Ensure no branch has 'force push' enabled
The 'force push' option allows users with 'push' permissions to force their changes directly to the branch without a pull request and thus should be disabled.
Risk Level: medium
Platform: Github
Spectral Rule ID: GH-HRD001
REMEDIATION
SaaS:
In the repository setting on Github site:
- Go to Setting.
- Click on branches in the Setting menu.
- Find 'Rules applied to everyone including administrators' section.
- Uncheck the
Allow force pushes
checkbox.
Read more:
Updated about 1 year ago