205ab5e888
* Clarify info about dependency inaccessibility See issue raised by Maya K https://github.com/github/docs-internal/issues/16786 * Update data/reusables/dependabot/private-dependencies-note.md Co-authored-by: Maya Kaczorowski <15946341+mayakacz@users.noreply.github.com> Co-authored-by: Maya Kaczorowski <15946341+mayakacz@users.noreply.github.com>
5.2 KiB
title, intro, permissions, versions
| title | intro | permissions | versions | ||
|---|---|---|---|---|---|
| Managing security and analysis settings for your organization | You can control features that secure and analyze the code in your organization's projects on {% data variables.product.prodname_dotcom %}. | Organization owners can manage security and analysis settings for repositories in the organization. |
|
About management of security and analysis settings
{% data variables.product.prodname_dotcom %} can help secure the repositories in your organization. You can manage the security and analysis features for all existing or new repositories that members create in your organization. {% data reusables.security.some-security-and-analysis-features-are-enabled-by-default %} {% data reusables.security.security-and-analysis-features-enable-read-only %}
Displaying the security and analysis settings
{% data reusables.profile.access_profile %} {% data reusables.profile.access_org %} {% data reusables.organizations.org_settings %} {% data reusables.organizations.security-and-analysis %}
The page that's displayed allows you to enable or disable security and analysis features for the repositories in your organization.
Enabling or disabling a feature for all existing repositories
- Go to the security and analysis settings for your organization. For more information, see "Displaying the security and analysis settings."
- Under "Configure security and analysis features", to the right of the feature, click Disable all or Enable all.
- Optionally, enable the feature by default for new repositories in your organization.
- Click Disable FEATURE or Enable FEATURE to disable or enable the feature for all the repositories in your organization.
Enabling or disabling a feature for all new repositories when they are added
- Go to the security and analysis settings for your organization. For more information, see "Displaying the security and analysis settings."
- Under "Configure security and analysis features", to the right of the feature, enable or disable the feature by default for new repositories in your organization.
Allowing Dependabot to access private repositories
{% data variables.product.prodname_dependabot %} can check for outdated dependency references in a project and automatically generate a pull request to update them. To do this, {% data variables.product.prodname_dependabot %} must have access to all of the targeted dependency files. Typically, version updates will fail if one or more dependencies are inaccessible.
By default, {% data variables.product.prodname_dependabot %} can't update dependencies that are located in private repositories. However, if a dependency is in a private {% data variables.product.prodname_dotcom %} repository within the same organization as the project that uses that dependency, you can allow {% data variables.product.prodname_dependabot %} to update the version successfully by giving it access to the host repository. For more information, including details of limitations to private dependency support, see "About Dependabot version updates."
- Go to the security and analysis settings for your organization. For more information, see "Displaying the security and analysis settings."
- In the "{% data variables.product.prodname_dependabot %} repository access" section, click the settings button {% octicon "gear" aria-label="The Gear icon" %}.
A list is displayed showing all of the private repositories in your organization.
- Select the repositories that {% data variables.product.prodname_dependabot %} can access.
- Click Select repositories.
Further reading
{% if currentVersion == "free-pro-team@latest" %}- "About securing your repository"