Nota:
Extended metadata checks for tokens is in public preview and subject to change.
About extended metadata checks
Extended metadata checks, often referred to as analyzers in other tools, are a secret scanning feature that you can enable for supported tokens.
When you enable extended metadata checks for tokens, secret scanning provides you with additional information about detected secrets, such as ownership and contact details. This information helps you:
- Gain deeper insight into detected secrets: Know who owns a secret.
- Improve incident response: Quickly identify responsible teams or individuals when a secret is leaked.
- Enhance compliance: Ensure secrets align with your organization’s governance and security policies.
This information appears on GitHub, in the page for the related secret scanning alert, helping you prioritize and remediate exposures more efficiently.
Metadata availability varies depending on the secret type. For more information, see Evaluación de alertas del examen de secretos.
Enabling extended metadata checks
Before enabling metadata checks, you need to ensure that validity checks are enabled for the repository. See Habilitación de comprobaciones de validez para el repositorio.
-
En GitHub, navegue hasta la página principal del repositorio.
-
Debajo del nombre del repositorio, haz clic en Settings. Si no puedes ver la pestaña "Configuración", selecciona el menú desplegable y, a continuación, haz clic en Configuración.
-
En la sección "Security" de la barra lateral, haz clic en Advanced Security.
-
Under "Secret Protection", to the right of "Validity checks", click Enable.
-
Under "Secret Protection", to the right of "Extended metadata", click Enable.
