secret ignore command instructs ggshield to ignore secrets it finds during a scan. This command needs to be used with an option to determine what secrets it should ignore. For now, it only handles the
--last-found option that ignores all the secrets found by the last run
Every time the command is run, it adds the secrets to a global list of secrets it should ignore, available in your
.gitguardian.yaml file under
ggshield secret ignore
Under the hood, these secrets are added to the matches-ignore section of your local configuration file (if no local configuration file is found, a
.gitguardian.yaml file is created).
--last-found: ignore all secrets found by last run scan
--help: display detailed help
Warning: Using this command will discard any comments present in the config file.
Note: ggshield does not share its ignored secrets with the dashboard. Therefore, if you have integrated a repository in the dashboard and are using ggshield on this same repository:
- a secret ignored on ggshield will still show as a potential incident on your GitGuardian dashboard.
- a secret ignored on the dashboard will be ignored by ggshield.