[INFRA] Set up default rulesets for default and release branches#3491
Conversation
| includes: | ||
| - "~DEFAULT_BRANCH" | ||
| - "release/*" | ||
| - "rel/*" |
There was a problem hiding this comment.
@Jens-G we don't seem to use release/ or rel/, should we protect release tags v* instead? Or rather in addition to, so you can use release/0.24.0 for release work instead of 0.24.0
There was a problem hiding this comment.
Because some projects have subprojects (multiple releases, with different names), I think it's a good opportunity to start using better tag names instead of just the raw version numbers, as in rel/thrift-0.24.0. If there's any sub-projects, like "thrift-examples", then it could be rel/thrift-examples-1.0.0, for example.
Having all the releases under one tag namespace allows other kinds of tags to be used for other purposes in their own namespace that don't look like rel/ (e.g. release candidates, tests, abandoned branches, etc.)
There was a problem hiding this comment.
Are we talking about branches or tags?
Don't forget to adjust the ReleaseManagement document. Done
|
Added the |
Jens-G
force-pushed
the
infrastructure-ruleset-bot/default-branch-protection
branch
from
23a7ddb to
0c331cc
Compare
4 participants
This Pull Request enables the repository to conform with the "sane default security settings" of the Apache Software Foundation by configuring a default branch ruleset that protects the default branch and any release branches.
Note that
~DEFAULT_BRANCHis a GitHub symbolic link to the current default branch (HEAD) of the repository and does not need changing.If the managing project does not wish to set up these defaults, please close this Pull Request. Alternatively, the project may merge this Pull Request to apply the changes immediately.
If no action is taken, this Pull Request will be automatically merged by the Apache Infrastructure team on 2026-06-14 (30 days from now).
For any further information, please reach us on Slack or at: users@infra.apache.org