Remove redundant secret scanning versioning (TO BE MERGED AFTER 3.10 IS DEPRECATED) (#52360)

2025-12-25 02:17:36 -05:00 · 2024-09-23 09:48:28 +01:00
parent 251eda0b84
commit a5c70aa95b
3 changed files with 3 additions and 11 deletions
--- a/content/code-security/secret-scanning/introduction/about-secret-scanning.md
+++ b/content/code-security/secret-scanning/introduction/about-secret-scanning.md
@@ -24,7 +24,7 @@ shortTitle: Secret scanning

 {% data variables.product.prodname_secret_scanning_caps %} is a security feature that helps detect and prevent the accidental inclusion of sensitive information such as API keys, passwords, tokens, and other secrets in your repository. When enabled, {% data variables.product.prodname_secret_scanning %} scans commits in repositories for known types of secrets and alerts repository administrators upon detection.

-{% data variables.product.prodname_secret_scanning_caps %} scans your entire Git history on all branches present in your {% data variables.product.prodname_dotcom %} repository for secrets{% ifversion ghec or ghes %}, even if the repository is archived{% endif %}.{% ifversion ghes < 3.11 %} {% data variables.product.prodname_secret_scanning_caps %} does not scan issues.{% endif %}{% ifversion secret-scanning-backfills %} {% data variables.product.prodname_dotcom %} will also periodically run a full Git history scan of existing content in {% ifversion fpt %}public{% else %}{% data variables.product.prodname_GH_advanced_security %}{% endif %} repositories where {% data variables.product.prodname_secret_scanning %} is enabled.{% endif %}
+{% data variables.product.prodname_secret_scanning_caps %} scans your entire Git history on all branches present in your {% data variables.product.prodname_dotcom %} repository for secrets{% ifversion ghec or ghes %}, even if the repository is archived{% endif %}.{% ifversion ghes < 3.11 %} {% data variables.product.prodname_secret_scanning_caps %} does not scan issues.{% endif %} {% data variables.product.prodname_dotcom %} will also periodically run a full Git history scan of existing content in {% ifversion fpt %}public{% else %}{% data variables.product.prodname_GH_advanced_security %}{% endif %} repositories where {% data variables.product.prodname_secret_scanning %} is enabled.

 {% data reusables.secret-scanning.what-is-scanned %}

--- a/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/evaluating-alerts.md
+++ b/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/evaluating-alerts.md
@@ -22,8 +22,8 @@ allowTitleToDifferFromFilename: true
 There are some additional features that can help you to evaluate alerts in order to better prioritize and manage them. You can:

 * Check the validity of a secret, to see if the secret is still active. {% ifversion fpt or ghes %}**Applies to {% data variables.product.company_short %} tokens only**.{% endif %} For more information, see "[Checking a secret's validity](#checking-a-secrets-validity)."{% ifversion secret-scanning-validity-check-partner-patterns %}
-* Perform an "on-demand" validity check, to get the most up to date validation status. For more information, see "[Performing an on-demand-validity-check](#performing-an-on-demand-validity-check)."{% endif %}{% ifversion secret-scanning-github-token-metadata %}
-* Review a token's metadata. **Applies to {% data variables.product.company_short %} tokens only**. For example, to see when the token was last used. For more information, see "[Reviewing {% data variables.product.company_short %} token metadata](#reviewing-github-token-metadata)."{% endif %}{% ifversion secret-scanning-multi-repo-public-leak %}
+* Perform an "on-demand" validity check, to get the most up to date validation status. For more information, see "[Performing an on-demand-validity-check](#performing-an-on-demand-validity-check)."{% endif %}
+* Review a token's metadata. **Applies to {% data variables.product.company_short %} tokens only**. For example, to see when the token was last used. For more information, see "[Reviewing {% data variables.product.company_short %} token metadata](#reviewing-github-token-metadata)."{% ifversion secret-scanning-multi-repo-public-leak %}
 * Review the labels assigned to the alert. For more information, see "[Reviewing alert labels](#reviewing-alert-labels)."{% endif %}

 ## Checking a secret's validity
@@ -68,8 +68,6 @@ Once you have enabled validity checks for partner patterns for your repository,

 {% endif %}

-{% ifversion secret-scanning-github-token-metadata %}
-
 ## Reviewing {% data variables.product.company_short %} token metadata

 > [!NOTE]
@@ -94,8 +92,6 @@ Tokens, like {% data variables.product.pat_generic %} and other credentials, are

 {% ifversion secret-scanning-user-owned-repos %}{% data reusables.secret-scanning.secret-scanning-user-owned-repo-access %} If access is granted, {% data variables.product.prodname_dotcom %} will notify the owner of the repository containing the leaked secret, report the action in the repository owner and enterprise audit logs, and enable access for 2 hours.{% ifversion ghec %} For more information, see "[AUTOTITLE](/admin/managing-accounts-and-repositories/managing-repositories-in-your-enterprise/accessing-user-owned-repositories-in-your-enterprise)."{% endif %}{% endif %}

-{% endif %}
-
 {% ifversion secret-scanning-multi-repo-public-leak %}

 ## Reviewing alert labels
--- a/content/code-security/secret-scanning/troubleshooting-secret-scanning-and-push-protection/troubleshooting-secret-scanning.md
+++ b/content/code-security/secret-scanning/troubleshooting-secret-scanning-and-push-protection/troubleshooting-secret-scanning.md
@@ -24,14 +24,10 @@ redirect_from:

 Pairs pushed to different files, or not pushed to the same repository, will not result in alerts. For more information about the supported pattern pairs, see the table in "[AUTOTITLE](/code-security/secret-scanning/introduction/supported-secret-scanning-patterns)."

-{% ifversion secret-scanning-validity-check %}
-
 ## About legacy GitHub tokens

 For {% data variables.product.prodname_dotcom %} tokens, we check the validity of the secret to determine whether the secret is active or inactive. This means that for legacy tokens, {% data variables.product.prodname_secret_scanning %} won't detect a {% data variables.product.prodname_ghe_server %} {% data variables.product.pat_generic %} on {% data variables.product.prodname_ghe_cloud %}. Similarly, a {% data variables.product.prodname_ghe_cloud %} {% data variables.product.pat_generic %} won't be found on {% data variables.product.prodname_ghe_server %}.

-{% endif %}
-
 ## Push protection limitations

 If push protection did not detect a secret that you think should have been detected, then you should first check that push protection supports the secret type in the list of supported secrets. For further information, see "[AUTOTITLE](/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#supported-secrets)."