Aktivieren der Überprüfung auf geheime Schlüssel für Ihr Repository

Du kannst konfigurieren, wie GitHub deine Repositorys nach kompromittierten Geheimnissen durchsucht und Warnungen generiert.

Wer kann dieses Feature verwenden?

Secret scanning ist für die folgenden Repositorys verfügbar:

  • Öffentliche Repositorys (kostenlos)
  • Private und interne Repositorys in Organisationen, die GitHub Enterprise Cloud mit aktiviertem GitHub Advanced Security nutzen

In diesem Artikel

About enabling secret scanning alerts for users

Secret scanning alerts for users can be enabled on any free public repository that you own.

If you're an organization owner, you can enable secret scanning for multiple repositories at the same time using the GitHub-recommended security configuration. For more information, see "Applying the GitHub-recommended security configuration in your organization."

Enabling secret scanning alerts for users

  1. On GitHub, navigate to the main page of the repository.

  2. Under your repository name, click Settings. If you cannot see the "Settings" tab, select the dropdown menu, then click Settings.

    Screenshot of a repository header showing the tabs. The "Settings" tab is highlighted by a dark orange outline.

  3. In the "Security" section of the sidebar, click Code security and analysis.

  4. Scroll down to the bottom of the page, and click Enable for secret scanning. If you see a Disable button, it means that secret scanning is already enabled for the repository.

    Screenshot of the "Secret scanning" section of the "Code security and analysis" page, with the "Enable" button highlighted in a dark orange outline.

A repository administrator can choose to disable secret scanning for a repository at any time. For more information, see "Managing security and analysis settings for your repository."

Next steps