Ensure inactive repositories are reviewed and archived periodically

Inactive repositories (i.e., no new changes introduced for a long time) can enlarge the surface of a potential attack or data leak. These repositories are more likely to be improperly managed. So thus could be accessed by many users in an organization.

Risk Level: medium
Platform: Github
Spectral Rule ID: GH-HRD033

REMEDIATION

go to Danger Zone- Archive this repository, review all inactive repositories, and archive them periodically.

  1. Go to https://github.com/<YOUR_ORGANIZATION_NAME>/<YOUR_REPO_NAME>/settings
  2. Go to 'Danger Zone' and after that to 'Archive this repository'
  3. Review all inactive repositories and archive them periodically

Read more: