Restrict GitHub Org Secrets to Specific Repositories

tip

This check is currently under development and not yet implemented. Click here to learn how you can help.

Description

Limit GitHub organization secrets to only be accessible by selected repositories

Details

• Default Category: github workflows
• Default Priority Group: P10
• C-SCRM: true
• Mitre: CWE-250
• Mitre: CAPEC-69
• Sources: OpenSSF SCM Best Practices
• How To: Github Docs