Skip to content

Branch ProtectionΒΆ

Rulesets are stored as code in .github/rulesets/main.json. The canonical repository currently has an active repository ruleset named main targeting refs/heads/main.

Create in the canonical repository:

gh api -X POST /repos/oaslananka/kicad-mcp/rulesets --input .github/rulesets/main.json

If the ruleset already exists, use the ruleset id:

gh api /repos/oaslananka/kicad-mcp/rulesets
gh api -X PUT /repos/oaslananka/kicad-mcp/rulesets/<id> --input .github/rulesets/main.json

The current single-maintainer policy requires pull requests, linear history, non-fast-forward protection, resolved review threads, and the required CI, Gitleaks, and CodeQL check-run contexts listed in .github/rulesets/main.json.

Enable required approvals, code-owner review, and verified commit-signing enforcement after adding a second trusted maintainer and configuring signing for all release actors.

When a required workflow job name changes, update the root branch-protection document and .github/rulesets/main.json together before applying the ruleset.