Scan a REPOSITORY's commits at the given URL or path.
ggshield secret scan repo [OPTIONS] REPOSITORY
REPOSITORY is the clone URL or the path of the repository to scan.
--banlist-detector DETECTOR: Exclude results from a detector.
--ignore-known-secrets: Ignore secrets already known by GitGuardian dashboard.
--exclude PATTERNS: Do not scan paths that match the specified glob-like patterns.
--exit-zero: Always return a 0 (non-error) status code, even if incidents are found. This option can also be set with the
--show-secrets: Show secrets in plaintext instead of hiding them.
--output PATH: Redirect ggshield output to PATH.
--json: Use JSON output.
This command supports all ggshield global options.
# scan a repository with its clone URI$ ggshield secret scan repo email@example.com:GitGuardian/ggshield.git # scan a repository with its path$ ggshield secret scan repo /repositories/ggshield
It is best to use a native VCS integration and view the results of a scan within the dashboard.