Note: Your site administrator must enable secret scanning for your GitHub Enterprise Server instance before you can use this feature. For more information, see "Configuring secret scanning for your appliance."
高级安全性支持的机密
启用 secret scanning 后,GitHub 会扫描以下服务提供商颁发的机密。
如果访问资源需要配对的凭据,则只有在同一文件中检测到该配对的两个凭据时,机密扫描才会创建警报。 这可确保最关键的泄漏不会隐藏在有关部分泄漏的信息后面。
如果使用 REST API 进行机密扫描,可以使用 Secret type 报告来自特定颁发者的机密。 有关详细信息,请参阅“机密扫描”。
注意: 还可以为存储库、组织或企业定义自定义 secret scanning 模式。 有关详细信息,请参阅“定义 secret scanning 的自定义模式”。
| Provider | Supported secret | Secret type |
|---|---|---|
| Adafruit IO | Adafruit IO Key | adafruit_io_key |
| Adobe | Adobe Device Token | adobe_device_token |
| Adobe | Adobe Service Token | adobe_service_token |
| Adobe | Adobe Short-Lived Access Token | adobe_short_lived_access_token |
| Adobe | Adobe JSON Web Token | adobe_jwt |
| Alibaba Cloud | Alibaba Cloud Access Key ID with Alibaba Cloud Access Key Secret | alibaba_cloud_access_key_id alibaba_cloud_access_key_secret |
| Amazon Web Services (AWS) | Amazon AWS Access Key ID with Amazon AWS Secret Access Key | aws_access_key_id aws_secret_access_key |
| Asana | Asana Personal Access Token | asana_personal_access_token |
| Atlassian | Atlassian API Token | atlassian_api_token |
| Atlassian | Atlassian JSON Web Token | atlassian_jwt |
| Atlassian | Bitbucket Server Personal Access Token | bitbucket_server_personal_access_token |
| Azure | Azure DevOps Personal Access Token | azure_devops_personal_access_token |
| Azure | Azure SAS Token | azure_sas_token |
| Azure | Azure Service Management Certificate | azure_management_certificate |
| Azure | Azure SQL Connection String | azure_sql_connection_string |
| Azure | Azure Storage Account Key | azure_storage_account_key |
| Checkout.com | Checkout.com Production Secret Key | checkout_production_secret_key |
| Checkout.com | Checkout.com Test Secret Key | checkout_test_secret_key |
| Clojars | Clojars Deploy Token | clojars_deploy_token |
| CloudBees CodeShip | CloudBees CodeShip Credential | codeship_credential |
| Databricks | Databricks Access Token | databricks_access_token |
| Discord | Discord Bot Token | discord_bot_token |
| Doppler | Doppler Personal Token | doppler_personal_token |
| Doppler | Doppler Service Token | doppler_service_token |
| Doppler | Doppler CLI Token | doppler_cli_token |
| Doppler | Doppler SCIM Token | doppler_scim_token |
| Doppler | Doppler Audit Token | doppler_audit_token |
| Dropbox | Dropbox Access Token | dropbox_access_token |
| Dropbox | Dropbox Short Lived Access Token | dropbox_short_lived_access_token |
| Duffel | Duffel Live Access Token | duffel_live_access_token |
| Duffel | Duffel Test Access Token | duffel_test_access_token |
| Dynatrace | Dynatrace Access Token | dynatrace_access_token |
| Dynatrace | Dynatrace Internal Token | dynatrace_internal_token |
| EasyPost | EasyPost Production API Key | easypost_production_api_key |
| EasyPost | EasyPost Test API Key | easypost_test_api_key |
| Fastly | Fastly API Token | fastly_api_token |
| Finicity | Finicity App Key | finicity_app_key |
| Flutterwave | Flutterwave Live API Secret Key | flutterwave_live_api_secret_key |
| Flutterwave | Flutterwave Test API Secret Key | flutterwave_test_api_secret_key |
| Frame.io | Frame.io JSON Web Token | frameio_jwt |
| Frame.io | Frame.io Developer Token | frameio_developer_token |
| GitHub | GitHub Personal Access Token | github_personal_access_token |
| GitHub | GitHub OAuth Access Token | github_oauth_access_token |
| GitHub | GitHub Refresh Token | github_refresh_token |
| GitHub | GitHub App Installation Access Token | github_app_installation_access_token |
| GitHub | GitHub SSH Private Key | github_ssh_private_key |
| GoCardless | GoCardless Live Access Token | gocardless_live_access_token |
| GoCardless | GoCardless Sandbox Access Token | gocardless_sandbox_access_token |
| Google API Key | google_api_key | |
| Google Cloud Private Key ID | ||
| Grafana | Grafana API Key | grafana_api_key |
| HashiCorp | Terraform Cloud / Enterprise API Token | terraform_api_token |
| HashiCorp | HashiCorp Vault Batch Token | hashicorp_vault_batch_token |
| HashiCorp | HashiCorp Vault Service Token | hashicorp_vault_service_token |
| Hubspot | Hubspot API Key | hubspot_api_key |
| Intercom | Intercom Access Token | intercom_access_token |
| Ionic | Ionic Personal Access Token | ionic_personal_access_token |
| Ionic | Ionic Refresh Token | ionic_refresh_token |
| Linear | Linear API Key | linear_api_key |
| Linear | Linear OAuth Access Token | linear_oauth_access_token |
| Lob | Lob Live API Key | lob_live_api_key |
| Lob | Lob Test API Key | lob_test_api_key |
| Mailchimp | Mailchimp API Key | mailchimp_api_key |
| Mailgun | Mailgun API Key | mailgun_api_key |
| MessageBird | MessageBird API Key | messagebird_api_key |
| Meta | Facebook Access Token | facebook_access_token |
| npm | npm Access Token | npm_access_token |
| NuGet | NuGet API Key | nuget_api_key |
| Onfido | Onfido Live API Token | onfido_live_api_token |
| Onfido | Onfido Sandbox API Token | onfido_sandbox_api_token |
| OpenAI | OpenAI API Key | openai_api_key |
| Palantir | Palantir JSON Web Token | palantir_jwt |
| Postman | Postman API Key | postman_api_key |
| Proctorio | Proctorio Consumer Key | proctorio_consumer_key |
| Proctorio | Proctorio Linkage Key | proctorio_linkage_key |
| Proctorio | Proctorio Registration Key | proctorio_registration_key |
| Proctorio | Proctorio Secret Key | proctorio_secret_key |
| Pulumi | Pulumi Access Token | pulumi_access_token |
| PyPI | PyPI API Token | pypi_api_token |
| RubyGems | RubyGems API Key | rubygems_api_key |
| Samsara | Samsara API Token | samsara_api_token |
| Samsara | Samsara OAuth Access Token | samsara_oauth_access_token |
| SendGrid | SendGrid API Key | sendgrid_api_key |
| Shippo | Shippo Live API Token | shippo_live_api_token |
| Shippo | Shippo Test API Token | shippo_test_api_token |
| Shopify | Shopify App Shared Secret | shopify_app_shared_secret |
| Shopify | Shopify Access Token | shopify_access_token |
| Shopify | Shopify Custom App Access Token | shopify_custom_app_access_token |
| Shopify | Shopify Private App Password | shopify_private_app_password |
| Slack | Slack API Token | slack_api_token |
| Slack | Slack Incoming Webhook URL | slack_incoming_webhook_url |
| Slack | Slack Workflow Webhook URL | slack_workflow_webhook_url |
| SSLMate | SSLMate API Key | sslmate_api_key |
| SSLMate | SSLMate Cluster Secret | sslmate_cluster_secret |
| Stripe | Stripe API Key | stripe_api_key |
| Stripe | Stripe Live API Secret Key | stripe_live_secret_key |
| Stripe | Stripe Test API Secret Key | stripe_test_secret_key |
| Stripe | Stripe Live API Restricted Key | stripe_live_restricted_key |
| Stripe | Stripe Test API Restricted Key | stripe_test_restricted_key |
| Stripe | Stripe Webhook Signing Secret | stripe_webhook_signing_secret |
| Tableau | Tableau Personal Access Token | tableau_personal_access_token |
| Telegram | Telegram Bot Token | telegram_bot_token |
| Tencent Cloud | Tencent Cloud Secret ID | tencent_cloud_secret_id |
| Twilio | Twilio Account String Identifier | twilio_account_sid |
| Twilio | Twilio API Key | twilio_api_key |
延伸阅读
- 保护存储库
- “保护帐户和数据安全”
- GitHub Enterprise Cloud 文档中的“Secret scanning 合作伙伴计划”