Push protection feature in GitHub Advanced Security has prevented 17,000 potential secret leaks, saving over 95,000 hours of remediation. Push protection is now generally available for private repositories with a GitHub Advanced Security license.
- Push protection is made free for all public repositories to help developers secure their code proactively.
- It scans for identifiable secrets before they are pushed and provides remediation guidance to developers.
- It creates a frictionless developer experience by only blocking secrets with low false positive rates.
- Developers can bypass push protection by providing a reason, and administrators receive alerts and can audit bypasses.
- Enabling push protection can be done in the "Code security and analysis" settings in GitHub.
