GitHub PRs

Auto-trigger: Run analysis on every PR or only on specific branches
Severity threshold: Block merges only for critical/high findings
Notification settings: Configure who receives security alerts
Jira sync: Automatically create tickets for security requirements

Integrate Oplane with your GitHub workflow to automatically run threat modeling on pull requests. Get security feedback before code is merged.

Prerequisites: You'll need admin access to your GitHub repository to install the Oplane GitHub App.

Setup

Follow our step-by-step GitHub App Setup guide to install the Oplane GitHub App, link your account, and choose a review mode for each repository.

Once connected, Oplane will automatically analyze pull requests that include architectural changes or security-relevant code modifications.

When a PR is opened or updated, Oplane scans the changes and identifies potential security concerns. Results appear as comments on the PR.

Oplane generates security requirements based on the changes in the PR. These requirements help ensure security concerns are addressed before merging.

Configure branch protection rules to require Oplane checks to pass before merging. This ensures critical security findings are addressed.