From 4abdae1a57c2d5b9605f356f964edb61a3de408d Mon Sep 17 00:00:00 2001 From: mc <42146119+mchammer01@users.noreply.github.com> Date: Fri, 23 May 2025 06:23:30 +0100 Subject: [PATCH 1/5] GHES 3.17 - Rename the secret scanning "Experimental" tab (#55697) Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Joe Clark <31087804+jc-clark@users.noreply.github.com> --- .../about-alerts.md | 6 +++--- .../viewing-alerts.md | 21 ++++++++++++------- .../filtering-alerts-in-security-overview.md | 10 ++++++--- data/features/secret-scanning-generic-tab.yml | 5 +++++ 4 files changed, 29 insertions(+), 13 deletions(-) create mode 100644 data/features/secret-scanning-generic-tab.yml diff --git a/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/about-alerts.md b/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/about-alerts.md index 18c297c8574b..71804d1c4919 100644 --- a/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/about-alerts.md +++ b/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/about-alerts.md @@ -25,12 +25,12 @@ allowTitleToDifferFromFilename: true When {% data variables.product.company_short %} detects a supported secret in a repository that has {% data variables.product.prodname_secret_scanning %} enabled, a {% ifversion fpt or ghec %}user {% else %}{% data variables.product.prodname_secret_scanning %}{% endif %} alert is generated and displayed in the **Security** tab of the repository. -{% ifversion fpt or ghec %}User {% else %}{% data variables.product.prodname_secret_scanning %} {% endif %}alerts can be of the following types: +{% ifversion fpt or ghec %}User {% else %}{% data variables.product.prodname_secret_scanning_caps %} {% endif %}alerts can be of the following types: * {% ifversion secret-scanning-alert-experimental-list %}Default{% else %}High confidence{% endif %} alerts, which relate to supported patterns and specified custom patterns. -* {% ifversion secret-scanning-alert-experimental-list %}Experimental{% else %}Other{% endif %} alerts, which can have a higher ratio of false positives or secrets used in tests. +* {% ifversion secret-scanning-generic-tab %}Generic{% elsif ghes = 3.16 %}Experimental{% else %}Other{% endif %} alerts, which can have a higher ratio of false positives or secrets used in tests. -{% data variables.product.prodname_dotcom %} displays {% ifversion secret-scanning-alert-experimental-list %}experimental{% else %}these "other"{% endif %} alerts in a different list to {% ifversion secret-scanning-alert-experimental-list %}default{% else %}high confidence{% endif %} alerts, making triaging a better experience for users. For more information, see [AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning/viewing-alerts). +{% data variables.product.prodname_dotcom %} displays {% ifversion secret-scanning-generic-tab %}generic{% elsif ghes = 3.16 %}experimental{% else %}these "other"{% endif %} alerts in a different list to {% ifversion secret-scanning-alert-experimental-list %}default{% else %}high confidence{% endif %} alerts, making triaging a better experience for users. For more information, see [AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning/viewing-alerts). {% data reusables.secret-scanning.secret-scanning-pattern-pair-matches %} diff --git a/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/viewing-alerts.md b/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/viewing-alerts.md index 2a71f06b7b73..2aa2eb606dcf 100644 --- a/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/viewing-alerts.md +++ b/content/code-security/secret-scanning/managing-alerts-from-secret-scanning/viewing-alerts.md @@ -23,8 +23,11 @@ allowTitleToDifferFromFilename: true To help you triage alerts more effectively, {% data variables.product.company_short %} separates alerts into two lists: {% ifversion secret-scanning-alert-experimental-list %} -* **Default** alerts -* **Experimental** alerts +* **Default** alerts{% ifversion secret-scanning-generic-tab %} +* **Generic** alerts{% elsif ghes = 3.16 %} +* **Experimental** alerts{% endif %} + +{% ifversion ghes = 3.16 %} {% ifversion secret-scanning-alert-experimental-list-toggle %} ![Screenshot of the {% data variables.product.prodname_secret_scanning %} alert view. The button to toggle between "Default" and "Experimental" alerts is highlighted with an orange outline.](/assets/images/enterprise/3.16/help/security/secret-scanning-default-alert-view.png) @@ -32,6 +35,8 @@ To help you triage alerts more effectively, {% data variables.product.company_sh ![Screenshot of the {% data variables.product.prodname_secret_scanning %} alert view. The sidebar menu items for "Default" and "Experimental" alerts are highlighted with an orange outline.](/assets/images/help/security/secret-scanning-default-alert-view.png) {% endif %} +{% endif %} + {% else %} * **High confidence** alerts. * **Other** alerts. @@ -46,9 +51,9 @@ To help you triage alerts more effectively, {% data variables.product.company_sh The default alerts list displays alerts that relate to supported patterns and specified custom patterns. This is the main view for alerts. -### Experimental alerts list +### {% ifversion secret-scanning-generic-tab %}Generic{% elsif ghes = 3.16 %}Experimental{% endif %} alerts list -The experimental alerts list displays alerts that relate to non-provider patterns (such as private keys){% ifversion secret-scanning-ai-generic-secret-detection %}, or generic secrets detected using AI (such as passwords){% endif %}. These types of alerts can have a higher rate of false positives or secrets used in tests. You can toggle to the experimental alerts list from the default alerts list. +The {% ifversion secret-scanning-generic-tab %}generic{% elsif ghes = 3.16 %}experimental{% endif %} alerts list displays alerts that relate to non-provider patterns (such as private keys){% ifversion secret-scanning-ai-generic-secret-detection %}, or generic secrets detected using AI (such as passwords){% endif %}. These types of alerts can have a higher rate of false positives or secrets used in tests. You can toggle to the {% ifversion secret-scanning-generic-tab %}generic{% elsif ghes = 3.16 %}experimental{% endif %} alerts list from the default alerts list. {% else %} @@ -71,7 +76,7 @@ For {% data variables.product.company_short %} to scan for non-provider patterns {% ifversion secret-scanning-alert-experimental-list %} -{% data variables.product.github %} will continue to release new patterns and secret types to the experimental alerts list and will promote them to the default list when feature-complete (e.g. when they have an appropriately low volume and false positive rate). +{% data variables.product.github %} will continue to release new patterns and secret types to the {% ifversion secret-scanning-generic-tab %}generic{% elsif ghes = 3.16 %}experimental{% endif %} alerts list and will promote them to the default list when feature-complete (e.g. when they have an appropriately low volume and false positive rate). {% endif %} @@ -82,7 +87,7 @@ Alerts for {% data variables.product.prodname_secret_scanning %} are displayed u {% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %} 1. In the left sidebar, under "Vulnerability alerts", click **{% data variables.product.prodname_secret_scanning_caps %}**. -1. Optionally, toggle to {% ifversion secret-scanning-alert-experimental-list %}"Experimental"{% else %}"Other"{% endif %} to see alerts for non-provider patterns{% ifversion secret-scanning-ai-generic-secret-detection %} or generic secrets detected using AI{% endif %}. +1. Optionally, toggle to {% ifversion secret-scanning-generic-tab %}"Generic"{% elsif ghes = 3.16 %}"Experimental"{% else %}"Other"{% endif %} to see alerts for non-provider patterns{% ifversion secret-scanning-ai-generic-secret-detection %} or generic secrets detected using AI{% endif %}. 1. Under "{% data variables.product.prodname_secret_scanning_caps %}", click the alert you want to view. {% ifversion secret-scanning-user-owned-repos %} @@ -110,7 +115,9 @@ You can apply various filters to the alerts list to help you find the alerts you |`secret-type:SECRET-NAME`| Displays alerts for a specific secret type, for example, `secret-type:github_personal_access_token`. For a list of supported secret types, see [AUTOTITLE](/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#supported-secret). | |`provider:PROVIDER-NAME`|Displays alerts for a specific provider, for example, `provider:github`. For a list of supported partners, see [AUTOTITLE](/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#supported-secrets).| |{% ifversion secret-scanning-alert-experimental-list %}`results:default`{% else %}`confidence:high`{% endif %}| Displays alerts for {% ifversion secret-scanning-alert-experimental-list %}{% else %}high-confidence secrets, which relate to {% endif %}supported secrets and custom patterns. For a list of supported patterns, see [AUTOTITLE](/code-security/secret-scanning/introduction/supported-secret-scanning-patterns). | -|{% ifversion secret-scanning-alert-experimental-list %}`results:experimental`{% else %}`confidence:other`{% endif %}| Displays alerts for non-provider patterns, such as private keys{% ifversion secret-scanning-ai-generic-secret-detection %}, and AI-detected generic secrets, such as passwords{% endif %}. For a list of supported non-provider patterns, see [AUTOTITLE](/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#non-provider-patterns). {% ifversion secret-scanning-ai-generic-secret-detection %}For more information about AI-detected generic secrets, see [AUTOTITLE](/code-security/secret-scanning/copilot-secret-scanning/responsible-ai-generic-secrets).{% endif %}| +|{% ifversion secret-scanning-generic-tab %}`results:generic`| Displays alerts for non-provider patterns, such as private keys{% ifversion secret-scanning-ai-generic-secret-detection %}, and AI-detected generic secrets, such as passwords{% endif %}. For a list of supported non-provider patterns, see [AUTOTITLE](/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#non-provider-patterns). {% ifversion secret-scanning-ai-generic-secret-detection %}For more information about AI-detected generic secrets, see [AUTOTITLE](/code-security/secret-scanning/copilot-secret-scanning/responsible-ai-generic-secrets).{% endif %}{% endif %}| +|{% ifversion ghes = 3.16 %}`results:experimental`| Displays alerts for non-provider patterns, such as private keys. For a list of supported non-provider patterns, see [AUTOTITLE](/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#non-provider-patterns).{% endif %}| +|{% ifversion ghes < 3.16 %}`confidence:other`| Displays alerts for non-provider patterns, such as private keys. For a list of supported non-provider patterns, see [AUTOTITLE](/code-security/secret-scanning/introduction/supported-secret-scanning-patterns#non-provider-patterns).{% endif %}| ## Next steps diff --git a/content/code-security/security-overview/filtering-alerts-in-security-overview.md b/content/code-security/security-overview/filtering-alerts-in-security-overview.md index 9d06af15e9f0..95146a08bf52 100644 --- a/content/code-security/security-overview/filtering-alerts-in-security-overview.md +++ b/content/code-security/security-overview/filtering-alerts-in-security-overview.md @@ -194,11 +194,15 @@ All {% data variables.product.prodname_code_scanning %} alerts have one of the c | Qualifier | Description | | -------- | -------- | |`bypassed` | Display {% data variables.secret-scanning.alerts %} where push protection was bypassed (`true`) or not bypassed (`false`).| -|{% ifversion secret-scanning-alert-experimental-list %}| +|{% ifversion secret-scanning-generic-tab %}| +|`results`|Display default (`default`) or generic (`generic`) {% data variables.secret-scanning.alerts %}.| +|{% endif %}| +| {% ifversion ghes = 3.16 %} | |`results`|Display default (`default`) or experimental (`experimental`) {% data variables.secret-scanning.alerts %}.| -|{% else %}| -|`confidence`|Display {% data variables.secret-scanning.alerts %} of high (`high`) or other (`other`) confidence.| |{% endif %}| +|{% ifversion ghes < 3.16 %}| +|`confidence`|Display {% data variables.secret-scanning.alerts %} of high (`high`) or other (`other`) confidence.| +|{% endif %} | |`is`|Display {% data variables.secret-scanning.alerts %} that are open (`open`) or closed (`closed`).| |`provider` | Display alerts for all secrets issued by a specified provider, for example: `adafruit`. | |`resolution`| Display {% data variables.secret-scanning.alerts %} closed as "false positive" (`false-positive`), "pattern deleted" (`pattern-deleted`), "pattern edited' (`pattern-edited`), "revoked" (`revoked`) "used in tests" (`used-in-tests`), or "won't fix" (`wont-fix`).| diff --git a/data/features/secret-scanning-generic-tab.yml b/data/features/secret-scanning-generic-tab.yml new file mode 100644 index 000000000000..71a5534bffc0 --- /dev/null +++ b/data/features/secret-scanning-generic-tab.yml @@ -0,0 +1,5 @@ +# Reference: #17438 - Rename the secret scanning "Experimental" tab to curb confusion on alert confidence [GA] +versions: + fpt: '*' + ghec: '*' + ghes: '>3.16' From 812a0ba3e79dd410eb44707515474e7c620739ea Mon Sep 17 00:00:00 2001 From: docs-bot <77750099+docs-bot@users.noreply.github.com> Date: Thu, 22 May 2025 22:30:43 -0700 Subject: [PATCH 2/5] Sync secret scanning data (#55757) Co-authored-by: Joe Clark <31087804+jc-clark@users.noreply.github.com> Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com> --- src/secret-scanning/data/public-docs.yml | 2 +- src/secret-scanning/lib/config.json | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/secret-scanning/data/public-docs.yml b/src/secret-scanning/data/public-docs.yml index eb3ada3f95e9..13327f4414d8 100644 --- a/src/secret-scanning/data/public-docs.yml +++ b/src/secret-scanning/data/public-docs.yml @@ -4198,7 +4198,7 @@ versions: fpt: '*' ghec: '*' - isPublic: false + isPublic: true isPrivateWithGhas: true hasPushProtection: false hasValidityCheck: false diff --git a/src/secret-scanning/lib/config.json b/src/secret-scanning/lib/config.json index dfc18f9d41ca..3e35ccd89387 100644 --- a/src/secret-scanning/lib/config.json +++ b/src/secret-scanning/lib/config.json @@ -1,5 +1,5 @@ { - "sha": "b457d82c2b0f5088913dcd44896a3db352cc1155", - "blob-sha": "a08e918ef003ca9b95ddb1ad930e8f333beeb7a9", + "sha": "1736ab76642b4de337c8c8156a604fc7a384f2d5", + "blob-sha": "3faaa576314802c2b4bfa13b6c57adbc19edd8e6", "targetFilename": "code-security/secret-scanning/introduction/supported-secret-scanning-patterns" } \ No newline at end of file From 9d75961d1f33e635cf6a1d2ba95fac1f51d08d0e Mon Sep 17 00:00:00 2001 From: docs-bot <77750099+docs-bot@users.noreply.github.com> Date: Thu, 22 May 2025 22:49:58 -0700 Subject: [PATCH 3/5] Sync secret scanning data (#55771) Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com> --- src/secret-scanning/lib/config.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/secret-scanning/lib/config.json b/src/secret-scanning/lib/config.json index 3e35ccd89387..fe9d71e2021d 100644 --- a/src/secret-scanning/lib/config.json +++ b/src/secret-scanning/lib/config.json @@ -1,5 +1,5 @@ { - "sha": "1736ab76642b4de337c8c8156a604fc7a384f2d5", + "sha": "f1b9f72ec20df903039f28b8ff8abb0ec25d5a89", "blob-sha": "3faaa576314802c2b4bfa13b6c57adbc19edd8e6", "targetFilename": "code-security/secret-scanning/introduction/supported-secret-scanning-patterns" } \ No newline at end of file From 7cc74ebf774fcd72d3472e6a8af2e4d671522948 Mon Sep 17 00:00:00 2001 From: Felicity Chapman Date: Fri, 23 May 2025 07:11:15 +0100 Subject: [PATCH 4/5] Billing: Update information on managing email contacts (#55777) --- ...ing-your-payment-and-billing-information.md | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/content/billing/managing-your-billing/managing-your-payment-and-billing-information.md b/content/billing/managing-your-billing/managing-your-payment-and-billing-information.md index 0bea16e76a31..e7c66963f2fb 100644 --- a/content/billing/managing-your-billing/managing-your-payment-and-billing-information.md +++ b/content/billing/managing-your-billing/managing-your-payment-and-billing-information.md @@ -101,18 +101,26 @@ You can view and edit your billing information, update your payment method, and You can view your payment history, including the date, amount, and payment method. You can also download past payments. -1. Display the **Billing & Licensing** section of the sidebar of the {% data variables.enterprise.enterprise_or_org %} settings. +1. Display the **Billing and Licensing** {% ifversion fpt %}section of the sidebar of the organization settings{% else %}page for the enterprise{% endif %}. 1. Click **Payment history**. -{% ifversion ghec %} - ## Managing billing contacts You can add an email address to receive billing notifications regarding payments and budget threshold alerts. -1. Display the **Billing & Licensing** section of the sidebar of the enterprise settings. +{% ifversion fpt %} + +1. Display the **Billing and Licensing** section of the sidebar of the organization settings. +1. Click **Additional billing details**. +1. In the table of "Email recipients": + * Click **Add** and follow the prompt to add a new billing contact. + * Use the **Edit** drop-down for a contact to either remove the contact or make that contact the primary billing contact. + +{% else %} + +1. Display the **Billing and Licensing** page for the enterprise. 1. Click **Billing contacts**. 1. Click **Add** in the upper-right corner and follow the prompt. -1. Click {% octicon "pencil" aria-label="The edit icon" %} to edit the primary billing contact or {% octicon "kebab-horizontal" aria-label="Show options" %} to either remove or make a contact the primary billing contact. +1. Click {% octicon "pencil" aria-label="The edit icon" %} to edit the primary billing contact or {% octicon "kebab-horizontal" aria-label="Show options" %} to either remove a contact or make a contact the primary billing contact. {% endif %} From ee34254c7aeeaecd76f89a3a9c52f6d942c5549b Mon Sep 17 00:00:00 2001 From: Felicity Chapman Date: Fri, 23 May 2025 07:11:48 +0100 Subject: [PATCH 5/5] Billing: Add some missing redirects following the Meuse deprecation (#55775) --- .../managing-your-payment-and-billing-information.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/content/billing/managing-your-billing/managing-your-payment-and-billing-information.md b/content/billing/managing-your-billing/managing-your-payment-and-billing-information.md index e7c66963f2fb..704b84e12e03 100644 --- a/content/billing/managing-your-billing/managing-your-payment-and-billing-information.md +++ b/content/billing/managing-your-billing/managing-your-payment-and-billing-information.md @@ -10,6 +10,10 @@ redirect_from: - /billing/using-the-billing-platform/adding-information-to-your-receipts - /billing/using-the-billing-platform/setting-your-billing-email - /billing/using-the-new-billing-platform/managing-your-payment-and-billing-information + - /billing/managing-your-github-billing-settings/adding-or-editing-a-payment-method + - /billing/managing-your-github-billing-settings/adding-information-to-your-receipts + - /billing/managing-your-github-billing-settings/setting-your-billing-email + - /billing/managing-your-github-billing-settings/viewing-your-payment-history-and-receipts type: how_to topics: - Enterprise