Git Common-Flow

Git Common-Flow

A sensible git workflow for teams who ship

v2.0.0
Create change branch
Create change branch
Add commits
Add commits
Create pull request
Create pull request
Discuss, review, refactor
Discuss, review, refactor
Rebase if needed
Rebase if needed
Merge pull request
Merge pull request
2.12.0
2.12.0
Version bump commit & release tag
Version bump commit & release tag
2.11.0
2.11.0
Version bump commit & release tag
Version bump commit & release tag

About Common-Flow

A practical git workflow that combines the best of GitHub Flow with versioned releases

Common-Flow is an attempt to gather a sensible selection of the most common usage patterns of git into a single and concise specification. It is based on the original variant of GitHub Flow, while taking into account how a lot of open source projects most commonly use git.

In short, Common-Flow is essentially GitHub Flow with the addition of versioned releases, optional release branches, and without the requirement to deploy to production all the time.

Key Principles

  • The "main" branch is the mainline branch with latest changes, and must not be broken.
  • Changes (features, bugfixes, etc.) are done on "change branches" created from the main branch.
  • Rebase change branches early and often.
  • When a change branch is stable and ready, it is merged back in to main.
  • A release is just a git tag who's name is the exact release version string (e.g. "2.11.4" or "v2.11.4").
  • Release branches can be used when the release process and verification might be lengthy, allowing main to remain open for new changes. They are not required, instead they are available if you need them.

Feedback

Please open an issue on GitHub.

The Specification

The complete Git Common-Flow specification

View Markdown Version

Terminology

  • Main Branch - Must be named "main", must always have passing tests, and is not guaranteed to always work in production environments.
  • Change Branches - Any branch that introduces changes like a new feature, a bugfix, etc.
  • Source Branch - The branch that a change branch was created from. New changes in the source branch should be incorporated into the change branch via rebasing.
  • Merge Target - A branch that is the intended merge target for a change branch. Typically the merge target branch will be the same as the source branch.
  • Pull Request - A means of requesting that a change branch is merged in to its merge target, allowing others to review, discuss and approve the changes.
  • Release - May be considered safe to use in production environments. Is effectively just a git tag named after the version of the release.
  • Release Branches - Used both for short-term preparations of a release, and for long-term maintenance of older versions.

Specification

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.

  1. TL;DR
    1. Do not break the main branch.
    2. A release is a git tag.
  2. The Main Branch
    1. A branch named "main" MUST exist and it MUST be referred to as the "main branch".
    2. The main branch MUST always be in a non-broken state with its test suite passing.
    3. The main branch is not guaranteed to always work in production environments. Despite test suites passing it may at times contain unfinished work. Only releases may be considered safe for production use.
    4. The main branch SHOULD always be in a "as near as possibly ready for release/production" state to reduce any friction with creating a new release.
  3. Change Branches
    1. Each change (feature, bugfix, etc.) MUST be performed on separate branches that SHOULD be referred to as "change branches".
    2. All change branches MUST have descriptive names.
    3. It is RECOMMENDED that you commit often locally, and that you try and keep the commits reasonably structured to avoid a messy and confusing git history.
    4. You SHOULD regularly push your work to the same named branch on the remote server.
    5. You SHOULD create separate change branches for each distinctly different change. You SHOULD NOT include multiple unrelated changes into a single change branch.
    6. When a change branch is created, the branch that it is created from SHOULD be referred to as the "source branch". Each change branch also needs a designated "merge target" branch, typically this will be the same as the source branch.
    7. Change branches MUST be regularly updated with any changes from their source branch. This MUST be done by rebasing the change branch on top of the source branch.
    8. After updating a change branch from its source branch you MUST push the change branch to the remote server. Due to the nature of rebasing, you will be required to do a force push, and you MUST use the "--force-with-lease" git push option when doing so instead of the regular "--force".
    9. If there is a truly valid technical reason to not use rebase when updating change branches, then you MAY update change branches via merge instead of rebase. The decision to use merge MUST only be taken after all possible options to use rebase have been tried and failed. People not understanding how to use rebase is NOT a valid reason to use merge. If you do decide to use merge instead of rebase, you MUST NOT use a mixture of both methods.
  4. Pull Requests
    1. To merge a change branch into its merge target, you MUST open a "pull request" (or equivalent).
    2. The purpose of a pull request is to allow others to review your changes and give feedback. You can then fix any issues, complaints, and more that might arise, and then let people review again.
    3. Before creating a pull request, it is RECOMMENDED that you consider the state of your change branch's commit history. If it is messy and confusing, it might be a good idea to rebase your branch with "git rebase -i" to present a cleaner and easier to follow commit history for your reviewers.
    4. A pull request MUST only be merged when the change branch is up-to-date with its source branch, the test suite and other CI checks are passing, and you and others are happy with the changes. This is especially important if the merge target is the main branch.
    5. To get feedback, help, or generally just discuss a change branch with others, it is RECOMMENDED you create a draft pull request and discuss the changes with others there. This leaves a clear and visible history of how, when, and why the code looks and behaves the way it does.
  5. Git Best Practices
    1. It is RECOMMENDED that all commit messages follow the Conventional Commits specification (https://www.conventionalcommits.org/). This provides a structured format that integrates well with Semantic Versioning, and enables automated changelog generation. At minimum, commit messages SHOULD follow the Commit Guidelines from the official git documentation: https://git-scm.com/book/en/v2/Distributed-Git-Contributing-to-a-Project#_commit_guidelines
    2. You SHOULD always use "--force-with-lease" when doing a force push. The regular "--force" option is dangerous and destructive. More information: https://www.codestudy.net/blog/git-push-force-with-lease-vs-force/
    3. You SHOULD understand and be comfortable with rebasing: https://git-scm.com/book/en/v2/Git-Branching-Rebasing
    4. It is RECOMMENDED that you always do "git pull --rebase" instead of "git pull" to avoid unnecessary merge commits. You can make this the default behavior of "git pull" with "git config --global pull.rebase true".
    5. When using Conventional Commits, it is RECOMMENDED to use tooling to automate version bumping and generate changelogs from commit messages. This pairs well with the release process and ensures changelogs are consistent and complete.
  6. Versioning
    1. A "version string" is a typically mostly numeric string that identifies a specific version of a project. The version string itself MUST NOT have a "v" prefix, but the version string can be displayed with a "v" prefix.
    2. The source of truth for a project's version MUST be a git tag with a name based on the version string. This kind of tag MUST be referred to as a "release tag".
    3. It is OPTIONAL, but RECOMMENDED to also keep the version string hard-coded somewhere in the project code-base.
    4. If you hard-code the version string into the code-base, it is RECOMMENDED that you do so in a file called "VERSION" located in the root of the project. But be mindful of the conventions of your programming language and community when choosing if, where and how to hard-code the version string.
    5. If you are using a "VERSION" file in the root of the project, this file MUST only contain the exact version string, meaning it MUST NOT have a "v" prefix. For example, "v2.11.4" is bad, and "2.11.4" is good.
    6. It is OPTIONAL, but RECOMMENDED that the version string follows Semantic Versioning (http://semver.org/).
  7. Releases
    1. To create a new release, you MUST create a git tag named as the exact version string of the release. This kind of tag MUST be referred to as a "release tag".
    2. The release tag name can OPTIONALLY be prefixed with "v". For example, the tag name can be either "2.11.4" or "v2.11.4". Note that this "v" prefix is only for the tag name itself, the version string (as defined in section 6.1) MUST NOT have a "v" prefix.
    3. If the version string is hard-coded into the code-base, you MUST create a "version bump" commit which changes the hard-coded version string of the project.
    4. When using version bump commits, the release tag MUST be placed on the version bump commit, unless using a release pull request.
    5. It is OPTIONAL to use a "release pull request" to propose a release. A release pull request contains the version bump commit and any release-related changes (changelog updates, etc.). When using release pull requests, the release tag SHOULD be placed on the resulting merge commit.
    6. If you are not using a release branch, then the release tag, and if relevant the version bump commit, MUST be created directly on the main branch.
    7. If you are using Conventional Commits, the version bump commit MUST also follow the format. For example, "chore(release): 2.11.4". Otherwise, a simple "Bump version to 2.11.4" format is acceptable.
    8. Release tags SHOULD be lightweight tags unless you need features that annotated tags provide. Annotated tags allow you to include changelog information in the tag itself, GPG sign the tag, or include additional metadata like the tagger's name and email.
    9. If you use annotated release tags, the first line of the annotation SHOULD read "Release VERSION". For example for version "2.11.4" the first line of the tag annotation SHOULD read "Release 2.11.4". The second line MUST be blank, and the changelog SHOULD start on the third line.
    10. It is OPTIONAL, but RECOMMENDED for high-security projects, to GPG sign release tags. This provides cryptographic verification that the release was created by a trusted party.
  8. Short-Term Release Branches
    1. Any branch that has a name starting with "release-" SHOULD be referred to as a "release branch".
    2. Any release branch which has a name ending with a specific version string, MUST be referred to as a "short-term release branch".
    3. Use of short-term release branches are OPTIONAL, and intended to be used to create a specific versioned release.
    4. A short-term release branch is RECOMMENDED if there is a lengthy release verification process to avoid a code freeze on the main branch.
    5. Short-term release branches MUST have a name of "release-VERSION". For example for version "2.11.4" the release branch name MUST be "release-2.11.4".
    6. When using a short-term release branch to create a release, the version bump commit if used, MUST be created on the short-term release branch. The release tag MUST be placed on the version bump commit, or on the merge commit when using a release pull request to merge the release branch.
    7. Only very minor changes SHOULD be performed on a short-term release branch directly. Any larger changes SHOULD be done in the main branch, and SHOULD be pulled into the release branch by rebasing it on top of the main branch the same way a change branch pulls in updates from its source branch.
    8. After a release tag has been created, the release branch MUST be merged back into its source branch and then deleted. Typically the source branch will be the main branch.
  9. Long-Term Release Branches
    1. Any release branch which has a name ending with a nonspecific version string, MUST be referred to as a "long-term release branch". For example, "release-2.11" is a long-term release branch, while "release-2.11.4" is a short-term release branch.
    2. Use of long-term release branches are OPTIONAL, and intended for work on versions which are not currently part of the main branch. Typically this is useful when you need to create a new maintenance release for an older version.
    3. A long-term release branch MUST have a name with a nonspecific version number. For example, a long-term release branch for creating new 2.9.x releases MUST be named "release-2.9", or "release-2" for all 2.x.x releases when main has moved to 3.x.x.
    4. Long-term release branches for maintenance releases of older versions MUST be created from the relevant release tag. For example, if the main branch is on version 2.11.4 and there is a security fix for all 2.9.x releases, the latest of which is "2.9.7". Create a new branch called "release-2.9" from the "2.9.7" release tag. The security fix release will then end up being version "2.9.8". Similarly, if main is on 3.x.x and you need to maintain the entire 2.x.x line, create a "release-2" branch from the latest 2.x.x release tag.
    5. To create a new release from a long-term release branch, you MUST follow the same process as a release from the main branch, except the long-term release branch takes the place of the main branch.
    6. A long-term release branch SHOULD be treated with the same respect as the main branch. It is effectively the main branch for the release series in question. Meaning it MUST always be in a non-broken state, MUST NOT be force pushed to, etc.
  10. Bug Fixes & Rollback
    1. You MUST NOT under any circumstances force push to the main branch or to long-term release branches.
    2. If a change branch which has been merged into the main branch is found to have a bug in it, the bugfix work MUST be done as a new separate change branch. This new change branch MUST follow the same workflow as any other change branch.
    3. If a change branch is wrongfully merged into main, or for any other reason the merge must be undone, you MUST undo the merge by reverting the merge commit itself. Effectively creating a new commit that reverses all the relevant changes.

FAQ

Common questions about Git Common-Flow

Common-Flow tries to be a lot less complicated than Git Flow by having fewer types of branches, and simpler rules. Normal day to day development doesn't really change much:

  • You create change branches instead of feature branches, without the need of a "feature/" or "change/" prefix in the branch name.
  • Change branches are typically created from and merged back into "main" instead of "develop".
  • Creating a release is done by simply creating a git tag, typically on the main branch.

In detail, the main differences between Git Flow and Common-Flow are:

  • There is no "develop" branch, there is only a "main" branch which contains the latest work. In Git Flow the main branch effectively ends up just being a pointer to the latest release, despite the fact that Git Flow includes release tags too. In Common-Flow you just look at the tags to find the latest release.
  • There are no "feature" or "hotfix" branches, there's only "change" branches. Any branch that is not main and introduces changes is a change branch. Change branches also don't have an enforced naming convention, they just need to have a "descriptive name". This makes things simpler and allows more flexibility.
  • Release branches are available, but optional. Instead of enforcing the use of release branches like Git Flow, Common-Flow only recommends the use of release branches when it makes things easier. If creating a new release by tagging "main" works for you, great, do that.

Common-Flow is essentially GitHub Flow with the addition of a "Release" concept that uses tags. It also attempts to define how certain common tasks are done, like updating change/feature branches from their source branches for example. This is to help end arguments about how such things are done.

If a deployment/release for you is just getting the latest code in the main branch out without caring about bumping version numbers, GitHub Flow is a good fit for you. You probably don't need the extras of Common-Flow.

However, if your deployments/releases have specific version numbers, then Common-Flow gives you a simple set of rules for how to create and manage releases, on top of what GitHub Flow already does.

It means what it sounds like. The name should be descriptive, as in by just reading the name of the branch you should understand what the branch's purpose is and what it does. Here's a few examples:

  • add-2fa-support
  • fix-login-issue
  • remove-sort-by-middle-name-functionality
  • update-font-awesome
  • change-search-behavior
  • improve-pagination-performance
  • tweak-footer-style

Notice how none of these have any prefixes like "feature/" or "hotfix/", they're not needed when branch names are properly descriptive. However, there's nothing to say you can't use such prefixes if you want.

You can also add ticket numbers to the branch name if your team/org has that as part of its process. But it is recommended that ticket numbers are added to the end of the branch name. The ticket number is essentially metadata, so put it at the end and out of the way of humans trying to read the descriptive name from left to right.

This should ideally never happen, however if it does you can do one of the following:

  • Review why the main branch is broken and revert the changes that caused the issues. Then apply the hotfix and release.
  • Or use a short-term release branch created from the latest release tag instead of the main branch. Apply the hotfix to the release branch, create a release tag on the release branch, and then merge it back into main.

In this situation, it is recommended you try to revert the offending changes that's preventing a new release from main. But if that proves to be a complicated task and you're short on time, a short-term release branch gives you an instant fix to the situation at hand. You can then resolve the issues with the main branch later.

Common-Flow works well with monorepos. The key considerations are:

  • Use a single main branch for the entire monorepo. This keeps things simple and ensures all packages/projects are always in a consistent state.
  • For versioning, you have two main options:
    • Unified versioning: All packages share the same version number. Simple to manage, but may result in version bumps for packages that haven't changed.
    • Independent versioning: Each package has its own version. Use tags with a package prefix, e.g., "package-a-2.1.0" or "package-a-v2.1.0". This allows packages to evolve at their own pace.
  • Change branches can span multiple packages. Describe the scope in the branch name if helpful, e.g., "update-auth-across-services".
  • For releases, if using independent versioning, you can create release branches per package when needed, e.g., "release-package-a-2.1".

The core workflow remains the same: don't break main, use change branches, and tag releases.