Custom patterns
You can extend the capabilities of secret scanning to search for your own patterns. These custom patterns can range from your service API keys to connection strings into cloud resources.
Who can use this feature?
Secret scanning alerts for partners runs automatically on public repositories and public npm packages to notify service providers about leaked secrets on GitHub.
Secret scanning alerts for users are available for user-owned public repositories for free. Organizations using GitHub Enterprise Cloud with a license for GitHub Advanced Security can also enable secret scanning alerts for users on their private and internal repositories. Additionally, secret scanning alerts for users are available and in beta on user-owned repositories for GitHub Enterprise Cloud with Enterprise Managed Users. For more information, see "About secret scanning alerts" and "About GitHub Advanced Security."
For information about how you can try GitHub Advanced Security for free, see "Setting up a trial of GitHub Advanced Security."
Defining custom patterns for secret scanning
You can define your own custom patterns to extend the capabilities of secret scanning by generating one or more regular expressions.
Managing custom patterns
You can view, edit, and remove custom patterns, as well as enable push protection for custom patterns.
About generating regular expressions with AI
You can define your own custom patterns to extend the capabilities of secret scanning by generating one or more regular expressions for each pattern, using the regular expression generator.
Generating regular expressions for custom patterns with AI
You can use the regular expression generator to generate regular expressions for custom patterns. The generator uses an AI model to generate expressions that match your input, and optionally example strings.
Metrics for custom patterns
You can view alert metrics for custom patterns at the repository, organization, and enterprise levels.