Pull Request Rules
Pull requests (PRs) are a critical checkpoint for maintaining code quality, enforcing peer review, and ensuring traceability across changes. These rules enforce standards around commit messages, reviewer requirements, merge conditions, and compliance with internal or external audit frameworks like SOC-2.
| ID | Title | Description | Significance | Severity |
|---|---|---|---|---|
| P1 | PR Description Required | Pull requests must include a clear and detailed description explaining the changes | SOC-2 (Audit Readiness) | high |
| P2 | Review Required Before Merge | Pull requests must be reviewed and approved before merging | SOC-2 (Audit Readiness) | high |
| P3 | Categorised Commit Messages | Commit messages must follow conventional commits format (feat/fix etc.) | Best practise | medium |
| P4 | Minimum Reviewers Required | Pull requests must have a minimum number of assigned reviewers | SDLC Compliance | high |
| P5 | Required Checks Must Pass | All required status checks must pass before merging | SDLC Compliance | critical |
| P6 | Meaningful Commit Messages | Commit messages must be descriptive and explain the changes made | Best practise | medium |
| P7 | PR must have description | Pull requests must have a description. | Best practise | medium |
| P8 | Require at least one reviewer | Pull requests must have at least one reviewer. | SDLC Compliance | medium |
| P9 | No Self-Approval Allowed | PRs cannot be approved by the author | SOC-2 (Audit Readiness) | critical |
| P10 | Assigned Reviewer Required | PRs must have at least one reviewer explicitly assigned | SOC-2 (Audit Readiness) | medium |
| P11 | PR Must Reference Issue | PRs must be linked to an existing issue or ticket | SOC-2 (Audit Readiness) | medium |
| P12 | No Direct Merge to Main | Pull requests cannot merge directly to the main branch without prior approval | SOC-2 (Audit Readiness) | high |
💡 Want to recommend a rule? Contact us at support@warestack.com — we’d love to hear from you.
Last updated on