jprdonnelly/docs
1
0
Fork 0
mirror of synced 2026-01-08 12:01:53 -05:00
Code Issues Projects Releases Wiki Activity

Merge branch 'main' into repo-sync

Browse Source
This commit is contained in:
Octomerger Bot
2021-11-10 08:46:29 -05:00
committed by GitHub
parent 7e83efa80b 1c74ca28c9
commit a1c6e0e857
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
content/code-security/secret-scanning/about-secret-scanning.md
View File

@@ -2,6 +2,7 @@
title: About secret scanning
intro: '{% data variables.product.product_name %} scans repositories for known types of secrets, to prevent fraudulent use of secrets that were committed accidentally.'
product: '{% data reusables.gated-features.secret-scanning %}'
miniTocMaxHeadingLevel: 3
redirect_from:
- /github/administering-a-repository/about-token-scanning
- /articles/about-token-scanning
@@ -36,6 +37,8 @@ If your project communicates with an external service, you might use a token or
When {% data variables.product.prodname_secret_scanning %} detects a set of credentials, we notify the service provider who issued the secret. The service provider validates the credential and then decides whether they should revoke the secret, issue a new secret, or reach out to you directly, which will depend on the associated risks to you or the service provider. For an overview of how we work with token-issuing partners, see "[Secret scanning partner program](/developers/overview/secret-scanning-partner-program)."
### List of supported secrets for public repositories
{% data variables.product.product_name %} currently scans public repositories for secrets issued by the following service providers.
{% data reusables.secret-scanning.partner-secret-list-public-repo %}
@@ -71,6 +74,11 @@ Repository administrators and organization owners can grant users and teams acce
{% ifversion fpt or ghes > 3.0 or ghec %}
To monitor results from {% data variables.product.prodname_secret_scanning %} across your private repositories or your organization, you can use the {% data variables.product.prodname_secret_scanning %} API. For more information about API endpoints, see "[{% data variables.product.prodname_secret_scanning_caps %}](/rest/reference/secret-scanning)."{% endif %}
{% ifversion ghes or ghae %}
## List of supported secrets{% else %}
### List of supported secrets for private repositories
{% endif %}
{% data variables.product.prodname_dotcom %} currently scans{% ifversion fpt or ghec %} private{% endif %} repositories for secrets issued by the following service providers.
{% data reusables.secret-scanning.partner-secret-list-private-repo %}