Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security Policy violation Outside Collaborators #775

Open
ghost opened this issue Oct 25, 2024 · 1 comment
Open

Security Policy violation Outside Collaborators #775

ghost opened this issue Oct 25, 2024 · 1 comment

Comments

@ghost
Copy link

ghost commented Oct 25, 2024

This issue was automatically created by Allstar.

Security Policy Violation
Found 2 outside collaborators with push access.
This policy requires users with this access to be members of the organisation. That way you can easily audit who has access to your repo, and if an account is compromised it can quickly be denied access to organization resources. To fix this you should either remove the user from repository-based access, or add them to the organization.

OR

If you don't see the Settings tab you probably don't have administrative access. Reach out to the administrators of the organisation to fix this issue.

OR

  • Exempt the user by adding an exemption to your organization-level Outside Collaborators configuration file.

Issue created by GSA Allstar. See remediation hints in the README.

This issue will auto resolve when the policy is in compliance.

Issue created by Allstar. See https://github.com/ossf/allstar/ for more information. For questions specific to the repository, please contact the owner or maintainer.

@ghost ghost added the allstar-gsa label Oct 25, 2024
@allstar-gsa
Copy link

allstar-gsa bot commented Nov 22, 2024

Updating issue after ping interval. See its status below.


Found 2 outside collaborators with push access.
This policy requires users with this access to be members of the organisation. That way you can easily audit who has access to your repo, and if an account is compromised it can quickly be denied access to organization resources. To fix this you should either remove the user from repository-based access, or add them to the organization.

OR

If you don't see the Settings tab you probably don't have administrative access. Reach out to the administrators of the organisation to fix this issue.

OR

  • Exempt the user by adding an exemption to your organization-level Outside Collaborators configuration file.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

0 participants