Detaching repositories from their security configurations

You can unlink repositories from their security configurations and instead manage their security enablement settings at the repository level.

Who can use this feature?

Organization owners and security managers can manage security configurations and global settings for an organization.

In this article

Note: Security configurations and global settings are in beta and subject to change. To provide feedback on these features, see the feedback discussion.

About detaching repositories from their security configurations

If you decide that the security needs of a repository are too specific for a security configuration to be useful, you can detach that repository from the linked configuration and instead manage security enablement settings at the repository level. Detaching a repository from a security configuration will not change the existing security enablement settings for that repository. For an introduction to securing your repository at the repository level, see "Quickstart for securing your repository."

Alternatively, if you want to apply a security configuration to a repository that's already attached to a different configuration, you can apply the configuration as normal, and you do not need to detach the current configuration. For more information, see "Applying the GitHub-recommended security configuration in your organization" and "Applying a custom security configuration."

Detaching repositories from linked security configurations

  1. In the upper-right corner of GitHub.com, select your profile photo, then click Your organizations.

    Screenshot of the dropdown menu under @octocat's profile picture. "Your organizations" is outlined in dark orange.

  2. Under your organization name, click Settings. If you cannot see the "Settings" tab, select the dropdown menu, then click Settings.

    Screenshot of the tabs in an organization's profile. The "Settings" tab is outlined in dark orange.

  3. In the "Security" section of the sidebar, select the Code security dropdown menu, then click Configurations.

  4. Optionally, in the "Apply configurations" section, filter for specific repositories you would like to detach from their configurations. To learn more, see "Filtering repositories in your organization using the repository table."

  5. In the repository table, select repositories with one of three methods:

    • Select each individual repository you would like to detach.
    • To select all repositories displayed on the current page of the repository table, select NUMBER repositories.
    • After selecting NUMBER repositories, to select all repositories in your organization that match any filters you have applied, click Select all.

  6. Select the Apply configuration dropdown menu, then click No configuration.

  7. To finish detaching your repositories from their linked security configurations, in the "No configuration?" window, click No configuration.