Although I’m just a lurker here, the idea of promoting the use of rebase on a shared repository seems incredibly dangerous. Or “brave” as some would put it.
Later, Andy From: Tibor Digana <tibordig...@apache.org> Date: Tuesday, 5 August 2025 at 15:01 To: Maven Developers List <dev@maven.apache.org> Subject: Re: [VOTE] Introduce Prevent Branch Protection Rules [You don't often get email from tibordig...@apache.org. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ] Is somebody using Git Merge? For sake of clarity of the log history, this should be prohibited and Git Rebase should be used instead. This alternative should be added in the Vote as well. Regarding branch deletions, I remember the time when we had to delete the master branch. It was a permission problem with a committer. On Tue, Aug 5, 2025 at 1:45 PM Sandra Parsick <san...@parsick.dev> wrote: > As discussed in a previous thread, it makes sense from a supply chain > security perspective to introduce the following branch protection rules > to all Maven repositories: > > - Prevent force push > - Prevent branch deletion > > It will be enabled by .asf.yaml to ensure that the same branch > protection rules are used for Gitbox and GitHub. > > It will be enabled for all default and maintenance branches. > > > Tasks to do: > - Check every Maven repository has .asf.yaml > - Enabling above-mentioned branch protection rules in all Maven > repositories via .asf.yaml > > > If the vote passes, I will take care of it. > > > Vote open for at least 72 hours. > > [ ] +1 > [ ] +0 > [ ] -1 > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org > For additional commands, e-mail: dev-h...@maven.apache.org > > The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336. Is e buidheann carthannais a th’ ann an Oilthigh Dhùn Èideann, clàraichte an Alba, àireamh clàraidh SC005336.
