Guides

Ensure packages' organization has no public visibility

A repository-scoped package inherits the permissions and visibility of the repository that owns the package

Suggest Edits

Risk Level: medium
Platform: Github
Spectral Rule ID: GH-HRD043

REMEDIATION

in 'Packages permissions' set 'Package Creation' to 'Private'.

SaaS:

  1. Go to https://github.com/organizations/<YOUR_ORGANIZATION_NAME>/settings/packages.
  2. Go to 'Packages permissions'.
  3. set 'Package Creation' to 'Private'.

Read more:

Updated over 1 year ago