Article version: Enterprise Server 2.20
About repository visibility
You can restrict who has access to a repository by choosing a repository's visibility: public, internal, or private.
When you create a repository, you can choose to make the repository public or private. If you're creating the repository in an organization, you can also choose to make the repository internal.
If your GitHub Enterprise Server instance is not in private mode or behind a firewall, public repositories are accessible to everyone on the internet. Otherwise, public repositories are available to everyone using your GitHub Enterprise Server instance, including outside collaborators. Private repositories are only accessible to you and the people you share them with. Internal repositories are accessible to members of any organization on your instance. For more information, see "About internal repositories."
Organization owners always have access to every repository created in an organization. For more information, see "Repository permission levels for an organization."
People with admin permissions for a repository can change an existing repository's visibility. For more information, see "Setting repository visibility."
Note: Internal repositories are available with GitHub Enterprise Cloud and GitHub Enterprise Server 2.20+. For more information, see GitHub's products."
You can use internal repositories to practice "innersource" within your instance. Members of any organization on your instance can collaborate using open source methodologies without sharing proprietary information publicly, even with private mode disabled. For more information on innersource, see GitHub's whitepaper "An introduction to innersource."
All organization members have read permissions to the internal repository, but internal repositories are not visible to people who are not members of an organization, including outside collaborators on organization repositories. For more information, see "Repository permission levels for an organization."
If a user is removed from all organizations on the instance, that user's forks of internal repositories are removed automatically.