惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
L
LINUX DO - 最新话题
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Forbes - Security
Forbes - Security
博客园 - 司徒正美
Hugging Face - Blog
Hugging Face - Blog
W
WeLiveSecurity
Jina AI
Jina AI
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
N
News and Events Feed by Topic
V
V2EX
Stack Overflow Blog
Stack Overflow Blog
Engineering at Meta
Engineering at Meta
PCI Perspectives
PCI Perspectives
Martin Fowler
Martin Fowler
T
The Exploit Database - CXSecurity.com
F
Full Disclosure
WordPress大学
WordPress大学
S
Security Affairs
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
S
SegmentFault 最新的问题
P
Privacy International News Feed
IT之家
IT之家
M
MIT News - Artificial intelligence
G
GRAHAM CLULEY
Hacker News: Ask HN
Hacker News: Ask HN
D
DataBreaches.Net
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Google Online Security Blog
Google Online Security Blog
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
C
Check Point Blog
美团技术团队
Security Latest
Security Latest
Cyberwarzone
Cyberwarzone
N
News and Events Feed by Topic
MyScale Blog
MyScale Blog
H
Help Net Security
宝玉的分享
宝玉的分享
The Hacker News
The Hacker News
The Last Watchdog
The Last Watchdog
The Cloudflare Blog
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
爱范儿
爱范儿
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
I
Intezer
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
AI
AI
I
InfoQ
N
News | PayPal Newsroom
TaoSecurity Blog
TaoSecurity Blog

Netlify Changelog

Gemini 3.5 Flash now available in Agent Runners 4 Nuxt CVEs: what Netlify users need to know Gemini 3.5 Flash now available in AI Gateway Agent Runners workflow improvements Next.js & React security release (May 2026): what to know Block project transfers out of your team Gemini 3.1 Flash-Lite now available in AI Gateway OpenAI GPT-5.5 Instant now available in AI Gateway New `netlify logs` CLI command Deploy to Netlify with Stripe Projects Netlify Database is now generally available OpenAI GPT-5.5 and GPT-5.5 Pro in AI Gateway & Agent Runners Rename an agent run GPT Image 2 now available in AI Gateway New frontend-design skill for Agent Runners Claude Opus 4.7 now available in AI Gateway and Agent Runners Pricing updates for Credit-based plans New sorting and filter controls on the Members page Netlify Database GA coming soon, no new databases for now Deploy logs streaming is now faster Netlify CLI adds prompt-based creation and anonymous deploys Deploy from Codex with the Netlify Plugin Hydrogen with React Router 7 now supported on Netlify Monitor credit usage by day Invoices for Enterprise Available on the Billing Page AI app development on production infrastructure with Netlify Introducing Prompt Templates OpenAI GPT-5.4 Nano and GPT-5.4 Mini in AI Gateway Change your pricing plan Internal Builder Role & Project Access Controls See your available credits at a glance Astro 6 just works on Netlify Limit AI feature usage OpenAI GPT-5.4 and GPT-5.4 Pro in AI Gateway & Agent Runners Deploy Preview screenshots in agent runs Gemini 3.1 Flash-Lite Preview now available in AI Gateway GPT-5.3 Instant now available in AI Gateway Use Netlify Agent Runners from Linear Automatic PHP bot scan blocking now live on all plans Support for stale-while-revalidate in Cache API Gemini 3.1 Flash Image Preview now available in AI Gateway GPT-5.3-Codex now available in AI Gateway Gemini 3.1 Pro Preview now available in AI Gateway Claude Sonnet 4.6 now available in AI Gateway and Agent Runners Sync changes with Agent Runners without Git Claude Opus 4.6 now available in AI Gateway and Agent Runners Agent Runners improvements recap 6 new React Router & Remix CVEs: what you need to know Vulnerability in Node.js: what Netlify users need to know 5 SvelteKit security vulnerabilities: what Netlify users need to know GPT-5.2-Codex Now Available in AI Gateway and Agent Runners Play Games While Agent Runners Do the Work Prerender.io support updated as new extension Gemini 3 Flash Preview now available in AI Gateway GPT-image-1.5 now available in AI Gateway AI Gateway now Generally Available Observability release is here Prerender extension now generally available Action required: React/Next.js CVE-2025-55184 and CVE-2025-55183 GPT-5.2 and GPT-5.2-Pro now available in AI Gateway and Agent Runners GPT-5.1-Codex-Max now available in AI Gateway and Agent Runners Netlify’s response to the critical React security vulnerability Netlify Vite Plugin now supports AI Gateway locally Claude Opus 4.5 now available in AI Gateway Projects deployed using a zip file via API now support branch deploys Day one support for Angular v21 on Netlify Gemini 3 now available in AI Gateway and Agent Runners DNS record management simplified for teams in Netlify organizations Skew protection for CLI workflows Support for more domain TLDs GPT-5.1 model now available in AI Gateway React Router 7 apps can now be deployed to Edge Functions | Netlify Changelog Git SHA exposed for triggered deploys | Netlify Changelog Test scheduled functions in Netlify dashboard | Netlify Changelog Revert agent run in a task | Netlify Changelog Deletion improvements with Netlify Blobs | Netlify Changelog Preview Server restart for cross-functional collaborators | Netlify Changelog AI inference usage graphs | Netlify Changelog Buy credit packs on demand | Netlify Changelog React Router 7 middleware now supported | Netlify Changelog Skew protection now available | Netlify Changelog Next.js 16 is ready to deploy on Netlify | Netlify Changelog Enforce Git-based workflows for production deploys | Netlify Changelog Claude Haiku 4.5 is now available in the AI Gateway | Netlify Changelog GPT 5 Pro now available in the AI Gateway | Netlify Changelog Updates to credit-based Personal and Pro plans | Netlify Changelog New AI workflows: Agent Runners and AI Gateway (beta) | Netlify Changelog Netlify pricing update: Introducing credit-based plans | Netlify Changelog Security Update: Multiple vulnerabilities in Next.js | Netlify Changelog ChatGPT deep link for failed deploy analysis | Netlify Changelog Equinix IP address expiring for 4-year old sites | Netlify Changelog Nuxt 4 support + new @netlify/nuxt module for local dev | Netlify Changelog Netlify DB: Serverless PostgreSQL Database | Netlify One-click install Netlify MCP on Cursor | Netlify Changelog Netlify MCP Server: AI Agents Can Now Deploy Code Directly | Netlify Netlify Becomes Official Vite Deployment Partner + New Plugin | Netlify Angular 20 support | Netlify Changelog Netlify CLI 21.4.1 UI and workflow enhancements | Netlify Changelog Security Update: Next.js sites on Netlify not vulnerable to CVE-2025-32421 | Netlify Changelog Introducing the Netlify Cache API
Smart Secret Scanning for AI-Generated Code | Netlify
Nahrin Jalal · 2025-06-07 · via Netlify Changelog

Secret scanning’s new smart detection is a part of Agent Week. A week of announcements focused on making it easier, faster, and safer to go from prompt to production.

AI is prolific at writing code, but it doesn’t always have safety in mind.

In our rollout of secret scanning with smart detection this week, 17% of scanned applications had deployments blocked for including secrets. Nearly 1 in 6 applications were potentially deploying API keys, authentication tokens, or certificates that we want to help developers be aware of or prevent.

When agents can build entire apps in minutes, they might accidentally insert sensitive data in your codebase. Checking for secrets used to be a manual review process that now needs to keep pace with AI-generated code. When more code is being written by a more diverse group of people, it’s important to have guardrails in place to rein in while keeping velocity high.

This is why we’ve enhanced secret scanning with smart detection to proactively monitor and prevent secrets from ever being leaked.

Secret scanning detects a secret in a build

The AI codegen challenge

AI agents enable anyone to build applications–it’s great, until it’s not. While this democratizes development, it also introduces risks:

  • Agents may generate code that includes hardcoded secrets
  • Developers of varying experience might miss security issues
  • The speed of AI development can outpace review processes

Simply put, when everyone can build apps with AI, security scanning needs to be smarter than ever.

Beyond manual configuration

Netlify has always included security scanning on all plans to catch secrets you’ve manually configured by either placing in your .env folder or adding in the Netlify Dashboard. This works well when you know every line of code going into your application and can anticipate which secrets to watch for.

But AI-native development is a different world. Agents might use authentication patterns, API integrations, or third-party services you haven’t explicitly configured for monitoring. Traditional security scanning that relies on manual secret configuration can miss these agent-introduced vulnerabilities.

Secret scanning with smart detection

Today we’re announcing enhanced secret scanning with smart detection, available on paid plans. This goes beyond checking for manually configured secrets to identify and prevent any potential secret in your codebase.

Smart detection automatically monitors and recognizes:

  • API keys and authentication tokens from popular services
  • Database connection strings and credentials
  • Third-party service authentication patterns
  • Cryptographic keys and certificates

How smart detection works

Secret scanning now analyzes your deployments using pattern recognition to identify potential secrets based on format, context, and common usage. When a potential secret is detected, the deployment is blocked until you can review and address the issue.

This enhanced security is designed specifically for the AI-native development:

  • Proactive protection: Catches secrets that agents generate, even if you haven’t configured monitoring for them
  • Velocity without compromise: Security scanning that keeps pace with rapid AI code generation
  • Context awareness: Understands code patterns and deployment contexts to reduce false positives
  • Developer control: Clear notifications and resolution paths when issues are detected

When potential secrets are detected, builds fail automatically and deploy logs pinpoint exactly where the issue was found, making resolution fast and straightforward.

For the rare false positive, you can add values to a safelist using the SECRETS_SCAN_SMART_DETECTION_OMIT_VALUES environment variable, or disable the feature entirely if needed.

Balancing velocity with security

Enhanced secret scanning ensures that the speed advantages of AI development don’t come at the cost of security. When potential secrets are detected, you get clear information about exactly where the issue was found in your deploy logs and guidance on how to resolve it. Maintaining your development velocity while protecting sensitive data.

Available now on Pro and Enterprise plans

Secret scanning with smart detection is available immediately for all Netlify customers on paid plans and enabled by default. Customers can disable this feature in their settings, while new customers can upgrade to Pro to access this advanced protection.

For teams building with AI agents, this provides enterprise-grade security that matches the pace of modern development workflows.

Wrapping up Agent Week

Over the past five days, we’ve introduced tools that bridge the gap from AI-generated prompts to production-ready applications:

Together, these capabilities create an end-to-end agent experience. Enabling the shortest path for developers to go from prompt to production while maintaining the security and control that production applications require.