PR
Definition
PR, or Pull Request, is a method used in software development to propose changes to a codebase. It allows developers to collaborate by reviewing and discussing the modifications before they are merged into the main branch. This process helps ensure code quality, maintainability, and security by enabling peer reviews and automated testing.
Secure Settings Example
# Example GitHub Actions workflow for a secure PR process
name: CI
on:
pull_request:
branches: [ main ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up Node.js
uses: actions/setup-node@v2
with:
node-version: '14'
- name: Install dependencies
run: npm install
- name: Run tests
run: npm test
- name: Code scanning
uses: github/codeql-action/analyze@v1
with:
category: 'security'
Insecure Settings Example
# Example of an insecure GitHub Actions workflow for a PR
name: CI
on:
pull_request:
branches: [ main ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Install dependencies
run: npm install
- name: Run tests
run: npm test
# Missing security checks and code scanning