Vercel has rolled out new token formats and enhanced secret scanning capabilities to bolster platform security. The system now automatically revokes Vercel API credentials if they are inadvertently committed to public GitHub repositories, gists, or npm packages, with users receiving notifications to review discovered threats.
Source: Vercel