为存储库启用机密扫描

可以配置 GitHub 如何扫描存储库中遭到泄露的机密并生成警报。

谁可以使用此功能?

Secret scanning 可用于以下存储库类型:

  •         **公共存储库**:Secret scanning 自动且免费地运行。

  •           **组织拥有的私有和内部存储库**:在 GitHub Team 或 GitHub Enterprise Cloud 上启用 [GitHub Secret Protection](/get-started/learning-about-github/about-github-advanced-security) 后可用。

  •         **用户拥有的存储库**:在 GitHub Enterprise Cloud 上可用,配合 Enterprise Managed Users。 当企业启用了 [GitHub Secret Protection](/get-started/learning-about-github/about-github-advanced-security) 时,可在 GitHub Enterprise Server 上使用。

在本文中

About enabling secret scanning

Secret scanning can be enabled for any repository that is owned by an organization, and for repositories owned by user accounts when using GitHub Enterprise Cloud with Enterprise Managed Users.

If you're an organization owner, you can enable secret scanning for multiple repositories at a time using security configurations. For more information, see About enabling security features at scale.

If your organization is owned by an enterprise account, an enterprise owner can also enable secret scanning at the enterprise level. For more information, see Creating a custom security configuration for your enterprise.

Enabling secret scanning

Secret scanning are enabled when you enable Secret Protection for your repository.

  1. On GitHub, navigate to the main page of the repository.

  2. Under your repository name, click Settings. If you cannot see the "Settings" tab, select the dropdown menu, then click Settings.

    Screenshot of a repository header showing the tabs. The "Settings" tab is highlighted by a dark orange outline.

  3. In the "Security" section of the sidebar, click Advanced Security.

  4. To the right of "Secret Protection", click Enable.

  5. Review the impact of enabling Secret Protection, then click Enable Secret Protection.

A repository administrator can choose to disable secret scanning for a repository at any time. For more information, see Managing security and analysis settings for your repository.

Next steps