About filtering security overview
You can use filters in a security overview to narrow your focus based on a range of factors, like alert risk level, alert type, and feature enablement. Different filters are available depending on the specific view and whether you are viewing data at the enterprise or organization level.
Filter by repository
| Qualifier | Description |
|---|---|
repo:REPOSITORY-NAME | Displays data for the specified repository. |
Filter by whether security features are enabled
In the examples below, replace :enabled with :not-enabled to see repositories where security features are not enabled. These qualifiers are available in the main summary views.
| Qualifier | Description |
|---|---|
code-scanning:enabled | Display repositories that have configured code scanning. |
dependabot:enabled | Display repositories that have enabled Dependabot alerts. |
secret-scanning:enabled | Display repositories that have enabled 机密扫描警报. |
any-feature:enabled | Display repositories where at least one security feature is enabled. |
The organization-level "Security coverage" view includes extra filters.
注意:“安全风险”和“安全范围”视图目前为 beta 版本,可能会随时发生更改。
| Qualifier | Description |
|---|---|
advanced-security:enabled | Display repositories that have enabled GitHub Advanced Security. |
code-scanning-pull-request-alerts:enabled | Display repositories that have configured code scanning to run on pull requests. |
dependabot-security-updates:enabled | Display repositories that have enabled Dependabot security updates. |
secret-scanning-push-protection:enabled | Display repositories that have enabled push protection for secret scanning. |
Filter by repository type
These qualifiers are available in the main summary views.
| Qualifier | Description |
|---|---|
is:public | Display public repositories. |
is:internal | Display internal repositories. |
is:private | Display private repositories. |
archived:true | Display archived repositories. |
archived:false | Omit archived repositories. |
Filter by level of risk for repositories
The level of risk for a repository is determined by the number and severity of alerts from security features. If one or more security features are not enabled for a repository, the repository will have an unknown level of risk. If a repository has no risks that are detected by security features, the repository will have a clear level of risk.
These qualifiers are available in the enterprise-level view.
| Qualifier | Description |
|---|---|
risk:high | Display repositories that are at high risk. |
risk:medium | Display repositories that are at medium risk. |
risk:low | Display repositories that are at low risk. |
risk:unknown | Display repositories that are at an unknown level of risk. |
risk:clear | Display repositories that have no detected level of risk. |
Filter by number of alerts
These qualifiers are available in the enterprise-level "Overview" and in the organization-level "Security risk" view.
| Qualifier | Description |
|---|---|
code-scanning:NUMBER | Display repositories that have NUMBER code scanning alerts. This qualifier can use =, > and < comparison operators. |
secret-scanning:NUMBER | Display repositories that have NUMBER 机密扫描警报. This qualifier can use =, > and < comparison operators. |
dependabot:NUMBER | Display repositories that have NUMBER Dependabot alerts. This qualifier can use =, > and < comparison operators. |
Filter by team
These qualifiers are available in the main summary views.
| Qualifier | Description |
|---|---|
team:TEAM-NAME | Displays repositories that TEAM-NAME has write access or admin access to. |
Filter by topic
These qualifiers are available in the main summary views.
| Qualifier | Description |
|---|---|
topic:TOPIC-NAME | Displays repositories that are classified with TOPIC-NAME. |
Additional filters for code scanning alert views
All code scanning alerts have one of the categories shown below. You can click any result to see full details of the relevant query and the line of code that triggered the alert.
| Qualifier | Description |
|---|---|
severity:critical | Displays code scanning alerts categorized as critical. |
severity:high | Displays code scanning alerts categorized as high. |
severity:medium | Displays code scanning alerts categorized as medium. |
severity:low | Displays code scanning alerts categorized as low. |
severity:error | Displays code scanning alerts categorized as errors. |
severity:warning | Displays code scanning alerts categorized as warnings. |
severity:note | Displays code scanning alerts categorized as notes. |
Additional filters for Dependabot alert views
You can filter the view to show Dependabot alerts that are ready to fix or where additional information about exposure is available. You can click any result to see full details of the alert.
| Qualifier | Description |
|---|---|
has:patch | Displays Dependabot alerts for vulnerabilities where a secure version is already available. |
has:vulnerable-calls | Displays Dependabot alerts where at least one call from the repository to a vulnerable function is detected. For more information, see "查看和更新 Dependabot 警报." |
Additional filters for secret scanning alert views
| Qualifier | Description |
|---|---|
provider:PROVIDER_NAME | Displays alerts for all secrets issues by the specified provider. |
secret-type:SERVICE_PROVIDER | Displays alerts for the specified secret and provider. |
secret-type:CUSTOM-PATTERN | Displays alerts for secrets matching the specified custom pattern. |
For more information, see "机密扫描模式."