-
-
Notifications
You must be signed in to change notification settings - Fork 5.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make admins adhere to branch protection rules #32248
base: main
Are you sure you want to change the base?
Conversation
@enko I noticed you've updated the locales for non-English languages. These will be overwritten during the sync from our translation tool Crowdin. If you'd like to contribute your translations, please visit https://crowdin.com/project/gitea. Please revert the changes done on these files. 🍵 |
998af0a
to
4595e4e
Compare
Wouldn't the admin can change the protection rules? |
Yes, but that would leave a paper trail. It is the same on GitHub. |
I know Github's behaviour but I suspect it's not a better solution than having a configuration item in app.ini |
But why a "global" config item? For large instance, different organizations have different requirements. If it would use a "config option", Gitea does need a well-designed config system, global -> org-level -> repo-level. |
I see why you would want to have it in your
Yes, different projects have different needs and sometimes even different branches have different needs.
That is out of scope. |
4595e4e
to
028022a
Compare
@wxiaoguang I added the service changes and also added a test case. |
028022a
to
952bc01
Compare
Thank you for the update. There are still some things left:
|
952bc01
to
4fadaf6
Compare
@wxiaoguang Thanks for your input!
Fixed that, sorry for that.
I checked, and I noticed I missed the API did not use the new field. I added that.
Added a migration, I hope I did that right? |
This introduces a new flag `BlockAdminMergeOverride` on the branch protection rules that prevents admins/repo owners from bypassing branch protection rules and merging without approvals or failing status checks. Fixes go-gitea#17131
41daca4
to
70eb2f0
Compare
Some changes in 71b5edd:
|
I mean auto-merge means should be hidden for the administrator from the UI. |
Why they should hide? Auto merge only merge when checks pass. |
Yes, but the permissions that can merge the pull request are checked when creating the schedule. |
I do not understand what you mean. Show a real case, what's wrong would happen. |
This introduces a new flag
BlockAdminMergeOverride
on the branch protection rules that prevents admins/repo owners from bypassing branch protection rules and merging without approvals or failing status checks.Fixes #17131