Add content for Dependabot delegated alert dismissal (#58850)
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
This commit is contained in:
Sam Browning
6
data/features/dependabot-delegated-alert-dismissal.yml
Normal file
6
data/features/dependabot-delegated-alert-dismissal.yml
Normal file
@@ -0,0 +1,6 @@
|
||||
# Reference: #20482
|
||||
# Delegated alert dismissal for Dependabot
|
||||
versions:
|
||||
fpt: '*'
|
||||
ghec: '*'
|
||||
ghes: '> 3.20'
|
||||
@@ -0,0 +1,4 @@
|
||||
1. In the "Requests" section of the sidebar, click any of the following options to review alert dismissal requests for the relevant feature:
|
||||
* {% octicon "key" aria-hidden="true" aria-label="key" %} **{% data variables.product.prodname_secret_scanning_caps %} alert dismissal**
|
||||
* {% octicon "codescan" aria-hidden="true" aria-label="codescan" %} **{% data variables.product.prodname_code_scanning_caps %} alert dismissal**{% ifversion dependabot-delegated-alert-dismissal %}
|
||||
* {% octicon "dependabot" aria-hidden="true" aria-label="dependabot" %} **{% data variables.product.prodname_dependabot %} alert dismissal**{% endif %}
|
||||
@@ -0,0 +1,5 @@
|
||||
1. Click the request you want to review.
|
||||
1. Read the contents of the alert, as well as the requester's reasoning for the dismissal request.
|
||||
1. Next to the dismissal request in the alert timeline, click **Review request**.
|
||||
1. Provide any comments for the requester in the text box, then select either **Deny request** or **Approve request**.
|
||||
1. Click **Submit review**.
|
||||
@@ -1,23 +1,13 @@
|
||||
Delegated alert dismissal lets you restrict which users can directly dismiss an alert. When the feature is enabled, users attempting to dismiss an alert will instead create a request for dismissal.
|
||||
Delegated alert dismissal lets you restrict which users can directly dismiss an alert. When the feature is enabled:
|
||||
* Users with write access to a repository must request to dismiss alerts in that repository.
|
||||
* Organization owners and security managers can approve or deny dismissal requests, as well as dismiss alerts directly themselves.
|
||||
|
||||
Enabling the feature automatically assigns organization owners and security managers with the permission to approve or deny dismissal requests for alerts. This permission is:
|
||||
You can also use custom roles with the following permissions to let other team members manage requests and dismiss alerts directly:
|
||||
|
||||
* "Review and manage {% data variables.product.prodname_code_scanning %} alert dismissal requests" permission for {% data variables.product.prodname_code_scanning %}.
|
||||
* For {% data variables.product.prodname_code_scanning %}: "Review {% data variables.product.prodname_code_scanning %} alert dismissal requests" and "Bypass {% data variables.product.prodname_code_scanning %} alert dismissal requests"
|
||||
* For {% data variables.product.prodname_secret_scanning %}: "Review and manage {% data variables.product.prodname_secret_scanning %} alert dismissal requests"
|
||||
* For {% data variables.product.prodname_dependabot %}: "Review {% data variables.product.prodname_dependabot %} alert dismissal requests" and "Bypass {% data variables.product.prodname_dependabot %} alert dismissal requests"
|
||||
|
||||
* "Review and manage {% data variables.product.prodname_secret_scanning %} alert dismissal requests" permission for {% data variables.product.prodname_secret_scanning %}. This permission can also be applied to custom roles. Individuals in these custom roles must also have the following permissions, which grant access to alerts in all repositories:
|
||||
Reviewers are notified of dismissal requests via email, and can either approve the request to dismiss the alert, or deny the request to leave the alert open. After a request is reviewed, the requester is notified of the outcome via email.
|
||||
|
||||
* "View {% data variables.product.prodname_secret_scanning %} alerts"
|
||||
* "Dismiss or reopen {% data variables.product.prodname_secret_scanning %} alerts"
|
||||
|
||||
For more information about these permissions, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#permissions-for-organization-roles).
|
||||
|
||||
To learn more about the security manager role, see [AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization).
|
||||
|
||||
>[!NOTE] The implementation of this approval process can potentially cause some friction, so it's important to ensure that the team of security managers has adequate coverage before proceeding.
|
||||
|
||||
Reviewers (security managers and organization owners):
|
||||
|
||||
* Get an email notification for requests. These users need to ensure that they can review these lists periodically, so that there is no backlog and that the process is smooth.
|
||||
* Can process requests in a dedicated view in the "Security" tab of the organization. An alert will only be dismissed if the dismissal request is approved; otherwise, the alert will remain open.
|
||||
|
||||
Requesters will get an email notification with the decision as to whether the alert can be dismissed or not.
|
||||
>[!NOTE] The implementation of this approval process can potentially cause some friction, so it's important to ensure that the team of security managers has adequate coverage to review dismissal requests regularly before proceeding.
|
||||
|
||||
Reference in New Issue
Block a user