Secret leaks are one of the most common security mistakes, and they can have disastrous consequences. GitHub Secret Scanning looks for leaked secrets in all public repositories, and enrolled private repositories, and works with the issuer to notify the developer and/or revoke the token as appropriate. This protects users from fraud and data leaks.
In addition to our 24 existing partners, GitHub has partnered with Shopify, MessageBird, Dynatrace, SSLMate and Frame.io to scan for their developer tokens! This brings our total number of token scanning partners to 29.