Control: 1.1.15 Ensure pushing or merging of new code is restricted to specific individuals or teams
Ensure that only trusted users can push or merge new code to protected branches.
Requiring that only trusted users may push or merge new changes reduces the risk of unverified code, especially malicious code, to a protected branch by reducing the number of trusted users who are capable of doing such.
Note: Only administrators and trusted users can push or merge to the protected branch.
For each repository that is being used, ensure only trusted and responsible users can push or merge new code.
For each repository in use, allow only trusted and responsible users to push or merge new code.
Run the control in your terminal:
steampipe check github_compliance.control.cis_supply_chain_v100_1_1_15
Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share github_compliance.control.cis_supply_chain_v100_1_1_15
This control uses a named query:default_branch_restrict_push_and_merge