Skip to main content


Here you can find a list of some Git, GitHub and GitGuardian specific terms and concepts that we use across our documentation.

Author vs Committer#

From git definitions:

  • The author is the person who originally wrote the work
  • The committer is the person who most recently applied a set of changes, for example by using commands such as rebase or cherry-pick


A commit is a Git object first and "is an individual change to a file (or set of files)". See the GitHub glossary for a more precise definition. Commits usually contain a commit message which is a brief description of what changes that were made, as well as two distinct users, the author and the committer

Commit author#

The Git user who makes the commit.

Commit sha#

Unique identifier of a commit created by Git. It is a 40-character checksum hash. For the sake of convenience, only the first 7 characters are usually displayed.

Custom webhooks#

Custom webhooks allow you to build dedicated integration to receive different type of events (like incidents) from GitGuardian. It provides a way to integrate your different services with the GitGuardian alerting pipeline.

GitHub contributor#

A contributor is a GitHub user who does not have collaborator access to a repository but has contributed to a project and had a pull request they opened merged into the repository.

GitHub events#

Every interaction between a user and GitHub is logged in a GitHub Event. The complete list of event types is available here It contains useful informations, such as:

  • the actor, the GitHub user who triggered the event (in the case of a PushEvent, i.e when pushing several commits on GitHub, the actor is also refered to as the pusher)
  • the organization id, if the event occurred on a GitHub organization
  • the payload which depend on the event's type
  • the repo on which the event happened
  • the type

GitHub organization#

GitHub organizations are a group of multiple users that typically mirror the structure of your real-world organization. GitGuardian can monitor as many GitHub organizations and scan their associated activity.

Git users vs GitHub Users#

A commit as defined in the Git protocol, contains both an author and committer, defined by their email address and name. For example "Author Name <>" is a valid git user (either a committer or an author). This email is configured at the git protocol level, on your developers’ computers, using the commands:

git config --global "FIRST_NAME LAST_NAME"
git config --global ""

On top of that, GitHub sometimes adds a GitHub author and / or committer, if it managed to link the git user to an existing GitHub user, based on the email addresses. In that case, the commit also contains a GitHub login as the author and / or the committer.

Patch and diff#

A patch/diff is a git concept that represents the difference in changes between two commits, or saved changes. The diff will visually describe what was added or removed from a file since its last commit.


A policy is a rule enforced on your perimeter. Policy breaks incidents are triggered when an event breaks a given policy.

Push Event#

A Push Event is triggered whenever several commits are pushed on GitHub, from a local repository, and therefore its payload contains a list of commits. That is the main type of event we monitor, since it is the one containing commits, reflecting changes in code.


Following GitHub's definition, a repository is the most basic element of GitHub. They are the easiest to imagine as a project's folder. A repository contains all of the project files (including documentation), and stores each file's revision history. Repositories can have multiple collaborators and can be either public or private.


A secret is any of the following: API keys, database connection strings, certificates.