Token scanning is now generally available in all public repositories. Additionally, token scanning now supports detection of new token types from Alibaba Cloud, Mailgun, and Twilio.
Dependent repositories
Dependent repositories surface data from the GitHub dependency graph, showcasing which public repositories depend on the packages in that repository.
We’ve released maintainer security advisories as a public beta. Maintainer security advisories allow open source maintainers to privately discuss, fix, and publish notices about security vulnerabilities in repositories.
GitHub may additionally create security alerts to all affected downstream repositories as appropriate.