GitHub Community
📣 Updates to Secret Scanning Alerts: Generic Category for Non-Provider Patterns and Copilot-Detected Passwords #153747
Unanswered
ghostinhershell
asked this question in
Code Security
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
We are excited to announce an important update to our secret scanning alerts. Alerts for non-provider patterns and Copilot-detected passwords are now categorized as
genericinstead ofexperimental. This change applies to alert filters and the secondary inbox in your alert list views.Background
Non-provider patterns and Copilot secret scanning were made generally available in October 2024. After careful iteration, these alerts have reached the level of quality you’ve come to know and expect from provider-based patterns. Therefore, these alerts are no longer considered experimental and should be remediated in accordance with your organization’s standard policies.
Availability
Detection for these secret types is available for repositories with a GitHub Advanced Security license. You can enable them through your repository settings or organization and enterprise code security configurations.
Learn More
To learn more about how to secure your repositories, check out our documentation on secret scanning.
Stay secure with the latest updates to GitHub's secret scanning capabilities!
Beta Was this translation helpful? Give feedback.
All reactions