thatthefunctionofscanningsecrets”Secret Scanning” is now open to all public repositories and can be included to detect secret leaks in the entire history of publications.
Secrets are confidential data that are accidentally added to the GITHUB repository, including APIs, accounting passwords, authentication tokens and other data that may allow attackers to gain access to confidential information. Hackers usually seek in publicly accessible Gitub repositories the secrets of authentication in order to hack networks, steal data or impersonate the company in their own attacks.
In December 2022, GitHub began to spread the beta version of the free warning function about scanning secrets in all public repositories, which scanes more than 200 tokens formats to help developers find a random leakage of confidential data. Since then, 70,000 public repositories included this function.
March 1, the service became public, and all owners of public repositories may include notification of scanning of coeches to protect their data. DevOPS consultant “@rajbos” documentation , which described how the new function works and how It is correct to use it.