Token scanning is now generally available in all public repositories. Additionally, token scanning now supports detection of new token types from Alibaba Cloud, Mailgun, and Twilio.
Through the integration of Dependabot, we’ve released automated security fixes as a public beta. Automated security fixes are pull requests generated by GitHub to fix security vulnerabilities. They automate a tedious part of the workflow and make it easy for developers to keep their dependencies up to date.