inactiveUpdated Feb 18, 2026, 8:49 PM
Policy ID js75421mykn380v92z3vbjmaps81dwza
Mem-client dependency/security updates require smoke validation evidence. Scope: - Enforce when PR changes mem-client dependencies (`domains/frontend/mem-client/package.json`, lockfiles, patch files, build/runtime deps). Rules: 1) Include a short smoke-validation note for key flows/build after dependency or CVE-related updates. 2) Validation may be automated commands, manual smoke checks, or both. 3) Note any known residual risk if full coverage is not practical. Review behavior: - Return NOT APPROVED only when dependency/security updates have no credible smoke validation evidence. - Do not block pure metadata/version doc updates with no actual dependency changes.