-
Notifications
You must be signed in to change notification settings - Fork 221
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Is 'branch protection' only applicable for cloud-hosted SCPs? #1136
Comments
FWIW I think that GitTuf might make this possible outside of a hosted SCP. @adityasaky would know for sure. |
good question! The current wording in the pitch is: "On VCS like git, the organization MUST enable branch protections that prohibit updating the branch to point to revisions that are not direct descendants of the current revision." That does make it sound like there's a button to click somewhere! cc: @marcelamelara |
I think this may in part be addressed with #1128 and #1142. I think #1142 in particular would allow us to set requirements that may be achieved wildly differently depending on what constitutes the source control system as a whole. As for the rest of it, I think the requirement could use further clarification. The full set of branch protections (whether via an SCP, pre-receive hooks, etc.) could mean quite a bit further than disallowing force pushes and deletions (which are stated as the baseline in the spec atm), so I think clarification is in order as to what the requirement exactly is. Maybe we could reuse this issue for that? 😄 |
Originally posted by @marcelamelara in #1094 (comment)
The text was updated successfully, but these errors were encountered: