ggshield v1.19.1 releases: Detect secret in source code, scan your repo for leaks

GitGuardian Shield: protect your secrets with GitGuardian

GitGuardian shield (ggshield) is a CLI application that runs in your local environment or in a CI environment to help you detect more than 300 types of secrets, as well as other potential security vulnerabilities or policy breaks.

GitGuardian shield uses our public API through py-gitguardian to scan and detect potential secrets on files and other text content.

Only metadata such as call time, request size, and scan mode is stored from scans using GitGuardian shield, therefore secrets and policy breaks incidents will not be displayed on your dashboard and your files and secrets won’t be stored.

You’ll need an API Key from GitGuardian to use ggshield.

Currently supported integrations

• Azure Pipelines
• Bitbucket Pipelines
• Circle CI Orbs
• Docker
• Drone
• GitHub Actions
• GitLab
• Jenkins
• Pre-commit hooks
• Pre-push hooks
• Pre-receive hooks
• Travis CI

Changelog v1.19.1

Removed

• ggshield now refuses to install on python < 3.8

Added

HMSL

• Added new ggshield hmsl check-secret-manager hashicorp-vault command to scan secrets of an HashiCorp Vault instance.

Changed

• Help messages have been improved and are now kept in sync with ggshield online reference documentation.

Fixed

• Fixed a typo in the command suggested to tell git a directory is safe.
• The bug on Gitlab CI for IaC and SCA, failing because git does not access the target branch in a merge request is fixed. Now fetches the target branch in the CI env before collecting commit shas.
• Fix IaC and SCA scan commands in Windows

Install & Use

Copyright (c) 2019 GitGuardian