Concepts for secret security

GitHub scans repositories for known types of secrets, to prevent fraudulent use of secrets that were committed accidentally.

Push protection blocks contributors from pushing secrets to a repository and generates an alert whenever a contributor bypasses the block. You can apply push protection at repository or organization level.

Learn about the different types of 机密扫描警报.

You can control which teams or roles have the ability to bypass push protection in your organization or repository.

Learn your options for unblocking your push to GitHub using the REST API if secret scanning detects a secret in the content of your API request.