Skip to content

Commit

Permalink
feat: generate checks.md
Browse files Browse the repository at this point in the history
Signed-off-by: Joyce Brum <[email protected]>
  • Loading branch information
joycebrum committed May 19, 2023
1 parent 7342e5b commit 86f2a80
Showing 1 changed file with 8 additions and 3 deletions.
11 changes: 8 additions & 3 deletions docs/checks.md
Original file line number Diff line number Diff line change
Expand Up @@ -73,11 +73,16 @@ result to meet most user needs.

Different types of branch protection protect against different risks:

- Require code review: requires at least one reviewer, which greatly
- Require code review:
- requires at least one reviewer, which greatly
reduces the risk that a compromised contributor can inject malicious code.
Review also increases the likelihood that an unintentional vulnerability in
a contribution will be detected and fixed before the change is accepted.

- requiring two or more reviewers protects even more from the insider risk
whereby a compromised contributor can be used by an attacker to LGTM
the attacker PR and inject a malicious code as if it was legitm.

- Prevent force push: prevents use of the `--force` command on public
branches, which overwrites code irrevocably. This protection prevents the
rewriting of public history without external notice.
Expand Down Expand Up @@ -182,8 +187,8 @@ However, note that in those overlapping cases, Scorecard can only report what it
Risk: `High` (unintentional vulnerabilities or possible injection of malicious
code)

This check determines whether the project requires human code review before pull
requests (merge requests) are merged.
This check determines whether the project requires human code review
before pull requests (merge requests) are merged.

Reviews detect various unintentional problems, including vulnerabilities that
can be fixed immediately before they are merged, which improves the quality of
Expand Down

0 comments on commit 86f2a80

Please sign in to comment.