[grhmc]

No. There are valid cases to upload SSH keys and other certificates or secrets. Preventing it would be annoying, and near impossible to be very effective.

Just my $0.02.

[jethro_tell]

I agree with you, but I can't imagine a use case for a secret that's not secret.

[mikegirouard]

I believe Vagrant uses (or previously used) an insecure, public keypair[0] to keep things simple.

Aside from things like that, I can't see it being a _common_ use case.

[0]: https://github.com/mitchellh/vagrant/tree/master/keys

[swozey]

They could be pointing to an environment variable or a number of things. I'm not sure if there's a good way for Github to deal with things like that without affecting at least some users.

edit:..I guess they could just validate that it's a key.

[benjarrell]

There probably aren't many, howto and examples come to mind.

[jvoorhis]

Certificates are not secrets.