Ensure all checks have passed before the merge of new code

Description

This policy checks whether GitHub branch protection requires status checks to pass before merging new code. Status checks help ensure that code changes meet certain standards and do not introduce security vulnerabilities. By requiring status checks, developers can prevent potentially malicious or unstable code from being merged into a protected branch. This rule is important because it helps maintain the integrity and security of the codebase.

Code Example

github

Go to Repository Settings > Branches > Branch permissions > Edit > Require status checks to pass before merging

Remediation

Enable required status checks for the GitHub branch protection.

Rule Details

Field	Value
ID	IAC-1052
Severity	MEDIUM
IaC Type	github_configuration
Frameworks	*
Checkov ID	CKV_GITHUB_14

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

Ensure all checks have passed before the merge of new code

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

Ensure all checks have passed before the merge of new code ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

Ensure all checks have passed before the merge of new code

Description

Code Example

Remediation

Rule Details

References