Set branch protection to "default" branches

I know how to configure branch protection and about the new wildcards support, but is there a way always to define **master** and **develop** (for instance) as protected branches with the same rules?

The wildcards pattern does not work in this case. I would work if it could support regular expression, but I know that’s not possible at the moment.

We have many projects (and more coming), and they should all follow the same rules for these two main branches as soon as they are created on GitHub.

Having to repeat the same steps every time is a bit frustrating.   

Also, some projects usually start with just **master** and the **develop** branch gets created only after the first release: project admins must remember to add this branch to the protected ones and trust me, it almost never happens before someone realises that the branch got commits “the wrong way”.

You may want to look at the Probot Settings app. It is specifically designed to make standardizing your configuration between repositories very easy, including branch protections.

WARNING Note that this app inherently escalates anyone with push permissions to the admin role, since they can push config settings to the master branch, which will be synced. Use with caution.

That looks interesting but also too dangerous.

I think something native would prevent these permission issues and streamline the project’s configuration.

The drawbacks of this suggestion would be too risky and I’m not sure why this should make the issue “Solved”.

Hi @andreasciamanna,

Thanks for this feedback! We’re always working to improve GitHub, and we consider every suggestion we receive. I’ve logged your feedback in our internal feature request list. Though I can’t guarantee anything or share a timeline for this, I can tell you that it’s been shared with the appropriate teams for consideration.

Please let me know if you have any other questions.

Cheers!

I have the exact same need. I’d like to globally protect the “master” branch of any repo within my organization so that it refuses direct push but requires PR instead. I can configure that manually for each repository, but that’s quite a waste of time.

I’d also like to have that automated as I fork other OSS projects into my org.

Also really surprised there’s no way to specify default branch protection rules for the organization or account to apply to all new repos. This should definitely be a core feature.