(Credit: Tiffany Cai, Badass PM, 2025)

There are two rulesets:

“no-touchy” prevents main or dev from being deleted, requires a pull request before merging, and blocks force pushes.

“no-push-to-main” prevents updates to main. For our purposes, it prevents team members from accepting pull requests merging to main.

How to do this:

1. Go to rulesets in Settings

   

2. Click on the “New ruleset” button and add a new branch ruleset

   

3. Name the ruleset whatever you want

4. Set the enforcement status to active

   

5. For the “no-touchy” ruleset

   • Add two target branches
     • Include default branch (main or master)
     • Include by pattern (type in the branch name for your dev branch)
   • Add these branch rules
     • Restrict deletions
     • Require a pull request before merging
     • Block force pushes
   • Hit save changes

6. For the “no-push-to-main” ruleset

   • Repeat steps 1-4 to create a new ruleset
   • Add role to bypass list
     • Organization admin
       • This allows you, an organization admin, to bypass the rules and accept the merge requests to main
       • 
   • Add target branch
     • Include default branch (main or master)
   • Add these branch rules
     • Restrict updates
   • Hit save changes

7. That should do it