Token leaks are one of the most common security mistakes, and they can have disastrous consequences. GitHub Token Scanning looks for leaked tokens in public repositories and works with the issuer to notify the developer and/or revoke the token as appropriate. This protects users from fraud or data leaks. Starting today, GitHub has partnered with GoCardless, HashiCorp, Postman, and Tencent Cloud to scan for their respective developer tokens.
See what launched at GitHub Universe
Missed the main event? Learn more about everything that launched at GitHub Universe, from GitHub for mobile and a redesigned notifications experience to the GitHub Archive Program.Read the day one keynote recap
Secure the world's code, together
On day two of GitHub Universe, we announced GitHub Security Lab, bringing together security researchers, maintainers, and companies across the industry to secure open source.Read the day two keynote recap