Managing security and analysis settings for your user account

You can control features that secure and analyze the code in your projects on GitHub.

About management of security and analysis settings

GitHub can help secure your repositories. This topic tells you how you can manage the security and analysis features for all your existing or new repositories.

You can still manage the security and analysis features for individual repositories. For more information, see "Managing security and analysis settings for your repository."

Note: You can't disable some security and analysis features that are enabled by default for public repositories.

If you enable security and analysis features, GitHub performs read-only analysis on your repository. For more information, see "About GitHub's use of your data."

For an overview of repository-level security, see "Securing your repository."

Enabling or disabling features for existing repositories

  1. In the upper-right corner of any page, click your profile photo, then click Settings. Settings icon in the user bar
  2. In the left sidebar, click Security & analysis. Security and analysis settings
  3. Under "Configure security and analysis features", to the right of the feature, click Disable all or Enable all. "Enable all" or "Disable all" button for "Configure security and analysis" features
  4. Optionally, enable the feature by default for new repositories in your organization. "Enable by default" option for new repositories
  5. Click Disable FEATURE or Enable FEATURE to disable or enable the feature for all the repositories you own. Button to disable or enable feature

When you enable one or more security and analysis features for existing repositories, you will see any results displayed on GitHub within minutes:

  • All the existing repositories will have the selected configuration.
  • New repositories will follow the selected configuration if you've enabled the checkbox for new repositories.
  • We use the permissions to scan for manifest files to apply the relevant services.
  • If enabled, you'll see dependency information in the dependency graph.
  • If enabled, GitHub will generate Dependabot alerts for vulnerable dependencies.
  • If enabled, Dependabot Security Updates will create pull requests to upgrade those dependencies.

Enabling or disabling features for new repositories

  1. In the upper-right corner of any page, click your profile photo, then click Settings. Settings icon in the user bar
  2. In the left sidebar, click Security & analysis. Security and analysis settings
  3. Under "Configure security and analysis features", to the right of the feature, enable or disable the feature by default for new repositories in your organization. Checkbox for enabling or disabling a feature for new repositories

Further reading

Did this doc help you?

Privacy policy

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

Or, learn how to contribute.