- Published on
What "Bypassed rule violations" means when pushing changes to Github remote
- Authors
- Name
- interglobalmedia
- @letsbsocial1
A while back, when Github
started adding branch protection rules
, I wanted to make sure that not just anyone
could try to make pull requests
, merges
, or push
to remote origin
on my public repositories. So I made sure at the very least to lock my main branch
(or master
with older repositories). That way it was “read only”
for everyone except
myself. Later, I even added this protection
to private repositories
in case if I temporarily made them public
for whatever reason.
But I never remember getting any messages referring to these branch protection rules
until Friday, March 24, 2023
, when someone
at Github
had accidentally published Github
's private SSH key
on a public repository
. And I thought, “What is going on? Why am I receiving this message, and what does it mean? Because I have admin access to all my repos. I should be able to do whatever I want!”
. And “Why am I not getting this message when I was pushing to another repository around the same time?”
I had not set up branch protection
on that branch because it was a private repository
.
Now I am adding at the very least this one branch protection rule
, whether the repository
is private or not!
I got back the following in Terminal
after running the git push origin main
command to push
my local repo commits
to remote origin
for a repository in which I turned on “locked branch: read only”
for my main
(production
) branch:
git push origin main
Enumerating objects: 21, done.
Counting objects: 100% (21/21), done.
Delta compression using up to 10 threads
Compressing objects: 100% (14/14), done.
Writing objects: 100% (14/14), 2.71 KiB | 925.00 KiB/s, done.
Total 14 (delta 10), reused 0 (delta 0), pack-reused 0
remote: Resolving deltas: 100% (10/10), completed with 7 local objects.
remote: Bypassed rule violations for refs/heads/main:
remote:
remote: - Cannot change this locked branch
remote:
To github.com:interglobalmedia/inter-jobs-api.git
177ab81..48ba239 main -> main
I got the message
“Bypassed rule violations for refs/heads/main”
and “remote: - Cannot change this locked branch”
because I had selected “Lock branch Branch is read-only. Users cannot push to the branch.”
within the repository Settings
for Branches under Branch Protection Rules
. I suppose Git
was updated to include those reminders to us as to which protection(s)
we have turned on in our remote repositories, thereby letting us know that it knows, and Github
knows and recognizes that those protections
are indeed in place and working.
So why weren't protections
working for Github
on Friday, March 24, 2023
? Or whenever their transgression
actually took place?
There are many other protections
one can turn on. I will be talking about a specific one that could have related to what happened on March 24, 2023
in another post.
Happy Git pushing to Github remote!
Related Resources
Client can bypass branch protection with pushed commits #16146: desktop/desktop (Github desktop)