Code Review adds a human approval gate between code changes and production deployment in Data Studio. Without it, non-compliant code can reach production and fail at runtime — triggering downstream task failures and wasting compute resources. When Mandatory Code Review is enabled, a task cannot be published to the Production Environment until a designated reviewer approves the change.
How it works
Submitting a node for publishing triggers a code review. The initiator selects one or more reviewers; the system sends notifications and blocks publishing until a reviewer acts.
The review outcome depends on whether Mandatory Code Review is enabled:
| Mode | Review outcome | Effect on publishing |
|---|---|---|
| Mandatory Code Review disabled | Approved or rejected | Publishing is not blocked — the node can be published regardless of outcome |
| Mandatory Code Review enabled | Approved | Publishing proceeds |
| Mandatory Code Review enabled | Rejected | Publishing is blocked; the initiator must revise the code and resubmit |
Prerequisites
Before you begin, make sure you have:
Activated DataWorks Professional Edition or higher. See DataWorks editions for edition details.
One of the following roles to enable or disable Code Review for a workspace:
Alibaba Cloud account
Workspace Administrator
RAM user with the AliyunDataWorksFullAccess permission
For more information on roles, see Overview of users, roles, and permissions.
Limitations
Code Review is not supported for:
Composite nodes: Loop and Traverse
Non-Python resource files
Enable Mandatory Code Review
A Workspace Administrator can enable Mandatory Code Review from the Data Studio settings page. When enabled, all nodes within the configured scope must pass a review before they can be published.
Deleting a node does not trigger Code Review.
Step 1: Open security settings
Go to the Workspaces page in the DataWorks console. In the top navigation bar, select the target region. Locate the workspace and choose Shortcuts > Data Studio in the Actions column.
In the lower-left corner of the Data Studio page, click the
icon and select Data Studio Settings.On the Data Studio settings page, click the Security Settings and Others tab.
If the Force to review code switch is not visible on the Security Settings and Others tab, verify that your workspace is on DataWorks Professional Edition or higher. Code Review is unavailable in lower editions.
Step 2: Configure code review settings
On the Security Settings and Others tab, enable Code Review > Force to review code and configure the following parameters.
| Parameter | Description |
|---|---|
| Force to review code | Requires a code review before tasks in the workspace can be published to the Production Environment. |
| Code reviewers | Specifies which users can act as reviewers. Any Developer Role: the initiator selects any user with a developer role in the workspace when submitting. Specify development role users: after a code review is submitted for a node, it must be approved by a user with a specified developer role before it can be published. If multiple reviewers are configured, approval from any one reviewer is sufficient. |
| Baseline scopes for code review | Determines which nodes require a review. Configure by baseline priority: non-baseline tasks, or nodes on baselines of that level in the current workspace require approval upon submission. The higher the baseline number, the higher its priority. Selecting non-baseline tasks means all new nodes in the workspace require approval. |
| Code review notification methods | Sends automated alerts to reviewers when a new review is assigned, and to initiators when the review status changes (approved or rejected). Supported channels: SMS, DingTalk group robot webhook, email, WeCom group webhook, Lark webhook, and generic webhook. |
Only users with a developer role in the current workspace can be selected as reviewers.
The generic webhook method is available only in DataWorks Enterprise Edition.
For DingTalk group robot security settings, configure keywords only. Keywords must include
DataWorks.SMS and phone alerts from Code Review count toward your alert resource usage. View usage on the Alert Resources page. See View and set alert resources.
Submit a node for code review
When you publish a node with Mandatory Code Review enabled, publishing is blocked until the review is approved. The submission process assigns a reviewer and creates a review request.
Auto-cancellation of in-progress reviews: If a node already has a review in progress, submitting a new one automatically cancels the previous review. Only the latest review applies.
Deleting a node does not trigger Code Review.
Save the node and navigate to the Publish page. Click the
icon to save the node, then click the 
icon to open the Publish page.Start deployment. Click Start Deployment to Production Environment. Because Mandatory Code Review is enabled, publishing is blocked pending review approval.
Submit for code review. Click Submit for Code Review. On the Code Review configuration panel, set the following fields and click Confirm.
Parameter Description Code Reviewer Select one or more reviewers from the list of configured Code reviewers. Change Description Describe the code changes being submitted.
Process a review request
Reviewers can view and act on pending requests from the Code Review List > Reviewed by Me tab.
Open the Code Review list. In the left-side navigation pane of the Data Studio page, click the
icon to open the Code Review List page. Requests assigned to you appear under Reviewed by Me.Act on the review request. From the Code Review list page, take quick action on a request: Approve, Reject, Discard, Reopen, or Share. From the Code Review details page, review code and scheduling configuration changes against the production version before deciding:
On the Code Review List page, click a request to open the Code Review details page.
Compare the code and scheduling configuration changes against the production version.
In the Review Operations section, perform one of the following actions:
Approve — unblocks publishing.
Reject — blocks publishing; the initiator must revise and resubmit.
Discard — cancels the review. Publishing remains blocked until the initiator submits a new review or reopens this one.
Reopen — restarts a discarded review.Comment — add feedback without changing the review status.
View review results
Initiators can check review outcomes and manage requests from the Code Review List > Created by Me tab.
Open the Code Review list. In the left-side navigation pane, click the
icon to go to the Code Review List page, then switch to Created by Me.Manage the review request. From the Code Review list page, view the review status and perform actions: Discard, Reopen, or Share. From the Code Review details page, click a request to open the details page. From there, choose Reopen or Discard.
NoteIf you discard the review, submit a new request or reopen the discarded one to continue the publishing process.
If a review is rejected, revise the code based on the reviewer's feedback and resubmit it for review. Publishing is unblocked only after the review is approved.
What's next
After the review is approved, return to the Publish page and complete the deployment. If the review is rejected, update the code based on the reviewer's comments and submit a new review request.