Branch rules

• Restrict deletionsOnly allow users with bypass permissions to delete matching refs.
• Require linear historyPrevent merge commits from being pushed to matching refs.
• Require signed commitsCommits pushed to matching refs must have verified signatures.
• Require a pull request before mergingRequire all commits be made to a non-target branch and submitted via a pull request before they can be merged.

  Show additional settings
• Require status checks to passChoose which status checks must pass before the ref is updated. When enabled, commits must first be pushed to another ref where the checks pass.

  Show additional settings
• Block force pushesPrevent users with push access from force pushing to refs.
• Require code scanning resultsChoose which tools must provide code scanning results before the reference is updated. When configured, code scanning must be enabled and have results for both the commit and the reference being updated.

  • Code scanning tools

    Required tools and alert thresholds

    • CodeQL
      Security alerts threshold:

      High or higher

      Alerts threshold:

      Errors

    Tools that must provide code scanning results for this rule to pass. Learn more about enabling code scanning.