58

I'm trying to figure out a good way to prevent developers from force pushing master with Git. We used GitHub to host our remote repositories so a pre-receive hook isn't an option. Any other solutions that could easily be implemented for a team of developers?

As a side note, I don't want to disable force pushing in general. Sometimes it is a necessary evil. But that said, force pushing on master cannot happen.

Arturo Herrero
13.2k11 gold badges48 silver badges77 bronze badges
asked Sep 14, 2011 at 15:51
2
  • 2
    Related question: github - prevent colaborator from push -f. Commented Jun 7, 2013 at 19:56
  • 3
    It is possible to disable force push on the entire repo by contacting GitHub support. Commented Jun 18, 2014 at 2:51

7 Answers 7

75
+50

Update

Github has since introduced the concept of protected branches. It can be found under Settings -> Branches -> Protected Branches

This "protection" can be enabled for any branch, and for any user, including admins.

More details here - https://help.github.com/articles/defining-the-mergeability-of-pull-requests/

(削除) You cannot prevent this in Github.

What you can do is have an intermediate repo on your side, run a pre-receive hook in that to prevent force push and push from this intermediate repo to github and block access for direct push to github. Yeah this is not elegant and you lose lots of features with Github, but I don't see any other way.

Edit: Just came across this answer, which says the same and gives another workaround: GitHub - prevent collaborators from using push -f (削除ここまで)

answered Sep 14, 2011 at 15:59
Sign up to request clarification or add additional context in comments.

7 Comments

It is possible at GitHub enterprise: enterprise.github.com/help/articles/…
Given the "protected branches" bit had been part of other answers for years before the introducing edit, you may want to consider giving credit to other authors as well.
Once a branch is protected this way, how does an admin can force push something?
As it is for now "Protected branches are available to Pro, Team, and Enterprise users" only.
|
14

GitHub introduced a new feature called "Protected Branches" to prevent force pushing. You can configure it in repository Settings> Branches.

github protected branches

answered Sep 16, 2015 at 10:17

Comments

9

I'm not a github expert, but I believe you can do this if you use github Organizations.

You would need to create an Organization "Pull Only" Team for the developers who aren't allowed to push to master. Instead of working on the main repo, they would fork your main repo and set their local repos to sync with their fork repos. Anytime they want to push code to the main repo, they would have to push their code onto their fork and submit a Pull Request instead.

This is where you create another Organization "Push & Pull" Team for developers which can review and approve the pull requests, and merge them into your main repo.

Basically every developer is only pushing to their own fork, and nobody can push to the main repo directly (except the Team with both Push/Pull access). For a push to happen on the main repo, it must always go through a pull request from a fork repo.

answered Mar 1, 2012 at 11:10

Comments

5

[UPDATE] Github now provides "protected branches" feature just for this purpose.

Easy-peasy: Get Github "Enterprise" installation, then follow instructions below: https://help.github.com/enterprise/2.1/admin/articles/blocking-force-pushes-to-a-repository/

Disclaimer: this was a tounge-in-cheek answer. Drop a line at https://github.com/contact and maybe Github folk will hear us and enable this option for the masses.

answered Sep 28, 2012 at 10:01

1 Comment

2

In the case of GitHub specifically, it is possible to block force pushes, but it is not possible to make this change on your own. You'll have to contact support ( [email protected], https://github.com/contact ) to make the change on repositories you specify.

answered Jun 26, 2014 at 17:41

Comments

1

Well if you don't want to change the branch protection, or you might have some group in git that is allow to push to master, I think is better to have a documentation on how to configure github to your Team members in their machines with this command, and telling them the purpose of the commands.

Supposing that they have forked the repo, add the main repo remote + disallow push to master. 

git remote add upstream [email protected]:username/project.git
git remote set-url --push upstream no_push

is an easy and nice way to prevent it

answered May 26, 2020 at 9:53

Comments

0

Let me define those steps in a most simple way:

  1. Goto your repository & click on the Settings:

enter image description here

  1. Next goto Branches section & click on Add button:

enter image description here

  1. Ok, good, we are in the last step now. You need to do these:

    • Fill in the branch name as master.
      Note: here, you can set any branch name you want to protect. For example, if you want to protect the develop branch, write develop.
    • Check two options "Lock branch" and "Do not allow bypassing the above settings."

enter image description here

  1. Now test it:
git push origin main --force

You should get the following message ➪

enter image description here

Check the official documentation here for more information about branch protection policies.

answered Jan 12, 2023 at 13:16

Comments

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.