Towards verifiable web-based code review systems

Hammad Afzali, Santiago Torres-Arias, Reza Curtmola, Justin Cappos

    Research output: Contribution to journalArticlepeer-review


    Although code review is an essential step for ensuring the quality of software, it is surprising that current code review systems do not have mechanisms to protect the integrity of the code review process. We uncover multiple attacks against the code review infrastructure which are easy to execute, stealthy in nature, and can have a significant impact, such as allowing malicious or buggy code to be merged and propagated to future releases. To improve this status quo, in this work we lay the foundations for securing the code review process. Towards this end, we first identify a set of key design principles necessary to secure the code review process. We then use these principles to propose SecureReview, a security mechanism that can be applied on top of a Git-based code review system to ensure the integrity of the code review process and provide verifiable guarantees that the code review process followed the intended review policy. We implement SecureReview as a Chrome browser extension for GitHub and Gerrit. Our security analysis shows that SecureReview is effective in mitigating the aforementioned attacks. An experimental evaluation shows that the SecureReview implementation only adds a slight storage overhead (i.e., less than 0.0006 of the repository size).

    Original languageEnglish (US)
    Pages (from-to)153-184
    Number of pages32
    JournalJournal of Computer Security
    Issue number2
    StatePublished - 2023


    • Code review policy
    • Gerrit
    • GitHub
    • browser extension
    • review unit
    • verifiable code review process

    ASJC Scopus subject areas

    • Software
    • Safety, Risk, Reliability and Quality
    • Hardware and Architecture
    • Computer Networks and Communications

    Cite this