miniblog.
← Back to all posts
Wilfred Hughes
Jan 10, 2020 at 22:46
GitHub now provides a feature to discover when you've accidentally leaked company private keys:
https://developer.github.com/partnerships/token-scanning/
Makes sense, but it's a shame it's needed. It's easy to screw up.
Secret scanning partner program - GitHub Docs
As a service provider, you can partner with GitHub to have your secret token formats secured through secret scanning, which searches for accidental commits of your secret format and can be sent to a service provider's verify endpoint.
