jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-21 10:57:10 -05:00
Code Issues Projects Releases Wiki Activity
57,162 Commits 28 Branches 1 Tag
copilot/add-changelog-file
Commit Graph

2606 Commits

Author SHA1 Message Date
Sam Browning
8f1ec27a38 Update "set up" to "configure" and update code scanning reusable (#33934) 
Co-authored-by: Sarah Schneider <sarahs@github.com>
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2023-01-17 20:16:37 +00:00
Sean Killeen
498107c24e Fix "low hanging fruit" spelling errors (#23216) 2023-01-17 19:30:29 +00:00
mc
24026c861a Move the Setting a security policy further down in the containing article (#33980) 
Co-authored-by: Anne-Marie  <102995847+am-stead@users.noreply.github.com>
 2023-01-17 11:44:39 +00:00
mc
c664161729 Update content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md 2023-01-16 14:23:54 +00:00
mc
61446f056e [Ready for merging - 2023-01-12] - Pausing / unpausing Dependabot updates and related notifications (#33379) 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
Co-authored-by: Erin Havens <erinhav@github.com>
Co-authored-by: Anne-Marie <102995847+am-stead@users.noreply.github.com>
 2023-01-12 17:40:37 +00:00
David McIntosh
c87259c404 Dependabot supports gomod indirect dependency filtering (#33884) 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-01-12 10:27:15 +00:00
André Schröder
f8cd135f20 make it more clear that a scope follows after "Composer" 2023-01-10 23:35:26 +01:00
André Schröder
64cbb8711d fix concern: add suggested sentence 2023-01-10 23:35:22 +01:00
Sam Browning
c41ab3e8ca Un-revert "Add security overview content for filtering for teams with write access" (#33711) 2023-01-10 20:58:16 +00:00
Joe Clark
471701851f Add documentation for GitHub Actions configuration variables (#33119) 
Co-authored-by: github-actions <github-actions@github.com>
Co-authored-by: Tauhid Anjum <tauhidanjum@gmail.com>
Co-authored-by: Lucas Costi <lucascosti@users.noreply.github.com>
 2023-01-10 05:17:34 +00:00
Sam Browning
41a79c40c5 Add content for enabling code scanning without a workflow file (#33700) 
Co-authored-by: github-actions <github-actions@github.com>
Co-authored-by: Dorothy Mitchell <dorothymitchell@github.com>
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2023-01-09 14:43:39 +00:00
mc
2b9b5cf174 Merge branch 'main' into feat/document-dependabot-prefix 2023-01-09 14:33:14 +00:00
mc
dc541ae874 Update content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md 2023-01-09 14:17:48 +00:00
Sophie
67d635e213 [2023-01-05]: Secret scanning: Push protection for enterprise level custom patterns - [Public Beta] (#33667) 2023-01-03 21:58:08 +00:00
Octomerger Bot
1d3dcc4a2b Merge pull request #33715 from github/repo-sync 
repo sync
 2023-01-03 11:04:29 -05:00
Sam Browning
d48898e645 Revert "Add security overview content for filtering for teams with write access" (#33710) 2023-01-03 14:42:40 +00:00
Sam Browning
e353fa3640 Add security overview content for filtering for teams with write access (#33680) 2023-01-03 06:40:47 +00:00
Anne-Marie
ce4065413a [Improvement]: make pricing model clearer for Dependabot #6770 (#33305) 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2023-01-03 06:30:02 +00:00
André Schröder
e1cef5e7d5 Document behavior of prefix in dependabot.yml 
It would have been helpful to me if the documentation was more
straight-forward about that a `:` is appended to the commit title by
default and how to disable that the `:` is appended.

For reference, here is the implementation:
06702c83e5/common/lib/dependabot/pull_request_creator/pr_name_prefixer.rb (L75-L83)
 2022-12-28 13:53:41 +01:00
Bryan Dragon
3aa94f4ab5 Adjust language in global security advisories intro 2022-12-27 12:33:55 -06:00
mc
c03a6e0cf8 Create new yml file for secret scanning variables that aren't products (take 3) (#33609) 2022-12-16 10:02:43 +00:00
mc
7a9debdca4 [December 15, 2022] - Secret Scanning Experience for Free Public Repos (Public Beta) (#32702) 
Co-authored-by: Sophie <29382425+sophietheking@users.noreply.github.com>
Co-authored-by: github-actions <github-actions@github.com>
Co-authored-by: Aakash Shah <aashah@github.com>
Co-authored-by: amstead <am-stead@github.com>
Co-authored-by: Mariam <15mariams@github.com>
Co-authored-by: Felicity Chapman <felicitymay@github.com>
Co-authored-by: Anne-Marie <102995847+am-stead@users.noreply.github.com>
 2022-12-15 16:28:55 +00:00
Sophie
8230cfc4b6 [2022-12-13]: Secret scanning: Enterprise level enablement REST API - [GA] (#32951) 2022-12-14 16:48:05 +00:00
Ben Ahmady
7de78ae574 Adds content for Single-repo enablement panel for security overview c… (#33437) 
Co-authored-by: github-actions <github-actions@github.com>
Co-authored-by: Felicity Chapman <felicitymay@github.com>
Co-authored-by: Kelly Arwine <kellyarwine@github.com>
 2022-12-14 16:03:37 +00:00
Lucas Costi
30adcf1210 Add raw tags to Dependabot Actions code (#33534) 2022-12-14 02:01:43 +00:00
mc
502af8f776 Dependabot does not access public registries when the user has configured private registries - fix broken link (#33515) 2022-12-13 19:55:02 +00:00
Sophie
48524a0a7d [2022-12-13]: Dependabot does not access public registries when the user has configured private registries - [GA] (#33310) 
Co-authored-by: Jake Coffman <jakecoffman@github.com>
Co-authored-by: Anne-Marie  <102995847+am-stead@users.noreply.github.com>
Co-authored-by: Nish Sinha <nishnha@github.com>
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
Co-authored-by: Ankit Honey <honeyankit@github.com>
 2022-12-13 19:22:06 +00:00
Sophie
0b2879c18d Merge branch 'main' into patch-1 2022-12-13 17:18:27 +01:00
Greg Mohler
5d1f58cc2d fixed typo in adopting GHAS phase 4 2022-12-12 22:06:02 -05:00
Greg Mohler
b764d4bef1 fixed small typo in phase 1 description 2022-12-12 21:30:01 -05:00
mc
951ab5162c Move variable relating to Dependency Review outside the product.yml file (#33443) 2022-12-12 15:13:44 +00:00
Sophie
5c91c070f3 [2022-12-06]: Secret scanning: Scan Issues body and comments [Public Beta] (#32933) 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
Co-authored-by: Mariam <15mariams@github.com>
 2022-12-08 20:40:52 +00:00
Sophie
3e8e699991 [Improvement]: Add sentence about required fields to "Creating a repository security advisory" (#32997) 2022-11-30 09:47:13 +00:00
Anne-Marie
6c3854a5f7 [2022-11-29]: Dependabot Alerts: Audit Log Improvements - [GA] #8657 (#32989) 
Co-authored-by: github-actions <github-actions@github.com>
Co-authored-by: Vanessa <vgrl@github.com>
 2022-11-29 21:31:28 +00:00
mc
06667bb26e Describe how Dependabot chooses to rebase pull requests (#32993) 2022-11-29 17:19:08 +00:00
Mariam
fc8b57e068 Update protecting-pushes-with-secret-scanning.md (#33024) 
Co-authored-by: Grey Baker <greysteil@gmail.com>
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-11-29 08:15:47 +00:00
Anne-Marie
b30878ebe6 [Improvement]: Look into adding dependency review enforcement to Best practices supply chain article #6586 (#32920) 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-11-28 08:37:30 +00:00
Ben Ahmady
dac72908e8 Adds reusables and content to support public beta release of CodeQL for Kotlin (#32859) 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-11-25 08:47:15 +00:00
Sophie
80edcdbff4 [Improvement]: Secret scanning bypass reasons to alert reasons (#32855) 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-11-24 14:04:00 +00:00
Jules
4e0d5f63b1 Adds dependabot actions support (#32815) 2022-11-23 20:20:39 +00:00
Anne-Marie
f7d1ef5023 [2022-11-23]: Dependabot support for private Hex repositories - [GA] #8667 (#32661) 
Co-authored-by: Landon Grindheim <landon.grindheim@gmail.com>
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-11-23 20:08:16 +00:00
Zach Willard
34bc43e26b Update configuring-dependabot-security-updates.md 
This makes the documentation consistent with the example and the other page here: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#open-pull-requests-limit

It could catch someone off-guard if they use the config option in the paragraph instead of the example.
 2022-11-21 09:41:31 -06:00
Mattt
600d45f482 Update to new limit for Dependabot commit message prefix (#32363) 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-11-18 17:12:47 +00:00
Pantelis
42c7d194b4 Update protecting-pushes-with-secret-scanning.md (#32693) 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-11-18 11:58:21 +00:00
Xavier RENE-CORAIL
2ff4a43f0b Update privately-reporting-a-security-vulnerability.md (#32689) 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-11-17 09:15:56 +00:00
Markus Schulte
3203ecbc31 Warn to wait for checks if using Dependabot auto-merge (#21607) 2022-11-15 12:29:49 +00:00
Laura Coursen
c2aa10a61d Best practices for repositories, organizations, and enterprises (#32102) 
Co-authored-by: Matt Pollard <mattpollard@users.noreply.github.com>
 2022-11-14 15:50:34 +00:00
Anne-Marie
f7ee79727d [2022-11-14]: Dependency Review Action #7739 (#32208) 
Co-authored-by: Courtney Claessens <courtneycl@github.com>
 2022-11-14 14:46:01 +00:00
Felicity Chapman
094dff459f 'security overviews' -> 'the security overview' (#32553) 2022-11-12 17:19:01 +00:00
Felicity Chapman
b617c4a7a1 Improve comments for code security variables (#32445) 2022-11-11 09:31:37 +00:00