Security News > 2022 > April > GitHub can now auto-block commits containing API keys, auth tokens
GitHub has announced on Monday that it expanded its code hosting platform's secrets scanning capabilities for GitHub Advanced Security customers to block secret leaks automatically.
Secret scanning is an advanced security option that organizations using GitHub Enterprise Cloud with a GitHub Advanced Security license can enable for additional repository scanning.
"With push protection, GitHub will check for high-confidence secrets as developers push code and block the push if a secret is identified," GitHub said.
If GitHub Enterprise Cloud identifies a secret before pushing the code, the git push is blocked to allow the developers to review and remove the secrets from the code they tried to push to remote repos.
Organizations with GitHub Advanced Security can enable the secret scanning push protection feature at both repository and organization levels via the API or with just one click from the user interface.
"To date, GitHub has detected more than 700,000 secrets across thousands of private repositories using secret scanning for GitHub Advanced Security; GitHub also scans for our partner patterns across all public repositories," GitHub added.