updating package version

Author: RkSinghDeo

devolv/__init__.py

@@ -1,2 +1,2 @@
-__version__ = "0.2.26"
+__version__ = "0.2.27"
 

devolv/drift/cli.py

@@ -4,6 +4,7 @@
 import boto3
 import typer
 from github import Github
+from datetime import datetime
 
 from devolv.drift.aws_fetcher import (
     get_aws_policy_document,
@@ -46,13 +47,16 @@ def detect_drift(local_doc, aws_doc) -> bool:
 
     if missing_in_local:
         typer.echo("❌ Drift detected: Local is missing permissions present in AWS.")
-        for stmt in missing_in_local:
-            typer.echo(stmt)
+        # No need to print each JSON line — rich diff will handle details
         return True
 
     typer.echo("✅ No removal drift detected (local may have extra permissions; that's fine).")
     return False
 
+
+    typer.echo("✅ No removal drift detected (local may have extra permissions; that's fine).")
+    return False
+
 @app.command()
 def drift(
     policy_name: str = typer.Option(..., "--policy-name", help="Name of the IAM policy"),
@@ -137,9 +141,13 @@ def _update_local_and_create_pr(doc, policy_file, repo_full_name, policy_name, i
     with open(policy_file, "w") as f:
         f.write(new_content)
 
+    timestamp = datetime.utcnow().strftime("%Y%m%d-%H%M%S")
     branch = (
-        f"{description.replace(' ', '-').replace('+', 'plus').replace('/', '-')}-policy-{policy_name}"
-        .strip("-")
+        f"drift-sync-{policy_name}-{timestamp}"
+        .replace(' ', '-')
+        .replace('+', 'plus')
+        .replace('/', '-')
+        .strip('-')
         .lower()
     )
 

devolv/drift/report.py

@@ -2,7 +2,7 @@
 import difflib
 from rich.console import Console
 from rich.text import Text
-
+import typer
 def clean_policy(policy):
     """
     Remove empty statements ({} entries) from the policy's 'Statement' list.
@@ -13,21 +13,21 @@ def clean_policy(policy):
             policy["Statement"] = [s for s in statements if s]
     return policy
 
-def detect_drift(local_doc: dict, aws_doc: dict) -> bool:
-    """
-    Detect if the local policy would remove permissions from the AWS policy.
-    Returns True if drift is detected, False otherwise.
-    """
-    local_doc = clean_policy(local_doc)
-    aws_doc = clean_policy(aws_doc)
+def detect_drift(local_doc, aws_doc) -> bool:
+    """Detect removal drift: AWS has permissions missing from local (danger)."""
+    local_statements = {json.dumps(s, sort_keys=True) for s in local_doc.get("Statement", [])}
+    aws_statements = {json.dumps(s, sort_keys=True) for s in aws_doc.get("Statement", [])}
+
+    missing_in_local = aws_statements - local_statements
 
-    local_statements = local_doc.get("Statement", [])
-    aws_statements = aws_doc.get("Statement", [])
+    if missing_in_local:
+        typer.echo("❌ Drift detected: Local is missing permissions present in AWS.")
+        # No need to print each JSON line — rich diff will handle details
+        return True
 
-    # Check if any AWS statement is missing in local (i.e., local would remove something)
-    missing_in_local = [stmt for stmt in aws_statements if stmt not in local_statements]
+    typer.echo("✅ No removal drift detected (local may have extra permissions; that's fine).")
+    return False
 
-    return bool(missing_in_local)
 
 def generate_diff_lines(local_doc: dict, aws_doc: dict):
     """