### Proposal In https://gitlab.com/gitlab-org/gitlab/-/issues/368434+, we added limited client-side secret detection to help prevent accidental leaks of [Personal Access Tokens](https://docs.gitlab.com/ee/security/token_overview.html#personal-access-tokens) (PATs) and [Feed Tokens](https://docs.gitlab.com/ee/security/token_overview.html#feed-token). Other patterns were added later (for example in https://gitlab.com/gitlab-org/gitlab/-/merge_requests/146757). This was an consciously limited first iteration, aimed at preventing certain leaks without waiting for broader re-architecture, such as https://gitlab.com/gitlab-org/gitlab/-/issues/376716 / https://gitlab.com/groups/gitlab-org/-/epics/8667. We should expand the level of protection this feature offers so it aligns with the ruleset and detection techniques used in GitLab Secret Detection.