Hamburger Cross Icon
VCS Guardrails - Branch Protection Enabled

Branch Protection Enabled

Guardrail VCS Guardrails Stable Repository And Ownership
vcs.branch-protection-enabled

Requires branch protection rules to be enabled on the default branch. Branch protection is the foundation for all other VCS security controls.

branch protection github security
Get Started View All VCS Guardrails

Compatible Integrations

This guardrail works with the following integrations. Click to see how to use Branch Protection Enabled with each collector.

+
Branch Protection Enabled + GitHub Collector Provides GitHub repository and branch protection data

Enable This Guardrail

Add the parent policy to your lunar-config.yml to enable this guardrail.

📄 lunar-config.yml 
policies:
  - uses: github://earthly/lunar-lib/policies/vcs@v1.0.0
    include: [branch-protection-enabled]
    # with: ...

How This Guardrail Works

This guardrail is part of the VCS Guardrails policy. It evaluates data collected by integrations and produces a pass/fail check with actionable feedback.

When enabled, this check runs automatically on every PR and in AI coding workflows, providing real-time enforcement of your engineering standards.

Learn How Lunar Works
1
Integrations Gather Data
Collectors extract metadata from code, CI pipelines, tool outputs, and scans
2
{ } Centralized as JSON
All data merged into each component's unified metadata document
3
This Guardrail Checks Current
Branch Protection Enabled runs and provides pass/fail feedback

Configuration Options

These inputs can be configured in your lunar-config.yml to customize how the parent policy (and this guardrail) behaves.

Input Required Default Description
min_approvals Optional 1 Minimum number of required approvals (integer, or omit to skip check)
required_default_branch Optional main Required default branch name for the require-default-branch policy. Defaults to 'main'
allowed_merge_strategies Required Comma-separated list of allowed merge strategies for the allowed-merge-strategies policy (merge, squash, rebase). Only listed strategies will be allowed

Related Guardrails

Other guardrails in the VCS Guardrails policy.

Guardrail Repository And Ownership
Require Pull Request

Requires all changes to go through pull requests before merging. Prevents direct pushes to protected branches without...
Guardrail Repository And Ownership
Minimum Approvals

Enforces a minimum number of approving reviews before merge (default 1). Configurable via the min_approvals input for...
Guardrail Repository And Ownership
Require Codeowner Review

Requires approval from designated code owners defined in CODEOWNERS file. Ensures domain experts review changes to...
Guardrail Repository And Ownership
Dismiss Stale Reviews

Automatically dismisses approvals when new commits are pushed to a PR. Prevents merging outdated approvals after...
Guardrail Repository And Ownership
Require Status Checks

Requires CI status checks to pass before merging pull requests. Prevents merging code that fails tests or linting.
Guardrail Repository And Ownership
Require Branches Up To Date

Requires PR branches to be up-to-date with the base branch before merging. Prevents merging stale branches that may have...
View all 14 guardrails in VCS Guardrails
VCS Guardrails

VCS Guardrails

This guardrail is part of the VCS Guardrails policy, which includes 14 guardrails for repository and ownership.

View Policy

Ready to Automate Your Standards?

See how Lunar can turn your engineering wiki, compliance docs, or postmortem action items into automated guardrails with our 100+ built-in guardrails.

Works with any process
check Infrastructure conventions
check Post-mortem action items
check Security & compliance policies
check Testing & quality requirements
Book a Demo
See it work with your own use cases
See How It Works