GHAS unbundling changes to main part 1 (#54527)
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Isaac Brown <101839405+isaacmbrown@users.noreply.github.com> Co-authored-by: mchammer01 <42146119+mchammer01@users.noreply.github.com>
This commit is contained in:
Felicity Chapman
@@ -46,7 +46,7 @@ We hosted developer documentation for {% data variables.product.prodname_ghe_ser
|
||||
|
||||
## Recommended {% data variables.product.prodname_codeql_cli %} versions for code scanning
|
||||
|
||||
For instances with a {% data variables.product.prodname_GH_advanced_security %} license and {% data variables.product.prodname_code_scanning %} enabled, the {% data variables.product.prodname_codeql %} action for {% data variables.product.prodname_code_scanning %} analysis uses a minimum recommended version of the {% data variables.product.prodname_codeql_cli %} by default.
|
||||
For instances with a {% data variables.product.prodname_GHAS_or_code_security %} license and {% data variables.product.prodname_code_scanning %} enabled, the {% data variables.product.prodname_codeql %} action for {% data variables.product.prodname_code_scanning %} analysis uses a minimum recommended version of the {% data variables.product.prodname_codeql_cli %} by default.
|
||||
|
||||
If you run analysis in an external CI system, we recommend using the same version of the {% data variables.product.prodname_codeql_cli %}. See [AUTOTITLE](/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance).
|
||||
|
||||
|
||||
@@ -74,7 +74,7 @@ Additional data is transmitted if you enable individual features of {% data vari
|
||||
|
||||
| Feature | Data | Which way does the data flow? | Where is the data used? |
|
||||
| ------- | ---- | --------- | ------ |
|
||||
| Automatic user license sync | Each {% data variables.product.prodname_ghe_server %} user's user ID and email addresses{% ifversion ghas-in-license-sync %}, and whether the user consumes a license for {% data variables.product.prodname_GH_advanced_security %}{% endif %} | From {% data variables.product.prodname_ghe_server %} to {% data variables.product.prodname_ghe_cloud %} | {% data variables.product.prodname_ghe_cloud %} |
|
||||
| Automatic user license sync | Each {% data variables.product.prodname_ghe_server %} user's user ID and email addresses{% ifversion ghas-in-license-sync %}, and whether the user consumes a license for {% data variables.product.prodname_GHAS %}{% ifversion ghas-products %}, {% data variables.product.prodname_GH_code_security %}, or {% data variables.product.prodname_GH_secret_protection %}{% endif %}.{% endif %} | From {% data variables.product.prodname_ghe_server %} to {% data variables.product.prodname_ghe_cloud %} | {% data variables.product.prodname_ghe_cloud %} |
|
||||
| {% data variables.product.prodname_dependabot_alerts %} | Vulnerability alerts | From {% data variables.product.prodname_dotcom_the_website %} to {% data variables.product.prodname_ghe_server %} | {% data variables.product.prodname_ghe_server %} |
|
||||
| {% data variables.product.prodname_dependabot_updates %} | Dependencies and the metadata for each dependency's repository<br><br>If a dependency is stored in a private repository on {% data variables.product.prodname_dotcom_the_website %}, data will only be transmitted if {% data variables.product.prodname_dependabot %} is configured and authorized to access that repository. | From {% data variables.product.prodname_dotcom_the_website %} to {% data variables.product.prodname_ghe_server %} | {% data variables.product.prodname_ghe_server %} |
|
||||
| {% data variables.product.prodname_dotcom_the_website %} actions | Name of action, action (YAML file from {% data variables.product.prodname_marketplace %}) | From {% data variables.product.prodname_dotcom_the_website %} to {% data variables.product.prodname_ghe_server %}<br><br>From {% data variables.product.prodname_ghe_server %} to {% data variables.product.prodname_dotcom_the_website %} | {% data variables.product.prodname_ghe_server %} |
|
||||
|
||||
@@ -47,7 +47,7 @@ To pay for user licenses and services, you can:
|
||||
|
||||
You will be on our latest billing platform, which allows you to estimate spending, create cost centers to manage expenses, and pay flexibly for the services you use.
|
||||
|
||||
You can also sign up for usage-based billing for {% data variables.product.prodname_enterprise %} and {% data variables.product.prodname_GH_advanced_security %} licenses, meaning you won't need to purchase a pre-defined number of licenses in advance.
|
||||
You can also sign up for usage-based billing for {% data variables.product.prodname_enterprise %} and {% data variables.product.prodname_GHAS %}{% ifversion ghas-products-cloud %} products{% endif %}, meaning you won't need to purchase a pre-defined number of licenses in advance.
|
||||
|
||||
## Developer experience
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Enforcing policies for code security and analysis for your enterprise
|
||||
intro: 'You can enforce policies to manage the use of code security and analysis features within your enterprise''s organizations.'
|
||||
permissions: 'Enterprise owners can enforce code security and analysis policies for {% data variables.product.prodname_GH_advanced_security %} in an enterprise.'
|
||||
permissions: 'Enterprise owners can define and enforce policies to control use of code security and analysis features in an enterprise.'
|
||||
product: '{% data reusables.gated-features.ghas %}'
|
||||
versions:
|
||||
ghec: '*'
|
||||
@@ -33,7 +33,7 @@ shortTitle: Code security & analysis
|
||||
|
||||
You can enforce policies to manage the use of code security and analysis features within organizations owned by your enterprise. You can allow or disallow people with admin access to a repository to enable or disable the security and analysis features.
|
||||
|
||||
Additionally, you can enforce policies for the use of {% data variables.product.prodname_GH_advanced_security %} in your enterprise's organizations and repositories.
|
||||
Additionally, you can enforce policies for the use of {% data variables.product.prodname_GHAS %}{% ifversion ghas-products %} products{% endif %} in your enterprise's organizations and repositories.
|
||||
|
||||
{% ifversion ghec %}
|
||||
|
||||
|
||||
@@ -38,7 +38,7 @@ You can configure {% data variables.product.prodname_code_scanning %} to run {%
|
||||
|
||||
## Prerequisites for {% data variables.product.prodname_code_scanning %}
|
||||
|
||||
* A license for {% data variables.product.prodname_GH_advanced_security %}{% ifversion ghes %} (see [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security)){% endif %}
|
||||
* A license for {% ifversion ghas-products %}{% data variables.product.prodname_GH_code_security %} or {% endif %}{% data variables.product.prodname_GHAS %}, (see [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security))
|
||||
|
||||
* {% data variables.product.prodname_code_scanning_caps %} enabled in the management console (see [AUTOTITLE](/admin/code-security/managing-github-advanced-security-for-your-enterprise/enabling-github-advanced-security-for-your-enterprise))
|
||||
|
||||
|
||||
@@ -27,7 +27,7 @@ Some additional features, such as license checks, blocking of pull requests, and
|
||||
|
||||
## Prerequisites for dependency review
|
||||
|
||||
* A license for {% data variables.product.prodname_GH_advanced_security %} (see [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security)).
|
||||
* A license for {% ifversion ghas-products %}{% data variables.product.prodname_GH_code_security %} or {% endif %}{% data variables.product.prodname_GHAS %} (see [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security)).
|
||||
|
||||
* The dependency graph enabled for the instance. Site administrators can enable the dependency graph via the management console or the administrative shell (see [AUTOTITLE](/admin/code-security/managing-supply-chain-security-for-your-enterprise/enabling-the-dependency-graph-for-your-enterprise)).
|
||||
|
||||
@@ -43,7 +43,7 @@ For more information, see [AUTOTITLE](/admin/code-security/managing-supply-chain
|
||||
|
||||
{% data reusables.dependency-review.dependency-review-action-beta-note %}
|
||||
|
||||
The dependency review action is included in your installation of {% data variables.product.prodname_ghe_server %}. It is available for all repositories that have {% data variables.product.prodname_GH_advanced_security %} and dependency graph enabled.
|
||||
The dependency review action is included in your installation of {% data variables.product.prodname_ghe_server %}. It is available for all repositories that have {% ifversion ghas-products %}{% data variables.product.prodname_GH_code_security %} or {% endif %}{% data variables.product.prodname_GHAS %} and dependency graph enabled.
|
||||
|
||||
{% data reusables.dependency-review.dependency-review-action-overview %}
|
||||
|
||||
|
||||
@@ -29,7 +29,7 @@ If someone checks a secret with a known pattern into a repository, {% data varia
|
||||
|
||||
* The SSSE3 (Supplemental Streaming SIMD Extensions 3) CPU flag needs to be enabled on the VM/KVM that runs {% data variables.product.prodname_ghe_server %}. For more information about SSSE3, see [Intel 64 and IA-32 Architectures Optimization Reference Manual](https://cdrdv2-public.intel.com/671488/248966-Software-Optimization-Manual-R047.pdf) in the Intel documentation.
|
||||
|
||||
* A license for {% data variables.product.prodname_GH_advanced_security %} (see [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security))
|
||||
* A license for {% ifversion ghas-products %}{% data variables.product.prodname_GH_secret_protection %} or {% endif %}{% data variables.product.prodname_GHAS %} (see [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security))
|
||||
|
||||
* {% data variables.product.prodname_secret_scanning_caps %} enabled in the management console (see [AUTOTITLE](/admin/code-security/managing-github-advanced-security-for-your-enterprise/enabling-github-advanced-security-for-your-enterprise))
|
||||
|
||||
|
||||
@@ -1,8 +1,9 @@
|
||||
---
|
||||
title: Enabling GitHub Advanced Security for your enterprise
|
||||
shortTitle: Enabling GitHub Advanced Security
|
||||
intro: 'You can configure {% data variables.product.prodname_ghe_server %} to include {% data variables.product.prodname_GH_advanced_security %}. This provides extra features that help users find and fix security problems in their code.'
|
||||
title: Enabling {% data variables.product.prodname_GHAS %} {% ifversion ghas-products %}products {% endif %}for your enterprise
|
||||
shortTitle: Enabling {% data variables.product.prodname_GHAS %}
|
||||
intro: 'You can configure {% data variables.product.prodname_ghe_server %} to include {% data variables.product.prodname_GHAS %}{% ifversion ghas-products %} products{% endif %}. This provides extra features that help users find and fix security problems in their code.'
|
||||
product: '{% data reusables.gated-features.ghas %}'
|
||||
allowTitleToDifferFromFilename: true
|
||||
redirect_from:
|
||||
- /admin/advanced-security/enabling-github-advanced-security-for-your-enterprise
|
||||
- /admin/code-security/managing-github-advanced-security-for-your-enterprise/enabling-github-advanced-security-for-your-enterprise
|
||||
@@ -17,15 +18,15 @@ topics:
|
||||
- Security
|
||||
---
|
||||
|
||||
## About enabling {% data variables.product.prodname_GH_advanced_security %}
|
||||
## About enabling {% data variables.product.prodname_GHAS %}{% ifversion ghas-products %} products{% endif %}
|
||||
|
||||
{% data reusables.advanced-security.ghas-helps-developers %}
|
||||
|
||||
When you enable {% data variables.product.prodname_GH_advanced_security %} for your enterprise, repository administrators in all organizations can enable the features unless you set up a policy to restrict access. See [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise).
|
||||
When you enable {% data variables.product.prodname_GHAS %} for your enterprise, repository administrators in all organizations can enable the features unless you set up a policy to restrict access. See [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise).
|
||||
|
||||
{% data reusables.secret-scanning.secret-scanning-enterprise-level-api %}
|
||||
|
||||
For guidance on a phased deployment of GitHub Advanced Security, see [AUTOTITLE](/code-security/adopting-github-advanced-security-at-scale/introduction-to-adopting-github-advanced-security-at-scale).
|
||||
For guidance on a phased deployment of {% data variables.product.prodname_GHAS %}, see [AUTOTITLE](/code-security/adopting-github-advanced-security-at-scale/introduction-to-adopting-github-advanced-security-at-scale).
|
||||
|
||||
## Checking whether your license includes {% data variables.product.prodname_GH_advanced_security %}
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
title: '{% ifversion ghes %}Setting up GitHub Advanced Security features on your appliance{% else %}Configuring infrastructure for GitHub Advanced Security features{% endif %}'
|
||||
shortTitle: '{% ifversion ghes %}Set up{% else %}Configure{% endif %} GitHub Advanced Security'
|
||||
intro: 'You can {% ifversion ghes %}set up{% else %}configure{% endif %} {% data variables.product.prodname_advanced_security %} to suit your enterprise''s needs.'
|
||||
title: '{% ifversion ghes %}Setting up {% data variables.product.prodname_GHAS %} features on your appliance{% else %}Configuring infrastructure for {% data variables.product.prodname_GHAS %} features{% endif %}'
|
||||
shortTitle: '{% ifversion ghes %}Set up{% else %}Configure{% endif %} {% data variables.product.prodname_GHAS %}'
|
||||
intro: 'You can {% ifversion ghes %}set up{% else %}configure{% endif %} {% data variables.product.prodname_AS %}{% ifversion ghas-products %} products{% endif %} to suit your enterprise''s needs.'
|
||||
allowTitleToDifferFromFilename: true
|
||||
product: '{% data reusables.gated-features.ghas %}'
|
||||
redirect_from:
|
||||
|
||||
@@ -1,7 +1,8 @@
|
||||
---
|
||||
title: Managing GitHub Advanced Security features for your enterprise
|
||||
title: Managing {% data variables.product.prodname_GH_advanced_security %} features for your enterprise
|
||||
intro: 'You can control {% data variables.product.prodname_GH_advanced_security %} features that secure and analyze code across all organizations owned by your enterprise.'
|
||||
permissions: 'Enterprise owners can manage {% data variables.product.prodname_advanced_security %} features for organizations in an enterprise.'
|
||||
allowTitleToDifferFromFilename: true
|
||||
versions:
|
||||
ghes: '<= 3.15'
|
||||
type: how_to
|
||||
@@ -11,7 +12,7 @@ topics:
|
||||
- Dependency graph
|
||||
- Secret scanning
|
||||
- Repositories
|
||||
shortTitle: Manage GitHub Advanced Security
|
||||
shortTitle: Manage {% data variables.product.prodname_GH_advanced_security %}
|
||||
redirect_from:
|
||||
- /admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise
|
||||
---
|
||||
|
||||
@@ -21,7 +21,7 @@ topics:
|
||||
|
||||
When creating a security configuration, keep in mind that:
|
||||
* Only features installed by a site administrator on your {% data variables.product.prodname_ghe_server %} instance will appear in the UI.
|
||||
* {% data variables.product.prodname_GH_advanced_security %} features will only be visible if your enterprise or {% data variables.product.prodname_ghe_server %} instance holds a {% data variables.product.prodname_GH_advanced_security %} license.
|
||||
* {% data variables.product.prodname_AS %} features will only be visible if your enterprise or {% data variables.product.prodname_ghe_server %} instance holds a {% data variables.product.prodname_GHAS %}{% ifversion ghas-products %}, {% data variables.product.prodname_GH_code_security %}, or {% data variables.product.prodname_GH_secret_protection %}{% endif %} license.
|
||||
* Certain features, like {% data variables.product.prodname_dependabot_security_updates %} and {% data variables.product.prodname_code_scanning %} default setup, also require that {% data variables.product.prodname_actions %} is installed on the {% data variables.product.prodname_ghe_server %} instance.
|
||||
|
||||
{% endif %}
|
||||
|
||||
@@ -18,7 +18,7 @@ There are some additional {% data variables.product.prodname_secret_scanning %}
|
||||
* [Configuring a resource link for push protection](/admin/managing-code-security/securing-your-enterprise/configuring-additional-secret-scanning-settings-for-your-enterprise#configuring-a-resource-link-for-push-protection){% ifversion secret-scanning-ai-generic-secret-detection %}
|
||||
* [Configuring AI detection to find additional secrets](/admin/managing-code-security/securing-your-enterprise/configuring-additional-secret-scanning-settings-for-your-enterprise#configuring-ai-detection-to-find-additional-secrets){% endif %}
|
||||
|
||||
These additional settings only apply to repositories with both {% data variables.product.prodname_GH_advanced_security %} and {% data variables.product.prodname_secret_scanning %} enabled.
|
||||
These additional settings only apply to repositories with {% data variables.product.prodname_secret_scanning %} enabled and {% data variables.product.prodname_GHAS %}{% ifversion ghas-products %} or {% data variables.product.prodname_GH_secret_protection %}{% endif %}.
|
||||
|
||||
## Accessing the additional settings for {% data variables.product.prodname_secret_scanning %}
|
||||
|
||||
|
||||
@@ -25,7 +25,7 @@ With {% data variables.product.prodname_custom_security_configurations %}, you c
|
||||
|
||||
When creating a security configuration, keep in mind that:
|
||||
* Only features installed by a site administrator on your {% data variables.product.prodname_ghe_server %} instance will appear in the UI.
|
||||
* {% data variables.product.prodname_GH_advanced_security %} features will only be visible if your enterprise or {% data variables.product.prodname_ghe_server %} instance holds a {% data variables.product.prodname_GH_advanced_security %} license.
|
||||
* {% data variables.product.prodname_GHAS %} features will only be visible if your enterprise or {% data variables.product.prodname_ghe_server %} instance holds a {% data variables.product.prodname_GHAS %}{% ifversion ghas-products %}, {% data variables.product.prodname_GH_code_security %}, or {% data variables.product.prodname_GH_secret_protection %}{% endif %} license.
|
||||
* Certain features, like {% data variables.product.prodname_dependabot_security_updates %} and {% data variables.product.prodname_code_scanning %} default setup, also require that {% data variables.product.prodname_actions %} is installed on the {% data variables.product.prodname_ghe_server %} instance.
|
||||
|
||||
{% endif %}
|
||||
@@ -51,7 +51,7 @@ When creating a security configuration, keep in mind that:
|
||||
* Security updates. To learn about security updates, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates).
|
||||
|
||||
> [!NOTE]
|
||||
> You cannot manually change the enablement settings for vulnerable function calls. If {% data variables.product.prodname_GH_advanced_security %} features and {% data variables.product.prodname_dependabot_alerts %} are enabled, vulnerable function calls is also enabled. Otherwise, it is disabled.
|
||||
> You cannot manually change the enablement settings for vulnerable function calls. If {% data variables.product.prodname_GHAS %}{% ifversion ghas-products %} or {% data variables.product.prodname_GH_code_security %}{% endif %} features and {% data variables.product.prodname_dependabot_alerts %} are enabled, vulnerable function calls is also enabled. Otherwise, it is disabled.
|
||||
|
||||
1. In the "{% data variables.product.prodname_code_scanning_caps %}" section of the security settings table, choose whether you want to enable, disable, or keep the existing settings for {% data variables.product.prodname_code_scanning %} default setup. To learn about default setup, see [AUTOTITLE](/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning#about-default-setup).
|
||||
1. In the "{% data variables.product.prodname_secret_scanning_caps %}" section of the security settings table, choose whether you want to enable, disable, or keep the existing settings for the following security features:
|
||||
|
||||
@@ -41,7 +41,7 @@ Administrators for the enterprise account can:
|
||||
* Configure security, such as single sign-on, IP allow lists, SSH certificate authorities, and two-factor authentication
|
||||
* Stream audit and Git events data
|
||||
* Use internal repositories
|
||||
* Access features like {% data variables.product.prodname_copilot_enterprise %} and {% data variables.product.prodname_advanced_security %}
|
||||
* Access features like {% data variables.product.prodname_copilot_enterprise %} and {% data variables.product.prodname_AS %}{% ifversion ghas-products %} products{% endif %}
|
||||
* Enforce policies. See [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/about-enterprise-policies).
|
||||
|
||||
{% ifversion ghec %}
|
||||
|
||||
@@ -27,8 +27,10 @@ Most features are released on {% data variables.product.prodname_dotcom_the_webs
|
||||
|
||||
You can also configure optional features on {% data variables.product.prodname_ghe_server %} to improve the software development lifecycle for your enterprise.
|
||||
|
||||
* **{% data variables.product.prodname_actions %}:** Automate CI/CD and development workflows
|
||||
* **{% data variables.product.prodname_GH_advanced_security %}:** Scan code for secrets and vulnerabilities
|
||||
* **{% data variables.product.prodname_actions %}:** Automate CI/CD and development workflows{% ifversion ghas-products %}
|
||||
* **{% data variables.product.prodname_GH_code_security %}:** Automate detection and remediation of vulnerabilities in code and dependencies
|
||||
* **{% data variables.product.prodname_GH_secret_protection %}:** Block users from leaking secrets and identify and remediate historic leaks{% else %}
|
||||
* **{% data variables.product.prodname_GHAS %}:** Scan code for secrets and vulnerabilities{% endif %}
|
||||
* **{% data variables.product.prodname_github_connect %}:** Benefit from data and features on {% data variables.product.prodname_dotcom_the_website %}
|
||||
* **{% data variables.product.prodname_registry %}:** Host software packages for your enterprise
|
||||
|
||||
|
||||
@@ -50,7 +50,10 @@ Your business can:
|
||||
|
||||
Your business can:
|
||||
|
||||
* Be alerted to leaked secrets or vulnerable code patterns using {% data variables.product.prodname_GH_advanced_security %} tools
|
||||
{% ifversion ghas-products %}
|
||||
* Automate detection and remediation of vulnerabilities in code and dependencies using {% data variables.product.prodname_GH_code_security %}
|
||||
* Block users from leaking secrets and identify and remediate historic leaks using {% data variables.product.prodname_GH_secret_protection %}{% else %}
|
||||
* Be alerted to leaked secrets or vulnerable code patterns using {% data variables.product.prodname_GHAS %} tools{% endif %}
|
||||
* Keep software dependencies up to date with {% data variables.product.prodname_dependabot %}
|
||||
* Monitor the security landscape across your repositories with security overview
|
||||
|
||||
@@ -61,7 +64,7 @@ Your business can:
|
||||
* Additional features such as SAML authentication and internal repositories. For a detailed list, see {% data variables.product.pricing_link %}.
|
||||
* Extra allowances for usage-based products such as {% data variables.product.prodname_actions %}.
|
||||
* An enterprise account, which provides a single place to manage billing and settings, enforce policies, and audit the people with access to your enterprise.
|
||||
* The option to add {% data variables.product.prodname_GH_advanced_security %}, {% data variables.contact.premium_support %}, and {% data variables.product.prodname_copilot_enterprise %}.
|
||||
* The option to add {% ifversion ghas-products %}<!-- Enterprise is no longer a pre-requisite with the GHAS products release -->{% else %}{% data variables.product.prodname_GHAS %}, {% endif %}{% data variables.contact.premium_support %}, and {% data variables.product.prodname_copilot_enterprise %}.
|
||||
|
||||
When businesses adopt {% data variables.product.prodname_enterprise %}, their return on investment (ROI) is high. For example, their developers **save 45 minutes per day**, and onboarding and **training time is reduced by 40%**. See [The Total Economic Impact of {% data variables.product.prodname_enterprise %}](https://resources.github.com/forrester/).
|
||||
|
||||
|
||||
@@ -34,7 +34,7 @@ The trial lasts for **{% data reusables.enterprise.ghec-trial-length %} days** a
|
||||
|
||||
* Access to **most** {% data variables.product.prodname_ghe_cloud %} features.{% ifversion metered-ghe-ghas %}
|
||||
* {% data variables.product.prodname_copilot_for_business %}
|
||||
* {% data variables.product.prodname_GH_advanced_security %}
|
||||
* {% data variables.product.prodname_GHAS %}{% ifversion ghas-products %} products{% endif %}
|
||||
* Access to the **new billing platform**.{% ifversion enhanced-billing-platform %} See [AUTOTITLE](/billing/using-the-new-billing-platform/about-the-new-billing-platform-for-enterprises).{% endif %}{% endif %}
|
||||
* An **enterprise account**, which allows you to manage multiple organizations. See [AUTOTITLE](/enterprise-cloud@latest/get-started/learning-about-github/types-of-github-accounts).
|
||||
* Up to **50 licenses** to grant access to users.
|
||||
@@ -77,9 +77,9 @@ You can end your trial at any time by purchasing {% data variables.product.prodn
|
||||
If you **purchase {% data variables.product.prodname_enterprise %}**:
|
||||
|
||||
{% ifversion metered-ghe-ghas %}
|
||||
* You can use usage-based billing for {% data variables.product.prodname_ghe_cloud %} and {% data variables.product.prodname_GH_advanced_security %}, which means you pay monthly for the number of licenses you use. You will not need to buy a predefined number of licenses in advance. See, [AUTOTITLE](/billing/using-the-new-billing-platform/about-usage-based-billing-for-licenses).
|
||||
* You can use usage-based billing for {% data variables.product.prodname_ghe_cloud %} and {% data variables.product.prodname_GHAS %}{% ifversion ghas-products %} products{% endif %}, which means you pay monthly for the number of licenses you use. You will not need to buy a predefined number of licenses in advance. See, [AUTOTITLE](/billing/using-the-new-billing-platform/about-usage-based-billing-for-licenses).
|
||||
|
||||
If you did not set up a free trial and you want to use usage-based billing to pay for {% data variables.product.prodname_GH_advanced_security %} after the {% data variables.product.prodname_ghe_cloud %} trial ends, contact [{% data variables.product.prodname_dotcom %}'s Sales team](https://enterprise.github.com/contact).{% endif %}
|
||||
If you did not set up a free trial and you want to use usage-based billing to pay for {% data variables.product.prodname_GHAS %}{% ifversion ghas-products %} products{% endif %} after the {% data variables.product.prodname_ghe_cloud %} trial ends, contact [{% data variables.product.prodname_dotcom %}'s Sales team](https://enterprise.github.com/contact).{% endif %}
|
||||
|
||||
* You can generate a {% data variables.product.prodname_ghe_server %} license file for the same quantity of users who are consuming a {% data variables.product.prodname_ghe_cloud %} license.
|
||||
|
||||
|
||||
@@ -7,7 +7,8 @@ versions:
|
||||
ghec: '*'
|
||||
topics:
|
||||
- Secret scanning
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Secret Protection
|
||||
- Repositories
|
||||
children:
|
||||
- /introduction-to-adopting-github-advanced-security-at-scale
|
||||
|
||||
@@ -5,7 +5,8 @@ versions:
|
||||
ghes: '*'
|
||||
ghec: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Secret Protection
|
||||
shortTitle: Introduction
|
||||
redirect_from:
|
||||
- /admin/advanced-security/overview-of-github-advanced-security-deployment
|
||||
|
||||
@@ -5,7 +5,8 @@ versions:
|
||||
ghes: '*'
|
||||
ghec: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Secret Protection
|
||||
shortTitle: 1. Align on strategy
|
||||
---
|
||||
|
||||
|
||||
@@ -5,7 +5,8 @@ versions:
|
||||
ghes: '*'
|
||||
ghec: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Secret Protection
|
||||
shortTitle: 2. Preparation
|
||||
---
|
||||
|
||||
|
||||
@@ -5,7 +5,8 @@ versions:
|
||||
ghes: '*'
|
||||
ghec: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Secret Protection
|
||||
shortTitle: 3. Pilot programs
|
||||
---
|
||||
|
||||
|
||||
@@ -5,7 +5,8 @@ versions:
|
||||
ghes: '*'
|
||||
ghec: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Secret Protection
|
||||
shortTitle: 4. Create internal documentation
|
||||
---
|
||||
|
||||
|
||||
@@ -5,7 +5,8 @@ versions:
|
||||
ghes: '*'
|
||||
ghec: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Secret Protection
|
||||
shortTitle: 5. Rollout code scanning
|
||||
---
|
||||
|
||||
|
||||
@@ -5,7 +5,8 @@ versions:
|
||||
ghes: '*'
|
||||
ghec: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Secret Protection
|
||||
shortTitle: 6. Rollout secret scanning
|
||||
---
|
||||
|
||||
|
||||
@@ -19,7 +19,7 @@ versions:
|
||||
ghec: '*'
|
||||
type: how_to
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
- Actions
|
||||
|
||||
@@ -12,7 +12,7 @@ versions:
|
||||
ghes: '*'
|
||||
type: how_to
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
allowTitleToDifferFromFilename: true
|
||||
---
|
||||
|
||||
@@ -12,7 +12,7 @@ versions:
|
||||
ghec: '*'
|
||||
type: how_to
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- Actions
|
||||
- Repositories
|
||||
@@ -41,10 +41,7 @@ If you do not need a highly customizable {% data variables.product.prodname_code
|
||||
|
||||
Your repository is eligible for advanced setup if it meets these requirements.
|
||||
* It uses {% data variables.product.prodname_codeql %}-supported languages or you plan to generate code scanning results with a third-party tool.
|
||||
* {% data variables.product.prodname_actions %} are enabled.{% ifversion fpt %}
|
||||
* It is publicly visible.{%- elsif ghec %}
|
||||
* It is publicly visible, or {% data variables.product.prodname_GH_advanced_security %} is enabled.{%- elsif ghes %}
|
||||
* {% data variables.product.prodname_GH_advanced_security %} is enabled.{% endif %}
|
||||
{% data reusables.code-scanning.require-actions-ghcs %}
|
||||
|
||||
{% ifversion ghes %}
|
||||
If the server on which you are running {% data variables.product.prodname_ghe_server %} is not connected to the internet, your site administrator can enable {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} by making the {% data variables.product.prodname_codeql %} analysis bundle available on the server. For more information, see [AUTOTITLE](/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance#configuring-codeql-analysis-on-a-server-without-internet-access).
|
||||
|
||||
@@ -15,7 +15,7 @@ versions:
|
||||
ghec: '*'
|
||||
type: how_to
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- Actions
|
||||
- Repositories
|
||||
|
||||
@@ -8,7 +8,7 @@ versions:
|
||||
ghes: '*'
|
||||
ghec: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
children:
|
||||
- /configuring-advanced-setup-for-code-scanning
|
||||
|
||||
@@ -10,7 +10,7 @@ versions:
|
||||
ghes: '*'
|
||||
ghec: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
- Repositories
|
||||
|
||||
@@ -15,7 +15,7 @@ versions:
|
||||
ghec: '*'
|
||||
type: how_to
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
- Actions
|
||||
|
||||
@@ -9,7 +9,7 @@ permissions: '{% data reusables.permissions.security-org-enable %}'
|
||||
product: '{% data reusables.gated-features.code-scanning %}'
|
||||
type: how_to
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
versions:
|
||||
fpt: '*'
|
||||
@@ -46,10 +46,8 @@ A repository must meet all the following criteria to be eligible for default set
|
||||
|
||||
* {% ifversion fpt %}{% data variables.product.prodname_code_scanning_caps %}{% else %}Advanced setup for {% data variables.product.prodname_code_scanning %}{% endif %} is not already enabled.
|
||||
* {% data variables.product.prodname_actions %} are enabled.{% ifversion default-setup-pre-enablement %}
|
||||
* Uses Go, JavaScript/TypeScript, Python, or Ruby.{% endif %}{% ifversion fpt %}
|
||||
* Publicly visible.{%- elsif ghec %}
|
||||
* Publicly visible, or {% data variables.product.prodname_GH_advanced_security %} is enabled.{%- elsif ghes %}
|
||||
* {% data variables.product.prodname_GH_advanced_security %} is enabled.{% endif %}
|
||||
* Uses Go, JavaScript/TypeScript, Python, or Ruby.{% endif %}
|
||||
{% data reusables.code-scanning.require-actions-ghcs %}
|
||||
|
||||
{% ifversion default-setup-pre-enablement %}
|
||||
{% data reusables.code-scanning.default-setup-pre-enablement-explanation %}
|
||||
@@ -122,15 +120,15 @@ Through security overview for your organization, you can find eligible repositor
|
||||
|
||||
{%- ifversion ghes > 3.12 %}
|
||||
- `code-scanning-default-setup:eligible is:public` shows repositories that have languages suitable for default setup and are eligible because they are visible to the public.
|
||||
- `code-scanning-default-setup:eligible advanced-security:enabled` shows private or internal repositories that have languages suitable for default setup and are eligible because they have {% data variables.product.prodname_GH_advanced_security %} enabled.
|
||||
- `code-scanning-default-setup:eligible is:private,internal advanced-security:not-enabled` shows private or internal repositories that have languages suitable for default setup but do not have {% data variables.product.prodname_GH_advanced_security %} enabled. Once you enable {% data variables.product.prodname_GH_advanced_security %} for these repositories, they can also be added to default setup.
|
||||
- `code-scanning-default-setup:eligible advanced-security:enabled` shows private or internal repositories that have languages suitable for default setup and are eligible because they have {% data variables.product.prodname_GHAS %} enabled.
|
||||
- `code-scanning-default-setup:eligible is:private,internal advanced-security:not-enabled` shows private or internal repositories that have languages suitable for default setup but do not have {% data variables.product.prodname_GHAS %} enabled. Once you enable {% data variables.product.prodname_GHAS %} for these repositories, they can also be added to default setup.
|
||||
{%- else %}
|
||||
- `code-scanning-default-setup:eligible advanced-security:enabled` shows which repositories can be added to default setup immediately.
|
||||
- `code-scanning-default-setup:eligible advanced-security:not-enabled` shows which repositories have languages suitable for default setup but do not have {% data variables.product.prodname_GH_advanced_security %} enabled. Once you enable {% data variables.product.prodname_GH_advanced_security %} for these repositories, they can also be added to default setup.
|
||||
- `code-scanning-default-setup:eligible advanced-security:not-enabled` shows which repositories have languages suitable for default setup but do not have {% data variables.product.prodname_GHAS %} enabled. Once you enable {% data variables.product.prodname_GHAS %} for these repositories, they can also be added to default setup.
|
||||
- `code-scanning-default-setup:not-eligible` shows repositories that are ineligible for default setup enablement at scale for any of the following reasons:
|
||||
- The repositories already have existing configurations of advanced setup.
|
||||
- The repositories only contain languages that cannot be analyzed by default setup.
|
||||
- The repositories do not have {% data variables.product.prodname_GH_advanced_security %} enabled.
|
||||
- The repositories do not have {% data variables.product.prodname_GHAS %} enabled.
|
||||
{%- endif %}
|
||||
|
||||
You can select all of the displayed repositories, or a subset of them, and enable or disable default setup for {% data variables.product.prodname_code_scanning %} for them all at the same time. For more information, see step 5 of [Configuring default setup at scale for multiple repositories in an organization](#configuring-default-setup-at-scale-for-multiple-repositories-in-an-organization).
|
||||
|
||||
@@ -18,7 +18,7 @@ permissions: '{% data reusables.permissions.security-repo-enable %}'
|
||||
product: '{% data reusables.gated-features.code-scanning %}'
|
||||
type: how_to
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
versions:
|
||||
fpt: '*'
|
||||
@@ -50,10 +50,7 @@ Your repository is eligible for default setup for {% data variables.product.prod
|
||||
<!-- No restrictions on languages. Can be set up before CodeQL supported languages are added. -->
|
||||
{% else %}
|
||||
* It includes at least one {% data variables.product.prodname_codeql %}-supported language.{% endif %}
|
||||
* {% data variables.product.prodname_actions %} are enabled.{% ifversion fpt %}
|
||||
* It is publicly visible.{%- elsif ghec %}
|
||||
* It is publicly visible, or {% data variables.product.prodname_GH_advanced_security %} is enabled.{%- elsif ghes %}
|
||||
* {% data variables.product.prodname_GH_advanced_security %} is enabled.{% endif %}
|
||||
{% data reusables.code-scanning.require-actions-ghcs %}
|
||||
|
||||
{% ifversion default-setup-pre-enablement %}
|
||||
{% data reusables.code-scanning.default-setup-pre-enablement-explanation %}
|
||||
|
||||
@@ -5,7 +5,7 @@ intro: 'Learn how to assess how code scanning is working for you, and how you ca
|
||||
permissions: '{% data reusables.permissions.security-repo-enable %}'
|
||||
type: how_to
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
versions:
|
||||
fpt: '*'
|
||||
|
||||
@@ -8,7 +8,7 @@ versions:
|
||||
ghes: '*'
|
||||
ghec: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
children:
|
||||
|
||||
@@ -13,7 +13,7 @@ versions:
|
||||
ghes: '*'
|
||||
ghec: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
children:
|
||||
|
||||
@@ -14,7 +14,7 @@ versions:
|
||||
ghec: '*'
|
||||
type: overview
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- Webhooks
|
||||
- Integration
|
||||
|
||||
@@ -12,7 +12,7 @@ versions:
|
||||
ghes: '*'
|
||||
ghec: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- Integration
|
||||
children:
|
||||
|
||||
@@ -15,7 +15,7 @@ versions:
|
||||
ghec: '*'
|
||||
type: reference
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- Integration
|
||||
- SARIF
|
||||
|
||||
@@ -16,7 +16,7 @@ versions:
|
||||
ghec: '*'
|
||||
type: how_to
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- Integration
|
||||
- Actions
|
||||
@@ -43,7 +43,7 @@ You can upload the results using {% data variables.product.prodname_actions %},
|
||||
{% ifversion fpt or ghec %}
|
||||
|
||||
> [!NOTE]
|
||||
> For private and internal repositories, {% data variables.product.prodname_code_scanning %} is available when {% data variables.product.prodname_GH_advanced_security %} features are enabled for the repository. If you see the error `Advanced Security must be enabled for this repository to use code scanning`, check that {% data variables.product.prodname_GH_advanced_security %} is enabled. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository).
|
||||
> For private and internal repositories, {% data variables.product.prodname_code_scanning %} is available when {% data variables.product.prodname_GH_code_security %} features are enabled for the repository. If you see the error `{% data variables.product.prodname_advanced_security %} must be enabled for this repository to use code scanning`, check that {% data variables.product.prodname_GH_code_security %} is enabled. For more information, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository).
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
||||
@@ -13,7 +13,7 @@ versions:
|
||||
ghec: '*'
|
||||
type: overview
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
- Repositories
|
||||
|
||||
@@ -12,7 +12,7 @@ versions:
|
||||
ghec: '*'
|
||||
type: overview
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
---
|
||||
|
||||
@@ -15,7 +15,7 @@ versions:
|
||||
ghec: '*'
|
||||
type: overview
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
---
|
||||
|
||||
@@ -44,7 +44,7 @@ To get started with {% data variables.product.prodname_code_scanning %}, see [AU
|
||||
|
||||
{% data variables.product.prodname_code_scanning_caps %} uses {% data variables.product.prodname_actions %}, and each run of a {% data variables.product.prodname_code_scanning %} workflow consumes minutes for {% data variables.product.prodname_actions %}. For more information, see [AUTOTITLE](/billing/managing-billing-for-github-actions/about-billing-for-github-actions).
|
||||
|
||||
To use {% data variables.product.prodname_code_scanning %} on a private repository, you will also need a license for {% data variables.product.prodname_GH_advanced_security %}. {% data reusables.advanced-security.ghas-trial %}
|
||||
To use {% data variables.product.prodname_code_scanning %} on a private repository, you will also need a license for {% data variables.product.prodname_GH_code_security %}. {% data reusables.advanced-security.ghas-trial %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
||||
@@ -12,7 +12,7 @@ versions:
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
children:
|
||||
|
||||
@@ -11,7 +11,7 @@ redirect_from:
|
||||
- /code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-alerts
|
||||
type: overview
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
---
|
||||
|
||||
@@ -9,7 +9,7 @@ versions:
|
||||
ghec: '*'
|
||||
type: how_to
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- Alerts
|
||||
- Repositories
|
||||
|
||||
@@ -8,7 +8,7 @@ versions:
|
||||
feature: code-scanning-autofix
|
||||
type: how_to
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
- AI
|
||||
|
||||
@@ -9,7 +9,7 @@ type: how_to
|
||||
versions:
|
||||
feature: security-campaigns
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- Alerts
|
||||
- Repositories
|
||||
@@ -71,7 +71,7 @@ If you have access to {% data variables.product.prodname_copilot_chat_short %} t
|
||||
|
||||
To get the most out of {% data variables.product.prodname_copilot_chat_short %} when you're working on code security, you should explicitly ask {% data variables.product.prodname_copilot_chat_short %} to use the {% data variables.product.prodname_GH_advanced_security %} skill to answer your questions.
|
||||
|
||||
For example: "Use the GitHub Advanced Security skill to explain how this alert introduces a vulnerability into the code."
|
||||
For example: "Use the {% data variables.product.prodname_GH_advanced_security %} skill to explain how this alert introduces a vulnerability into the code."
|
||||
|
||||
> [!TIP]
|
||||
> {% data reusables.copilot.semantic-index-info %}
|
||||
|
||||
@@ -8,7 +8,7 @@ versions:
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
children:
|
||||
|
||||
@@ -18,7 +18,7 @@ redirect_from:
|
||||
- /code-security/code-scanning/managing-code-scanning-alerts/managing-code-scanning-alerts-for-your-repository
|
||||
type: how_to
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- Alerts
|
||||
- Repositories
|
||||
|
||||
@@ -8,7 +8,7 @@ versions:
|
||||
feature: code-scanning-autofix
|
||||
type: rai
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
- AI
|
||||
|
||||
@@ -9,7 +9,7 @@ redirect_from:
|
||||
- /code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/tracking-code-scanning-alerts-in-issues-using-task-lists
|
||||
type: how_to
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- Alerts
|
||||
- Repositories
|
||||
|
||||
@@ -15,7 +15,7 @@ versions:
|
||||
ghec: '*'
|
||||
type: how_to
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- Pull requests
|
||||
- Alerts
|
||||
|
||||
@@ -13,7 +13,7 @@ redirect_from:
|
||||
- /code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-the-tool-status-page
|
||||
type: overview
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
---
|
||||
|
||||
@@ -8,7 +8,7 @@ versions:
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
children:
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
title: 'Error: "Advanced Security must be enabled for this repository to use code scanning"'
|
||||
shortTitle: 'Advanced Security must be enabled'
|
||||
intro: 'If you see this error, make sure that {% data variables.product.prodname_GH_advanced_security %} is enabled.'
|
||||
title: 'Error: "{% data variables.product.prodname_advanced_security %} must be enabled for this repository to use code scanning"'
|
||||
shortTitle: '{% data variables.product.prodname_advanced_security %} must be enabled'
|
||||
intro: 'If you see this error, make sure that {% data variables.product.prodname_GH_code_security %} is enabled.'
|
||||
allowTitleToDifferFromFilename: true
|
||||
type: reference
|
||||
topics:
|
||||
@@ -17,8 +17,8 @@ versions:
|
||||
## About this error
|
||||
|
||||
```text
|
||||
Advanced Security must be enabled for this repository to use code scanning
|
||||
403: GitHub Advanced Security is not enabled
|
||||
{% data variables.product.prodname_advanced_security %} must be enabled for this repository to use code scanning
|
||||
403: {% data variables.product.prodname_GH_advanced_security %} is not enabled
|
||||
```
|
||||
|
||||
This error is reported if you try to run {% data variables.product.prodname_code_scanning %} in a repository where {% data variables.product.prodname_GH_advanced_security %} is not enabled or where use of this feature is blocked by a policy.
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
---
|
||||
title: 'Cannot enable CodeQL in a private repository'
|
||||
intro: '{% data variables.product.prodname_GH_advanced_security %} must be enabled in order to use {% data variables.product.prodname_code_scanning %} on private repositories.'
|
||||
intro: '{% data variables.product.prodname_GH_code_security %} must be enabled in order to use {% data variables.product.prodname_code_scanning %} on private repositories.'
|
||||
allowTitleToDifferFromFilename: true
|
||||
type: reference
|
||||
topics:
|
||||
@@ -14,11 +14,16 @@ versions:
|
||||
---
|
||||
|
||||
{% ifversion fpt %}
|
||||
If you are on a free, pro, or team plan, you can only use {% data variables.product.prodname_code_scanning %} on repositories that are publicly available. To enable {% data variables.product.prodname_code_scanning %} for private or internal repositories, you must upgrade to GitHub Enterprise with {% data variables.product.prodname_GH_advanced_security %} and enable {% data variables.product.prodname_GH_advanced_security %} for the repository. For more information, see [AUTOTITLE](/get-started/learning-about-github/githubs-products#github-enterprise) and [AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security).
|
||||
|
||||
{% ifversion ghas-products-cloud %}
|
||||
If you are on a free or pro plan, you can only use {% data variables.product.prodname_code_scanning %} on repositories that are publicly available. To enable {% data variables.product.prodname_code_scanning %} for private or internal repositories, you must upgrade to {% data variables.product.prodname_team %} or {% data variables.product.prodname_enterprise %} with {% data variables.product.prodname_GH_code_security %} and enable {% data variables.product.prodname_GH_code_security %} for the repository. For more information, see [AUTOTITLE](/get-started/learning-about-github/githubs-products#github-team) and [AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security).
|
||||
{% else %}
|
||||
If you are on a free, pro, or team plan, you can only use {% data variables.product.prodname_code_scanning %} on repositories that are publicly available. To enable {% data variables.product.prodname_code_scanning %} for private or internal repositories, you must upgrade to {% data variables.product.prodname_enterprise %} with {% data variables.product.prodname_GHAS %} and enable {% data variables.product.prodname_GHAS %} for the repository. For more information, see [AUTOTITLE](/get-started/learning-about-github/githubs-products#github-enterprise) and [AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security).
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
|
||||
## Confirm whether {% data variables.product.prodname_GH_advanced_security %} is enabled
|
||||
{% ifversion ghas-products-cloud or ghec or ghes %}
|
||||
|
||||
## Confirm whether {% data variables.product.prodname_GH_code_security %} is enabled
|
||||
|
||||
{% data reusables.repositories.navigate-to-repo %}
|
||||
{% data reusables.repositories.sidebar-settings %}
|
||||
@@ -31,7 +36,7 @@ If you are on a free, pro, or team plan, you can only use {% data variables.prod
|
||||
|
||||
### Requesting access to {% data variables.product.prodname_GH_advanced_security %}
|
||||
|
||||
1. In the "{% data variables.product.prodname_GH_advanced_security %}" settings, click the enterprise name to display a list of users with access to edit the policy that controls access to {% data variables.product.prodname_GH_advanced_security %}. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise#enforcing-a-policy-for-the-use-of-github-advanced-security-in-your-enterprises-organizations).
|
||||
1. In the "{% data variables.product.prodname_GH_advanced_security %}" settings, click the enterprise or organization name to display a list of users with access to edit the policy that controls access to {% data variables.product.prodname_GH_advanced_security %}. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise#enforcing-a-policy-for-the-use-of-github-advanced-security-in-your-enterprises-organizations).
|
||||
1. Follow your company's policy for requesting access to additional features.
|
||||
|
||||
### Enabling {% data variables.product.prodname_GH_advanced_security %}
|
||||
|
||||
@@ -10,7 +10,7 @@ versions:
|
||||
ghes: '*'
|
||||
ghec: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
- Repositories
|
||||
@@ -37,4 +37,3 @@ children:
|
||||
- /unnecessary-step-found
|
||||
- /kotlin-detected-in-no-build
|
||||
---
|
||||
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
---
|
||||
title: 'Upload fails because GitHub Advanced Security is disabled'
|
||||
shortTitle: GitHub Advanced Security disabled
|
||||
title: 'Upload fails because {% data variables.product.prodname_GH_advanced_security %} is disabled'
|
||||
shortTitle: '{% data variables.product.prodname_GH_advanced_security %} disabled'
|
||||
allowTitleToDifferFromFilename: true
|
||||
intro: 'You can only upload SARIF results to {% ifversion fpt or ghec %}private or internal {% endif %}repositories where {% data variables.product.prodname_GH_advanced_security %} is enabled.'
|
||||
intro: 'You can only upload SARIF results to {% ifversion fpt or ghec %}private or internal {% endif %}repositories where {% data variables.product.prodname_GH_code_security %} is enabled.'
|
||||
type: reference
|
||||
topics:
|
||||
- Code scanning
|
||||
@@ -20,13 +20,13 @@ redirect_from:
|
||||
## About this error
|
||||
|
||||
```text
|
||||
GitHub Advanced Security not enabled
|
||||
GitHub Advanced Security blocked by a policy
|
||||
403: GitHub Advanced Security is not enabled
|
||||
{% data variables.product.prodname_GH_advanced_security %} not enabled
|
||||
{% data variables.product.prodname_GH_advanced_security %} blocked by a policy
|
||||
403: {% data variables.product.prodname_GH_advanced_security %} is not enabled
|
||||
```
|
||||
|
||||
This error is reported if a process attempts to upload a SARIF file to a repository where {% data variables.product.prodname_GH_advanced_security %} is not enabled or where use of this feature is blocked by a policy.
|
||||
This error is reported if a process attempts to upload a SARIF file to a repository where {% data variables.product.prodname_GH_code_security %} is not enabled or where use of this feature is blocked by a policy.
|
||||
|
||||
You will only see this error for SARIF files that contain results created using {% data variables.product.prodname_codeql %}{% ifversion fpt or ghec %} and for uploads to repositories with private or internal visibility. {% data variables.product.prodname_GH_advanced_security %} is enabled by default for all public repositories{% endif %}.
|
||||
You will only see this error for SARIF files that contain results created using {% data variables.product.prodname_codeql %}{% ifversion fpt or ghec %} and for uploads to repositories with private or internal visibility. {% data variables.product.prodname_GH_code_security %} is enabled by default for all public repositories{% endif %}.
|
||||
|
||||
For information on how to confirm this error and fix the problem, see [AUTOTITLE](/code-security/code-scanning/troubleshooting-code-scanning/advanced-security-must-be-enabled).
|
||||
|
||||
@@ -6,7 +6,7 @@ versions:
|
||||
ghes: '*'
|
||||
ghec: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- Integration
|
||||
children:
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -6,7 +6,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -8,7 +8,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -6,7 +6,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -6,7 +6,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -8,7 +8,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -6,7 +6,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
@@ -5,7 +5,7 @@ versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
topics:
|
||||
- Advanced Security
|
||||
- Code Security
|
||||
- Code scanning
|
||||
- CodeQL
|
||||
type: reference
|
||||
|
||||
Some files were not shown because too many files have changed in this diff Show More
Reference in New Issue
Block a user