Set Code Policies
Create custom policies or choose from recommended defaults, and choose where they should be enforced.
- Separate secret credentials from source code
- Include .gitignore in every project
- Include CODEOWNERS in every project
- Avoid committing dependencies dir into projects
- Block unrecognized committers
- Lock package versions
- Separate personal config files from source code
- Align packages versioning between projects
- Link pull request title to a Jira ticket
- Link commit message to a Jira ticket
- Block out-of-date pull requests
- Commit messages must meet specified format
- Enforce GitHub settings such as branch protection
- Create custom policies…
Automatic Policy Enforcement
Once policies are set, they are automatically enforced by Datree within GitHub, in the selected repositories and even future repositories. Every code change (pull request) is tested before merging is allowed. If the code fails to meet policy requirements, either an alert is triggered or merging is blocked and the user is shown an explanation with instructions to fix the root cause.
Compliance and Security Reporting
Monitor policy compliance and remediation throughout the organization. Run compliance status report at any time to spot and fix violations before they affect quality or security.
Real-time Code Catalog
Understand what’s in your code: What packages, versions, and open-source libraries, and tools are being used throughout the organization, who’s using them, and where.
Connect Datree with GitHub and grant read access or add a lightweight analyzer to your GitHub organization. Within five minutes Datree will build a code catalog and run a compliance report for recommended policies. Begin enforcing recommended policies right away or create custom policies to fit your organizational standards. Learn how we keep Datree secure.