Summary
This feature extends support for secret scanning to private repositories. For private repositories, GitHub does not automatically send a request to the issuer to revoke the checked-in token. Instead, results are displayed to repo/org admins in the GitHub UI for them to triage.

Intended Outcome
Token leaks are one of the most common security mistakes, and they can have severe consequences. GitHub secret scanning already looks for leaked tokens in public repositories and works with the token-issuer to notify the developer and in some cases automatically revoke the token.

How will it work?
Secret scanning for private repositories will provide more configuration, including the ability to exclude paths and files using config-as-code. In future it will also provide reporting at the organization level.