roadmap icon indicating copy to clipboard operation
roadmap copied to clipboard
verified publisher icon github

Secret scanning detects secrets in GitHub discussions and pull request content

Open github-product-roadmap opened this issue 1 year ago • 1 comments

Summary

Secret scanning is expanding detection coverage beyond commit content. GitHub now detects secrets found in pull request and GitHub discussions (e.g. bodies, comments, edits).

As GitHub expands support, GitHub will be performing backfills to detect historically existing secrets across pull requests and discussions.

This release follows support of scanning for GitHub issues, and will be similarly followed by support for secret scanning across GitHub wiki content.

Intended Outcome

Secrets can be exposed anywhere -- not just across code content. GitHub helps keep you safe by automatically scanning additional surfaces across GitHub, without the need for any additional setup.

How will it work?

For repositories where secret scanning is enabled, you'll automatically begin to receive secret scanning alerts for any exposed secrets in pull requests or discussions. GitHub will also continue to scan public repositories for publicly leaked secrets, and will now notify partners in secret scanning's partnership program if secrets are detected in public pull requests or discussions.

github-product-roadmap avatar May 29 '24 20:05 github-product-roadmap

🚢 This has shipped: https://github.blog/changelog/2024-08-16-secret-scanning-for-non-code-github-surfaces-is-now-generally-available/

Leaving open to track for GHES release.

ankneis avatar Sep 20 '24 16:09 ankneis

This shipped with GHES 3.15: https://docs.github.com/en/[email protected]/admin/release-notes

ankneis avatar Nov 18 '24 21:11 ankneis

Edit to clarify: This feature will be available with the GHES 3.15 general availability release on December 3

ankneis avatar Nov 19 '24 00:11 ankneis