Skip to main content

Managing a branch protection rule

You can create a branch protection rule to enforce certain workflows for one or more branches, such as requiring an approving review or passing status checks for all pull requests merged into the protected branch.

Who can use this feature

People with admin permissions to a repository can manage branch protection rules.

受保护分支适用于具有 GitHub Free 和组织的 GitHub Free 的公共仓库,以及具有 GitHub Pro、GitHub Team、GitHub Enterprise Cloud 和 GitHub Enterprise Server 的公共和私有仓库。 有关详细信息,请参阅“GitHub 的产品”。

About branch protection rules

可以在存储库中为特定分支、所有分支或者与使用 fnmatch 语法指定的命名模式匹配的任何分支创建分支保护规则。 例如,若要保护包含单词 release 的任何分支,可以为 *release* 创建分支规则。

You can create a rule for all current and future branches in your repository with the wildcard syntax *. Because GitHub uses the File::FNM_PATHNAME flag for the File.fnmatch syntax, the wildcard does not match directory separators (/). For example, qa/* will match all branches beginning with qa/ and containing a single slash. You can include multiple slashes with qa/**/*, and you can extend the qa string with qa**/**/* to make the rule more inclusive. For more information about syntax options for branch rules, see the fnmatch documentation.

If a repository has multiple protected branch rules that affect the same branches, the rules that include a specific branch name have the highest priority. If there is more than one protected branch rule that references the same specific branch name, then the branch rule created first will have higher priority.

Protected branch rules that mention a special character, such as *, ?, or ], are applied in the order they were created, so older rules with these characters have a higher priority.

To create an exception to an existing branch rule, you can create a new branch protection rule that is higher priority, such as a branch rule for a specific branch name.

For more information about each of the available branch protection settings, see "About protected branches."

Creating a branch protection rule

When you create a branch rule, the branch you specify doesn't have to exist yet in the repository.

  1. 在 上,导航到存储库的主页。

  2. 在存储库名称下,单击 “设置”。 “存储库设置”按钮

  3. In the "Code and automation" section of the sidebar, click Branches.

  4. 在“分支保护规则”旁边,单击“添加规则”。 “添加分支保护规则”按钮

  5. 在“Branch name pattern(分支名称模式)”下,输入您要保护的分支名称或模式。 分支规则字段

  6. Optionally, enable required pull requests.

    • Under "Protect matching branches", select Require a pull request before merging. Pull request review restriction checkbox

    • Optionally, to require approvals before a pull request can be merged, select Require approvals, click the Required number of approvals before merging drop-down menu, then select the number of approving reviews you would like to require on the branch. Drop-down menu to select number of required review approvals

    • Optionally, to dismiss a pull request approval review when a code-modifying commit is pushed to the branch, select Dismiss stale pull request approvals when new commits are pushed. Dismiss stale pull request approvals when new commits are pushed checkbox

    • Optionally, to require review from a code owner when the pull request affects code that has a designated owner, select Require review from Code Owners. For more information, see "About code owners." Require review from code owners

    • Optionally, to allow specific actors to push code to the branch without creating pull requests when they're required, select Allow specified actors to bypass required pull requests. Then, search for and select the actors who should be allowed to skip creating a pull request. Allow specific actors to bypass pull request requirements checkbox

    • Optionally, if the repository is part of an organization, select Restrict who can dismiss pull request reviews. Then, search for and select the actors who are allowed to dismiss pull request reviews. For more information, see "Dismissing a pull request review." Restrict who can dismiss pull request reviews checkbox

  7. Optionally, enable required status checks. For more information, see "About status checks."

    • Select Require status checks to pass before merging. Required status checks option
    • Optionally, to ensure that pull requests are tested with the latest code on the protected branch, select Require branches to be up to date before merging. Loose or strict required status checkbox
    • Search for status checks, selecting the checks you want to require. Search interface for available status checks, with list of required checks
  8. Optionally, select Require conversation resolution before merging. Require conversation resolution before merging option

  9. Optionally, select Require signed commits. Require signed commits option

  10. Optionally, select Require linear history. Required linear history option

  11. Optionally, to merge pull requests using a merge queue, select Require merge queue. 有关合并队列的信息,请参阅“管理合并队列”。 Require merge queue option

    Tip: The pull request merge queue feature is currently in limited public beta and subject to change. Organizations owners can request early access to the beta by joining the waitlist.

  12. Optionally, to choose which environments the changes must be successfully deployed to before merging, select Require deployments to succeed before merging, then select the environments. Require successful deployment option

  13. Optionally, select Do not allow bypassing the above settings. Do not allow bypassing the above settings checkbox

  14. Optionally, if your repository is owned by an organization using GitHub Team or GitHub Enterprise Cloud, enable branch restrictions.

    • Select Restrict who can push to matching branches. Branch restriction checkbox
    • Optionally, to also restrict the creation of matching branches, select Restrict pushes that create matching branches. Branch creation restriction checkbox
    • Search for and select the people, teams, or apps who will have permission to push to the protected branch or create a matching branch. Branch restriction search
  15. Optionally, under "Rules applied to everyone including administrators", select Allow force pushes. Allow force pushes option

    Then, choose who can force push to the branch.

    • Select Everyone to allow everyone with at least write permissions to the repository to force push to the branch, including those with admin permissions.

    • Select Specify who can force push to allow only specific actors to force push to the branch. Then, search for and select those actors. Screenshot of the options to specify who can force push

      For more information about force pushes, see "Allow force pushes."

  16. Optionally, select Allow deletions. Allow branch deletions option

  17. Click Create.

Editing a branch protection rule

  1. 在 上,导航到存储库的主页。

  2. 在存储库名称下,单击 “设置”。 “存储库设置”按钮

  3. In the "Code and automation" section of the sidebar, click Branches.

  4. To the right of the branch protection rule you want to edit, click Edit. Edit button

  5. Make your desired changes to the branch protection rule.

  6. Click Save changes. Save changes button

Deleting a branch protection rule

  1. 在 上,导航到存储库的主页。

  2. 在存储库名称下,单击 “设置”。 “存储库设置”按钮

  3. In the "Code and automation" section of the sidebar, click Branches.

  4. To the right of the branch protection rule you want to delete, click Delete. Delete button