We have 2 protected branches:
At one point, we created a Pull request merging
develop because there were changes in
main that weren’t in
The Github UI enabled the “Update Branch” button on this PR, which accidentally - and improperly, I think - immediately merged all of the commits in
main - without a a PR.
main branch is only updated during releases, and I could figure out the “last good commit hash” in
main, so I was able to do a
git reset --hard <hash> && git push -f origin master - with some emergency relaxing of the protection rules around the master branch)
Bottom line: Our
main branch was updated without validations being run against it, even though
main is protected.
And I can’t figure out way to configure github settings to prevent this in the future.