Skip to content
This repository has been archived by the owner on Jan 17, 2023. It is now read-only.

Set protected status on production branch #4036

Open
ghost opened this issue Jan 23, 2019 · 5 comments
Open

Set protected status on production branch #4036

ghost opened this issue Jan 23, 2019 · 5 comments

Comments

@ghost
Copy link

ghost commented Jan 23, 2019
edited by ghost
Loading

The production branch on this repository is not protected against force pushes. This setting is recommended as part of Mozilla's Guidelines for a Sensitive Repository.

Anyone with admin permissions for this repository can correct the setting using this URL.

If you have any questions, or believe this issue was opened in error, please contact us and mention SOGH001-0 and this repository.

Thank you for your prompt attention to this issue.
--Firefox Security Operations team
@ghost
Copy link
Author

ghost commented Jan 28, 2019

The production branch on this repository is no longer protected against force pushes. This setting is recommended as part of Mozilla's Guidelines for a Sensitive Repository.

Branch protection had been configured previous for this repository, so you may want to check how the setting became unchecked.

Anyone with admin permissions for this repository can correct the setting using this URL.

If you have any questions, or believe this issue was opened in error, please contact us and mention SOGH002-2 and this repository.

Thank you for your prompt attention to this issue.
--Firefox Security Operations team

@lmorchard
Copy link
Contributor

Two things on this:

  1. We use force-pushes to the production branch to deploy specific commits
  2. This project is ending, so we will probably be archiving the repository in the next month or two

@hwine
Copy link

hwine commented Feb 4, 2019

This setting does not prevent force pushes. It only disables them from the GUI.

You can achieve the same effect without force pushes. See this approach

Expect a few more automated addons to this bug, until the repo is archived.

@ghost
Copy link
Author

ghost commented Mar 25, 2019

Hello! This is your neighborhood secops team still looking out for you!

The production branch on this repository is still not protected against force pushes. If the repository's production branches are not set as the GitHub default, please fill out this form.

If you have any questions, or believe this issue was opened in error, please contact us and mention SOGH001-2 and this repository.

Thank you for your prompt attention to this issue.
--Firefox Operations Security team

1 similar comment
@ghost
Copy link
Author

ghost commented Jun 8, 2019

Hello! This is your neighborhood secops team still looking out for you!

The production branch on this repository is still not protected against force pushes. If the repository's production branches are not set as the GitHub default, please fill out this form.

If you have any questions, or believe this issue was opened in error, please contact us and mention SOGH001-2 and this repository.

Thank you for your prompt attention to this issue.
--Firefox Operations Security team

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lmorchard @hwine