You can now restrict pushes into your private and internal repositories and their forks, with push rules – a new type of ruleset. Push rules enable you to limit updates to sensitive files like actions workflows, and help to enforce code hygiene by keeping unwanted objects out of your repositories.
In addition, organization owners can now allow repository property values to be set when repositories are created. This ensures appropriate rules are enforced from the moment of creation and improves discoverability of new repositories.
Push Rules
Organization and repository owners can now configure rules that govern what changes can be pushed to their repository, by attributes of the files changed – including their paths, extensions and sizes.
Available push rules
Restrict file paths
- This rule allows you to define files or file paths that cannot be pushed to. An example of when you might use this is if you wanted to limit changes to your Actions workflows in
.github/workflows/**/*
- This rule allows you to define files or file paths that cannot be pushed to. An example of when you might use this is if you wanted to limit changes to your Actions workflows in
Restrict file path length
- You can limit the path length of folder and file names.
Restrict file extensions
- You can keep binaries out of your repositories using this rule. By adding a list of extensions, you can exclude
exe
jar
and more from entering the repository.
- You can keep binaries out of your repositories using this rule. By adding a list of extensions, you can exclude
Restrict file size
- Limit the size of files allowed to be pushed. Note: current GitHub limits are still enforced.
Push rules are available on GitHub Team plans for private repositories, and coverage extends to not just the repository, but also all forks of that repository. Additionally, GitHub Enterprise Cloud customers can set push rules on internal repositories and across organizations with custom repository properties. You can also access rule insights to see how push rules are applied across your repositories.
Additional details
- Delegated bypass for push rules, currently in beta, allows your development teams to stay compliant with internal policies and keep a clean git history. Developers can easily request exceptions to push rules, that are reviewed and audited all within GitHub.
- To ensure best performance push rules are designed to handle up to 1000 reference updates for branches and tags per push.
For more information, see the Push Rule documentation and to get started you can visit the ruleset-recipes
repository to import an example push ruleset.
Custom properties
Organization owners can now allow their users to set custom properties during repository creation. Previously, this was only available to repository administrators or those with permissions to edit custom repository properties. By selecting Allow repository actors to set this property
for your custom property, you can ensure repositories have properties attached from the start.
We want to hear from you
Questions or suggestions? Join the conversation in the community discussion.