Company logoHelp Center
Visit braidfi.com

Software Development Process and Safeguards

2 min. readlast update: 03.21.2025

To ensure the integrity of our codebase and reduce the risk of unauthorized or malicious code being introduced, our team follows a structured and tightly controlled software development process. This includes access restrictions, peer reviews, and clear separation of duties — all designed to align with secure development best practices.

Summary

We take a layered approach to source code protection that includes:

1. Source Control with GitHub

  • All code is managed in GitHub, with full access logging and audit trails.
  • Developers do not have direct access to deploy code to production environments.

2. Pull Request (PR) Workflow

  • Developers must submit pull requests (PRs) to propose changes.
  • No code is merged directly into shared branches without approval.
  • This ensures traceability, accountability, and peer validation of all changes.

3. Branch Protection Rules

  • Development Branch
    • Protected with a rule that requires at least two peer reviewers.
    • No one can bypass this rule — GitHub enforces it automatically.
  • Production Branch
    • Protected by a separate rule that requires at least one final reviewer.
    • This ensures changes are double-checked before release.

4. Controlled Releases

  • Only our VP of Engineering is authorized to approve and merge code into the production branch.
  • This adds an extra layer of control and accountability before any software is released.
  • All deployments are tracked and logged, with clear records of who performed each release.

Why This Matters

These controls provide:

  • Separation of duties: Developers write code, but cannot unilaterally release it.
  • Peer validation: Every code change is reviewed and approved by others.
  • Traceability: Every change is linked to a GitHub user, a pull request, and a commit history.
  • Controlled access: Only a single, trusted role (VP of Engineering) can deploy to production.
  • Audit-readiness: GitHub logs, branch protection settings, and PR records are all auditable.

Conclusion

While no system is perfect, our current development process is designed to minimize the risk of insider threats, accidental changes, or code injection, and to ensure every change is deliberate, reviewed, and traceable. This is a key part of our broader commitment to building secure and reliable software.

Was this article helpful?