jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-22 03:16:52 -05:00
Code Issues Projects Releases Wiki Activity
33,555 Commits 28 Branches 1 Tag
b70af671ab7cce1ad2809b51a643dcf06ce7cc61
Commit Graph

884 Commits

Author SHA1 Message Date
Josh Johanning
a54de73c26 Clarifying enterprise-level security overview access (#32022) 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-10-27 15:19:22 +00:00
Sophie
b07d1c370c [Improvement]: Refactor the articles about security advisories (#31807) 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
Co-authored-by: github-actions <github-actions@github.com>
 2022-10-27 14:40:52 +00:00
Henry Mercer
cef0d6e64c Code scanning: Fix indentation in Actions workflow snippet (#32056) 2022-10-26 15:41:37 +00:00
Courtney Wilson
9ab6911944 Merge branch 'main' into use-consistant-wording-for-github-dot-com 2022-10-26 08:38:01 -05:00
Rachael Sewell
3e998f61d5 use azure blob storage for archived enterprise versions (#31883) 
Co-authored-by: Laura Coursen <lecoursen@github.com>
Co-authored-by: mchammer01 <42146119+mchammer01@users.noreply.github.com>
 2022-10-25 12:03:38 -07:00
Angela P Wen
4665b8a8e9 Add Go to list of compiled languages for code scanning (#31730) 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
Co-authored-by: Matt Pollard <mattpollard@users.noreply.github.com>
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-10-25 18:44:06 +01:00
Chris Smowton
cdccd54aa3 [2022-10-25] Code Scanning docs: Add description of Go autobuilder (#31712) 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
Co-authored-by: Matt Pollard <mattpollard@users.noreply.github.com>
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-10-25 18:36:04 +01:00
mc
edcf908930 Update content/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database.md 2022-10-25 11:23:55 +01:00
mc
091519ec5d Merge branch 'main' into use-consistant-wording-for-github-dot-com 2022-10-25 08:45:35 +01:00
Anne-Marie
c0859e564a [2022-10-24]: Dependabot Updates supporting the increase-if-necessary versioning strategy for Python - [GA] #8372 (#31944) 2022-10-24 18:33:39 +00:00
indigolain
273c130d39 Use consistant wording for GitHub.com 2022-10-23 15:19:19 +09:00
Sophie
97822d74cd [2022-10-06]: Secret scanning: Custom link on block - [GA] (#31856) 
Co-authored-by: github-actions <github-actions@github.com>
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-10-20 17:00:32 +00:00
Anne-Marie
0e03452f9c [2022-10-20]: Dependabot updates for Yarn v3 - [GA] (#31471) 
Co-authored-by: Jurre <jurre@github.com>
 2022-10-20 16:24:05 +00:00
Anne-Marie
e398bab429 Secret scanning: Persist detected secrets in encrypted storage (#31710) 
Co-authored-by: Sophie <29382425+sophietheking@users.noreply.github.com>
Co-authored-by: mchammer01 <42146119+mchammer01@users.noreply.github.com>
Co-authored-by: Robert Bolender <robertbolender@github.com>
Co-authored-by: Matt Pollard <mattpollard@users.noreply.github.com>
 2022-10-18 16:25:22 +00:00
Sarah Edwards
dac4144086 PAT v2 beta (#31013) 
Co-authored-by: Hirsch Singhal <1666363+hpsin@users.noreply.github.com>
Co-authored-by: Jovel Crisostomo <jovel@github.com>
Co-authored-by: Lucas Costi <lucascosti@users.noreply.github.com>
Co-authored-by: Vanessa <vgrl@github.com>
 2022-10-18 15:11:04 +00:00
Felicity Chapman
c1f0ef8c0e Add missing { to fix variable (#21451) 2022-10-18 11:51:43 +01:00
Joe Clark
74a679dc51 Make product variables for Enterprise translation-friendly (#31628) 
Co-authored-by: Laura Coursen <lecoursen@github.com>
Co-authored-by: Evan Bonsignori <ebonsignori@github.com>
 2022-10-17 18:54:05 +00:00
mc
7542f27c8f Add "Best practice" article for writing security advisories (#31414) 
Co-authored-by: github-actions <github-actions@github.com>
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-10-14 08:25:36 +00:00
Sophie
d6838593f1 [2022-10-13]: Secret scanning: Backfill scans for new token types - [GA] (#31561) 2022-10-14 00:35:24 +00:00
David Losert
10e4ed77fc Removes character '@' from workflow example (#31473) 
Co-authored-by: Rachael Rose Renk <91027132+rachaelrenk@users.noreply.github.com>
 2022-10-10 16:09:06 +00:00
mc
1db87819ee GitHub Advisory Database - add pub to list of supported ecosystems (#31560) 2022-10-10 14:38:12 +00:00
Octomerger Bot
060fc6a92f Merge branch 'main' into repo-sync 2022-10-10 01:29:47 -07:00
Sophie
836572c716 User request / Code Scanning / CodeQL: Better explain how to exclude paths for compiled languages (#28213) 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-10-10 08:19:10 +00:00
mc
90bac38ab1 Update content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md 2022-10-10 08:53:30 +01:00
Jeff Widman
97e82c0ca8 Cleanup docker registry docs 
Dependabot now supports:
1. Public AWS ECR: https://github.com/dependabot/dependabot-core/issues/4212
2. Microsoft Azure Container Registry: https://github.com/dependabot/dependabot-core/issues/3689
3. Any registry that uses HTTP Basic Auth instead of the OCI-spec-compliant central token service: https://github.com/dependabot/dependabot-core/issues/3689#issuecomment-1272037775

So now that we support all the major docker/container registry providers, there's no need to individually list them... this way we don't have folks wondering "my registry wasn't explicitly listed, is it supported?"

So switch to mention the two authentication schemes that we support and leave it at that.

Note: I left the `ecr-docker` example, as that is a one-off workaround we added to our internal code a long time ago because ECR isn't OCI compliant. So still needs the custom key to indicate the workaround should be used. Long term I hope ECR migrates to a more standard auth flow and we can eliminate that custom workaround, but they're not there yet.
 2022-10-07 14:02:45 -07:00
Sophie
605b619588 [2022-10-07]: Security Features Enablement Enterprise-Level Policies - [GA] (#31406) 
Co-authored-by: Sarah Schneider <sarahs@github.com>
Co-authored-by: github-actions <github-actions@github.com>
Co-authored-by: Matt Pollard <mattpollard@users.noreply.github.com>
Co-authored-by: Sarita Iyer <saritai@github.com>
 2022-10-07 20:39:32 +00:00
Janice
b6d6bf0836 Merge branch 'main' into patch-4 2022-10-07 14:43:59 +02:00
Victor Lin
d740a8257e Fix incorrect comment on GitHub Actions example 2022-10-06 13:28:39 -07:00
Sophie
ae862229f8 [2022-10-06]: Secret scanning: Enable at Enterprise level - [GA] (#30089) 
Co-authored-by: github-actions <github-actions@github.com>
Co-authored-by: Laura Coursen <lecoursen@github.com>
Co-authored-by: Mariam <15mariams@github.com>
Co-authored-by: Matt Pollard <mattpollard@users.noreply.github.com>
 2022-10-06 20:17:35 +00:00
Sophie
d2208057dc [2022-10-06]: Dependency graph supports Dart (pub) - [GA] (#31269) 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-10-06 18:14:21 +00:00
Matt Pollard
744ade8bfd Bug fixes for Enterprise content, 2022-09-29 (#31278) 2022-10-06 14:38:19 +00:00
Hervé
dc2f715bc1 Fix wording 2022-10-05 09:44:41 +02:00
Octomerger Bot
d7054fa2ed Merge pull request #21080 from github/repo-sync 
repo sync
 2022-10-04 09:25:45 -07:00
Christopher Kintner
82ed39fa01 note that dependabot.yml cannot be used to configure dependabot alerts (#31397) 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-10-04 16:14:31 +00:00
Ethan Palm
04c534b62a Merge branch 'main' into codewithdev-changes 2022-10-04 08:56:00 -07:00
Sam Browning
b8f3aa6aa6 Add period in "Configuring code scanning" section (#31385) 2022-10-04 14:56:28 +00:00
Dev Prakash Sharma
9d7a0def47 Merge branch 'main' into codewithdev-changes 2022-10-04 20:19:12 +05:30
Anne-Marie
37e362868b Edits to Notification Settings page following redesign (#30999) 
Co-authored-by: github-actions <github-actions@github.com>
Co-authored-by: Sophie <29382425+sophietheking@users.noreply.github.com>
 2022-10-04 12:01:17 +00:00
Dev Prakash Sharma
fdb5e95bca Merge branch 'main' into codewithdev-changes 2022-10-03 00:29:29 +05:30
Dev Prakash Sharma
b72f008d85 Remove the emphasize tags and updated attributes style 2022-10-03 00:21:32 +05:30
mc
253e2a4666 Merge branch 'main' into mchammer01/dependabot-yml-weekly 2022-09-30 15:28:43 +01:00
mc
c4f1f8659f Update content/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot.md 
Co-authored-by: Sophie <29382425+sophietheking@users.noreply.github.com>
 2022-09-30 15:25:02 +01:00
PSJ
8783f5960a Update steps to create repo secrets (#18175) 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
Co-authored-by: Lucas Costi <lucascosti@users.noreply.github.com>
 2022-09-30 03:51:47 +00:00
mc
27911004ec Update keeping-your-actions-up-to-date-with-dependabot.md 2022-09-29 08:55:43 +01:00
mc
4cd7011c06 Update customizing-dependency-updates.md 2022-09-29 08:54:34 +01:00
mc
af0c7eea08 Update configuring-dependabot-version-updates.md 2022-09-29 08:48:52 +01:00
Sophie
71bd8f71c9 [2022-09-29]: Secret scanning: comment on close - [GA] (#31133) 
Co-authored-by: github-actions <github-actions@github.com>
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-09-29 07:35:10 +10:00
mc
1683a9f754 [Ready for merging] - Sept 27, 2022 - CodeQL CLI - Document Python 2 deprecation for Python extraction (#31077) 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-09-28 18:14:39 +01:00
Isaac Brown
5bb464a343 Describe Actions usage for Dependabot (#30966) 
Co-authored-by: Matt Pollard <mattpollard@users.noreply.github.com>
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-09-28 15:12:26 +01:00
mc
6f20df6e58 Merge branch 'main' into patch-5 2022-09-26 12:21:32 +01:00