"GitHub's March updates included 28 new secret detectors from 15 providers, expanding push protection to 39 detectors enabled by default, blocking commits with matching secrets."
"The GitHub MCP Server now scans code changes for exposed secrets in AI coding agents, providing structured data on any secrets found before commits or pull requests."
"Organizations can designate specific roles, teams, and apps as exempt from push protection enforcement directly from repository settings, enhancing security management flexibility."
In March, GitHub introduced significant updates to its secret scanning capabilities. This included 37 new secret detectors from 22 providers and expanded push protection to 39 token types. Validity checks were added for various tokens, ensuring teams can verify the activity of detected secrets. A notable enhancement is the integration of secret scanning within AI coding agents via the GitHub MCP Server, allowing for proactive scanning of code changes. Additionally, organizations can now manage push protection exemptions at the repository level, improving flexibility in security management.
Read at DevOps.com
Unable to calculate read time
Collection
[
|
...
]