Feature Description

Problem

Currently, in Gitea, the ability to merge a Pull Request in violation of branch protection rules (e.g., when "Required Approvals" count is not met or "Status Checks" have failed) is strictly reserved for Administrators.

In many team workflows, there is a need for "Merge Masters" or "Technical Leads" who should have the authority to bypass these rules for emergency hotfixes or special cases. However, following the Principle of Least Privilege, we do not want to grant these users full Administrator rights.

Proposed Solution

Add a new allowlist setting within the Branch Protection rules (e.g. called "Bypass Protection Allowlist")

• Configuration: Similar to the "Push Allowlist" or "Merge Allowlist", this would be a search/selection field for Users and Teams.

• Behavior: Any user or member of a team included in this list should see the "red" merge button (similar to what admins see) with a message like: "You are allowed to bypass branch protection rules for this merge".

• Scope: This bypass should apply to:

  • Minimum number of approvals.
  • Required status checks.
  • Block on official review requests.

Screenshots

GitHub has a similar setting for a long time

Screenshot (click to expand)