GitHub has begun rolling out push protection for all of its users, a secrets scanning feature that gives users the option to remove secrets from commits or bypass a block.
The policy, announced February 29, affects supported secrets. It might take one to two weeks for this change to apply to an account; developers can verify status and opt in early in code security and analysis settings. GitHub secret scanning guards more than 200 token types and patterns from more than 180 service providers.