Push rule delegated bypass and custom property regex support are generally available and repository policy delegated bypass is in preview

[queenofcorgis]

Hello GitHub Community!

We’re excited to share that several new repository features are now available (some in preview) to help you better protect and manage your repos. Whether you’re using push rules to secure your workflows, enforcing validations with custom property regex requirements, or looking for extra safeguards when deleting a repository, we want to hear from you!

Here’s a quick rundown of what’s new:

• Generally Available: Push Rule Delegated Bypass: Request exceptions for push rules directly within GitHub, with built-in review and audit trails for transparency.
• Public Preview Repository Policy Delegated Bypass (Preview): Extend that same delegated bypass approach to repository policies, including deleting repositories or changing visibility settings.
• Generally Available: Custom Properties Regex Support: Set a regular expression requirement for Text-type custom properties to ensure consistent formatting (e.g., an email-like pattern).

Now we’d love your feedback!

• How do you see these updates fitting into your current workflow?
• Which parts of these features excite you the most? Any areas you think need more attention?

Feel free to share your experience, questions, and suggestions in this thread. Your input will help us improve these features.

Thanks for being an active part of the GitHub Community! We can’t wait to hear what you think 👂🏼 .

[dev-bio]

Unfortunately, bypass requests for push rules are close to useless for protecting workflows in its current state, as the approver can’t review the ruleset violations (the changes aren’t visible). Meaning that on approval, the push could contain a malicious workflow with a push trigger, and it would already be too late as the workflow would be triggered immediately upon approval.

[github-actions[bot]]

🕒 Discussion Activity Reminder 🕒

This Discussion has been labeled as dormant by an automated system for having no activity in the last 60 days. Please consider one the following actions:

1️⃣ Close as Out of Date: If the topic is no longer relevant, close the Discussion as out of date at the bottom of the page.

2️⃣ Provide More Information: Share additional details or context — or let the community know if you've found a solution on your own.

3️⃣ Mark a Reply as Answer: If your question has been answered by a reply, mark the most helpful reply as the solution.

Note: This dormant notification will only apply to Discussions with the Question label. To learn more, see our recent announcement.

Thank you for helping bring this Discussion to a resolution! 💬