Keeping GitHub OAuth Tokens Safe
While making your source code available in a public GitHub repository is awesome, it’s important to be sure you don’t accidentally commit your passwords, secrets, or anything else that other…
While making your source code available in a public GitHub repository is awesome, it’s important to be sure you don’t accidentally commit your passwords, secrets, or anything else that other people shouldn’t know.
Starting today you can commit more confidently, knowing that we will email you if you push one of your OAuth Access Tokens to any public repository with a git push
command. As an extra bonus, we’ll also revoke your token so it can’t be used to perform any unauthorized actions on your behalf.
For more tips on keeping your account secure, see “Keeping your SSH keys and application access tokens safe” in GitHub Help.
Written by
Related posts

From MCP to multi-agents: The top 10 new open source AI projects on GitHub right now and why they matter
Get insights on the latest trends from GitHub experts while catching up on these exciting new projects.

Racing into 2025 with new GitHub Innovation Graph data
Discover the latest trends and insights on public software development activity on GitHub with the quarterly release of data for the Innovation Graph, updated through December 2024.

GitHub Availability Report: March 2025
In March, we experienced one incident that resulted in degraded performance across GitHub services.