Token leaks are one of the most common security mistakes, and they can have disastrous consequences. GitHub token scanning looks for leaked tokens in public repositories and works with the issuer to notify the developer and/or revoke the token as appropriate. This protects users from fraud and data leaks.
Starting today, GitHub has partnered with Databricks and HubSpot to scan for their developer tokens! This brings our total number of token scanning partners to 24.
Jump to definition and find all references are now available for all CodeQL and Java repositories on GitHub.
When viewing a CodeQL or Java file on github.com, clicking on a function or method name exposes a code navigation card with links to all of its definitions and references within the same repository. We use the semantic library to find definitions and call sites in your code.
We are expanding support for the triage and maintain roles in the REST API. Users with the triage or maintain role can now use endpoints that reflect what they can do in a repository, such as adding a label to an issue. Additionally, these new permissions can now be granted and managed via the API and will show up as assigned roles in API responses.
Learn more about support for the triage and maintain roles in the REST API