From 492d77e316e31ac30b66a5faeaa66a62d5b80ea8 Mon Sep 17 00:00:00 2001 From: mc <42146119+mchammer01@users.noreply.github.com> Date: Tue, 14 Jan 2025 07:36:09 +0000 Subject: [PATCH] Hack week 2025: remove unneeded FBV instances (2) (#53872) --- ...curity-and-analysis-for-your-enterprise.md | 25 ++++--------------- ...ng-dependency-review-for-your-appliance.md | 2 +- ...b-advanced-security-for-your-enterprise.md | 2 +- ...d-security-features-for-your-enterprise.md | 5 ++-- ...ing-push-protection-for-your-repository.md | 2 +- ...ing-custom-patterns-for-secret-scanning.md | 6 ++--- .../managing-custom-patterns.md | 6 ++--- ...isories-in-the-github-advisory-database.md | 2 +- ...isories-in-the-github-advisory-database.md | 2 +- .../push-protection-allow-email.md | 2 -- ...secret-scanning-configure-notifications.md | 4 +-- 11 files changed, 19 insertions(+), 39 deletions(-) diff --git a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise.md b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise.md index 23c7d3be3123..09e0d08a40cb 100644 --- a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise.md +++ b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise.md @@ -1,7 +1,7 @@ --- title: Enforcing policies for code security and analysis for your enterprise -intro: 'You can enforce policies to manage the use of {% ifversion security-feature-enablement-policies %}code security and analysis{% else %}{% data variables.product.prodname_GH_advanced_security %}{% endif %} features within your enterprise''s organizations.' -permissions: 'Enterprise owners can enforce {% ifversion security-feature-enablement-policies %}code security and analysis{% endif %} policies for {% data variables.product.prodname_GH_advanced_security %} in an enterprise.' +intro: 'You can enforce policies to manage the use of code security and analysis features within your enterprise''s organizations.' +permissions: 'Enterprise owners can enforce code security and analysis policies for {% data variables.product.prodname_GH_advanced_security %} in an enterprise.' product: '{% data reusables.gated-features.ghas %}' versions: ghec: '*' @@ -28,22 +28,12 @@ redirect_from: - /admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise shortTitle: Code security & analysis --- -{% ifversion security-feature-enablement-policies %} ## About policies for code security and analysis in your enterprise You can enforce policies to manage the use of code security and analysis features within organizations owned by your enterprise. You can allow or disallow people with admin access to a repository to enable or disable the security and analysis features. Additionally, you can enforce policies for the use of {% data variables.product.prodname_GH_advanced_security %} in your enterprise's organizations and repositories. -{% else %} - -## About policies for {% data variables.product.prodname_GH_advanced_security %} in your enterprise - -{% data reusables.advanced-security.ghas-helps-developers %} For more information, see [AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security). - -{% ifversion ghes %}If you purchase a license for {% data variables.product.prodname_GH_advanced_security %}, any{% else %}Any{% endif %} organization on {% data variables.product.prodname_ghe_server %} can use {% data variables.product.prodname_advanced_security %} features. You can enforce policies to control how members of your enterprise on {% data variables.product.product_name %} use {% data variables.product.prodname_advanced_security %}. - -{% endif %} {% ifversion ghec %} @@ -84,16 +74,13 @@ Across all organizations owned by your enterprise, you can allow members with ad {% data reusables.enterprise.role-permission-hierarchy %} {% data reusables.enterprise-accounts.access-enterprise %} -{% data reusables.enterprise-accounts.policies-tab %}{% ifversion security-feature-enablement-policies %} -{% data reusables.enterprise-accounts.code-security-and-analysis-policies %}{% else %} -{% data reusables.enterprise-accounts.advanced-security-policies %}{% endif %}{% ifversion security-feature-enablement-policies %} +{% data reusables.enterprise-accounts.policies-tab %} +{% data reusables.enterprise-accounts.code-security-and-analysis-policies %} 1. In the "{% data variables.product.prodname_GH_advanced_security %} policies" section, under "{% data variables.product.prodname_GH_advanced_security %} availability", select the dropdown menu and click a policy for the organizations owned by your enterprise. -{% data reusables.enterprise-accounts.advanced-security-organization-policy-drop-down %}{% endif %} +{% data reusables.enterprise-accounts.advanced-security-organization-policy-drop-down %} {% data reusables.enterprise-accounts.advanced-security-individual-organization-policy-drop-down %} -{% ifversion security-feature-enablement-policies %} - ## Enforcing a policy to manage the use of {% data variables.product.prodname_GH_advanced_security %} features in your enterprise's repositories Across all of your enterprise's organizations, you can allow or disallow people with admin access to repositories to manage the use of {% data variables.product.prodname_GH_advanced_security %} features in the repositories. {% data reusables.advanced-security.ghas-must-be-enabled %} @@ -114,8 +101,6 @@ Across all of your enterprise's organizations, you can allow or disallow people {% data reusables.enterprise-accounts.code-security-and-analysis-policies %} 1. In the "{% data variables.product.prodname_GH_advanced_security %} policies" section, under "Enable or disable {% data variables.product.prodname_secret_scanning %} by repository admins", select the dropdown menu and click a policy. -{% endif %} - {% ifversion secret-scanning-ai-generic-secret-detection %} ## Enforcing a policy to manage the use of {% data variables.secret-scanning.generic-secret-detection %} for {% data variables.product.prodname_secret_scanning %} in your enterprise's repositories diff --git a/content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/configuring-dependency-review-for-your-appliance.md b/content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/configuring-dependency-review-for-your-appliance.md index 745157448606..e3497f48f3d5 100644 --- a/content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/configuring-dependency-review-for-your-appliance.md +++ b/content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/configuring-dependency-review-for-your-appliance.md @@ -4,7 +4,7 @@ shortTitle: Configuring dependency review intro: 'To help users understand dependency changes when reviewing pull requests, you can enable, configure, and disable dependency review for {% data variables.product.prodname_ghe_server %}.' product: '{% data reusables.gated-features.dependency-review %}' versions: - feature: dependency-review-action-ghes + ghes: '*' type: how_to topics: - Advanced Security diff --git a/content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/enabling-github-advanced-security-for-your-enterprise.md b/content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/enabling-github-advanced-security-for-your-enterprise.md index 1984a43fb08b..b4c4822723de 100644 --- a/content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/enabling-github-advanced-security-for-your-enterprise.md +++ b/content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/enabling-github-advanced-security-for-your-enterprise.md @@ -23,7 +23,7 @@ topics: When you enable {% data variables.product.prodname_GH_advanced_security %} for your enterprise, repository administrators in all organizations can enable the features unless you set up a policy to restrict access. See [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise). -{% ifversion secret-scanning-enterprise-level-api %}{% data reusables.secret-scanning.secret-scanning-enterprise-level-api %}{% endif %} +{% data reusables.secret-scanning.secret-scanning-enterprise-level-api %} For guidance on a phased deployment of GitHub Advanced Security, see [AUTOTITLE](/code-security/adopting-github-advanced-security-at-scale/introduction-to-adopting-github-advanced-security-at-scale). diff --git a/content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise.md b/content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise.md index dd0c21ddc699..2b07fb05bc08 100644 --- a/content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise.md +++ b/content/admin/managing-code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise.md @@ -3,7 +3,8 @@ title: Managing GitHub Advanced Security features for your enterprise intro: 'You can control {% data variables.product.prodname_GH_advanced_security %} features that secure and analyze code across all organizations owned by your enterprise.' permissions: 'Enterprise owners can manage {% data variables.product.prodname_advanced_security %} features for organizations in an enterprise.' versions: - feature: secret-scanning-enterprise-level + ghec: '*' + ghes: '*' type: how_to topics: - Alerts @@ -31,7 +32,7 @@ To manage individual {% data variables.product.prodname_GH_advanced_security %} {% endif %} -{% ifversion secret-scanning-enterprise-level-api %}{% data reusables.secret-scanning.secret-scanning-enterprise-level-api %}{% endif %} +{% data reusables.secret-scanning.secret-scanning-enterprise-level-api %} {% ifversion ghes %}For information about buying a license for {% data variables.product.prodname_GH_advanced_security %}, see [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security).{% elsif ghec %}For information about buying a license for {% data variables.product.prodname_GH_advanced_security %}, see [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/signing-up-for-github-advanced-security).{% endif %} diff --git a/content/code-security/secret-scanning/enabling-secret-scanning-features/enabling-push-protection-for-your-repository.md b/content/code-security/secret-scanning/enabling-secret-scanning-features/enabling-push-protection-for-your-repository.md index 812e4af72c17..5f7369ba9134 100644 --- a/content/code-security/secret-scanning/enabling-secret-scanning-features/enabling-push-protection-for-your-repository.md +++ b/content/code-security/secret-scanning/enabling-secret-scanning-features/enabling-push-protection-for-your-repository.md @@ -36,7 +36,7 @@ If you're an organization owner, you can enable push protection for multiple rep Organization owners, security managers, and repository administrators can also enable push protection for {% data variables.product.prodname_secret_scanning %} via the API. For more information, see [AUTOTITLE](/rest/repos#update-a-repository) and expand the "Properties of the `security_and_analysis` object" section. -{% ifversion secret-scanning-enterprise-level %} +{% ifversion ghec or ghes %} If your organization is owned by an enterprise account, an enterprise owner can also enable push protection at the enterprise level. For more information, see [AUTOTITLE](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise). diff --git a/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning.md b/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning.md index 6cbe52227442..eafa766c51be 100644 --- a/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning.md +++ b/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/defining-custom-patterns-for-secret-scanning.md @@ -142,11 +142,9 @@ Before defining a custom pattern, you must ensure that you enable secret scannin > * {% data reusables.secret-scanning.dry-runs-enterprise-permissions %} {% data reusables.enterprise-accounts.access-enterprise %} -{% data reusables.enterprise-accounts.policies-tab %}{% ifversion security-feature-enablement-policies %} +{% data reusables.enterprise-accounts.policies-tab %} {% data reusables.enterprise-accounts.code-security-and-analysis-policies %} -1. Under "{% ifversion code-security-wording-only-enterprise %}Code security{% else %}Code security and analysis{% endif %}", click **Security features**.{% else %} -{% data reusables.enterprise-accounts.advanced-security-policies %} -{% data reusables.enterprise-accounts.advanced-security-security-features %}{% endif %} +1. Under "{% ifversion code-security-wording-only-enterprise %}Code security{% else %}Code security and analysis{% endif %}", click **Security features**. 1. Under "Secret scanning custom patterns", click **New pattern**. {% data reusables.advanced-security.secret-scanning-add-custom-pattern-details %} {%- ifversion custom-pattern-dry-run-ga %} diff --git a/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/managing-custom-patterns.md b/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/managing-custom-patterns.md index cc38eabaaa26..391a6c004b70 100644 --- a/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/managing-custom-patterns.md +++ b/content/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/custom-patterns/managing-custom-patterns.md @@ -55,11 +55,9 @@ You can enable {% data variables.product.prodname_secret_scanning %} as a push p Before enabling push protection for a custom pattern at enterprise level, you must also{% ifversion custom-pattern-dry-run-ga %} test your custom patterns using dry runs. {% data reusables.secret-scanning.dry-runs-enterprise-permissions %}{% else %} test your custom patterns in a repository before defining them for your entire enterprise, as there is no dry-run functionality. That way, you can avoid creating excess false-positive {% data variables.secret-scanning.alerts %}.{% endif %} {% data reusables.enterprise-accounts.access-enterprise %} -{% data reusables.enterprise-accounts.policies-tab %}{% ifversion security-feature-enablement-policies %} +{% data reusables.enterprise-accounts.policies-tab %} {% data reusables.enterprise-accounts.code-security-and-analysis-policies %} -1. Under "{% ifversion code-security-wording-only-enterprise %}Code security{% else %}Code security and analysis{% endif %}", click **Security features**.{% else %} -{% data reusables.enterprise-accounts.advanced-security-policies %} -{% data reusables.enterprise-accounts.advanced-security-security-features %}{% endif %} +1. Under "{% ifversion code-security-wording-only-enterprise %}Code security{% else %}Code security and analysis{% endif %}", click **Security features**. {% data reusables.advanced-security.secret-scanning-edit-custom-pattern %} {% ifversion custom-pattern-dry-run-ga %} diff --git a/content/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/browsing-security-advisories-in-the-github-advisory-database.md b/content/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/browsing-security-advisories-in-the-github-advisory-database.md index c885dec67558..a210700e6267 100644 --- a/content/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/browsing-security-advisories-in-the-github-advisory-database.md +++ b/content/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/browsing-security-advisories-in-the-github-advisory-database.md @@ -85,7 +85,7 @@ For any {% data variables.product.company_short %}-reviewed advisory in the {% d 1. Optionally, to filter the list, use the search bar or the drop-down menus. The "Organization" drop-down menu allows you to filter the {% data variables.product.prodname_dependabot_alerts %} per owner (organization or user). 1. For more details about the advisory, and for advice on how to fix the vulnerable repository, click the repository name. -{% ifversion security-advisories-ghes %} +{% ifversion ghes %} ## Accessing the local advisory database on {% data variables.product.prodname_ghe_server %} diff --git a/content/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/editing-security-advisories-in-the-github-advisory-database.md b/content/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/editing-security-advisories-in-the-github-advisory-database.md index d69f059b8582..61c83d54c8a8 100644 --- a/content/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/editing-security-advisories-in-the-github-advisory-database.md +++ b/content/code-security/security-advisories/working-with-global-security-advisories-from-the-github-advisory-database/editing-security-advisories-in-the-github-advisory-database.md @@ -42,7 +42,7 @@ Only repository owners and administrators can edit repository-level security adv You can also open a pull request directly on an advisory file in the [github/advisory-database](https://github.com/github/advisory-database) repository. For more information, see the [contribution guidelines](https://github.com/github/advisory-database/blob/main/CONTRIBUTING.md). -{% ifversion security-advisories-ghes %} +{% ifversion ghes %} ## Editing advisories from {% data variables.product.prodname_ghe_server %} diff --git a/data/reusables/secret-scanning/push-protection-allow-email.md b/data/reusables/secret-scanning/push-protection-allow-email.md index 6d3e1057a141..90c54fdc0cf4 100644 --- a/data/reusables/secret-scanning/push-protection-allow-email.md +++ b/data/reusables/secret-scanning/push-protection-allow-email.md @@ -1,3 +1 @@ -{% ifversion secret-scanning-push-protection-email %} When a contributor bypasses a push protection block for a secret, {% data variables.product.prodname_dotcom %} also sends an email alert to the organization owners, security managers, and repository administrators who have opted in for email notifications. -{% endif %} diff --git a/data/reusables/secret-scanning/secret-scanning-configure-notifications.md b/data/reusables/secret-scanning/secret-scanning-configure-notifications.md index 01b1694a2cf3..2de5e5419209 100644 --- a/data/reusables/secret-scanning/secret-scanning-configure-notifications.md +++ b/data/reusables/secret-scanning/secret-scanning-configure-notifications.md @@ -9,5 +9,5 @@ When a new secret is detected, {% data variables.product.product_name %} notifie You will receive an email notification if: * You are watching the repository. -* You have enabled notifications for "All Activity", or for custom "Security alerts" on the repository{% ifversion secret-scanning-notification-settings %}. -* In your notification settings, under "Subscriptions", then under "Watching", you have selected to receive notifications by email.{% endif %} +* You have enabled notifications for "All Activity", or for custom "Security alerts" on the repository. +* In your notification settings, under "Subscriptions", then under "Watching", you have selected to receive notifications by email.