Skip to main content

ggshield secret scan path


Scan files and directories.

ggshield secret scan path [OPTIONS] PATHS...


  • -r, --recursive: Scan directory recursively.
  • -y, --yes: Confirm recursive scan.
  • -b, --banlist-detector DETECTOR: Exclude results from a detector.
  • --ignore-known-secrets: Ignore secrets already known by GitGuardian dashboard.
  • --exclude PATTERNS: Do not scan paths that match the specified glob-like patterns.
  • --exit-zero: Always return a 0 (non-error) status code, even if incidents are found. This option can also be set with the GITGUARDIAN_EXIT_ZERO environment variable.
  • --show-secrets: Show secrets in plaintext instead of hiding them.
  • -o, --output PATH: Redirect ggshield output to PATH.
  • --json: Use JSON output.

This command supports all ggshield global options.


# scan a file
$ ggshield secret scan path my_repo/

# scan a directory recursively
$ ggshield secret scan path --recursive my_repo/

How can I help you ?