What is branch protection in GitHub?

Branch protection rules in GitHub enforce certain conditions before code can be merged into protected branches (usually main or develop). Configured in Settings → Branches → Branch protection rules. Protection options: (1) Require pull request reviews before merging — minimum number of approvals required; (2) Dismiss stale pull request approvals — re-review required if new commits are pushed after approval; (3) Require review from code owners — files with designated owners (CODEOWNERS file) require their approval; (4) Require status checks to pass — specify which CI checks must pass (tests, linting) before merge; (5) Require conversation resolution — all PR comments must be resolved; (6) Require signed commits — commits must have GPG signatures; (7) Include administrators — apply rules even to repo admins; (8) Restrict who can push — only specified teams/people; (9) Require linear history — prevent merge commits (enforce squash or rebase). CODEOWNERS file: define file owners with patterns: src/auth/* @security-team\n*.sql @dba-team. Branch protection is essential for maintaining code quality and preventing direct pushes to production branches.