Skip to main content

ggshield secret ignore


The secret ignore command instructs ggshield to ignore secrets it finds during a scan. This command needs to be used with an option to determine which secrets it should ignore. For now, it only handles the --last-found option that ignores all the secrets found by the last run scan command.

Under the hood, every time the command is run, these secrets are added to the secrets.ignored-matches section of your local configuration file. If no local configuration file is found, a .gitguardian.yaml file is created.

ggshield secret ignore [OPTIONS]


  • --last-found: ignore all secrets found by the last scan

ggshield global options#

  • -h, --help: display detailed help

See also#

Warning: Using this command will discard any comments present in the config file.

Note: ggshield does not share its ignored secrets with the dashboard. Therefore, if you have integrated a repository in the dashboard and are using ggshield on this same repository:

  • a secret ignored on ggshield will still show as a potential incident on your GitGuardian dashboard.
  • a secret ignored on the dashboard will be ignored by ggshield.