Note: Generic secret detection for secret scanning is in beta. Functionality and documentation are subject to change. During this phase, generic secret detection is limited to looking for passwords in source code.
Enabling AI-powered generic secret detection for your repository
To use generic secret detection, your enterprise owner must first set a policy at the enterprise level.
You can then enable the feature in the "Code security and analysis" settings page of your repository.
-
On GitHub.com, navigate to the main page of the repository.
-
Under your repository name, click Settings. If you cannot see the "Settings" tab, select the dropdown menu, then click Settings.
-
In the "Security" section of the sidebar, click Code security and analysis.
-
Under "Code security and analysis", find "GitHub Advanced Security."
-
Under "Secret scanning", select the checkbox next to "Use AI detection to find additional secrets".
For information on how to view alerts for generic secrets that have been detected using AI, see "Managing alerts from secret scanning."