I scanned the public repos of 128 YC-backed dev tools companies, 6,195 repos in total. I expected the companies building our tooling to enforce the basics on themselves. Only 2 of the 128 require any status check to pass before merging.
I scanned the public repos of 128 YC-backed dev tools companies, 6,195 repos in total. I expected the companies building our tooling to enforce the basics on themselves. Only 2 of the 128 require any status check to pass before merging.
IME some people (at least the ones who care) start more critical repos with good intentions, enabling most of these things.
But then comes a time where a hotfix must be merged asap to production and there’s no one to review it for 3 days; branch protection gets disabled.
or an update in the code quality tooling detects an additional dozen warnings without the codebase changing; check enforcement gets disabled.
I think in most cases this is completely fine. Whoever is already a contributor should know what’s the team policy merging things, and having ways to occasionally bypass these checks can be more beneficial than not.