šŸ“Š NEW! Voice of Practitioners 2024: The State of Secrets in AppSec

READ REPORT

šŸ“Š NEW! Voice of Practitioners 2024: The State of Secrets in AppSec

READ REPORT

GitGuardian Can Update Pull Requests With GitHub Check Runs

Did you know that GitGuardian can add comments directly to your GitHub pull requests and even stop a PR from succeeding if it contains any hardcoded secrets?

Video Transcript

Did you know that GitGuardian can addĀ  comments directly to your GitHub pull requests and even stop a PR from succeedingĀ  if it contains any hardcoded secrets? The GitHub API makes it possibleĀ  for the GitGuardian App to run powerful checks against all theĀ  code changes in a repository. When a new pull request is created,Ā  a new check run is performed, and GitGuardian will scan through each commitĀ  inside the PR, not just the most recent one. If someone added a secret to an early commit,Ā  but then removed it right before making the PR, you still need to know it is present inĀ  the git history so you can address it. Activating or deactivatingĀ  the GitGuarian check run is easy. Once you have the GitGuardian appĀ  installed on GitHub from the marketplace, navigate to your GitGuardianĀ  Dashboard, and click on Settings. Next click on Integrations and then theĀ  Edit button beside the GitHub Listing. In this GitHub integration menu, scrollĀ  down to the "Check runs" section. From here you can toggle the featureĀ  "Automatically post a comment on pull requests when a check run detectsĀ  an incident", either on or off. You also have the option to configure the checkĀ  run to be blocking, causing the PR to fail, thereby protecting your pipeline, or non-blocking, reporting incidents as Neutral, allowing pull requstsĀ  with incidents to move ahead. GitGuardian is here to help keep everyoneĀ  safe as you work to move your code, but not your secrets, toward production.