Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Repo sync #34656

Merged
merged 2 commits into from
Sep 19, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,8 @@ There are some additional features that can help you to evaluate alerts in order

* Check the validity of a secret, to see if the secret is still active. {% ifversion fpt or ghes %}**Applies to {% data variables.product.company_short %} tokens only**.{% endif %} For more information, see "[Checking a secret's validity](#checking-a-secrets-validity)."{% ifversion secret-scanning-validity-check-partner-patterns %}
* Perform an "on-demand" validity check, to get the most up to date validation status. For more information, see "[Performing an on-demand-validity-check](#performing-an-on-demand-validity-check)."{% endif %}{% ifversion secret-scanning-github-token-metadata %}
* Review a token's metadata. **Applies to {% data variables.product.company_short %} tokens only**. For example, to see when the token was last used. For more information, see "[Reviewing {% data variables.product.company_short %} token metadata](#reviewing-github-token-metadata)."{% endif %}
* Review a token's metadata. **Applies to {% data variables.product.company_short %} tokens only**. For example, to see when the token was last used. For more information, see "[Reviewing {% data variables.product.company_short %} token metadata](#reviewing-github-token-metadata)."{% endif %}{% ifversion secret-scanning-multi-repo-public-leak %}
* Review the labels assigned to the alert. For more information, see "[Reviewing alert labels](#reviewing-alert-labels)."{% endif %}

## Checking a secret's validity

Expand Down Expand Up @@ -95,6 +96,21 @@ Tokens, like {% data variables.product.pat_generic %} and other credentials, are

{% endif %}

{% ifversion secret-scanning-multi-repo-public-leak %}

## Reviewing alert labels

In the alert view, you can review any labels assigned to the alert. The labels provide additional details about the alert, which can inform the approach you take for remediation.

{% data variables.product.prodname_secret_scanning_caps %} alerts can have the following labels assigned to them:

|Label|Description|
|-------------------------|--------------------------------------------------------------------------------|
|`public leak`| The secret detected in your repository has also been found as publicly leaked by at least one of {% data variables.product.github %}'s scans of code, discussions, gists, issues, pull requests, and wikis. This may require you to address the alert with greater urgency, or remediate the alert differently compared to a privately exposed token.|
|`multi-repo`| The secret detected in your repository has been found across multiple repositories in your organization{% ifversion ghec or ghes %} or enterprise{% endif %}. This information may help you more easily dedupe the alert across your organization{% ifversion ghec or ghes %} or enterprise{% endif %}. |

{% endif %}

## Next steps

* "[AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning/resolving-alerts)"
6 changes: 6 additions & 0 deletions data/features/secret-scanning-multi-repo-public-leak.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
# Reference: #15387
# Secret scanning: multi-repo and public leak indicators added to alerts
versions:
fpt: '*'
ghec: '*'
ghes: '>=3.16'
20 changes: 20 additions & 0 deletions src/audit-logs/data/fpt/organization.json
Original file line number Diff line number Diff line change
Expand Up @@ -1004,6 +1004,16 @@
"description": "Autofix for code scanning alerts was enabled for an organization.",
"docs_reference_links": "N/A"
},
{
"action": "org.code_scanning_autofix_third_party_tools_disabled",
"description": "Autofix for third party tools for code scanning alerts was disabled for an organization.",
"docs_reference_links": "N/A"
},
{
"action": "org.code_scanning_autofix_third_party_tools_enabled",
"description": "Autofix for third party tools for code scanning alerts was enabled for an organization.",
"docs_reference_links": "N/A"
},
{
"action": "org.codeql_disabled",
"description": "Code scanning using the default setup was disabled for an organization.",
Expand Down Expand Up @@ -2324,6 +2334,16 @@
"description": "Autofix for code scanning alerts was enabled for a repository.",
"docs_reference_links": "N/A"
},
{
"action": "repo.code_scanning_autofix_third_party_tools_disabled",
"description": "Autofix for third party tools for code scanning alerts was disabled for a repository.",
"docs_reference_links": "N/A"
},
{
"action": "repo.code_scanning_autofix_third_party_tools_enabled",
"description": "Autofix for third party tools for code scanning alerts was enabled for a repository.",
"docs_reference_links": "N/A"
},
{
"action": "repo.code_scanning_configuration_for_branch_deleted",
"description": "A code scanning configuration for a branch of a repository was deleted.",
Expand Down
20 changes: 20 additions & 0 deletions src/audit-logs/data/ghec/enterprise.json
Original file line number Diff line number Diff line change
Expand Up @@ -1804,6 +1804,16 @@
"description": "Autofix for code scanning alerts was enabled for an organization.",
"docs_reference_links": "N/A"
},
{
"action": "org.code_scanning_autofix_third_party_tools_disabled",
"description": "Autofix for third party tools for code scanning alerts was disabled for an organization.",
"docs_reference_links": "N/A"
},
{
"action": "org.code_scanning_autofix_third_party_tools_enabled",
"description": "Autofix for third party tools for code scanning alerts was enabled for an organization.",
"docs_reference_links": "N/A"
},
{
"action": "org.codeql_disabled",
"description": "Code scanning using the default setup was disabled for an organization.",
Expand Down Expand Up @@ -3059,6 +3069,16 @@
"description": "Autofix for code scanning alerts was enabled for a repository.",
"docs_reference_links": "N/A"
},
{
"action": "repo.code_scanning_autofix_third_party_tools_disabled",
"description": "Autofix for third party tools for code scanning alerts was disabled for a repository.",
"docs_reference_links": "N/A"
},
{
"action": "repo.code_scanning_autofix_third_party_tools_enabled",
"description": "Autofix for third party tools for code scanning alerts was enabled for a repository.",
"docs_reference_links": "N/A"
},
{
"action": "repo.code_scanning_configuration_for_branch_deleted",
"description": "A code scanning configuration for a branch of a repository was deleted.",
Expand Down
20 changes: 20 additions & 0 deletions src/audit-logs/data/ghec/organization.json
Original file line number Diff line number Diff line change
Expand Up @@ -1004,6 +1004,16 @@
"description": "Autofix for code scanning alerts was enabled for an organization.",
"docs_reference_links": "N/A"
},
{
"action": "org.code_scanning_autofix_third_party_tools_disabled",
"description": "Autofix for third party tools for code scanning alerts was disabled for an organization.",
"docs_reference_links": "N/A"
},
{
"action": "org.code_scanning_autofix_third_party_tools_enabled",
"description": "Autofix for third party tools for code scanning alerts was enabled for an organization.",
"docs_reference_links": "N/A"
},
{
"action": "org.codeql_disabled",
"description": "Code scanning using the default setup was disabled for an organization.",
Expand Down Expand Up @@ -2324,6 +2334,16 @@
"description": "Autofix for code scanning alerts was enabled for a repository.",
"docs_reference_links": "N/A"
},
{
"action": "repo.code_scanning_autofix_third_party_tools_disabled",
"description": "Autofix for third party tools for code scanning alerts was disabled for a repository.",
"docs_reference_links": "N/A"
},
{
"action": "repo.code_scanning_autofix_third_party_tools_enabled",
"description": "Autofix for third party tools for code scanning alerts was enabled for a repository.",
"docs_reference_links": "N/A"
},
{
"action": "repo.code_scanning_configuration_for_branch_deleted",
"description": "A code scanning configuration for a branch of a repository was deleted.",
Expand Down
15 changes: 15 additions & 0 deletions src/audit-logs/data/ghes-3.11/enterprise.json
Original file line number Diff line number Diff line change
Expand Up @@ -704,6 +704,21 @@
"description": "A GitHub Actions deployment protection rule was updated via the API.",
"docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules"
},
{
"action": "gist.create",
"description": "A gist was created.",
"docs_reference_links": "N/A"
},
{
"action": "gist.destroy",
"description": "A gist was deleted.",
"docs_reference_links": "N/A"
},
{
"action": "gist.visibility_change",
"description": "The visibility of a gist was updated.",
"docs_reference_links": "N/A"
},
{
"action": "git.clone",
"description": "A repository was cloned.",
Expand Down
15 changes: 15 additions & 0 deletions src/audit-logs/data/ghes-3.11/user.json
Original file line number Diff line number Diff line change
Expand Up @@ -314,6 +314,21 @@
"description": "A GitHub Actions deployment protection rule was updated via the API.",
"docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules"
},
{
"action": "gist.create",
"description": "A gist was created.",
"docs_reference_links": "N/A"
},
{
"action": "gist.destroy",
"description": "A gist was deleted.",
"docs_reference_links": "N/A"
},
{
"action": "gist.visibility_change",
"description": "The visibility of a gist was updated.",
"docs_reference_links": "N/A"
},
{
"action": "git_signing_ssh_public_key.create",
"description": "An SSH key was added to a user account as a Git commit signing key.",
Expand Down
15 changes: 15 additions & 0 deletions src/audit-logs/data/ghes-3.12/enterprise.json
Original file line number Diff line number Diff line change
Expand Up @@ -734,6 +734,21 @@
"description": "A GitHub Actions deployment protection rule was updated via the API.",
"docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules"
},
{
"action": "gist.create",
"description": "A gist was created.",
"docs_reference_links": "N/A"
},
{
"action": "gist.destroy",
"description": "A gist was deleted.",
"docs_reference_links": "N/A"
},
{
"action": "gist.visibility_change",
"description": "The visibility of a gist was updated.",
"docs_reference_links": "N/A"
},
{
"action": "git.clone",
"description": "A repository was cloned.",
Expand Down
15 changes: 15 additions & 0 deletions src/audit-logs/data/ghes-3.12/user.json
Original file line number Diff line number Diff line change
Expand Up @@ -314,6 +314,21 @@
"description": "A GitHub Actions deployment protection rule was updated via the API.",
"docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules"
},
{
"action": "gist.create",
"description": "A gist was created.",
"docs_reference_links": "N/A"
},
{
"action": "gist.destroy",
"description": "A gist was deleted.",
"docs_reference_links": "N/A"
},
{
"action": "gist.visibility_change",
"description": "The visibility of a gist was updated.",
"docs_reference_links": "N/A"
},
{
"action": "git_signing_ssh_public_key.create",
"description": "An SSH key was added to a user account as a Git commit signing key.",
Expand Down
15 changes: 15 additions & 0 deletions src/audit-logs/data/ghes-3.13/enterprise.json
Original file line number Diff line number Diff line change
Expand Up @@ -759,6 +759,21 @@
"description": "A GitHub Actions deployment protection rule was updated via the API.",
"docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules"
},
{
"action": "gist.create",
"description": "A gist was created.",
"docs_reference_links": "N/A"
},
{
"action": "gist.destroy",
"description": "A gist was deleted.",
"docs_reference_links": "N/A"
},
{
"action": "gist.visibility_change",
"description": "The visibility of a gist was updated.",
"docs_reference_links": "N/A"
},
{
"action": "git.clone",
"description": "A repository was cloned.",
Expand Down
15 changes: 15 additions & 0 deletions src/audit-logs/data/ghes-3.13/user.json
Original file line number Diff line number Diff line change
Expand Up @@ -319,6 +319,21 @@
"description": "A GitHub Actions deployment protection rule was updated via the API.",
"docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules"
},
{
"action": "gist.create",
"description": "A gist was created.",
"docs_reference_links": "N/A"
},
{
"action": "gist.destroy",
"description": "A gist was deleted.",
"docs_reference_links": "N/A"
},
{
"action": "gist.visibility_change",
"description": "The visibility of a gist was updated.",
"docs_reference_links": "N/A"
},
{
"action": "git_signing_ssh_public_key.create",
"description": "An SSH key was added to a user account as a Git commit signing key.",
Expand Down
15 changes: 15 additions & 0 deletions src/audit-logs/data/ghes-3.14/enterprise.json
Original file line number Diff line number Diff line change
Expand Up @@ -904,6 +904,21 @@
"description": "An external identity was updated.",
"docs_reference_links": "N/A"
},
{
"action": "gist.create",
"description": "A gist was created.",
"docs_reference_links": "N/A"
},
{
"action": "gist.destroy",
"description": "A gist was deleted.",
"docs_reference_links": "N/A"
},
{
"action": "gist.visibility_change",
"description": "The visibility of a gist was updated.",
"docs_reference_links": "N/A"
},
{
"action": "git.clone",
"description": "A repository was cloned.",
Expand Down
15 changes: 15 additions & 0 deletions src/audit-logs/data/ghes-3.14/user.json
Original file line number Diff line number Diff line change
Expand Up @@ -319,6 +319,21 @@
"description": "A GitHub Actions deployment protection rule was updated via the API.",
"docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules"
},
{
"action": "gist.create",
"description": "A gist was created.",
"docs_reference_links": "N/A"
},
{
"action": "gist.destroy",
"description": "A gist was deleted.",
"docs_reference_links": "N/A"
},
{
"action": "gist.visibility_change",
"description": "The visibility of a gist was updated.",
"docs_reference_links": "N/A"
},
{
"action": "git_signing_ssh_public_key.create",
"description": "An SSH key was added to a user account as a Git commit signing key.",
Expand Down
15 changes: 15 additions & 0 deletions src/audit-logs/data/ghes-3.15/enterprise.json
Original file line number Diff line number Diff line change
Expand Up @@ -904,6 +904,21 @@
"description": "An external identity was updated.",
"docs_reference_links": "N/A"
},
{
"action": "gist.create",
"description": "A gist was created.",
"docs_reference_links": "N/A"
},
{
"action": "gist.destroy",
"description": "A gist was deleted.",
"docs_reference_links": "N/A"
},
{
"action": "gist.visibility_change",
"description": "The visibility of a gist was updated.",
"docs_reference_links": "N/A"
},
{
"action": "git.clone",
"description": "A repository was cloned.",
Expand Down
15 changes: 15 additions & 0 deletions src/audit-logs/data/ghes-3.15/user.json
Original file line number Diff line number Diff line change
Expand Up @@ -319,6 +319,21 @@
"description": "A GitHub Actions deployment protection rule was updated via the API.",
"docs_reference_links": "/actions/deployment/targeting-different-environments/using-environments-for-deployment#deployment-protection-rules"
},
{
"action": "gist.create",
"description": "A gist was created.",
"docs_reference_links": "N/A"
},
{
"action": "gist.destroy",
"description": "A gist was deleted.",
"docs_reference_links": "N/A"
},
{
"action": "gist.visibility_change",
"description": "The visibility of a gist was updated.",
"docs_reference_links": "N/A"
},
{
"action": "git_signing_ssh_public_key.create",
"description": "An SSH key was added to a user account as a Git commit signing key.",
Expand Down
2 changes: 1 addition & 1 deletion src/audit-logs/lib/config.json
Original file line number Diff line number Diff line change
Expand Up @@ -3,5 +3,5 @@
"apiOnlyEvents": "This event is not available in the web interface, only via the REST API, audit log streaming, or JSON/CSV exports.",
"apiRequestEvent": "This event is only available via audit log streaming."
},
"sha": "b31fcffae9cdc4ebb8e4a2542da3ccf3dcab5b07"
"sha": "218fadadb5342f3d6c49bf661619afe7e47f6b21"
}
Loading