Github protects your secret keys from accidental push

Github released advanced security feature of push protection for users to protect their secrets getting accidentally pushed to their public github repositories. Push protection prevents secret leaks without compromising the developer experience by scanning for highly identifiable secrets before they are pushed. When a secret is detected in code, developers are prompted directly in their IDE or command line interface with remediation guidance to ensure that the secret is never exposed.

For github private repositories, it can be enabled by Github Advanced security. Go to Settings -> Code Security and analysis -> Secret Scanning and then enable it. 

                                                         source: https://github.blog/

A custom resource link can also be specified that will appear in the CLI and web UI when push protection blocks a commit. You can open the link and say it is okay to push the secret or block the secret. 

You can also add patterns to find the secrets related to your use-cases. To know more about it, refer github doc page. These alerts are generated for the provider and partner as well. Thanks to Github push protection!