Managing requests to bypass push protection

As a member of the bypass list for an organization or repository, you can review bypass requests from other members of the organization or repository.

Кто может использовать эту функцию?

  • Владельцы организации
  • Менеджеры по безопасности
  • Пользователи в командах, стандартные роли или пользовательские роли, добавленные в список обхода.
  • Пользователям, которым назначена пользовательская роль с детализированным разрешением «проверять и управлять secret scanning запросами на обход».

В этой статье

When delegated bypass for push protection is enabled, designated reviewers can approve or deny requests from contributors who want to push commits containing secrets.

This article explains how to review and manage bypass requests for repositories and organizations.

For more information about how bypass requests work, see Обход запросов для защиты от пуша.

Managing requests for a repository

  1. На GitHubперейдите на главную страницу репозитория.

  2. Под названием репозитория нажмите на Security and quality вкладку. Если вы не видите вкладку « Security and quality» — выберите выпадающее меню и нажмите Security and quality.

  3. В левой боковой панели в разделе "Запросы" щелкните "Отправить обход защиты".

  4. Select the All statuses dropdown menu, then click Open to view requests that are awaiting review, and those that have been approved but for which the commits haven't been pushed to the repository yet.

  5. Click the request that you want to review.

  6. Review the details of the request.

  7. При необходимости добавьте комментарий проверки. Комментарий будет добавлен на временную шкалу запроса проверки и временную шкалу оповещений secret scanning. Например, вы можете объяснить причину утверждения или отказа в запросе на аудит и отчеты, а также предложить дальнейшие шаги для участника.

  8. To allow the contributor to push the commit containing the secret, click Approve bypass request. Or, to require the contributor to remove the secret from the commit, click Deny bypass request.

Managing requests for an organization

Organization owners, security managers and organization members with the relevant fine-grained permission (via a custom role) can review and manage bypass requests for all repositories in the organization using security overview. See Проверка запросов на обход защиты push-уведомлений.

Filtering requests

You can filter requests by:

  • Approver (member of the bypass list)
  • Requester (contributor making the request)
  • Timeframe
  • Status

Filtering by status

The following statuses are assigned to a request:

StatusDescription
CancelledThe request has been canceled by the contributor.
CompletedThe request has been approved and the commit(s) have been pushed to the repository.
DeniedThe request has been reviewed and denied.
ExpiredThe request has expired. Requests are valid for 7 days.
OpenThe request has either not yet been reviewed, or has been approved but the commit(s) have not been pushed to the repository.

Further reading