Write the rules for who should review and when, and PullApprove will automate it.
Use precise reviewer selection to add context to the change and improve code over time.
Built around Git and GitHub, employees can review with the native tools and leave an audit trail.
version: 3
pullapprove_conditions:
- 'base.ref == "main"'
groups:
owasp:
description: |
Checks for the OWASP Top 10:
1. Injection
2. Broken authentication
3. Sensitive data exposure
4. XML external entities
5. Broken access control
6. Security misconfiguration
7. XSS
8. Insecure deserialization
9. Using components with known vulnerabilities
10. Insufficient logging & monitoring
conditions:
- "'*.py' in files or '*.js' in files"
reviewers:
teams: [security, owasp]
reviews:
required: 1
docs:
conditions:
- "'*.md' in files or 'docs/*' in files or 'docs' in labels"
reviewers:
teams: [docs]
reviews:
request: 2
required: 1