Branch protection improvements

[targos]

FYI I just created a ruleset for this repo: https://github.com/nodejs/node-core-utils/settings/rules/4654889

It targets the default branch and enables:

• Restrict deletions
• Require linear history
• Require a pull request with at least one approval
• Block force pushes

Only the pull request requirements are new compared to the old branch protection rule (https://github.com/nodejs/node-core-utils/settings/branch_protection_rules/17880641)
I think we can delete that rule. The only thing that remains in it is the restriction of who can push and that only restricts the nodejs-github-bot account. I don't think there's a convenient way to port that to rulesets. We could use the bypass list but then every pull request would always be red and require collaborators to click the bypass checkbox.

[aduh95]

The only thing that remains in it is the restriction of who can push and that only restricts the nodejs-github-bot account

You mean @nodejs/node-core-utils team, right? The bot has no business here AFAIK

[targos]

I mean the bot is the only account with write permissions on the repo that is affected by the rule (which prevents it from merging PRs)

[aduh95]

Looking at https://github.com/nodejs/node-core-utils/activity?activity_type=direct_push&actor=nodejs-github-bot, I don't think it will be affected, it never pushes to main

[targos]

Yes, that's why I think we can delete the rule.