ggshield

Jan 1, 0001

Definition

ggshield is a command-line tool developed by GitGuardian that is designed to detect and prevent the leakage of sensitive information such as API keys, tokens, and other secrets in source code repositories. It integrates seamlessly with Git workflows, providing real-time scanning capabilities to identify and mitigate potential security risks before they are committed to a repository. ggshield can be used locally by developers or integrated into CI/CD pipelines to enforce security policies across the development lifecycle.

Secure Settings Example

# .gitguardian.yml
secrets:
  ignore_known_secrets: true
  ignore_paths:
    - "tests/"
    - "docs/"
  exit_zero: false
  verbose: true

Insecure Settings Example

# .gitguardian.yml
secrets:
  ignore_known_secrets: false
  ignore_paths: []
  exit_zero: true
  verbose: false

ggshield

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter