I have opened a repo that I share with some co-workers. I have a script that periodically checks out the trunk of this repository and builds whatever is inside. My co-workers sometimes merge stuff into the trunk that shouldn't be there, and this stuff then gets built and I have to sort everything out.
Is there a for me to protect the trunk such that I am the only one who can merge into the trunk? Something like pull request from other branches managed by my co-workers?
As far as I know, there is no such settings. If someone have check-in permissions he can work on trunk the same way as anyone else.
But as long as fossil is DVCS, there is another way. Don't give the co-workers permissions to check-in in the central repository. Let they clone the repository and work on local copies. Of course they will be able to pull the changes from the central repository.
The project administrator will have to pull the changes from the cloned repositories when needed.
This work flow has some disadvantages - for example too high load on the administrator and much manual work, and IMO is good only if the team is very big and not well disciplined.
On small teams, there is more simple trick - just negotiate with your co-workers to not work in the trunk, but to make separate branches. This way, the project leader must only merge the needed changes from time to time.