Since the secret was unintentionally made public in a public GitHub repository, GitHub changed its private SSH key for GitHub.com. The private RSA key was only “briefly” revealed, according to the software development and version control service, but it still took precautions out of “an abundance of caution.”
The RSA SSH private key for GitHub.com was ephemerally exposed in a public GitHub repository, according to a brief blog post released today by GitHub. It’s noteworthy how soon after GitHub launched secrets scanning for all public repos the discovery was made.