DOS5070

Pull Requests - Enable automatically delete head branches after pull requests are merged in your repository

DOS5070

GitHub repository medium builtIn

Description

You should have head branches automatically deleted after pull requests are merged in your repository. Deleted branches will still be able to be restored. Learn more: https://docs.github.com/en/enterprise-cloud@latest/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-the-automatic-deletion-of-branches

Recommendation

1. Go to Repository Settings. 
2. In the 'General' section of the sidebar, go to 'Pull Requests' section. 
3. Ensure the 'Automatically delete head branches' setting is enabled.

Policy Rule

{
  "target": "GHRepository",
  "if": {
    "allOf": [
      {
        "resource": "GHRepository",
        "property": "DeleteBranchOnMerge",
        "operator": "equals",
        "value": true
      }
    ]
  },
  "then": {
    "effect": "Audit"
  }
}
« DOS5065 DOS5500 »
Rule Details
  • Rule ID: DOS5070
  • Code: GH_Repository_Policies_PullRequests_Enable_Automatically_Delete_Head_Branches
  • Platform: GitHub
  • Category: repository
  • Severity: medium
  • Type: builtIn
Related Rules

Copyright © DevOps Shield. All Rights Reserved. Privacy Policy | Cookie Policy | Terms and Conditions