Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Repo sync #35622

Merged
merged 2 commits into from
Dec 11, 2024
Merged

Repo sync #35622

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
ad5c515
Merge pull request #53577 from github/repo-sync
docs-bot Dec 11, 2024
6c7a301
Add some more info about code scanning ruleset rules (#53572)
simon-engledew Dec 11, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 4 additions & 1 deletion ...managing-your-code-scanning-configuration/set-code-scanning-merge-protection.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,14 +15,17 @@ topics:
## About using rulesets for {% data variables.product.prodname_code_scanning %} merge protection

> [!NOTE]
> * This feature is currently in {% data variables.release-phases.public_preview %} and subject to change.
> * Merge protection with rulesets is not related to status checks. For more information about status checks, see "[AUTOTITLE](/pull-requests/collaborating-with-pull-requests/collaborating-on-repositories-with-code-quality-features/about-status-checks)."
> * Merge protection with rulesets will not apply to merge queue groups or {% data variables.product.prodname_dependabot %} pull requests analyzed by default setup.

You can use rulesets to prevent pull requests from being merged when one of the following conditions is met:

{% data reusables.code-scanning.merge-protection-rulesets-conditions %}

Typically you should use rulesets target long-lived feature branches, where you would like to guarantee that code has been analyzed before pull requests can be merged.

Configuring a {% data variables.product.prodname_code_scanning %} rule will not automatically enable {% data variables.product.prodname_code_scanning %}. For more information about how to enable code scanning, see "[AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning)."

For more information about {% data variables.product.prodname_code_scanning %} alerts, see "[AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/about-code-scanning-alerts)."

You can set merge protection with rulesets at the repository {% ifversion ghec or ghes %}or organization levels{% else %}level{% endif %}, and for repositories configured with either default setup or advanced setup. You can also use the REST API to set merge protection with rulesets.
Expand Down
2 changes: 2 additions & 0 deletions content/code-security/secret-scanning/introduction/about-push-protection.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,8 @@ You can enable push protection:

For information about the secrets and service providers supported by push protection, see "[AUTOTITLE](/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#supported-secrets)."

Push protection has some limitations. For more information, see "[AUTOTITLE](/code-security/secret-scanning/troubleshooting-secret-scanning-and-push-protection/troubleshooting-secret-scanning#push-protection-limitations)."

## How push protection works

Push protection works:
Expand Down
3 changes: 2 additions & 1 deletion ...shooting-secret-scanning-and-push-protection/troubleshooting-secret-scanning.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,4 +38,5 @@ If your secret is in the supported list, there are various reasons why push prot
* The version of your secret may be old. {% data reusables.secret-scanning.push-protection-older-tokens %}
* The push may be too large, for example, if you're trying to push thousands of large files. A push protection scan may time out and not block a user if the push is too large. {% data variables.product.prodname_dotcom %} will still scan and create alerts, if needed, after the push.
* If the push results in the detection of over five new secrets, we will only show you the first five (we will always show you a maximum of five secrets at one time).
* If a push contains over 1,000 existing secrets (that is, secrets for which alerts have already been created), push protection will not block the push.
* If a push contains over 1,000 existing secrets (that is, secrets for which alerts have already been created), push protection will not block the push. {% ifversion fpt or ghec %}
* If a push in a public repository is larger than 50 MB, push protection will skip it and won't scan it.{% endif %}
2 changes: 1 addition & 1 deletion src/audit-logs/lib/config.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,5 +3,5 @@
"apiOnlyEvents": "This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.",
"apiRequestEvent": "This event is only available via audit log streaming."
},
"sha": "2c40dff92f97e4efcefcfd98ed9e6c9f3d69284b"
"sha": "1b079a4c67a6c2eecccbef1d2d465dd62bc2248b"
}
Loading