여러 리포지토리에 보안 기능 사용

보안 개요를 사용하여 리포지토리의 하위 집합을 선택하고 모두에 대해 보안 기능을 사용하도록 설정할 수 있습니다.

누가 이 기능을 사용할 수 있는 있나요?

조직의 모든 구성원이 조직의 보안 개요를 사용할 수 있습니다. 표시되는 보기 및 데이터는 조직의 역할 및 조직 내의 개별 리포지토리에 대한 사용 권한에 따라 결정됩니다. 자세한 내용은 "보안 개요"을 참조하세요.

엔터프라이즈의 보안 개요는 액세스 권한이 있는 조직의 조직 소유자 및 보안 관리자 데이터를 보여 줍니다. 엔터프라이즈 소유자는 조직 소유자 또는 보안 관리자로 추가된 조직의 데이터만 볼 수 있습니다. 자세한 내용은 "엔터프라이즈가 소유한 조직 내 역할 관리"을 참조하세요.

All enterprises and their organizations have a security overview. If you use GitHub Advanced Security features, which are free for public repositories, you will see additional information. For more information, see "About GitHub Advanced Security."

이 문서의 내용

About enabling security features

If you're a security manager, repository administrator, or organization owner, you can use security overview to enable or disable security features for multiple repositories at the same time. You can enable or disable security features for all repositories visible on the "Security coverage" view in security overview for an organization.

You can use checkboxes to select which repositories you want to include, or use the search bar to narrow down to a specific subset of repositories, and enable or disable security features for that group. This is useful if you want to introduce a feature to your organization gradually over time, or if your organization requires a complex security setup where different features are enabled in different repositories. For example, if you are enabling a feature across a group of repositories, you may find the following filtering options helpful.

  • To exclude certain repositories from the selection, you can assign a topic such as test to these repositories, then exclude them from the results with a search like -topic:test. For more information, see "Classifying your repository with topics."
  • If a team uses repositories that all require a certain feature, you can use the team: filter to search for repositories where a team has write or admin access.
  • If you're enabling code scanning, you can see which repositories are eligible for default setup with the search code-scanning-default-setup:eligible. For more information, see "Configuring default setup for code scanning at scale."

For more information on filters you can use in different parts of security overview, see "Filtering alerts in security overview."

For more information about the different ways of enabling security features in an organization, see "Quickstart for securing your organization."

Enabling security features for multiple repositories

  1. On GitHub.com, navigate to the main page of the organization.

  2. Under your organization name, click Security.

    Screenshot of the horizontal navigation bar for an organization. A tab, labeled with a shield icon and "Security," is outlined in dark orange.

  3. In the sidebar, click Coverage to display the "Security coverage" view.

    Screenshot of the "Security coverage" view.

  4. You can use the search bar to narrow down visible repositories in the "Security coverage" view based on name, or on the enablement status of security features.

  5. In the list of repositories, select each repository you want to modify the enablement of security features for. To select all repositories on the page, click the checkbox next to NUMBER Active. To select all repositories that match the current search, click the checkbox next to NUMBER Active and then click Select all NUMBER repos.

  6. Click Security settings next to NUMBER selected.

  7. In the side panel, next to all the security features you want to enable or disable, select Enable or Disable.

  8. As you make changes, the Apply changes button reports the number of security features you have edited. To confirm the changes, click Apply changes NUMBER. Alternatively, click to close the panel without making changes.

    Notes:

    • Enabling code scanning default setup will not override any existing configurations of advanced setup for the selected repositories, but it will override any existing configurations of default setup.
    • Enabling "Alerts" for secret scanning enables high-confidence alerts. If you want to enable non-provider alerts, you need to edit the repository, organization, or enterprise settings. For more information about alert types, see "Supported secrets."

    Screenshot of the "Security coverage" view with the side panel open. The "Apply changes" button is highlighted in a dark orange outline.

The security features that you can enable and disable in this view are:

  • Dependency graph
  • Dependabot alerts
  • Dependabot security updates
  • GitHub Advanced Security
  • Code scanning default setup
  • Secret scanning alerts
  • Secret scanning as a push protection

If you're blocked from enabling a security feature due to an enterprise policy, you will still be able to see the affected repository in the "Security Coverage" view and access the side panel from the Security settings button. However, you will see a message in the side panel indicating that the functionality is not available. For more information about enterprise policies, see "Enforcing policies for code security and analysis for your enterprise."

Organization owners and security managers can use security overview to enable or disable security features for all repositories belonging to their organization. There are no enterprise policies that restrict organization owners or security managers from enabling or disabling any security features. For more information about enterprise policies, see "About enterprise policies."