Enabling extended metadata checks for your repository

Learn how to enable extended metadata checks for detected secrets so alerts detected by secret scanning include additional information that help you assess and remediate leaks faster.

谁可以使用此功能?

具有管理员角色的存储库所有者、组织所有者、安全管理员和用户

Extended metadata checks are available for the following repository types:

本文内容

注意

Extended metadata checks for tokens is in public preview and subject to change.

About extended metadata checks

Extended metadata checks, often referred to as analyzers in other tools, are a secret scanning feature that you can enable for supported tokens.

When you enable extended metadata checks for tokens, secret scanning provides you with additional information about detected secrets, such as ownership and contact details. This information helps you:

  • Gain deeper insight into detected secrets: Know who owns a secret.
  • Improve incident response: Quickly identify responsible teams or individuals when a secret is leaked.
  • Enhance compliance: Ensure secrets align with your organization’s governance and security policies.

This information appears on GitHub, in the page for the related secret scanning alert, helping you prioritize and remediate exposures more efficiently.

Metadata availability varies depending on the secret type. For more information, see 评估来自机密扫描的警报.

Enabling extended metadata checks

Before enabling metadata checks, you need to ensure that validity checks are enabled for the repository. See 为存储库启用有效性检查.

  1. 在 GitHub 上,导航到存储库的主页面。

  2. 在仓库名称下,单击 “Settings”****。 如果看不到“设置”选项卡,请选择“”下拉菜单,然后单击“设置”。

    存储库标头的屏幕截图,其中显示了选项卡。 “设置”选项卡以深橙色边框突出显示。

  3. 在边栏的“Security”部分中,单击“ Advanced Security”****。

  4. Under "Secret Protection", to the right of "Validity checks", click Enable.

  5. Under "Secret Protection", to the right of "Extended metadata", click Enable.

Further reading