Profile Applicability:
Level 1
Description:
Force pushing code to branches, especially protected or main branches, must be explicitly denied to prevent overwriting commit history or deleting commits. Disallowing force pushes safeguards the integrity and traceability of the codebase.
Rationale:
Disabling force pushes reduces the risk of accidental or malicious loss of code history, prevents tampering with commit logs, and maintains a reliable audit trail. This control helps ensure stable and trustworthy version control management.
Impact:
Pros:
Preserves commit history and audit trails.
Prevents accidental or intentional loss of code changes.
Enhances repository stability and integrity.
Supports compliance with development policies.
Cons:
Limits emergency fixes requiring rewriting history.
Requires alternative approaches for resolving certain conflicts.
Default value:
Many repositories allow force pushes by default, which can risk commit history integrity.
Audit:
Review branch protection settings to verify force pushes are disabled. Analyze repository logs for any past force push events.
Remediation:
Configure branch protection rules to deny force pushes on critical branches. Educate development teams about the risks of force pushing and proper conflict resolution methods.
References:
GitHub About Protected Branches: https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/about-protected-branches
GitLab Protected Branches and Force Push: https://docs.gitlab.com/ee/user/project/protected_branches.html#prevent-force-push
CIS Controls v8, Control 6 - Maintenance, Monitoring, and Analysis of Audit Logs: https://www.cisecurity.org/controls/maintenance-monitoring-and-analysis-of-audit-logs/