Independent Policy Management

GitHub has updated its enterprise policy system to decouple GitHub Code Quality from Code Security in GitHub Advanced Security. Previously, these features were managed together, which meant enabling Code Quality could unintentionally enable Code Security across an enterprise.

Key Changes

• Separated Policy Controls: Advanced Security enterprise policy settings no longer bundle Code Quality—it now has its own dedicated policy configuration
• Repository-Level Configuration: A new dedicated policy page lets administrators manage GitHub Code Quality at the repository level, mirroring the existing Advanced Security policy experience
• Greater Flexibility: Organizations can now enable Code Quality features independently, tailoring adoption to their specific needs without forcing additional security features organization-wide

What Developers Need to Know

Enterprise administrators should review their current security policies to ensure Code Quality is configured as intended. The separation means you can now adopt code quality improvements at a different pace than other security tools. For detailed configuration instructions, refer to the GitHub Code Quality documentation.