GitHub has announced the introduction of a feature called secret scanning to detect whether code uploaded to the system contains keys, tokens, or secrets as default values. This feature has been in use since 2022, but it is opt-in, meaning users have to choose to enable it themselves. As a result, there have been numerous instances of these keys being uploaded to GitHub, with just in 2024 alone, within a few weeks, over 1 million leaked keys were discovered. This led GitHub to decide to make this feature default for all public repositories.
Users who accidentally upload keys in their code, and these keys/tokens are recognized by GitHub, will receive alerts as shown in the image. If they still want to proceed with the upload, they can choose to disable this feature later on.
TLDR: GitHub introduces secret scanning feature to detect leaked keys in code, now default for all public repositories. Users will receive alerts if recognized keys are uploaded and can later choose to disable the feature.
Leave a Comment