Ensure packages' organization has no public visibility
A repository-scoped package inherits the permissions and visibility of the repository that owns the package
Risk Level: medium
Platform: Github
Spectral Rule ID: GH-HRD043
REMEDIATION
in 'Packages permissions' set 'Package Creation' to 'Private'.
SaaS:
- Go to
https://github.com/organizations/
<YOUR_ORGANIZATION_NAME>/settings/packages
. - Go to 'Packages permissions'.
- set 'Package Creation' to 'Private'.
Read more:
Updated 11 days ago