Anomalous Pull Request

ID

pull_request_merged_anomalous

Severity

high

Resource

Branch

Description

Detects whether a Pull Request has some anomalous clues.

Several relevant factors are evaluated for clues to determine if a Pull Request is anomalous. These are some of them:

  • Pull Request wasn’t reviewed at all.

  • Pull Request was reviewed, but some reviewers requested changes.

  • The author of the commits was also the single reviewer approving the changes.

  • Pull Request was reviewed and approved, but after that, a new commit was pushed.

  • Pull Request was too long.

Impact

An anomalous pull request merged can have negative impacts on an organization. Here are some potential consequences:

  • Code Quality Issues: It may contain outdated or irrelevant code, which can lead to quality issues in the final product. This can result in bugs, errors, and maintenance issues in the future.

  • Security Vulnerabilities: It may contain security vulnerabilities that were not caught during code review. This can expose the organization’s systems and data to potential attacks, resulting in data breaches, financial losses, and reputational damage.

Supported Technologies

This detector is supported by the following sensors:

Azure Sensor  Azure Sensor

Bitbucket Sensor   Bitbucket Sensor

GitHub Actions    GitHub Sensor