From 5588c5a8a316c02b15c4f1897bacf0c827118264 Mon Sep 17 00:00:00 2001
From: Gerardo Navarro <gerardo@b310.de>
Date: Tue, 1 Apr 2025 18:13:12 +0200
Subject: [PATCH 1/2] Protected packages: Extend docs for minimum access level
 for delete

Adding documentation for the new feature "Delete package protection"
that allows to set a minimum access level for delete in
package protection rules.

Changelog: other
---
 .../package_registry/package_protection_rules.md  | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/doc/user/packages/package_registry/package_protection_rules.md b/doc/user/packages/package_registry/package_protection_rules.md
index fa0e434b87a32e..d69eb63dae6566 100644
--- a/doc/user/packages/package_registry/package_protection_rules.md
+++ b/doc/user/packages/package_registry/package_protection_rules.md
@@ -19,6 +19,7 @@ title: Protected packages
 - [Enabled on GitLab.com](https://gitlab.com/gitlab-org/gitlab/-/issues/472655) in GitLab 17.5.
 - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/472655) in GitLab 17.6. Feature flag `packages_protected_packages` removed.
 - Maven protected packages [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/323969) in GitLab 17.9 [with a flag](../../../administration/feature_flags.md) named `packages_protected_packages_maven`. Disabled by default. This feature is an [experiment](../../../policy/development_stages_support.md).
+- [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/516215) in GitLab 17.10 [with a flag](../../../administration/feature_flags.md) named `packages_protected_packages_delete`. Disabled by default. This feature is an [experiment](../../../policy/development_stages_support.md).
 - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/497082) in GitLab 17.11. Feature flag `packages_protected_packages_maven` removed.
 
 {{< /history >}}
@@ -27,15 +28,16 @@ By default, any user with at least the Developer role can create,
 edit, and delete packages. Add a package protection rule to restrict
 which users can make changes to your packages.
 
-GitLab supports only push protection for npm, pypi and maven packages, but [epic 5574](https://gitlab.com/groups/gitlab-org/-/epics/5574) proposes to add additional features and package formats.
+GitLab supports package protection for npm, PyPI and maven packages, but [epic 5574](https://gitlab.com/groups/gitlab-org/-/epics/5574) proposes to add additional features and package formats.
 
 When a package is protected, the default behavior enforces these restrictions on the package:
 
-| Action                                   | Who can do it                                                                     |
-|:-----------------------------------------|:----------------------------------------------------------------------------------|
-| Protect a package                        | At least the Maintainer role.                                                     |
-| Push a new package                       | At least the role set in [**Minimum access level for push**](#protect-a-package). |
-| Push a new package with a deploy token   | Any valid deploy token, only if the pushed package is not matched by a protection rule. Protected packages cannot be pushed with a deploy token. |
+| Action                                 | Who can do it                                                                     |
+|:---------------------------------------|:----------------------------------------------------------------------------------|
+| Protect a package                      | At least the Maintainer role.                                                     |
+| Push a new package                     | At least the role set in [**Minimum access level for push**](#protect-a-package). |
+| Push a new package with a deploy token | Any valid deploy token, only if the pushed package is not matched by a protection rule. Protected packages cannot be pushed with a deploy token. |
+| Delete a package                       | At least the role set in [**Minimum access level for delete**](#protect-a-package). |
 
 ## Protect a package
 
@@ -59,6 +61,7 @@ To protect a package:
    - **Name pattern** is a package name pattern you want to protect. The pattern can include a wildcard (`*`).
    - **Package type** is the type of package to protect.
    - **Minimum access level for push** is the minimum role required to push a package matching the name pattern.
+   - **Minimum access level for delete** is the minimum role required to delete a package matching the name pattern.
 1. Select **Protect**.
 
 The package protection rule is created, and appears in the settings.
-- 
GitLab


From 0a6767290d8a3538b4fe6ee8a0bed490b6c620fc Mon Sep 17 00:00:00 2001
From: Gerardo Navarro <gerardo@b310.de>
Date: Wed, 2 Apr 2025 21:59:33 +0200
Subject: [PATCH 2/2] docs: Apply suggestion from @z_painter

---
 .../packages/package_registry/package_protection_rules.md     | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/doc/user/packages/package_registry/package_protection_rules.md b/doc/user/packages/package_registry/package_protection_rules.md
index d69eb63dae6566..83b2147497b4ad 100644
--- a/doc/user/packages/package_registry/package_protection_rules.md
+++ b/doc/user/packages/package_registry/package_protection_rules.md
@@ -15,7 +15,7 @@ title: Protected packages
 {{< history >}}
 
 - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/416395) in GitLab 16.5 [with a flag](../../../administration/feature_flags.md) named `packages_protected_packages`. Disabled by default. This feature is an [experiment](../../../policy/development_stages_support.md).
-- The protection rule setting **Push protected up to access level** [renamed](https://gitlab.com/gitlab-org/gitlab/-/issues/416382) to **Minimum access level for push** in GitLab 17.1
+- The protection rule setting **Push protected up to access level** [renamed](https://gitlab.com/gitlab-org/gitlab/-/issues/416382) to **Minimum access level for push** in GitLab 17.1.
 - [Enabled on GitLab.com](https://gitlab.com/gitlab-org/gitlab/-/issues/472655) in GitLab 17.5.
 - [Generally available](https://gitlab.com/gitlab-org/gitlab/-/issues/472655) in GitLab 17.6. Feature flag `packages_protected_packages` removed.
 - Maven protected packages [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/323969) in GitLab 17.9 [with a flag](../../../administration/feature_flags.md) named `packages_protected_packages_maven`. Disabled by default. This feature is an [experiment](../../../policy/development_stages_support.md).
@@ -28,7 +28,7 @@ By default, any user with at least the Developer role can create,
 edit, and delete packages. Add a package protection rule to restrict
 which users can make changes to your packages.
 
-GitLab supports package protection for npm, PyPI and maven packages, but [epic 5574](https://gitlab.com/groups/gitlab-org/-/epics/5574) proposes to add additional features and package formats.
+GitLab supports package protection for npm, PyPI, and maven packages, but [epic 5574](https://gitlab.com/groups/gitlab-org/-/epics/5574) proposes to add additional features and package formats.
 
 When a package is protected, the default behavior enforces these restrictions on the package:
 
-- 
GitLab