About filtering the security overview
You can use filters in the security overview to narrow your focus based on a range of factors, like alert risk level, alert type and feature enablement. Different filters are available depending on the specific view and whether you analysing at the organization, team or repository level.
Filter by repository
Available in all organization-level and team-level views.
| Qualifier | Description |
|---|---|
repo:REPOSITORY-NAME | Displays alerts for the specified repository. |
Filter by whether security features are enabled
Available in the organization-level and team-level overview.
| Qualifier | Description |
|---|---|
code-scanning:enabled | Display repositories that have code scanning enabled. |
code-scanning:not-enabled | Display repositories that do not have code scanning enabled. |
secret-scanning:enabled | Display repositories that have secret scanning enabled. |
secret-scanning:not-enabled | Display repositories that have secret scanning enabled. |
dependabot:enabled | Display repositories that have Dependabot alerts enabled. |
dependabot:not-enabled | Display repositories that do not have Dependabot alerts enabled. |
not-enabled:any | Display repositories with at least one security feature that is not enabled. |
Filter by repository type
Available in the organization-level and team-level overview.
| Qualifier | Description |
|---|---|
is:public | Display public repositories. |
is:internal | Display internal repositories. |
is:private | Display private repositories. |
archived:true | Display archived repositories. |
archived:true | Display archived repositories. |
Filter by level of risk for repositories
The level of risk for a repository is determined by the number and severity of alerts from security features. If one or more security features are not enabled for a repository, the repository will have an unknown level of risk. If a repository has no risks that are detected by security features, the repository will have a clear level of risk. Available in the organization-level overview.
| Qualifier | Description |
|---|---|
risk:high | Display repositories that are at high risk. |
risk:medium | Display repositories that are at medium risk. |
risk:low | Display repositories that are at low risk. |
risk:unknown | Display repositories that are at an unknown level of risk. |
risk:clear | Display repositories that have no detected level of risk. |
Filter by number of alerts
Available in the organization-level overview.
| Qualifier | Description |
|---|---|
code-scanning:n | Display repositories that have n code scanning alerts. This qualifier can use =, > and < comparison operators. |
secret-scanning:n | Display repositories that have n secret scanning alerts. This qualifier can use =, > and < comparison operators. |
dependabot:n | Display repositories that have n Dependabot alerts. This qualifier can use =, > and < comparison operators. |
Filter by team
Available in the organization-level overview.
| Qualifier | Description |
|---|---|
team:TEAM-NAME | Displays repositories that TEAM-NAME has admin privileges for. |
Filter by topic
Available in the organization-level overview.
| Qualifier | Description |
|---|---|
topic:TOPIC-NAME | Displays repositories that are classified with TOPIC-NAME. |
Filter by severity
Available in the code scanning alert views. All code scanning alerts have one of the categories shown below. You can click any result to see full details of the relevant rule, and the line of code that triggered the alert.
| Qualifier | Description |
|---|---|
severity:critical | Displays code scanning alerts categorized as critical. |
severity:high | Displays code scanning alerts categorized as high. |
severity:medium | Displays code scanning alerts categorized as medium. |
severity:low | Displays code scanning alerts categorized as low. |
severity:error | Displays code scanning alerts categorized as errors. |
severity:warning | Displays code scanning alerts categorized as warnings. |
severity:note | Displays code scanning alerts categorized as notes. |
Filter by Dependabot alert type
Available in the Dependabot alert views. You can filter the view to show Dependabot alerts that are ready to fix or where additional information about exposure is available. You can click any result to see full details of the alert.
| Qualifier | Description |
|---|---|
has:patch | Displays Dependabot alerts for vulnerabilities where a secure version is already available. |
has:vulnerable-calls | Displays Dependabot alerts where at least one call from the repository to a vulnerable function is detected. For more information, see "Viewing and updating Dependabot alerts." |
Filter by secret types
Available in the secret scanning alert views.
| Qualifier | Description |
|---|---|
secret-type:SERVICE_PROVIDER | Displays alerts for the specified secret and provider. For more information, see "Secret scanning patterns." |
secret-type:CUSTOM-PATTERN | Displays alerts for secrets matching the specified custom pattern. For more information, see "Defining custom patterns for secret scanning." |
Filter by provider
Available in the secret scanning alert views.
| Qualifier | Description |
|---|---|
provider:PROVIDER_NAME | Displays alerts for all secrets issues by the specified provider. For more information, see "Secret scanning patterns." |