The Hook (The "Byte-Sized" Intro)
What if a PR with failing tests could never be merged? Required status checks make that a reality. The merge button stays grey until CI passes — lint, tests, build, security scan. No exceptions. No "I'll fix it later." The quality of main is mathematically guaranteed by automation.
📖 What are Required Checks?
Branch protection rules that mandate specific CI/CD checks must pass before a PR can be merged into a protected branch.
Conceptual Clarity
Common required checks:
| Check | What It Validates | Speed |
|---|---|---|
| Lint | Code style compliance | Fast (< 30s) |
| Unit tests | Logic correctness | Medium (1-5 min) |
| Build | Code compiles/bundles | Medium (2-5 min) |
| Type check | TypeScript/type errors | Fast (< 1 min) |
| Security scan | Vulnerability detection | Medium (1-3 min) |
| Integration tests | Cross-service behavior | Slow (5-15 min) |
"Strict" mode:
| Setting | Effect |
|---|---|
| Strict OFF | Checks run on PR branch as-is |
| Strict ON | Branch must be up-to-date with base before merge |
Strict mode prevents "green PR that breaks main" — where two PRs individually pass but conflict when both merge.
Real-Life Analogy
Required checks are like building inspections. You can build the house (write the code), but before anyone moves in (merge to main), the inspector (CI) must sign off. No shortcuts, no self-certification.
Visual Architecture
Why It Matters
- Quality guarantee: Broken code never reaches main.
- Confidence: Every merge is validated by automation.
- Speed: Reviewers focus on logic, not style or test failures.
- Accountability: Failures are visible and tracked.
Code
# ─── GitHub Actions workflow ───
# .github/workflows/ci.yml
name: CI
on:
pull_request:
branches: [main]
jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
- run: npm ci
- run: npm run lint
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
- run: npm ci
- run: npm test
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
- run: npm ci
- run: npm run build# ─── Set required checks via GitHub CLI ───
# In branch protection settings, add:
# Required status checks: "lint", "test", "build"
# Require branches to be up-to-date: ✅Key Takeaways
- Required checks block merging until CI passes — lint, tests, build.
- Strict mode requires the branch to be up-to-date with main before merge.
- Define checks in CI workflows; reference them in branch protection.
- Fast checks (lint) and slow checks (integration) can run in parallel.
Interview Prep
-
Q: What are required status checks? A: Branch protection rules that require specific CI jobs (lint, tests, build) to pass before a PR can merge. The merge button is disabled until all required checks show a green status.
-
Q: What does "strict" mode mean for required checks? A: The PR branch must be up-to-date with the base branch before merging. This prevents situations where two individually-passing PRs cause failures when both are merged.
-
Q: How do you balance fast feedback with thorough checks? A: Run fast checks (lint, type check) first and slow checks (integration tests) in parallel. Use CI caching for dependencies. Make lint and unit tests required; make slow integration tests optional or run them only on certain paths.