roadmap icon indicating copy to clipboard operation
roadmap copied to clipboard
verified publisher icon github

Admins can block pushes that destructively force push with --mirror

Open github-product-roadmap opened this issue 3 years ago • 1 comments

Summary

This feature will allow admins to block two potentially dangerous Git commands that are difficult to recover from:

  1. git push --mirror This is a potentially destructive command for making the remote exactly match the local clone. When run by accident, it can cause many branch deletes and force-pushes at the remote without a warning.

  2. git push --force when push.default=matching Prior to Git v2.0, the command git push --force behaved like git push --mirror because of the then-default Git configuration of push.default=matching.

Intended Outcome

This feature will allow blocking potentially destructive --mirror force pushes or pushes that include multiple branch rewrites.

How will it work?

Admins will be able to enable or disable this feature in repository settings. When enabled, pushes will be rejected when they include multiple branch rewrites and the person who pushed will see an error.

github-product-roadmap avatar Mar 15 '22 22:03 github-product-roadmap

this has shipped to dotcom! 🚢 https://github.blog/changelog/2022-06-15-block-potentially-destructive-git-pushes/

leaving open to track to GHES

spaltrowitz avatar Jun 15 '22 16:06 spaltrowitz

🚢 This has shipped with GHES 3.7 release: https://docs.github.com/en/[email protected]/admin/release-notes

ankneis avatar Nov 30 '22 17:11 ankneis