Skip to main content

ggshield secret scan archive

Description

Scan an archive file. Supported archive formats are zip, whl, jar, tar, tar.gz, tar.bz2 and tar.xz.

ggshield secret scan archive [OPTIONS] PATH

Options

  • --all-secrets: Do not ignore any secret. Possible ignore-reason is shown as well.
  • --instance URL: URL of the instance to use.
  • --with-incident-details: Display full details about the dashboard incident if one is found (JSON and SARIF formats only). Requires the 'incidents:read' scope.
  • -b, --banlist-detector DETECTOR: Exclude results from a detector.
  • --ignore-known-secrets: Ignore secrets already known by GitGuardian dashboard.
  • --exclude PATTERNS: Do not scan paths that match the specified glob-like patterns.
  • --exit-zero: Return a 0 (non-error) status code, even if incidents are found. An error status code will still be returned for other errors, such as connection errors. This option can also be set with the GITGUARDIAN_EXIT_ZERO environment variable.
  • --show-secrets: Show secrets in plaintext instead of hiding them.
  • -o, --output PATH: Redirect ggshield output to PATH.
  • --format [text|json|sarif]: Format to use for the output.
  • --json: Shorthand for --format json.

This command supports all ggshield global options.

Last updated on

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status