GitHub Can Now Block Secret Leaks Automatically

GitHub has expanded the secret scanning capabilities of its code hosting platform for GitHub Advanced Security customers.

The new feature, known as push protection, enables Advanced Security customers to automatically block secret leaks and is designed to prevent accidental disclosure of credentials before code is transferred to remote repositories.

“With push protection, GitHub will check for high-confidence secrets as developers push code and block the push if a secret is identified. To make this possible without disrupting development productivity, push protection only supports token types that can be detected accurately,” GitHub said.

Once GitHub Enterprise Cloud identifies a secret before pushing the code, the git is blocked. This allows developers to review and remove the secrets from the code they tried to push to remote repos.

GitHub Advanced Security customers can enable the feature at both the repository and organizational levels. They can do this through the API or with just one click from the user interface.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web