jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-21 10:57:10 -05:00
Code Issues Projects Releases Wiki Activity
57,162 Commits 28 Branches 1 Tag
copilot/add-changelog-file
Commit Graph

2606 Commits

Author SHA1 Message Date
Rachael Rose Renk
7bbcd64067 Remove reference to Go CodeQL relocation (#32426) 
Co-authored-by: Laura Coursen <lecoursen@github.com>
 2022-11-10 18:55:50 +00:00
Courtney Wilson
9e636b0c4f Merge branch 'main' into fix-typo-configuring-codeql-cli 2022-11-10 11:17:38 -06:00
Steven Maude
663f702366 Fix "creat issue" typo 
In "Configuring private vulnerability reporting for a repository".
 2022-11-10 10:54:57 +00:00
Mathias Rørvik
6da37f4817 fix typo codeql-cli docs 2022-11-09 19:25:57 +01:00
Jules
96b3b4b74c Merge branch 'main' into universe-2022-megabranch 2022-11-08 07:46:59 +01:00
Jules
fff651b887 Dependabot version updates for forks (#32271) 
Co-authored-by: github-actions <github-actions@github.com>
 2022-11-07 17:50:37 +00:00
Jules
10383a1160 Merge branch 'main' into universe-2022-megabranch 2022-11-07 12:00:55 +01:00
Sophie
afa177191a [2022-10-07]: Dependabot alerts to deprecate repository banners (i.e. "UI" notifications)- [GA] (#32274) 
Co-authored-by: github-actions <github-actions@github.com>
 2022-11-04 23:00:02 +00:00
Felicity Chapman
1f0ca08b60 Update security overview docs for new Risk and Coverage views (#32243) 2022-11-04 15:27:25 +00:00
Angela P Wen
75c3c90cb6 Gate Go autobuild description behind versioning flag (#32337) 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-11-04 11:43:00 +00:00
Jules
d54632e994 Merge branch 'main' into universe-2022-megabranch 2022-11-04 09:51:19 +01:00
Sophie
824959efe7 Merge branch 'universe-2022-megabranch' into sophietheking-7880 2022-11-03 17:37:39 +01:00
mc
79fd7bb891 Improve docs about secret scanning notifications (#32199) 
Co-authored-by: Anne-Marie  <102995847+am-stead@users.noreply.github.com>
 2022-11-03 11:24:34 +00:00
mc
42d5f37abd Private vulnerability reporting (beta) (#32124) 
Co-authored-by: github-actions <github-actions@github.com>
Co-authored-by: Felicity Chapman <felicitymay@github.com>
Co-authored-by: Robert Thorpe II <rthorpeii@github.com>
 2022-11-03 09:43:32 +00:00
Laura Coursen
83728199b3 [Universe 2022] Displaying authentication token data for enterprise audit log events (GA) (#32213) 2022-11-02 13:24:14 -05:00
Jules
caf09e22c6 Merge branch 'main' into universe-2022-megabranch 2022-11-02 09:07:15 +01:00
Courtney Claessens
a9af58ef52 Update dependency graph processing limit (#32256) 2022-11-02 04:59:21 +00:00
Sophie
4c03c0c60b adds more content 2022-11-01 18:24:37 +01:00
Laura Coursen
25997eabb8 Merge branch 'main' into universe-2022-megabranch 2022-10-31 11:08:35 -05:00
Anne-Marie
5c63bd20ed [Improvement]: Permission needed to dismiss secret scanning alerts are not documented #8010 (#32074) 
Co-authored-by: Laura Coursen <lecoursen@github.com>
 2022-10-31 14:49:23 +00:00
Felicity Chapman
a8083c1494 Preparation for Universe changes for new org-level security overview pages (#32201) 2022-10-31 14:29:00 +00:00
Pantelis
99f08164c8 Update about-secret-scanning.md (#32076) 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-10-31 08:39:13 +00:00
Josh Johanning
a54de73c26 Clarifying enterprise-level security overview access (#32022) 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-10-27 15:19:22 +00:00
Sophie
b07d1c370c [Improvement]: Refactor the articles about security advisories (#31807) 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
Co-authored-by: github-actions <github-actions@github.com>
 2022-10-27 14:40:52 +00:00
Henry Mercer
cef0d6e64c Code scanning: Fix indentation in Actions workflow snippet (#32056) 2022-10-26 15:41:37 +00:00
Courtney Wilson
9ab6911944 Merge branch 'main' into use-consistant-wording-for-github-dot-com 2022-10-26 08:38:01 -05:00
Rachael Sewell
3e998f61d5 use azure blob storage for archived enterprise versions (#31883) 
Co-authored-by: Laura Coursen <lecoursen@github.com>
Co-authored-by: mchammer01 <42146119+mchammer01@users.noreply.github.com>
 2022-10-25 12:03:38 -07:00
Angela P Wen
4665b8a8e9 Add Go to list of compiled languages for code scanning (#31730) 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
Co-authored-by: Matt Pollard <mattpollard@users.noreply.github.com>
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-10-25 18:44:06 +01:00
Chris Smowton
cdccd54aa3 [2022-10-25] Code Scanning docs: Add description of Go autobuilder (#31712) 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
Co-authored-by: Matt Pollard <mattpollard@users.noreply.github.com>
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-10-25 18:36:04 +01:00
mc
edcf908930 Update content/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database.md 2022-10-25 11:23:55 +01:00
mc
091519ec5d Merge branch 'main' into use-consistant-wording-for-github-dot-com 2022-10-25 08:45:35 +01:00
Anne-Marie
c0859e564a [2022-10-24]: Dependabot Updates supporting the increase-if-necessary versioning strategy for Python - [GA] #8372 (#31944) 2022-10-24 18:33:39 +00:00
indigolain
273c130d39 Use consistant wording for GitHub.com 2022-10-23 15:19:19 +09:00
Sophie
97822d74cd [2022-10-06]: Secret scanning: Custom link on block - [GA] (#31856) 
Co-authored-by: github-actions <github-actions@github.com>
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-10-20 17:00:32 +00:00
Anne-Marie
0e03452f9c [2022-10-20]: Dependabot updates for Yarn v3 - [GA] (#31471) 
Co-authored-by: Jurre <jurre@github.com>
 2022-10-20 16:24:05 +00:00
Anne-Marie
e398bab429 Secret scanning: Persist detected secrets in encrypted storage (#31710) 
Co-authored-by: Sophie <29382425+sophietheking@users.noreply.github.com>
Co-authored-by: mchammer01 <42146119+mchammer01@users.noreply.github.com>
Co-authored-by: Robert Bolender <robertbolender@github.com>
Co-authored-by: Matt Pollard <mattpollard@users.noreply.github.com>
 2022-10-18 16:25:22 +00:00
Sarah Edwards
dac4144086 PAT v2 beta (#31013) 
Co-authored-by: Hirsch Singhal <1666363+hpsin@users.noreply.github.com>
Co-authored-by: Jovel Crisostomo <jovel@github.com>
Co-authored-by: Lucas Costi <lucascosti@users.noreply.github.com>
Co-authored-by: Vanessa <vgrl@github.com>
 2022-10-18 15:11:04 +00:00
Felicity Chapman
c1f0ef8c0e Add missing { to fix variable (#21451) 2022-10-18 11:51:43 +01:00
Joe Clark
74a679dc51 Make product variables for Enterprise translation-friendly (#31628) 
Co-authored-by: Laura Coursen <lecoursen@github.com>
Co-authored-by: Evan Bonsignori <ebonsignori@github.com>
 2022-10-17 18:54:05 +00:00
mc
7542f27c8f Add "Best practice" article for writing security advisories (#31414) 
Co-authored-by: github-actions <github-actions@github.com>
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-10-14 08:25:36 +00:00
Sophie
d6838593f1 [2022-10-13]: Secret scanning: Backfill scans for new token types - [GA] (#31561) 2022-10-14 00:35:24 +00:00
David Losert
10e4ed77fc Removes character '@' from workflow example (#31473) 
Co-authored-by: Rachael Rose Renk <91027132+rachaelrenk@users.noreply.github.com>
 2022-10-10 16:09:06 +00:00
mc
1db87819ee GitHub Advisory Database - add pub to list of supported ecosystems (#31560) 2022-10-10 14:38:12 +00:00
Octomerger Bot
060fc6a92f Merge branch 'main' into repo-sync 2022-10-10 01:29:47 -07:00
Sophie
836572c716 User request / Code Scanning / CodeQL: Better explain how to exclude paths for compiled languages (#28213) 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-10-10 08:19:10 +00:00
mc
90bac38ab1 Update content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md 2022-10-10 08:53:30 +01:00
Jeff Widman
97e82c0ca8 Cleanup docker registry docs 
Dependabot now supports:
1. Public AWS ECR: https://github.com/dependabot/dependabot-core/issues/4212
2. Microsoft Azure Container Registry: https://github.com/dependabot/dependabot-core/issues/3689
3. Any registry that uses HTTP Basic Auth instead of the OCI-spec-compliant central token service: https://github.com/dependabot/dependabot-core/issues/3689#issuecomment-1272037775

So now that we support all the major docker/container registry providers, there's no need to individually list them... this way we don't have folks wondering "my registry wasn't explicitly listed, is it supported?"

So switch to mention the two authentication schemes that we support and leave it at that.

Note: I left the `ecr-docker` example, as that is a one-off workaround we added to our internal code a long time ago because ECR isn't OCI compliant. So still needs the custom key to indicate the workaround should be used. Long term I hope ECR migrates to a more standard auth flow and we can eliminate that custom workaround, but they're not there yet.
 2022-10-07 14:02:45 -07:00
Sophie
605b619588 [2022-10-07]: Security Features Enablement Enterprise-Level Policies - [GA] (#31406) 
Co-authored-by: Sarah Schneider <sarahs@github.com>
Co-authored-by: github-actions <github-actions@github.com>
Co-authored-by: Matt Pollard <mattpollard@users.noreply.github.com>
Co-authored-by: Sarita Iyer <saritai@github.com>
 2022-10-07 20:39:32 +00:00
Janice
b6d6bf0836 Merge branch 'main' into patch-4 2022-10-07 14:43:59 +02:00
Victor Lin
d740a8257e Fix incorrect comment on GitHub Actions example 2022-10-06 13:28:39 -07:00