Plugin Title | Org Default Permission |
Cloud | GITHUB |
Category | Orgs |
Description | Checks the default permission given to new users added to an organization. |
More Info | The default permission given to new organization users should be set to none. Read permissions risk exposing private repositories, while write or admin permissions risk sensitive access to repositories for new users. |
GITHUB Link | https://help.github.com/en/articles/repository-permission-levels-for-an-organization |
Recommended Action | Set the default permission to none or read-only and assign permissions on a more granular repository level. |