참고 항목
토큰에 대한 확장 메타데이터 검사는 공개 미리 보기로 제공되며 변경될 수 있습니다.
About extended metadata checks
Extended metadata checks, often referred to as analyzers in other tools, are a secret scanning feature that you can enable for supported tokens.
When you enable extended metadata checks for tokens, secret scanning provides you with additional information about detected secrets, such as ownership and contact details. This information helps you:
- Gain deeper insight into detected secrets: Know who owns a secret.
- Improve incident response: Quickly identify responsible teams or individuals when a secret is leaked.
- Enhance compliance: Ensure secrets align with your organization’s governance and security policies.
This information appears on GitHub, in the page for the related secret scanning alert, helping you prioritize and remediate exposures more efficiently.
Metadata availability varies depending on the secret type. For more information, see Evaluating alerts from secret scanning.
Enabling extended metadata checks
Before enabling metadata checks, you need to ensure that validity checks are enabled for the repository. See Enabling validity checks for your repository.
-
GitHub에서 리포지토리의 기본 페이지로 이동합니다.
-
리포지토리 이름 아래에서 Settings를 클릭합니다. "설정" 탭이 표시되지 않으면 드롭다운 메뉴를 선택한 다음 설정을 클릭합니다.
-
사이드바의 "Security" 섹션에서 Advanced Security 를 클릭합니다.
-
"Secret Protection"에서 "유효성 검사"의 오른쪽에 있는 사용을 클릭합니다.
-
Under "Secret Protection", to the right of "Extended metadata", click Enable.
