.png)
GitHub is rolling out push protection for all public repositories, automatically enabling it. This new feature allows repos to be scanned in advance for any 'secrets' or API keys.
According to GitHub's announcement, this protection will now be turned on for all users, even those without a paid subscription. If a user tries to 'git push' to a repo containing a secret, the push will be blocked. This also applies to passwords and API keys.
The 'secret scanning' feature has been available on GitHub for two years now. After starting a pilot last year, GitHub has decided to expand it to all public repos. Now, the platform is making this feature mandatory for all repos and users, regardless of their subscription status, such as having Advanced Security or not.
English (US)