Skip to content

Enum: ReviewTypeEnum

Categories of code-review process applied to a source revision. Captures the forms of two-party review discussed by practitioners (Tamanna et al., 2024, LF.2), including contested alternatives whose security equivalence with standard asynchronous two-party review has not been formally established.

URI: slsa:ReviewTypeEnum

Permissible Values

Value Meaning Description
TWO_PARTY None Standard two-party review: a change is approved by at least one reviewer who ...
PAIR_PROGRAMMING None Two developers working simultaneously on the same code at the same workstatio...
MOB_PROGRAMMING None Collaborative development with a whole group at once
AUTOMATED None Review performed entirely by an automated tool or bot, without a second human...

Slots

Name Description
reviewType The type of human or automated review process used to approve this source rev...

In Subsets

Identifier and Mapping Information

Schema Source

  • from schema: https://w3id.org/lmodel/slsa

LinkML Source

name: ReviewTypeEnum
description: Categories of code-review process applied to a source revision. Captures
  the forms of two-party review discussed by practitioners (Tamanna et al., 2024,
  LF.2), including contested alternatives whose security equivalence with standard
  asynchronous two-party review has not been formally established.
in_subset:
- slsa_source_track
- slsa_adoption_study
from_schema: https://w3id.org/lmodel/slsa
rank: 1000
permissible_values:
  TWO_PARTY:
    text: TWO_PARTY
    description: 'Standard two-party review: a change is approved by at least one
      reviewer who is distinct from the author, where both the author and reviewer
      are trusted persons as defined by the organization.'
  PAIR_PROGRAMMING:
    text: PAIR_PROGRAMMING
    description: Two developers working simultaneously on the same code at the same
      workstation or via screen-sharing. Whether this satisfies the trusted-persons
      two-party review requirement is an open question raised in practitioner discussions
      (Tamanna et al., 2024, LF.2).
  MOB_PROGRAMMING:
    text: MOB_PROGRAMMING
    description: Collaborative development with a whole group at once. As with pair
      programming, formal equivalence to asynchronous two-party review has not been
      established for SLSA purposes (Tamanna et al., 2024, LF.2).
  AUTOMATED:
    text: AUTOMATED
    description: Review performed entirely by an automated tool or bot, without a
      second human reviewer. Does not satisfy the SLSA trusted-persons requirement
      for Source Level 4.