Must Do Secret Scanning in Git and GitHub Repos.
Everyone needs to do scanning before any potential risk happen.
This is a critical task most of the developers forget to implement.
Secret Scanning must be done in two areas local and central repo.
What is Talisman?
Talisman is a tool that installs a hook to your repository to ensure that potential secrets or sensitive information do not leave the developer's workstation. It validates the outgoing changeset for things that look suspicious - such as potential SSH keys, authorization tokens, private keys etc. Talisman can also be used as a repository history scanner to detect secrets that have already been checked in, so that you can take an informed decision to safeguard secrets.
Check the official Talisman document for Installation and configuration.
Enabling the Secret Scanning Setting in GitHub Repo:
On GitHub.com, navigate to the main page of the repository.
Under your repository name, click Settings. If you cannot see the "Settings" tab, select the dropdown menu, then click Settings.
In the "Security" section of the sidebar, click Code security and analysis.
Scroll down to the bottom of the page, and click Enable for secret scanning. If you see a Disable button, it means that secret scanning is already enabled for the repository.
Check This GitHub Official documentation for full details.