Release Date: April 29, 2025

As AI adoption accelerates across organizations, securing API keys for platforms like Perplexity AI and Anthropic becomes increasingly critical. This update introduces specialized detectors for these emerging AI services alongside improvements to existing detectors and Azure cloud components.

New Detectors

• Perplexity AI API Keys – Added a new detector for Perplexity AI API keys.
• Azure SignalR Connection String – Introduced a new detector for Azure SignalR Connection Strings.
• Azure Event Grid Access Key – Added new detectors for Azure Event Grid Access Keys and a New Checker for the azure_event_grid_access_key_with_host detector.
• Anthropic Admin Keys – Introduced a new detector and New Checker for Anthropic admin keys.
• GitGuardian Platform Magic Link – Added a new detector for GitGuardian Platform Magic Links.

Detector Improvements

• LDAP Credentials – Checker Upgrade: Improved the LDAP checker to better distinguish between connection errors and invalid credentials. Updated ldap_credentials_assignment_with_dn to remove false positives.
• JSON Web Token – Detector Upgrade: The detector will now detect all JWTs regardless of their contents.
• Cloudinary API Keys – Detector Upgrade: Extended charset of cloudinary_api_key_config to improve recall.
• Auth0 Keys – Detector Upgrade: Improved recall of the detector to detect more domains.
• Claude API Key – Detector Upgrade: Refined regex for Claude API keys.
• Riot Games API Key – Checker Updated: Banlist checker will be deleted.
• LINE Notify Token – Checker Updated: Banlist checker as the service has been discontinued.

  Release Date: April 14, 2025

We're enhancing our engine with a major focus on Artifactory secret detection. Artifactory is a critical artifact repository manager used by thousands of organizations to store, manage, and distribute software packages and dependencies. Compromised Artifactory credentials can lead to supply chain attacks, allowing attackers to poison software dependencies or access proprietary code.

New Detectors

• Multiple new detectors have been added for Artifactory:
  • Artifactory Reference Token
  • Artifactory Reference Token With Host
  • Artifactory Master Key
  • Artifactory Basic Auth Credentials

Detector Improvements

• Snowflake Credentials – The Snowpark API credentials detector has been enhanced to identify more patterns.
• IBM Cloud Key – We reduced false positives in the IBM Platform API key detector.
• PlanetScale Database Password - Expanded detection to cover more host names for the Planetscale database password detector.
• Artifactory Token With Host - Improved precision for host names.

  Release Date: March 19, 2025

Bringing enhanced accuracy and broader coverage:

New Detectors

• Azure Logic App Shared Access Signature – New detector for Azure Logic App Shared Access Signature.

Detector Improvements

• LINE Messaging OAuth2 – Removed false positives from the LINE Messaging OAuth2 detector.
• OpenAI API Key – Fixed a bug in the analyzer for OpenAI API Key that prevented it from reporting threads:* scopes.

Detector changes

• FCM API Key – Removed FCM API Key checker since its API was removed.

Miscellaneous

• Add User Agent GitGuardian in HTTPClient class used by analyzers.

  Release Date: February 27, 2025

This update introduces several critical security detectors for popular services, notably expanding OpenAI detection capabilities with new Project API Key, Admin API Key, and improved Service Account detection patterns. The addition of 1Password Service Account Token detection is equally significant, as both these services represent high-value security targets. OpenAI API keys provide access to powerful AI capabilities and could lead to substantial usage charges if compromised, while 1Password tokens could potentially expose entire password vaults containing sensitive credentials across an organization.

• New Detectors
  • OpenAI Project API Key (v2) – Added support for detecting the new format of OpenAI project API keys.
  • OpenAI Admin API Key – New detection capability for OpenAI admin API keys.
  • Netlify Token (v2) – Introduced detection for the latest version of Netlify tokens.
  • 1Password Service Account Token – New detector added to identify 1Password service account tokens.
  • DeepSeek API Key – Now detecting DeepSeek API keys.
• Improved Detection
  • OpenAI Service Account – Expanded pattern coverage for better identification.
  • Rails Master Key – Updated detection rules to minimize false positives.
  • GitHub Tokens – Improved recall and validation for GitHub authentication tokens.
  • Groq API Key – Enhanced detection rules for greater accuracy.
  • Artifactory Token – New checker added to improve detection effectiveness.
  • Generic Passwords – Excluded secrets containing ***** as they are likely false positives.
  • Dropbox Key – Detector group split into Dropbox Key and Dropbox Access Token for improved granularity.
  • FCM API Key – Validity check is no longer available since the API has been removed. While we can no longer retrieve the validity status for FCM secrets, we still detect the keys.

  Release Date: February 11, 2025

New Detectors

• SMB Credentials – New detector smb_uri to detect SMB credentials inside a connection URI.
• Microsoft Azure Storage Connection String – New detector for Azure Blob Storage connection strings and a New Checker.
• DeepSeek API Key – Added detector and New Checker for DeepSeek API.
• Netlify Token v2 – New detector added for Netlify token v2.
• 1Password Service Account Token – New detector added for 1Password service account token.

Detector Improvements

• Microsoft Azure Storage Account Key – Detector Upgrade: Removed a false positive from Microsoft Azure Storage Account Key (example from Microsoft documentation).
• Generic Password – Detector Upgrade: Removed secrets with ***** as they are likely to be false positives.
• Groq API Key – Detector Upgrade: Improved recall for Groq API.
• Netlify Token – Checker Upgrade: Updated checker to match the documentation.

Engine Enhancements

• Enabled HTTPChecker to function without a base URL.
• Network caching has been improved in some analyzers, resulting in fewer HTTP calls.

  Release Date: January 28, 2025

• New Detectors
  • Artifactory Token With Host
  • HubSpot Private App Token
• Improved Detection for GitHub Tokens
  • Enhanced validation for GitHub Enterprise Token
  • Refined rules for various GitHub authentication tokens:
    • OAuth Access Token
    • Personal Access Token
    • Server-to-Server Token
    • GitHub Token
    • User-to-Server Token