GitHub now allows organizations to designate specific roles, teams, and apps as exempt from secret scanning push protection. Exemption status is checked at push time, meaning exempt actors can push content containing secrets without triggering bypass requests. This can be configured at both organization and enterprise levels via security configurations.
Sort: