jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-23 11:54:18 -05:00
Code Issues Projects Releases Wiki Activity

[Improvement]: Check a Secret Scanning article section to make sure it's current #9857 (#37255)

Browse Source
This commit is contained in:
Anne-Marie
2023-05-31 19:08:03 +02:00
committed by GitHub
parent 26fc2018d7
commit 6cd35005c3
3 changed files with 8 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
content/code-security/secret-scanning/protecting-pushes-with-secret-scanning.md
View File

@@ -127,7 +127,7 @@ If {% data variables.product.prodname_dotcom %} blocks a secret that you believe
Organization owners can provide a custom link that will be displayed when a push is blocked. This custom link can contain resources and advice specific to your organization. For example, the custom link can point to a README file with information about the organization's secret vault, which teams and individuals to escalate questions to, or the organization's approved policy for working with secrets and rewriting commit history.
{% endif %}
You can remove the secret from the file using the web UI. Once you remove the secret, the banner at the top of the page will change and tell you that you can now commit your changes.
You can remove the secret from the file using the web UI. Once you remove the secret, you will be able to commit your changes.
### Bypassing push protection for a secret
@@ -141,9 +141,7 @@ If {% data variables.product.prodname_dotcom %} blocks a secret that you believe
{% data reusables.secret-scanning.push-protection-allow-email %}
If you confirm a secret is real and that you intend to fix it later, you should aim to remediate the secret as soon as possible.
1. In the banner that appeared at the top of the page when {% data variables.product.prodname_dotcom %} blocked your commit, click **Bypass protection**.
1. In dialog box that appeared when {% data variables.product.prodname_dotcom %} blocked your commit, review the name and location of the secret.
{% data reusables.secret-scanning.push-protection-choose-allow-secret-options %}
1. Click **Allow secret**.

10
content/code-security/secret-scanning/pushing-a-branch-blocked-by-push-protection.md
View File

@@ -21,12 +21,12 @@ The push protection feature of {% data variables.product.prodname_secret_scannin
{% tip %}
**Tip**
If {% data variables.product.prodname_dotcom %} blocks a secret that you believe is safe to push, you can allow the secret and specify the reason why it should be allowed. For more information about bypassing push protection for a secret, see "[AUTOTITLE](/code-security/secret-scanning/protecting-pushes-with-secret-scanning#allowing-a-blocked-secret-to-be-pushed)" and "[AUTOTITLE](/code-security/secret-scanning/protecting-pushes-with-secret-scanning#bypassing-push-protection-for-a-secret)" for the command line and the web UI, respectively.
**Tip**
If {% data variables.product.prodname_dotcom %} blocks a secret that you believe is safe to push, you can allow the secret and specify the reason why it should be allowed. For more information about bypassing push protection for a secret, see "[Allowing a blocked secret to be pushed](/code-security/secret-scanning/protecting-pushes-with-secret-scanning#allowing-a-blocked-secret-to-be-pushed)" and "[Bypassing push protection for a secret](/code-security/secret-scanning/protecting-pushes-with-secret-scanning#bypassing-push-protection-for-a-secret)" for the command line and the web UI, respectively.
{% endtip %}
{% ifversion push-protection-custom-link-orgs %}
{% ifversion push-protection-custom-link-orgs %}
Organization owners can provide a custom link that will be included in the message from {% data variables.product.product_name %} when your push is blocked. This custom link can contain resources and advice specific to your organization and its policies.
{% endif %}
@@ -56,6 +56,6 @@ You can also remove the secret if the secret appears in an earlier commit in the
{% data reusables.secret-scanning.push-protection-web-ui-choice %}
To resolve a blocked commit in the web UI, you need to remove the secret from the file, or use the **Bypass protection** dropdown to allow the secret. For more information about bypassing push protection from the web UI, see "[AUTOTITLE](/code-security/secret-scanning/protecting-pushes-with-secret-scanning#bypassing-push-protection-for-a-secret)."
To resolve a blocked commit in the web UI, you need to remove the secret from the file, or use the options displayed in the dialog box to allow the secret. For more information about bypassing push protection from the web UI, see "[AUTOTITLE](/code-security/secret-scanning/protecting-pushes-with-secret-scanning#bypassing-push-protection-for-a-secret)."
If you confirm a secret is real, you need to remove the secret from the file. Once you remove the secret, the banner at the top of the page will change and tell you that you can now commit your changes.
If you confirm a secret is real, you need to remove the secret from the file. Once you remove the secret, you will be able to commit your changes.