diff --git a/content/admin/configuring-settings/hardening-security-for-your-enterprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list.md b/content/admin/configuring-settings/hardening-security-for-your-enterprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list.md index c8a33e2cdd58..efb910144da9 100644 --- a/content/admin/configuring-settings/hardening-security-for-your-enterprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list.md +++ b/content/admin/configuring-settings/hardening-security-for-your-enterprise/restricting-network-traffic-to-your-enterprise-with-an-ip-allow-list.md @@ -130,3 +130,7 @@ To ensure seamless use of the OIDC CAP while still applying the policy to OAuth ## Using {% data variables.product.prodname_pages %} with an IP allow list {% data reusables.pages.ip-allow-list-pages %} + +## Using {% data variables.product.prodname_dependabot %} with an IP allow list + +{% data reusables.dependabot.ip-allow-list-dependabot %} diff --git a/data/reusables/dependabot/ip-allow-list-dependabot.md b/data/reusables/dependabot/ip-allow-list-dependabot.md new file mode 100644 index 000000000000..cfc76e19cf6b --- /dev/null +++ b/data/reusables/dependabot/ip-allow-list-dependabot.md @@ -0,0 +1,7 @@ +By default, dynamically provisioned {% data variables.product.github %}-hosted runners do not guarantee static IP addresses. This includes the runners that are used by default with {% data variables.product.prodname_dependabot %}. + +If you use an IP allow list and {% data variables.product.prodname_dependabot %}, you must set up a self-hosted runner or enable {% data variables.product.prodname_dependabot %} for use with {% data variables.actions.hosted_runners %}. See [AUTOTITLE](/actions/concepts/runners/about-self-hosted-runners) and [AUTOTITLE](/code-security/dependabot/working-with-dependabot/about-dependabot-on-github-actions-runners#enabling-or-disabling-dependabot-on-larger-runners). + +Additionally, to learn more about setting up a {% data variables.actions.hosted_runners %} with a static IP address configured, see [AUTOTITLE](/actions/concepts/runners/about-larger-runners). + +To allow your self-hosted runners or {% data variables.actions.hosted_runners %} to communicate with {% data variables.product.github %}, add the IP address or IP address range of your runners to the IP allow list that you have configured for your enterprise. diff --git a/data/reusables/gated-features/copilot-coding-agent.md b/data/reusables/gated-features/copilot-coding-agent.md index 85cd8d2bd9d2..614505014601 100644 --- a/data/reusables/gated-features/copilot-coding-agent.md +++ b/data/reusables/gated-features/copilot-coding-agent.md @@ -1 +1 @@ -{% data variables.copilot.copilot_coding_agent %} is available with the {% data variables.copilot.copilot_pro %}, {% data variables.copilot.copilot_pro_plus %}, {% data variables.copilot.copilot_for_business %} and {% data variables.copilot.copilot_enterprise %} plans. Access for {% data variables.product.prodname_copilot_short %} trials is coming soon. The agent is available in all repositories, except where it has been explicitly disabled and repositories owned by {% data variables.enterprise.prodname_managed_users %}. +{% data variables.copilot.copilot_coding_agent %} is available with the {% data variables.copilot.copilot_pro %}, {% data variables.copilot.copilot_pro_plus %}, {% data variables.copilot.copilot_for_business %} and {% data variables.copilot.copilot_enterprise %} plans. The agent is available in all repositories, except where it has been explicitly disabled and repositories owned by {% data variables.enterprise.prodname_managed_users %}. diff --git a/src/secret-scanning/data/public-docs.yml b/src/secret-scanning/data/public-docs.yml index 86bb2acf23b0..18b04a8f66c5 100644 --- a/src/secret-scanning/data/public-docs.yml +++ b/src/secret-scanning/data/public-docs.yml @@ -485,6 +485,17 @@ hasPushProtection: true hasValidityCheck: false isduplicate: false +- provider: Azure + supportedSecret: Azure Event Grid Key Identifiable + secretType: azure_event_grid_key_identifiable + versions: + fpt: '*' + ghec: '*' + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + isduplicate: true - provider: Azure supportedSecret: Azure Event Hub Key Identifiable secretType: azure_event_hub_key_identifiable @@ -890,7 +901,7 @@ isPublic: true isPrivateWithGhas: true hasPushProtection: true - hasValidityCheck: false + hasValidityCheck: '{% ifversion fpt or ghes %}false{% else %}true{% endif %}' isduplicate: false - provider: Canva supportedSecret: Canva App Secret @@ -1654,7 +1665,7 @@ isPublic: true isPrivateWithGhas: true hasPushProtection: false - hasValidityCheck: false + hasValidityCheck: '{% ifversion fpt or ghes %}false{% else %}true{% endif %}' isduplicate: false - provider: Frame.io supportedSecret: Frame.io JSON Web Token @@ -3066,7 +3077,7 @@ isPublic: true isPrivateWithGhas: true hasPushProtection: true - hasValidityCheck: false + hasValidityCheck: '{% ifversion fpt or ghes %}false{% else %}true{% endif %}' isduplicate: false - provider: Persona Identities supportedSecret: Persona Sandbox Api Key @@ -3078,7 +3089,7 @@ isPublic: true isPrivateWithGhas: true hasPushProtection: true - hasValidityCheck: false + hasValidityCheck: '{% ifversion fpt or ghes %}false{% else %}true{% endif %}' isduplicate: false - provider: Pinterest supportedSecret: Pinterest Access Token @@ -3150,7 +3161,7 @@ isPublic: true isPrivateWithGhas: true hasPushProtection: true - hasValidityCheck: false + hasValidityCheck: '{% ifversion fpt or ghes %}false{% else %}true{% endif %}' isduplicate: false - provider: Planning Center supportedSecret: Planning Center OAuth Application Secret @@ -3438,7 +3449,7 @@ isPublic: true isPrivateWithGhas: true hasPushProtection: true - hasValidityCheck: false + hasValidityCheck: '{% ifversion fpt or ghes %}false{% else %}true{% endif %}' isduplicate: false - provider: Replicate supportedSecret: Replicate API Token @@ -3462,7 +3473,7 @@ isPublic: false isPrivateWithGhas: true hasPushProtection: true - hasValidityCheck: false + hasValidityCheck: '{% ifversion fpt or ghes %}false{% else %}true{% endif %}' isduplicate: false - provider: RubyGems supportedSecret: RubyGems API Key @@ -3546,7 +3557,7 @@ isPublic: true isPrivateWithGhas: true hasPushProtection: true - hasValidityCheck: false + hasValidityCheck: '{% ifversion fpt or ghes %}false{% else %}true{% endif %}' isduplicate: false - provider: Segment supportedSecret: Segment Public API Token @@ -3558,7 +3569,7 @@ isPublic: true isPrivateWithGhas: true hasPushProtection: true - hasValidityCheck: false + hasValidityCheck: '{% ifversion fpt or ghes %}false{% else %}true{% endif %}' isduplicate: false - provider: SendGrid supportedSecret: SendGrid API Key diff --git a/src/secret-scanning/lib/config.json b/src/secret-scanning/lib/config.json index 99f0e3a6cee0..bc449cdeb798 100644 --- a/src/secret-scanning/lib/config.json +++ b/src/secret-scanning/lib/config.json @@ -1,5 +1,5 @@ { - "sha": "9e7c83f3df4cb2d20d66627debf62a5d9dc7cd48", - "blob-sha": "5e45dd83af6526c7fbdcab9d8f5adfa51f8d551a", + "sha": "59459195f898490f26f8aa6417cf54df23aa6ff7", + "blob-sha": "e59d91b6e8d5c9dd3c8496286421b8915efb0d5c", "targetFilename": "code-security/secret-scanning/introduction/supported-secret-scanning-patterns" } \ No newline at end of file