diff --git a/content/admin/managing-iam/provisioning-user-accounts-with-scim/troubleshooting-team-membership-with-identity-provider-groups.md b/content/admin/managing-iam/provisioning-user-accounts-with-scim/troubleshooting-team-membership-with-identity-provider-groups.md index 2269af9c1f37..f1792b1065de 100644 --- a/content/admin/managing-iam/provisioning-user-accounts-with-scim/troubleshooting-team-membership-with-identity-provider-groups.md +++ b/content/admin/managing-iam/provisioning-user-accounts-with-scim/troubleshooting-team-membership-with-identity-provider-groups.md @@ -24,6 +24,8 @@ redirect_from: {% data reusables.emus.about-team-management-with-idp %} You can review a list of teams that you've synchronized to IdP groups from your enterprise's settings. For more information, see [AUTOTITLE](/admin/identity-and-access-management/using-enterprise-managed-users-for-iam/managing-team-memberships-with-identity-provider-groups#viewing-idp-groups-group-membership-and-connected-teams). +{% data variables.product.github %} also runs a reconciliation job once per day, which synchronizes team membership with IdP group membership that is stored on {% data variables.product.github %}, based on information previously sent from the IdP via SCIM. If this job finds that a user is a member of an IdP group in the enterprise, but they are not a member of the mapped team or its organization, the job will attempt to add the user to the organization and team. + If {% data variables.product.prodname_dotcom %} is unable to synchronize team membership with a group on your IdP, you can view an error message and troubleshoot the problem. ## Viewing errors for team synchronization with an IdP group diff --git a/content/code-security/security-overview/about-security-overview.md b/content/code-security/security-overview/about-security-overview.md index 122d1e7a63e8..5ad3c1b44e91 100644 --- a/content/code-security/security-overview/about-security-overview.md +++ b/content/code-security/security-overview/about-security-overview.md @@ -100,6 +100,12 @@ If you are an **owner or security manager** for an organization, you can see dat If you are an **organization or team member**, you can view security overview for the organization and see data for repositories where you have an appropriate level of access. +{% ifversion secret-risk-assessment %} + +> [!TIP] The Assessments view, which is not shown in the table below, is only available to organization owners and security managers. + +{% endif %} + {% ifversion security-overview-dashboard %} {% rowheaders %} diff --git a/content/code-security/security-overview/viewing-security-insights.md b/content/code-security/security-overview/viewing-security-insights.md index b12f4b497c0a..b005e72922ae 100644 --- a/content/code-security/security-overview/viewing-security-insights.md +++ b/content/code-security/security-overview/viewing-security-insights.md @@ -57,6 +57,12 @@ You can download a CSV file of the overview dashboard data for your organization {% ifversion security-overview-dashboard-enterprise %}Enterprise members can access the overview page for organizations in their enterprise. {% endif %}The metrics you see will depend on your role and repository permissions. For more information, see [AUTOTITLE](/code-security/security-overview/about-security-overview#permission-to-view-data-in-security-overview). +{% ifversion secret-risk-assessment %} + +> [!TIP] If you're interested in assessing your organization's exposure to secret leaks specifically, you can run a free {% data variables.product.prodname_secret_risk_assessment %} on {% data variables.product.github %}. The resulting report gives you aggregate insights on public leaks, private exposures, and token types, as well as provides you with actionable steps to strengthen your security and protect your code. See [AUTOTITLE](/code-security/securing-your-organization/understanding-your-organizations-exposure-to-leaked-secrets/about-secret-risk-assessment). + +{% endif %} + ### Limitations The data that populates the overview page can and will change over time due to various factors, such as repository deletion or modifications to a security advisory. This means that the overview metrics for the same time period could vary if viewed at two different times. For compliance reports or other scenarios where data consistency is crucial, we recommend that you source data from the audit log. For more information, see [AUTOTITLE](/code-security/getting-started/auditing-security-alerts). diff --git a/content/copilot/managing-copilot/managing-github-copilot-in-your-organization/managing-policies-for-copilot-in-your-organization.md b/content/copilot/managing-copilot/managing-github-copilot-in-your-organization/managing-policies-for-copilot-in-your-organization.md index 257ba9252396..f1fb5444882e 100644 --- a/content/copilot/managing-copilot/managing-github-copilot-in-your-organization/managing-policies-for-copilot-in-your-organization.md +++ b/content/copilot/managing-copilot/managing-github-copilot-in-your-organization/managing-policies-for-copilot-in-your-organization.md @@ -31,9 +31,7 @@ Organization owners can set policies to govern how {% data variables.product.pro * {% data variables.product.prodname_copilot_chat_short %} in the IDE * Editor preview features, such as: * Using images in {% data variables.product.prodname_copilot_chat_short %} (available in {% data variables.product.prodname_vscode_shortname %} and {% data variables.product.prodname_vs %}) - * {% data variables.copilot.next_edit_suggestions_caps %} (available in {% data variables.product.prodname_vscode_shortname %}) * GPT-4o {% data variables.product.prodname_copilot_short %} code completion (available in {% data variables.product.prodname_vscode_shortname %} and JetBrains IDEs) - * {% data variables.product.prodname_copilot_short %} Edits agent mode (available in {% data variables.product.prodname_vscode_shortname %}) * {% data variables.product.prodname_copilot_mobile_short %} * {% data variables.product.prodname_copilot_cli_short %} and {% data variables.product.prodname_windows_terminal %} * Suggestions matching public code diff --git a/data/reusables/dependabot/enterprise-enable-dependabot.md b/data/reusables/dependabot/enterprise-enable-dependabot.md index 44573f948b9a..f1b5d8ff0a2e 100644 --- a/data/reusables/dependabot/enterprise-enable-dependabot.md +++ b/data/reusables/dependabot/enterprise-enable-dependabot.md @@ -1,8 +1,7 @@ {% ifversion ghes %} > [!NOTE] -> Your site administrator must set up {% data variables.product.prodname_dependabot_updates %} for {% data variables.location.product_location %} before you can use this feature. For more information, see [AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise). -{% ifversion security-feature-enablement-policies-dependabot %} +> Your site administrator must set up {% data variables.product.prodname_dependabot_updates %} for {% data variables.location.product_location %} before you can use this feature. For more information, see [AUTOTITLE](/admin/configuration/configuring-github-connect/enabling-dependabot-for-your-enterprise).{% ifversion security-feature-enablement-policies-dependabot %} > > You may not be able to enable or disable {% data variables.product.prodname_dependabot_updates %} if an enterprise owner has set a policy at the enterprise level. For more information, see [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise). {% endif %} diff --git a/src/secret-scanning/data/public-docs.yml b/src/secret-scanning/data/public-docs.yml index bf47bc019623..0440aa3d7c01 100644 --- a/src/secret-scanning/data/public-docs.yml +++ b/src/secret-scanning/data/public-docs.yml @@ -237,7 +237,7 @@ ghes: '*' isPublic: true isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false isduplicate: false - provider: Authress @@ -705,7 +705,7 @@ ghes: '*' isPublic: false isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false isduplicate: false - provider: Bitbucket @@ -837,7 +837,7 @@ ghes: '*' isPublic: true isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false isduplicate: true - provider: Chief Tools @@ -1290,7 +1290,7 @@ ghes: '*' isPublic: false isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false isduplicate: false - provider: Dynatrace @@ -1314,7 +1314,7 @@ ghes: '*' isPublic: true isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false isduplicate: false - provider: EasyPost @@ -1362,7 +1362,7 @@ ghes: '>3.8' isPublic: false isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false isduplicate: false - provider: Facebook @@ -2168,7 +2168,7 @@ ghes: '*' isPublic: false isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false isduplicate: false - provider: Localstack @@ -2599,7 +2599,7 @@ ghes: '*' isPublic: false isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false isduplicate: false - provider: npm @@ -3137,7 +3137,7 @@ ghes: '*' isPublic: true isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false isduplicate: false - provider: PyPI @@ -3245,7 +3245,7 @@ ghes: '*' isPublic: true isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false isduplicate: false - provider: Samsara @@ -3413,7 +3413,7 @@ ghes: '>3.4' isPublic: true isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false isduplicate: false - provider: Shopify @@ -3449,7 +3449,7 @@ ghes: '*' isPublic: true isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false isduplicate: false - provider: Shopify @@ -3485,7 +3485,7 @@ ghes: '>3.4' isPublic: true isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false isduplicate: false - provider: Shopify @@ -3497,7 +3497,7 @@ ghes: '*' isPublic: true isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false isduplicate: false - provider: Siemens @@ -3568,7 +3568,7 @@ ghes: '*' isPublic: true isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false isduplicate: false - provider: Sourcegraph @@ -3640,7 +3640,7 @@ ghes: '*' isPublic: false isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false isduplicate: true - provider: Square @@ -3652,7 +3652,7 @@ ghes: '*' isPublic: false isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false isduplicate: false - provider: Square @@ -3664,7 +3664,7 @@ ghes: '*' isPublic: false isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false isduplicate: false - provider: SSLMate @@ -3784,7 +3784,7 @@ ghes: '*' isPublic: false isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false isduplicate: false - provider: Tailscale @@ -4024,7 +4024,7 @@ ghes: '>=3.12' isPublic: true isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false isduplicate: true - provider: Yandex @@ -4096,7 +4096,7 @@ ghes: '*' isPublic: false isPrivateWithGhas: true - hasPushProtection: false + hasPushProtection: true hasValidityCheck: false isduplicate: false - provider: Yandex diff --git a/src/secret-scanning/lib/config.json b/src/secret-scanning/lib/config.json index eabd49aaee4c..155749e08dd6 100644 --- a/src/secret-scanning/lib/config.json +++ b/src/secret-scanning/lib/config.json @@ -1,5 +1,5 @@ { - "sha": "8ac939d1d6cc631a764024efd9638e2d366fd5a4", - "blob-sha": "dcd2a16b74621ad62f7af0775535331ee3f62dbd", + "sha": "82247bbeeb4c22705a1575389b4583f83aaadf57", + "blob-sha": "48dc0e2b23d3b6497cf65f6de2f27703a3c88575", "targetFilename": "code-security/secret-scanning/introduction/supported-secret-scanning-patterns" } \ No newline at end of file