Push protection prevents you from accidentally committing secrets to a repository by blocking pushes containing supported secrets.
When you attempt to push a supported secret from the command line to a repository secured by push protection, GitHub will block the push.
You should either:
- Remove the secret from your branch. For more information, see Resolving a blocked push.
- Follow a provided URL to see what options are available to you to allow the push. For more information, see Bypassing push protection and Requesting bypass privileges.
Up to five detected secrets will be displayed at a time on the command line. If a particular secret has already been detected in the repository and an alert already exists, GitHub will not block that secret.
If you confirm a secret is real and that you intend to fix it later, you should aim to remediate the secret as soon as possible. For example, you might revoke the secret and remove the secret from the repository's commit history. Real secrets that have been exposed must be revoked to avoid unauthorized access. You might consider first rotating the secret before revoking it. For more information, see Удаление конфиденциальных данных из репозитория.
Примечание.
- Если конфигурация Git поддерживает отправку в несколько ветвей, а не только в текущую ветвь, отправка может быть заблокирована из-за дополнительных и непреднамеренных ссылок. Дополнительные сведения см. в разделе Параметры
push.defaultв документации Git. - Если истечет время ожидания secret scanning при отправке, GitHub все равно выполнит проверку фиксаций на наличие секретов после отправки.