GitHub can now auto-block commits containing API keys, auth tokens
Credit:
Bleeping Computer
GitHub has announced on Monday that it expanded its code hosting platform's secrets scanning capabilities for GitHub Advanced Security customers to block secret leaks automatically.
Secret scanning is an advanced security option that organizations using GitHub Enterprise Cloud with a GitHub Advanced Security license can enable for additional repository scanning. It works by matching patterns defined by the organization or provided by partners and service providers. Each match is reported as a security alert in the repos' Security tab or to partners if it matches a partner pattern.