Hi all,

Discussion during today’s OpenAMP System Reference call led to this proposal:

Disable force push on main branch. If it is ever needed, the repo owner can enable it for making a specific fix & then disable it again.
Change main branch via pull requests only
We will not restrict rebase of patches (on any branch) b/c GitHub pipeline automatic rebase is useful when you're merging multiple PRs in a row. GitHub will warn you about lexicographical conflicts.

Please let us know by EOD 6^th Feb 2024 if you have any concerns/objections.

Thanks & regards,

Nathalie

From: Chan King Choy, Nathalie via Tsc <tsc@lists.openampproject.org>
Sent: Thursday, January 11, 2024 4:37 PM
To: Levinsky, Ben <ben.levinsky@amd.com>; OpenAMP TSC (tsc@lists.openampproject.org) <tsc@lists.openampproject.org>
Subject: [OA-Tsc] Defining OpenAMP GitHub main branch security policies

Hi Ben & OpenAMP TSC members,

During today’s OpenAMP System Reference call, the question came up about defining GitHub main branch security policies. Bill mentioned that Ben had some thoughts on low-hanging fruit in this area, so starting up a thread on this topic.

Please let us know your recommendations.

Thanks & regards,

Nathalie

P.S. Thanks to Bill for getting the OpenAMP GitHub organization upgraded to team level!