Don't auto-update production like that? If a change will affect all users,manually review it and as another commenter said,gpg signatures. Have every prod commiter use mfa too.
I have seen a lot of people describe their continuous delivery where the code is checked in and moves into production after passing tests. I wasn't sure if they had a way to deal with this type of issue or I am misunderstanding their process somehow. I
