default_branch_all_build_steps_as_codedefault_branch_blocks_force_pushdefault_branch_code_change_review_dismissal_restrictionsdefault_branch_must_dismiss_stale_approvalsdefault_branch_pipeline_locks_external_dependencies_for_build_processdefault_branch_pipeline_must_have_jobs_with_sbom_generationdefault_branch_pipelines_scan_for_vulnerabilitiesdefault_branch_pipelines_scanners_set_to_prevent_sensitive_datadefault_branch_protections_apply_to_adminsdefault_branch_requires_2_pull_request_reviewsdefault_branch_requires_code_owners_reviewdefault_branch_requires_signed_commitsdefault_branch_requires_status_checksdefault_branch_restrict_push_and_mergedefault_branch_setting_block_deletionorg_default_repo_permission_noneorg_default_repo_permission_none_readorg_domain_verifiedorg_member_mfa_enabledorg_members_cannot_create_reposorg_minimum_administrators_setorg_two_factor_requiredpublic_repo_has_security_md_filerepo_delete_branch_on_merge_enabledrepo_deletion_limited_to_trusted_usersrepo_inactive_members_reviewrepo_inactive_more_than_90_daysrepo_issue_deletion_limited_to_trusted_usersrepo_linear_history_enabledrepo_no_open_commentsrepo_open_branches_are_upto_date_before_mergerepo_should_have_two_adminsrepo_webhook_package_registery_security_settings_enabled
Query: org_default_repo_permission_none_read
Usage
powerpipe query github_compliance.query.org_default_repo_permission_none_read
Steampipe Tables
SQL
select -- Required Columns url as resource, case when default_repo_permission is null then 'info' when default_repo_permission in ('read', 'none') then 'ok' else 'alarm' end as status, login || case when default_repo_permission is null then ' base permission unknown, manual verification required.' else ' base permission is ' || default_repo_permission || '.' end as reason, -- Additional Dimensions loginfrom github_my_organization;
Controls
The query is being used by the following controls: