Enforce branch policies on this repository
Opened this issue · 0 comments
toddysm commented
To improve the security of the ORAS project we need to enforce the branch policies for this repository. I propose that we enforce the policies as follows:
- Use the following rules for
main
andrelease/*
branches:- Require PR before merging
- Require 3 approvals
- Dismiss stale PR approvals when new commits are pushed
- Require review from Code Owners
- Require status checks to pass before merging
- Require conversation resolution before merging
- Require signed commits
- Do not allow bypass the above settings
- Require PR before merging
Please add your comments and proposals for additional changes to this issue.