Habilitar a proteção de push para seu repositório

Com a proteção de push, o secret scanning bloqueia os colaboradores de enviar segredos para um repositório e gera um alerta sempre que um colaborador ignora o bloqueio.

Quem pode usar esse recurso?

Proprietários de repositórios, proprietários de organizações, gerentes de segurança e usuários com a função de administrador

Neste artigo

About enabling push protection

To enable push protection for a repository, you must first enable secret scanning. You can then enable push protection in the repository's "Code security" settings page following the steps outlined in this article.

You can additionally enable push protection for your own personal account, which prevents you from pushing secrets to any public repository on GitHub. For more information, see Push protection for users.

If you're an organization owner, you can enable push protection for multiple repositories at a time using security configurations. For more information, see About enabling security features at scale.

Organization owners, security managers, and repository administrators can also enable push protection for secret scanning via the API. For more information, see REST API endpoints for repositories and expand the "Properties of the security_and_analysis object" section.

Enabling push protection for a repository

  1. On GitHub, navigate to the main page of the repository.

  2. Under your repository name, click Settings. If you cannot see the "Settings" tab, select the dropdown menu, then click Settings.

    Screenshot of a repository header showing the tabs. The "Settings" tab is highlighted by a dark orange outline.

  3. In the "Security" section of the sidebar, click Code security.

  4. Under "Code security", find "GitHub Advanced Security."

  5. Under "Secret scanning", under "Push protection", click Enable.

Further reading