Starting today, you can enable validity checks for your GitHub organization through security configurations. You can also enable or disable validity checks at the enterprise level for all enterprise repos.
If your organization had previously enabled validity checks through the “Global Settings” page, the feature will be migrated to your existing configurations and enabled on repositories they are attached to with no additional effort on your part.
Please note that GitHub is also adding validity checks to the “GitHub recommended” code security configuration. Any organization that has enabled the recommended configuration before today will have validity checks automatically enabled on July 24, 2024. If you wish to directly manage feature enablement, we recommend unattaching the recommended configuration and attaching your own custom configuration to those repositories.
Learn how to secure your repositories with secret scanning or sign up for a 60 minute feedback session on secret scanning and be compensated for your time.