Secret scanning is adding validity check support for additional token types.

Validity checks indicate if the leaked credentials are active and could still be exploited. If you’ve previously enabled validation checks for a given repository, GitHub will now automatically verify validity for alerts on supported token types. In addition to token types announced in our previous changelogs, you will now see validity checks for the following token types:

  • Doppler personal token (DOPPLER_PERSONAL_TOKEN)
  • Defined Networking Nebula API key (DEFINED_NETWORKING_NEBULA_API_KEY)