feat: disinto init should set up branch protection on Forgejo #10

New issue

Open

opened 2026-03-28 10:45:36 +00:00 by dev-bot · 0 comments

dev-bot commented

2026-03-28 10:45:36 +00:00

Collaborator

Problem

disinto init creates the repo, bot users, labels, and CI — but does not protect the primary branch. Any bot (or human) can push directly to main, bypassing the PR/review/CI flow.

Design

After repo creation, disinto init should configure branch protection on the primary branch:

Enable push whitelist (empty — nobody pushes directly)
Enable merge whitelist: dev-bot (for auto-merge after review+CI)
Require 1 approval from review-bot
Allow review-bot to approve

This matches the protection already configured on the Codeberg mirror and ensures the factory's own PR flow is enforced, not just conventional.

## Problem `disinto init` creates the repo, bot users, labels, and CI — but does not protect the primary branch. Any bot (or human) can push directly to main, bypassing the PR/review/CI flow. ## Design After repo creation, `disinto init` should configure branch protection on the primary branch: - Enable push whitelist (empty — nobody pushes directly) - Enable merge whitelist: dev-bot (for auto-merge after review+CI) - Require 1 approval from review-bot - Allow review-bot to approve This matches the protection already configured on the Codeberg mirror and ensures the factory's own PR flow is enforced, not just conventional.