New command to automate setting "Protected branch" on github to prevent force push #9878
+118
−0
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Not directly related to this PR but shouldn't we maybe move scripts like that to an "internal" plugin that would be linked as a submodule but would not available on marketplace? I don't see any sense in having them in this repo. |
|
I was just about to comment the same. This should be definitely not in Piwik repo. Maybe you can add this to plugin lifecycle etc? Run the command once to change them all and make sure new repos will have a protected branch automatically. |
|
It would be useful to extend this command to also force the users who are allowed to push to given branches (ie. lead developers / product owners only would be allowed to merge a given PR). https://github.com/blog/2137-protected-branches-improvements |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a new simple command that automates setting, for all repository for which there is admin access, the
masterbranch as protected, which means "git forced pushes" will be disabled. This prevents someone mistakenly rewriting the git history.As more people get write access to more repositories, it becomes more important to follow best practises for git repository security. One can run this tool regularly to ensure all our one's repos are protected.