Hi Devs - Given that we are a project running in production in a regulated space, and we have a number of committers involved, I would like to propose a change in how we operate.
According to the folks in infrastructure at ASF, we can have branch protection enabled in github. I don't believe we have done this yet and instead rely on the committers being careful. Which is fine, but maybe we should consider enforced rules? Branch protection Projects can enable branch protection in their repos, including most of the sub-level protection features such as 'require status checks to pass before merging' , 'approval by at least $n people' , and 'require pull request reviews'. https://github.com/apache/infrastructure-asfyaml#branch-protection <https://github.com/apache/infrastructure-asfyaml#branch-protection> I would propose that we enforce the following on the 'develop' branch. * require status checks to pass before merging * require approval by at least 2 people ? James PMC member
