category | severity | online version |
---|---|---|
Microsoft Azure DevOps Pipelines |
Important |
Project settings should require a comment for pull requests from a fork.
Before building a fork, a member of the project should review the changes and approve the pull request. This can help prevent malicious code from being introduced into the project.
Mininum TokenType: ReadOnly
Consider requiring a comment for pull requests from a fork in the project settings.