrough Support

Edge Case Poisoning

Gnome GitLab Redirecting Some Git Traffic to GitHub for Reducing Costs

Federal panel behind cancer screening recommendations hasn't met in one year

Programmers on the Verge of Extinction

$500K exit approved for Bay Area CEO days before harassment findings surface

Heart attack deaths are rising in young adults. Here's why

Show HN: Lneto – IEEE802.3/IP/TCP/HTTP in 8kB of RAM in Go

Ask HN: 2026, where is the best place in the world to create a startup?

A tool to launch your OpenClaw in just 1 minute

OpenAI is negotiating a deal with The Pentagon

Statement on the comments from Secretary of War Pete Hegseth

Super Editor – Atomic file editor with automatic backups (Python and Go)