# # Custom severity rules : new option to recompute severity scoring manually.Secret detection engine : upgrade to version 2.90 with the addition of two new detectors (Palantir JWT , Figma Personal Access Token ) and the improvement of one detector (LDAP credentials ).Honeytoken: “Created at” column has been added to the honeytoken list, and it is now possible to sort on this property.Honeytoken: honeytokens can now be searched by ID.Honeytoken: an email notification is sent when a honeytoken is found to be publicly exposed.API: labels are added to honeytoken endpoints .# ggshield : fix a redirection issue upon usage of ggshield auth login.# # Custom severity rules : the severity ruleset used by the automated severity scoring is now customizable to maximize the coverage of automatically scored incidents.Automated severity scoring : automated severity scoring is now activated by default for all workspaces under the Free plan.# Authentication : fix broken email confirmation link when registering with email and password.User signup : user signup email verification link fixed.# # # Custom severity rule : fix wrong timeline when setting a manual severity to an incident having only an automatic severity.Grant access : copy-pasting now works correctly.# # Incidents : filepaths can now be searched in the free text search of the secret incidents table.Secret detection engine : upgrade to version 2.88 with the addition of two new detectors: Cloudinary API keys and MongoDB Atlas Keys .# Incidents : performance for loading secret incidents has been improved for workspaces with a large number of incidents.Loader : fix loader size in incident and Perimeter pages.API : comment field is now required on incident note creation endpoint .# # Honeytoken : introduction of new Honeytoken icon in the sidebar: module is coming soon! Join the waitlist to be notified when it becomes available.# # Custom remediation workflow : remediation workflow is now 100% customizable thanks to the deletion of the last static step.Secret detection engine : upgrade to version 2.87 with the addition of a new detector (Keycloak Api Keys).API : new endpoints are added for API tokens management (personal access tokens and service accounts).API : new fields resolver_id and ignorer_id are available into the secret incident payload .# VCS Integrations : Bitbucket instances can be deleted even if the account is no longer in the Business plan.Detectors list : when the validity checks are disabled, the detectors are sorted by status.Notifications : fix empty emails being sent after an occurrence was found during real time scan.Personal access tokens : Restricted users now only see the scan scope in the personal access token form.# # Jira integration : Jira ticket creation CTAs are hidden for workspaces without a single Jira site installed.Jira integration : fix permission issues by disabling the configure button for users without a Manager role and allowing users with the Restricted role and can edit permissions to create a Jira ticket.# # Subscription : New and existing users can subscribe to a Business plan via the AWS Marketplace.# Members : fix invitation link for new members.# # ggshield : ggshield auth login flow now expires after 5 minutes.Incidents : performances when filtering incidents on a detector are improved.VCS integrations : fix broken links to documentation.# # Automated severity scoring : incident severity can now be scored and assigned automatically.# # Azure Repos : addition of a loader and notifications when an organization is being installed.API : add filters to multiple endpoints# GitHub : fix the integration of a GitHub installation with a large number of repositories.Incidents : fix performance issue when filtering on detectors.GitHub : fix check-runs running forever by enforcing a timeout.# # Alerting integration : introduction of the new Jira integration. More information available in the documentation .API : Specify missing scopes in error message when the API token being used doesn't include the appropriate scopes.# # Azure Repos : Azure Repos integration is now available. You can scan your Azure Repos repositories for secrets detection.# # IaC : add analytics page to monitor IaC scanning usage (beta).Perimeter : improve display of the historical scan's last status information.# Members : Restricted users can now be promoted without requiring to add them in a team.# # Custom Remediation Workflow : Remediation workflow can now be customized in the settings.# # VCS integrations : workspaces with less than 25 contributing developers can now monitor their private collaborative repositories for free.SSO : SSO configuration is enabled for all plans (free and business).# # Custom webhook : addition of the new event-based custom webhook integration.Teams : addition of a description field for your teams.Teams : the "all-incidents" team is now visible in the members table.# SSO : fix "sign in" redirection for SSO connection.# # API : expose external_id representing the VCS id of a source in API source payload.Historical scan : increase the maximum size of the historical scan from 1GB
to 12GB for Business workspaces.# Historical scan : reduce errors during scans of large repositories.Members : fix the sorting when navigating through pages.# # Historical scan : new email template for historical scan report.# GitLab integration : handle timeout errors when setting up a new instance.Playbooks : fix incorrect default permission can view applied with auto-access playbook instead of correct can edit.Filepath exclusions : ignore hidden occurrences in the auto-access playbook and notifications.Custom webhooks : fix incorrect event names.# # Azure Repos : introducing Azure Repos integration. This feature is available in beta upon request.Custom webhooks : update the action field with more user-friendly messages.Perimeter page : update the information displayed in the Protection section.Analytics : addition of all the ggshields modes to the Analytics section.# Check runs : when deactivating a check run, finish the processing if it was already in progress.Check runs : check runs are functional for forked repositories.Custom webhook : remove matches from webhooks' new occurrence.# # Teams : introducing team management within a workspace and granular incident permissions (can view, can edit, full access) for business workspaces.Playbooks : new Auto-resolution playbook to automatically close incidents that have once been valid and that become invalid.Share link : prevent valid secrets from being "marked as revoked" in the public sharing page of a secret incident.# GitHub : fix display latency observed for big GitHub organizations.Settings : fix start trial links not redirecting to correct page.# # Incidents : selection is maintained after a bulk action.API : add an ordering filter on the /incidents/secrets list endpoint.# # Custom webhook : Fix assign action that was replaced by reassign.Incidents : Provide a more user-friendly error message when a bulk action can't be applied to the selected incidents.# # Custom webhook : New Member payload for the Grant/Remove access action.Members : Notification is sent to users who are removed from a Workspace.# Custom webhook : Remove the resolve_reason field from all payloads.# # API : enrich Members section with retrieve and delete endpoints.# Incident details : Searching GitHub pull requests associated with an issue can be performed on a specific #ID and repository name.GitHub : do not display "scan integrated repositories" modal if autoscan is on.# # API : handle invitations on grant/revoke access endpoints.API : addition of a filter by role and a search on name and email for the /members endpoint.# Incident : secrets with validity status "failed to check" are no longer checked automatically after they have been marked as resolved.Incident : the button to manually check the presence in git history remains when the incident is closed.Incidents : Fix icon for the 'info' severity badge.# # GDPR : closing the banner now automatically rejects the consent and the consent is stored for 6 months.Incidents : include unaffected count for bulk actions.API : add filters to the audit log list endpoint.# Custom webhooks : fix the webhook event based signature.Gitlab integration : allow gitlab installation deletion when your business trial expired.GitLab integration : keep unmonitored projects unmonitored.API : API respects the validity checks setting ON/OFF.# # API : add an endpoint to fetch the audit logs. API key needs to have the new audit_logs:read scope to query the endpoint.API : tags are exposed in the incidents endpoint.CSV : tags are exposed in the csv report of secrets incidents.Perimeter : the repository name is now a link to the incidents list filtered on this repository. The link to the VCS is also available as a popup icon.# Perimeter : fix bug preventing Members to launch historical scans.# API : deprecated issue_id in favor of incident_id on incident note management endpoints.# # Alerting : the custom webhook alerting is now event-based. More information in the dedicated documentation .API : the /occurrences endpoint can be filtered by author_name and author_info.# Detectors : activating and deactivating detectors is now forbidden for Members.# # Members : invitations can be resent through the dashboard.API : add endpoints to manage invitations. API key needs to have the new members:write scope to query those endpoints.API : add endpoint to set severity of a secret incident.# Service account : fix a permission error allowing all roles to modify service accounts.GitHub : fix re-run action of old check runs to show an explicit error.# # ggshield: setting up ggshield is made easy with the new ggshield auth login command. More information in the dedicated documentation .Grant access: notify Restricted users by email when they are granted access to an incident.Members: notify users by email when their role is updated.CSV : add status, ignore_reason and status_revoked columns to the CSV export of secret incidents.CSV : add occurrence_id column to CSV export of occurrences.CSV : return the dates in isoformat.# GitLab : adding a GitLab project that had been deleted now correctly set it as monitored.Analytics : pre-receive mode is displayed correctly in the shift-left panel.# ggshield: : since v1.12 of ggshield, ggshield scan and ggshield ignore commands are deprecated, use ggshield secret scan and ggshield secret ignore instead.# # GitHub: expose base/head branch of GitHub pull requests.Incident: mark the third remediation step "rewrite git history" as optional.# GitHub: explicitly neutralize old check runs that are re-run.GitHub: users with an email address that has a reserved email domain can no longer register via GitHub SSO, but they can still log in if SSO is not forced.Incident: fix grant access modal broken when too many Restricted users.# # API: move the Personal access tokens to the API section.Check runs: improve success message in GitHub UI.# # API documentation: the organization of the API documentation has been reworked for better readability.# Grant Access: Members in Business workspaces can give access to restricted users but can’t invite new users by typing email addresses.Incident details: timestamp of last presence check is updated synchronously upon manual check.CSV Export: disable timeouts.Incidents: improve performance on the incidents table.Detector: improve performance of table of detectors for workspaces with many incidents.# # Incidents list: display repository state (unmonitored or deleted) on incidents list and incident detail pages.API: adapt API to be compatible with personal access tokens.Personal access tokens: Managers can monitor the Personal access tokens created on the workspace in the API section.# Incident detail: prevent users with role Restricted from sharing externally the incidentHistorical Scan: fix a bug leading to automatic historical scans being stuck in “Pending” stateBitbucket : Deleting a Bitbucket integration deletes the webhook created on the Bitbucket instance.# # API: introduction of a new type of API keys: the Personal Access Tokens.Audit Log: add audit log for “Service Account”.API: new endpoint to list workspace members having access to an incident.API : New pages are now available in the API section: Quota, Service Account and Secrets detection playground.# Check runs : Enforce the 65K characters limit on check run templates.SSO: Fix small Okta logo and missing sso name.Secret detectors: Fix the display of detector logos being sometimes too small.GitLab : Disallow group hook integration on namespaces that are not in the GitLab premium plan.# # BitBucket: Bitbucket repositories can now be scanned automatically upon their integration.# Filepath exclusion: improve performances on the filepath suggestions# # API: new endpoint and scope to list members of a workspaceAPI: new fields exported in the Source payload: health, last_scan, open_incidents_count and closed_incidents_countAPI: add option to filter sources by health and last scan statusGrant access: ability to invite new Restricted users directly from an incident.GitLab: GitLab repositories can now be scanned automatically upon their integration.# # Perimeter: add filtering capability on last scan status.Detectors: addition of the number of secret incidents for each detector in the table of detectors.Custom detectors: add questions in Additional notes placeholderCustom detectors: Business plan users can now extend GitGuardian's secrets detection engine to support secrets specific to their organization.GitHub check runs : GitGuardian incidents and GitHub check runs are now linked.# RBAC : Auto-healing playbook is no longer case sensitive for email matching# # Members: added filtering and sorting on the members and invitations tables.Detectors: display detector type (generic/specific) in the table.Incidents list: enable bulk actions for Restricted usersGitHub: handle Organization renamed eventFilepath exclusions : actions on filepath exclusion are now added to activity logs# Incident detail: fix horizontal scroll for very long lines in git patchAnalytics: fix bug when switching the aggregate (day/week) in the analytics.# # Integrations : sort sources alphabetically by default.Incident detail: improve the right sidebar scrolling behaviour.# GitHub SSO : users can link their existing GIM account through the GitHub SSO, unlocking the authentication flow without a configured password.Validity check : fix bug that could make the validity check less frequent than expected.Presence check : fix bug that could make the presence check less frequent than expected.# # API: add the ability to create, update and delete incident notes.# Bitbucket : fix the loader and empty states during various installation steps.# # Settings: add the Regression setting. Managers can decide whether a new occurrence of a previously resolved incident reopens it.# Incident detail : improve performance of issue detail pages when there are a lot of occurrences by paginating them.Analytics: Display deleted sources in the "Top 5 sources" panel.API: Return a valid JSON when maintenance mode is active.# # API added secret validity information.API: new scope incident::share.API: add new endpoints for grant access and revoke access actions.Custom webhook: added validity and severity to payload.# Analytics: fix the links to the incident list filtered by detectors.Historical scan: handle merge commits during historical scan.Incident details: fix the git patch component not highlighting secrets properly when there was a context before the first hunk header.# # GitHub: GitHub repositories can now be scanned automatically upon their integration.GitHub check runs post a comment in pull request timeline upon detection of a secret.Integration add links to the Version Control System for each repository.GitLab implement the token edition token for group hook integration.Historical scanning implement bulk scan cancellation.Audit log ability to search audit logs by incident ids and event name.# Incidents fix activity logs of incidents ignored via API.Navigation fix backward navigation broken when visiting a page with existing filters persisted in the URL query params.Analytics fix the "count of secrets per 1000 commits" stat that included secrets for historical scans.# # GitHub automatic scan of new repos added on GitHub.API added severity information in incident payload.# # RBAC introduction of the Restricted role and the Auto-access granting playbook.API new endpoint for the ability to share and unshare an incident.Footer add footer with detection engine and status page.Detectors add links to documentation for each detector.GitLab handle GitLab.com integration with multiple GitLab groups.Audit log add audit log for check runs setting.# Validity check backpopulate the uncheckability of old Google keys.Settings fix Members table pagination reset on change.# # Incidents : introduction of validity checks for secret incidents. Ability to trigger the validity check manually.Presence check add presence information to incidents in the CSV report and the API occurrence payload.GitHub delete installation dangling for more than 6 months.# Incidents increase source filter limit to 500.Incidents fix a performance issue when filtering by presence.Perimeter fix related incidents count not updated after incident update.# # Incidents : introduction of presence checks for secret occurrences. Ability to trigger the presence check manually.API : new search and filtering capabilities# Historical scan : Fix pending scans running forever.# # GitHub Checkruns allow customization of message and final status (fail or neutral).Integrations possibility of integrating several GitHub Enterprise instances.Historical scan Business workspaces now have a dedicated queue for historical scanning.Incidents handle BitBucket repositories in search filters.# Authentication email authentication is no longer case sensitive.Filtering filtering and ordering of tables are now kept throughout the app.Incidents quick actions are now propagated immediately.# # Incidents Increase source filter search results limit from 10 to 100.GitHub regularly check that the GitHub App still exists.Share incident adding TTL (Time To Live) to the share link.Integrations add docker integration.# Historical scan fix a race condition in incident creation.Historical scan fix an error where the scan loader remained after the scan finished (or failed).Analytics fix a page crash when a member to display was deleted.# # API introduction of data management scopes for API keysGitHub allow users with a linked GitHub account to link a dangling installation to their workspace. It also works from unauthenticated users installing the GitHub App directly from GitHub.Onboarding implementation of an onboarding todo list to guide users in their first steps on the application# Incidents correctly display incidents closed via the API or by an external developer via a share link.Detectors fix a performance issue when changing a secret detector status in the settings.GitHub fetch GitHub content between 100kB and 1MB when the patch is not returned by GitHub.# # Analytics add panel to visualize your shift left efforts.CI/CD integrations add an instruction page on how to configure ggshield with each CI/CD tool.API API now respects the 20MB limit.# GitLab clean up orphaned webhooks on the GitLab side when installing a new integration.# # Incidents : introduction of severity for incidents. Triaging your incident becomes easier.Filepath exclusion suggestion of filepath to exclude based on workspace incidentsAPI implement incidents list and sources list endpoints.# SSO when force SSO is active, redirect to the SSO login page from the GitHub SSO flow.# # Filepath exclusion add ability to configure filepath to exclude filepaths from monitoring. You can also test a filepath against your exclusion list.Settings users can customize their email notification for each of their workspaces.Incidents show assignee for closed incidents and ability to filter on assignee.Incidents add quick actions to resolve/ignore/reopen/assign directly in the incidents table row.Incidents add the bulk action “add note”.Incident detail update "how to remediate" section with detailed indications and blog linksPerimeter add link to incidents page for closed incidents.CI/CD add drone.io and Azure pipelines.# # Playbook introduction of "Auto-healing" playbook. Developers involved in a secret incident can now automatically receive an incident's share link.Incidents add a filter for developer feedback and icons indicating feedback status in the incidents table.Share link add resolve/ignore actions to the share page.Detectors deprecated detectors now appear disabled in the settings.Incidents CSV report now respects the secret incidents table filters and search.# Incidents show number of open incidents in the inactive tab headers.Incident detail fix detector logo not displayed on incident detail page.Incidents fix bug not updating incidents list when navigating back from incident detail page after having updated it.# # Share link ability for a developer to give feedback from the share page of an incident. Feedback is displayed on the incident detail page.Integrations display ggshield integrations (git hook, CI/CD …) on the integrations pages.Alerting integrations add Pagerduty, Discord and Splunk integrations in the app.Historical scan add ability to cancel a running historical scan.# Authentication fix the 404 on some authentication pages.Audit fix a bug that could allow users to have their audit logs created without their IP address.# # Analytics introduction of the Analytics section. This new section provides insight into the evolution of your workspace metrics helping you monitor your security posture over time.Incident detail ability to share an incident externally. Security teams can give visibility to developers, involved in the incident, but who are not authenticated on the workspace.GitLab display in-app warning when an integration is no longer monitored.Bitbucket display in-app warning when an integration is no longer monitored.# Analytics fix incidents coming from an historical scan not taken into account in Analytics.# # Bitbucket Bitbucket integration is now available. You can monitor your Bitbucket repositories for secrets detection.Audit log introduction of an Audit log section in the settings. As the Owner or Managers of your GitGuardian workspace, get a centralized view of all the user activity that took place on your workspace.GitLab improve the settings perimeter of namespaces/projects. Display the number of monitored projects per namespace and display the number of pending changes while changing the monitoring states. Lazy loads the projects only when a namespace is open.# Historical scan do not send email when all scans of a bulk scan fail.# # Incidents introduction of bulk actions. While we highly encourage you to examine an incident closely before closing it, you can now perform bulk actions (such as resolve, ignore, assign) to quickly change the status of multiple incidents.Incident detail implement navigation through matches in the git patch of a secret incident.Historical scan add a new failed reason: "timed out".Perimeter add a banner to remind users of missing integrations and unscanned repositories.# CSV implement streaming download for long term performance fix.# # Settings ability to transfer workspace ownership.Incidents add a loading visual upon table page change.# Alerting integrations do not send notifications for deactivated detectors.# # Incidents introduction of "sensitive file" and "test file" tags. "Sensitive file" tag indicates that one of the occurrences of the incident happened on a potential sensitive file. "Test file" tag indicates that one of the occurrences of the incident happened on a potential test file.Members introduction of Viewer role. A Viewer has access to all the incidents of your workspace. However, a Viewer cannot take actions such as resolving or ignoring an incident.# # Alerting integrations add a setting for alerting frequency. An incident may contain several occurrences. Therefore, you can pick if your Slack or custom webhook notifications fire only when a new incident is triggered (at the first occurrence) or at all occurrences of every incident.GitLab add a configuration page for system hook integration, and improve group hook one.GitLab allow integration of multiple GitLab instances on a workspace.Security strengthen password policy.# Incidents fix regression breaking timeline logs order.Incident fix bug allowing several logs for an action (resolve/ignore) on an incident.May 30, 2023 May 15, 2023 May 2, 2023 April 17, 2023 April 11, 2023 April 3, 2023 March 20, 2023 March 6, 2023 February 20, 2023 February 15, 2023 February 6, 2023 January 23, 2023 January 10, 2023 January 9, 2023 December 21, 2022 December 15, 2022 December 13, 2022 November 28, 2022 November 15, 2022 November 3, 2022 October 17, 2022 October 3, 2022 September 21, 2022 September 8, 2022 August 22, 2022 August 9, 2022 July 27, 2022 July 11, 2022 June 27, 2022 June 14, 2022 June 1, 2022 May 17, 2022 May 2, 2022 April 19, 2022 April 4, 2022 March 23, 2022 March 7, 2022 February 21, 2022 February 9, 2022 January 24, 2022 January 17, 2022 December 17, 2021 November 30, 2021 November 14, 2021 November 3, 2021 October 18, 2021 October 13, 2021 September 20, 2021 September 7, 2021 August 11, 2021 July 27, 2021 July 13, 2021 June 30, 2021 June 14, 2021 May 26, 2021 May 5, 2021 April 19, 2021 April 6, 2021 March 9, 2021 February 22, 2021 February 8, 2021 January 25, 2021 January 11, 2021