Skip to content

Commit

Permalink
Merge pull request github#34941 from github/repo-sync
Browse files Browse the repository at this point in the history
Repo sync
  • Loading branch information
docs-bot authored Oct 15, 2024
2 parents 3b5cbf1 + ed27e7e commit 00e1056
Show file tree
Hide file tree
Showing 14 changed files with 41 additions and 20 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
title: Enabling push protection for your repository
shortTitle: Enable push protection
intro: 'With push protection, {% data variables.product.prodname_secret_scanning %} blocks contributors from pushing secrets to a repository and generates an alert whenever a contributor bypasses the block.'
product: '{% data reusables.gated-features.secret-scanning %}'
permissions: '{% data reusables.permissions.push-protection %}'
versions:
fpt: '*'
ghes: '*'
Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
---
title: About delegated bypass for push protection
intro: 'You can control which teams or roles have the ability to bypass push protection in your organization or repository.'
product: '{% data reusables.gated-features.push-protection-for-repos %}'
product: '{% data reusables.gated-features.delegated-bypass %}'
versions:
feature: push-protection-delegated-bypass
type: overview
Expand Down
Original file line number Diff line number Diff line change
@@ -1,8 +1,7 @@
---
title: Enabling delegated bypass for push protection
intro: 'You can use delegated bypass for your organization or repository to control who can push commits that contain secrets identified by {% data variables.product.prodname_secret_scanning %}.'
product: '{% data reusables.gated-features.push-protection-for-repos %}'
permissions: 'Organization owners and repository administrators can enable delegated bypass for push protection for their organization and repository, respectively.'
permissions: '{% data reusables.permissions.delegated-bypass %}'
versions:
feature: push-protection-delegated-bypass
type: how_to
Expand Down
Original file line number Diff line number Diff line change
@@ -1,8 +1,7 @@
---
title: Managing requests to bypass push protection
intro: 'As a member of the bypass list for an organization or repository, you can review bypass requests from other members of the organization or repository.'
product: '{% data reusables.gated-features.push-protection-for-repos %}'
permissions: 'Members of the bypass list can process requests from non-members to bypass push protection.'
permissions: '{% data reusables.permissions.delegated-bypass-list %}'
versions:
feature: push-protection-delegated-bypass
type: how_to
Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
---
title: Excluding folders and files from secret scanning
intro: 'You can customize {% data variables.product.prodname_secret_scanning %} to exclude directories or files from analysis, by configuring a `secret_scanning.yml` file in your repository.'
product: '{% data reusables.gated-features.secret-scanning %}'
permissions: '{% data reusables.permissions.secret-scanning-alerts %}'
shortTitle: Exclude folders and files
versions:
fpt: '*'
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
title: Working with push protection from the command line
shortTitle: Push protection on the command line
intro: 'Learn your options for unblocking your push from the command line to {% data variables.product.prodname_dotcom %} if {% data variables.product.prodname_secret_scanning %} detects a secret in your changes.'
product: '{% data reusables.gated-features.secret-scanning %}'
permissions: '{% data reusables.permissions.push-protection %}'
versions:
fpt: '*'
ghes: '*'
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
title: Working with push protection in the GitHub UI
shortTitle: Push protection in the GitHub UI
intro: 'Learn your options for unblocking your commit when {% data variables.product.prodname_secret_scanning %} detects a secret in your changes.'
product: '{% data reusables.gated-features.secret-scanning %}'
permissions: '{% data reusables.permissions.push-protection %}'
versions:
fpt: '*'
ghes: '*'
Expand Down
13 changes: 13 additions & 0 deletions data/reusables/gated-features/delegated-bypass.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
Delegated bypass requires push protection to be enabled for the organization or the repository. See "[AUTOTITLE](/code-security/secret-scanning/introduction/about-push-protection)."

Delegated bypass is available for the following repositories:

{% ifversion ghec %}

* Private and internal repositories in organizations using {% data variables.product.prodname_ghe_cloud %} with [{% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security) enabled

{% elsif ghes %}

* Organization-owned repositories with [{% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security) enabled

{% endif %}
15 changes: 11 additions & 4 deletions data/reusables/gated-features/push-protection-for-repos.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,13 @@
{%- ifversion fpt or ghec %}
Push protection for repositories and organizations is available for the following repository types:

Push protection for repositories and organizations is available for {% ifversion ghec %}user-owned {% endif %}public repositories for free. Organizations using {% data variables.product.prodname_ghe_cloud %} with a license for {% data variables.product.prodname_GH_advanced_security %} can also enable push protection on their private and internal repositories.
{% ifversion fpt or ghec %}

{%- elsif ghes %}
Push protection is available for organization-owned repositories in {% data variables.product.product_name %} if your enterprise has a license for {% data variables.product.prodname_GH_advanced_security %}.{% endif %}
* {% ifversion ghec %}User-owned public{% elsif fpt %}Public{% endif %} repositories for free
* Private and internal repositories in organizations using {% data variables.product.prodname_ghe_cloud %} with [{% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security) enabled{% ifversion ghec %}
* User namespace repositories belonging to {% data variables.product.prodname_emus %}{% endif %}

{% elsif ghes %}

* Organization-owned repositories with [{% data variables.product.prodname_GH_advanced_security %}](/get-started/learning-about-github/about-github-advanced-security) enabled

{% endif %}
4 changes: 3 additions & 1 deletion data/reusables/gated-features/push-protection-for-users.md
Original file line number Diff line number Diff line change
@@ -1 +1,3 @@
Push protection for users is on by default and can be disabled in your personal account settings.
Push protection for users is on by default on the following repository types:

* Public repositories
4 changes: 4 additions & 0 deletions data/reusables/permissions/delegated-bypass-list.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
* Organization owners
* Security managers
* Users in teams, default roles, or custom roles that have been added to the bypass list.{% ifversion push-protection-bypass-fine-grained-permissions %}
* Users who are assigned a custom role with the "review and manage {% data variables.product.prodname_secret_scanning %} bypass requests" fine-grained permission. {% endif %}
1 change: 1 addition & 0 deletions data/reusables/permissions/delegated-bypass.md
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Repository owners, organization owners, security managers, and users with the **admin** role
1 change: 1 addition & 0 deletions data/reusables/permissions/push-protection.md
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Repository owners, organization owners, security managers, and users with the **admin** role
Original file line number Diff line number Diff line change
@@ -1,6 +1 @@
Members {% ifversion push-protection-bypass-fine-grained-permissions %}with permission to review and manage bypass requests {% else %}of the bypass list{% endif %} are still protected from accidentally pushing secrets to a repository. If they attempt to push a commit containing a secret, their push is still blocked, but they can choose to bypass the block by specifying a reason for allowing the push. The following types of people can bypass push protection without requesting bypass privileges:

* Organization owners
* Security managers
* Users in teams, default roles, or custom roles that have been added to the bypass list.{% ifversion push-protection-bypass-fine-grained-permissions %}
* Users who are assigned (either directly or via a team) a custom role with the "review and manage secret scanning bypass requests" fine-grained permission.{% endif %}
Members {% ifversion push-protection-bypass-fine-grained-permissions %}with permission to review and manage bypass requests {% else %}of the bypass list{% endif %} are still protected from accidentally pushing secrets to a repository. If they attempt to push a commit containing a secret, their push is still blocked, but they can choose to bypass the block by specifying a reason for allowing the push.

0 comments on commit 00e1056

Please sign in to comment.