Code Review for OWASP Top 10

Develop secure applications by implementing a human code review process to catch the most common security mistakes.

Automate Assignment

Write the rules for who should review and when, and PullApprove will automate it.

Improve Your Codebase

Use precise reviewer selection to add context to the change and improve code over time.

Native Integration

Built around Git and GitHub, employees can review with the native tools and leave an audit trail.

version: 3

pullapprove_conditions:
- 'base.ref == "main"'

groups:
  owasp:
    description: |
      Checks for the OWASP Top 10:
      1. Injection
      2. Broken authentication
      3. Sensitive data exposure
      4. XML external entities
      5. Broken access control
      6. Security misconfiguration
      7. XSS
      8. Insecure deserialization
      9. Using components with known vulnerabilities
      10. Insufficient logging & monitoring
    conditions:
    - "'*.py' in files or '*.js' in files"
    reviewers:
      teams: [security, owasp]
    reviews:
      required: 1

  docs:
    conditions:
    - "'*.md' in files or 'docs/*' in files or 'docs' in labels"
    reviewers:
      teams: [docs]
    reviews:
      request: 2
      required: 1