Secret scanning's delegated bypass controls for push protection (public beta) - feedback #121816
Replies: 1 comment 5 replies
-
We've deployed this internally and it's working great. I have a couple requests though!
Thanks! |
Beta Was this translation helpful? Give feedback.
-
GitHub Advanced Security customers using secret scanning can now specify which teams or roles have the ability to bypass push protection. This is intended to help reduce bypass rates within organizations that see high levels of live secrets being bypassed and committed into repositories.
This is managed through a new bypass list, where organizations can select which teams or roles are authorized to bypass push protection and act as reviewers for bypass requests. If an individual not included in this list needs to push a commit that is initially blocked, they must submit a bypass request. This request is then reviewed by an authorized individual who can either approve or deny it, determining whether the commit can proceed into the repository.
🗣️ We're looking for your feedback as we're in beta, both from the reviewer side and from the requestor side.
Things like:
Thank you very much -- we appreciate you ❤️
Learn more about secret scanning | Learn more about push protection
Beta Was this translation helpful? Give feedback.
All reactions