agenticlately · GH-600 Study Prep
Home Phase 0 Lesson 0.9

Branch Protection + Rulesets

The building code baked into main. Work can't join the real house unless the inspector approved it, the inspection rig passed, and only a licensed worker did it — no exceptions, no trust required.

Story

Building-a-house world — same site and crew as every Phase 0 lesson.

In your city, buildings have to follow a building code. Before any new wall, wire, or pipe joins the real house, the inspector must have signed off, the automatic inspection rig must have run clean, and only a licensed worker can have done the job. These aren't rules anyone can wave away — they're baked into the gate. An eager worker can't skip them because they're in a hurry. Even you, the owner, can configure the gate to hold you to the same standard.

Branch protection rules and rulesets are GitHub's building code for main. Work can't join the real house unless the gate says it's allowed.

Branch protection rules

A branch protection rule attaches conditions to a single branch. The docs: it defines "whether collaborators can delete or force push to the branch and set requirements for any pushes to the branch, such as passing status checks or a linear commit history."

source: docs.github.com — About protected branches · fetched 2026-05-29

The key settings — and what each one blocks

Think of each setting as a clause in the building code. The gate won't open unless every turned-on clause is satisfied.

Setting Gate won't open unless…
Require pull request reviews The PR has the required number of approving reviews. Direct pushes to main are blocked entirely.
Require status checks CI/CD checks (Actions) have a successful, skipped, or neutral result. Failing checks = no merge.
Restrict who can push The pusher is on the allowed list of users, teams, or apps. Everyone else is blocked.
Block force pushes Nobody rewrites or erases history on the branch. On by default for protected branches.
Block deletion Nobody deletes the protected branch. On by default.
Do not allow bypassing Even admins must follow all the rules above. Without this, admins are exempt.
Require conversation resolution All open review comments are resolved before merging.
Require linear history No merge commits land on the branch — only squash or rebase merges.
One rule, one branch

Classic branch protection targets one branch name pattern — great for locking down main. When you need rules that span many branches, toggle on/off without deleting, or stack multiple policies, use rulesets (next section).

Rulesets — the newer, more flexible way

A ruleset is "a named list of rules that applies to a repository or to multiple repositories in an organization." It enforces the same protection settings as above, and adds:

source: docs.github.com — About rulesets · fetched 2026-05-29

  • Named and togglable. Each ruleset has a name and a status: active ("will be enforced upon creation") or disabled ("will not be enforced"). Toggle it off for an emergency window; the config stays intact when you re-enable it.
  • Pattern targeting. Apply to many branches or tags at once using fnmatch patterns — e.g. release/**/* catches every release branch in one rule.
  • Stack and aggregate. "If multiple rulesets target the same branch or tag… the rules in each of these rulesets are aggregated," and "the most restrictive version of the rule applies." Two rulesets requiring 1 and 2 reviews respectively → 2 reviews required.
  • Bypass list. Specific roles, teams, or GitHub Apps can be explicitly exempted.
  • Visible to all readers. "Anyone with read access to a repository can view the active rulesets." Workers can see what rules are in play — no guessing.
  • Organization-wide (Enterprise). One ruleset can enforce the same building code across every repo in an org — one policy, many sites.

Branch protection vs. rulesets — one-look contrast

Same goal: protect main with required reviews and CI checks, plus protect release/* with a stricter 2-review rule.

With classic branch protection:

Rule 1: branch = "main"
  ✓ Require 1 approving review
  ✓ Require status checks

Rule 2: branch = "release/*"
  ✓ Require 1 approving review    ← can't easily add a 2-review rule on
  ✓ Require status checks            the same pattern without replacing it

With rulesets:

Ruleset A: "Core safety"  [active]
  → targets: main, release/**/*
  ✓ Require 1 approving review
  ✓ Require status checks

Ruleset B: "Release extra gate"  [active]
  → targets: release/**/*
  ✓ Require 2 approving reviews

Result on release/*:
  Most restrictive wins → 2 reviews required.
  Toggle Ruleset B to [disabled] for an emergency hotfix.
  main still gets 1 review (only Ruleset A applies there).
One sentence

Classic branch protection = one rule, one branch, no toggle. Rulesets = named, stackable, pattern-targeted, toggleable — and visible to everyone with read access.

How to get there (UI teaser)

You won't be clicking through this on the exam, but knowing the path helps:

  • Classic branch protection: Repo → SettingsBranchesAdd branch protection rule
  • Rulesets: Repo → SettingsRulesRulesetsNew ruleset

Both live under the Rules section in modern GitHub repos. Rulesets is the direction GitHub is actively developing — expect it to be what future exam questions reference.

Why this matters for GH-600

This is the enforcement layer behind "agents propose, humans and policy accept." Branches + PRs (0.3 / 0.4) let an agent propose work. Branch protection / rulesets are the gate that accepts or rejects — automatically, without anyone having to remember to check.

Trace it through: an AI agent finishes work on a branch and opens a PR to main.

  • Require pull request reviews → the agent cannot merge without a human approving.
  • Require status checks → the agent's PR can't merge until Actions tests go green.
  • Restrict who can push + Block force pushes → the agent can't bypass the PR gate by pushing directly, and can't quietly rewrite main's history.

The building code doesn't care how fast or clever the agent is. The gate doesn't open.

When the exam asks "how do you prevent an autonomous agent from shipping unreviewed code to production?" — the answer is branch protection / rulesets requiring PR review + passing checks before merge.

Dual relevance

Branch protection / rulesets → Exam: HIGH · Day-to-day: MED–HIGH. GH-600 directly tests how you keep agents from merging unreviewed code to production. This is a core exam topic. Day-to-day, you'll configure these on every real-world project. Know the four key settings cold: require PR reviews, require status checks, restrict who can push, block force pushes. Know when to use classic rules vs. rulesets (one branch vs. many / no toggle vs. toggleable).

Check-in — three questions

Open-ended. Think first, then peek at the suggested answer.

  1. You want no code to reach main without a passing CI run AND a human sign-off. Which two branch protection settings do you turn on, and what does each one block?

    Suggested answer

    Require status checks — blocks merging until Actions (or other CI) checks report successful, skipped, or neutral. Failing checks = gate stays closed. Require pull request reviews — blocks merging until the required number of humans have approved the PR. Together: the agent's work physically cannot land on main without both a green CI run and a human sign-off.

  2. Your team has a main branch and a family of release/v* branches. You want a 2-review rule on release branches and a 1-review rule on main. Can classic branch protection do this cleanly — and what's the ruleset alternative?

    Suggested answer

    Classic branch protection is awkward here: each rule targets one pattern, and you can't stack two rules on the same branch to get different review counts. With rulesets you create two named rulesets — "Core safety" targeting main with 1 review, and "Release gate" targeting release/**/* with 2 reviews. They stack: release/* gets the stricter of the two (2 reviews). Toggle "Release gate" to disabled for an emergency; it stays configured for when you re-enable it.

  3. An AI agent opens a PR to main. Your building code: "Require PR reviews" + "Require status checks" + "Block force pushes" all on. Walk through what the agent can and can't do.

    Suggested answer

    The agent can open the PR and trigger the CI checks. It cannot merge: the gate stays closed until a human approves AND Actions reports a passing status. It also cannot push directly to main (all changes must go via PR) and cannot force-push to overwrite history. The building code holds regardless of who — or what — is pushing.

Mentor marks this lesson verified after you compare answers and say "got it" in chat.

Ticks this lesson done on the home roadmap. Saved in this browser.

phase 0 · lesson 0.9 · classic GitHub

Sources: docs.github.com — About protected branches · docs.github.com — About rulesets · fetched 2026-05-29.

Unofficial study material. Not affiliated with, endorsed by, or sponsored by GitHub or Microsoft. “GH-600” and “GitHub” are trademarks of their respective owners, used for identification only.