You can now choose a Not set option for GitHub Code Security features in your organization’s security configurations. Previously, you could only enable or disable features like code scanning and Dependabot at the organization level. With the new Not set option, you can enforce some security settings (such as secret scanning) while letting repository administrators decide whether to enable GitHub Code Security features on their repositories.

This update gives organizations more flexibility in managing security requirements and helps repository admins tailor their security setup to their specific needs.

To learn more about configuring security settings at the organization level, see our documentation.