Because in Git it is possible to rewrite the entire history, GitLab has some mechanisms built in to help mitigate this risk. You can use protected branches.
Protected branches have the following characteristics:
- Before GitLab 11.9 you could not create a protected branch, only Maintainers could (as of 11.9 Developers can create them).
- Only Maintainers can push directly to a protected branch.
- It is prohibited to use force push to a protected branch.
- A protected branch cannot be deleted.
The only way to accept changes into a protected branch is to use merge requests. By default, the master branch is a protected branch. The following example is the screenshot for the protected branch:
Using a protected branch forces the use of code reviews, which is a requirement for the eventmanager project.