How does secrets scanning push protection really work #116539
Replies: 4 comments 7 replies
This comment was marked as off-topic.
This comment was marked as off-topic.
-
On which side push protection feature scans a changes in commit before they will be pushed? On GitHub endpoints side? So, roughly speaking, does GitHub still send every time the code changes in the commit to scan to a some remote endpoint, before actually pushing the commit to the repository? |
Beta Was this translation helpful? Give feedback.
-
I guess when we are talking about client-side check, git hooks are there. Since most likely that GitHub secrets scanning push protection feature based on git hooks, these checks are server-side, right? |
Beta Was this translation helpful? Give feedback.
-
🕒 Discussion Activity Reminder 🕒 This Discussion has been labeled as dormant by an automated system for having no activity in the last 60 days. Please consider one the following actions: 1️⃣ Close as Out of Date: If the topic is no longer relevant, close the Discussion as 2️⃣ Provide More Information: Share additional details or context — or let the community know if you've found a solution on your own. 3️⃣ Mark a Reply as Answer: If your question has been answered by a reply, mark the most helpful reply as the solution. Note: This dormant notification will only apply to Discussions with the Thank you for helping bring this Discussion to a resolution! 💬 |
Beta Was this translation helpful? Give feedback.
-
Select Topic Area
Question: system flow under secrets scanning push protection mechanism
Body
Hello! We have some common information about how secrets scanning process is organized and what flows are under its hood. But there is not an informative page how secrets scanning push protection works. Is its flow the same as for secrets scanning that are already were committed to a repository and is it sends like pre-commit to GitHub remote regex searching endpoint before a "real" push in advance? It could be great to get some more information how does secrets scanning push protection is reliable. Thank you.
Beta Was this translation helpful? Give feedback.
All reactions