# Code and Repository Monitors Code and repository monitors in Sprinto ensure that your organisation’s source code management practices meet compliance and security requirements. These monitors track branch protection, code review enforcement, vulnerability scanning, and repository classification to help safeguard against unauthorised changes, insecure code, or compliance violations. By enabling these monitors, Sprinto automatically validates repository settings across integrated platforms such as GitHub, GitLab, Bitbucket, and Azure DevOps. *** ### What Sprinto Monitors Sprinto checks repositories for: * **Branch Protection Rules**\ Ensures branches have protection rules in place (e.g., no direct commits to main, mandatory pull requests). * **Code Review Enforcement**\ Verifies that the pull request (PR) reviewer is different from the author, preventing single-user approvals. * **Vulnerability Scanning**\ Tracks whether automated tools like Dependabot are enabled to detect vulnerabilities in dependencies. * **Repository Classification**\ Confirms that all repositories are categorised (e.g., production, development, test) and critical repositories are explicitly identified. *** ### Benefits * **Improved Code Security** – Prevents insecure or unreviewed changes from being pushed into production. * **Compliance Readiness** – Demonstrates evidence of secure coding practices and change management for audits. * **Developer Accountability** – Enforces separation of duties between authors and reviewers. * **Early Vulnerability Detection** – Flags security issues before code is deployed. *** ### Supported Platforms Sprinto integrates with: * GitHub * GitLab * Bitbucket * Azure DevOps *** ### Next Steps * Configure repository integrations in Sprinto. * Review failing monitors to identify missing protections or misconfigurations. * Apply branch protection rules, enable vulnerability scanning, and classify repositories as required. * Re-run the monitor or upload evidence (where manual classification is required). --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.sprinto.com/monitors/code-and-repository-monitors.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.