eclipse-platform / .eclipsefdn

Repository to host configurations related to the Eclipse Foundation.
https://eclipse-platform.github.io/.eclipsefdn/
0 stars 2 forks source link

Enable secret scanning for all repos #2

Closed ghost closed 1 year ago

ghost commented 1 year ago

We (security team at EF: https://www.eclipse.org/security/team/) would like to enable secret scanning for all of the repos of eclipse projects hosted on GitHub. For that purpose we suggest changes to the configuration that the project leads can review.

github-actions[bot] commented 1 year ago
Diff for ed5339b7778f3b4d00059ae1223aaae88e7eade3: ```diff Printing local diff for configuration at '/home/runner/work/.eclipsefdn/.eclipsefdn/otterdog-configs/otterdog.json' Actions are indicated with the following symbols: + create ! modify ! forced update - delete Organization eclipse-platform[id=eclipse-platform] there have been 37 validation infos, enable verbose output with '-v' to to display them. ! repository[name=".github"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="eclipse.platform"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="eclipse.platform.common"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="eclipse.platform.debug"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="eclipse.platform.images"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="eclipse.platform.releng"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="eclipse.platform.releng.aggregator"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="eclipse.platform.releng.buildtools"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="eclipse.platform.resources"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="eclipse.platform.runtime"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="eclipse.platform.swt"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="eclipse.platform.swt.binaries"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="eclipse.platform.team"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="eclipse.platform.text"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="eclipse.platform.ua"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="eclipse.platform.ui"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="eclipse.platform.ui.tools"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="ui-best-practices"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="www.eclipse.org-eclipse"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="www.eclipse.org-eclipse-news"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } ! repository[name="www.eclipse.org-swt"] { ! secret_scanning = "disabled" -> "enabled" ! secret_scanning_push_protection = "disabled" -> "enabled" ! } Plan: 0 to add, 42 to change, 0 to delete. ``` ```diff Showing diff to a canonical version of the configuration at '/home/runner/work/.eclipsefdn/.eclipsefdn/otterdog-configs/otterdog.json' Organization eclipse-platform[id=eclipse-platform] ```
ghost commented 1 year ago

Hello,

If you require additional information about GitHub Secret scanning before reviewing this pull request, please refer to the following GitHub document: Link to GitHub Document About secret scanning.

Feel free to reach out if you have any questions.

Thank you, FP