You must have an available GitHub Advanced Security (GHAS) license for each unique active committer to enable GHAS features on a private or internal repository. To learn about GHAS licensing, as well as unique and active committers, see "About billing for GitHub Advanced Security."
If you try to apply a security configuration with GHAS features to your repositories and don't have enough GHAS licenses, the configuration will only be successfully applied to public repositories. For private and internal repositories, only free security features will be enabled due to the license limitation, resulting in the following outcomes:
- Free security features enabled in the configuration will be enabled for all private and internal repositories.
- GHAS features will not be enabled for any private or internal repositories.
- The security configuration will not be applied to any private or internal repositories, since only some features from the configuration are enabled.
For more information on managing GHAS licenses for your organization, see "Managing your GitHub Advanced Security license usage."