1. repository-settings.md

Configuring repository settings

Note

This section can be applied to repos/<file>.yml or suborgs/<file>.yml. It will most commonly appear in the individual repos though. Defaults will be taken from settings.yml.

Example repository definition

# These settings are synced to GitHub by https://github.com/github/safe-settings
repository:
  auto_init: true
  gitignore_template: node
  license_template: mit
  description: This is my repository description
  homepage: https://www.example.com
  private: true
  visibility: internal
  topics: [github, probot, new-topic, another-topic, topic-12]
  security_and_analysis:
    advanced_security:
      status: enabled
    secret_scanning:
      status: enabled
    secret_scanning_push_protection:
      status: enabled
  has_issues: true
  has_projects: false
  has_wiki: false
  is_template: false
  default_branch: main
  allow_squash_merge: true
  allow_merge_commit: true
  allow_rebase_merge: true
  allow_auto_merge: true
  delete_branch_on_merge: true
  allow_update_branch: true
  squash_merge_commit_title: PR_TITLE
  squash_merge_commit_message: COMMIT_MESSAGES
  merge_commit_title: PR_TITLE
  merge_commit_message: PR_TITLE
  archived: false
  allow_forking: false
  web_commit_signoff_required: false
  security:
    enableVulnerabilityAlerts: true
    enableAutomatedSecurityFixes: true

Repository API Spec

Tip

GitHub's API documentation defines these inputs and types:

1. Update an environment
2. Replace all repository topics

name string  This is the name of the repository	Example: repository: - name: super-repo ...
description string  A short description of this repository	Example: repository: - description: This repo is so awesome, we named it super-repo ...
homepage string  A URL with more information about the repository.	Example: repository: - homepage: https://awesomeness.super-repo.com ...
private boolean  Either true to make the repository private or false to make it public. Default: null. Note: You will get a 422 error if you set this to , if your company restricts changing repository visibility to organization owners and public repositories are not permitted within the enterprise. Default: null	Example: repository: - private: true ...
visibility string  The visibility of the repository. It is recommended to set your defaults to internal to help drive InnerSource. Private repositories will encourage the perpetuation of silos Can be one of: internal, private	Example: repository: - private: true visibility: internal ...
security_and_analysis object or null  Specify which security and analysis features to enable or disable for the repository. To use this parameter, you must have admin permissions for the repository or be an owner or security manager for the organization that owns the repository. For more information, see "Managing security managers in your organization." Properties of security_and_analysis  advanced_security object    Use the status property to enable or disable GitHub Advanced Security for this repository. For more information, see "About GitHub Advanced Security." Properties of advanced_security  status string   Can be enabled or disabled.  secret_scanning object    Use the status property to enable or disable secret scanning for this repository. For more information, see "About secret scanning." Properties of secret_scanning  status string   Can be enabled or disabled.  secret_scanning_push_protection object    Use the status property to enable or disable secret scanning push protection for this repository. For more information, see "Protecting pushes with secret scanning." Properties of secret_scanning_push_protection  status string   Can be enabled or disabled.	repository: security_and_analysis: advanced_security: status: enabled secret_scanning: status: enabled secret_scanning_push_protection: status: enabled ...
has_issues boolean  Either true to enable issues for this repository or false to disable them. Default: true	repository: - has_issues: false ...
has_projects boolean  Either true to enable projects for this repository or false to disable them. Note: If you're creating a repository in an organization that has disabled repository projects, the default is false, and if you pass true, the API returns an error. Default: true	repository: - has_projects: false ...
has_wiki boolean  Either true to enable the wiki for this repository or false to disable it. Default: true	repository: - has_wiki: false ...
is_template boolean  Either true to make this repo available as a template repository or false to prevent it. Default: false	repository: - is_template: false ...
default_branch boolean  Updates the default branch for this repository.	repository: - default_branch: main ...
allow_squash_merge boolean  Either true to allow squash-merging pull requests, or false to prevent squash-merging. Default: true	repository: - allow_squash_merge: false ...
allow_merge_commit boolean  Either true to allow merging pull requests with a merge commit, or false to prevent merging pull requests with merge commits. Default: true	repository: - allow_merge_commit: false ...
allow_rebase_merge boolean  Either true to allow rebase-merging pull requests, or false to prevent rebase-merging. Default: true	repository: - allow_rebase_merge: false ...
allow_auto_merge boolean  Either true to allow auto-merge on pull requests, or false to disallow auto-merge. Default: false	repository: - allow_auto_merge: true ...
delete_branch_on_merge boolean  Either true to allow automatically deleting head branches when pull requests are merged, or false to prevent automatic deletion. Default: false	repository: - delete_branch_on_merge: true ...
allow_update_branch boolean  Either true to always allow a pull request head branch that is behind its base branch to be updated even if it is not required to be up to date before merging, or false otherwise. Default: false	repository: - allow_update_branch: true ...
squash_merge_commit_title string  The default value for a squash merge commit title:  •PR_TITLE - default to the pull request's title.  •COMMIT_OR_PR_TITLE - default to the commit's title (if only one commit) or the pull request's title (when more than one commit). Can be one of: PR_TITLE, COMMIT_OR_PR_TITLE	repository: - squash_merge_commit_title: PR_TITLE ...
squash_merge_commit_message string  The default value for a squash merge commit title: •PR_BODY - default to the pull request's body. •COMMIT_MESSAGES - default to the branch's commit messages. •BLANK - default to a blank commit message. Can be one of: PR_BODY, COMMIT_MESSAGES, BLANK	repository: - squash_merge_commit_message: PR_BODY ...
merge_commit_title string  The default value for a squash merge commit title:  •PR_TITLE - default to the pull request's title.  •MERGE_MESSAGE - default to the classic title for a merge message (e.g., Merge pull request #123 from branch-name). Can be one of: PR_TITLE, MERGE_MESSAGE	repository: - merge_commit_title: PR_TITLE ...
merge_commit_message string  The default value for a squash merge commit title:  •PR_TITLE - default to the pull request's title.  •PR_BODY - default to the pull request's body.  •BLANK - default to a blank commit message. Can be one of: PR_TITLE, PR_BODY, BLANK	repository: - merge_commit_message: PR_BODY ...
archived boolean  Whether to archive this repository. false will unarchive a previously archived repository. Default: false	repository: - archived: true ...
allow_forking boolean  Either true to allow private forks, or false to prevent private forks. Default: false	repository: - allow_forking: false ...
web_commit_signoff_required boolean  Either true to require contributors to sign off on web-based commits, or false to not require contributors to sign off on web-based commits. Default: false	repository: - web_commit_signoff_required: false ...