Enhance your security workflows by exporting security alert data for offline analysis, reporting, and archival purposes with our new CSV export functionality, available at the organization level. CSV exports will respect all filters you’ve applied to the page, allowing you to generate multiple exports focusing on different datasets. You can download all data where you have an appropriate level of access.
Learn more about the security overview dashboard and send us your feedback.
Maintainers can now display their top sponsors on their Sponsors profile. Users can opt to manually select up to 10 sponsors, automatically display their top funders or opt out of displaying featured sponsors altogether.
To learn more about featured sponsors, please visit our GitHub Sponsors docs.
Secret scanning alerts for non-provider patterns and generic passwords can now be retrieved using the REST API.
With the “List secret scanning alerts” endpoint for an enterprise, organization, or repository, you can use the query parameter secret_type to request alerts for non-provider patterns or passwords. To retrieve alerts for non-provider patterns, use the “Token” value in this table. To retrieve alerts for passwords, use the value password.
The secret_type parameter can be used to return several secret types, separated by commas: e.g. api.github.com/orgs/ORG/secret-scanning/alerts?secret_type=rsa_private_key,password.
Alerts for non-provider patterns and passwords are not returned by default with the “List secret scanning alerts” endpoint; they must be specifically requested.