ggshield secret scan repo
#
DescriptionScan a REPOSITORY's commits at the given URL or path.
ggshield secret scan repo [OPTIONS] REPOSITORY
REPOSITORY is the clone URL or the path of the repository to scan.
#
Options-b
,--banlist-detector DETECTOR
: Exclude results from a detector.--ignore-known-secrets
: Ignore secrets already known by GitGuardian dashboard.--exclude PATTERNS
: Do not scan paths that match the specified glob-like patterns.--exit-zero
: Always return a 0 (non-error) status code, even if incidents are found. This option can also be set with theGITGUARDIAN_EXIT_ZERO
environment variable.--show-secrets
: Show secrets in plaintext instead of hiding them.-o
,--output PATH
: Redirect ggshield output to PATH.--json
: Use JSON output.
This command supports all ggshield global options.
#
Examples# scan a repository with its clone URI$ ggshield secret scan repo git@github.com:GitGuardian/ggshield.git
# scan a repository with its path$ ggshield secret scan repo /repositories/ggshield
#
See alsoIt is best to use a native VCS integration and view the results of a scan within the dashboard.