Token leaks are one of the most common security mistakes, and they can have disastrous consequences. GitHub token scanning looks for leaked tokens in public repositories and works with the issuer to notify the developer and/or revoke the token as appropriate. This protects users from fraud and data leaks. Starting today, GitHub has partnered with Adafruit and Samsara to scan for their respective developer tokens! This brings our total number of token scanning partners to 21.
Repository access management is now generally available on GitHub.com. We’ve redesigned the access settings page to help administrators better understand who has access to their repository and what level of access they have. To use the new experience, log in to a repository where you have
admin privileges, click on the
Settings tab and then click
Manage access in the left side bar.