Monitor/enable GitHub's secret detection feature #363
Labels
enhancement
New feature or request
good first issue
Good for newcomers
help wanted
Extra attention is needed
Comments
mogul
changed the title
|
Yes, if it has an API and is not easily done at the org level, we should have an Allstar policy to turn it on. Thanks for the suggestion! |
jeffmendoza
added
enhancement
|
There's an API for configuring it per-repository. Nothing at the org level AFAICS. |
|
I started looking into this and it seems like maybe it is possible to configure this at the org level? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
GitHub now offers secret scanning alerts, but they have to be explicitly enabled.
This is exactly the kind of thing that one might want to detect/enforce via policy across a large set of repositories, so it seems like a great thing for Allstar to be able to manage!
The text was updated successfully, but these errors were encountered: