Push protection is generally available, and free for all public repositories

GitHub has introduced push protection as a feature to enhance security by integrating secret scanning directly into developers' workflows, aiming to proactively prevent secret leaks. Since its beta release in April 2022, this feature has helped avert 17,000 potential secret leaks, saving over 95,000 hours in dealing with exposed secrets. Now generally available for private repositories with a GitHub Advanced Security license, push protection is also free for all public repositories, offering a seamless experience by scanning for identifiable secrets before they are pushed. The tool maintains a low false positive rate to ensure trust and alerts developers within their IDE or command line interface with remediation guidance when a secret is detected. Developers can bypass the protection if necessary, with repository administrators being notified of such actions for auditing purposes. This approach, praised by industry professionals like Ger McMahon from Fidelity Investments and Leo Stolyarov from KPMG, enhances security without hindering development speed, ensuring that developers can maintain a high standard of secure and quality code.