[mcdwayne]

This was on public GitHub, which anyone can scan for anything. Their API is a firehose you can consume: https://api.github.com/events

GitGuardian's public report on secrets sprawl talks about their methodology of scanning any commit https://www.gitguardian.com/state-of-secrets-sprawl-report-2...