Control: 1.1.11 Ensure all open comments are resolved before allowing code change merging
Description
Organizations should enforce a "no open comments" policy before allowing code change merging.
Rationale
In an open code change proposal, reviewers can leave comments containing their questions and suggestions. These comments can also include potential bugs and security issues. Requiring all comments on a code change proposal to be resolved before it can be merged ensures that every concern is properly addressed or acknowledged before the new code changes are introduced to the code base.
Note: Code change proposals containing open comments would not be able to be merged into the code base.
Audit
For every code repository in use, verify that each merged code change does not contain open, unattended comments.
Remediation
For each code repository in use, require open comments to be resolved before the relevant code change can be merged.
Usage
Run the control in your terminal:
powerpipe control run github_compliance.control.cis_supply_chain_v100_1_1_11Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run github_compliance.control.cis_supply_chain_v100_1_1_11 --shareSQL
This control uses a named query:
repo_no_open_comments