<!--IssueSummary start--> <details> <summary> Everyone can contribute. [Help move this issue forward](https://handbook.gitlab.com/handbook/marketing/developer-relations/contributor-success/community-contributors-workflows/#contributor-links) while earning points, leveling up and collecting rewards. </summary> - [Close this issue](https://contributors.gitlab.com/manage-issue?action=close&projectId=278964&issueIid=553531) </details> <!--IssueSummary end--> ## Summary Group-level push rules are not being enforced on projects within the group. This results in unverified email addresses being allowed to push commits, even though the group-level rule is configured to reject them. --- ## Steps to Reproduce 1. Go to **Group → Settings → Repository → Pre-defined push Rules**. 2. Enable the rule: **"Reject unverified users"**.  3. Navigate to a project within the group. 4. Ensure the project has **no push rules defined locally**. 5. Push a commit using an **unverified email address**. --- ## Expected Behavior Pushes using unverified email addresses should be rejected on all projects under the group, as defined by the group-level push rules. --- ## Actual Behavior Pushes using unverified email addresses are **still accepted**, unless push rules are explicitly defined at the **project level**. --- ## Workaround To enforce push rules, we currently have to **manually configure them per repository**, which is not scalable — especially when creating new projects under the group. --- ## Request - Confirm whether group-level push rules are expected to be inherited by projects. - If yes, treat this as a **bug** and investigate a fix. - If not, please clarify the intended behavior and consider this a **feature request** for proper inheritance. - Ideally, new projects added to the group should **automatically inherit group-level push rules** unless explicitly overridden. --- ## Additional Information - No push rules were ever configured at the project level.