Skip to content

Support unprotected file patterns #16381

Closed
@jpraet

Description

@jpraet
Member

Currently, in the branch protection settings, "Protected file patterns" can be configured:

image

I propose to add support for configuring the counterpart of this: "Unprotected file patterns".

Users with write access to the repo should be able to push commits that only touch unprotected files directly to the otherwise protected branch.

Activity

added
type/proposalThe new feature has not been accepted yet but needs to be discussed first.
type/featureCompletely new functionality. Can only be merged if feature freeze is not active.
on Jul 8, 2021
lafriks

lafriks commented on Jul 9, 2021

@lafriks
Member

It could probably be added as selection on what behavior is expected for patterns matching

jpraet

jpraet commented on Jul 9, 2021

@jpraet
MemberAuthor

It could probably be added as selection on what behavior is expected for patterns matching

What if we want to configure both protected file patterns AND unprotected file patterns though?

self-assigned this
on Jul 10, 2021
lafriks

lafriks commented on Jul 14, 2021

@lafriks
Member

They would be conflicting imho, how that would work?

jpraet

jpraet commented on Jul 15, 2021

@jpraet
MemberAuthor

I think they are complementary. For example:

  • protected_file_patterns: /LICENSE.md
  • unprotected_file_patterns: /docs/**

And protected_file_patterns takes precedence: when a changed path matches both protected_file_patterns and unprotected_file_patterns, it will be treated as protected.

lafriks

lafriks commented on Jul 15, 2021

@lafriks
Member

But if I understand correctly that if I have write to the repo and there is unprotected_file_patterns set like in your example I would not be able to modify /LICENSE.md anyway even with no protected_file_patterns set as I can only modify files in /docs/ directory.

jpraet

jpraet commented on Jul 15, 2021

@jpraet
MemberAuthor

With unprotected_file_patterns, people with write access to the repo can modify those files even if they are not allowed to push directly to the branch. It is to allow to bypass the PR workflow.

added a commit that references this issue on Sep 11, 2021
3d6cb25
locked and limited conversation to collaborators on Oct 19, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

Labels

type/featureCompletely new functionality. Can only be merged if feature freeze is not active.type/proposalThe new feature has not been accepted yet but needs to be discussed first.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

    Development

    Participants

    @lafriks@jpraet

    Issue actions

      Support unprotected file patterns · Issue #16381 · go-gitea/gitea