Welcome to the beta of generic password detection for secret scanning. We're excited for you to test and provide feedback as we iterate on the feature. Access to this beta is gated -- talk to your account rep if you'd like to be included.
There is an enterprise policy to manage the use of generic secret detection for secret scanning. This is set to enabled by default. You can enable AI detection in the security settings at the organization level, or you can enable it for each individual repository where you'd like to detect passwords. Enabling for all repositories at the enterprise level is to come.
Once enabled, detected passwords will appear in the "Other" tab of your secret scanning alerts. Be sure to resolve alerts with the appropriate reason -- our engineering team will use data on the false positive rate to improve the model and increase precision over time.
We will be using this repository to centralize early feedback on generic password detection for secret scanning.
You can use this repository to file issues to:
- Up-vote a feature or request a new one
- Let us know how the model is performing on your repositories
- File a bug report
Discussions should be used as much as possible for questions, ideas, and open discussions with other folks in the preview.
Issues should be used for bug reports.
We expect our preview participants to follow our GitHub Community Code of Conduct by:
- Engaging with consideration and respect
- Contributing in a positive and constructive way
- Being trustworthy
As per GitHub's Terms of Service we want to remind you that:
Beta Previews may not be supported or may change at any time. You may receive confidential information through those programs that must remain confidential while the program is private. We'd love your feedback to make our Beta Previews better.