github
diff --git a/‎assets/images/help/security/push-protection-for-yourself.png
62.7 KB b/‎assets/images/help/security/push-protection-for-yourself.png
62.7 KB
diff --git a/‎content/code-security/getting-started/best-practices-for-preventing-data-leaks-in-your-organization.md
Lines changed: 3 additions & 1 deletion b/‎content/code-security/getting-started/best-practices-for-preventing-data-leaks-in-your-organization.md
Lines changed: 3 additions & 1 deletion
diff --git a/‎content/code-security/guides.md
Lines changed: 1 addition & 0 deletions b/‎content/code-security/guides.md
Lines changed: 1 addition & 0 deletions
diff --git a/‎content/code-security/secret-scanning/about-secret-scanning.md
Lines changed: 6 additions & 0 deletions b/‎content/code-security/secret-scanning/about-secret-scanning.md
Lines changed: 6 additions & 0 deletions
diff --git a/‎content/code-security/secret-scanning/index.md
Lines changed: 2 additions & 2 deletions b/‎content/code-security/secret-scanning/index.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎content/code-security/secret-scanning/protecting-pushes-with-secret-scanning.md renamed to ‎content/code-security/secret-scanning/push-protection-for-repositories-and-organizations.md
Lines changed: 10 additions & 3 deletions b/‎content/code-security/secret-scanning/protecting-pushes-with-secret-scanning.md renamed to ‎content/code-security/secret-scanning/push-protection-for-repositories-and-organizations.md
Lines changed: 10 additions & 3 deletions
diff --git a/‎content/code-security/secret-scanning/push-protection-for-users.md
Lines changed: 32 additions & 0 deletions b/‎content/code-security/secret-scanning/push-protection-for-users.md
Lines changed: 32 additions & 0 deletions
diff --git a/‎content/code-security/secret-scanning/secret-scanning-patterns.md
Lines changed: 2 additions & 0 deletions b/‎content/code-security/secret-scanning/secret-scanning-patterns.md
Lines changed: 2 additions & 0 deletions
diff --git a/‎content/contributing/syntax-and-versioning-for-github-docs/creating-tool-switchers-in-articles.md
Lines changed: 1 addition & 1 deletion b/‎content/contributing/syntax-and-versioning-for-github-docs/creating-tool-switchers-in-articles.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎content/desktop/contributing-and-collaborating-using-github-desktop/managing-commits/cherry-picking-a-commit-in-github-desktop.md
Lines changed: 16 additions & 1 deletion b/‎content/desktop/contributing-and-collaborating-using-github-desktop/managing-commits/cherry-picking-a-commit-in-github-desktop.md
Lines changed: 16 additions & 1 deletion
@@ -36,7 +36,9 @@ Protect your organization's repositories and settings by implementing security b
 
 - Encouraging your users to create strong passwords and secure them appropriately, by following {% data variables.product.prodname_dotcom %}’s recommended password guidelines. For more information, see "[AUTOTITLE](/authentication/keeping-your-account-and-data-secure/creating-a-strong-password)."
 
-- Establishing an internal security policy in {% data variables.product.prodname_dotcom %}, so users know the appropriate steps to take and who to contact if an incident is suspected. For more information, see "[AUTOTITLE](/code-security/getting-started/adding-a-security-policy-to-your-repository)."
+- Establishing an internal security policy in {% data variables.product.prodname_dotcom %}, so users know the appropriate steps to take and who to contact if an incident is suspected. For more information, see "[AUTOTITLE](/code-security/getting-started/adding-a-security-policy-to-your-repository)."{% ifversion secret-scanning-push-protection-for-users %}
+
+- Encouraging your users to enable push protection for users so that no matter which public repository they push to, they will be protected. For more information, see "[AUTOTITLE](/code-security/secret-scanning/push-protection-for-users)."{% endif %}
 
 For more detailed information about securing accounts, see "[AUTOTITLE](/code-security/supply-chain-security/end-to-end-supply-chain/securing-accounts)."
 
 
@@ -32,6 +32,7 @@ includeGuides:
   - /code-security/secret-scanning/defining-custom-patterns-for-secret-scanning
   - /code-security/secret-scanning/managing-alerts-from-secret-scanning
   - /code-security/secret-scanning/protecting-pushes-with-secret-scanning
+  - /code-security/secret-scanning/push-protection-for-users
   - /code-security/secret-scanning/pushing-a-branch-blocked-by-push-protection
   - /code-security/secret-scanning/secret-scanning-patterns
   - /code-security/secret-scanning/troubleshooting-secret-scanning
 
@@ -59,6 +59,12 @@ If your project communicates with an external service, you might use a token or
 
 {% endif %}
 
+{% ifversion secret-scanning-push-protection-for-users %}
+
+{% data reusables.secret-scanning.push-protection-for-users %}
+
+{% endif %}
+
 {% ifversion fpt or ghec %}
 
 ## About {% data variables.secret-scanning.partner_alerts %}
 
@@ -21,8 +21,8 @@ children:
   - /defining-custom-patterns-for-secret-scanning
   - /managing-alerts-from-secret-scanning
   - /secret-scanning-patterns
-  - /protecting-pushes-with-secret-scanning
+  - /push-protection-for-repositories-and-organizations
+  - /push-protection-for-users
   - /pushing-a-branch-blocked-by-push-protection
   - /troubleshooting-secret-scanning
 ---
-
@@ -1,24 +1,25 @@
 ---
-title: Protecting pushes with secret scanning
+title: Push protection for repositories and organizations
 intro: 'You can use {% data variables.product.prodname_secret_scanning %} to prevent supported secrets from being pushed into your {% ifversion secret-scanning-enterprise-level %}enterprise,{% endif %} organization{% ifversion secret-scanning-enterprise-level %},{% endif %} or repository by enabling push protection.'
 product: '{% data reusables.gated-features.secret-scanning %}'
 versions:
   feature: secret-scanning-push-protection
 redirect_from:
   - /early-access/code-security/secret-scanning/protecting-pushes-with-secret-scanning
+  - /code-security/secret-scanning/protecting-pushes-with-secret-scanning
 type: how_to
 topics:
   - Secret scanning
   - Advanced Security
   - Alerts
   - Repositories
-shortTitle: Enable push protection
+shortTitle: Push protection for repositories
 ---
 
 {% data reusables.secret-scanning.beta %}
 {% data reusables.secret-scanning.enterprise-enable-secret-scanning %}
 
-## About push protection for secrets
+## About push protection for repositories and organizations
 
 Up to now, {% data variables.product.prodname_secret_scanning %} checks for secrets _after_ a push and alerts users to exposed secrets. {% data reusables.secret-scanning.push-protection-overview %} {% ifversion secret-scanning-push-protection-custom-patterns %}{% data variables.product.prodname_secret_scanning_caps %} can also check pushes for custom patterns. For more information, see "[AUTOTITLE](/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning)."{% endif %}
 
@@ -37,6 +38,12 @@ If you are an organization owner or security manager, you can view metrics on ho
 
 For information on the secrets and service providers supported for push protection, see "[AUTOTITLE](/code-security/secret-scanning/secret-scanning-patterns#supported-secrets)."
 
+{% ifversion secret-scanning-push-protection-for-users %}
+
+{% data reusables.secret-scanning.push-protection-for-users %}
+
+{% endif %}
+
 ## Enabling {% data variables.product.prodname_secret_scanning %} as a push protection
 
 For you to use {% data variables.product.prodname_secret_scanning %} as a push protection in public repositories, the {% ifversion secret-scanning-enterprise-level %}enterprise,{% endif %} organization{% ifversion secret-scanning-enterprise-level %},{% endif %} or repository needs to have {% data variables.product.prodname_secret_scanning %} enabled.{% ifversion secret-scanning-push-protection-private-internal %} To use {% data variables.product.prodname_secret_scanning %} as a push protection in private or internal repositories, the enterprise or organization also needs to have {% data variables.product.prodname_GH_advanced_security %} enabled.{% endif %} For more information, see {% ifversion secret-scanning-enterprise-level %}"[AUTOTITLE](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise),"{% endif %} "[AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization)," "[AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository)," and "[AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security)."
 
@@ -0,0 +1,32 @@
+---
+title: Push protection for users
+intro: 'You can use {% data variables.product.prodname_secret_scanning %} to block commits containing secrets in any public repository by enabling push protection for yourself.'
+versions:
+  feature: secret-scanning-push-protection-for-users
+type: how_to
+topics:
+  - Secret scanning
+  - Advanced Security
+  - Alerts
+  - User account
+---
+
+{% data reusables.secret-scanning.push-protection-for-users-beta %}
+
+## About push protection for users
+
+With push protection for users, you can enable push protection for yourself, so that no matter which public repository you push to, you will be protected. Additionally, if you are a repository administrator, or an organization owner, you can enable push protection for your repository or organization, respectively. For more information, see "[AUTOTITLE](/code-security/secret-scanning/push-protection-for-repositories-and-organizations)."
+
+If push protection is not enabled for the repository you are pushing to, but you have push protection for yourself enabled, no alerts will be created after you push a secret. However, if the bypassed secret is a {% data variables.product.prodname_dotcom %} token, the token will be revoked and you will be notified by email.
+
+For information on the secrets and service providers supported for push protection, see "[AUTOTITLE](/code-security/secret-scanning/secret-scanning-patterns#supported-secrets)."
+
+## Enabling push protection for yourself
+
+You can enable push protection for yourself through your personal account settings.
+
+{% data reusables.user-settings.access_settings %}
+{% data reusables.user-settings.security-analysis %}
+1. Under "User", to the right of "Push protection for yourself", click **Enable**.
+
+   ![Screenshot of the "User" section of the "Code security and analysis" settings page. A button labeled "Enable" is outlined in dark orange.](/assets/images/help/security/push-protection-for-yourself.png)
@@ -69,6 +69,8 @@ If you use the REST API for secret scanning, you can use the `Secret type` to re
 
 Push protection alerts are user alerts that are reported by push protection. {% data variables.product.prodname_secret_scanning_caps %} as a push protection currently scans repositories for secrets issued by some service providers.
 
+{% ifversion secret-scanning-push-protection-for-users %}Push protection alerts are not created for secrets that are bypassed with user-based push protection only. For more information, see "[AUTOTITLE](/code-security/secret-scanning/push-protection-for-users)."{% endif %}
+
 {% data reusables.secret-scanning.secret-scanning-pattern-pair-matches %}
 
 {% data reusables.secret-scanning.push-protection-older-tokens %} For more information about push protection limitations, see "[AUTOTITLE](/code-security/secret-scanning/troubleshooting-secret-scanning#push-protection-and-pattern-versions)."
 
@@ -39,4 +39,4 @@ Only include a maximum of eight different tools in an article. Including more to
 ## Adding new tools
 If a writer determines that adding a new tool is the only way to accurately document something, they should explain their reasoning in the content planning stage. Whoever reviews content plan should consider if there are any alternative ways to address the documentation need without adding a new tool. If a new tool is the only way to create accurate documentation, the new tool should be added. If there is an alternative content solution that does not add a new tool, that option should be used.
 
-To add a new tool, add an entry to the `allTools` object in the [`lib/all-tools.js`](https://github.com/github/docs/blob/main/lib/all-tools.js) file as a key-value pair. Add new tools in alphabetical order.
+To add a new tool, add an entry to the `allTools` object in the [`lib/all-tools.js`](https://github.com/github/docs/blob/main/src/tools/lib/all-tools.js) file as a key-value pair. Add new tools in alphabetical order.
@@ -22,10 +22,25 @@ You can also use cherry-picking when collaborating with a team. Some projects in
    ![Screenshot of the "Current Branch" dropdown view. Under "Recent Branches", a branch, named "my-feature", is highlighted with an orange outline.](/assets/images/help/desktop/select-branch-from-dropdown.png)
 
 {% data reusables.desktop.history-tab %}
-1. Drag the commit that you want to cherry-pick from the "History" tab to the {% octicon "git-branch" aria-hidden="true" %} **Current Branch** dropdown menu, then drop the commit on the branch that you want to copy the commit to.
+1. Select the commit you would like to cherry-pick. 
+
+   {% mac %}
+
+   You can select one commit or select multiple commits using <kbd>Command</kbd> or <kbd>Shift</kbd>.
+
+   {% endmac %}
+
+   {% windows %}
+
+   You can select one commit or select multiple commits using <kbd>Ctrl</kbd> or <kbd>Shift</kbd>.
+
+   {% endwindows %}
+   
+1. Right-click the selected commit and click **Cherry pick commit**, then select the branch that you want to copy the commit to. You can also drag the commit that you want to cherry-pick from the "History" tab to the {% octicon "git-branch" aria-hidden="true" %} **Current Branch** dropdown menu, then drop the commit on the branch that you want to copy the commit to.
 
    ![Screenshot of the "History" tab and the "Current Branch" dropdown view. The cursor hovers over the "my-feature" branch, and "plus one" icons indicate the addition of one commit.](/assets/images/help/desktop/cherry-picking.png)
 
+
 ## Further reading
 
 - [git-cherry-pick](https://git-scm.com/docs/git-cherry-pick) in the Git documentation