GHES 3.15 minor updates for security features: versioning and enterprise CodeQL PR alerts view (#52905)

Co-authored-by: Sophie <29382425+sophietheking@users.noreply.github.com>
Co-authored-by: Pallavi <96553709+pallsama@users.noreply.github.com>
Co-authored-by: Isaac Brown <101839405+isaacmbrown@users.noreply.github.com>
Co-authored-by: isaacmbrown <isaacmbrown@github.com>
Co-authored-by: mchammer01 <42146119+mchammer01@users.noreply.github.com>
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
Co-authored-by: Jules <19994093+jules-p@users.noreply.github.com>
Co-authored-by: Rachael Rose Renk <91027132+rachaelrenk@users.noreply.github.com>
Co-authored-by: docs-bot <77750099+docs-bot@users.noreply.github.com>
Co-authored-by: Hector Alfaro <hectorsector@github.com>
Co-authored-by: Kevin Heis <heiskr@users.noreply.github.com>
This commit is contained in:
Felicity Chapman 2024-11-12 21:09:28 +00:00 коммит произвёл GitHub
Родитель 26372cfc77
Коммит 970b66a956
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: B5690EEEBB952194
4 изменённых файлов: 37 добавлений и 8 удалений

Просмотреть файл

@ -2,7 +2,7 @@
title: Viewing metrics for pull request alerts title: Viewing metrics for pull request alerts
shortTitle: View PR alert metrics shortTitle: View PR alert metrics
allowTitleToDifferFromFilename: true allowTitleToDifferFromFilename: true
intro: 'You can use security overview to see how {% data variables.product.prodname_codeql %} is performing in pull requests for repositories across your organization, and to identify repositories where you may need to take action.' intro: 'You can use security overview to see how {% data variables.product.prodname_codeql %} is performing in pull requests for repositories across your organizations, and to identify repositories where you may need to take action.'
permissions: '{% data reusables.permissions.security-overview %}' permissions: '{% data reusables.permissions.security-overview %}'
type: how_to type: how_to
topics: topics:
@ -16,26 +16,36 @@ versions:
feature: security-overview-org-codeql-pr-alerts feature: security-overview-org-codeql-pr-alerts
--- ---
## About {% data variables.product.prodname_codeql %} pull request alerts metrics for an organization ## About {% data variables.product.prodname_codeql %} pull request alerts metrics
The metrics overview for {% data variables.product.prodname_codeql %} pull request alerts helps you to understand how well {% data variables.product.prodname_codeql %} is preventing vulnerabilities in your organization. You can use the metrics to assess how {% data variables.product.prodname_codeql %} is performing in pull requests, and to easily identify the repositories where you may need to take action in order to identify and reduce security risks. The metrics overview for {% data variables.product.prodname_codeql %} pull request alerts helps you to understand how well {% data variables.product.prodname_codeql %} is preventing vulnerabilities in your organizations. You can use the metrics to assess how {% data variables.product.prodname_codeql %} is performing in pull requests, and to easily identify the repositories where you may need to take action in order to identify and reduce security risks.
The overview shows you a summary of how many vulnerabilities prevented by {% data variables.product.prodname_codeql %} have been caught in pull requests. The metrics are only tracked for pull requests that have been merged into the default branches of repositories in your organization. The overview shows you a summary of how many vulnerabilities prevented by {% data variables.product.prodname_codeql %} have been caught in pull requests. The metrics are only tracked for pull requests that have been merged into the default branches of repositories in your organizations.
You can also find more granular metrics, such as how many alerts were fixed with and without {% data variables.product.prodname_copilot_autofix_short %} suggestions, how many were unresolved and merged, and how many were dismissed as false positive or as risk accepted. You can also find more granular metrics, such as how many alerts were fixed{% ifversion code-scanning-autofix %} with and without {% data variables.product.prodname_copilot_autofix_short %} suggestions{% endif %}, how many were unresolved and merged, and how many were dismissed as false positive or as risk accepted.
You can also view: You can also view:
* The rules that are causing the most alerts in your organization, and how many alerts each rule is associated with. * The rules that are causing the most alerts, and how many alerts each rule is associated with.
* The number of alerts that were merged into the default branch without resolution, and the number of alerts dismissed as an acceptable risk.
{% ifversion code-scanning-autofix %}
* The number of alerts that were fixed with an accepted {% data variables.product.prodname_copilot_autofix_short %} suggestion, displayed as a fraction of how many total {% data variables.product.prodname_copilot_autofix_short %} suggestions were available. * The number of alerts that were fixed with an accepted {% data variables.product.prodname_copilot_autofix_short %} suggestion, displayed as a fraction of how many total {% data variables.product.prodname_copilot_autofix_short %} suggestions were available.
* Remediation rates, in a graph showing the percentage of alerts that were remediated with an available {% data variables.product.prodname_copilot_autofix_short %} suggestion, and the percentage of alerts that were remediated without a {% data variables.product.prodname_copilot_autofix_short %} suggestion. * Remediation rates, in a graph showing the percentage of alerts that were remediated with an available {% data variables.product.prodname_copilot_autofix_short %} suggestion, and the percentage of alerts that were remediated without a {% data variables.product.prodname_copilot_autofix_short %} suggestion.
{% endif %}
You can apply filters to the data. The metrics are based on activity from the default period or your selected period. You can apply filters to the data. The metrics are based on activity from the default period or your selected period.
![Screenshot of the "CodeQL pull request alerts" view for an organization, showing status and trends over 90 days.](/assets/images/help/security-overview/security-overview-codeql-pull-requests-alerts-report.png) ![Screenshot of the "CodeQL pull request alerts" view for an organization, showing status and trends over 90 days.](/assets/images/help/security-overview/security-overview-codeql-pull-requests-alerts-report.png)
{% ifversion code-scanning-autofix %}
> [!NOTE] Metrics for {% data variables.product.prodname_copilot_autofix_short %} will be shown only for repositories where {% data variables.product.prodname_copilot_autofix_short %} is enabled.
{% else %}
> [!NOTE] Metrics for {% data variables.product.prodname_copilot_autofix_short %} are omitted because {% data variables.product.prodname_copilot_autofix_short %} is available only on {% data variables.product.github %} cloud platforms.
{% endif %}
## Viewing {% data variables.product.prodname_codeql %} pull request alerts metrics for an organization ## Viewing {% data variables.product.prodname_codeql %} pull request alerts metrics for an organization
{% data reusables.organizations.navigate-to-org %} {% data reusables.organizations.navigate-to-org %}
@ -49,3 +59,17 @@ You can apply filters to the data. The metrics are based on activity from the de
* To search for repositories matching the selected filter, fill out the available fields for that filter, then click **Apply**. You can repeat this process to add as many filters as you would like to your search. * To search for repositories matching the selected filter, fill out the available fields for that filter, then click **Apply**. You can repeat this process to add as many filters as you would like to your search.
* Optionally, to remove a filter from your search, click {% octicon "filter" aria-hidden="true" %} **Filter**. In the row of the filter you want to remove, click {% octicon "x" aria-label="Delete FILTER-NUMBER: FILTER-PROPERTIES" %}, then click **Apply**.{% ifversion security-overview-export-data %} * Optionally, to remove a filter from your search, click {% octicon "filter" aria-hidden="true" %} **Filter**. In the row of the filter you want to remove, click {% octicon "x" aria-label="Delete FILTER-NUMBER: FILTER-PROPERTIES" %}, then click **Apply**.{% ifversion security-overview-export-data %}
1. You can use the {% octicon "download" aria-hidden="true" %} **Export CSV** button to download a CSV file of the data currently displayed on the page for security research and in-depth data analysis. For more information, see "[AUTOTITLE](/code-security/security-overview/exporting-data-from-security-overview)." {% endif %} 1. You can use the {% octicon "download" aria-hidden="true" %} **Export CSV** button to download a CSV file of the data currently displayed on the page for security research and in-depth data analysis. For more information, see "[AUTOTITLE](/code-security/security-overview/exporting-data-from-security-overview)." {% endif %}
{% ifversion security-overview-enterprise-codeql-pr-alerts %}
## Viewing {% data variables.product.prodname_codeql %} pull request alerts metrics for your enterprise
You can also view metrics for {% data variables.product.prodname_codeql %} alerts in pull requests across organizations in your enterprise.
{% data reusables.security-overview.enterprise-filters-tip %}
{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}
{% data reusables.code-scanning.click-code-security-enterprise %}
1. In the sidebar, under "Metrics", click **{% octicon "graph" aria-hidden="true" %} {% data variables.product.prodname_codeql %} pull request alerts**.
{% endif %}

Просмотреть файл

@ -2,4 +2,4 @@
versions: versions:
fpt: '*' fpt: '*'
ghec: '*' ghec: '*'
ghes: '>= 3.14' ghes: '>= 3.15'

Просмотреть файл

@ -0,0 +1,5 @@
# Reference: #14348
# Documentation for enterprise-level CodeQL PR alerts report
versions:
ghes: '> 3.14'
ghec: '*'

Просмотреть файл

@ -1,4 +1,4 @@
# Reference: #4347 # Reference: #14347
# Documentation for org-level CodeQL PR alerts report # Documentation for org-level CodeQL PR alerts report
versions: versions:
ghes: '> 3.14' ghes: '> 3.14'