Plugin
quality-gate-definition
Enforceable quality gates per pipeline stage (pre-commit / CI on PR / code review / security review / design review / build+sign+SBOM / staging / canary / prod / post-release) with per-gate spec (purpose, trigger, objective criteria, fail-closed behavior, automation, named reviewer, timeouts, waiver with expiry, evidence for audit). Risk-profile-aware tightening. Waiver process + volume review. Metrics (pass rate / time-in-gate / waivers / escapes / flakes). Distinct from DoR/DoD (gates are machinery; DoR/DoD are commitments).