jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-25 02:17:36 -05:00
Code Issues Projects Releases Wiki Activity

Revert "Group user docs on code security into a new "product" (#18196)" (#18277)

Browse Source
This commit is contained in:
Felicity Chapman
2021-03-17 08:07:11 +00:00
committed by GitHub
parent 8b6dc9feb8
commit 6a7e93f225
96 changed files with 129 additions and 2747 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
content/code-security/secret-security/managing-alerts-from-secret-scanning.md
View File

@@ -1,49 +0,0 @@
---
title: Managing alerts from secret scanning
intro: You can view and close alerts for secrets checked in to your repository.
product: '{% data reusables.gated-features.secret-scanning %}'
redirect_from:
- /github/administering-a-repository/managing-alerts-from-secret-scanning
versions:
free-pro-team: '*'
enterprise-server: '>=3.0'
github-ae: '*'
---
{% data reusables.secret-scanning.beta %}
### Managing alerts
{% data reusables.repositories.navigate-to-repo %}
{% data reusables.repositories.sidebar-security %}
3. In the left sidebar, click **Secret scanning alerts**.
{% if currentVersion == "free-pro-team@latest" or currentVersion ver_gt "enterprise-server@2.22" %}
!["Secret scanning alerts" tab](/assets/images/help/repository/sidebar-secrets.png)
{% endif %}
{% if currentVersion == "github-ae@latest" %}
!["Secret scanning alerts" tab](/assets/images/enterprise/github-ae/repository/sidebar-secrets-ghae.png)
{% endif %}
4. Under "Secret scanning" click the alert you want to view.
{% if currentVersion == "free-pro-team@latest" %}
![List of alerts from secret scanning](/assets/images/help/repository/secret-scanning-click-alert.png)
{% endif %}
{% if currentVersion ver_gt "enterprise-server@2.22" %}
![List of alerts from secret scanning](/assets/images/help/repository/secret-scanning-click-alert-ghe.png)
{% endif %}
{% if currentVersion == "github-ae@latest" %}
![List of alerts from secret scanning](/assets/images/enterprise/github-ae/repository/secret-scanning-click-alert-ghae.png)
{% endif %}
5. Optionally, use the "Mark as" drop-down menu and click a reason for resolving an alert.
{% if currentVersion == "free-pro-team@latest" %}
![Drop-down menu for resolving an alert from secret scanning](/assets/images/help/repository/secret-scanning-resolve-alert.png)
{% endif %}
{% if currentVersion ver_gt "enterprise-server@2.22" or currentVersion == "github-ae@latest" %}
![Drop-down menu for resolving an alert from secret scanning](/assets/images/help/repository/secret-scanning-resolve-alert-ghe.png)
{% endif %}
### Securing compromised secrets
Once a secret has been committed to a repository, you should consider the secret compromised. {% data variables.product.prodname_dotcom %} recommends the following actions for compromised secrets:
- For a compromised {% data variables.product.prodname_dotcom %} personal access token, delete the compromised token, create a new token, and update any services that use the old token. For more information, see "[Creating a personal access token for the command line](/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line)."
- For all other secrets, first verify that the secret committed to {% data variables.product.product_name %} is valid. If so, create a new secret, update any services that use the old secret, and then delete the old secret.