Применение настраиваемой конфигурации безопасности

Вы можете применить custom security configuration к репозиториям в организации для удовлетворения конкретных потребностей в безопасности этих репозиториев.

Кто может использовать эту функцию?

Владельцы организации, руководители безопасности и члены организации с ролью администратора

В этой статье

About applying a custom security configuration

After you create a custom security configuration, you need to apply it to repositories in your organization to enable the configuration's settings on those repositories. To learn how to create a custom security configuration, see Creating a custom security configuration.

Applying your custom security configuration to repositories in your organization

  1. In the upper-right corner of GitHub, select your profile photo, then click Your organizations.

  2. Under your organization name, click Settings. If you cannot see the "Settings" tab, select the dropdown menu, then click Settings.

    Screenshot of the tabs in an organization's profile. The "Settings" tab is outlined in dark orange.

  3. In the "Security" section of the sidebar, select the Code security and analysis dropdown menu, then click Configurations.

  4. Optionally, in the "Apply configurations" section, filter for specific repositories you would like to apply your custom security configuration to. To learn how to filter the repository table, see Filtering repositories in your organization using the repository table.

  5. In the repository table, select repositories with one of three methods:

    • Select each repository you would like to apply the security configuration to.
    • To select all repositories displayed on the current page of the repository table, select the checkbox associated with "NUMBER repositories".
    • After selecting the current page of repositories, "25 of NUMBER selected", to select all repositories in your organization that match any filters you have applied, click Select all.

  6. Select the Apply configuration dropdown menu, then click YOUR-CONFIGURATION-NAME.

    Note

    The default security configuration for an organization is only automatically applied to new repositories created in your organization. If a repository is transferred into your organization, you will still need to apply an appropriate security configuration to the repository manually.

  7. Review the detailed information about how your changes will affect Advanced Security license consumption. To apply the security configuration, click Apply.

    Note

    On GitHub Enterprise Server 3.15 the security configuration is applied only to active repositories and not archived repositories.

Note

If you apply an enforced configuration, this information is reported in the list of repositories. An enforced configuration means that repository owners are blocked from changing features that have been enabled or disabled in the configuration, but features that are not set aren't enforced.

Next steps

To learn how to interpret security findings from your custom security configuration on a repository, see Interpreting security findings.

To learn how to edit your custom security configuration, see Editing a custom security configuration.

You may encounter an error when you attempt to apply a security configuration. For more information, see Finding and fixing configuration attachment failures and Troubleshooting security configurations.