policy name: enterprise_allows_forking_repos
severity: LOW
The enterprise’s repository forking policy should be set to DISABLED. Forking a repository can lead to loss of control and potential exposure of source code. If you do not need forking, it is recommended to turn it off in the project’s configuration. The option to fork should be enabled only by owners deliberately when opting to create a fork.
Forking to external namespaces could result in loss of control over proprietary information and potentially expose the organization to security risks, such as data leaks.