Skip to main content
Publicamos atualizações frequentes em nossa documentação, e a tradução desta página ainda pode estar em andamento. Para acessar as informações mais atualizadas, visite a Documentação em inglês.
 

 

Managing security and analysis settings for your repository

Neste artigo

You can control features that secure and analyze the code in your project on GitHub.

Who can use this feature

People with admin permissions to a repository can manage security and analysis settings for the repository.

Enabling or disabling security and analysis features for public repositories

You can manage a subset of security and analysis features for public repositories. Other features are permanently enabled, including dependency graph and secret scanning.

  1. No GitHub.com, navegue até a página principal do repositório.

  2. Abaixo do nome do repositório, clique em Configurações. Botão Configurações do repositório

  3. In the "Security" section of the sidebar, click Code security and analysis.

  4. Under "Code security and analysis", to the right of the feature, click Disable or Enable. "Enable" or "Disable" button for "Configure security and analysis" features in a public repository

Enabling or disabling security and analysis features for private repositories

You can manage the security and analysis features for your private or internal repository. If your organization belongs to an enterprise with a license for GitHub Advanced Security then extra options are available. Para obter mais informações, confira "Sobre o GitHub Advanced Security".

Se você habilitar recursos de segurança e análise, o GitHub executará a análise somente leitura no seu repositório. Para obter mais informações, confira "Sobre o uso dos seus dados pelo GitHub".

  1. No GitHub.com, navegue até a página principal do repositório.

  2. Abaixo do nome do repositório, clique em Configurações. Botão Configurações do repositório

  3. In the "Security" section of the sidebar, click Code security and analysis.

  4. Under "Code security and analysis", to the right of the feature, click Disable or Enable. The control for "GitHub Advanced Security" is disabled if your enterprise has no available licenses for Advanced Security. Screenshot of "Enable" or "Disable" button for "Configure security and analysis" features

    Note: If you disable GitHub Advanced Security, dependency review, secret scanning and code scanning are disabled. Any workflows, SARIF uploads, or API calls for code scanning will fail.

Granting access to security alerts

Security alerts for a repository are visible to people with admin access to the repository and, when the repository is owned by an organization, organization owners. You can give additional teams and people access to the alerts.

Organization owners and repository administrators can only grant access to view security alerts, such as secret scanning alerts, to people or teams who have write access to the repo.

  1. No GitHub.com, navegue até a página principal do repositório.

  2. Abaixo do nome do repositório, clique em Configurações. Botão Configurações do repositório

  3. In the "Security" section of the sidebar, click Code security and analysis.

  4. Under "Access to alerts", in the search field, start typing the name of the person or team you'd like to find, then click a name in the list of matches.

    Search field for granting people or teams access to security alerts

  5. Click Save changes.

    "Save changes" button for changes to security alert settings

Removing access to security alerts

  1. No GitHub.com, navegue até a página principal do repositório.

  2. Abaixo do nome do repositório, clique em Configurações. Botão Configurações do repositório

  3. In the "Security" section of the sidebar, click Code security and analysis.

  4. Under "Access to alerts", to the right of the person or team whose access you'd like to remove, click .

    "x" button to remove someone's access to security alerts for your repository

  5. Click Save changes.

Further reading