Control: 1.2.4 Ensure inactive repositories are reviewed and archived periodically
Ensure inactive repositories are reviewed and archived periodically
Inactive repositories (i.e., no new changes introduced for a long period of time) can enlarge the surface of a potential attack or data leak. These repositories are more likely to be improperly managed, and thus could possibly be accessed by many users in an organization.
Note: Bug fixes and deployment of necessary changes could prove complicated for archived repositories.
Verify that all the repositories in the organization are active, and those that are not are reviewed or archived.
Review all inactive repositories and archive them periodically.
Run the control in your terminal:
steampipe check github_compliance.control.cis_supply_chain_v100_1_2_7
Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share github_compliance.control.cis_supply_chain_v100_1_2_7
This control uses a named query:repo_inactive_more_than_90_days