Code Review for PCI Compliance

Satisfy PCI DSS requirement 6.3.2 by implementing a code review policy that protects your codebase and your customers.

Automate Assignment

Write the rules for who should review and when, and PullApprove will automate it.

Improve Your Codebase

Use precise reviewer selection to add context to the change and improve code over time.

Native Integration

Built around Git and GitHub, employees can review with the native tools and leave an audit trail.

version: 3

groups:
  payments:
    conditions:
    - "'*payments*' in files"
    reviews:
      required: 2

  contractors:
    conditions:
    - "author in ['contractorA', 'contractorB']"
    reviewers:
      users: [external-reviewers]

  security:
    conditions:
    - "contains_regex(files.patches, '(?m)^[\+\-].*dangerouslySetInnerHTML.*')"
    reviewers:
      teams: [security]
    reviews:
      required: 2

  signoff:
    conditions:
    - 'len(groups.passing) == 3'
    reviewers:
      teams: [admins]