What are the practical differences between GitHub Rulesets and Branch Protection Rules?

Question

I searched for this, but every page seems to refer to one or the other rather than comparing the two.

When should someone use one or the other and are their considerations to keep in mind when switching between the two?

Answer 1

According to this blog, GitHub Ruleset is newer way to handle branch protection.

You won’t know the rules in place as an engineer until you encounter a pull request.

---

GitHub Ruleset:

A ruleset is a named list of rules that applies to a repository. You can have up to 75 rulesets per repository.
When you create a ruleset, you can allow certain users to bypass the rules in the ruleset.

GitHub Branch Protection:

You can enforce certain workflows or requirements before a collaborator can push changes to a branch in your repository, including merging a pull request into the branch, by creating a branch protection rule.

Answer 2

There's now a section in the GitHub docs about this.

Rulesets have the following advantages over branch protection rules.

• Unlike protection rules, multiple rulesets can apply at the same time, so you can be confident that every rule targeting a branch in your repository will be evaluated when someone interacts with that branch. See About rule layering.
• Rulesets have statuses, so you can easily manage which rulesets are active in a repository without needing to delete rulesets.
• Anyone with read access to a repository can view the active rulesets for the repository. This means a developer can understand why they have hit a rule, or an auditor can check the security constraints for the repository, without requiring admin access to the repository.
• You can create additional rules to control the metadata of commits entering a repository, such as the commit message and the author's email address. See Available rules for rulesets in the GitHub Enterprise Cloud documentation.