Push protection blocks you from pushing secrets to a repository and generates an alert whenever you bypass the block.
Push protection is now supported for the following REST API endpoints:
* Create a blob
* Create or update file contents
If the content of a PUT request to these endpoints includes a secret, the API will respond with a 409 error and provide a link for bypassing push protection, along with a placeholder_id.
There is also a new API endpoint to bypass push protection programatically, Create a push protection bypass. You or your application can use the placeholder_id from your push protection block in your call to this endpoint.
You need to be the individual or application that initially got blocked to be able to bypass the block successfully.
Secret scanning is now performing a backfill to detect historically existing secrets in GitHub wikis. For repositories with secret scanning enabled, you may notice newly created alerts for these exposed secrets.
Learn how to secure your repositories with secret scanning or sign up for a 60 minute feedback session on secret scanning and be compensated for your time.
You are also welcome to join the discussion and share your feedback on our dedicated Github community.
Today, we are excited to open our waitlist for all GitHub Copilot users to start using Copilot Extensions!
Join the Copilot Extensions waitlist.
With extensions, you can extend the capabilities of GitHub Copilot Chat and enhance the experience to perform a wide range of actions across third-party tools, services, and data. Create feature flags, check log errors, access API documentation, and even deploy your application to the cloud, all through natural language.
Copilot Extensions are live on the GitHub Marketplace, with extensions from Octopus Deploy, Sentry, New Relic, and many more.
Questions or suggestions? Join the conversation in the community discussion.