Other Articles

GitHub Pull Requests – Require Reviewer Approval Before Merge

Secure Configuration Checks > Github

This check ensures that all GitHub Pull Requests are reviewed and approved by at least one reviewer other than the author before being merged. Enforcing pull request approvals strengthens change management controls and prevents unauthorized or unreviewed code changes.

Check Details

  • Resource: GitHub Pull Request
  • Check: Ensure pull request approval is required
  • Risk: Unauthorized or unreviewed code changes may introduce vulnerabilities, defects, or compliance violations

Remediation via GitHub UI

  1. Log in to your GitHub account and navigate to the target repository. GitHub Repository
  2. Click on Settings in the repository menu. Repository Settings
  3. In the left navigation panel, click Branches. Branch Settings
  4. Under Branch protection rules, click Add classic branch protection rule or edit an existing rule for your default branch (e.g., main). Branch Protection Rule
  5. Enable Require a pull request before merging.
  6. Enable Require approvals and set the required number of approving reviewers (minimum 1 recommended).
  7. Enable Dismiss stale pull request approvals when new commits are pushed (recommended for stronger control). GitHub Branch Protection Rules for Approval
  8. Click Create or Save changes to enforce the branch protection rule.

Updated on 27 March, 2026