Hi all,
On 3.11.2025 20:05, [email protected] wrote:
> This is an automated email from the ASF dual-hosted git repository.
>
> pkarwasz pushed a change to branch master
> in repository https://gitbox.apache.org/repos/asf/commons-lang.git
>
>
> discard abf38ee5e Test force-push to `master`
As you can see, there are currently no branch protection rules on the
main branches of Commons repositories.
I’d like to propose adding branch protection rules to `master` to:
- prevent force pushes (like the test above), and
- prevent branch deletion (this may already be enforced on the GitBox
side, but I haven’t tested).
In `.asf.yaml` [1], these rules are defined as:
github:
protected_branches:
master: { }
Any objections? I think enabling this basic protection is an important
safeguard for all Commons projects.
## Optional improvements
We could also consider a few optional rules to improve PR handling.
### Required checks + auto-merge
We typically wait for CI checks to pass before merging. GitHub’s
“Auto-merge” button can handle this automatically once the required
checks succeed.
Example configuration:
github:
protected_branches:
contexts:
- context: build (ubuntu-latest, 25, false)
app: github-actions
- context: CodeQL
app: github-advanced-security
pull_requests:
allow_auto_merge: true
### Additional PR settings
GitHub also supports additional PR buttons [2]:
- allow_update_branch: enables a “Update branch” button to rebase or
merge PRs with master.
- del_branch_on_merge: automatically deletes a PR branch after it’s
merged.
Piotr
References:
[1]
https://github.com/apache/infrastructure-asfyaml/tree/main?tab=readme-ov-file#branchpro
[2]
https://github.com/apache/infrastructure-asfyaml?tab=readme-ov-file#pull_requests
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
