Secret scanning push protection for gists

[github-product-roadmap]

Summary

Secret scanning's push protection will support gists, preventing developers from accidentally leaking tokens in secret and public gists.

Intended Outcome

Gists remain an easy way for developers to save and share snippets of code. They can be a source of secret leaks. With push protection on gists, developers will be warned when they are about to leak a secret in a gist.

How will it work?

When a developer creates or updates a secret or public gist, secret scanning will check to see if the content includes a secret. If it does, the developer will we blocked and have the option to either remove the secret or bypass the block. Developers will not need to select a reason for bypassing. No secret scanning alerts will be created for secrets found in gists.

[ankneis]

This issue is being closed as outdated. For more information, please check out this Discussion post. Stay tuned for new additions to our refreshed public roadmap!

[ankneis]

We wanted to provide more details on why we removed this from the roadmap. We are currently focusing on other features. This has been removed from the roadmap for now, and we will revisit it once we can provide a more accurate delivery estimate.

If you’re interested in this feature, please share your feedback in the GitHub community so we can track interest and consider it in the future.