An application to set up and enforce rules for all of your GitHub repositories:

• enforce rules on all repositories or a sub selection using regex
• ensure that all repositories only use squash merge and delete merged branch
• ensure that matching repositories always have private visibility
• ensure that only certain team is admin or maintainer of repositories with certain pattern
• ensure that the default branch (or any branch) always requires GPG signatures on commit

This application basically allows you to set up a rule for repository, automated security fixes, vulnerability alerts, topics, team permissions and branch protection to any of your repository. The rule is run periodically or when a webhook is sent from github (such as a repository is modified).

This application needs the administration permission (to update repository setting) and members permission (to look up users and groups for access restrictions) for your organization. If you have concerns over the permission, there is also the Enterprise plan where you self host the code and app.