Renaming secret scanning experimental alerts to generic alerts

Alerts for non-provider patterns and Copilot-detected passwords are now categorized as generic instead of experimental. This change applies to alert filters and the secondary inbox in your alert list views.

Non-provider patterns and Copilot secret scanning were made generally available in October 2024, after careful iteration to reach the level of quality you’ve come to know and expect from provider-based patterns. These alerts are not considered experimental and should be remediated in accordance with your organization’s standard policies.

Detection for these secret types are available for repositories with a GitHub Advanced Security license. They can be enabled through your repository settings or organization and enterprise code security configurations.

Learn more about how to secure your repositories with our documentation on secret scanning.

JUN.17Improvement
Secret scanning updates – June 2026
- Application Security
JUN.16Release
GitHub Code Quality generally available July 20, 2026
- Application Security
JUN.16Release
Organization-level enablement for GitHub Code Quality
- Application Security
JUN.10Improvement
Incremental analysis for Go, C/C++, and CodeQL CLI
- Application Security
JUN.10Improvement
Dedicated security review command now available in Copilot CLI
- Application Security
JUN.9Release
Periodic code scanning of inactive repositories
- Application Security
JUN.9Improvement
Security validation for third-party coding agents
- Application Security
JUN.5Improvement
CodeQL 2.25.6 adds Swift 6.3.2 support and improves C# coverage
- Application Security
JUN.2Release
Cloud and local sandboxes for GitHub Copilot now in public preview
- Application Security

Renaming secret scanning experimental alerts to generic alerts

Related Posts

Subscribe to our developer newsletter