{"slug": "example-rulesets-used-by-astral", "title": "Example rulesets used by Astral", "summary": "Based on the provided text, the article summarizes example rulesets used by Astral for repositories like \"ruff,\" \"ty,\" and \"uv.\" These rulesets enforce branch protections, such as preventing pushes to advisory and internal branches, requiring pull requests on the default branch, and making tags immutable. Additionally, the rulesets include conditions for specific ref names and repository names to apply these protections.", "body_md": "branches-disallow-advisory.json\n\n This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.\n \nLearn more about bidirectional Unicode characters\n\n \n Show hidden characters\n\n{\n\n \"name\": \"no-push-advisory-branches\",\n\n \"target\": \"branch\",\n\n \"enforcement\": \"active\",\n\n \"conditions\": {\n\n \"repository_name\": {\n\n \"include\": [\n\n \"ruff\",\n\n \"ty\",\n\n \"uv\"\n\n ],\n\n \"exclude\": []\n\n },\n\n \"ref_name\": {\n\n \"exclude\": [],\n\n \"include\": [\n\n \"refs/heads/advisory-*\",\n\n \"refs/heads/ghsa-*\",\n\n \"refs/heads/cve-*\"\n\n ]\n\n }\n\n },\n\n \"rules\": [\n\n {\n\n \"type\": \"non_fast_forward\"\n\n },\n\n {\n\n \"type\": \"creation\"\n\n },\n\n {\n\n \"type\": \"update\"\n\n }\n\n ],\n\n \"bypass_actors\": []\n\n}\n\nbranches-disallow-internal.json\n\n This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.\n \nLearn more about bidirectional Unicode characters\n\n \n Show hidden characters\n\n{\n\n \"name\": \"no-push-internal-branches\",\n\n \"target\": \"branch\",\n\n \"enforcement\": \"active\",\n\n \"conditions\": {\n\n \"repository_name\": {\n\n \"include\": [\n\n \"ruff\",\n\n \"ty\",\n\n \"uv\"\n\n ],\n\n \"exclude\": []\n\n },\n\n \"ref_name\": {\n\n \"exclude\": [],\n\n \"include\": [\n\n \"refs/heads/internal/**/*\"\n\n ]\n\n }\n\n },\n\n \"rules\": [\n\n {\n\n \"type\": \"non_fast_forward\"\n\n },\n\n {\n\n \"type\": \"creation\"\n\n },\n\n {\n\n \"type\": \"update\"\n\n }\n\n ],\n\n \"bypass_actors\": []\n\n}\n\nbranches-main.json\n\n This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.\n \nLearn more about bidirectional Unicode characters\n\n \n Show hidden characters\n\n{\n\n \"name\": \"branches-main\",\n\n \"target\": \"branch\",\n\n \"enforcement\": \"active\",\n\n \"conditions\": {\n\n \"repository_name\": {\n\n \"include\": [\n\n \"ruff\",\n\n \"ty\",\n\n \"uv\"\n\n ],\n\n \"exclude\": []\n\n },\n\n \"ref_name\": {\n\n \"exclude\": [],\n\n \"include\": [\n\n \"~DEFAULT_BRANCH\"\n\n ]\n\n }\n\n },\n\n \"rules\": [\n\n {\n\n \"type\": \"deletion\"\n\n },\n\n {\n\n \"type\": \"non_fast_forward\"\n\n },\n\n {\n\n \"type\": \"required_linear_history\"\n\n },\n\n {\n\n \"type\": \"pull_request\",\n\n \"parameters\": {\n\n \"required_approving_review_count\": 0,\n\n \"dismiss_stale_reviews_on_push\": false,\n\n \"required_reviewers\": [],\n\n \"require_code_owner_review\": false,\n\n \"require_last_push_approval\": false,\n\n \"required_review_thread_resolution\": false,\n\n \"allowed_merge_methods\": [\n\n \"squash\",\n\n \"rebase\"\n\n ]\n\n }\n\n }\n\n ],\n\n \"bypass_actors\": []\n\n}\n\ntags-are-immutable.json\n\n This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.\n \nLearn more about bidirectional Unicode characters\n\n \n Show hidden characters\n\n{\n\n \"name\": \"tags-are-immutable\",\n\n \"target\": \"tag\",\n\n \"enforcement\": \"active\",\n\n \"conditions\": {\n\n \"repository_name\": {\n\n \"include\": [\n\n \"ruff\",\n\n \"ty\",\n\n \"uv\"\n\n ],\n\n \"exclude\": []\n\n },\n\n \"ref_name\": {\n\n \"exclude\": [],\n\n \"include\": [\n\n \"~ALL\"\n\n ]\n\n }\n\n },\n\n \"rules\": [\n\n {\n\n \"type\": \"deletion\"\n\n },\n\n {\n\n \"type\": \"non_fast_forward\"\n\n },\n\n {\n\n \"type\": \"update\"\n\n }\n\n ],\n\n \"bypass_actors\": []\n\n}\n\ntags-require-release.json\n\n This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.\n \nLearn more about bidirectional Unicode characters\n\n \n Show hidden characters\n\n{\n\n \"name\": \"tag-requires-release\",\n\n \"target\": \"tag\",\n\n \"enforcement\": \"active\",\n\n \"conditions\": {\n\n \"repository_name\": {\n\n \"include\": [\n\n \"uv\"\n\n ],\n\n \"exclude\": []\n\n },\n\n \"ref_name\": {\n\n \"exclude\": [],\n\n \"include\": [\n\n \"~ALL\"\n\n ]\n\n }\n\n },\n\n \"rules\": [\n\n {\n\n \"type\": \"non_fast_forward\"\n\n },\n\n {\n\n \"type\": \"required_deployments\",\n\n \"parameters\": {\n\n \"required_deployment_environments\": [\n\n \"release\"\n\n ]\n\n }\n\n }\n\n ],\n\n \"bypass_actors\": []\n\n}", "url": "https://wpnews.pro/news/example-rulesets-used-by-astral", "canonical_source": "https://gist.github.com/woodruffw/643a6cf70ad72d404ce6f9f333181cf8", "published_at": "2026-03-30 17:57:09+00:00", "updated_at": "2026-05-22 10:04:51.808237+00:00", "lang": "en", "topics": ["developer-tools", "open-source", "cybersecurity"], "entities": ["Astral", "ruff", "ty", "uv"], "alternates": {"html": "https://wpnews.pro/news/example-rulesets-used-by-astral", "markdown": "https://wpnews.pro/news/example-rulesets-used-by-astral.md", "text": "https://wpnews.pro/news/example-rulesets-used-by-astral.txt", "jsonld": "https://wpnews.pro/news/example-rulesets-used-by-astral.jsonld"}}