GitHub, the Rust Foundation, and the Rust Project are collaborating to help protect you from leaked keys.

From today, GitHub will scan every commit to a public repository for exposed keys. We will forward any tokens we find to, who will automatically disable the tokens and notify their owners. The end-to-end process takes only a few seconds. is the latest GitHub secret scanning integrator; since 2018, GitHub has partnered with over 100 token issuers to help keep our mutual customers safe. We continue to welcome new partners for public repository secret scanning. In addition, GitHub Advanced Security customers can scan their private repositories for leaked secrets.

We’d like to thank the team, the staff at the Rust Foundation, and the work from AWS’ Dan Gardner on this GitHub pull request that made our collaboration with Rust possible.

Learn more about secret scanning
Partner with GitHub on secret scanning