GSD Core – CI Guard & Test Scope Matrix

Why Choose Our Online CI Guard & Test Scope Matrix Tool?

In 2026, continuous integration pipelines have become the backbone of every serious open-source and enterprise project. The GSD Core CI Guard & Test Scope Matrix is a browser-based, zero-install utility that replicates the exact logic used by the @opengsd/gsd-core monorepo to enforce runner environment policies, select affected tests, validate changeset fragments, audit workflow shell policies, and check dependency integrity — all without touching a terminal.

How the underlying algorithm works: The tool ingests a list of changed file paths (simulating a git diff --name-only output) and optional PR labels. It then runs six independent, pure-JavaScript analysis modules directly in your browser:

• Runner Environment Guard – asserts that RUNNER_ENVIRONMENT equals github-hosted, mirroring the ci-guard-runner.cjs script.
• Changeset Lint – evaluates whether a .changeset/*.md fragment is present, or an opt-out label (no-changelog) is applied, or no user-facing files were touched. Uses the exact evaluateLint() pure function from the original lint.cjs.
• Docs-Required Lint – checks if any changed fragment has a type of Added, Changed, Deprecated, or Removed and whether a docs/ file was updated or an exemption marker exists.
• Affected Test Selection – simulates the pickAffectedTests() algorithm: directly changed test files, reverse-index transitive dependents, and stem-based heuristics. Detects orphan source files and triggers a widen to full PR suites.
• Workflow Shell Policy Audit – validates that every run: step in a workflow uses the correct native shell per runner OS (bash on Ubuntu, zsh on macOS, pwsh on Windows), exactly as workflow-policy.cjs enforces.
• Dependency Integrity – parses a simulated package-lock.json and flags INVALID, MISSING, and EXTRANEOUS packages, replicating check-npm-integrity.cjs.

FAQ: Q: Do I need to install Node.js or any dependencies? A: No. Everything runs client-side in your browser. Q: Can I use this for my own GitHub repo? A: Yes — just paste your changed file paths and labels. The logic is generic. Q: Does it support Windows paths? A: Yes, all path comparisons normalize to POSIX forward slashes.

3 key advantages over similar tools: (1) Identity-based ratchet – unlike simple count ratchets, our allowlist checks enforce that every individual offender is tracked by name, preventing silent regressions. (2) Zero shell dependency – all checks run in pure JavaScript, making them portable across bash, PowerShell, and cmd.exe. (3) Deterministic test selection – the transitive reverse index ensures that changing a deep utility file correctly selects every dependent test, eliminating the blind spots of glob-based or stem-only matchers.

Use this tool to preview CI gate outcomes before pushing, debug test selection logic, or audit your workflow shell policies — all from a single, self-contained HTML page.