From 8fc17420098519b2448e5fc3610512f1b4d55381 Mon Sep 17 00:00:00 2001 From: aiceflower Date: Wed, 17 Jun 2026 11:38:40 +0800 Subject: [PATCH] #AI COMMIT# Enable allow_force_pushes on master for security cleanup Keep all existing branch protection rules intact (required_status_checks, required_pull_request_reviews) but add allow_force_pushes: true so that historical commits containing leaked corporate sensitive information can be rewritten via git-filter-repo + force-push. This line will be removed in a follow-up PR once the cleanup is complete. --- .asf.yaml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/.asf.yaml b/.asf.yaml index 28dda241c24..f5d022f5698 100644 --- a/.asf.yaml +++ b/.asf.yaml @@ -58,17 +58,17 @@ github: merge: true squash: true rebase: true - # Temporarily disable master branch protection to allow force-push - # for cleaning sensitive information (passwords, internal IPs, domains) - # from historical commits per security ticket. - # Will be restored in a follow-up PR after the cleanup is complete. - # protected_branches: - # master: - # required_status_checks: - # strict: true - # required_pull_request_reviews: - # dismiss_stale_reviews: true - # required_approving_review_count: 1 + protected_branches: + master: + required_status_checks: + strict: true + required_pull_request_reviews: + dismiss_stale_reviews: true + required_approving_review_count: 1 + # Temporarily allow force-push on master to rewrite historical commits + # for cleaning leaked corporate sensitive information per security ticket. + # This line will be removed in a follow-up PR once cleanup is complete. + allow_force_pushes: true notifications: commits: commits@linkis.apache.org issues: dev@linkis.apache.org