About management of security and analysis settings
GitHub can help secure your repositories. This topic tells you how you can manage the security and analysis features for all your existing or new repositories.
You can still manage the security and analysis features for individual repositories. For more information, see "Managing security and analysis settings for your repository."
Note: You can't disable some security and analysis features that are enabled by default for public repositories.
If you enable security and analysis features, GitHub performs read-only analysis on your repository. For more information, see "About GitHub's use of your data."
For an overview of repository-level security, see "Securing your repository."
Enabling or disabling features for existing repositories
- In the upper-right corner of any page, click your profile photo, then click Settings.
- In the left sidebar, click Security & analysis.
- Under "Configure security and analysis features", to the right of the feature, click Disable all or Enable all.
- Optionally, enable the feature by default for new repositories in your organization.
- Click Disable FEATURE or Enable FEATURE to disable or enable the feature for all the repositories you own.
When you enable one or more security and analysis features for existing repositories, you will see any results displayed on GitHub within minutes:
- All the existing repositories will have the selected configuration.
- New repositories will follow the selected configuration if you've enabled the checkbox for new repositories.
- We use the permissions to scan for manifest files to apply the relevant services.
- If enabled, you'll see dependency information in the dependency graph.
- If enabled, GitHub will generate Dependabot alerts for vulnerable dependencies.
- If enabled, Dependabot Security Updates will create pull requests to upgrade those dependencies.
Enabling or disabling features for new repositories
- In the upper-right corner of any page, click your profile photo, then click Settings.
- In the left sidebar, click Security & analysis.
- Under "Configure security and analysis features", to the right of the feature, enable or disable the feature by default for new repositories in your organization.
