Merge branch 'update-spp-docs-to-indicate-no-custom-rulesets' into 'master'

Explain why we don't support custom rulesets See merge request gitlab-org/gitlab!161303 Merged-by: Russell Dickenson <rdickenson@gitlab.com> Approved-by: Russell Dickenson <rdickenson@gitlab.com> Co-authored-by: Ahmed Hemdan <ahemdan@gitlab.com>

Merge branch 'update-spp-docs-to-indicate-no-custom-rulesets' into 'master'
a071eca2 · Russell Dickenson · GitLab · 9c7b587b · 513f30c5 · a071eca2
Verified Commit a071eca2 authored 7 months ago by Russell Dickenson Committed by GitLab 7 months ago
--- a/doc/user/application_security/secret_detection/secret_push_protection/index.md
+++ b/doc/user/application_security/secret_detection/secret_push_protection/index.md
@@ -49,6 +49,14 @@ remote: To push your changes you must remove the identified secrets.

 If secret push protection does not detect any secrets in your commits, no message is displayed.

+## Detected secrets
+
+GitLab maintains a [set of rules](detected_secrets.md) that are used for blocking secrets from being pushed to GitLab.
+
+Scanning against low-confidence patterns can potentially lead to a timeout or the push check failing. Therefore, we chose to include only high-confidence patterns to ensure a performant experience when pushing your code, and to reduce the number of false alerts.
+
+It is currently not possible to use custom rulesets with secret push protection.
+
 ## Enable secret push protection

 On GitLab Dedicated and Self-managed instances, secret push protection must be enabled for the entire instance and then you must enable it per project.