ankneis
commented
2 months ago 🚢 This has shipped: https://github.blog/changelog/2024-04-30-secret-scanning-supports-bypass-controls-for-push-protection-public-beta
Leaving open to track for GHES release!
Summary
Security teams need more configurability over who can bypass push protection to balance security and developer productivity effectively. By integrating secret scanning's push protection into repository rulesets, Application Security teams can provide fine-grained control over which users can approve requested bypasses. Developers will have the ability to request approval from authorized users to push a blocked secret.