Skip to content
TruthVouch Docs

Policy Versioning

Version Control

Every change to a policy creates a new version. View version history:

  1. Go to GovernancePolicies → [Policy]
  2. Click Versions tab
  3. See all versions with timestamps and author

Example:

Version 1.2 (Current, Deployed)
  Author: john@company.com
  Deployed: Mar 15, 2025 10:30 UTC
  Changes: Increased token threshold from 10K to 15K


Version 1.1 (Previous)
  Author: sarah@company.com
  Deployed: Mar 10, 2025 14:20 UTC
  Changes: Added PII check for emails


Version 1.0 (Initial)
  Author: jane@company.com
  Deployed: Mar 1, 2025 09:00 UTC
  Changes: Original policy creation

Comparing Versions

See what changed between versions:

  1. Click Versions → Select two versions
  2. View Diff: 
    - OLD: entity_types: ["ssn", "email"]
    + NEW: entity_types: ["ssn", "email", "phone"]
    

    - OLD: confidence_threshold: 0.95
    + NEW: confidence_threshold: 0.85

Rollback to Previous Version

Revert to an earlier version:

  1. Go to Versions
  2. Find version to revert to
  3. Click Rollback
  4. Confirm you want to revert
  5. New version created with previous content
  6. Policy updated immediately

Example Rollback Scenario:

Deployed Version 2.0 (has bugs)
  
  User reports false positives
  
  Click Rollback to Version 1.5
  
  Version 1.5 re-deployed as 2.1
  
  Production stable again

Version Naming

Auto-generated semantic versioning:

  • Major (X.0.0): Significant logic change (e.g., from block to warn)
  • Minor (X.Y.0): Configuration change (e.g., threshold adjustment)
  • Patch (X.Y.Z): Bug fix (e.g., regex correction)

Examples:

1.0.0 → Initial release
1.1.0 → Add new check type
1.1.1 → Fix regex typo
2.0.0 → Change from allowlist to blocklist

Deployment History

See which versions are deployed:

Version 2.1 (Prod)
  Deployed to: Production
  Status: Active
  Coverage: 100% of users


Version 1.5 (Staging)
  Deployed to: Staging
  Status: Active
  Coverage: 10% of production traffic


Version 2.0 (Rollback)
  Deployed to: None
  Status: Inactive
  Reason: Rollback due to false positives

Conditional Deployment

Deploy different versions to different groups:

Version 2.0 → 10% of users (canary)
            → Monitor for 24 hours
            → If good: 100%
            → If bad: Rollback


Version 1.5 → 90% of users (stable)
            → Continue running

Audit Trail for Versions

Every change tracked:

Mar 15, 10:30 - sarah deployed version 1.2
  Change: Confidence threshold 0.95 → 0.85
  Reason: Too many false negatives
  Approvals: john, jane


Mar 10, 14:20 - john deployed version 1.1
  Change: Added email pattern check
  Reason: User privacy concern
  Approvals: jane


Mar 1, 09:00 - jane deployed version 1.0
  Change: Initial policy
  Reason: PII protection requirement
  Approvals: cto

Retention & Cleanup

Old versions kept for audit trail:

Retention:

  • Keep versions: Indefinite by default
  • Soft delete: Mark as deleted but keep history
  • Hard delete: After 1 year (configurable)

Cleanup:

Go to Settings → Governance → Version Retention
Set: Keep versions for 2 years
Auto-delete after: Yes

API Version Access

Terminal window
# List all versions
curl http://localhost:5000/api/v1/governance/policies/123/versions \
  -H "Authorization: Bearer $TOKEN"


# Get specific version
curl http://localhost:5000/api/v1/governance/policies/123/versions/1.2 \
  -H "Authorization: Bearer $TOKEN"


# Rollback to version
curl -X POST http://localhost:5000/api/v1/governance/policies/123/rollback \
  -H "Authorization: Bearer $TOKEN" \
  -d '{"version": "1.0"}'