AWS securityagent documentation change
Summary
Updated terminology from 'GitHub' to generic 'pull requests' to include GitLab and Bitbucket, added provider-agnostic language, and clarified cross-platform support.
Security assessment
Changes are editorial updates to generalize content for multiple source control providers. No security vulnerabilities, weaknesses, or incident responses are mentioned. The core security functionality (code scanning and findings) remains unchanged.
Diff
diff --git a/securityagent/latest/userguide/review-code-findings-github.md b/securityagent/latest/userguide/review-code-findings-github.md index ee2efb38f..22588b809 100644 --- a//securityagent/latest/userguide/review-code-findings-github.md +++ b//securityagent/latest/userguide/review-code-findings-github.md @@ -7 +7 @@ -How code review works in GitHubUnderstanding code review resultsResponding to security findingsFiltering code review findingsNext steps +How code review works in pull requestsUnderstanding code review resultsResponding to security findingsFiltering code review findingsNext steps @@ -9 +9 @@ How code review works in GitHubUnderstanding code review resultsResponding to se -# Review code security findings in GitHub pull requests +# Review code security findings in pull requests @@ -11 +11 @@ How code review works in GitHubUnderstanding code review resultsResponding to se -After enabling code review for pull requests for your repositories, AWS Security Agent automatically analyzes pull requests and posts security findings directly in GitHub. This allows developers to address security issues within their normal workflow without leaving the pull request. +After enabling code review for pull requests for your repositories, AWS Security Agent automatically analyzes pull requests and posts security findings directly in your source control provider. This allows developers to address security issues within their normal workflow without leaving the pull request. @@ -13 +13,5 @@ After enabling code review for pull requests for your repositories, AWS Security -## How code review works in GitHub +###### Note + +This page applies to GitHub pull requests, GitLab merge requests, and Bitbucket pull requests. The experience is similar across all providers. + +## How code review works in pull requests @@ -15 +19 @@ After enabling code review for pull requests for your repositories, AWS Security -When you submit a pull request in a repository with code review enabled, AWS Security Agent automatically begins analysis. +When you submit a pull request (or merge request in GitLab) in a repository with code review enabled, AWS Security Agent automatically begins analysis. @@ -59 +63 @@ If AWS Security Agent completes analysis and finds no security issues in your co -After reviewing the security findings posted by AWS Security Agent, you can take action directly in GitHub. +After reviewing the security findings posted by AWS Security Agent, you can take action directly in your source control provider. @@ -63 +67 @@ After reviewing the security findings posted by AWS Security Agent, you can take - * **Resolve conversations** \- After addressing a security finding, mark the conversation as resolved in GitHub to track your progress. + * **Resolve conversations** \- After addressing a security finding, mark the conversation as resolved to track your progress.