Code Review for SOC 2 Compliance

Protect your applications and customers by implementing a custom change management process that works the way you want it to.

Secure Your Codebase

Provide guardrails with automated code review assignment and requirements.

Native Integration

Built around Git and GitHub, employees can review with the native tools and leave an audit trail.

Smart Notifications

Use phased reviews to notify reviewers when a PR is ready for them, not before.

version: 3

groups:
  design:
    conditions:
    - "'*.html' in files or '*.css' in files or 'ui/ux' in labels"
    reviewers:
      teams: [senior-designers]
    reviews:
      request: 2
      request_order: shuffle
      required: 1
      author_value: 1

  database:
    conditions:
    - "'*migrations*' in files"
    reviewers:
      users: [dave, sara]

  security:
    conditions:
    - "contains_regex(files.patches, '(?m)^[\+\-].*dangerouslySetInnerHTML.*')"
    reviewers:
      teams: [security]
    reviews:
      required: 2

  signoff:
    conditions:
    - 'len(groups.passing) == 3'
    reviewers:
      teams: [admins]