jprdonnelly/docs
1
0
Fork 0
mirror of synced 2026-01-07 18:01:41 -05:00
Code Issues Projects Releases Wiki Activity

Merge pull request #34286 from github/repo-sync

Browse Source 
Repo sync
This commit is contained in:
docs-bot
2024-08-12 17:38:45 -07:00
committed by GitHub
parent 40a84f7c2b 1fe9a6ee0f
commit 7a731c1d11
3 changed files with 11 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
content/code-security/secret-scanning/introduction/supported-secret-scanning-patterns.md
View File

@@ -44,12 +44,8 @@ This table lists the secrets supported by {% data variables.product.prodname_sec
* Applies to private repositories where {% data variables.product.prodname_GH_advanced_security %} and {% data variables.product.prodname_secret_scanning %} are enabled.
* Includes high confidence tokens, which relate to supported patterns and specified custom patterns, as well as non-provider tokens such as private keys, which often result in false positives.{% else %} Applies to private repositories where {% data variables.product.prodname_GH_advanced_security %} and {% data variables.product.prodname_secret_scanning %} enabled.{% endif %}{% endif %}
* **Push protection**—token for which leaks are reported to users on {% data variables.product.prodname_dotcom %}. Applies to repositories with {% data variables.product.prodname_secret_scanning %} and push protection enabled.
{% note %}
**Note:** {% data reusables.secret-scanning.push-protection-older-tokens %} For more information about push protection limitations, see "[AUTOTITLE](/code-security/secret-scanning/troubleshooting-secret-scanning-and-push-protection/troubleshooting-secret-scanning#push-protection-and-pattern-versions)."
{% endnote %}
* **Validity check**—token for which a validity check is implemented. {% ifversion secret-scanning-validity-check-partner-patterns %}For partner tokens, {% data variables.product.prodname_dotcom %} sends the token to the relevant partner. Note that not all partners are based in the United States. For more information, see "[{% data variables.product.prodname_advanced_security %}](/free-pro-team@latest/site-policy/github-terms/github-terms-for-additional-products-and-features#advanced-security)" in the Site Policy documentation.{% else %} {% ifversion ghes %}Currently only applies to {% data variables.product.prodname_dotcom %} tokens.{% endif %} {% ifversion fpt %}Currently only applies to {% data variables.product.prodname_dotcom %} tokens, and not shown in the table. For more information about validity check support see "[AUTOTITLE](/enterprise-cloud@latest/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#supported-secrets)" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% endif %}{% endif %}
* **Validity check**—token for which a validity check is implemented. {% ifversion secret-scanning-validity-check-partner-patterns %}For partner tokens, {% data variables.product.prodname_dotcom %} sends the token to the relevant partner. Note that not all partners are based in the United States. For more information, see "[{% data variables.product.prodname_advanced_security %}](/free-pro-team@latest/site-policy/github-terms/github-terms-for-additional-products-and-features#advanced-security)" in the Site Policy documentation.{% else %} {% ifversion ghes %}Currently only applies to {% data variables.product.prodname_dotcom %} tokens.{% endif %} {% ifversion fpt %}Currently only applies to {% data variables.product.prodname_dotcom %} tokens, and not shown in the table. For more information about validity check support see "[AUTOTITLE](/enterprise-cloud@latest/code-security/secret-scanning/secret-scanning-patterns#supported-secrets)" in the {% data variables.product.prodname_ghe_cloud %} documentation.{% endif %}{% endif %}
{% ifversion secret-scanning-non-provider-patterns %}
@@ -107,6 +103,12 @@ This table lists the secrets supported by {% data variables.product.prodname_sec
{% endif %}
#### Token versions
<a name="token-versions"></a>
Service providers update the patterns used to generate tokens periodically and may support more than one version of a token. Push protection only supports the most recent token versions that {% data variables.product.prodname_secret_scanning %} can identify with confidence. This avoids push protection blocking commits unnecessarily when a result may be a false positive, which is more likely to happen with legacy tokens.<!-- markdownlint-disable-line MD053 -->
## Further reading
* "[AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning/about-alerts)"

2
src/secret-scanning/data/public-docs-schema.js
View File

@@ -69,7 +69,7 @@ export default {
},
isduplicate: {
description:
'whether the token has more than one version, meaning there are more than one token descriptions with the same token key',
'whether the token has more than one version, meaning there is more than one token description with the same token key',
type: ['boolean'],
},
},

3
src/secret-scanning/middleware/secret-scanning.ts
View File

@@ -41,6 +41,9 @@ export default async function secretScanning(
entry[key] = evaluated as string
}
}
if (entry.isduplicate) {
entry.secretType += ' <br/><a href="#token-versions">Token versions</a>'
}
})
return next()