Strengthen branch protection policy on main

## Problem

Branch protection is enabled on `main`, but the current policy is minimal and does not enforce meaningful review gates:

- **Required approving reviews: 0** — PRs can be merged without any approval
- **Dismiss stale reviews: No**
- **Require code owner reviews: No**
- **Require signed commits: No**
- **Enforce for admins: No**

This effectively allows direct merges without review.

## Recommended Changes

Update the branch protection rule on `main` to include:

- [x] **Require at least 1 approving review**
- [x] **Dismiss stale pull request approvals when new commits are pushed**
- [x] **Do not allow force pushes** (already set)
- [x] **Do not allow deletions** (already set)
- [ ] Consider: Require code owner reviews
- [ ] Consider: Require signed commits
- [ ] Consider: Include administrators in these restrictions

## How To Update

1. Go to **Settings > Branches**
2. Edit the existing `main` protection rule
3. Under "Require a pull request before merging", set **Required number of approvals** to at least 1
4. Enable **Dismiss stale pull request approvals when new commits are pushed**
5. Save changes

## References

- [GitHub docs: Managing a branch protection rule](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/managing-a-branch-protection-rule)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Strengthen branch protection policy on main #22

Problem

Recommended Changes

How To Update

References

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Strengthen branch protection policy on main #22

Description

Problem

Recommended Changes

How To Update

References

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions