turbot/github_compliance
GitHub
Loading controls...

Control: 1.2.4 Ensure inactive repositories are reviewed and archived periodically

Description

Ensure inactive repositories are reviewed and archived periodically

Rationale

Inactive repositories (i.e., no new changes introduced for a long period of time) can enlarge the surface of a potential attack or data leak. These repositories are more likely to be improperly managed, and thus could possibly be accessed by many users in an organization.

Note: Bug fixes and deployment of necessary changes could prove complicated for archived repositories.

Audit

Verify that all the repositories in the organization are active, and those that are not are reviewed or archived.

Remediation

Review all inactive repositories and archive them periodically.

Usage

Run the control in your terminal:

steampipe check github_compliance.control.cis_supply_chain_v100_1_2_7

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share github_compliance.control.cis_supply_chain_v100_1_2_7

SQL

This control uses a named query:

repo_inactive_more_than_90_days

Tags