Skip to content

Commit

Permalink
Merge pull request github#35526 from github/repo-sync
Browse files Browse the repository at this point in the history
Repo sync
  • Loading branch information
docs-bot authored Dec 2, 2024
2 parents a7ae08c + c53a70e commit 9df207d
Show file tree
Hide file tree
Showing 37 changed files with 126 additions and 111 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -1353,19 +1353,26 @@ jobs:
artifact_id: matchArtifact.id,
archive_format: 'zip',
});
let fs = require('fs');
fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/pr_number.zip`, Buffer.from(download.data));
const fs = require('fs');
const path = require('path');
const temp = '{% raw %}${{ runner.temp }}{% endraw %}/artifacts';
if (!fs.existsSync(temp)){
fs.mkdirSync(temp);
}
fs.writeFileSync(path.join(temp, 'pr_number.zip'), Buffer.from(download.data));
- name: 'Unzip artifact'
run: unzip pr_number.zip
run: unzip pr_number.zip -d "{% raw %}${{ runner.temp }}{% endraw %}/artifacts"
- name: 'Comment on PR'
uses: {% data reusables.actions.action-github-script %}
with:
github-token: {% raw %}${{ secrets.GITHUB_TOKEN }}{% endraw %}
script: |
let fs = require('fs');
let issue_number = Number(fs.readFileSync('./pr_number'));
const fs = require('fs');
const path = require('path');
const temp = '{% raw %}${{ runner.temp }}{% endraw %}/artifacts';
const issue_number = Number(fs.readFileSync(path.join(temp, 'pr_number')));
await github.rest.issues.createComment({
owner: context.repo.owner,
repo: context.repo.repo,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ With {% data variables.product.prodname_emus %}, you can control the user accoun
## {% data variables.product.prodname_actions %}

* {% data variables.enterprise.prodname_managed_users_caps %} cannot create workflow templates for {% data variables.product.prodname_actions %}.
* Entitlement minutes for {% data variables.product.company_short %}-hosted runners are not available for {% data variables.enterprise.prodname_managed_users %}.
* While {% data variables.product.company_short %}-hosted runners can be used in repositories owned by organizations, they are not available for repositories owned by {% data variables.enterprise.prodname_managed_users %}.
* {% data variables.product.prodname_emus %} can trigger workflows in organizations where they are not members by forking the organization repository, then creating a pull request targeting the organization repository.

## {% data variables.product.prodname_github_apps %}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
---
title: Configuring global security settings for your organization
shortTitle: Configure global settings
intro: 'Customize {% data variables.product.prodname_GH_advanced_security %} features and create security managers to strengthen the security of your organization.'
intro: 'Customize {% data variables.product.prodname_GH_advanced_security %} features to strengthen the security of your organization.'
permissions: '{% data reusables.permissions.security-org-enable %}'
versions:
feature: security-configurations
Expand All @@ -13,7 +13,7 @@ topics:

## About {% data variables.product.prodname_global_settings %}

Alongside {% data variables.product.prodname_security_configurations %}, which determine repository-level security settings, you should also configure {% data variables.product.prodname_global_settings %} for your organization. {% data variables.product.prodname_global_settings_caps %} apply to your entire organization, and can customize {% data variables.product.prodname_GH_advanced_security %} features based on your needs. You can also create security managers on the {% data variables.product.prodname_global_settings %} page to monitor and maintain your organization's security.
Alongside {% data variables.product.prodname_security_configurations %}, which determine repository-level security settings, you should also configure {% data variables.product.prodname_global_settings %} for your organization. {% data variables.product.prodname_global_settings_caps %} apply to your entire organization, and can customize {% data variables.product.prodname_GH_advanced_security %} features based on your needs. {% ifversion ghes < 3.16 %}You can also create a team of security managers to monitor and maintain your organization's security.{% endif %}

## Accessing the {% data variables.product.prodname_global_settings %} page for your organization

Expand Down Expand Up @@ -131,6 +131,12 @@ You can define custom patterns for {% data variables.product.prodname_secret_sca

## Creating security managers for your organization

The security manager role grants members of your organization the ability to manage security settings and alerts across your organization. To grant all members of a team the security manager role, in the "Search for teams" text box, type the name of the desired team. In the dropdown menu that appears, click the team, then click **I understand, grant security manager permissions**.
The security manager role grants members of your organization the ability to manage security settings and alerts across your organization. Security managers can view data for all repositories in your organization through security overview.

Security managers can view data for all repositories in your organization through security overview. To learn more about the security manager role, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization)."
To learn more about the security manager role, see "[AUTOTITLE](/organizations/managing-peoples-access-to-your-organization-with-roles/managing-security-managers-in-your-organization)."

{% ifversion ghes < 3.16 %}

To grant all members of a team the security manager role, in the "Search for teams" text box, type the name of the desired team. In the dropdown menu that appears, click the team, then click **I understand, grant security manager permissions**.

{% endif %}
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ You can also create and manage security configurations using the REST API. For m

## About {% data variables.product.prodname_global_settings %}

While {% data variables.product.prodname_security_configurations %} determine repository-level security settings, {% data variables.product.prodname_global_settings %} determine your organization-level security settings, which are then inherited by all repositories. With {% data variables.product.prodname_global_settings %}, you can customize how security features analyze your organization, as well as create security managers with permission to manage security alerts and settings across your organization.
While {% data variables.product.prodname_security_configurations %} determine repository-level security settings, {% data variables.product.prodname_global_settings %} determine your organization-level security settings, which are then inherited by all repositories. With {% data variables.product.prodname_global_settings %}, you can customize how security features analyze your organization{% ifversion ghes < 3.16 %}, as well as grant a team permission to manage security alerts and settings across your organization{% endif %}.

## Next steps

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ You can view data to assess the enablement of code security features across orga
In the enterprise-level view, you can view data about the enablement of features, but you cannot enable or disable features.
{% endif %}

{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}
{% ifversion ghes %}{% data reusables.enterprise-accounts.access-enterprise-ghes %}{% else %}{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}{% endif %}
{% data reusables.code-scanning.click-code-security-enterprise %}
1. To display the "Security coverage" view, in the sidebar, click **Coverage**.
{% data reusables.code-scanning.using-security-overview-coverage %}
Expand Down Expand Up @@ -111,7 +111,7 @@ You can view data to assess the enablement status and enablement status trends o

You can view data to assess the enablement status and enablement status trends of code security features across organizations in an enterprise.

{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}
{% ifversion ghes %}{% data reusables.enterprise-accounts.access-enterprise-ghes %}{% else %}{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}{% endif %}
{% data reusables.code-scanning.click-code-security-enterprise %}
1. To display the "Enablement trends" view, in the sidebar, click **Enablement trends**.
1. Click on one of the tabs for "{% data variables.product.prodname_dependabot %}", "{% data variables.product.prodname_code_scanning_caps %}", or "{% data variables.product.prodname_secret_scanning_caps %}" to view enablement trends and the percentage of repositories across organizations in your enterprise with that feature enabled. This data is displayed as a graph and a detailed table.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -60,15 +60,16 @@ You can view data for security alerts across organizations in an enterprise.

{% data reusables.security-overview.enterprise-filters-tip %}

{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}
{% ifversion ghes %}{% data reusables.enterprise-accounts.access-enterprise-ghes %}{% else %}{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}{% endif %}
{% data reusables.code-scanning.click-code-security-enterprise %}
1. To display the "Security risk" view, in the sidebar, click **{% octicon "shield" aria-hidden="true" %} Risk**.
{% data reusables.code-scanning.using-security-overview-risk %}

![Screenshot of the "Security risk" view for an enterprise. The options for filtering are outlined in dark orange.](/assets/images/help/security-overview/security-risk-view-highlights-enterprise.png)

{% data reusables.security-overview.unaffected-repositories %}
{% data reusables.organizations.security-overview-feature-specific-page %}
{% data reusables.organizations.security-overview-feature-specific-page %}{% ifversion security-overview-export-data %}
1. Optionally, use the {% octicon "download" aria-hidden="true" %} **Export CSV** button to download a CSV file of the data currently displayed on the page for security research and in-depth data analysis. For more information, see "[AUTOTITLE](/code-security/security-overview/exporting-data-from-security-overview)." {% endif %}

{% data reusables.security-overview.alert-differences %}

Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
---
title: Exporting data from security overview
shortTitle: Export data
intro: You can export CSV files of your organization's overview, risk, coverage, and {% data variables.product.prodname_codeql %} pull request alerts data from security overview.
intro: From security overview, you can export CSV files of the data used for your organization or enterprise's overview, risk, coverage, and {% data variables.product.prodname_codeql %} pull request alerts pages.
permissions: '{% data reusables.permissions.security-overview %}'
versions:
feature: security-overview-export-data
Expand All @@ -20,14 +20,14 @@ redirect_from:

{% data reusables.security-overview.download-csv-files %}

The overview page contains data about security alerts across your organization, while the risk and coverage pages contain data about repositories and how they are affected by security alerts or covered by security features. The {% data variables.product.prodname_codeql %} pull request alerts page contains data about {% data variables.product.prodname_codeql %} alerts that were caught in pull requests merged to the default branch.
The overview page contains data about security alerts across your organization or enterprise, while the risk and coverage pages contain data about repositories and how they are affected by security alerts or covered by security features. The {% data variables.product.prodname_codeql %} pull request alerts page contains data about {% data variables.product.prodname_codeql %} alerts that were caught in pull requests merged to the default branch.

The CSV file you download will contain data corresponding to the filters you have applied to security overview. For example, if you add the filter `dependabot-alerts:enabled`, your file will only contain data for repositories that have enabled {% data variables.product.prodname_dependabot_alerts %}.

> [!NOTE]
> In the "Teams" column of the CSV file, each repository will list a maximum of 20 teams with write access to that repository. If more than 20 teams have write access to a repository, the data will be truncated.
## Exporting data from your organization's security overview
## Exporting overview, coverage, and risk data from your organization's security overview

{% data reusables.profile.access_org %}
1. In the "Organizations" section, select the organization for which you would like to download security overview data.
Expand All @@ -43,3 +43,12 @@ The CSV file you download will contain data corresponding to the filters you hav
> The summary views ({% ifversion security-overview-dashboard %}"Overview", {% endif %}"Coverage" and "Risk") show data only for {% ifversion secret-scanning-alert-experimental-list %}default{% else %}high confidence{% endif %} alerts. {% data variables.product.prodname_code_scanning_caps %} alerts from third-party tools, and {% data variables.product.prodname_secret_scanning %} alerts for non-provider patterns or for ignored directories are all omitted from these views. Consequently, files exported from the summary views do not contain data for these types of alert.
{% endif %}

## Exporting overview, coverage, and risk data from your enterprise's security overview

{% ifversion ghes %}{% data reusables.enterprise-accounts.access-enterprise-ghes %}{% else %}{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}{% endif %}
{% data reusables.code-scanning.click-code-security-enterprise %}
1. Choose the page that you want to export data from by clicking on **Overview**, **Risk**, or **Coverage**.
1. Next to the search bar, click {% octicon "download" aria-hidden="true" %} **Export CSV**.

It may take a moment for {% data variables.product.product_name %} to generate the CSV file of your data. Once the CSV file generates, the file will automatically start downloading, and a banner will appear confirming your report is ready. If you are downloading the CSV from the overview page, you will also receive an email when your report is ready, containing a link to download the CSV.
Original file line number Diff line number Diff line change
Expand Up @@ -38,8 +38,6 @@ You can also view:

You can apply filters to the data. The metrics are based on activity from the default period or your selected period.

![Screenshot of the "CodeQL pull request alerts" view for an organization, showing status and trends over 90 days.](/assets/images/help/security-overview/security-overview-codeql-pull-requests-alerts-report.png)

{% ifversion code-scanning-autofix %}
> [!NOTE] Metrics for {% data variables.product.prodname_copilot_autofix_short %} will be shown only for repositories where {% data variables.product.prodname_copilot_autofix_short %} is enabled.
{% else %}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -41,14 +41,10 @@ You can see {% data variables.product.prodname_secret_scanning %} metrics if you

The metrics are based on activity from the default period or your selected period.

![Screenshot of the top section of the "Metrics" view for secret scanning on the "Security" tab for an organization.](/assets/images/help/security-overview/security-overview-secret-scanning-metrics-additional-tools.png)

{% else %}

The metrics are based on activity from the default period or your selected period.

![Screenshot of the top section of the "Metrics" view for secret scanning on the "Security" tab for an organization.](/assets/images/help/security-overview/security-overview-secret-scanning-metrics.png)

{% endif %}

## Viewing metrics for {% data variables.product.prodname_secret_scanning %} push protection for an organization
Expand All @@ -67,7 +63,7 @@ You can view metrics for {% data variables.product.prodname_secret_scanning %} p

{% data reusables.security-overview.enterprise-filters-tip %}

{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}
{% ifversion ghes %}{% data reusables.enterprise-accounts.access-enterprise-ghes %}{% else %}{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}{% endif %}
{% data reusables.code-scanning.click-code-security-enterprise %}
1. In the sidebar, click **{% data variables.product.prodname_secret_scanning_caps %} metrics**.
1. Click on an individual secret type or repository to see the associated {% data variables.secret-scanning.alerts %} for your enterprise.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -49,8 +49,8 @@ The dashboard is divided into three tabs, each focused around a different securi

You can filter the overview dashboard by selecting a specific time period, and apply additional filters to focus on narrower areas of interest. All data and metrics across the dashboard will change as you apply filters. By default, the dashboard displays all alerts from {% data variables.product.prodname_dotcom %} tools, but you can use the tool filter to show alerts from a specific tool ({% data variables.product.prodname_secret_scanning %}, {% data variables.product.prodname_dependabot %}, {% data variables.product.prodname_code_scanning %} using {% data variables.product.prodname_codeql %}, a specific third-party tool) or all third-party {% data variables.product.prodname_code_scanning %} tools. For more information, see "[AUTOTITLE](/code-security/security-overview/filtering-alerts-in-security-overview)."

{% ifversion security-overview-export-dashboard-data %}
You can download a CSV file of the overview dashboard data for your organization. This data file can integrate easily with external datasets, so you may find it useful for security research, data analysis, and more. For more information, see "[AUTOTITLE](/code-security/security-overview/exporting-data-from-security-overview)."
{% ifversion security-overview-export-data %}
You can download a CSV file of the overview dashboard data for your organization or enterprise. This data file can integrate easily with external datasets, so you may find it useful for security research, data analysis, and more. For more information, see "[AUTOTITLE](/code-security/security-overview/exporting-data-from-security-overview)."
{% endif %}

{% ifversion security-overview-dashboard-enterprise %}Enterprise members can access the overview page for organizations in their enterprise. {% endif %}The metrics you see will depend on your role and repository permissions. For more information, see "[AUTOTITLE](/code-security/security-overview/about-security-overview#permission-to-view-data-in-security-overview)."
Expand All @@ -75,7 +75,7 @@ Keep in mind that the overview page tracks changes over time for security alert

## Viewing the security overview dashboard for your enterprise

{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}
{% ifversion ghes %}{% data reusables.enterprise-accounts.access-enterprise-ghes %}{% else %}{% data reusables.enterprise-accounts.access-enterprise-on-dotcom %}{% endif %}
{% data reusables.code-scanning.click-code-security-enterprise %}{% ifversion security-overview-3-tab-dashboard %}
1. By default, the **Detection** tab is displayed. If you want to switch to another tab to see other metrics, click **Remediation** or **Prevention**.{% endif %}
{% data reusables.security-overview.filter-and-toggle %}
Expand Down
Loading

0 comments on commit 9df207d

Please sign in to comment.