Secret scanning detects secrets in GitHub discussions and pull request content #965
Labels
ga
Feature phase: Generally available
GHES 3.15
GHES 3.15
github advanced security
Product SKU: GitHub Advanced Security
secret scanning
Feature: Github Secret Scanning
shipped
Shipped
Comments
github-product-roadmap
added
ga
|
🚢 This has shipped: https://github.blog/changelog/2024-08-16-secret-scanning-for-non-code-github-surfaces-is-now-generally-available/ Leaving open to track for GHES release. |
# for free
to subscribe to this conversation on GitHub.
Already have an account?
#.
Summary
Secret scanning is expanding detection coverage beyond commit content. GitHub now detects secrets found in pull request and GitHub discussions (e.g. bodies, comments, edits).
As GitHub expands support, GitHub will be performing backfills to detect historically existing secrets across pull requests and discussions.
This release follows support of scanning for GitHub issues, and will be similarly followed by support for secret scanning across GitHub wiki content.
Intended Outcome
Secrets can be exposed anywhere -- not just across code content. GitHub helps keep you safe by automatically scanning additional surfaces across GitHub, without the need for any additional setup.
How will it work?
For repositories where secret scanning is enabled, you'll automatically begin to receive secret scanning alerts for any exposed secrets in pull requests or discussions. GitHub will also continue to scan public repositories for publicly leaked secrets, and will now notify partners in secret scanning's partnership program if secrets are detected in public pull requests or discussions.
The text was updated successfully, but these errors were encountered: