Feature request: make it harder for an org member to create public repos

This would reduce accidental creations of repos that are meant to be private in the first place. Often these repos contain confidential information, and sometimes even private keys (yes, it’s bad practice that should be discouraged, but we can significantly lower the rate of accidents!). 

One potential way to achieve this is perhaps an additional preference at the org level. The repo creation UI can then present additional hoops/warnings/verifications to be able to create a public repo, or even deny it entirely (maybe you could make this access more granular in later iterations). Creation of private repo = business as usual.

Often, these accidents are not noticed immediately because the UI indicator for private and public repos is barely noticeable. Maybe this could also be changed based on the additional preference. If the org prefers private repos, then the public ones can be rendered with a significantly noticable different theme, or something along that line.

1 Like

Like this https://help.github.com/en/enterprise/2.17/admin/user-management/restricting-repository-creation-in-your-instance but for non-Enterprise orgs.

Actually, why is it Enterprise Cloud only feature?


Hi @ronny,

Thanks for this feedback! We’re always working to improve GitHub and the GitHub Community Forum, and we consider every suggestion we receive. I’ve logged your feature request in our internal feature request list. Though I can’t guarantee anything or share a timeline for this, I can tell you that it’s been shared with the appropriate teams for consideration.


Hey @ronny 

I’m not sure if you are familiar with Probot, but there is an existing automation that may help you out here

Working with Probot is super easy and for me at least, a little addictive :) 

To save you a click-through here’s a quick summary from the apps home page.


  • Can convert newly created Public Repos to Private
  • Can also be enabled for repos that switch visibility from private to public
    • Not enabled by default it is possible to restrict visibility changes to org owners directly in GitHub.
  • Will create an issue in the repo explaining the action
  • Monitor only mode will not change the repo visibility but will still create an issue
  • Can set configuration parameters by using YAML file set in a specific repo for the entire org
  • Can exclude certain repos
  • Can set a list of users/groups to cc on every issue created

Hi i-marsh, that’s great! It’s not ideal, but probably the next best option. We just installed this automation today, and I think the team likes it so far. Thanks for the suggestion!

1 Like