GitHub e phatlalalitse ho hlahisoa ha ts'ebeletso ea mahala ea ho latela phatlalatso ea phoso ea data ea bohlokoa libakeng tsa polokelo, joalo ka linotlolo tsa encryption, li-password tsa DBMS le li-tokens tsa phihlello tsa API. Pejana, ts'ebeletso ena e ne e fumaneha feela ho barupeluoa lenaneong la tlhahlobo ea beta, empa joale e se e qalile ho fanoa ntle le lithibelo ho polokelo eohle ea sechaba. Ho nolofalletsa ho hlahloba polokelo ea hau, litlhophisong tse karolong ea "Code Security and analysis", o lokela ho kenya tšebetsong khetho ea "Secret scanning".
Ka kakaretso, li-templates tse fetang 200 li sebelisitsoe ho khetholla mefuta e sa tšoaneng ea linotlolo, li-tokens, litifikeiti le mangolo. Patlo ea ho lutla ha e etsoe ka khoutu feela, empa hape le litabeng, litlhaloso le maikutlo. Ho felisa mekhoa ea bohata, ho hlahlojoa feela mefuta ea li-tokens tse tiisitsoeng, tse koahelang litšebeletso tse fapaneng tse fetang 100, ho akarelletsa le Amazon Web Services, Azure, Crates.io, DigitalOcean, Google Cloud, NPM, PyPI, RubyGems le Yandex.Cloud. Ho feta moo, e ts'ehetsa ho romella litlhokomeliso ha litifikeiti le linotlolo tse ingoletseng li fumanoa.
Ka Pherekhong, teko e ile ea hlahlobisisa libaka tsa polokelo tse likete tse 14 ho sebelisa GitHub Actions. Ka lebaka leo, boteng ba boitsebiso ba lekunutu bo ile ba fumanoa libakeng tsa polokelo ea 1110 (7.9%, ke hore hoo e ka bang karolo e 'ngoe le e 'ngoe ea leshome le metso e 'meli). Ka mohlala, li-tokens tse 692 tsa GitHub App, 155 Azure Storage keys, 155 GitHub Personal tokens, 120 Amazon AWS keys, le 50 Google API keys li ile tsa khetholloa libakeng tsa polokelo.
Source: opennet.ru