jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-19 18:10:59 -05:00
Code Issues Projects Releases Wiki Activity

A couple of fixes for the GHAS unbundling and secret risk assesment work - fast follow (#55083)

Browse Source
This commit is contained in:
mc
2025-04-01 19:04:19 +01:00
committed by GitHub
parent fedbe3dd35
commit 42fbbad1e7
2 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
content/code-security/security-overview/assessing-code-security-risk.md
View File

@@ -26,14 +26,16 @@ redirect_from:
You can use the different views on your **Security** tab to explore the security risks in your code. You can use the different views on your **Security** tab to explore the security risks in your code.
* **Overview:** use to explore trends in **Detection**, **Remediation**, and **Prevention** of security alerts. * **Overview:** use to explore trends in **Detection**, **Remediation**, and **Prevention** of security alerts.
* **Risk:** use to explore the current state of repositories, across all alert types. * **Risk:** use to explore the current state of repositories, across all alert types.{% ifversion secret-risk-assessment %}
* **Assessments:** use to explore the current state of repositories, for secret leaks specifically{% endif %}
* **Alerts views:** use to explore {% data variables.product.prodname_code_scanning %}, {% data variables.product.prodname_dependabot %}, or {% data variables.product.prodname_secret_scanning %} alerts in greater detail. * **Alerts views:** use to explore {% data variables.product.prodname_code_scanning %}, {% data variables.product.prodname_dependabot %}, or {% data variables.product.prodname_secret_scanning %} alerts in greater detail.
These views provide you with the data and filters to: These views provide you with the data and filters to:
* Assess the landscape of security risk of code stored in all your repositories. * Assess the landscape of security risk of code stored in all your repositories.
* Identify the highest impact vulnerabilities to address. * Identify the highest impact vulnerabilities to address.
* Monitor your progress in remediating potential vulnerabilities. {% ifversion security-overview-export-data %} * Monitor your progress in remediating potential vulnerabilities.{% ifversion secret-risk-assessment %}
* Understand how your organization is affected by secret leaks and exposures.{% endif %}{% ifversion security-overview-export-data %}
* Export your current selection of data for further analysis and reporting. {% endif %} * Export your current selection of data for further analysis and reporting. {% endif %}
{% ifversion security-overview-dashboard %} {% ifversion security-overview-dashboard %}

2
content/code-security/security-overview/filtering-alerts-in-security-overview.md
View File

@@ -121,7 +121,9 @@ In the "Risk" and "Coverage" views, you can show data only for repositories wher
| Qualifier | Description | | Qualifier | Description |
| -------- | -------- | | -------- | -------- |
| {% ifversion ghes < 3.17 %} |
| `advanced-security` | Display data for repositories where {% data variables.product.prodname_GHAS %} is enabled or not enabled. | | `advanced-security` | Display data for repositories where {% data variables.product.prodname_GHAS %} is enabled or not enabled. |
| {% endif %} |
| `code-scanning-default-setup`| Display data for repositories where {% data variables.product.prodname_code_scanning %} is enabled or not enabled using {% data variables.product.prodname_codeql %} default setup. | | `code-scanning-default-setup`| Display data for repositories where {% data variables.product.prodname_code_scanning %} is enabled or not enabled using {% data variables.product.prodname_codeql %} default setup. |
| `code-scanning-pull-request-alerts`| Display data for repositories where {% data variables.product.prodname_code_scanning %} is enabled or not enabled to run on pull requests. | | `code-scanning-pull-request-alerts`| Display data for repositories where {% data variables.product.prodname_code_scanning %} is enabled or not enabled to run on pull requests. |
| `dependabot-security-updates` | Display data for repositories where {% data variables.product.prodname_dependabot_security_updates %} is enabled or not enabled. | | `dependabot-security-updates` | Display data for repositories where {% data variables.product.prodname_dependabot_security_updates %} is enabled or not enabled. |