사용자 지정 보안 구성 편집

리포지토리의 보안 요구 사항을 더 잘 충족하도록 custom security configuration의 사용 설정을 변경합니다.

누가 이 기능을 사용할 수 있는 있나요?

조직 소유자 및 보안 관리자는 조직의 security configurations 및 global settings을(를) 관리할 수 있습니다.

이 문서의 내용

About editing a custom security configuration

After creating and applying a custom security configuration, you may need to edit the enablement settings for that configuration to better secure your repositories. Any changes you make to the enablement settings of a security configuration will automatically populate to all linked repositories.

To determine if your custom security configuration is meeting your security needs, see "Interpreting security findings on a repository."

Note: The GitHub-recommended security configuration is managed by GitHub and cannot be edited. If you would like to customize your security enablement settings, you need to create a custom security configuration. For more information, see "Creating a custom security configuration."

Modifying your custom security configuration

  1. In the upper-right corner of GitHub, select your profile photo, then click Your organizations.

  2. Under your organization name, click Settings. If you cannot see the "Settings" tab, select the dropdown menu, then click Settings.

    Screenshot of the tabs in an organization's profile. The "Settings" tab is outlined in dark orange.

  3. In the "Security" section of the sidebar, select the Code security dropdown menu, then click Configurations.

  4. In the "Code security configurations" section, click the name of the custom security configuration you want to edit.

    Note: The default security configuration for an organization is only automatically applied to new repositories created in your organization. If a repository is transferred into your organization, you will still need to apply an appropriate security configuration to the repository manually.

  5. Edit the name and description of your custom security configuration as desired.

  6. In the "Security settings" section, edit the enablement settings of your custom security configuration as desired.

  7. In the "Policy" section, you can modify the configuration's enforcement status. Enforcing a configuration will block repository owners from changing features that are enabled or disabled by the configuration, but features that are not set aren't enforced. Next to "Enforce configuration", select Enforce or Don't enforce from the dropdown menu.

    Note

    If a user in your organization attempts to change the enablement status of a feature in an enforced configuration using the REST API, the API call will appear to succeed, but no enablement statuses will change.

    Some situations can break the enforcement of security configurations for a repository. For example, the enablement of code scanning will not apply to a repository if:

    • GitHub Actions is initially enabled on the repository, but is then disabled in the repository.
    • GitHub Actions required by code scanning configurations are not available in the repository.
    • The definition for which languages should not be analyzed using code scanning default setup is changed.

  8. To apply your changes, click Update configuration.