Enabling or disabling security and analysis features
You can manage the security and analysis features for your repository. If your organization belongs to an enterprise with a license for GitHub Advanced Security then extra options are available. 詳細については、「GitHub Advanced Security について」を参照してください。
-
On your GitHub Enterprise Server instance, navigate to the main page of the repository.
-
リポジトリ名の下の [ 設定] をクリックします。
-
In the left sidebar, click Security & analysis.
-
Under "Code security and analysis", to the right of the feature, click Disable or Enable. The control for "GitHub Advanced Security" is disabled if your enterprise has no available licenses for Advanced Security.
Note: If you disable GitHub Advanced Security, secret scanning and code scanning are disabled. Any workflows, SARIF uploads, or API calls for code scanning will fail.
Granting access to security alerts
Security alerts for a repository are visible to people with admin access to the repository and, when the repository is owned by an organization, organization owners. You can give additional teams and people access to the alerts.
Organization owners and repository administrators can only grant access to view security alerts, such as secret scanning alerts, to people or teams who have write access to the repo.
-
On your GitHub Enterprise Server instance, navigate to the main page of the repository.
-
リポジトリ名の下の [ 設定] をクリックします。
-
In the left sidebar, click Security & analysis.
-
Under "Access to alerts", in the search field, start typing the name of the person or team you'd like to find, then click a name in the list of matches.
-
Click Save changes.
Removing access to security alerts
-
On your GitHub Enterprise Server instance, navigate to the main page of the repository.
-
リポジトリ名の下の [ 設定] をクリックします。
-
In the left sidebar, click Security & analysis.
-
Under "Access to alerts", to the right of the person or team whose access you'd like to remove, click .
-
Click Save changes.