About additional settings for secret scanning
There are some additional secret scanning settings that cannot be applied to repositories using security configurations, so you must configure these settings separately:
- Configuring a resource link for push protection
- Controlling features for new repositories created in a user namespace
These additional settings apply only to repositories with secret scanning and GitHub Advanced Security both enabled.
Accessing the additional settings for secret scanning
- In the top-right corner of GitHub Enterprise Server, click your profile picture, then click Enterprise settings.
- On the left side of the page, in the enterprise account sidebar, click Settings.
- In the left sidebar, click Code security.
- Scroll down the page to the "Additional settings" section.
Configuring a resource link for push protection
To provide context for developers when secret scanning blocks a commit, you can display a link with more information on why the commit was blocked.
- Under "Additional settings", in the "Secret scanning" section and to the right of "Resource link for push protection", click .
- In the text box, type the link to the desired resource, then click .
Controlling features for new repositories created in a user namespace
To ensure that any repositories created by users outside of an organization are protected by the same security features as repositories created within an organization, you can enable or disable secret scanning features for new repositories created in a user namespace.
Under "Additional settings", use the options in the "User namespace repositories" section to enable or disable features for new repositories.