You can now more easily filter secret scanning alerts, with new filter options and advanced filtering.
- Enterprise and organization level list views now include a new menu with commonly used and suggested filter options, like bypassed secrets, publicly leaked secrets, and those with enterprise duplicates. The repository level list view now supports a new “advanced filtering” menu.
- The experimental toggle has been removed from the alert list header UI, but you can still access it from the sidebar navigation menu and with the
results:experimentalfilter. - Public leak and multi-repository indicators are fully supported across list views, including alert list views and the REST API. In the UI, in addition to menu options, you can access these filters with
is:multi-repositoryandis:publicly-leaked. These indicators are also included in webhook and audit log event payloads for secret scanning alerts.
What are public leak and multi-repo labels?
To help you triage and remediate secret leaks more effectively, GitHub secret scanning now indicates if a secret detected in your repository has also leaked publicly with a public leak label on the alert. The alert also indicates if the secret was exposed in other repositories across your organization or enterprise with a multi-repository label.
These labels provide additional understanding into the distribution of an exposed secret, while also making it easier to assess an alert’s risk and urgency. For example, a secret which has a known associated exposure in a public location has a higher likelihood of exploitation. Detection of public leaks is only currently supported for provider-based patterns.
The multi-repository label makes it easier to de-duplicate alerts and is supported for all secret types, including custom patterns. You can only view and navigate to other enterprise repositories with duplicate alerts if you have appropriate permissions to view them.
Both indicators currently apply only for newly created alerts.
Learn more
Learn more about reviewing alert labels and how to secure your repositories with secret scanning. Let us know what you think by participating in our GitHub community discussion or signing up for a 60 minute feedback session.
The post Improved filtering for secret scanning alerts appeared first on The GitHub Blog.