diff --git a/content/actions/how-tos/manage-runners/larger-runners/use-custom-images.md b/content/actions/how-tos/manage-runners/larger-runners/use-custom-images.md index d7b11c9fe705..7e3cedea0c32 100644 --- a/content/actions/how-tos/manage-runners/larger-runners/use-custom-images.md +++ b/content/actions/how-tos/manage-runners/larger-runners/use-custom-images.md @@ -44,6 +44,7 @@ To create a custom image, you must first set up an image-generation runner. When * **Platform**: Select a supported platform that matches the platform of the image you plan to create (Linux x64, Linux ARM64, or Windows x64). * **Image**: Select an image to build on, then enable the checkbox **Enable this runner to generate custom images**. * You can start from a {% data variables.product.github %}-owned image or choose a base image to start from a clean OS. + * You can start from an existing custom image as the base, enabling layered image workflows. * For ARM64 platforms, you can also select an ARM-maintained image with preinstalled tooling. * **Runner group**: Select the group for your runner to be a member of. Once the custom image is created, only runners in this runner group can generate new versions of that image. @@ -139,6 +140,12 @@ If you specify an older major version in the YAML (for example, version: 1.* whe > [!NOTE] > {% data variables.actions.github_hosted_larger_runner %} creation does not support wildcards in image version selection. +## Expiration for images built from custom images + +When a custom image is built from another custom image, the derived image inherits the expiration timeline of its base image. The maximum version age is calculated from when the base custom image was built, not when the derived image was created. + +For example, if Custom Image A is built on Day 2 and Custom Image B is built from A on Day 4 with a 7-day maximum version age policy, both A and B expire on Day 9. + ## Billing and storage for custom images Jobs that use custom images are billed at the same per-minute rate as the {% data variables.actions.hosted_runner %} that uses the image. Storage for custom images is billed separately through {% data variables.product.prodname_actions %} storage. diff --git a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/actions-policies/about-actions-policies.md b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/actions-policies/about-actions-policies.md new file mode 100644 index 000000000000..241708d0cc15 --- /dev/null +++ b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/actions-policies/about-actions-policies.md @@ -0,0 +1,16 @@ +--- +title: About Actions policies +shortTitle: About Actions policies +intro: 'Actions policies let you govern how {% data variables.product.prodname_actions %} workflows run across organizations and repositories in your enterprise, starting with workflow execution protections.' +versions: + ghec: '*' +contentType: concepts +--- + +{% data reusables.actions.actions-policies-preview-note %} + +{% data reusables.actions.actions-policies-about-body %} + +## Next steps + +To configure workflow execution protections for your enterprise, including setting up event and actor rules, see [AUTOTITLE](/admin/enforcing-policies/enforcing-policies-for-your-enterprise/actions-policies/workflow-execution-protections). diff --git a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/actions-policies/index.md b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/actions-policies/index.md new file mode 100644 index 000000000000..9817ee186349 --- /dev/null +++ b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/actions-policies/index.md @@ -0,0 +1,11 @@ +--- +title: Actions policies +shortTitle: Actions policies +intro: 'Actions policies let you govern how {% data variables.product.prodname_actions %} workflows run across organizations and repositories in your enterprise.' +versions: + ghec: '*' +children: + - /about-actions-policies + - /workflow-execution-protections +--- + diff --git a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/actions-policies/workflow-execution-protections.md b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/actions-policies/workflow-execution-protections.md new file mode 100644 index 000000000000..aeba38009dec --- /dev/null +++ b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/actions-policies/workflow-execution-protections.md @@ -0,0 +1,23 @@ +--- +title: Workflow execution protections +shortTitle: Workflow execution protections +intro: 'Workflow execution protections let you control who can trigger {% data variables.product.prodname_actions %} workflows and which events are permitted to run them across your enterprise.' +versions: + ghec: '*' +contentType: how-tos +--- + +{% data reusables.actions.workflow-execution-protections-preview-note %} + +{% data reusables.actions.workflow-execution-protections-body %} + +## Configuring workflow execution protections + +You configure workflow execution protections in the new **Policies** section of your {% data variables.product.prodname_actions %} settings. This **Policies** section is separate from your existing **General** settings. + +{% data reusables.enterprise-accounts.access-enterprise %} +{% data reusables.enterprise-accounts.policies-tab %} +{% data reusables.enterprise-accounts.actions-tab %} +1. Click **Policies**. +1. Create a ruleset, then add your event and actor rules. +1. Choose whether the ruleset is active or in evaluate mode, then save your changes. diff --git a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/index.md b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/index.md index 1d97e8278302..966d8a105909 100644 --- a/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/index.md +++ b/content/admin/enforcing-policies/enforcing-policies-for-your-enterprise/index.md @@ -18,6 +18,7 @@ children: - /enforcing-policies-for-github-sponsors-in-your-enterprise - /enforcing-policies-for-security-settings-in-your-enterprise - /enforcing-policies-for-github-actions-in-your-enterprise + - /actions-policies - /enforcing-policies-for-github-copilot-in-your-enterprise - /enforcing-policies-for-github-codespaces-in-your-enterprise - /enforcing-policies-for-code-security-and-analysis-for-your-enterprise @@ -27,3 +28,4 @@ children: shortTitle: Enforce policies --- + diff --git a/content/copilot/how-tos/copilot-sdk/getting-started.md b/content/copilot/how-tos/copilot-sdk/getting-started.md index eeb87bd72033..1dd730d0233c 100644 --- a/content/copilot/how-tos/copilot-sdk/getting-started.md +++ b/content/copilot/how-tos/copilot-sdk/getting-started.md @@ -155,7 +155,7 @@ Create `index.ts`: import { CopilotClient } from "@github/copilot-sdk"; const client = new CopilotClient(); -const session = await client.createSession({ model: "gpt-4.1" }); +const session = await client.createSession({ model: "auto" }); const response = await session.sendAndWait({ prompt: "What is 2 + 2?" }); console.log(response?.data.content); @@ -184,7 +184,7 @@ async def main(): client = CopilotClient() await client.start() - session = await client.create_session(on_permission_request=PermissionHandler.approve_all, model="gpt-4.1") + session = await client.create_session(on_permission_request=PermissionHandler.approve_all, model="auto") response = await session.send_and_wait("What is 2 + 2?") print(response.data.content) @@ -224,7 +224,7 @@ func main() { } defer client.Stop() - session, err := client.CreateSession(ctx, &copilot.SessionConfig{Model: "gpt-4.1"}) + session, err := client.CreateSession(ctx, &copilot.SessionConfig{Model: "auto"}) if err != nil { log.Fatal(err) } @@ -301,7 +301,7 @@ using GitHub.Copilot; await using var client = new CopilotClient(); await using var session = await client.CreateSessionAsync(new SessionConfig { - Model = "gpt-4.1", + Model = "auto", OnPermissionRequest = PermissionHandler.ApproveAll }); @@ -333,7 +333,7 @@ public class HelloCopilot { var session = client.createSession( new SessionConfig() - .setModel("gpt-4.1") + .setModel("auto") .setOnPermissionRequest(PermissionHandler.APPROVE_ALL) ).get(); @@ -380,7 +380,7 @@ import { CopilotClient } from "@github/copilot-sdk"; const client = new CopilotClient(); const session = await client.createSession({ - model: "gpt-4.1", + model: "auto", streaming: true, }); @@ -414,7 +414,7 @@ async def main(): client = CopilotClient() await client.start() - session = await client.create_session(on_permission_request=PermissionHandler.approve_all, model="gpt-4.1", streaming=True) + session = await client.create_session(on_permission_request=PermissionHandler.approve_all, model="auto", streaming=True) # Listen for response chunks def handle_event(event): @@ -459,7 +459,7 @@ func main() { defer client.Stop() session, err := client.CreateSession(ctx, &copilot.SessionConfig{ - Model: "gpt-4.1", + Model: "auto", Streaming: copilot.Bool(true), }) if err != nil { @@ -551,7 +551,7 @@ using GitHub.Copilot; await using var client = new CopilotClient(); await using var session = await client.CreateSessionAsync(new SessionConfig { - Model = "gpt-4.1", + Model = "auto", OnPermissionRequest = PermissionHandler.ApproveAll, Streaming = true, }); @@ -590,7 +590,7 @@ public class HelloCopilot { var session = client.createSession( new SessionConfig() - .setModel("gpt-4.1") + .setModel("auto") .setStreaming(true) .setOnPermissionRequest(PermissionHandler.APPROVE_ALL) ).get(); @@ -887,7 +887,7 @@ const getWeather = defineTool("get_weather", { const client = new CopilotClient(); const session = await client.createSession({ - model: "gpt-4.1", + model: "auto", streaming: true, tools: [getWeather], }); @@ -941,7 +941,7 @@ async def main(): client = CopilotClient() await client.start() - session = await client.create_session(on_permission_request=PermissionHandler.approve_all, model="gpt-4.1", streaming=True, tools=[get_weather]) + session = await client.create_session(on_permission_request=PermissionHandler.approve_all, model="auto", streaming=True, tools=[get_weather]) def handle_event(event): if event.type == SessionEventType.ASSISTANT_MESSAGE_DELTA: @@ -1016,7 +1016,7 @@ func main() { defer client.Stop() session, err := client.CreateSession(ctx, &copilot.SessionConfig{ - Model: "gpt-4.1", + Model: "auto", Streaming: copilot.Bool(true), Tools: []copilot.Tool{getWeather}, }) @@ -1152,7 +1152,7 @@ var getWeather = CopilotTool.DefineTool( await using var session = await client.CreateSessionAsync(new SessionConfig { - Model = "gpt-4.1", + Model = "auto", OnPermissionRequest = PermissionHandler.ApproveAll, Streaming = true, Tools = [getWeather], @@ -1225,7 +1225,7 @@ public class HelloCopilot { var session = client.createSession( new SessionConfig() - .setModel("gpt-4.1") + .setModel("auto") .setStreaming(true) .setTools(List.of(getWeather)) .setOnPermissionRequest(PermissionHandler.APPROVE_ALL) @@ -1283,7 +1283,7 @@ const getWeather = defineTool("get_weather", { const client = new CopilotClient(); const session = await client.createSession({ - model: "gpt-4.1", + model: "auto", streaming: true, tools: [getWeather], }); @@ -1354,7 +1354,7 @@ async def main(): client = CopilotClient() await client.start() - session = await client.create_session(on_permission_request=PermissionHandler.approve_all, model="gpt-4.1", streaming=True, tools=[get_weather]) + session = await client.create_session(on_permission_request=PermissionHandler.approve_all, model="auto", streaming=True, tools=[get_weather]) def handle_event(event): if event.type == SessionEventType.ASSISTANT_MESSAGE_DELTA: @@ -1445,7 +1445,7 @@ func main() { defer client.Stop() session, err := client.CreateSession(ctx, &copilot.SessionConfig{ - Model: "gpt-4.1", + Model: "auto", Streaming: copilot.Bool(true), Tools: []copilot.Tool{getWeather}, }) @@ -1630,7 +1630,7 @@ var getWeather = CopilotTool.DefineTool( await using var client = new CopilotClient(); await using var session = await client.CreateSessionAsync(new SessionConfig { - Model = "gpt-4.1", + Model = "auto", OnPermissionRequest = PermissionHandler.ApproveAll, Streaming = true, Tools = [getWeather] @@ -1723,7 +1723,7 @@ public class WeatherAssistant { var session = client.createSession( new SessionConfig() - .setModel("gpt-4.1") + .setModel("auto") .setStreaming(true) .setOnPermissionRequest(request -> CompletableFuture.completedFuture(PermissionDecision.allow()) diff --git a/content/organizations/managing-organization-settings/actions-policies/about-actions-policies.md b/content/organizations/managing-organization-settings/actions-policies/about-actions-policies.md new file mode 100644 index 000000000000..5b5b27fdf655 --- /dev/null +++ b/content/organizations/managing-organization-settings/actions-policies/about-actions-policies.md @@ -0,0 +1,17 @@ +--- +title: About Actions policies +shortTitle: About Actions policies +intro: 'Actions policies let you govern how {% data variables.product.prodname_actions %} workflows run across repositories in your organization, starting with workflow execution protections.' +versions: + fpt: '*' + ghec: '*' +contentType: concepts +--- + +{% data reusables.actions.actions-policies-preview-note %} + +{% data reusables.actions.actions-policies-about-body %} + +## Next steps + +To configure workflow execution protections for your organization, including setting up event and actor rules, see [AUTOTITLE](/organizations/managing-organization-settings/actions-policies/workflow-execution-protections). diff --git a/content/organizations/managing-organization-settings/actions-policies/index.md b/content/organizations/managing-organization-settings/actions-policies/index.md new file mode 100644 index 000000000000..340c2ed38af8 --- /dev/null +++ b/content/organizations/managing-organization-settings/actions-policies/index.md @@ -0,0 +1,12 @@ +--- +title: Actions policies +shortTitle: Actions policies +intro: 'Actions policies let you govern how {% data variables.product.prodname_actions %} workflows run across repositories in your organization.' +versions: + fpt: '*' + ghec: '*' +children: + - /about-actions-policies + - /workflow-execution-protections +--- + diff --git a/content/organizations/managing-organization-settings/actions-policies/workflow-execution-protections.md b/content/organizations/managing-organization-settings/actions-policies/workflow-execution-protections.md new file mode 100644 index 000000000000..be8d47c46a34 --- /dev/null +++ b/content/organizations/managing-organization-settings/actions-policies/workflow-execution-protections.md @@ -0,0 +1,23 @@ +--- +title: Workflow execution protections +shortTitle: Workflow execution protections +intro: 'Workflow execution protections let you control who can trigger {% data variables.product.prodname_actions %} workflows and which events are permitted to run them across your organization.' +versions: + fpt: '*' + ghec: '*' +contentType: how-tos +--- + +{% data reusables.actions.workflow-execution-protections-preview-note %} + +{% data reusables.actions.workflow-execution-protections-body %} + +## Configuring workflow execution protections + +You configure workflow execution protections in the new **Policies** section of your {% data variables.product.prodname_actions %} settings. This **Policies** section is separate from your existing **General** settings. + +{% data reusables.profile.access_org %} +{% data reusables.profile.org_settings %} +1. In the left sidebar, under **Actions**, click **Policies**. +1. Create a ruleset, then add your event and actor rules. +1. Choose whether the ruleset is active or in evaluate mode, then save your changes. diff --git a/content/organizations/managing-organization-settings/index.md b/content/organizations/managing-organization-settings/index.md index c60adf2a5826..825900c550f9 100644 --- a/content/organizations/managing-organization-settings/index.md +++ b/content/organizations/managing-organization-settings/index.md @@ -20,6 +20,7 @@ children: - /managing-the-forking-policy-for-your-organization - /managing-pull-request-reviews-in-your-organization - /disabling-or-limiting-github-actions-for-your-organization + - /actions-policies - /about-networking-for-hosted-compute-products-in-your-organization - /about-azure-private-networking-for-github-hosted-runners-in-your-organization - /configuring-private-networking-for-github-hosted-runners-in-your-organization @@ -55,3 +56,4 @@ children: - /managing-or-restricting-github-models-for-your-organization shortTitle: Manage organization settings --- + diff --git a/content/repositories/managing-your-repositorys-settings-and-features/actions-policies/about-actions-policies.md b/content/repositories/managing-your-repositorys-settings-and-features/actions-policies/about-actions-policies.md new file mode 100644 index 000000000000..dca6499756f0 --- /dev/null +++ b/content/repositories/managing-your-repositorys-settings-and-features/actions-policies/about-actions-policies.md @@ -0,0 +1,17 @@ +--- +title: About Actions policies +shortTitle: About Actions policies +intro: 'Actions policies let you govern how {% data variables.product.prodname_actions %} workflows run in your repository, starting with workflow execution protections.' +versions: + fpt: '*' + ghec: '*' +contentType: concepts +--- + +{% data reusables.actions.actions-policies-preview-note %} + +{% data reusables.actions.actions-policies-about-body %} + +## Next steps + +To configure workflow execution protections for your repository, including setting up event and actor rules, see [AUTOTITLE](/repositories/managing-your-repositorys-settings-and-features/actions-policies/workflow-execution-protections). diff --git a/content/repositories/managing-your-repositorys-settings-and-features/actions-policies/index.md b/content/repositories/managing-your-repositorys-settings-and-features/actions-policies/index.md new file mode 100644 index 000000000000..47d384543b35 --- /dev/null +++ b/content/repositories/managing-your-repositorys-settings-and-features/actions-policies/index.md @@ -0,0 +1,12 @@ +--- +title: Actions policies +shortTitle: Actions policies +intro: 'Actions policies let you govern how {% data variables.product.prodname_actions %} workflows run in a repository.' +versions: + fpt: '*' + ghec: '*' +children: + - /about-actions-policies + - /workflow-execution-protections +--- + diff --git a/content/repositories/managing-your-repositorys-settings-and-features/actions-policies/workflow-execution-protections.md b/content/repositories/managing-your-repositorys-settings-and-features/actions-policies/workflow-execution-protections.md new file mode 100644 index 000000000000..5e5d1a6317c2 --- /dev/null +++ b/content/repositories/managing-your-repositorys-settings-and-features/actions-policies/workflow-execution-protections.md @@ -0,0 +1,23 @@ +--- +title: Workflow execution protections +shortTitle: Workflow execution protections +intro: 'Workflow execution protections let you control who can trigger {% data variables.product.prodname_actions %} workflows and which events are permitted to run them.' +versions: + fpt: '*' + ghec: '*' +contentType: how-tos +--- + +{% data reusables.actions.workflow-execution-protections-preview-note %} + +{% data reusables.actions.workflow-execution-protections-body %} + +## Configuring workflow execution protections + +You configure workflow execution protections in the new **Policies** section of your {% data variables.product.prodname_actions %} settings. This **Policies** section is separate from your existing **General** settings. + +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-settings %} +1. In the left sidebar, under **Actions**, click **Policies**. +1. Create a ruleset, then add your event and actor rules. +1. Choose whether the ruleset is active or in evaluate mode, then save your changes. diff --git a/content/repositories/managing-your-repositorys-settings-and-features/index.md b/content/repositories/managing-your-repositorys-settings-and-features/index.md index 0309a8e73ce8..67c190495678 100644 --- a/content/repositories/managing-your-repositorys-settings-and-features/index.md +++ b/content/repositories/managing-your-repositorys-settings-and-features/index.md @@ -13,7 +13,9 @@ children: - /repository-access-and-collaboration - /customizing-your-repository - /enabling-features-for-your-repository + - /actions-policies - /managing-repository-settings shortTitle: Manage repository settings --- + diff --git a/data/reusables/actions/actions-policies-about-body.md b/data/reusables/actions/actions-policies-about-body.md new file mode 100644 index 000000000000..4ed60dcda4d2 --- /dev/null +++ b/data/reusables/actions/actions-policies-about-body.md @@ -0,0 +1,13 @@ +## About Actions policies + +Actions policies let you govern how {% data variables.product.prodname_actions %} workflows run across your organizations and repositories. You configure Actions policies in a new **Policies** section of your {% data variables.product.prodname_actions %} settings, separate from your existing **General** settings. + +Actions policies are available at the enterprise, organization, and repository levels. + +Actions policies currently contain one type of policy: workflow execution protections. {% data variables.product.github %} plans to add more policies over time. + +## About workflow execution protections + +Workflow execution protections let you define an allow list that controls who can trigger {% data variables.product.prodname_actions %} workflows and which events are permitted to run them. Workflow execution protections come with two rule types: event and actor. {% data variables.product.github %} plans to add more rules over time. + +Workflow execution protections are built on the {% data variables.product.github %} rulesets framework, so the targeting you already know from rulesets works here too. You can apply protections with rulesets and scope them to specific repositories using repository custom properties. For more information about rulesets, see [AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/about-rulesets). diff --git a/data/reusables/actions/actions-policies-preview-note.md b/data/reusables/actions/actions-policies-preview-note.md new file mode 100644 index 000000000000..c664959ab9f9 --- /dev/null +++ b/data/reusables/actions/actions-policies-preview-note.md @@ -0,0 +1,2 @@ +> [!NOTE] +> Actions policies are in {% data variables.release-phases.public_preview %} and subject to change. diff --git a/data/reusables/actions/workflow-execution-protections-body.md b/data/reusables/actions/workflow-execution-protections-body.md new file mode 100644 index 000000000000..4e401b368684 --- /dev/null +++ b/data/reusables/actions/workflow-execution-protections-body.md @@ -0,0 +1,29 @@ +## About workflow execution protections + +Workflow execution protections let you define an allow list that controls who can trigger {% data variables.product.prodname_actions %} workflows and which events are permitted to run them. Previously, a workflow ran based on the workflow file in the commit that triggered it, and an attacker with repository access could modify that file to run malicious code. Workflow execution protections close that gap. Administrators define the rules, and {% data variables.product.prodname_actions %} evaluates them before a workflow runs, so an unauthorized actor or event never reaches execution. + +Workflow execution protections are available at the enterprise, organization, and repository levels. + +## Backed by rulesets + +Workflow execution protections are built on the {% data variables.product.github %} rulesets framework, so the targeting you already know from rulesets works here too. You can apply protections with rulesets and scope them to specific repositories using repository custom properties. This means you can enforce broad protections from one place rather than configuring each workflow file individually. For more information about rulesets, see [AUTOTITLE](/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/about-rulesets). + +You can also use evaluate mode to run your rules without enforcing them. Evaluate mode shows you exactly what a rule would block before you enforce it, so you can roll out policies without breaking existing workflows. + +## Available rules + +Event and actor are the first two rules, and {% data variables.product.github %} plans to add more rules over time. + +* **Actor rules** control who can trigger workflows, including individual users, repository roles such as Read, Maintain, and Admin, {% data variables.product.prodname_github_apps %}, {% data variables.product.prodname_copilot_short %}, and {% data variables.product.prodname_dependabot %}. +* **Event rules** control which events are permitted, such as `push`, `pull_request`, `pull_request_target`, and `workflow_dispatch`. + +By default, every user with write access to a repository can trigger workflows. Actor rules let you separate who contributes code from who runs your CI, so you can grant a contributor write access without granting them the ability to execute workflows. + +## Stop common attacker techniques + +Workflow execution protections disrupt several real-world attack patterns: + +* **Poisoned pipeline execution from pull requests.** Restrict or prohibit `pull_request_target`, including in public repositories where it is most often exploited. +* **Manual-trigger abuse.** Limit `workflow_dispatch` to maintainers so untrusted identities cannot start workflows. +* **Untrusted-actor execution.** Block low-trust identities from triggering workflows entirely. +* **Misconfiguration exploitation.** Apply central policy that overrides any single misconfigured workflow file. diff --git a/data/reusables/actions/workflow-execution-protections-preview-note.md b/data/reusables/actions/workflow-execution-protections-preview-note.md new file mode 100644 index 000000000000..59ec2e5edf65 --- /dev/null +++ b/data/reusables/actions/workflow-execution-protections-preview-note.md @@ -0,0 +1,2 @@ +> [!NOTE] +> Workflow execution protections are in {% data variables.release-phases.public_preview %} and subject to change. diff --git a/src/secret-scanning/data/pattern-docs/fpt/public-docs.yml b/src/secret-scanning/data/pattern-docs/fpt/public-docs.yml index 4c0f3cc46778..d5537cf9feb8 100644 --- a/src/secret-scanning/data/pattern-docs/fpt/public-docs.yml +++ b/src/secret-scanning/data/pattern-docs/fpt/public-docs.yml @@ -4141,7 +4141,7 @@ isPrivateWithGhas: true hasPushProtection: true hasValidityCheck: true - hasExtendedMetadata: false + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' base64Supported: false isduplicate: false - provider: Rootly diff --git a/src/secret-scanning/data/pattern-docs/ghec/public-docs.yml b/src/secret-scanning/data/pattern-docs/ghec/public-docs.yml index 4c0f3cc46778..d5537cf9feb8 100644 --- a/src/secret-scanning/data/pattern-docs/ghec/public-docs.yml +++ b/src/secret-scanning/data/pattern-docs/ghec/public-docs.yml @@ -4141,7 +4141,7 @@ isPrivateWithGhas: true hasPushProtection: true hasValidityCheck: true - hasExtendedMetadata: false + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' base64Supported: false isduplicate: false - provider: Rootly diff --git a/src/secret-scanning/data/pattern-docs/ghes-3.22/public-docs.yml b/src/secret-scanning/data/pattern-docs/ghes-3.22/public-docs.yml new file mode 100644 index 000000000000..4c0f3cc46778 --- /dev/null +++ b/src/secret-scanning/data/pattern-docs/ghes-3.22/public-docs.yml @@ -0,0 +1,5196 @@ +- provider: 1Password + supportedSecret: 1Password Service Account Token + secretType: 1password_service_account_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Adafruit + supportedSecret: Adafruit IO Key + secretType: adafruit_io_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: Adobe + supportedSecret: Adobe Client Secret + secretType: adobe_client_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Adobe + supportedSecret: Adobe Device Token + secretType: adobe_device_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Adobe + supportedSecret: Adobe PAC Token + secretType: adobe_pac_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Adobe + supportedSecret: Adobe Refresh Token + secretType: adobe_refresh_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Adobe + supportedSecret: Adobe Service Token + secretType: adobe_service_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Adobe + supportedSecret: Adobe Short-Lived Access Token + secretType: adobe_short_lived_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Aikido + supportedSecret: Aikido API Client Secret + secretType: aikido_api_client_secret + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Aikido + supportedSecret: Aikido CI Scanning Token + secretType: aikido_ci_scanning_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Airtable + supportedSecret: Airtable API Key + secretType: airtable_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: Airtable + supportedSecret: Airtable Personal Access Token + secretType: airtable_personal_access_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: Aiven + supportedSecret: Aiven Auth Token + secretType: aiven_auth_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Aiven + supportedSecret: Aiven Service Password + secretType: aiven_service_password + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Alibaba + supportedSecret: Alibaba Cloud AccessKey ID + secretType: alibaba_cloud_access_key_id,
alibaba_cloud_access_key_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Amazon AWS + supportedSecret: Amazon AWS Access Key ID + secretType: aws_access_key_id,
aws_secret_access_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: true + isduplicate: true +- provider: Amazon AWS + supportedSecret: Amazon AWS API Key ID + secretType: aws_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Amazon AWS + supportedSecret: Amazon AWS Session Token + secretType: >- + aws_secret_access_key,
aws_session_token, +
aws_temporary_access_key_id + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Anthropic + supportedSecret: Anthropic Admin API Key + secretType: anthropic_admin_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Anthropic + supportedSecret: Anthropic API Key + secretType: anthropic_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: true + isduplicate: true +- provider: Anthropic + supportedSecret: Anthropic Session ID + secretType: anthropic_session_id + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Apify + supportedSecret: Apify Actor Run API Token + secretType: apify_actor_run_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Apify + supportedSecret: Apify Actor Run Proxy Password + secretType: apify_actor_run_proxy_password + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Apify + supportedSecret: Apify API Token + secretType: apify_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: Apify + supportedSecret: Apify Integration API Token + secretType: apify_integration_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Apify + supportedSecret: Apify Proxy Password + secretType: apify_proxy_password + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Apify + supportedSecret: Apify UI Token + secretType: apify_ui_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Apify + supportedSecret: Apify Webhook Dispatch API Token + secretType: apify_webhook_dispatch_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Asaas + supportedSecret: Asaas API Token + secretType: asaas_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Asana + supportedSecret: Asana Legacy Format Personal Access Token + secretType: asana_legacy_format_personal_access_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Asana + supportedSecret: Asana Personal Access Token + secretType: asana_personal_access_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Atlassian + supportedSecret: Atlassian API Token + secretType: atlassian_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Atlassian + supportedSecret: Atlassian JSON Web Token + secretType: atlassian_jwt + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Authress + supportedSecret: Authress Service Client Access Key + secretType: authress_service_client_access_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Active Directory Application Secret + secretType: azure_active_directory_application_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Azure + supportedSecret: Azure AI Services Key + secretType: azure_ai_services_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Anomaly Detector EE Key + secretType: azure_anomaly_detector_ee_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Anomaly Detector Key + secretType: azure_anomaly_detector_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Apim Direct Management Key + secretType: azure_apim_direct_management_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Apim Gateway Key + secretType: azure_apim_gateway_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Apim Repository Key + secretType: azure_apim_repository_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Apim Subscription Key + secretType: azure_apim_subscription_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure App Configuration Connection String + secretType: azure_app_configuration_connection_string + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure App Configuration Key + secretType: azure_app_configuration_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Batch Key Identifiable + secretType: azure_batch_key_identifiable + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Azure + supportedSecret: Azure Cache for Redis Access Key + secretType: azure_cache_for_redis_access_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: true + isduplicate: true +- provider: Azure + supportedSecret: Azure Cognitive Services Key + secretType: azure_cognitive_services_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Communication Services Connection String + secretType: azure_communication_services_connection_string + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Communication Services Key + secretType: azure_communication_services_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Computer Vision Key + secretType: azure_computer_vision_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Registry Key Identifiable + secretType: azure_container_registry_key_identifiable + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Content Moderator Key + secretType: azure_content_moderator_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Content Safety Key + secretType: azure_content_safety_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Cosmosdb Key Identifiable + secretType: azure_cosmosdb_key_identifiable + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: true + isduplicate: true +- provider: Azure + supportedSecret: Azure Custom Vision Prediction Key + secretType: azure_custom_vision_prediction_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Custom Vision Training Key + secretType: azure_custom_vision_training_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure DevOps Personal Access Token + secretType: azure_devops_personal_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Azure + supportedSecret: Azure Event Grid Key Identifiable + secretType: azure_event_grid_key_identifiable + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Azure + supportedSecret: Azure Event Hub Key Identifiable + secretType: azure_event_hub_key_identifiable + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Face Key + secretType: azure_face_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Fluid Relay Key + secretType: azure_fluid_relay_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Form Recognizer Key + secretType: azure_form_recognizer_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Function Key + secretType: azure_function_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: true + isduplicate: true +- provider: Azure + supportedSecret: Azure Health Decision Support Key + secretType: azure_health_decision_support_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Health Insights Key + secretType: azure_health_insights_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Immersive Reader Key + secretType: azure_immersive_reader_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Internal All In One Key + secretType: azure_internal_all_in_one_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure IoT Device Connection String + secretType: azure_iot_device_connection_string + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure IoT Device Key + secretType: azure_iot_device_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure IoT Device Provisioning Key + secretType: azure_iot_device_provisioning_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure IoT Hub Connection String + secretType: azure_iot_hub_connection_string + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure IoT Hub Key + secretType: azure_iot_hub_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure IoT Provisioning Connection String + secretType: azure_iot_provisioning_connection_string + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Knowledge Key + secretType: azure_knowledge_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Logic Apps URL + secretType: azure_logic_apps_url + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Azure + supportedSecret: Azure Luis Authoring Key + secretType: azure_luis_authoring_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Luis Key + secretType: azure_luis_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Microsoft Azure Service Management Certificate + secretType: azure_management_certificate + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Maps Key + secretType: azure_maps_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Metrics Advisor Key + secretType: azure_metrics_advisor_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Mixed Reality Key + secretType: azure_mixed_reality_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure ML Inference Key + secretType: azure_ml_inference_identifiable_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure ML Internal Service Principal Key + secretType: azure_ml_internal_service_principal_identifiable_key + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure ML Studio (classic) Web Service Key + secretType: azure_ml_web_service_classic_identifiable_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure OpenAI Key + secretType: azure_openai_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: true + isduplicate: true +- provider: Azure + supportedSecret: Azure Personalizer Key + secretType: azure_personalizer_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure QnA Maker Key + secretType: azure_qna_maker_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure QnA Maker V2 Key + secretType: azure_qna_maker_v2_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Quantum Key + secretType: azure_quantum_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Relay Key Identifiable + secretType: azure_relay_key_identifiable + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure SAS Token + secretType: azure_sas_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Search Admin Key + secretType: azure_search_admin_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Search Query Key + secretType: azure_search_query_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Service Bus Key Identifiable + secretType: azure_service_bus_identifiable + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure SignalR Connection String + secretType: azure_signalr_connection_string + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure SignalR Key + secretType: azure_signalr_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Azure + supportedSecret: Azure Speech Services Key + secretType: azure_speech_services_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Speech Translation Key + secretType: azure_speech_translation_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure SQL Internal Default CloudSA Key + secretType: azure_sql_internal_default_cloudsa_key + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure SQL password + secretType: azure_sql_password + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Storage Account Access Key + secretType: azure_storage_account_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: true + isduplicate: true +- provider: Azure + supportedSecret: Azure Text Analytics Key + secretType: azure_text_analytics_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Text Translation Key + secretType: azure_text_translation_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Video Intelligence Key + secretType: azure_video_intelligence_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Microsoft Azure Web App Bot Key + secretType: azure_web_app_bot_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Web Pub Sub Connection String + secretType: azure_web_pub_sub_connection_string + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Azure + supportedSecret: Azure Web Pub Sub Key + secretType: azure_web_pub_sub_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Azure + supportedSecret: Microsoft Azure Entra ID Token + secretType: microsoft_azure_entra_id_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Baidu + supportedSecret: Baidu AI API Key + secretType: baiduai_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Baidu + supportedSecret: Baidu Cloud API Access Key + secretType: baiducloud_api_accesskey + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Beamer + supportedSecret: Beamer API Key + secretType: beamer_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Bitbucket + supportedSecret: Bitbucket Server Personal Access Token + secretType: bitbucket_server_personal_access_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Bitrise + supportedSecret: Bitrise Personal Access Token + secretType: bitrise_personal_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Bitrise + supportedSecret: Bitrise Workspace API Token + secretType: bitrise_workspace_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Block Protocol + supportedSecret: Block Protocol API Key + secretType: block_protocol_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Brevo + supportedSecret: Sendinblue API Key + secretType: sendinblue_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: true + isduplicate: true +- provider: Brevo + supportedSecret: Sendinblue SMTP Key + secretType: sendinblue_smtp_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Buildkite + supportedSecret: Buildkite Agent Access Token + secretType: buildkite_agent_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Buildkite + supportedSecret: Buildkite Agent Job Token + secretType: buildkite_agent_job_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Buildkite + supportedSecret: Buildkite Agent Registration Token + secretType: buildkite_agent_registration_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Buildkite + supportedSecret: Buildkite Cluster Queue Token + secretType: buildkite_cluster_queue_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Buildkite + supportedSecret: Buildkite Cluster Token + secretType: buildkite_cluster_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Buildkite + supportedSecret: Buildkite Packages Registry Token + secretType: buildkite_packages_registry_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Buildkite + supportedSecret: Buildkite Packages Temporary Token + secretType: buildkite_packages_temporary_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Buildkite + supportedSecret: Buildkite Portal Secret + secretType: buildkite_portal_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Buildkite + supportedSecret: Buildkite Portal Token + secretType: buildkite_portal_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Buildkite + supportedSecret: Buildkite User Access Token + secretType: buildkite_user_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Canadian Digital Service + supportedSecret: Canadian Digital Service Notify API Key + secretType: cds_canada_notify_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Canva + supportedSecret: Canva App Secret + secretType: canva_app_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Canva + supportedSecret: Canva Connect API Secret + secretType: canva_connect_api_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Canva + supportedSecret: Canva Secret + secretType: canva_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Cashfree + supportedSecret: Cashfree API Key + secretType: cashfree_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Cfx.re + supportedSecret: Cfx.re Server Key + secretType: cfxre_server_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Checkout.com + supportedSecret: Checkout.com Production Secret Key + secretType: checkout_production_secret_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Checkout.com + supportedSecret: Checkout.com Test Secret Key + secretType: checkout_test_secret_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Chief Tools + supportedSecret: Chief Tools Token + secretType: chief_tools_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: CircleCI + supportedSecret: CircleCI Bot API Token + secretType: circleci_bot_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: CircleCI + supportedSecret: CircleCI Personal Access Token + secretType: circleci_personal_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: CircleCI + supportedSecret: CircleCI Project Access Token + secretType: circleci_project_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: CircleCI + supportedSecret: CircleCI Release API Token + secretType: circleci_release_integration_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Clojars + supportedSecret: Clojars Deploy Token + secretType: clojars_deploy_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Cloudflare + supportedSecret: Cloudflare Account API Token + secretType: cloudflare_account_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Cloudflare + supportedSecret: Cloudflare Global User API Key + secretType: cloudflare_global_user_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Cloudflare + supportedSecret: Cloudflare User API Token + secretType: cloudflare_user_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Cloudsmith + supportedSecret: Cloudsmith API Key + secretType: cloudsmith_api_key + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Cockroach Labs + supportedSecret: CockroachDB Cloud API Key + secretType: ccdb_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Cohere + supportedSecret: Cohere API Key + secretType: cohere_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Contentful + supportedSecret: Contentful Personal Access Token + secretType: contentful_personal_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: Contentful + supportedSecret: Contentful Web Token + secretType: contentful_web_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Contributed Systems + supportedSecret: Contributed Systems Credentials + secretType: contributed_systems_credentials + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Coveo + supportedSecret: Coveo Access Token + secretType: coveo_access_token + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Coveo + supportedSecret: Coveo API Key + secretType: coveo_api_key + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: crates.io + supportedSecret: Crates.io API Token + secretType: cratesio_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Databento + supportedSecret: Databento API Key + secretType: databento_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Databricks + supportedSecret: Databricks API Token + secretType: databricks_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: true + isduplicate: true +- provider: Databricks + supportedSecret: Databricks Account Session Token + secretType: databricks_account_session_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Databricks + supportedSecret: Databricks Federated Account Session Token + secretType: databricks_federated_account_session_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Databricks + supportedSecret: Databricks OAuth Code + secretType: databricks_oauth_code + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Databricks + supportedSecret: Databricks OAuth Refresh Token + secretType: databricks_oauth_refresh_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Databricks + supportedSecret: Databricks OAuth Secret Token + secretType: databricks_oauth_secret_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Databricks + supportedSecret: Databricks OAuth Single Use Refresh Token Child + secretType: databricks_oauth_single_use_refresh_token_child + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Databricks + supportedSecret: Databricks OAuth Single Use Refresh Token Parent + secretType: databricks_oauth_single_use_refresh_token_parent + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Databricks + supportedSecret: Databricks Scoped API Token + secretType: databricks_scoped_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Databricks + supportedSecret: Databricks Scoped Internal Token + secretType: databricks_scoped_internal_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Databricks + supportedSecret: Databricks Token + secretType: databricks_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Databricks + supportedSecret: Databricks Workspace Session Token + secretType: databricks_workspace_session_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Datadog + supportedSecret: Datadog API Key + secretType: datadog_api_key + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Datadog + supportedSecret: Datadog Application Key + secretType: datadog_app_key + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Datadog + supportedSecret: Datadog Personal Access Token + secretType: datadog_pat + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Datadog + supportedSecret: Datadog RCM + secretType: datadog_rcm + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Datadog + supportedSecret: Datadog Service Account Token + secretType: datadog_sat + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Datastax + supportedSecret: Datastax AstraCS Tokens + secretType: datastax_astracs_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: DeepSeek + supportedSecret: DeepSeek API Key + secretType: deepseek_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Defined Networking + supportedSecret: Defined Networking Managed Nebula API Key + secretType: defined_networking_nebula_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: DevCycle + supportedSecret: DevCycle Client API Key + secretType: devcycle_client_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: DevCycle + supportedSecret: DevCycle Mobile API Key + secretType: devcycle_mobile_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: DevCycle + supportedSecret: DevCycle Server API Key + secretType: devcycle_server_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: DigitalOcean + supportedSecret: DigitalOcean OAuth Token + secretType: digitalocean_oauth_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: DigitalOcean + supportedSecret: DigitalOcean Personal Access Token + secretType: digitalocean_personal_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: DigitalOcean + supportedSecret: DigitalOcean Refresh Token + secretType: digitalocean_refresh_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: DigitalOcean + supportedSecret: DigitalOcean System Token + secretType: digitalocean_system_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Discord + supportedSecret: Discord Bot Token + secretType: discord_bot_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: true +- provider: Docker + supportedSecret: Docker Organization Access Token + secretType: docker_organization_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Docker + supportedSecret: Docker Personal Access Token + secretType: docker_personal_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Docker + supportedSecret: Docker Swarm Join Token + secretType: docker_swarm_join_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Docker + supportedSecret: Docker Swarm Unlock Key + secretType: docker_swarm_unlock_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Doppler + supportedSecret: Doppler Audit Token + secretType: doppler_audit_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Doppler + supportedSecret: Doppler CLI Token + secretType: doppler_cli_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Doppler + supportedSecret: Doppler Personal Token + secretType: doppler_personal_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Doppler + supportedSecret: Doppler SCIM Token + secretType: doppler_scim_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Doppler + supportedSecret: Doppler Service Account Token + secretType: doppler_service_account_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Doppler + supportedSecret: Doppler Service Token + secretType: doppler_service_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Dropbox + supportedSecret: Dropbox Access Token + secretType: dropbox_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: Dropbox + supportedSecret: Dropbox Short-Lived Access Token + secretType: dropbox_short_lived_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: Duffel + supportedSecret: Duffel Live Access Token + secretType: duffel_live_access_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Duffel + supportedSecret: Duffel Test Access Token + secretType: duffel_test_access_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Dynatrace + supportedSecret: Dynatrace API Token + secretType: dynatrace_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Dynatrace + supportedSecret: Dynatrace Internal Token + secretType: dynatrace_internal_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: EasyPost + supportedSecret: EasyPost Production API Key + secretType: easypost_production_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: EasyPost + supportedSecret: EasyPost Test API Key + secretType: easypost_test_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: eBay + supportedSecret: eBay Production Client ID (App ID) + secretType: ebay_production_client_id,
ebay_production_client_secret + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: eBay + supportedSecret: eBay Sandbox Client ID (App ID) + secretType: ebay_sandbox_client_id,
ebay_sandbox_client_secret + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Elastic + supportedSecret: Elastic Cloud API Key + secretType: elastic_cloud_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Elastic + supportedSecret: Elastic Stack API Key + secretType: elastic_stack_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: true + isduplicate: true +- provider: Facebook + supportedSecret: Facebook Access Token + secretType: facebook_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Fastly + supportedSecret: Fastly API Token + secretType: fastly_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: true +- provider: Fieldguide + supportedSecret: Fieldguide API Token + secretType: fieldguide_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Figma + supportedSecret: Figma Personal Access Token + secretType: figma_pat + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: Figma + supportedSecret: Figma SCIM API Token + secretType: figma_scim_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Finicity + supportedSecret: Finicity App Key + secretType: finicity_app_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Firebase + supportedSecret: Firebase Cloud Messaging Server Key + secretType: firebase_cloud_messaging_server_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Flickr + supportedSecret: Flickr API Key + secretType: flickr_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Flutterwave + supportedSecret: Flutterwave Live API Secret Key + secretType: flutterwave_live_api_secret_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Flutterwave + supportedSecret: Flutterwave Test API Secret Key + secretType: flutterwave_test_api_secret_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Frame.io + supportedSecret: Frame.io Developer Token + secretType: frameio_developer_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Frame.io + supportedSecret: Frame.io JSON Web Token + secretType: frameio_jwt + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: FullStory + supportedSecret: FullStory API Key + secretType: fullstory_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: GitHub + supportedSecret: GitHub App Installation Access Token + secretType: github_app_installation_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: true + base64Supported: true + isduplicate: true +- provider: GitHub + supportedSecret: GitHub OAuth Access Token + secretType: github_oauth_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: true + base64Supported: true + isduplicate: true +- provider: GitHub + supportedSecret: GitHub Personal Access Token + secretType: github_personal_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: true + base64Supported: true + isduplicate: true +- provider: GitHub + supportedSecret: GitHub Refresh Token + secretType: github_refresh_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: true + base64Supported: true + isduplicate: true +- provider: GitHub + supportedSecret: GitHub SSH Private Key + secretType: github_ssh_private_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: true + base64Supported: false + isduplicate: false +- provider: GitHub + supportedSecret: GitHub Test Token + secretType: github_test_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: GitLab + supportedSecret: GitLab Access Token + secretType: gitlab_access_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: true + isduplicate: true +- provider: GitLab + supportedSecret: GitLab CI/CD Job Token + secretType: gitlab_ci_build_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: GitLab + supportedSecret: GitLab Deploy Token + secretType: gitlab_deploy_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: GitLab + supportedSecret: GitLab Feature Flag Client Token + secretType: gitlab_feature_flag_client_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: GitLab + supportedSecret: GitLab Feed Token + secretType: gitlab_feed_token_v2 + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: GitLab + supportedSecret: GitLab Incoming Mail Token + secretType: gitlab_incoming_email_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: GitLab + supportedSecret: GitLab Agent for Kubernetes Token + secretType: gitlab_kubernetes_agent_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: GitLab + supportedSecret: GitLab OAuth Application Secret + secretType: gitlab_oauth_app_secret + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: GitLab + supportedSecret: GitLab Pipeline Trigger Token + secretType: gitlab_pipeline_trigger_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: GitLab + supportedSecret: GitLab Runner Authentication Token + secretType: gitlab_runner_auth_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: GitLab + supportedSecret: GitLab Runner Registration Token + secretType: gitlab_runner_registration_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: GitLab + supportedSecret: GitLab SCIM Token + secretType: gitlab_scim_oauth_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: GoCardless + supportedSecret: GoCardless Live Access Token + secretType: gocardless_live_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: GoCardless + supportedSecret: GoCardless Sandbox Access Token + secretType: gocardless_sandbox_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Google + supportedSecret: Google API Key + secretType: google_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Google + supportedSecret: Google Cloud Service Account Credentials + secretType: google_cloud_service_account_credentials + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Google + supportedSecret: Google Cloud Storage Service Account Access Key ID + secretType: >- + google_cloud_storage_access_key_secret, +
google_cloud_storage_service_account_access_key_id + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Google + supportedSecret: Google Cloud Storage User Access Key ID + secretType: >- + google_cloud_storage_access_key_secret, +
google_cloud_storage_user_access_key_id + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Google + supportedSecret: GCP API Key Bound to a Service Account + secretType: google_gcp_api_key_bound_service_account + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Google + supportedSecret: Google Gemini API Key + secretType: google_gemini_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Google + supportedSecret: Google OAuth Access Token + secretType: google_oauth_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: Google + supportedSecret: Google OAuth Client ID + secretType: google_oauth_client_id,
google_oauth_client_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: true + isduplicate: true +- provider: Google + supportedSecret: Google OAuth Refresh Token + secretType: google_oauth_refresh_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: true + isduplicate: true +- provider: Grafana + supportedSecret: Grafana Cloud API Key + secretType: grafana_cloud_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Grafana + supportedSecret: Grafana Cloud API Token + secretType: grafana_cloud_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: Grafana + supportedSecret: Grafana Project API Key + secretType: grafana_project_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Grafana + supportedSecret: Grafana Project Service Account Token + secretType: grafana_project_service_account_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Groq + supportedSecret: Groq API Key + secretType: groq_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: true + isduplicate: true +- provider: GuardSquare + supportedSecret: GuardSquare AppSweep API Key + secretType: guardsquare_appsweep_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: GuardSquare + supportedSecret: GuardSquare CLI Access Token + secretType: guardsquare_cli_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: GuardSquare + supportedSecret: GuardSquare Maven Token + secretType: guardsquare_maven_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Hack Club + supportedSecret: Hack Club AI Key + secretType: hackclub_ai_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: HashiCorp + supportedSecret: HashiCorp Vault Batch Token + secretType: hashicorp_vault_batch_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: HashiCorp + supportedSecret: HashiCorp Vault Root Service Token + secretType: hashicorp_vault_root_service_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: HashiCorp + supportedSecret: HashiCorp Vault Service Token + secretType: hashicorp_vault_service_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: HashiCorp + supportedSecret: Terraform Cloud / Enterprise API Token + secretType: terraform_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: hCaptcha + supportedSecret: hCaptcha Siteverify Secret + secretType: hcaptcha_siteverify_secret + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Heroku + supportedSecret: Heroku Platform API OAuth2 Token + secretType: heroku_platform_api_oauth2_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Heroku + supportedSecret: Heroku Postgres Connection URL + secretType: heroku_postgres_connection_url + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Highnote + supportedSecret: Highnote RK Live Key + secretType: highnote_rk_live_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Highnote + supportedSecret: Highnote RK Test Key + secretType: highnote_rk_test_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Highnote + supportedSecret: Highnote SK Live Key + secretType: highnote_sk_live_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Highnote + supportedSecret: Highnote SK Test Key + secretType: highnote_sk_test_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: HOP + supportedSecret: HOP Bearer + secretType: hop_bearer + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: HOP + supportedSecret: HOP PAT + secretType: hop_pat + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: HOP + supportedSecret: HOP PTK + secretType: hop_ptk + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Hubspot + supportedSecret: Hubspot API Key + secretType: hubspot_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Hubspot + supportedSecret: Hubspot Personal Access Key + secretType: hubspot_personal_access_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Hubspot + supportedSecret: Hubspot Private Apps User Token + secretType: hubspot_private_apps_user_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Hubspot + supportedSecret: Hubspot SMTP Credential + secretType: hubspot_smtp_credential + isPublic: true + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Hugging Face + supportedSecret: Hugging Face Organization API Token + secretType: hf_org_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Hugging Face + supportedSecret: Hugging Face User Access Token + secretType: hf_user_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: true + isduplicate: true +- provider: IBM + supportedSecret: IBM Cloud IAM Key + secretType: ibm_cloud_iam_key + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Intercom + supportedSecret: Intercom Access Token + secretType: intercom_access_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: Ionic + supportedSecret: Ionic Personal Access Token + secretType: ionic_personal_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Ionic + supportedSecret: Ionic Refresh Token + secretType: ionic_refresh_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Iterative + supportedSecret: DVC Studio Access Token + secretType: iterative_dvc_studio_access_token + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: JFrog + supportedSecret: JFrog Platform Access Token + secretType: jfrog_platform_access_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: JFrog + supportedSecret: JFrog Platform API Key + secretType: jfrog_platform_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: JFrog + supportedSecret: JFrog Platform Reference Token + secretType: jfrog_platform_reference_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: true + isduplicate: true +- provider: Langchain + supportedSecret: LangSmith Personal Access Token + secretType: langchain_api_personal_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Langchain + supportedSecret: LangSmith Service Key + secretType: langchain_api_server_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Langchain + supportedSecret: LangSmith License Key + secretType: langsmith_license_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Langchain + supportedSecret: LangSmith SCIM Bearer Token + secretType: langsmith_scim_bearer_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Lark + supportedSecret: Lark APaaS Client Secret + secretType: lark_apaas_client_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Lark + supportedSecret: Lark Application Secret + secretType: lark_app_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Lark + supportedSecret: Lark MCP Grant Token + secretType: lark_mcp_grant_token + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Lark + supportedSecret: Lark Meego Plugin Secret + secretType: lark_meego_plugin_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Lark + supportedSecret: Lark User Session + secretType: lark_user_session + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: LaunchDarkly + supportedSecret: LaunchDarkly API Token + secretType: launchdarkly_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Lichess + supportedSecret: Lichess OAuth Access Token + secretType: lichess_oauth_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Lichess + supportedSecret: Lichess Personal Access Token + secretType: lichess_personal_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Lightspeed + supportedSecret: Lightspeed Personal Access Token + secretType: lightspeed_xs_pat + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Limbar + supportedSecret: Limbar Token + secretType: limbar_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Linear + supportedSecret: Linear API Key + secretType: linear_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Linear + supportedSecret: Linear OAuth Access Token + secretType: linear_oauth_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: LinkedIn + supportedSecret: LinkedIn Client Secret + secretType: linkedin_client_secret + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Lob + supportedSecret: Lob Live API Key + secretType: lob_live_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Lob + supportedSecret: Lob Test API Key + secretType: lob_test_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Localstack + supportedSecret: Localstack API Key + secretType: localstack_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: LogicMonitor + supportedSecret: LogicMonitor Bearer Token + secretType: logicmonitor_bearer_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: LogicMonitor + supportedSecret: LogicMonitor LMv1 Access Key + secretType: logicmonitor_lmv1_access_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Login with Amazon + supportedSecret: Login with Amazon OAuth Client ID + secretType: amazon_oauth_client_id,
amazon_oauth_client_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Mailchimp + supportedSecret: Mailchimp API Key + secretType: mailchimp_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: Mailchimp + supportedSecret: Mandrill API Key + secretType: mandrill_api_key + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Mailersend + supportedSecret: Mailersend API Token + secretType: mailersend_api_token + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Mailersend + supportedSecret: Mailersend SMTP Password + secretType: mailersend_smtp_password + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Mailersend + supportedSecret: Mailersend SMTP Username + secretType: mailersend_smtp_username + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Mailgun + supportedSecret: Mailgun API Key + secretType: mailgun_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: true +- provider: Mailgun + supportedSecret: Mailgun SMTP Credential + secretType: mailgun_smtp_credential + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Mapbox + supportedSecret: Mapbox Secret Access Token + secretType: mapbox_secret_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: MaxMind + supportedSecret: MaxMind License Key + secretType: maxmind_license_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Meraki + supportedSecret: Meraki Dashboard API Key + secretType: meraki_api_key + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Mercury + supportedSecret: Mercury Non-Production API Token + secretType: mercury_non_production_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Mercury + supportedSecret: Mercury Production API Token + secretType: mercury_production_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Mergify + supportedSecret: Mergify Application Key + secretType: mergify_application_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: MessageBird + supportedSecret: MessageBird API Key + secretType: messagebird_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Microsoft + supportedSecret: Power Automate Webhook SAS + secretType: power_automate_webhook_sas + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Midtrans + supportedSecret: Midtrans Production Server Key + secretType: midtrans_production_server_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Midtrans + supportedSecret: Midtrans Sandbox Server Key + secretType: midtrans_sandbox_server_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Mistral AI + supportedSecret: Mistral AI API Key + secretType: mistral_ai_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: MongoDB + supportedSecret: MongoDB Atlas Database URI with credentials + secretType: mongodb_atlas_db_uri_with_credentials + isPublic: true + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: MongoDB + supportedSecret: MongoDB Atlas Service Account Secret + secretType: mongodb_atlas_service_account_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Naver Cloud + supportedSecret: Naver Cloud Gov Access Key ID + secretType: navercloud_gov_access_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Naver Cloud + supportedSecret: Naver Cloud Gov Secret Key + secretType: navercloud_gov_access_key_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Naver Cloud + supportedSecret: Naver Cloud Gov Secure Token Service + secretType: navercloud_gov_sts + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Naver Cloud + supportedSecret: Naver Cloud Gov Secure Token Service Secret + secretType: navercloud_gov_sts_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Naver Cloud + supportedSecret: Naver Cloud Access Key ID + secretType: navercloud_pub_access_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Naver Cloud + supportedSecret: Naver Cloud Secret Key + secretType: navercloud_pub_access_key_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Naver Cloud + supportedSecret: Naver Cloud Secure Token Service + secretType: navercloud_pub_sts + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Naver Cloud + supportedSecret: Naver Cloud Secure Token Service Secret + secretType: navercloud_pub_sts_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Neon + supportedSecret: Neon API Key + secretType: neon_api_key + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Neon + supportedSecret: Neon Connection URI + secretType: neon_connection_uri + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Netflix + supportedSecret: Netflix NetKey + secretType: netflix_netkey + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: New Relic + supportedSecret: New Relic Insights Query Key + secretType: new_relic_insights_query_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: New Relic + supportedSecret: New Relic License Key + secretType: new_relic_license_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: New Relic + supportedSecret: New Relic Personal API Key + secretType: new_relic_personal_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: New Relic + supportedSecret: New Relic REST API Key + secretType: new_relic_rest_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Notion + supportedSecret: Notion API Token + secretType: notion_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: Notion + supportedSecret: Notion Integration Token + secretType: notion_integration_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: Notion + supportedSecret: Notion OAuth Client Secret + secretType: notion_oauth_client_secret + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: npm + supportedSecret: npm Access Token + secretType: npm_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: true +- provider: NuGet + supportedSecret: NuGet API Key + secretType: nuget_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Octopus Deploy + supportedSecret: Octopus Deploy API Key + secretType: octopus_deploy_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Oculus + supportedSecret: Oculus Access Token + secretType: oculus_access_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: OneChronos + supportedSecret: OneChronos API Token + secretType: onechronos_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: OneChronos + supportedSecret: OneChronos Expressive Bidding API Key + secretType: onechronos_eb_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: OneChronos + supportedSecret: OneChronos Expressive Bidding Encryption Key + secretType: onechronos_eb_encryption_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: OneChronos + supportedSecret: OneChronos OAuth Token + secretType: onechronos_oauth_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: OneChronos + supportedSecret: OneChronos Refresh Token + secretType: onechronos_refresh_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: OneSignal + supportedSecret: OneSignal Rich API Key + secretType: onesignal_rich_authentication_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Onfido + supportedSecret: Onfido Live API Token + secretType: onfido_live_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Onfido + supportedSecret: Onfido Sandbox API Token + secretType: onfido_sandbox_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: OpenAI + supportedSecret: OpenAI API Key + secretType: openai_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: true +- provider: OpenRouter + supportedSecret: OpenRouter API Key + secretType: openrouter_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: OpenVSX + supportedSecret: OpenVSX Access Token + secretType: openvsx_access_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Openweather + supportedSecret: Openweather API Key + secretType: openweather_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Oracle + supportedSecret: Oracle API Key + secretType: oracle_api_key + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Orbit + supportedSecret: Orbit API Token + secretType: orbit_api_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Paddle + supportedSecret: Paddle API Key + secretType: paddle_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Paddle + supportedSecret: Paddle Sandbox API Key + secretType: paddle_sandbox_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: PagerDuty + supportedSecret: PagerDuty OAuth Secret + secretType: pagerduty_oauth_secret + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: PagerDuty + supportedSecret: PagerDuty OAuth Token + secretType: pagerduty_oauth_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Palantir + supportedSecret: Palantir JSON Web Token + secretType: palantir_jwt + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Pangea + supportedSecret: Pangea Token + secretType: pangea_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Perplexity + supportedSecret: Perplexity API Key + secretType: perplexity_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Persona Identities + supportedSecret: Persona Production Api Key + secretType: persona_production_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Persona Identities + supportedSecret: Persona Sandbox Api Key + secretType: persona_sandbox_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Pineapple Technologies Limited + supportedSecret: Pineapple Technologies Incident API Key + secretType: pineapple_technologies_incident_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Pinecone + supportedSecret: Pinecone API Key + secretType: pinecone_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Pinterest + supportedSecret: Pinterest Access Token + secretType: pinterest_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Pinterest + supportedSecret: Pinterest Refresh Token + secretType: pinterest_refresh_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: PlanetScale + supportedSecret: PlanetScale Database Password + secretType: planetscale_database_password + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: PlanetScale + supportedSecret: PlanetScale OAuth Token + secretType: planetscale_oauth_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: PlanetScale + supportedSecret: PlanetScale Service Token + secretType: planetscale_service_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Planning Center + supportedSecret: Planning Center OAuth Access Token + secretType: planning_center_oauth_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Planning Center + supportedSecret: Planning Center OAuth Application Secret + secretType: planning_center_oauth_app_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Planning Center + supportedSecret: Planning Center Personal Access Token + secretType: planning_center_personal_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Plivo + supportedSecret: Plivo Auth ID + secretType: plivo_auth_id,
plivo_auth_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Polar + supportedSecret: Polar Access Token + secretType: polar_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Polar + supportedSecret: Polar Authorization Code + secretType: polar_authorization_code + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Polar + supportedSecret: Polar Client Registration Token + secretType: polar_client_registration_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Polar + supportedSecret: Polar Client Secret + secretType: polar_client_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Polar + supportedSecret: Polar Customer Session Token + secretType: polar_customer_session_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Polar + supportedSecret: Polar Personal Access Token + secretType: polar_personal_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Polar + supportedSecret: Polar Refresh Token + secretType: polar_refresh_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Polar + supportedSecret: Polar User Session Token + secretType: polar_user_session_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: PostHog + supportedSecret: PostHog Feature Flags Secure API Key + secretType: posthog_feature_flags_secure_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: PostHog + supportedSecret: PostHog OAuth Access Token + secretType: posthog_oauth_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: PostHog + supportedSecret: PostHog OAuth Refresh Token + secretType: posthog_oauth_refresh_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: PostHog + supportedSecret: PostHog Personal API Key + secretType: posthog_personal_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Postman + supportedSecret: Postman API Key + secretType: postman_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: Postman + supportedSecret: Postman Collection Key + secretType: postman_collection_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Prefect + supportedSecret: Prefect Server API Key + secretType: prefect_server_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Prefect + supportedSecret: Prefect User API Key + secretType: prefect_user_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Proctorio + supportedSecret: Proctorio Consumer Key + secretType: proctorio_consumer_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Proctorio + supportedSecret: Proctorio Linkage Key + secretType: proctorio_linkage_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Proctorio + supportedSecret: Proctorio Registration Key + secretType: proctorio_registration_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Proctorio + supportedSecret: Proctorio Secret Key + secretType: proctorio_secret_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Proof + supportedSecret: Proof Full Access API Key + secretType: proof_full_access_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Pulumi + supportedSecret: Pulumi Access Token + secretType: pulumi_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: PyPI + supportedSecret: PyPI API Token + secretType: pypi_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Rainforest Pay + supportedSecret: Rainforest API Key + secretType: rainforest_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Rainforest Pay + supportedSecret: Rainforest Sandbox API Key + secretType: rainforest_sandbox_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Ramp + supportedSecret: Ramp OAuth Client ID + secretType: ramp_client_id + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Ramp + supportedSecret: Ramp OAuth Client Secret + secretType: ramp_client_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Ramp + supportedSecret: Ramp OAuth Access or Refresh Token + secretType: ramp_oauth_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Raycast + supportedSecret: Raycast Access Token + secretType: raycast_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: ReadMe + supportedSecret: ReadMe API Key + secretType: readmeio_api_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: redirect.pizza + supportedSecret: redirect.pizza API Token + secretType: redirect_pizza_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Replicate + supportedSecret: Replicate API Token + secretType: replicate_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Rootly + supportedSecret: Rootly API Key + secretType: rootly_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: RubyGems + supportedSecret: RubyGems API Key + secretType: rubygems_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: RunPod + supportedSecret: RunPod API Key + secretType: runpod_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Salesforce + supportedSecret: Salesforce Access Token + secretType: salesforce_access_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Salesforce + supportedSecret: Salesforce Marketing Cloud API OAuth2 Token + secretType: salesforce_marketing_cloud_api_oauth2_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Salesforce + supportedSecret: Salesforce OAuth2 Consumer Key + secretType: salesforce_oauth2_consumer_key,
salesforce_oauth2_consumer_secret + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Salesforce + supportedSecret: Salesforce Refresh Token + secretType: salesforce_refresh_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Samsara + supportedSecret: Samsara API Token + secretType: samsara_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Samsara + supportedSecret: Samsara OAuth Access Token + secretType: samsara_oauth_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Scalr + supportedSecret: Scalr API Token + secretType: scalr_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Segment + supportedSecret: Segment Public API Token + secretType: segment_public_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: SendGrid + supportedSecret: SendGrid API Key + secretType: sendgrid_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: Sentry + supportedSecret: Sentry Integration Token + secretType: sentry_integration_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Sentry + supportedSecret: Sentry Organization Token + secretType: sentry_organization_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Sentry + supportedSecret: Sentry Personal Token + secretType: sentry_personal_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Sentry + supportedSecret: Sentry User App Auth Token + secretType: sentry_user_app_auth_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Shippo + supportedSecret: Shippo Live API Token + secretType: shippo_live_api_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Shippo + supportedSecret: Shippo Test API Token + secretType: shippo_test_api_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Shopee + supportedSecret: Shopee Open Platform Partner Key + secretType: shopee_open_platform_partner_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Shopify + supportedSecret: Shopify Access Token + secretType: shopify_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Shopify + supportedSecret: Shopify App Client Credentials + secretType: shopify_app_client_credentials + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Shopify + supportedSecret: Shopify App Client Secret + secretType: shopify_app_client_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Shopify + supportedSecret: Shopify App Shared Secret + secretType: shopify_app_shared_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Shopify + supportedSecret: Shopify Custom App Access Token + secretType: shopify_custom_app_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Shopify + supportedSecret: Shopify Marketplace Token + secretType: shopify_marketplace_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Shopify + supportedSecret: Shopify Merchant Token + secretType: shopify_merchant_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Shopify + supportedSecret: Shopify Partner API Token + secretType: shopify_partner_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Shopify + supportedSecret: Shopify Private App Password + secretType: shopify_private_app_password + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: '{% ifversion ghes %}false{% else %}true{% endif %}' + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Siemens + supportedSecret: Siemens API Token + secretType: siemens_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Siemens + supportedSecret: Siemens Code Token + secretType: siemens_code_token + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Sindri + supportedSecret: Sindri API Key + secretType: sindri_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Slack + supportedSecret: Slack API Token + secretType: slack_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: true +- provider: Slack + supportedSecret: Slack Incoming Webhook URL + secretType: slack_incoming_webhook_url + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Slack + supportedSecret: Slack Workflow Trigger URL + secretType: slack_workflow_trigger_url + isPublic: false + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Slack + supportedSecret: Slack Workflow Webhook URL + secretType: slack_workflow_webhook_url + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Snowflake + supportedSecret: SFPG Connection String + secretType: snowflake_postgres_connection_string + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Snowflake + supportedSecret: SFPG Host + secretType: snowflake_postgres_host,
snowflake_postgres_password + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Snowflake + supportedSecret: Snowflake Programmatic Access Token + secretType: snowflake_programmatic_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Sourcegraph + supportedSecret: Sourcegraph Access Token + secretType: sourcegraph_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Sourcegraph + supportedSecret: Sourcegraph Dotcom User Gateway Access Token + secretType: sourcegraph_dotcom_user_gateway + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Sourcegraph + supportedSecret: Sourcegraph Access Token with Instance Identifier + secretType: sourcegraph_instance_identifier_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Sourcegraph + supportedSecret: Sourcegraph License Key Token + secretType: sourcegraph_license_key_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Sourcegraph + supportedSecret: Sourcegraph Product Subscription Token + secretType: sourcegraph_product_subscription_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Square + supportedSecret: Square Access Token + secretType: square_access_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: Square + supportedSecret: Square Production Application Secret + secretType: square_production_application_secret + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Square + supportedSecret: Square Sandbox Application Secret + secretType: square_sandbox_application_secret + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: SSLMate + supportedSecret: SSLMate API Key + secretType: sslmate_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: SSLMate + supportedSecret: SSLMate Cluster Secret + secretType: sslmate_cluster_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Stripe + supportedSecret: Stripe API Key + secretType: stripe_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: Stripe + supportedSecret: Stripe Legacy API Key + secretType: stripe_legacy_api_key + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Stripe + supportedSecret: Stripe Live API Restricted Key + secretType: stripe_live_restricted_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Stripe + supportedSecret: Stripe Test API Restricted Key + secretType: stripe_test_restricted_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Stripe + supportedSecret: Stripe Test API Secret Key + secretType: stripe_test_secret_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: Stripe + supportedSecret: Stripe Webhook Signing Secret + secretType: stripe_webhook_signing_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Supabase + supportedSecret: Supabase OAuth Access Token + secretType: supabase_oauth_access_token + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Supabase + supportedSecret: Supabase Personal Access Token + secretType: supabase_personal_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Supabase + supportedSecret: Supabase Personal Access Token (scoped) + secretType: supabase_scoped_personal_access_token + isPublic: true + isPrivateWithGhas: false + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Supabase + supportedSecret: Supabase Secret Key + secretType: supabase_secret_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Tableau + supportedSecret: Tableau Personal Access Token + secretType: tableau_personal_access_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Tailscale + supportedSecret: Tailscale API Key + secretType: tailscale_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: Telegram + supportedSecret: Telegram Bot Token + secretType: telegram_bot_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: Telnyx + supportedSecret: Telnyx API V2 Key + secretType: telnyx_api_v2_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Temporal + supportedSecret: Temporal Cloud API Key + secretType: temporal_cloud_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Tencent + supportedSecret: Tencent Cloud International Access Token + secretType: tencent_cloud_intl_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Tencent + supportedSecret: Tencent Cloud Secret ID + secretType: tencent_cloud_secret_id + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Tencent + supportedSecret: Tencent WeChat API App ID + secretType: tencent_wechat_api_app_id + isPublic: true + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Tencent + supportedSecret: Tencent WeChat Pay Token + secretType: tencent_wechat_pay_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Thunderstore + supportedSecret: Thunderstore IO API Token + secretType: thunderstore_io_api_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Twilio + supportedSecret: Twilio Access Token + secretType: twilio_access_token + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Twilio + supportedSecret: Twilio Account String Identifier + secretType: twilio_account_sid + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: true + isduplicate: true +- provider: Twilio + supportedSecret: Twilio API Key + secretType: twilio_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Typeform + supportedSecret: Typeform Personal Access Token + secretType: typeform_personal_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Uniwise + supportedSecret: WISEflow API Key + secretType: wiseflow_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Unkey + supportedSecret: Unkey Root Key + secretType: unkey_root_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Val Town + supportedSecret: Val Town API Token + secretType: val_town_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Vercel + supportedSecret: Vercel API Key + secretType: vercel_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Vercel + supportedSecret: Vercel App Refresh Token + secretType: vercel_app_refresh_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Vercel + supportedSecret: Vercel App User Access Token + secretType: vercel_app_user_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Vercel + supportedSecret: Vercel Integration Access Token + secretType: vercel_integration_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Vercel + supportedSecret: Vercel Personal Access Token + secretType: vercel_personal_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Vercel + supportedSecret: Vercel Support Access Token + secretType: vercel_support_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: VolcEngine + supportedSecret: VolcEngine Access Key ID + secretType: volcengine_access_key_id + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: VolcEngine + supportedSecret: VolcEngine Ark API Key + secretType: volcengine_ark_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: false + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Wakatime + supportedSecret: WakaTime API Key + secretType: wakatime_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Wakatime + supportedSecret: WakaTime App Secret + secretType: wakatime_app_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Wakatime + supportedSecret: WakaTime OAuth Access Token + secretType: wakatime_oauth_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Wakatime + supportedSecret: WakaTime OAuth Refresh Token + secretType: wakatime_oauth_refresh_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Weatherstack + supportedSecret: Weatherstack API Key + secretType: weatherstack_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Weights & Biases + supportedSecret: Weights & Biases API Key + secretType: wandb_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Workato + supportedSecret: Workato Developer API Token + secretType: workato_developer_api_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: WorkOS + supportedSecret: WorkOS Production API Key + secretType: workos_production_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: WorkOS + supportedSecret: WorkOS Staging API Key + secretType: workos_staging_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: true +- provider: WSO2 + supportedSecret: WSO2 Choreo Personal Access Token + secretType: wso2_choreo_personal_access_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: xAI + supportedSecret: xAI API Key + secretType: xai_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: '{% ifversion ghes %}false{% else %}true{% endif %}' + base64Supported: false + isduplicate: false +- provider: Yandex + supportedSecret: Yandex.Cloud API Key + secretType: yandex_cloud_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Yandex + supportedSecret: Yandex.Cloud Access Secret + secretType: yandex_cloud_iam_access_secret + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Yandex + supportedSecret: Yandex.Cloud IAM Cookie + secretType: yandex_cloud_iam_cookie + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Yandex + supportedSecret: Yandex.Cloud IAM Token + secretType: yandex_cloud_iam_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Yandex + supportedSecret: Yandex.Cloud Smartchapta Server Key + secretType: yandex_cloud_smartcaptcha_server_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Yandex + supportedSecret: Yandex.Dictionary API Key + secretType: yandex_dictionary_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Yandex + supportedSecret: Yandex.Passport OAuth Token + secretType: yandex_passport_oauth_token + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Yandex + supportedSecret: Yandex.Predictor API Key + secretType: yandex_predictor_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Yandex + supportedSecret: Yandex.Translate API Key + secretType: yandex_translate_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: ZenHub + supportedSecret: ZenHub Personal API Key + secretType: zenhub_personal_api_key + isPublic: false + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: false + hasExtendedMetadata: false + base64Supported: false + isduplicate: false +- provider: Zuplo + supportedSecret: Zuplo Consumer API Key + secretType: zuplo_consumer_api_key + isPublic: true + isPrivateWithGhas: true + hasPushProtection: true + hasValidityCheck: true + hasExtendedMetadata: false + base64Supported: false + isduplicate: false