惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
GbyAI
GbyAI
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
博客园 - 三生石上(FineUI控件)
美团技术团队
Last Week in AI
Last Week in AI
WordPress大学
WordPress大学
L
LangChain Blog
雷峰网
雷峰网
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
博客园 - 叶小钗
Engineering at Meta
Engineering at Meta
腾讯CDC
Recent Announcements
Recent Announcements
The Register - Security
The Register - Security
有赞技术团队
有赞技术团队
Blog — PlanetScale
Blog — PlanetScale
博客园 - Franky
博客园 - 司徒正美
The Cloudflare Blog
Google DeepMind News
Google DeepMind News
T
Tailwind CSS Blog
C
Check Point Blog
小众软件
小众软件
V
Visual Studio Blog
V
V2EX
F
Full Disclosure
J
Java Code Geeks
MongoDB | Blog
MongoDB | Blog
罗磊的独立博客
人人都是产品经理
人人都是产品经理
量子位
Apple Machine Learning Research
Apple Machine Learning Research
F
Fortinet All Blogs
Microsoft Security Blog
Microsoft Security Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
博客园 - 【当耐特】
博客园_首页
Y
Y Combinator Blog
N
Netflix TechBlog - Medium
酷 壳 – CoolShell
酷 壳 – CoolShell
Stack Overflow Blog
Stack Overflow Blog
Recorded Future
Recorded Future
G
Google Developers Blog
Vercel News
Vercel News
大猫的无限游戏
大猫的无限游戏
Microsoft Azure Blog
Microsoft Azure Blog
U
Unit 42
爱范儿
爱范儿
Jina AI
Jina AI

Archive: 2026 - GitHub Changelog

MAI-Code-1-Flash for Copilot Business and Copilot Enterprise - GitHub Changelog GitHub Desktop 3.6: Worktrees and deeper Copilot integration - GitHub Changelog Copilot code review: Analysis depth and efficiency updates - GitHub Changelog Enterprise-managed settings now support strictKnownMarketplaces in VS Code and GitHub Copilot CLI - GitHub Changelog Saved views for repository issues - Public Preview and adjustable row heights in projects - GitHub Changelog More control over your GitHub-hosted runners - GitHub Changelog Actions steps can now be run in parallel - GitHub Changelog npm adds preventive account protection for high-impact accounts - GitHub Changelog Red Hat Enterprise Linux runner images are now in public preview - GitHub Changelog GitHub Copilot for Jira is now generally available - GitHub Changelog Cost centers now support enterprise teams - GitHub Changelog Self-service credential revocation for incident response - GitHub Changelog Changes to model selection for Free and Student plans - GitHub Changelog Secret scanning adds extended metadata for Replicate secrets - GitHub Changelog Fetch Code Quality findings via REST API - GitHub Changelog Automatic Dependabot access to GitHub-hosted registries - GitHub Changelog Copilot CLI: New terminal interface is generally available - GitHub Changelog Deprecation of Python 3.9 for Dependabot - GitHub Changelog GitHub Copilot app support for BYOK - GitHub Changelog New features and Claude as agent provider preview in JetBrains IDEs - GitHub Changelog AI credits consumed per user now in the Copilot usage metrics API - GitHub Changelog Upcoming deprecation of Opus 4.6 (fast) - GitHub Changelog MAI-Code-1-Flash available on more Copilot surfaces - GitHub Changelog Copilot code review: AGENTS.md support and UI improvements - GitHub Changelog Detecting Duplicate Issues - Public Preview and issue fields MCP support for GitHub Issues - GitHub Changelog Copilot-authored pull requests now included in author searches - GitHub Changelog Repository switcher generally available in global navigation - GitHub Changelog Actions: Build custom images from custom images - GitHub Changelog Safer pull_request_target defaults for GitHub Actions checkout - GitHub Changelog Control who and what triggers GitHub Actions workflows - GitHub Changelog Generated release notes credit you for Copilot pull requests - GitHub Changelog Read remote repository content with GitHub CLI - GitHub Changelog Enterprise-managed settings now support bypass permission controls - GitHub Changelog Auto mode in Copilot Chat available for all users - GitHub Changelog Limit open pull requests for users without write access - GitHub Changelog Agent finder for GitHub Copilot now available - GitHub Changelog Copilot individual plan sign-ups are reopening - GitHub Changelog GitHub Copilot app generally available - GitHub Changelog GitHub Models is no longer available to new customers - GitHub Changelog GitHub Code Quality generally available July 20, 2026 - GitHub Changelog Organization-level enablement for GitHub Code Quality - GitHub Changelog Copilot usage metrics now include more of your active users - GitHub Changelog Copilot code review: New configurations and controls GitHub Actions: Minimum version enforcement timeline for self-hosted runners GitHub Enterprise Server 3.21 is now generally available Bot-created pull requests can run workflows if approved AI usage report updates Copilot CLI: Configure everything from one place with /settings New runner images in public preview GitHub Agentic Workflows is now in public preview Agentic workflows no longer need a personal access token List, view, and create discussions in GitHub CLI Manage sub-issues, types, and dependencies from GitHub CLI Copilot Chat now sees your agent sessions Enterprises can now create up to 500 cost centers Incremental analysis for Go, C/C++, and CodeQL CLI Dedicated security review command now available in Copilot CLI Dependabot version updates now support the Deno ecosystem Upcoming breaking changes for npm v12 Claude Fable 5 is generally available for GitHub Copilot Periodic code scanning of inactive repositories GPT-5.2 and GPT-5.2-Codex deprecated CodeQL 2.25.6 adds Swift 6.3.2 support and improves C# coverage Enterprise-managed plugins in VS Code in public preview Fix with Copilot for failing Actions now in Pro, Pro+, and Max Agent tasks REST API now available for Copilot Pro, Pro+, and Max Budget and usage management APIs now generally available API access to billing usage reports now generally available Larger context windows and configurable reasoning levels for GitHub Copilot GitHub Copilot in Visual Studio — May update Enterprise Teams is now generally available Copilot Chat brings richer context to pull requests GitHub Copilot in Visual Studio Code, May releases GPT-4.1 deprecated Expanded technical preview availability for the GitHub Copilot app Copilot SDK is now generally available Copilot CLI: Improved UI, rubber duck, prompt scheduling, and voice input Cloud and local sandboxes for GitHub Copilot now in public preview GitHub Copilot code review for Azure Repos is now in technical preview Shape Copilot code review around your team Extend GitHub with agent apps Introducing Copilot CLI and agentic capabilities enhancements in JetBrains IDEs Gemini models in Copilot CLI, cloud agent, and the Copilot app GitHub Copilot in Eclipse: BYOK, skills, and chat updates Evaluation models in auto for individual plans Updates to GitHub Copilot billing and plans Copilot usage metrics API adds cohorts for AI adoption Hard budget limits now available for GitHub Advanced Security CodeQL 2.25.5 improves query accuracy for GitHub Actions Claude Opus 4.8 is generally available for GitHub Copilot Copilot Memory has more controls for deletion, scope, and the Copilot CLI GitHub Code Quality: Repository Enablement API Target Copilot models to organizations with model rules Dependabot version updates now support the sbt ecosystem Filter secret scanning approval requests by sort order and bypass status GitHub Classroom sign-ups are no longer available Code coverage on pull requests is now in public preview Staged publishing and new install-time controls for npm GitHub Copilot for Eclipse is open source Issue fields are now in public preview for all organizations
Secret scanning updates - June 2026 - GitHub Changelog
Allison · 2026-06-18 · via Archive: 2026 - GitHub Changelog

Since our last pattern update, we’ve expanded secret scanning’s detection coverage with new partners, more patterns blocked by push protection by default, additional validity checks, and richer metadata for leaked secrets.

Detectors added

Secret scanning now automatically detects the following new secret types in your repositories. This release adds two new partners (Cloudsmith and Meraki), significantly expands GitLab token coverage, and adds detectors for Elastic, Slack, Supabase, DataDog, and VolcEngine.

Provider Secret type
Cloudsmith cloudsmith_api_key
Datadog datadog_pat
Datadog datadog_sat
Elastic elastic_stack_api_key
GitLab gitlab_ci_build_token
GitLab gitlab_deploy_token
GitLab gitlab_feature_flag_client_token
GitLab gitlab_feed_token_v2
GitLab gitlab_incoming_email_token
GitLab gitlab_kubernetes_agent_token
GitLab gitlab_oauth_app_secret
GitLab gitlab_pipeline_trigger_token
GitLab gitlab_runner_auth_token
GitLab gitlab_runner_registration_token
GitLab gitlab_scim_oauth_token
Meraki meraki_api_key
Slack slack_workflow_trigger_url
Supabase supabase_oauth_access_token
Supabase supabase_scoped_personal_access_token
VolcEngine volcengine_ark_api_key

Partner secrets are automatically reported to the secret issuer when found in public repositories through the secret scanning partnership program.

User secrets generate secret scanning alerts when found in public or private repositories.

Push protection defaults expanded

The following detectors are now included in push protection by default. Repositories with secret scanning enabled, including free public repositories, will have commits containing these secrets automatically blocked.

Provider Secret type
Cloudflare cloudflare_account_api_token
Cloudflare cloudflare_global_user_api_key
Cloudflare cloudflare_user_api_token
Cockroach Labs ccdb_api_key
Flutterwave flutterwave_test_api_secret_key
Hack Club hackclub_ai_api_key
OpenRouter openrouter_api_key
PostHog posthog_oauth_refresh_token
Supabase supabase_personal_access_token

Patterns that are not yet enabled by default remain configurable in your push protection settings.

Validity checks added

These patterns now support validity checks, so alerts tell you whether a leaked credential is still active and help you prioritize remediation.

Provider Secret type
Alibaba alibaba_cloud_access_key_id
Alibaba alibaba_cloud_access_key_secret
Azure azure_ai_services_key
Azure azure_anomaly_detector_ee_key
Azure azure_anomaly_detector_key
Azure azure_cognitive_services_key
Azure azure_content_moderator_key
Azure azure_cosmosdb_key_identifiable
Azure azure_custom_vision_prediction_key
Azure azure_custom_vision_training_key
Azure azure_event_hub_key_identifiable
Azure azure_function_key
Azure azure_relay_key_identifiable
Azure azure_service_bus_identifiable
Azure azure_storage_account_key
Azure azure_text_translation_key
Coveo coveo_access_token
Coveo coveo_api_key
Databricks databricks_access_token
Salesforce salesforce_access_token
Shopify shopify_access_token
Shopify shopify_custom_app_access_token
Shopify shopify_merchant_token
Shopify shopify_private_app_password

These patterns now include extended metadata when detected, providing richer context about leaked secrets.

Provider Secret type
Airtable airtable_api_key
Airtable airtable_personal_access_token
Grafana grafana_cloud_api_token
npm npm_access_token
xAI xai_api_key

Learn more

Learn more about secret scanning and see the full list of supported secrets in our documentation. Let us know what you think in the community discussion.