📖 Update checks.md to show the benefit of >=2 reviewers (#3013)

* Update checks.yaml instead of cehcks.md Signed-off-by: Joyce <joycebrum@google.com> * feat: generate checks.md Signed-off-by: Joyce Brum <joycebrum@google.com> --------- Signed-off-by: Joyce <joycebrum@google.com> Signed-off-by: Joyce Brum <joycebrum@google.com>
ossf · May 19, 2023 · 028fa93 · 028fa93
1 parent f4e3363
commit 028fa93
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 4 deletions.
diff --git a/docs/checks.md b/docs/checks.md
@@ -73,11 +73,16 @@ result to meet most user needs.
 
 Different types of branch protection protect against different risks:
 
-  - Require code review: requires at least one reviewer, which greatly
+  - Require code review: 
+    - requires at least one reviewer, which greatly
     reduces the risk that a compromised contributor can inject malicious code.
     Review also increases the likelihood that an unintentional vulnerability in
     a contribution will be detected and fixed before the change is accepted.
 
+    - requiring two or more reviewers protects even more from the insider risk 
+    whereby a compromised contributor can be used by an attacker to LGTM 
+    the attacker PR and inject a malicious code as if it was legitm.
+
   - Prevent force push: prevents use of the `--force` command on public
     branches, which overwrites code irrevocably. This protection prevents the
     rewriting of public history without external notice.
@@ -182,8 +187,8 @@ However, note that in those overlapping cases, Scorecard can only report what it
 Risk: `High` (unintentional vulnerabilities or possible injection of malicious
 code)
 
-This check determines whether the project requires human code review before pull
-requests (merge requests) are merged.
+This check determines whether the project requires human code review
+before pull requests (merge requests) are merged.
 
 Reviews detect various unintentional problems, including vulnerabilities that
 can be fixed immediately before they are merged, which improves the quality of

diff --git a/docs/checks/internal/checks.yaml b/docs/checks/internal/checks.yaml
@@ -162,11 +162,16 @@ checks:
 
       Different types of branch protection protect against different risks:
 
-        - Require code review: requires at least one reviewer, which greatly
+        - Require code review: 
+          - requires at least one reviewer, which greatly
           reduces the risk that a compromised contributor can inject malicious code.
           Review also increases the likelihood that an unintentional vulnerability in
           a contribution will be detected and fixed before the change is accepted.
 
+          - requiring two or more reviewers protects even more from the insider risk 
+          whereby a compromised contributor can be used by an attacker to LGTM 
+          the attacker PR and inject a malicious code as if it was legitm.
+
         - Prevent force push: prevents use of the `--force` command on public
           branches, which overwrites code irrevocably. This protection prevents the
           rewriting of public history without external notice.