Skip to main content
Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Updating Default Branch

What is a default branch?

A default branch is the branch that is used as the base for pull requests and code scanning. By default, GitHub uses the main branch as the default branch. The default branch is also the branch that is used when you visit a repository on GitHub.com.

How does the VA use default branches for code scanning?

The VA’s code scanning policy requires that all repositories have code scanning enabled for all eligible languages. To ensure these requirements are being met the VA has developed automation leveraging Required Workflows that allow GitHub to perform automated checks on pull requests to ensure these requirements are met.

This automation is triggered when a pull request is opened. The VA GitHub organization uses an Organization Ruleset that requires pull requests for all code changes to the default branch. The ruleset configuration targets the default branch of each repository.

Which branch should I use as my default branch?

To support the VA’s code scanning policy, you will need to update your default branch to point to your latest deployable production branch. This is usually the “main” or “master” branch, but may be different depending on your repository.

If your repositories CI/CD system prevents you from updating your default branch, open a Request to Target Alternate Branch in CodeQL ticket in the GitHub User Requests repository. After you complete the ticket, automation will deploy a custom ruleset specific to your repository that will target the alternate branch for code scanning.

How do I update my default branch?

To update your default branch, an admin of the repository may navigate to the “Settings” tab in your repository and updating the branch in the “Default branch” section.