Command Restriction

Set limitations on who can execute specific Mergify commands.

Mergify commands can be a powerful tool to control and manage pull requests. However, in some scenarios, you might want to restrict who can use these commands to ensure they’re executed only by authorized individuals. The command restrictions feature allows you to define a set of users or teams who are permitted to use specific Mergify commands.

How Restrictions Work

With command restrictions, you can leverage conditions to define the valid context that are authorized to run a specific command. This could be a list of allowed users or teams, or even attributes related to the pull request itself.

The restrictions are configured with the top-level key commands_restrictions which can specify restrictions for each commands.

Examples

To limit backport commands for pull requests coming from the main branch:

commands_restrictions:
  backport:
    conditions:
      - base=main

To limit backport commands usage to a specific team (or user):

commands_restrictions:
  backport:
    conditions:
      - sender=@team

To limit backport commands for users with a specific permission on the repository.

commands_restrictions:
  backport:
    conditions:
      - sender-permission>=write

Default Restrictions

Key name	Value type	Default
`backport`	Command restriction	`- sender-permission>=write`
`copy`	Command restriction	`- sender-permission>=write`
`queue`	Command restriction	`- sender-permission>=write`
`rebase`	Command restriction	`- or: - sender-permission>=write - sender={{author}}`
`refresh`	Command restriction	`- or: - sender-permission>=write - sender={{author}}`
`requeue`	Command restriction	`- sender-permission>=write`
`squash`	Command restriction	`- or: - sender-permission>=write - sender={{author}}`
`dequeue`	Command restriction	`- sender-permission>=write`
`update`	Command restriction	`- sender-permission>=write`