Note: Push protection for users is currently in beta and subject to change.
With push protection for users, you can enable push protection for yourself, so that no matter which public repository you push to, you will be protected. Additionally, if you are a repository administrator, or an organization owner, you can enable push protection for your repository or organization, respectively. For more information, see "Push protection for repositories and organizations."
If push protection is not enabled for the repository you are pushing to, but you have push protection for yourself enabled, no alerts will be created after you push a secret. However, if the bypassed secret is a GitHub token, the token will be revoked and you will be notified by email.
For information on the secrets and service providers supported for push protection, see "Secret scanning patterns."
You can enable push protection for yourself through your personal account settings.
In the upper-right corner of any page, click your profile photo, then click Settings.
In the "Security" section of the sidebar, click Code security and analysis.
Under "User", to the right of "Push protection for yourself", click Enable.