Prerequisites
Before you can effectively manage your paid use of Advanced Security, you should understand how Advanced Security is billed. See GitHub Advanced Security license billing.
Understanding your license usage
-
In the upper-right corner of GitHub, click your profile picture, then click Organizations.
-
Under your organization name, click Settings. If you cannot see the "Settings" tab, select the dropdown menu, then click Settings.
-
In the "Security" section of the sidebar, select the Advanced Security dropdown menu, then click Configurations.
-
In the "Apply configurations" section, your current license usage will be displayed. This screenshot shows metered usage. If you have bought a volume/subscription license, then the number of licenses available is also reported.
-
Optionally, to find specific repositories in your organization, filter the repository table. To learn more, see Filtering repositories in your organization using the repository table.
Turning off Secret Protection or Code Security
The simplest way to turn off all Secret Protection or Code Security features for one or more repositories is to create a security configuration where the product is disabled at the top level. You can apply this custom configuration to repositories where you want to turn off paid features.
Conseil
Ensure that you give your custom configuration a very clear name, for example: "No Code Security" or "Secret Protection and Supply chain only" to avoid confusion.
For more information, see Creating a custom security configuration and Applying a custom security configuration.
To prevent future enablement of security features, we recommend you ask your enterprise administrator to set the enterprise account's Advanced Security policies so that:
- Advanced Security is not available.
- Repository administrators are not allowed to enable or disable Advanced Security features for their repositories. See Enforcing policies for code security and analysis for your enterprise.