repo sync

content/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning.md

@@ -15,7 +15,6 @@ topics:
   - Secret scanning
 ---
 
-
 ## About custom patterns for {% data variables.product.prodname_secret_scanning %}
 
 You can define custom patterns to identify secrets that are not detected by the default patterns supported by {% data variables.product.prodname_secret_scanning %}. For example, you might have a secret pattern that is internal to your organization. For details of the supported secrets and service providers, see "[AUTOTITLE](/code-security/secret-scanning/secret-scanning-patterns)."
@@ -189,9 +188,7 @@ After your pattern is created, {% data variables.product.prodname_secret_scannin
 ## Editing a custom pattern
 
 When you save a change to a custom pattern, this closes all the {% data variables.secret-scanning.alerts %} that were created using the previous version of the pattern.
-1. Navigate to where the custom pattern was created. A custom pattern can be created in a repository, organization, or enterprise account.
-   * For a repository or organization, display the "Security & analysis" settings for the repository or organization where the custom pattern was created. For more information, see "[Defining a custom pattern for a repository](#defining-a-custom-pattern-for-a-repository)" or "[Defining a custom pattern for an organization](#defining-a-custom-pattern-for-an-organization)" above.
-   * For an enterprise, under "Policies" display the "Advanced Security" area, and then click **Security features**. For more information, see "[Defining a custom pattern for an enterprise account](#defining-a-custom-pattern-for-an-enterprise-account)" above.
+{% data reusables.secret-scanning.view-custom-pattern %}
 1. Under "{% data variables.product.prodname_secret_scanning_caps %}", to the right of the custom pattern you want to edit, click {% octicon "pencil" aria-label="The edit icon" %}.
 {%- ifversion secret-scanning-custom-enterprise-36 or custom-pattern-dry-run-ga  %}
 1. When you're ready to test your edited custom pattern, to identify matches without creating alerts, click **Save and dry run**.
@@ -204,10 +201,28 @@ When you save a change to a custom pattern, this closes all the {% data variable
 
 ## Removing a custom pattern
 
-1. Navigate to where the custom pattern was created. A custom pattern can be created in a repository, organization, or enterprise account.
-
-   * For a repository or organization, display the "Security & analysis" settings for the repository or organization where the custom pattern was created. For more information, see "[Defining a custom pattern for a repository](#defining-a-custom-pattern-for-a-repository)" or "[Defining a custom pattern for an organization](#defining-a-custom-pattern-for-an-organization)" above.
-   * For an enterprise, under "Policies" display the "Advanced Security" area, and then click **Security features**.  For more information, see "[Defining a custom pattern for an enterprise account](#defining-a-custom-pattern-for-an-enterprise-account)" above.
+{% data reusables.secret-scanning.view-custom-pattern %}
 1. To the right of the custom pattern you want to remove, click {% octicon "trash" aria-label="The trash icon" %}.
 1. Review the confirmation, and select a method for dealing with any open alerts relating to the custom pattern.
 1. Click **Yes, delete this pattern**.
+
+{% ifversion secret-scanning-custom-patterns-metrics %}
+
+## Metrics for custom patterns
+
+Organization owners and people with admin permissions can see an overview of the activity for custom patterns. The overview includes alert and push protection activity for the custom pattern during the last 30 days.
+
+{% note %}
+
+**Note:** Metrics for custom patterns are in public beta and subject to change.
+
+{% endnote %}
+
+### Viewing metrics for custom patterns
+
+{% data reusables.secret-scanning.view-custom-pattern %}
+1. Under "{% data variables.product.prodname_secret_scanning_caps %}", click the custom pattern you want to view.
+
+The metrics are displayed under the custom pattern's name.
+
+{% endif %}

content/get-started/exploring-projects-on-github/saving-repositories-with-stars.md

@@ -96,14 +96,12 @@ You can add a repository to an existing or new list wherever you see a repositor
 1. Select the list you want to edit.
 2. Click **Edit list**.
 3. Update the name or description and click **Save list**.
-  ![Screenshot of modal showing edit options with "Delete list" and "Save list" highlighted with a dark orange outline.](/assets/images/help/stars/edit-list-options.png) 
 
 ### Deleting a list
 
 {% data reusables.stars.stars-page-navigation %}
 2. Select the list you want to delete.
 3. Click **Delete list**.
-  ![Screenshot of modal showing edit options with "Delete list" and "Save list" highlighted with a dark orange outline.](/assets/images/help/stars/edit-list-options.png)
 4. To confirm, click **Delete**.
 
 {% endif %}

data/features/secret-scanning-custom-patterns-metrics.yml

@@ -0,0 +1,5 @@
+# Reference: #9140.
+# Documentation for secret scanning metrics for custom patterns.
+versions:
+  ghec: '*'
+  ghes: '>=3.10'

data/reusables/secret-scanning/view-custom-pattern.md

@@ -0,0 +1,3 @@
+1. Navigate to where the custom pattern was created. A custom pattern can be created in a repository, organization, or enterprise account.
+   * For a repository or organization, display the "Security & analysis" settings for the repository or organization where the custom pattern was created. For more information, see "[Defining a custom pattern for a repository](#defining-a-custom-pattern-for-a-repository)" or "[Defining a custom pattern for an organization](#defining-a-custom-pattern-for-an-organization)".
+   * For an enterprise, under "Policies" display the "Advanced Security" area, and then click **Security features**. For more information, see "[Defining a custom pattern for an enterprise account](#defining-a-custom-pattern-for-an-enterprise-account)" above.

src/automated-pipelines/lib/update-markdown.js

@@ -87,14 +87,27 @@ async function updateMarkdownFile(
     // update only the versions property of the file, assuming
     // the other properties have already been added and edited
     const { data, content } = matter(await readFile(file, 'utf-8'))
-    if (isEqual(sourceData.versions, data.versions)) {
+
+    // Double check that the comment delimiter is only used once
+    const matcher = new RegExp(commentDelimiter, 'g')
+    const matches = content.match(matcher)
+    if (matches && matches.length > 1) {
+      throw new Error(`Error: ${file} has multiple comment delimiters`)
+    }
+
+    // Only proceed if the content or versions have changed
+    const [manuallyCreatedContent, automatedContent] = content.split(commentDelimiter)
+    const isContentSame = automatedContent === sourceContent
+    const isVersionsSame = isEqual(sourceData.versions, data.versions)
+    if (isContentSame && isVersionsSame) {
       return
     }
+
+    // Create a new object so that we don't mutate the original data
     const newData = { ...data }
-    // Keep all frontmatter currently in the Markdown file on disk
-    // except replace the versions property with the new versions
+    // Only modify the versions property when a file already existss
     newData.versions = sourceData.versions
-    const targetContent = content.replace(commentDelimiter, sourceContent)
+    const targetContent = manuallyCreatedContent + commentDelimiter + sourceContent
     await writeFile(file, matter.stringify(targetContent, newData))
   } else {
     await createDirectory(path.dirname(file))

src/codeql-cli/scripts/convert-markdown-for-docs.js

@@ -174,6 +174,29 @@ export async function convertContentToDocs(content, frontmatterDefaults = {}) {
     if (node.type === 'link' && node.url.includes('aka.ms')) {
       akaMsLinkMatches.push(node)
     }
+
+    // There are example links in the format https://containers.GHEHOSTNAME
+    // that we don't want our link checker to check so we need to make them
+    // inline code instead of links. Ideally, this should be done in the
+    // Java program that generates the rst files, but we can do it here for now.
+    // See https://github.com/syntax-tree/mdast#inlinecode
+    if (node.type === 'link' && node.url.startsWith('https://containers')) {
+      // The nodes before and after contain double quotes that we want to remove
+      const nodeBefore = ancestors[ancestors.length - 1].children[0]
+      const nodeAfter = ancestors[ancestors.length - 1].children[2]
+      if (nodeBefore.value.endsWith('"')) {
+        nodeBefore.value = nodeBefore.value.slice(0, -1)
+      }
+      if (nodeAfter.value.startsWith('"')) {
+        nodeAfter.value = nodeAfter.value.slice(1)
+      }
+      // Change the node to an inline code node
+      node.type = 'inlineCode'
+      node.value = node.url
+      node.title = undefined
+      node.url = undefined
+      node.children = undefined
+    }
   })
 
   // Convert all aka.ms links to the docs.github.com relative path

src/codeql-cli/scripts/sync.js

@@ -9,17 +9,15 @@ import path from 'path'
 import matter from 'gray-matter'
 import rimraf from 'rimraf'
 
-import {
-  updateContentDirectory,
-  MARKDOWN_COMMENT,
-} from '../../automated-pipelines/lib/update-markdown.js'
+import { updateContentDirectory } from '../../automated-pipelines/lib/update-markdown.js'
 import { convertContentToDocs } from './convert-markdown-for-docs.js'
 
 const { targetDirectory, sourceDirectory, frontmatterDefaults, markdownPrefix } = JSON.parse(
   await readFile(path.join('src/codeql-cli/lib/config.json'), 'utf-8')
 )
 const SOURCE_REPO = sourceDirectory.split('/')[0]
 const TEMP_DIRECTORY = path.join(SOURCE_REPO, 'tempCliDocs')
+const MARKDOWN_PREFIX = `${markdownPrefix}\n\n`
 
 main()
 
@@ -41,7 +39,7 @@ async function main() {
     await writeFile(file, matter.stringify(content, data))
     const targetFilename = path.join(targetDirectory, path.basename(file))
     const sourceData = { ...data, ...frontmatterDefaults }
-    const finalSourceContent = MARKDOWN_COMMENT + `${markdownPrefix}\n\n` + content
+    const finalSourceContent = MARKDOWN_PREFIX + content
     cliMarkdownContents[targetFilename] = { data: sourceData, content: finalSourceContent }
   }
   // Begin updating Markdown files in the content directory

tests/content/webhooks.js → src/webhooks/tests/api.js

@@ -1,8 +1,8 @@
-import { get } from '../helpers/e2etest.js'
+import { get } from '../../../tests/helpers/e2etest.js'
 import {
   SURROGATE_ENUMS,
   makeLanguageSurrogateKey,
-} from '../../middleware/set-fastly-surrogate-key.js'
+} from '../../../middleware/set-fastly-surrogate-key.js'
 import { describe, expect } from '@jest/globals'
 
 describe('webhooks v1 middleware', () => {

tests/rendering/webhooks.js → src/webhooks/tests/rendering.js

@@ -1,7 +1,7 @@
 import { jest } from '@jest/globals'
-import { getDOM } from '../helpers/e2etest.js'
-import { allVersions } from '../../lib/all-versions.js'
-import { getWebhooks } from '../../src/webhooks/lib/index.js'
+import { getDOM } from '../../../tests/helpers/e2etest.js'
+import { allVersions } from '../../../lib/all-versions.js'
+import { getWebhooks } from '../lib/index.js'
 
 describe('webhooks events and payloads', () => {
   jest.setTimeout(300 * 1000)