[{"data":1,"prerenderedAt":89},["ShallowReactive",2],{"blog-oidc-support-enhances-security-for-dependabot-and-code-scanning":3},{"_path":4,"_dir":5,"_draft":6,"_partial":6,"_locale":7,"title":8,"description":9,"date":10,"tags":11,"cover":16,"body":17,"_type":83,"_id":84,"_source":85,"_file":86,"_stem":87,"_extension":88},"/blog/oidc-support-enhances-security-for-dependabot-and-code-scanning","blog",false,"","OIDC Support Enhances Security for Dependabot and Code Scanning","GitHub introduces OpenID Connect (OIDC) authentication for private registries at the organization level, eliminating stored long-lived credentials.","2026-04-14",[12,13,14,15],"devsecops","github","oidc","security",true,{"type":18,"children":19,"toc":77},"root",[20,29,35,41,46,52,72],{"type":21,"tag":22,"props":23,"children":25},"element","h2",{"id":24},"introducing-oidc-support-for-dependabot-and-code-scanning",[26],{"type":27,"value":28},"text","Introducing OIDC Support for Dependabot and Code Scanning",{"type":21,"tag":30,"props":31,"children":32},"p",{},[33],{"type":27,"value":34},"GitHub has enabled OpenID Connect (OIDC) authentication for Dependabot and code scanning tools when accessing private registries configured at the organization level. This update marks a significant improvement in managing authentication securely without relying on stored credentials.",{"type":21,"tag":22,"props":36,"children":38},{"id":37},"why-this-matters",[39],{"type":27,"value":40},"Why This Matters",{"type":21,"tag":30,"props":42,"children":43},{},[44],{"type":27,"value":45},"Previously, managing access to private registries often required storing long-lived credentials as repository secrets. These credentials pose security risks if compromised. By adopting OIDC, GitHub eliminates this need, enabling transient, token-based authentication that is more secure and easier to manage.",{"type":21,"tag":22,"props":47,"children":49},{"id":48},"benefits-for-organizations",[50],{"type":27,"value":51},"Benefits for Organizations",{"type":21,"tag":53,"props":54,"children":55},"ul",{},[56,62,67],{"type":21,"tag":57,"props":58,"children":59},"li",{},[60],{"type":27,"value":61},"Enhanced security by removing long-lived secrets from repos",{"type":21,"tag":57,"props":63,"children":64},{},[65],{"type":27,"value":66},"Streamlined authentication workflows for Dependabot and code scanning",{"type":21,"tag":57,"props":68,"children":69},{},[70],{"type":27,"value":71},"Improved compliance through transient, short-lived tokens",{"type":21,"tag":30,"props":73,"children":74},{},[75],{"type":27,"value":76},"This advancement reflects GitHub's ongoing commitment to securing the software supply chain and simplifying developers' workflows.",{"title":7,"searchDepth":78,"depth":78,"links":79},2,[80,81,82],{"id":24,"depth":78,"text":28},{"id":37,"depth":78,"text":40},{"id":48,"depth":78,"text":51},"markdown","content:blog:oidc-support-enhances-security-for-dependabot-and-code-scanning.md","content","blog/oidc-support-enhances-security-for-dependabot-and-code-scanning.md","blog/oidc-support-enhances-security-for-dependabot-and-code-scanning","md",1776928761424]