← 返回首页

Secret security - GitHub Docs

Version: Free, Pro, & Team

Getting started
- GitHub security features
- Secure repository quickstart
Concepts
How-tos
- Secure at scale
  - Configure enterprise security
    - Configure specific tools
      - Allow Code Quality
      - Configure VNET
  - Configure organization security
    - Establish complete coverage
    - Manage your coverage
    - Configure specific tools
    - Manage usage and access
      - Give access to private registries
      - Manage paid GHAS use
- Secure your secrets
  - Detect secret leaks
  - Customize leak detection
  - Prevent future leaks
    - Enable push protection
    - Manage user push protection
  - Work with leak prevention
    - Push protection on the command line
    - Push protection in the GitHub UI
  - Manage bypass requests
- Find and fix code vulnerabilities
  - Configure code scanning
    - Configure code scanning
    - Configure advanced setup
  - Manage your configuration
  - Scan from the command line
  - Scan from VS Code
  - Integrate with existing tools
    - Use with existing CI system
    - Upload a SARIF file
- Secure your supply chain
- Manage security alerts
  - Remediate at scale
  - Secret scanning alerts
  - Code scanning alerts
  - Dependabot alerts
- Maintain quality code
- Report and fix vulnerabilities
  - Configure vulnerability reporting
    - Add a security policy
    - Configure for a repository
  - Report privately
  - Fix vulnerabilities
- Advanced Security with AI agents
  - Scan for secrets with MCP
- View and interpret data
Reference
Tutorials
- Secret protection
- Trial GitHub Advanced Security
- Secure your organization
- Remediate leaked secrets
- Partner program
- Customize code scanning
- Secure your dependencies
- Implement supply chain best practices
- Manage security alerts
  - Prioritize Dependabot alerts using metrics
  - Participate in campaigns
- Improve code quality
- Fix reported vulnerabilities
  - Collaborate in a fork
  - Write security advisories
Responsible use

Secret security

Learn about secret scanning patterns, risk report CSV contents, and GitHub secrets.

Understanding GitHub secret types

Learn about the usage, scope, and access permissions for GitHub secrets.

Supported secret scanning patterns

Lists of supported secrets and the partners that GitHub works with to prevent fraudulent use of secrets that were committed accidentally.

Secret scanning detection scope

Secret scanning uses pattern matching and validation to detect secrets. Detection varies based on pattern pairs, token types, and push protection settings.

Custom patterns reference

Use specific regular expression syntax to define accurate custom patterns for secret scanning.

Contents of the secret risk assessment report CSV

Understand the data included in the CSV export of the secret risk assessment report.

Secret scanning pattern configuration data

Understand the data displayed in the secret scanning pattern configuration page to make informed decisions about push protection settings.

Help and support

Did you find what you needed?

Yes No

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

Learn how to contribute

Still need help?

Ask the GitHub community

Contact support

Legal