Default Branch Should Require All Conversations To Be Resolved Before Merge
policy name: no_conversation_resolution
severity: LOW
Description
Require all Pull Request conversations to be resolved before merging. Check this to avoid bypassing/missing a Pull Request comment.
Threat Example(s)
Allowing the merging of code without resolving all conversations can promote poor and vulnerable code, as important comments may be forgotten or deliberately ignored when the code is merged.
Remediation
Note: The remediation steps apply to legacy branch protections, rules set-based protection should be updated from the rules set page
- Make sure you have admin permissions
- Go to the repo’s settings page
- Enter ‘Branches’ tab
- Under ‘Branch protection rules’
- Click ‘Edit’ on the default branch rule
- Check ‘Require conversation resolution before merging’
- Click ‘Save changes’