This topic describes the settings available for repository management.
Organization administrators can use the following features to effectively manage repositories within their organization.
The organization-level Repository Settings page includes the following configuration items. Create Repository – Roles lets you choose which roles can create repositories, such as organization administrators, organization members, or external members. Visibility controls if repositories are private (accessible only to repository members) or visible to the entire organization (accessible to all organization members). Change Repository Visibility determines if repository administrators can switch visibility between private and organization-visible. Push/Pull Code – Clone and Download Control can be enabled or disabled. Push Rules let you configure restrictions, such as disallowing force pushes and enabling code ownership checks. Group Options – Code Groups lets you require a code group assignment. Delete Repository controls if repository administrators can delete repositories.
Roles
-
By default, organization administrators and organization members can create repositories.
-
By default, external members cannot create repositories. You can clear this option to allow external members to create repositories.
Visibility
-
By default, only members have access to private repositories.
-
By default, this grants visibility and access to members of the organization. If you uncheck this, the corresponding code repositories become inaccessible.
Change Repository Visibility
-
By default, repository administrators can change visibility to private.
-
By default, repository administrators can change visibility to organization-visible.
Push/Pull Code
The clone and download control feature restricts clone and download operations for repositories. When this feature is enabled, users can clone and download code only through explicitly permitted methods. This enhances data security.
You can configure Allowed Roles, such as Organization Members (including Administrators) and External Members, and Allowed Methods, such as SSH Clone, HTTPS Clone, and Download ZIP/TAR. These clone restrictions do not apply to Flow pipelines.
Push Rules
-
Disallow Force Push: When enabled, this rule prevents users from using git push -f to forcibly rewrite the commit history in any repository within the organization.
-
Code Ownership Check: This feature validates the email address of the code author (Author) or committer (Committer) set in the Git configuration against the primary verified email of the currently authenticated user. If the emails do not match, the system can either block the push or display a warning. After you enable Code Ownership Check, you can select Check Author or Check Committer in the validation rules and set the enforcement level to either Block Push or Warn Only, Allow Push. Mismatched emails can lead to inaccurate code contribution tracking. We recommend that users configure their email addresses correctly. This organization-level setting applies to all repositories in the organization and allows for additional per-repository configurations. For more information, see the repository Push Rules Settings.
Group Options
This option determines whether a code group assignment is required for a repository.
Delete Repository
This option controls whether repository administrators can delete repositories. By default, this permission is enabled. If you clear this option, repository administrators cannot delete repositories.