GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud.
We have partnered with DevCycle to scan for their SDK tokens and help secure our mutual users on public repositories. DevCycle tokens allow users to target and toggle feature flags by environment and platform. GitHub will forward access tokens found in public repositories to DevCycle, who will immediately mark the token as compromised. More information about DevCycle Tokens can be found here.
GitHub Advanced Security customers can also scan for DevCycle tokens and block them from entering their private and public repositories with push protection.
GitHub Actions customers can now dynamically name their workflow runs. The new run-name feature will accept expressions and be displayed on the list of workflow runs.
For more information on how to use run-name, visit the documentation.
For questions, visit the GitHub Actions community.
To see what's next for Actions, visit our public roadmap.
We've made some improvements to audit log search to make it easier to discover events. Since audit log events are found through key:value pairs, we now show you a list of possible options to choose from.
We've also linked to our documentation in the filter dropdown so that you can more easily discover all the possible options for audit log queries.
To learn more about how to query the audit log, check out our documentation, "About search for the enterprise audit log".