Add an option to allow force pushes to protected branches when there are no branches in the project

Release notes

Problem to solve

It is currently possible for users to be able to create new projects and then not be able to push new code to it. This happens when the Default branch protection setting for a project is Fully protected because there are no branches at all in the project, so one must be pushed, but pushing is forbidden.

This causes friction with teams where they need to ensure that users cannot force push but also means that individuals can't start a project without Maintainer permissions to disable the setting temporarily, push code, and then re-enable the setting, which is not desirable. Much of the background context on the friction this causes is discussed in this issue.

Current State

Proposal

Add a new option for Initial default branch protection of "Fully protected after initial push" (or similar wording).

• When this value is selected, allow a project that has no default branch yet created to be force pushed to. Once the default branch does exist, act just like the existing Fully protected setting.

This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.