此版本的 GitHub Enterprise Server 将于以下日期停止服务 2026-03-17. 即使针对重大安全问题,也不会发布补丁。 为了获得更好的性能、更高的安全性和新功能,请升级到最新版本的 GitHub Enterprise。 如需升级帮助,请联系 GitHub Enterprise 支持

管理企业的 GitHub Advanced Security 功能

可以控制 GitHub Advanced Security 功能,这些功能保护和分析企业拥有的所有组织中的代码。

谁可以使用此功能?

Enterprise owners can manage Advanced Security features for organizations in an enterprise.

本文内容

About management of Advanced Security features

You can use Advanced Security features to harden security for the organizations in your enterprise.

To streamline management of Advanced Security, you can enable or disable each feature for all existing and/or new repositories within the organizations owned by your enterprise.

You can also enable or disable GitHub Advanced Security features via the API. For more information, see REST API endpoints for secret scanning in the REST API documentation.

For information about buying a license for GitHub Advanced Security, see GitHub Advanced Security license billing.

If you have disallowed GitHub Advanced Security for an organization, that organization will not be affected by enabling a feature for all existing repositories or for all new repositories. For more information about disallowing GitHub Advanced Security for an organization, see Enforcing policies for code security and analysis for your enterprise.

When you enable one or more security and analysis features for existing repositories, you will see any results displayed on GitHub within minutes.

Managing Advanced Security features

注意

If you enable GitHub Advanced Security features, active committers to these repositories will use GitHub Advanced Security licenses. This option is deactivated if you have exceeded your license capacity.

  1. In the top-right corner of GitHub Enterprise Server, click your profile picture, then click Enterprise settings.

  2. On the left side of the page, in the enterprise account sidebar, click Settings.

  3. In the left sidebar, click Code security and analysis.

  4. Optionally, enable or disable a feature for all existing repositories.

    • To the right of the feature, click Disable all or Enable all. If the control for "GitHub Advanced Security" is disabled, you have no available licenses for GitHub Advanced Security.
    • To confirm the change, click the Enable/Disable all or Enable/Disable for eligible repositories button in the dialog that is displayed.

  5. Optionally, to enable or disable a feature automatically when new private and internal repositories, user namespace repositories, or public repositories and repositories with GitHub Advanced Security enabled are created, select the checkbox below the feature.

  6. Optionally, to include a resource link in the message that members will see when they attempt to push a secret, select Add a resource link in the CLI and web UI when a commit is blocked, then type a URL, and click Save link.

    注意

    When a custom link is configured for an organization, the organization-level value overrides the custom link set for the enterprise. See About push protection.

    Screenshot of "Push protection" settings. The checkbox and text field used for enabling a custom link are outlined.