Enabling generic secret detection
To use generic secret detection, an enterprise owner must first set a policy at the enterprise level that controls whether the feature can be enabled and disabled for repositories in an organization. This policy is set to "allowed" by default.
You can then enable generic secret detection in the security settings page of your repository or organization.
Note
You do not need a subscription to GitHub Copilot to use Copilot secret scanning's generic secret detection. Copilot secret scanning features are available to private repositories in GitHub Enterprise Cloud enterprises that have GitHub Advanced Security enabled.
Enabling generic secret detection for your repository
-
On GitHub, navigate to the main page of the repository.
-
Under your repository name, click Settings. If you cannot see the "Settings" tab, select the dropdown menu, then click Settings.
-
In the "Security" section of the sidebar, click Code security and analysis.
-
Under "Code security and analysis", find "GitHub Advanced Security."
-
Under "Secret scanning", select the checkbox next to "Scan for generic secrets".
Enabling generic secret detection for your organization
- In the upper-right corner of GitHub, select your profile photo, then click Your organizations.
- Next to the organization, click Settings.
- In the "Security" section of the sidebar, click Code security then Global settings.
- Under "Secret scanning", select the checkbox next to "Scan for generic secrets".
For information on how to view alerts for generic secrets that have been detected using AI, see "Viewing and filtering alerts from secret scanning."