GitHub announced that scanning repositories for secret data will become available to everyone. After the implementation of the innovation, any user will receive notifications if the company's system detects secret data in its source code repositories. The deployment of the service is scheduled for the end of January 2023.
This service will check repositories for more than 200 known token formats and then alert users to possible dark web leaks. Developers will also be able to create their own secret search templates.
It is worth noting that such scanning was previously only available to organizations with a GitHub Enterprise Cloud and a GitHub Advanced Security license.
In addition, GitHub has announced plans to implement mandatory two-factor authentication for "certain groups of users" from March 2023. The goal of the site is to force all users to enable two-factor authentication by the end of next year. The company also talked about working on integrating passkey technology to strengthen its defense against phishing attacks.