Enterprise Server 3.20 目前作为发布候选版本提供。

为代码扫描启用委派的警报消除

可以使用委派的警报消除来控制谁可以消除 code scanning 发现的警报。

谁可以使用此功能?

组织所有者、安全管理人员和存储库管理员可以启用委派的警报消除。 启用后,组织所有者和安全管理人员可以消除警报。

在本文中

注意

The implementation of this approval process can potentially cause some friction, so it's important to ensure that the team of security managers has adequate coverage to review dismissal requests regularly before proceeding.

Configuring delegated dismissal for a repository

注意

If an organization owner configures delegated alert dismissal via an enforced security configuration, the settings can't be changed at the repository level.

  1. On GitHub, navigate to the main page of the repository.

  2. Under your repository name, click Settings. If you cannot see the "Settings" tab, select the dropdown menu, then click Settings.

    Screenshot of a repository header showing the tabs. The "Settings" tab is highlighted by a dark orange outline.

  3. In the "Security" section of the sidebar, click Advanced Security.

  4. Under "Code Security", click Enable for "Prevent direct alert dismissals".

Configuring delegated dismissal for an organization

You must configure delegated dismissal for your organization using a custom security configuration. You can then apply the security configuration to all (or selected) repositories in your organization.

  1. Create a new custom security configuration, or edit an existing one. See Creating a custom security configuration.
  2. When creating the custom security configuration, under "Code scanning", set "Prevent direct alert dismissals" to Enabled.
  3. Click Save configuration.
  4. Apply the security configuration to all (or selected) repositories in your organization. See Applying a custom security configuration.

Configuring delegated dismissal for an enterprise

You must configure delegated dismissal for your enterprise using a custom security configuration. You can then apply the security configuration to all (or selected) repositories in your enterprise.

  1. Create a new custom security configuration, or edit an existing one. See Creating a custom security configuration for your enterprise.
  2. When creating the custom security configuration, under "code scanning", ensure that the dropdown menu for "Prevent direct alert dismissals" is set to Enabled.
  3. Click Save configuration.
  4. Apply the security configuration to all (or selected) repositories in your enterprise. See Applying a custom security configuration to your enterprise.

To learn more about security configurations, see About enabling security features at scale.

Next steps

Now that you have enabled delegated alert dismissal for code scanning, you should regularly review alert dismissal requests to maintain an accurate alert count and unblock your developers. See Reviewing alert dismissal requests.