Ensure the default branch cannot be deleted
Why this matters
The default branch (commonly main
or master
) is the foundation of your repository and typically represents production-ready code.
If this branch is deleted—either accidentally or maliciously—it can disrupt CI/CD pipelines, break integrations, and cause significant operational downtime.
Preventing deletion of the default branch ensures that:
- The main branch remains intact as the stable source of truth
- Accidental or unauthorized deletions cannot occur
- The repository maintains integrity and traceability of release history
Without this protection, users with write or admin privileges could remove the primary branch, risking data loss and production instability.
What this check does
This check verifies that the repository’s default branch is both:
- Protected under a branch protection rule, and
- Deletion of protected branches is disallowed (GitHub does not permit deletion of a protected branch unless the protection rule is removed).
When a branch is protected, the Delete branch option is automatically disabled for all users, including administrators, unless the protection rule is manually deleted.
How to fix it
- From the GitHub Web Console
- Go to the repository on GitHub.
- Navigate to Settings → Branches.
- Under Branch protection rules, click Add rule (or edit an existing rule).
- In Branch name pattern, specify the default branch name (for example,
main
). - Ensure that the rule includes key protections such as:
- Require pull request reviews before merging
- Include administrators
- Require status checks to pass before merging
- Click Create or Save changes.
Once a branch protection rule is applied, GitHub automatically prevents deletion of the default branch unless the rule is removed by an administrator.
Exceptions
- Only repository administrators can remove a branch protection rule, which would then permit deletion.
- Default branches cannot be deleted through the GitHub web interface or API while protected.
- Non-default branches must be protected separately if deletion prevention is required.
Further Resources