Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Skills secret scanning course: text updates to adjust for a few changes since the course was created and for consistency #6

Merged
merged 13 commits into from
Apr 25, 2024
Merged

Skills secret scanning course: text updates to adjust for a few changes since the course was created and for consistency #6

Changes from 1 commit
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
19426cd
Fix typo and remove boilerplate
felicitymay Apr 23, 2024
e7f1438
Remove boiler plate text and make small changes
felicitymay Apr 23, 2024
9cf8d50
Make some updates to Activity 2
felicitymay Apr 23, 2024
00f2373
Explain default for public repositories
felicitymay Apr 23, 2024
5d98bd3
Fix typo
felicitymay Apr 23, 2024
2302fa6
Update 2-tbd.md
felicitymay Apr 23, 2024
605535a
Fix typo
felicitymay Apr 23, 2024
30b1719
Minor changes for default enablement on public repos
felicitymay Apr 23, 2024
090273c
Add link to GHAS trial article
felicitymay Apr 23, 2024
bddd342
Update 2-tbd.md
felicitymay Apr 23, 2024
c97ff29
Fix typos after self-review
felicitymay Apr 23, 2024
98aa3d5
Apply suggestions from code review
felicitymay Apr 25, 2024
11fbbc8
Add tip about commit history on command-line
felicitymay Apr 25, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Fix typos after self-review
  • Loading branch information
@felicitymay
felicitymay committed Apr 23, 2024
commit c97ff29f55cdc1de9bd534235379cfe07f18c0d5
4 changes: 2 additions & 2 deletions .github/steps/2-tbd.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ Open the **Amazon AWS Access Key ID** alert and explore the information shown.

![Screenshot of the Amazon AWS Access Key ID alert with the currently open status highlighted.](/images/alert-status.png)

- **Alert validity state:** Displayed only for tokens where secret scanning can contact the partner platform to check whether the token is currently active. This section shows the validity state: "Active", "Inactive", or "Possibly active", and how to remediate the exposed ssecret. A secret has the "Possibly active" state until the partner validates that it is either active or inactive.
- **Alert validity state:** Displayed only for tokens where secret scanning can contact the partner platform to check whether the token is currently active. This section shows the validity state: "Active", "Inactive", or "Possibly active", and how to remediate the exposed secret. A secret has the "Possibly active" state until the partner validates that it is either active or inactive.

![Screenshot of the Amazon AWS Access Key ID alert with the validity state highlighted.](/images/alert-validity-state.png)

Expand Down Expand Up @@ -64,7 +64,7 @@ _Way to go! You reviewed and closed a secret scanning alert! :tada:_

Up to now, you've learned how to identify secrets already stored in your repository. In this section, you will enable push protection on the repository to prevent new secrets from being written to the repository.

**What is push protection**: When some tries to send code changes to GitHub (a push), secret scanning checks for high-confidence secrets (those identified with a low false-positive rate). Secret scanning lists any secrets it detects so the author can review the secrets and remove them or, if needed, allow those secrets to be pushed.
**What is push protection**: When someone tries to send code changes to GitHub (a push), secret scanning checks for high-confidence secrets (those identified with a low false-positive rate). Secret scanning lists any secrets it detects so the author can review the secrets and remove them or, if needed, allow those secrets to be pushed.

### :keyboard: Activity 3.1: Enable push protection

Expand Down