Skip to content

LocalStack is now a GitHub secret scanning partner

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, our scans help prevent data leaks and fraud.

We have partnered with LocalStack to scan for their API key tokens and help secure our mutual users on public repositories. LocalStack's tokens allow for activation of the advanced LocalStack features for their Pro/Team/Enterprise products. GitHub will forward access tokens found in public repositories to LocalStack, who will immediately notify users and revoke any compromised tokens. You can read more information about LocalStack's tokens here.

GitHub Advanced Security customers can also scan for LocalStack tokens and block them from entering their private and public repositories with push protection.

Dependabot version updates for Docker image tags in Kubernetes manifests

Dependabot version updates now proactively updates Docker image tags in Kubernetes manifests.

When specifying the Docker ecosystem in dependabot.yml include an entry for each directory where a Kubernetes manifest which references Docker image tags is located. Kubernetes manifests can be either Kubernetes Deployment YAML files or Helm charts. Dependabot will parse the unrendered version of the manifest in order to keep your Docker image tags updated.

Learn more about configuring Dependabot version updates.

See more

New session and device management settings page

You can now review and manage your browser and GitHub Mobile sessions using the new Sessions tab in your user settings. This new tab includes all of your signed-in web sessions, as well as each GitHub Mobile app your account is signed into. You can revoke each web and mobile session individually. For mobile sessions, this signs you out of the GitHub Mobile app on that device, and disables that application for use as a second factor. The new Sessions tab replaces the web sessions view that was present under Password and authentication.

image

This new settings page is generally available for GitHub.com users now, and will be released to GitHub Enterprise Server as part of GHES 3.8.

To learn more, see "Viewing and managing your sessions".

See more
View all changes