Hacker News new | ask | show | jobs
by greysteil 1277 days ago
GitHub PM here. Right now we scan code, commit metadata, issues, and issue comments. We're expanding to other content types over time, with support for pull request bodies and comments coming in early 2023. Actions logs are on our list too, but will take a little longer.

(It's worth noting that any secrets in your Actions secret store will already be redacted in any Actions logs, so those won't leak there.)
2 comments
lozenge 1276 days ago
It feels like there could be a GitHub action step that just means "redact this particular string output in this task and for the rest of the Action"?
link
dinvlad 1277 days ago
Thanks - and yes, this is meant for external secret management solutions like Vault, not GitHub Secrets, which are "safe" enough.
link