ISSUE-506 Medium Quick Access and Authorization
Merge request settings are not compliant
Control: MR settings must be compliant · Config key: mrSettingsMustBeCompliant
📋 What is this?
The merge request settings in the project do not comply with the defined configuration, such as incorrect merge methods or merge options.
⚠️ Impact
Non-compliant merge request settings can lead to unauthorized code changes and security vulnerabilities.
🔧 How to fix
Update the merge request settings to comply with your Policy controls by ensuring proper merge methods and merge options.
✗ Before MR settings use merge commits and don't enforce squashing, violating the policy.
# GitLab project settings — ❌ Non-compliant MR settings# Settings > Merge requests:## Merge method: Merge commit (policy requires: Fast-forward merge)# Squash commits: Not enforced (policy requires: Always squash)# Delete source branch: Not enforced## These settings create merge commits that clutter history# and allow inconsistent commit messages.✓ After MR settings comply with the policy: fast-forward merge and always squash.
# GitLab project settings — ✅ Compliant MR settings# Settings > Merge requests:## Merge method: Fast-forward merge# Squash commits: Always (required by policy)# Delete source branch: Enabled by default## .plumber.yamlcontrols: mrSettingsMustBeCompliant: enabled: true mergeMethod: fast_forward squashOption: always💡 Tips
- Fast-forward merge keeps a linear history, making it easier to bisect and revert.
- Enforcing squash commits ensures each feature is represented as a single atomic commit.
- Check
.plumber.yamlfor the exact settings your policy requires.
⚙️ Configuration
This control is configured in .plumber.yaml under the key:
controls:
mrSettingsMustBeCompliant:
enabled: trueSee the CLI documentation for the full configuration reference.