GitHub tshaj tawm qhov kev taw qhia ntawm qhov kev pabcuam pub dawb los taug qab kev tsis sib haum xeeb ntawm cov ntaub ntawv rhiab hauv cov chaw khaws cia, xws li cov yuam sij encryption, DBMS passwords thiab API nkag tokens. Yav dhau los, qhov kev pabcuam no tsuas yog muaj rau cov neeg koom nrog hauv kev sim beta, tab sis tam sim no nws tau pib muab rau yam tsis muaj kev txwv rau txhua qhov chaw khaws cia rau pej xeem. Txhawm rau txhawm rau luam theej duab koj cov chaw khaws cia, hauv cov chaw hauv ntu "Code ruaj ntseg thiab tshuaj xyuas", koj yuav tsum qhib qhov "Secret scanning" xaiv.
Nyob rau hauv tag nrho, ntau tshaj 200 tus qauv tau siv los txheeb xyuas ntau hom yuam sij, tokens, daim ntawv pov thawj thiab daim ntawv pov thawj. Kev tshawb nrhiav cov dej xau yog ua tsis tau tsuas yog hauv cov cai, tab sis kuj nyob rau hauv cov teeb meem, cov lus piav qhia thiab cov lus pom. Txhawm rau tshem tawm qhov tsis zoo, tsuas yog lees paub hom token raug kuaj xyuas, suav nrog ntau dua 100 cov kev pabcuam sib txawv, suav nrog Amazon Web Services, Azure, Crates.io, DigitalOcean, Google Cloud, NPM, PyPI, RubyGems thiab Yandex.Cloud. Tsis tas li ntawd, nws txhawb kev xa cov ntawv ceeb toom thaum kuaj pom tus kheej daim ntawv pov thawj thiab cov yuam sij.
Nyob rau lub Ib Hlis, qhov kev sim tshuaj ntsuam 14 txhiab repositories siv GitHub Actions. Raws li qhov tshwm sim, pom cov ntaub ntawv zais cia hauv 1110 repositories (7.9%, piv txwv li yuav luag txhua kaum ob). Piv txwv li, 692 GitHub App tokens, 155 Azure Storage keys, 155 GitHub Tus Kheej tokens, 120 Amazon AWS cov yuam sij, thiab 50 Google API cov yuam sij raug txheeb xyuas hauv cov chaw khaws khoom.
Tau qhov twg los: opennet.ru