Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Secret scanning delegated bypass for push protection - GA #981

Open
github-product-roadmap opened this issue Jun 26, 2024 · 0 comments
Open
Labels
cloud Available on Cloud ga Feature phase: Generally available github advanced security Product SKU: GitHub Advanced Security secret scanning Feature: Github Secret Scanning

Comments

@github-product-roadmap
Copy link
Collaborator

Summary

Security teams need more configurability over who can bypass push protection to balance security and developer productivity effectively. By integrating secret scanning's push protection into repository rulesets, Application Security teams can provide fine-grained control over which users can approve requested bypasses. Developers will have the ability to request approval from authorized users to push a blocked secret.

Intended Outcome

Delegated bypass will ensure that push protection is not accidentally bypassed by developers, and prevent secrets from being leaked in the repository.

How will it work?

The GA of delegated bypass will include experience improvements identified in beta, webhook and API support, and metrics.

@github github locked and limited conversation to collaborators Jun 26, 2024
@github-product-roadmap github-product-roadmap added cloud Available on Cloud ga Feature phase: Generally available github advanced security Product SKU: GitHub Advanced Security secret scanning Feature: Github Secret Scanning labels Jun 26, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
cloud Available on Cloud ga Feature phase: Generally available github advanced security Product SKU: GitHub Advanced Security secret scanning Feature: Github Secret Scanning
Projects
Development

No branches or pull requests

1 participant