Secret scanning is now available for free on public repositories

Previously, only organizations with GitHub Advanced Security could enable secret scanning's user experience on their repositories. Now, any admin of a public repository on GitHub.com can detect leaked secrets in their repositories with GitHub secret scanning.

The new secret scanning user experience complements the secret scanning partner program, which alerts over 100 service providers if their tokens are exposed in public repositories. You can read more about this change and how secret scanning can protect your contributions in our blog post.

The actions and reusable workflows from private repositories can now be shared with other private repositories within the same organization, user account, or enterprise.
See managing the repository settings and managing the enterprise repository settings to allow access to workflows in other repositories.

We have also added the API support to configure Actions share policy. Refer to API support or API support for Enterprise for more details.

Learn more about Sharing actions and workflows from your private repository, Sharing actions and workflows with your organization, and Sharing Actions and workflows with your enterprise.

See more