github
/
docs
зеркало из https://github.com/github/docs.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

[2023-05-08]: Secret scanning sends email when backfill scan completes - [GA] (#35538) 

Co-authored-by: Joe Clark <31087804+jc-clark@users.noreply.github.com>
This commit is contained in:
Sophie 2023-05-04 00:23:07 +02:00 коммит произвёл GitHub
Родитель 9648be9b4f
Коммит d5033bcd05
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
2 изменённых файлов: 10 добавлений и 2 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

5
content/code-security/secret-scanning/about-secret-scanning.md
Просмотреть файл

@ -72,8 +72,9 @@ You cannot change the configuration of {% data variables.product.prodname_secret
## About {% data variables.secret-scanning.user_alerts %}{% ifversion ghes or ghae %} on {% data variables.product.product_name %}{% endif %}
{% ifversion ghes or ghae %}
{% data variables.secret-scanning.user_alerts_caps %} is available on all organization-owned repositories as part of {% data variables.product.prodname_GH_advanced_security %}. The feature is not available on user-owned repositories.{% endif %}{% ifversion fpt or ghec %}{% data variables.secret-scanning.user_alerts_caps %} are available for free on all public repositories{% endif %}{% ifversion fpt %}.{% endif %}{%ifversion ghec %}, and for private and internal repositories that are owned by organizations using {% data variables.product.prodname_ghe_cloud %} with a license for {% data variables.product.prodname_GH_advanced_security %}.{% endif %} When you enable {% data variables.product.prodname_secret_scanning %} for a repository, {% data variables.product.prodname_dotcom %} scans the code for patterns that match secrets used by many service providers. {% ifversion secret-scanning-issue-body-comments %}{% data reusables.secret-scanning.scan-issue-description-and-comments %}{% endif %} When a supported secret is leaked, {% data variables.product.product_name %} generates a {% data variables.product.prodname_secret_scanning %} alert. {% ifversion secret-scanning-backfills %}{% data variables.product.prodname_dotcom %} will also periodically run a full git history scan of existing content in {% ifversion fpt %}public{% else %}{% data variables.product.prodname_GH_advanced_security %}{% endif %} repositories where {% data variables.product.prodname_secret_scanning %} is enabled, and send alert notifications following the {% data variables.product.prodname_secret_scanning %} alert notification settings. {% endif %}For more information, see "{% ifversion fpt or ghec %}[Supported secrets](/code-security/secret-scanning/secret-scanning-patterns#supported-secrets){% else %}[{% data variables.product.prodname_secret_scanning_caps %} patterns](/code-security/secret-scanning/secret-scanning-patterns){% endif %}."
{% ifversion ghes or ghae %}{% data variables.secret-scanning.user_alerts_caps %} is available on all organization-owned repositories as part of {% data variables.product.prodname_GH_advanced_security %}. The feature is not available on user-owned repositories.{% endif %}{% ifversion fpt or ghec %}{% data variables.secret-scanning.user_alerts_caps %} are available for free on all public repositories{% endif %}{% ifversion fpt %}.{% endif %}{%ifversion ghec %}, and for private and internal repositories that are owned by organizations using {% data variables.product.prodname_ghe_cloud %} with a license for {% data variables.product.prodname_GH_advanced_security %}.{% endif %} When you enable {% data variables.product.prodname_secret_scanning %} for a repository, {% data variables.product.prodname_dotcom %} scans the code for patterns that match secrets used by many service providers. {% ifversion secret-scanning-backfill-email %}When the scan is completed, {% data variables.product.prodname_dotcom %} sends an email alert to the enterprise and organization owners, even if no secrets were found.{% endif %}
{% ifversion secret-scanning-issue-body-comments %}{% data reusables.secret-scanning.scan-issue-description-and-comments %}{% endif %} When a supported secret is leaked, {% data variables.product.product_name %} generates a {% data variables.product.prodname_secret_scanning %} alert. {% ifversion secret-scanning-backfills %}{% data variables.product.prodname_dotcom %} will also periodically run a full git history scan of existing content in {% ifversion fpt %}public{% else %}{% data variables.product.prodname_GH_advanced_security %}{% endif %} repositories where {% data variables.product.prodname_secret_scanning %} is enabled, and send alert notifications following the {% data variables.product.prodname_secret_scanning %} alert notification settings. {% endif %}For more information, see "{% ifversion fpt or ghec %}[Supported secrets for user alerts](/code-security/secret-scanning/secret-scanning-patterns#supported-secrets-for-user-alerts){% else %}[{% data variables.product.prodname_secret_scanning_caps %} patterns](/code-security/secret-scanning/secret-scanning-patterns){% endif %}."
{% ifversion secret-scanning-issue-body-comments %}
{% note %}

7
data/features/secret-scanning-backfill-email.yml Normal file
Просмотреть файл

@ -0,0 +1,7 @@
# Reference: #9143.
# Documentation for secret scanning sends email when backfill scan completes
versions:
fpt: '*'
ghec: '*'
ghes: '>=3.10'
ghae: '>=3.10'