Skip to main content

Diese Version von GitHub Enterprise Server wurde eingestellt am 2024-09-25. Es wird keine Patch-Freigabe vorgenommen, auch nicht für kritische Sicherheitsprobleme. Für bessere Leistung, verbesserte Sicherheit und neue Features aktualisiere auf die neueste Version von GitHub Enterprise Server. Wende dich an den GitHub Enterprise-Support, um Hilfe zum Upgrade zu erhalten.

Aktivieren der Überprüfung auf geheime Schlüssel für Ihr Repository

Du kannst konfigurieren, wie GitHub deine Repositorys nach kompromittierten Geheimnissen durchsucht und Warnungen generiert.

Wer kann dieses Feature verwenden?

Secret scanning ist für die folgenden Repositorys verfügbar:

  • Organisationeigene Repositorys mit aktiviertem GitHub Advanced Security
  • für ein Unternehmen mit aktiviertem GitHub Advanced Security

About enabling secret scanning

Secret scanning can be enabled for any repository that is owned by an organization.

If you're an organization owner, you can enable secret scanning for multiple repositories at a time. For more information, see "Quickstart for securing your organization."

If your organization is owned by an enterprise account, an enterprise owner can also enable secret scanning at the enterprise level. For more information, see "Managing GitHub Advanced Security features for your enterprise."

Enabling secret scanning

  1. On GitHub, navigate to the main page of the repository.

  2. Under your repository name, click Settings. If you cannot see the "Settings" tab, select the dropdown menu, then click Settings.

    Screenshot of a repository header showing the tabs. The "Settings" tab is highlighted by a dark orange outline.

  3. In the "Security" section of the sidebar, click Code security and analysis.

  4. If Advanced Security is not already enabled for the repository, to the right of "GitHub Advanced Security", click Enable.

  5. Review the impact of enabling Advanced Security, then click Enable GitHub Advanced Security for this repository.

  6. When you enable Advanced Security, secret scanning may automatically be enabled for the repository due to the organization's settings. If "Secret scanning" is shown with an Enable button, you still need to enable secret scanning by clicking Enable. If you see a Disable button, secret scanning is already enabled.

    Screenshot of the "Secret scanning" section of the "Code security and analysis" page, with the "Enable" button highlighted in a dark orange outline.

A repository administrator can choose to disable secret scanning for a repository at any time. For more information, see "Managing security and analysis settings for your repository."

Next steps