GitHub secret scanning updated
What happened
GitHub's secret scanning updated its pattern detectors, including new support for Supabase and Vercel credentials.
Why it matters
The updated secret scanning now detects Vercel production access tokens, in addition to Vercel API tokens. This expansion helps prevent unauthorized access to Vercel deployments. GitHub secret scanning also now supports Supabase keys. This includes the `anon key`, `service_role key`, and `supabase_jwt_secret`. These updates help developers at Profullstack who use Vercel and Supabase to more easily secure their projects and client data by preventing credential leaks. The expanded pattern detection reduces the risk of accidental exposure in public repositories.
Sources
Quick answers
What happened in GitHub secret scanning updated?
GitHub's secret scanning updated its pattern detectors, including new support for Supabase and Vercel credentials.
Why does GitHub secret scanning updated matter?
The updated secret scanning now detects Vercel production access tokens, in addition to Vercel API tokens. This expansion helps prevent unauthorized access to Vercel deployments. GitHub secret scanning also now supports Supabase keys. This includes the anon key, service_role key, and supabase_jwt_secret. These updates help developers at Profullstack who use Vercel and Supabase to more easily secure their projects and client data by preventing credential leaks. The expanded pattern detection reduces the risk of accidental exposure in public repositories.
