Ensure inactive repositories are reviewed and archived periodically

Inactive repositories (i.e., no new changes introduced for a long time) can enlarge the surface of a potential attack or data leak. These repositories are more likely to be improperly managed. So thus could be accessed by many users in an organization.

Suggest Edits

Risk Level: medium
Platform: Github
Spectral Rule ID: GH-HRD033

REMEDIATION

go to Danger Zone- Archive this repository, review all inactive repositories, and archive them periodically.

Go to https://github.com/<YOUR_ORGANIZATION_NAME>/<YOUR_REPO_NAME>/settings
Go to 'Danger Zone' and after that to 'Archive this repository'
Review all inactive repositories and archive them periodically

https://docs.github.com/en/repositories/archiving-a-github-repository/archiving-repositories

Updated about 1 year ago

REMEDIATION

Read more: