Secret leaks are one of the most common security mistakes, and they can have disastrous consequences. GitHub Secret Scanning looks for leaked secrets in all public repositories, and enrolled private repositories, and works with the issuer to notify the developer and/or revoke the token as appropriate. This protects users from fraud and data leaks.
In addition to our 29 existing partners, GitHub has partnered with Clojars, Mailchimp, Finicity, and Plivo to scan for their developer tokens! This brings our total number of token scanning partners to 33.