This document describes how to check for security risks in a code repository.
- Log in to the CODING Console and click the team domain name to go to CODING.
- Click in the upper-right corner to open the project list page and click a project icon to open the corresponding project.
- In the menu on the left, click Code Repositories > Settings to go to the repository security page.
Project admins can view existing security risks in Settings > Repository Security.
The following checks on code repositories are available:
- Whether the check of the Git committer and author is enabled.
- Whether a GPG public key has been uploaded.
- Whether a protected branch has been set. Whether branch admins have been set and review by the code owner has been enabled for protected branches.
To keep your repository secure, we recommend you configure the relevant features with reference to Push Settings, Using GPG to Sign Commit Records, and Protected Branch.