Enabling extended metadata checks for your repository

Learn how to enable extended metadata checks for detected secrets so alerts detected by secret scanning include additional information that help you assess and remediate leaks faster.

Quem pode usar esse recurso?

Proprietários de repositórios, proprietários de organizações, gerentes de segurança e usuários com a função de administrador

Extended metadata checks are available for the following repository types:

Organization-owned repositories on GitHub Team or GitHub Enterprise Cloud with GitHub Secret Protection enabled

Neste artigo

Observação

Extended metadata checks for tokens is in public preview and subject to change.

About extended metadata checks

Extended metadata checks, often referred to as analyzers in other tools, are a secret scanning feature that you can enable for supported tokens.

When you enable extended metadata checks for tokens, secret scanning provides you with additional information about detected secrets, such as ownership and contact details. This information helps you:

Gain deeper insight into detected secrets: Know who owns a secret.
Improve incident response: Quickly identify responsible teams or individuals when a secret is leaked.
Enhance compliance: Ensure secrets align with your organization’s governance and security policies.

This information appears on GitHub, in the page for the related secret scanning alert, helping you prioritize and remediate exposures more efficiently.

Metadata availability varies depending on the secret type. For more information, see Avaliando alertas da verificação de segredos.