Content Comparison

• DCO (required)

• Linters

• Unit tests

• Integration tests

• Code coverage

• Documentation

Example - ReadTheDocs webhook:

https://docs.readthedocs.io/en/stable/integrations.html

• Static analysis aka Static Application Security Testing (SAST)

Example - CodeQL:

https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql

Example - Snyk:

https://docs.snyk.io/integrations/git-repository-scm-integrations/github-integration

• Software Composition Analysis dependency scans
• And/or setup Dependabot in Settings/Security

Dependabot:

https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates

• Note: use Reusable github actions to reduce the number of top-level checks

https://docs.github.com/en/actions/using-workflows/reusing-workflows