Risk ≤ 35 · Test integrity ≥ 85 · CI passing · no policy violation.
Low risk, healthy test integrity, no blocking signals.
Product · Release Risk Control System
A release decision support system — not a release agent.
Dulvarn turns pull request metadata, changed files, CI results, test impact and repository policy into one reviewable release decision. AI explains risk. Humans make the final release decision.
Every release gets a decision — GO, CONDITIONAL GO or NO-GO — with a recommended test scope, a release report and an audit log.
Human-controlled decisions·GitHub-first workflow·Auditable by design
northwind/checkout-service·#1284
live analysis68Risk score
CONDITIONAL GO
ScopePartial NRT
Release decision · RD-2148
Refactor coupon stacking + idempotent payment retries
@m.kovac·12m ago·CI passing
Test integrity74/100
Coverage on changed areas
Code risk68/100
Payment retry hotspot
Changed areas
checkoutcartauthpayment cfg
Human decisionPending review
Open decisionLive decision example · representative data
Workflow
From input signals to a reviewable release decision
Every signal is captured. Every decision has a reason. Humans stay in control of what ships.
Product diagram
How signals become a release decision
Inputs
PR metadata
Changed files
CI signals
Test results
Repository settings
Test impact
Evaluation
Risk analysis
Test integrity evaluation
Release policy evaluation
Drift / coverage gaps
Outputs
GOCONDITIONAL GONO-GORecommended scopeRelease reportAudit log
Important: Dulvarn is a release decision support system. It does not make the final release call — every decision is reviewable, every override is logged.
Modules
Four modules. One release decision.
PR risk analysis, the release decision engine, test scope recommendation and the human decision layer — each grounded in real PR, CI and QA signals.
PR Risk Analysis
See what changed and where the risk actually is.
Dulvarn parses the diff, identifies changed areas, hotspots and historical regressions. Risk is grounded in real files — not vague AI summaries.
- Diff parsing for files, areas and hotspots
- Historical regression heatmap per area
- Risk level on every PR (low / medium / high / critical)
- Linked to file paths — fully auditable
checkout-service · #1284medium risk
src/checkout/coupon-stack.ts
@@ -42,7 +42,15 @@
- if (couponA && couponB) applyBoth(...)
+ if (canStack(couponA, couponB)) {
+ applyOrdered(couponA, couponB)
+ }
src/payments/retry-policy.ts
@@ -88,3 +88,10 @@
+ retry({ idempotencyKey, attempts: 3 })
Files
14
3 hot
Lines
+669 / -218
Areas
4
1 high risk
Hotspots
2
payment, coupon
Release Decision Engine
GO, CONDITIONAL GO or NO‑GO — with a reason.
Risk, test integrity, CI signals and your repository policy combine into one decision. Posted as a GitHub status check with the rationale attached.
- Three discrete states — no ambiguous scores
- Threshold-driven, repository-policy aware
- Posted as a GitHub status check on every PR
- Rationale stored alongside the decision — never hidden
release-guard / decisionpolicy-evaluated
GO
Risk ≤ 35 · Test integrity ≥ 85
CONDITIONAL GO
Risk 36–70 or coverage gap
NO-GO
Risk > 70 or critical gap
Active rule
risk_score (68) ≤ 70 AND coverage_gap on payment.retry → CONDITIONAL GO
Test Scope Recommendation
Know whether Smoke, Partial NRT or Full NRT is enough.
Test scope is the most expensive ambiguity in QA. Dulvarn answers it for every change — with the impacted suites and the gaps.
- Maps changed areas to existing test suites
- Flags missing coverage on impacted paths
- Suggests focused exploratory checks
- Surfaces drift on selectors and APIs
recommended scopePartial NRT
| Area | Smoke | Partial | Full | Gap |
|---|---|---|---|---|
| checkout | ● | ● | ○ | — |
| cart | ● | ● | ○ | — |
| payment cfg | ● | ● | ● | ⚠ |
| auth | ● | ○ | ○ | — |
Partial NRT recommended — checkout and payment retry logic changed while impacted regression coverage is incomplete.
Human Decision Layer
The final release call always belongs to a person.
Approve, keep conditional, mark NO-GO or override — every action requires a reason. Decision history is permanent.
- Override requires a written reason
- Role-aware (QA Lead, Release Manager)
- Full audit trail of every override
- PR comment posted automatically
human decision · RD-2148
Override reason · required
“Coupon stacking is feature-flagged off. Approved for staging only — full NRT before prod.”
j.harlan · QA Lead
Decision engine
Three discrete states. Every one with a reason.
Dulvarn converts risk signals, test integrity and your repository policy into a single decision. Status colors match the dashboard: green, amber, red.
Risk 36–70 or a coverage gap on an impacted path.
Medium risk or incomplete coverage. Human review and override reason required.
Risk > 70, failing CI, critical coverage gap or policy violation.
Blocking signals present. Merge guarded until resolved or overridden.
Dulvarn supports the release decision. Your team owns it. Every override is logged with a reason and a role.
Test scope
Know what to test before the release.
Not every risky change needs full regression. Dulvarn recommends Smoke, Partial NRT or Full NRT — with the impacted suites and the gaps.
Smoke
availableFor low-risk changes and basic release confidence.
Fast. Verifies critical happy paths only.
Partial NRT
recommendedFor medium-risk changes touching critical flows.
Scoped regression around the impacted areas.
Full NRT
not neededFor high-risk releases, broad changes or low test integrity.
Full regression suite. Highest confidence.
Example recommendation
For PR #1284, Dulvarn recommends Partial NRT — checkout and payment retry logic changed while impacted regression coverage is incomplete.
recommended scopePartial NRT
| Area | Smoke | Partial | Full | Gap |
|---|---|---|---|---|
| checkout | ● | ● | ○ | — |
| cart | ● | ● | ○ | — |
| payment cfg | ● | ● | ● | ⚠ |
| auth | ● | ○ | ○ | — |
Partial NRT recommended — checkout and payment retry logic changed while impacted regression coverage is incomplete.
Human decision layer
Humans stay in control.
Dulvarn is built for teams where QA leads, release managers and engineering leads own the release. AI analysis is supporting evidence — not final authority.
- AI explains risk.
- Humans make the final release decision.
- Every override requires a reason.
- Every decision is logged.
Designed around QA leads · release managers · tech leads — the people who already own the release decision today.
human decision · RD-2148
Override reason · required
“Coupon stacking is feature-flagged off. Approved for staging only — full NRT before prod.”
j.harlan · QA Lead
GitHub integration
Lives inside the workflow your team already has.
Dulvarn runs as a GitHub App. It reads PR metadata and CI signals, posts status checks and comments with the release decision, and retains an audit history per repository.
GitHub App
Install on selected repos. Read-only on code, writes status checks and PR comments.
PR analysis
Triggered on pull request events — diff, changed areas, hotspots and CI signals.
PR comments
Decision rationale, recommended scope and signals posted as a structured PR comment.
Status checks
GO / CONDITIONAL GO / NO-GO posted on every PR — blocks merge on NO-GO when policy enables it.
Repository policy
Required checks, release rules and thresholds configured per repository.
Audit history
Every decision, override and signal retained per repository — fully traceable.
Designed for GitHub-first workflows · production-ready integration shipping during founder-led beta.
Founder-led beta
Review your release decision workflow with Dulvarn.
Dulvarn is currently being tested with a small number of QA and engineering teams that want better release risk visibility and clearer release decisions. Limited slots, hands-on onboarding.
- Designed for
- QA leads · release managers · tech leads
- Built around
- GitHub PR and status-check workflows
- Decisions
- GO · CONDITIONAL GO · NO-GO with reasons
- Control
- Humans approve, override and own the call
Every override is logged · audit trail enabled · no fake autopilot.