this post was submitted on 19 May 2026
582 points (99.7% liked)
Technology
84796 readers
3607 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I'm surprised whatever software the keys were for didn't detect this and deactivate the keys. Discord did this automatically when I pushed a file to github that had a bot login token in it. Apparently Discord constantly scans github for such things, or maybe github does and sends Discord a msg, I dunno. But it was amazingly fast, like within 2 minutes.
that feature was probably deactivated, just like the feature on github which prevents uploading of SSH keys that had been explicitly disabled
No, I just checked - it's part of github's "Secret Scanning", which checks pushes for secret values and notifies partner services (like Discord) to deactivate them.