Secret scanning: public leak (high priority) and multi-repo (deduping…

…) indicators for alerts #15387 (#52318) Co-authored-by: Robert Bolender <[email protected]> Co-authored-by: Sarita Iyer <[email protected]>
github · Sep 19, 2024 · 2d4bde6 · 2d4bde6
1 parent 65275fc
commit 2d4bde6
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 1 deletion.
diff --git a/...urity/secret-scanning/managing-alerts-from-secret-scanning/evaluating-alerts.md b/...urity/secret-scanning/managing-alerts-from-secret-scanning/evaluating-alerts.md
@@ -23,7 +23,8 @@ There are some additional features that can help you to evaluate alerts in order
 
 * Check the validity of a secret, to see if the secret is still active. {% ifversion fpt or ghes %}**Applies to {% data variables.product.company_short %} tokens only**.{% endif %} For more information, see "[Checking a secret's validity](#checking-a-secrets-validity)."{% ifversion secret-scanning-validity-check-partner-patterns %}
 * Perform an "on-demand" validity check, to get the most up to date validation status. For more information, see "[Performing an on-demand-validity-check](#performing-an-on-demand-validity-check)."{% endif %}{% ifversion secret-scanning-github-token-metadata %}
-* Review a token's metadata. **Applies to {% data variables.product.company_short %} tokens only**. For example, to see when the token was last used. For more information, see "[Reviewing {% data variables.product.company_short %} token metadata](#reviewing-github-token-metadata)."{% endif %}
+* Review a token's metadata. **Applies to {% data variables.product.company_short %} tokens only**. For example, to see when the token was last used. For more information, see "[Reviewing {% data variables.product.company_short %} token metadata](#reviewing-github-token-metadata)."{% endif %}{% ifversion secret-scanning-multi-repo-public-leak %}
+* Review the labels assigned to the alert. For more information, see "[Reviewing alert labels](#reviewing-alert-labels)."{% endif %}
 
 ## Checking a secret's validity
 
@@ -95,6 +96,21 @@ Tokens, like {% data variables.product.pat_generic %} and other credentials, are
 
 {% endif %}
 
+{% ifversion secret-scanning-multi-repo-public-leak %}
+
+## Reviewing alert labels
+
+In the alert view, you can review any labels assigned to the alert. The labels provide additional details about the alert, which can inform the approach you take for remediation.
+
+{% data variables.product.prodname_secret_scanning_caps %} alerts can have the following labels assigned to them:
+
+|Label|Description|
+|-------------------------|--------------------------------------------------------------------------------|
+|`public leak`| The secret detected in your repository has also been found as publicly leaked by at least one of {% data variables.product.github %}'s scans of code, discussions, gists, issues, pull requests, and wikis. This may require you to address the alert with greater urgency, or remediate the alert differently compared to a privately exposed token.|
+|`multi-repo`| The secret detected in your repository has been found across multiple repositories in your organization{% ifversion ghec or ghes %} or enterprise{% endif %}. This information may help you more easily dedupe the alert across your organization{% ifversion ghec or ghes %} or enterprise{% endif %}. |
+
+{% endif %}
+
 ## Next steps
 
 * "[AUTOTITLE](/code-security/secret-scanning/managing-alerts-from-secret-scanning/resolving-alerts)"
diff --git a/data/features/secret-scanning-multi-repo-public-leak.yml b/data/features/secret-scanning-multi-repo-public-leak.yml
@@ -0,0 +1,6 @@
+# Reference: #15387
+# Secret scanning: multi-repo and public leak indicators added to alerts
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '>=3.16'