About additional settings for secret scanning
There are some additional secret scanning settings that cannot be applied to repositories using security configurations, so you must configure these settings separately:
- Configuring a resource link for push protection
- Controlling features for new repositories created in a user namespace
These additional settings apply only to repositories with secret scanning and GitHub Advanced Security both enabled, or with GitHub Secret Protection enabled.
Accessing the additional settings for secret scanning
- In the top-right corner of GitHub, click your profile photo.
- Depending on your environment, click Your enterprise, or click Your enterprises then click the enterprise you want to view.
- At the top of the page, click Settings.
- In the left sidebar, click Advanced Security.
- Scroll down the page to the "Additional settings" section.
Configuring a resource link for push protection
To provide context for developers when secret scanning blocks a commit, you can display a link with more information on why the commit was blocked.
- Under "Additional settings", to the right of "Resource link for push protection", click .
- In the text box, type the link to the desired resource, then click .
Controlling features for new repositories created in a user namespace
To ensure that any repositories created by users outside of an organization are protected by the same security features as repositories created within an organization, you can enable or disable secret scanning features for new repositories created in a user namespace.
Under "Additional settings", use the options in the "User namespace repositories" section to enable or disable features for new repositories.