DOS4245

Organization Member - Should have a login name

DOS4245

GitHub organization Severitymedium builtIn

Description

Every organization member record should carry a non-empty login. Members without logins are typically a result of stale data, deleted GitHub accounts that were not cleaned up, or in-flight membership changes. Such records should be removed from the organization.

Learn More

Recommendation

1. Go to Organization -> People. 
2. Identify any rows with missing or anonymized usernames. 
3. Remove them from the organization.

Policy Rule

{
  "target": "GHOrganizationMember",
  "if": {
    "allOf": [
      {
        "resource": "GHOrganizationMember",
        "property": "Login",
        "operator": "notEquals",
        "value": ""
      }
    ]
  },
  "then": {
    "effect": "Audit"
  }
}
« DOS4240 DOS4250 »
Rule Details
  • Rule ID: DOS4245
  • Code: GH_Organization_Member_Should_Have_Login
  • Platform: GitHub
  • Category: organization
  • Severity: Severitymedium
  • Type: builtIn
Related Rules

Copyright © DevOps Shield. All Rights Reserved. Privacy Policy | Cookie Policy | Terms and Conditions | v1.0.2