Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enforce branch policies on this repository #4

Open
4 of 7 tasks
toddysm opened this issue Mar 8, 2023 · 2 comments
Open
4 of 7 tasks

Enforce branch policies on this repository #4

toddysm opened this issue Mar 8, 2023 · 2 comments

Comments

@toddysm
Copy link

toddysm commented Mar 8, 2023

To improve the security of the ORAS project we need to enforce the branch policies for this repository. I propose that we enforce the policies as follows:

  • Use the following rules for main and release/* branches:
    • Require PR before merging
      • Require 3 approvals
      • Dismiss stale PR approvals when new commits are pushed
      • Require review from Code Owners
      • Require status checks to pass before merging
      • Require conversation resolution before merging
      • Require signed commits
      • Do not allow bypass the above settings

Please add your comments and proposals for additional changes to this issue.

@shizhMSFT
Copy link
Contributor

Currently, this repository has only one maintainer. We need more maintainers to enforce those branch policies.

@toddysm
Copy link
Author

toddysm commented Mar 20, 2023

Agree with that. Do we have any proposals to increase the number of maintainers for this repo? @FeynmanZhou ??

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants