Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 4 additions & 13 deletions .github/workflows/sync-openapi.yml
Original file line number Diff line number Diff line change
Expand Up @@ -42,30 +42,21 @@ jobs:
path: rest-api-description
ref: ${{ inputs.SOURCE_BRANCH }}

- name: Generate GitHub App token
id: app-token
uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
with:
app-id: ${{ secrets.DOCS_BOT_APP_ID }}
private-key: ${{ secrets.DOCS_BOT_APP_PRIVATE_KEY }}
owner: github
repositories: docs-internal,models-gateway,docs-engineering

- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
with:
# By default, only the most recent commit of the `main` branch
# will be checked out
repository: github/models-gateway
path: models-gateway
ref: main
token: ${{ steps.app-token.outputs.token }}
token: ${{ secrets.DOCS_BOT_PAT_BASE }}

- uses: ./.github/actions/node-npm-setup

- name: Sync the REST, Webhooks, and GitHub Apps schemas
env:
# Needed for gh
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_BASE }}
NODE_OPTIONS: '--max-old-space-size=8192'
run: |
npm run sync-rest -- \
Expand All @@ -89,7 +80,7 @@ jobs:
- name: Create pull request
env:
# Needed for gh
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_PAT_BASE }}
run: |
# If nothing to commit, exit now. It's fine. No orphans.
changes=$(git diff --name-only | wc -l)
Expand Down Expand Up @@ -137,4 +128,4 @@ jobs:
- uses: ./.github/actions/create-workflow-failure-issue
if: ${{ failure() && github.event_name != 'workflow_dispatch' }}
with:
token: ${{ steps.app-token.outputs.token }}
token: ${{ secrets.DOCS_BOT_PAT_BASE }}
2 changes: 2 additions & 0 deletions content/copilot/how-tos/copilot-cli/cli-best-practices.md
Original file line number Diff line number Diff line change
Expand Up @@ -335,7 +335,9 @@ Pair with {% data variables.copilot.copilot_cli_short %} to develop tests.

### Code review assistance

* ``/security-review Review my current local changes for security issues. Prioritize high-severity findings and suggest remediations I can apply before opening a pull request.``
* ``/review Use Opus 4.5 and Codex 5.2 to review the changes in my current branch against `main`. Focus on potential bugs and security issues.``
* Triage high-severity findings first, validate your fixes, then continue through your normal pull request review workflow.

### Git operations

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -246,7 +246,7 @@ These are the slash commands you can use from within an interactive CLI session.
| `/rubber-duck [PROMPT]` | Consult the rubber duck agent for a second opinion on plans, code, and tests. See [AUTOTITLE](/copilot/concepts/agents/copilot-cli/rubber-duck). |
| `/sandbox [enable\|disable]` | Enable, disable, or configure OS-level sandboxing that restricts filesystem and network access for shell commands, MCP/LSP servers, and built-in file/web tools. Run `/sandbox` with no arguments to open the policy dialog. |
| `/search [QUERY]`, `/find [QUERY]` | Search the conversation timeline. {% data reusables.copilot.experimental %} |
| `/security-review [PROMPT]` | Run the security review agent to analyze changes for vulnerabilities. |
| `/security-review [PROMPT]` | Run a focused security review of active local code changes and return prioritized vulnerability findings with remediation suggestions. This command is not a full repository security audit. |
| `/session [info\|checkpoints [n]\|files\|plan\|rename [NAME]\|cleanup\|prune\|delete [ID]\|delete-all]`, `/sessions [info\|checkpoints [n]\|files\|plan\|rename [NAME]\|cleanup\|prune\|delete [ID]\|delete-all]` | Show session information and manage sessions. The `info` subcommand shows session details including the session link (when available). Subcommands: `info`, `checkpoints`, `files`, `plan`, `rename`, `cleanup`, `prune`, `delete`, `delete-all`. |
| `/settings [show KEY\|KEY\|KEY VALUE]`,<br>`/config [show KEY\|KEY\|KEY VALUE]` | Open the settings editor, open it focused on a specific setting (`KEY`), set a setting inline (`KEY VALUE`), or display a setting's current value (`show KEY`). See [AUTOTITLE](/copilot/how-tos/copilot-cli/customize-copilot/change-settings). |
| `/share [file\|html\|gist] [session\|research] [PATH]`, `/export [file\|html\|gist] [session\|research] [PATH]` | Share the session to a Markdown file, interactive HTML file, or {% data variables.product.github %} gist. |
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,8 @@ To meet a tight deadline, you want to speed up each stage for both developers an

{% data variables.product.prodname_copilot_short %} can update multiple files at once and, with the developer's authorization, run commands for actions like installing dependencies or running tests.

1. Before opening a pull request, the developer runs `/security-review` to identify likely vulnerabilities in active local changes and apply remediations.

1. The developer reviews the diff and chooses which code to keep.

## 3. Test with an MCP server
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,7 @@ To improve the quality of {% data variables.product.prodname_copilot_short %}'s
With strong guardrails in place, developers should already be enabled to use AI effectively. However, it is important to provide training on AI tools and create a culture where best practices are encouraged, rather than just enforced.

1. Communicate your governance settings and your company's expectations for how developers should use {% data variables.product.prodname_copilot_short %}. For example, if all agent work should be thoroughly reviewed, ensure this process is established and communicated.
1. Encourage developers to run `/security-review` in {% data variables.copilot.copilot_cli_short %} before opening a pull request or requesting review. Treat this as a lightweight check, then continue with your standard pull request review process. For more information, see [AUTOTITLE](/copilot/how-tos/copilot-cli/cli-best-practices#code-review-assistance).
1. Create onboarding resources such as internal documentation or videos. For a starting point, share existing resources like [AUTOTITLE](/copilot/get-started/best-practices) and [AUTOTITLE](/copilot/tutorials/copilot-cookbook).
1. Offer ongoing training and support, such as workshops. In successful rollouts, many companies identify "champions" who can train others on how to use {% data variables.product.prodname_copilot_short %} effectively.

Expand Down
14 changes: 14 additions & 0 deletions content/rest/secret-scanning/custom-patterns.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
---
title: REST API endpoints for secret scanning custom patterns
shortTitle: Custom patterns
intro: Use the REST API to manage custom patterns for secret scanning.
versions: # DO NOT MANUALLY EDIT. CHANGES WILL BE OVERWRITTEN BY A 🤖
fpt: '*'
ghec: '*'
autogenerated: rest
allowTitleToDifferFromFilename: true
category:
- Secure code and manage vulnerabilities
---

<!-- Content after this section is automatically generated -->
1 change: 1 addition & 0 deletions content/rest/secret-scanning/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ versions:
ghes: '*'
children:
- /alert-dismissal-requests
- /custom-patterns
- /delegated-bypass
- /push-protection
- /secret-scanning
Expand Down
35 changes: 35 additions & 0 deletions src/fixtures/tests/playwright-rendering.spec.ts
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,41 @@ test('use sidebar to go to Hello World page', async ({ page }) => {
await expect(page).toHaveTitle(/Hello World - GitHub Docs/)
})

test('press "/" to open the search overlay', async ({ page }) => {
await page.goto('/')
await turnOffExperimentsInPage(page)

// Wait for the header search button to render, so the keydown listener is attached.
await page.locator('[data-testid="search"]:visible').waitFor()

const searchInput = page.getByTestId('overlay-search-input')
// The overlay (and its input) is not in the DOM until it's opened.
await expect(searchInput).toHaveCount(0)

// Pressing "/" anywhere on the page opens the overlay and focuses the input.
await page.keyboard.press('/')
await expect(searchInput).toBeFocused()

// Escape closes it again.
await page.keyboard.press('Escape')
await expect(searchInput).toHaveCount(0)
})

test('"/" typed inside the search input is a literal slash', async ({ page }) => {
await page.goto('/')
await turnOffExperimentsInPage(page)

await page.locator('[data-testid="search"]:visible').waitFor()

await page.keyboard.press('/')
const searchInput = page.getByTestId('overlay-search-input')
await expect(searchInput).toBeFocused()

// The "/" shortcut must not fire while typing in a field, so it is not swallowed.
await page.keyboard.type('a/b')
await expect(searchInput).toHaveValue('a/b')
})

test('do a search from home page and click on "Foo" page', async ({ page }) => {
test.skip(!SEARCH_TESTS, 'No local Elasticsearch, no tests involving search')

Expand Down
26 changes: 26 additions & 0 deletions src/frame/components/page-header/Header.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,32 @@ export const Header = () => {
return () => window.removeEventListener('keydown', close)
}, [])

// Pressing "/" anywhere on the page opens the search overlay, matching the
// shortcut on github.com. Ignore the key when the user is typing in a form
// field or editable element so we never swallow a literal "/", and when a
// modifier is held so we don't clash with browser or OS shortcuts.
useEffect(() => {
const openOnSlash = (e: KeyboardEvent) => {
if (e.key !== '/' || e.ctrlKey || e.metaKey || e.altKey) {
return
}
const target = e.target as HTMLElement | null
const tagName = target?.tagName
if (
tagName === 'INPUT' ||
tagName === 'TEXTAREA' ||
tagName === 'SELECT' ||
target?.isContentEditable
) {
return
}
e.preventDefault()
setIsSearchOpen(true)
}
window.addEventListener('keydown', openOnSlash)
return () => window.removeEventListener('keydown', openOnSlash)
}, [])

// For the UI in smaller browser widths, focus the picker menu button when
// the sidebar is closed (not when the search overlay is closed — the
// overlay's returnFocusRef handles focus restoration to the search button).
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -873,6 +873,42 @@
"additional-permissions": false,
"access": "write"
},
{
"category": "secret-scanning",
"slug": "list-organization-custom-patterns",
"subcategory": "custom-patterns",
"verb": "get",
"requestPath": "/orgs/{org}/secret-scanning/custom-patterns",
"additional-permissions": false,
"access": "read"
},
{
"category": "secret-scanning",
"slug": "bulk-create-organization-custom-patterns",
"subcategory": "custom-patterns",
"verb": "post",
"requestPath": "/orgs/{org}/secret-scanning/custom-patterns",
"additional-permissions": false,
"access": "write"
},
{
"category": "secret-scanning",
"slug": "bulk-delete-organization-custom-patterns",
"subcategory": "custom-patterns",
"verb": "delete",
"requestPath": "/orgs/{org}/secret-scanning/custom-patterns",
"additional-permissions": false,
"access": "write"
},
{
"category": "secret-scanning",
"slug": "update-an-organization-custom-pattern",
"subcategory": "custom-patterns",
"verb": "patch",
"requestPath": "/orgs/{org}/secret-scanning/custom-patterns/{pattern_id}",
"additional-permissions": false,
"access": "write"
},
{
"category": "secret-scanning",
"slug": "list-organization-pattern-configurations",
Expand Down Expand Up @@ -8481,6 +8517,42 @@
"additional-permissions": false,
"access": "read"
},
{
"category": "secret-scanning",
"slug": "list-repository-custom-patterns",
"subcategory": "custom-patterns",
"verb": "get",
"requestPath": "/repos/{owner}/{repo}/secret-scanning/custom-patterns",
"additional-permissions": false,
"access": "read"
},
{
"category": "secret-scanning",
"slug": "bulk-create-repository-custom-patterns",
"subcategory": "custom-patterns",
"verb": "post",
"requestPath": "/repos/{owner}/{repo}/secret-scanning/custom-patterns",
"additional-permissions": false,
"access": "write"
},
{
"category": "secret-scanning",
"slug": "bulk-delete-repository-custom-patterns",
"subcategory": "custom-patterns",
"verb": "delete",
"requestPath": "/repos/{owner}/{repo}/secret-scanning/custom-patterns",
"additional-permissions": false,
"access": "write"
},
{
"category": "secret-scanning",
"slug": "update-a-repository-custom-pattern",
"subcategory": "custom-patterns",
"verb": "patch",
"requestPath": "/repos/{owner}/{repo}/secret-scanning/custom-patterns/{pattern_id}",
"additional-permissions": false,
"access": "write"
},
{
"category": "secret-scanning",
"slug": "get-secret-scanning-scan-history-for-a-repository",
Expand Down
48 changes: 48 additions & 0 deletions src/github-apps/data/fpt-2022-11-28/fine-grained-pat.json
Original file line number Diff line number Diff line change
Expand Up @@ -5176,6 +5176,30 @@
"verb": "get",
"requestPath": "/orgs/{org}/secret-scanning/alerts"
},
{
"slug": "list-organization-custom-patterns",
"subcategory": "custom-patterns",
"verb": "get",
"requestPath": "/orgs/{org}/secret-scanning/custom-patterns"
},
{
"slug": "bulk-create-organization-custom-patterns",
"subcategory": "custom-patterns",
"verb": "post",
"requestPath": "/orgs/{org}/secret-scanning/custom-patterns"
},
{
"slug": "bulk-delete-organization-custom-patterns",
"subcategory": "custom-patterns",
"verb": "delete",
"requestPath": "/orgs/{org}/secret-scanning/custom-patterns"
},
{
"slug": "update-an-organization-custom-pattern",
"subcategory": "custom-patterns",
"verb": "patch",
"requestPath": "/orgs/{org}/secret-scanning/custom-patterns/{pattern_id}"
},
{
"slug": "list-organization-pattern-configurations",
"subcategory": "push-protection",
Expand Down Expand Up @@ -5212,6 +5236,30 @@
"verb": "get",
"requestPath": "/repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}/locations"
},
{
"slug": "list-repository-custom-patterns",
"subcategory": "custom-patterns",
"verb": "get",
"requestPath": "/repos/{owner}/{repo}/secret-scanning/custom-patterns"
},
{
"slug": "bulk-create-repository-custom-patterns",
"subcategory": "custom-patterns",
"verb": "post",
"requestPath": "/repos/{owner}/{repo}/secret-scanning/custom-patterns"
},
{
"slug": "bulk-delete-repository-custom-patterns",
"subcategory": "custom-patterns",
"verb": "delete",
"requestPath": "/repos/{owner}/{repo}/secret-scanning/custom-patterns"
},
{
"slug": "update-a-repository-custom-pattern",
"subcategory": "custom-patterns",
"verb": "patch",
"requestPath": "/repos/{owner}/{repo}/secret-scanning/custom-patterns/{pattern_id}"
},
{
"slug": "create-a-push-protection-bypass",
"subcategory": "secret-scanning",
Expand Down
Loading
Loading