CI/CD & DevOps
v1.0.0
Reviews CI/CD pipelines, deployment configuration, and dependency management — build caching, environment parity, rollback strategies, and supply chain security. Broken pipelines block every developer on the team; insecure pipelines can compromise production.
3 rules
2 categories
Security(2)
Pin Dependency Versions
Pin exact versions for all dependencies in production (no ^, ~, or * ranges). Unpinned dependencies silently pull in new versions that can introduce breaking changes, security vulnerabilities, or performance regressions — and you won't know until production breaks.
DependenciesCI/CDsecurity
HIGH
Automate CI/CD & DevOps checks on every PR
BeforeMerge scans your pull requests against all 3 CI/CD & DevOps rules automatically. Get actionable feedback before code ships.