You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
|`https_proxy`| Proxy URL for HTTPS traffic. You can include basic authentication if required. |`http://proxy.local`<br>`http://192.168.1.1:8080`<br>`http://username:password@proxy.local`|
28
-
|`http_proxy`| Proxy URL for HTTP traffic. You can include basic authentication if required. |`http://proxy.local`<br>`http://192.168.1.1:8080`<br>`http://username:password@proxy.local`|
29
-
|`no_proxy`| A comma-separated list of hosts or IP addresses that should bypass the proxy. Some clients only honor IP addresses when connections are made directly to the IP rather than a hostname. |`example.com`<br>`example.com,myserver.local:443,example.org`|
25
+
{% data reusables.actions.actions-proxy-environment-variables-table %}
30
26
31
27
The proxy environment variables are read when the runner application starts, so you must set the environment variables before configuring or starting the runner application. If your proxy configuration changes, you must restart the runner application.
If you use Azure private networking for {% data variables.product.company_short %}-hosted runners, the supported Azure regions on {% data variables.enterprise.data_residency_site %} differ from those on {% data variables.product.prodname_dotcom_the_website %}.
@@ -95,6 +101,14 @@ If you use Azure private networking for {% data variables.product.company_short
95
101
| arm64 |`centralus`, `eastus2`, `westus3`|
96
102
| GPU |`centralus`, `eastus2`, `westus3`|
97
103
104
+
### Supported regions in Japan
105
+
106
+
| Runner type | Supported regions |
107
+
| ----------- | ----------------- |
108
+
| x64 |`japaneast`, `japanwest`|
109
+
| arm64 |`japaneast`, `japanwest`|
110
+
| GPU |`japaneast`|
111
+
98
112
### IP ranges for Azure private networking
99
113
100
114
#### EU
@@ -113,17 +127,30 @@ EU region:
113
127
* 20.240.220.192/28
114
128
* 20.240.211.208/28
115
129
116
-
#### Austrailia
130
+
#### Australia
117
131
118
132
Actions IPs:
119
133
* 4.147.140.77
120
134
* 20.53.114.78
121
135
122
-
Austraila region:
136
+
Australia region:
123
137
* 4.237.73.192/28
124
138
* 20.5.226.112/28
125
139
* 20.248.163.176/28
126
140
141
+
#### Japan
142
+
143
+
Actions IPs:
144
+
145
+
* 20.63.233.164
146
+
* 172.192.153.164
147
+
148
+
Japan region:
149
+
150
+
74.226.88.241
151
+
40.81.176.225
152
+
4.190.169.240
153
+
127
154
#### Required for all regions
128
155
129
156
*`Storage` service tag
@@ -160,35 +187,3 @@ Austraila region:
160
187
## IP ranges for {% data variables.product.prodname_importer_proper_name %}
161
188
162
189
If you're running a migration to your enterprise with {% data variables.product.prodname_importer_proper_name %}, you may need to add certain ranges to an IP allow list. See [AUTOTITLE](/migrations/using-github-enterprise-importer/migrating-between-github-products/managing-access-for-a-migration-between-github-products#configuring-ip-allow-lists-for-migrations).
Copy file name to clipboardExpand all lines: content/admin/managing-code-security/securing-your-enterprise/creating-a-custom-security-configuration-for-your-enterprise.md
+4-2Lines changed: 4 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -69,7 +69,8 @@ When creating a security configuration, keep in mind that:
69
69
> When both "{% data variables.product.prodname_code_security %}" and Dependency graph are enabled, this enables dependency review, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review).{%- ifversion maven-transitive-dependencies %}
70
70
***Automatic dependency submission**. To learn about automatic dependency submission, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-automatic-dependency-submission-for-your-repository).{%- endif %}
71
71
***{% data variables.product.prodname_dependabot %} alerts**. To learn about {% data variables.product.prodname_dependabot %}, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts).
72
-
***Security updates**. To learn about security updates, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates).{% ifversion fpt or ghec %}
72
+
***Security updates**. To learn about security updates, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates).{% ifversion dependabot-delegated-alert-dismissal %}
73
+
***Prevent direct alert dismissals**. To learn more, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/enable-delegated-alert-dismissal).{% endif %}{% ifversion fpt or ghec %}
73
74
1. For "Private vulnerability reporting", choose whether you want to enable, disable, or keep the existing settings. To learn about private vulnerability reporting, see [AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository).{% endif %}
74
75
1. Optionally, in the "Policy" section, you can use additional options to control how the configuration is applied:
75
76
***Use as default for newly created repositories**. Select the **None** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %} dropdown menu, then click **Public**, **Private and internal**, or **All repositories**.
@@ -108,7 +109,8 @@ When creating a security configuration, keep in mind that:
108
109
> When both "{% data variables.product.prodname_GHAS %}" and Dependency graph are enabled, this enables dependency review, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review).{%- ifversion maven-transitive-dependencies %}
109
110
***Automatic dependency submission**. To learn about automatic dependency submission, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-automatic-dependency-submission-for-your-repository).{%- endif %}
110
111
***{% data variables.product.prodname_dependabot %} alerts**. To learn about {% data variables.product.prodname_dependabot %}, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/about-dependabot-alerts).
111
-
***Security updates**. To learn about security updates, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates).{% ifversion fpt or ghec %}
112
+
***Security updates**. To learn about security updates, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates).{% ifversion dependabot-delegated-alert-dismissal %}
113
+
***Prevent direct alert dismissals**. To learn more, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/enable-delegated-alert-dismissal).{% endif %}{% ifversion fpt or ghec %}
112
114
1. For "Private vulnerability reporting", choose whether you want to enable, disable, or keep the existing settings. To learn about private vulnerability reporting, see [AUTOTITLE](/code-security/security-advisories/working-with-repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository).{% endif %}
113
115
1. Optionally, in the "Policy" section, you can use additional options to control how the configuration is applied:
114
116
***Use as default for newly created repositories**. Select the **None** {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %} dropdown menu, then click **Public**, **Private and internal**, or **All repositories**.
Copy file name to clipboardExpand all lines: content/admin/overview/establishing-a-governance-framework-for-your-enterprise.md
+4-1Lines changed: 4 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -122,7 +122,10 @@ You may want to set up an approval process for better control over who in your e
122
122
123
123
Approval processes are available for:
124
124
* Bypasses of push protection—You can choose who is allowed to bypass push protection, and add a review and approval cycle for pushes containing secrets from all other contributors. For more information about **delegated bypass for push protection**, see [AUTOTITLE](/code-security/secret-scanning/using-advanced-secret-scanning-and-push-protection-features/delegated-bypass-for-push-protection/about-delegated-bypass-for-push-protection).{% ifversion security-delegated-alert-dismissal %}
125
-
* Dismissals of alerts for {% data variables.product.prodname_code_scanning %} and {% data variables.product.prodname_secret_scanning %}—You can provide additional control and visibility over alert assessment by ensuring that only designated individuals can dismiss (or close) alerts. For more information about **delegated alert dismissal**, see [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/enabling-delegated-alert-dismissal-for-code-scanning) and [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/enabling-delegated-alert-dismissal-for-code-scanning).
125
+
* Dismissals of alerts for {% data variables.product.prodname_code_scanning %}{% ifversion dependabot-delegated-alert-dismissal %}, {% data variables.product.prodname_dependabot %},{% endif %} and {% data variables.product.prodname_secret_scanning %}—You can provide additional control and visibility over alert assessment by ensuring that only designated individuals can dismiss (or close) alerts. For more information about **delegated alert dismissal**, see the following articles:
Copy file name to clipboardExpand all lines: content/authentication/keeping-your-account-and-data-secure/about-githubs-ip-addresses.md
+1-7Lines changed: 1 addition & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -19,13 +19,7 @@ topics:
19
19
shortTitle: GitHub's IP addresses
20
20
---
21
21
22
-
You can retrieve a list of the IP addresses for {% data variables.product.prodname_dotcom_the_website %} from the [meta](https://api.github.com/meta) API endpoint. For more information, see [AUTOTITLE](/rest/meta).
23
-
24
-
{% ifversion ghec %}
25
-
26
-
If you access {% data variables.product.github %} on a subdomain of {% data variables.enterprise.data_residency_site %}, the meta endpoint does not return IP ranges for your subdomain. See [AUTOTITLE](/admin/data-residency/network-details-for-ghecom#githubs-ip-addresses).
27
-
28
-
{% endif %}
22
+
You can retrieve a list of the IP addresses for your {% data variables.product.github %} environment from the [meta](https://api.github.com/meta) API endpoint. For more information, see [AUTOTITLE](/rest/meta).
29
23
30
24
> [!NOTE]
31
25
> The list of {% data variables.product.prodname_dotcom %} IP addresses returned by the Meta API is not intended to be an exhaustive list. For example, IP addresses for some {% data variables.product.prodname_dotcom %} services might not be listed, such as LFS or {% data variables.product.prodname_registry %}.
Copy file name to clipboardExpand all lines: content/code-security/code-scanning/managing-code-scanning-alerts/triaging-code-scanning-alerts-in-pull-requests.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -127,7 +127,7 @@ Anyone with push access to a pull request can fix a {% data variables.product.pr
127
127
When {% data variables.copilot.copilot_autofix_short %} is enabled for a repository, alerts are displayed in pull requests as normal and information from any alerts found by {% data variables.product.prodname_code_scanning %} is automatically sent to the LLM for processing. When LLM analysis is complete, any results are published as comments on relevant alerts. For more information, see [AUTOTITLE](/code-security/code-scanning/managing-code-scanning-alerts/responsible-use-autofix-code-scanning).
128
128
129
129
> [!NOTE]
130
-
> * {% data variables.copilot.copilot_autofix_short %} supports a subset of {% data variables.product.prodname_codeql %} queries. For information about the availability of {% data variables.copilot.copilot_autofix_short %}, see the query tables linked from [AUTOTITLE](/code-security/code-scanning/managing-your-code-scanning-configuration/codeql-query-suites#query-lists-for-the-default-query-suites).
130
+
> * {% data variables.copilot.copilot_autofix_short %} supports a subset of {% data variables.product.prodname_codeql %} queries. For information about the availability of {% data variables.copilot.copilot_autofix_short %}, see the query tables linked from [AUTOTITLE](/code-security/code-scanning/reference/code-ql-built-in-queries).
131
131
> * When analysis is complete, all relevant results are published to the pull request at once. If at least one alert in your pull request has an {% data variables.copilot.copilot_autofix_short %} suggestion, you should assume that the LLM has finished identifying potential fixes for your code.
132
132
> * On alerts generated from queries that are not supported by {% data variables.copilot.copilot_autofix_short %}, you will see a note telling you that the query is not supported. If a suggestion for a supported query fails to generate, you will see a note on the alert prompting you to try pushing another commit or to contact support.
133
133
> * {% data variables.copilot.copilot_autofix_short %} for {% data variables.product.prodname_code_scanning %} alerts won't be able to generate a fix for every alert in every situation. The feature operates on a best-effort basis and is not guaranteed to succeed 100% of the time. For information about the limitations of automatically generated fixes, see [Limitations of suggestions](/code-security/code-scanning/managing-code-scanning-alerts/about-autofix-for-codeql-code-scanning#limitations-of-suggestions).
Copy file name to clipboardExpand all lines: content/code-security/code-scanning/managing-your-code-scanning-configuration/codeql-query-suites.md
+3-6Lines changed: 3 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,7 +1,7 @@
1
1
---
2
2
title: CodeQL query suites
3
3
shortTitle: CodeQL query suites
4
-
intro: 'You can choose from different built-in {% data variables.product.prodname_codeql %} query suites to use in your {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} setup.'
4
+
intro: You can choose from different built-in {% data variables.product.prodname_codeql %} query suites to use in your {% data variables.product.prodname_codeql %} {% data variables.product.prodname_code_scanning %} setup.
5
5
product: '{% data reusables.gated-features.codeql %}'
6
6
versions:
7
7
fpt: '*'
@@ -14,6 +14,7 @@ type: reference
14
14
topics:
15
15
- Code scanning
16
16
- CodeQL
17
+
contentType: other
17
18
---
18
19
19
20
## About {% data variables.product.prodname_codeql %} query suites
@@ -43,11 +44,7 @@ The built-in {% data variables.product.prodname_codeql %} query suites, `default
43
44
* Relative to the `default` query suite, the `security-extended` suite may return a greater number of false positive {% data variables.product.prodname_code_scanning %} results.
44
45
* This query suite is available for use with default setup for {% data variables.product.prodname_code_scanning %}, and is referred to as the "Extended" query suite on {% data variables.product.prodname_dotcom %}.
45
46
46
-
## Query lists for the default query suites
47
-
48
-
For each language, the following article lists which queries are included in the `default` and the `security-extended` suites. {% ifversion code-scanning-autofix %}Where {% data variables.copilot.copilot_autofix_short %} is available for a language, details of which queries are supported are also included.{% endif %}
49
-
50
-
{% data reusables.code-scanning.codeql-query-tables.links-to-all-tables %}
47
+
For a complete list of queries included in each query suite for every language, see [AUTOTITLE](/code-security/code-scanning/reference).
0 commit comments