Default branch protection setting "Allow developers to push initial commit" does not cascade to subgroups (#594777) · Issues · GitLab.org / GitLab

Default branch protection setting "Allow developers to push initial commit" does not cascade to subgroups

## Summary The "Allow developers to push initial commit" setting configured at a root group level does not cascade down to subgroups and their projects. This means that projects created in subgroups do not inherit this setting from their parent groups, even when the subgroup has no default branch protection settings defined. The setting only affects projects that are directly under the configured group/sub-group. ## Steps to reproduce 1. Create a root group (e.g., "Root Group") 2. Navigate to **Settings > Repository > Default branch** 3. Set "Initial default branch protection" to **Protected** 4. Configure the following settings: - Allowed to push: **Maintainers** (or any other setting) - Allowed to merge: **Maintainers** (or any other setting) - **Enable** "Allow developers to push to the initial commit" 5. Save the settings 6. Create a subgroup under the root group (e.g., "SubGroupA") 7. Do **not** define any default branch protection settings in SubGroupA 8. Create a new project (e.g., "ProjectA") under SubGroupA 9. Check the default branch protection settings for ProjectA **Example hierarchy:** ``` Root Group (has "Allow developers to push initial commit" enabled) └── SubGroupA (no default branch settings defined) └── ProjectA (does NOT inherit the setting from Root Group) ``` ## Current behavior ProjectA does not inherit the "Allow developers to push initial commit" setting from the Root Group. The setting appears to only apply to projects created directly under the group where it was configured, not to projects in subgroups. ## Expected behavior ProjectA should inherit the "Allow developers to push initial commit" setting from the Root Group, following the same cascading behavior as other default branch protection settings. This would ensure consistent security policies across the entire group hierarchy. ## Related issues and merge requests - Introduced in: [!118729](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/118729) - Add option to allow developer push if there are no branches - Related: [#461563](https://gitlab.com/gitlab-org/gitlab/-/issues/461563) - Unable to set default branch protection from groups

issue