AZ-400 · Question #460
You have a public GitHub repository named Public1. A commit is made to Public1. The commit contains a pattern that matches a regular expression. Who is notified first when the commit is made?
The correct answer is D. the secret scanning partner. https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning#about-secret- scanning-alerts-for-partners When you make a repository public, or push changes to a public repository, GitHub always scans the code for secrets that match partner patterns. Public packag
Question
Options
- Athe administrator of the GitHub organization
- Bthe committer
- Cthe owner of Public1
- Dthe secret scanning partner
How the community answered
(38 responses)- A11% (4)
- B5% (2)
- C3% (1)
- D82% (31)
Explanation
https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning#about-secret- scanning-alerts-for-partners When you make a repository public, or push changes to a public repository, GitHub always scans the code for secrets that match partner patterns. Public packages on the npm registry are also scanned. If secret scanning detects a potential secret, we notify the service provider who issued the secret. The service provider validates the string and then decides whether they should revoke the secret, issue a new secret, or contact you directly. Their action will depend on the associated risks to you or them. You cannot change the configuration of secret scanning for partner patterns on public
Community Discussion
No community discussion yet for this question.