From ba0bc06e652ce3737716162e19f2cd94ad131de6 Mon Sep 17 00:00:00 2001 From: Conal <33135619+Conalh@users.noreply.github.com> Date: Fri, 22 May 2026 09:17:02 -0700 Subject: [PATCH] Scrub remaining commercial-tier framing from public docs and templates PolicyMesh is a free local-only OSS Action. The 'paid team layer' / 'hosted SaaS' framing was an internal prompting lever; this removes the last public mentions. docs/TEAM_PILOT.md: opening sentence and 'Paid-Layer Signals' section rewritten to neutral team-feedback framing. The guide still walks teams through a concrete multi-repo trial path; the framing is just 'team workflow gaps worth reporting' instead of 'paid-layer validation'. .github/ISSUE_TEMPLATE/team-validation.yml: 'Paid-layer signal' field renamed to 'Team workflow gap' with neutralized description. 39/39 tests still passing. --- .github/ISSUE_TEMPLATE/team-validation.yml | 6 +++--- docs/TEAM_PILOT.md | 12 +++++------- test/workflow.test.mjs | 2 +- 3 files changed, 9 insertions(+), 11 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/team-validation.yml b/.github/ISSUE_TEMPLATE/team-validation.yml index 9400ed7..6f1e777 100644 --- a/.github/ISSUE_TEMPLATE/team-validation.yml +++ b/.github/ISSUE_TEMPLATE/team-validation.yml @@ -90,10 +90,10 @@ body: validations: required: true - type: textarea - id: paid-layer-signal + id: team-workflow-gap attributes: - label: Paid-layer signal - description: What would make a paid team layer worth validating before any SaaS is built? + label: Team workflow gap + description: What team-level capability would help most that the single-repo Action doesn't cover today? placeholder: "Example: org-wide baseline files, cross-repo reporting, severity policy, audit exports, team exceptions, Slack summary." validations: required: true diff --git a/docs/TEAM_PILOT.md b/docs/TEAM_PILOT.md index 10beee7..4395b51 100644 --- a/docs/TEAM_PILOT.md +++ b/docs/TEAM_PILOT.md @@ -1,6 +1,6 @@ # PolicyMesh Team Pilot -Use this when a team wants to validate whether the free GitHub Action is enough before any paid team layer or hosted SaaS work is built. +Use this when a team wants to try PolicyMesh across multiple repositories and report back on whether the Action covers the team's real workflow needs. ## Pilot Setup @@ -38,18 +38,16 @@ For each repository, record: - Whether each warning is actionable, noisy, or missing important context. - Whether advisory mode is enough or a stricter `fail-on` threshold would be used after tuning. -## Paid-Layer Signals +## Team Workflow Gaps Worth Reporting -Do not treat a single warning as paid-layer validation. Paid-layer work needs repeated team needs that the free Action and repo-local workflow config cannot solve. - -Useful validation signals include: +Single warnings rarely tell the whole story. The shape of team feedback most worth surfacing: - shared baselines or defaults that multiple repositories should inherit; - central severity policy that cannot be managed in each repo workflow; - exception ownership, expiry, approval, or review history; -- cross-repo reports, audit exports, or dashboard/API needs; +- cross-repo reports or audit exports; - a blocker that prevents trying PolicyMesh in pull requests even with `fail-on: none`. ## Report Back -Open a [team validation signal](https://github.com/Conalh/PolicyMesh/issues/new?template=team-validation.yml) with the repository count, active surfaces, finding patterns, and any paid-layer need. The paid-layer tracker remains [issue #5](https://github.com/Conalh/PolicyMesh/issues/5). +Open a [team feedback form](https://github.com/Conalh/PolicyMesh/issues/new?template=team-validation.yml) with the repository count, active surfaces, finding patterns, and any team-workflow gap. diff --git a/test/workflow.test.mjs b/test/workflow.test.mjs index 76ca6fc..f420684 100644 --- a/test/workflow.test.mjs +++ b/test/workflow.test.mjs @@ -108,7 +108,7 @@ test('issue templates collect detector and team validation feedback', async () = assert.match(teamValidation, /Exception workflow need/); assert.match(teamValidation, /Reporting or export need/); assert.match(teamValidation, /Team workflow/); - assert.match(teamValidation, /Paid-layer signal/); + assert.match(teamValidation, /Team workflow gap/); assert.match(teamPilot, /Conalh\/PolicyMesh@v0\.1\.18/); assert.match(teamPilot, /Run across at least two repositories/); assert.match(teamPilot, /Finding counts by severity/);