Skip to content

Latest commit

 

History

History
49 lines (36 loc) · 3.33 KB

File metadata and controls

49 lines (36 loc) · 3.33 KB
title Enabling delegated alert dismissal for code scanning
intro You can use delegated alert dismissal to control who can dismiss an alert found by {% data variables.product.prodname_code_scanning %}.
permissions {% data reusables.permissions.delegated-alert-dismissal %}
versions
feature
security-delegated-alert-dismissal
contentType how-tos
shortTitle Enable delegated alert dismissal
redirect_from
/code-security/code-scanning/managing-your-code-scanning-configuration/enabling-delegated-alert-dismissal-for-code-scanning
category
Find and fix code vulnerabilities

{% data reusables.security.delegated-alert-dismissal-capacity %}

Configuring delegated dismissal for a repository

[!NOTE] If an organization owner configures delegated alert dismissal via an enforced security configuration, the settings can't be changed at the repository level.

{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-settings %} {% data reusables.repositories.navigate-to-code-security-and-analysis %}{% ifversion ghas-products %}{% else %} {% data reusables.repositories.navigate-to-ghas-settings %}{% endif %}

  1. Under "{% data variables.product.UI_code_security_scanning %}", click Enable for "Prevent direct alert dismissals".

Configuring delegated dismissal for an organization

You must configure delegated dismissal for your organization using a custom security configuration. You can then apply the security configuration to all (or selected) repositories in your organization.

{% data reusables.security-configurations.custom-security-configurations-org %}

  1. When creating the custom security configuration, under "{% data variables.product.prodname_code_scanning_caps %}", set "Prevent direct alert dismissals" to Enabled.
  2. Click Save configuration.
  3. Apply the security configuration to all (or selected) repositories in your organization. See AUTOTITLE.

Configuring delegated dismissal for an enterprise

You must configure delegated dismissal for your enterprise using a custom security configuration. You can then apply the security configuration to all (or selected) repositories in your enterprise.

{% data reusables.security-configurations.custom-security-configurations-enterprise %}

  1. When creating the custom security configuration, under "{% data variables.product.prodname_code_scanning %}", ensure that the dropdown menu for "Prevent direct alert dismissals" is set to Enabled.
  2. Click Save configuration.
  3. Apply the security configuration to all (or selected) repositories in your enterprise. See AUTOTITLE.

To learn more about security configurations, see AUTOTITLE.

Next steps

Now that you have enabled delegated alert dismissal for {% data variables.product.prodname_code_scanning %}, you should regularly review alert dismissal requests to maintain an accurate alert count and unblock your developers. See AUTOTITLE.