Detect secrets on developer workstations
Secrets detection can be integrated very early on in the development process. GitGuardian empowers developers, with ggshield (our command-line interface application) to scan their commits for hardcoded secrets before pushing them.
The cost of fixing hardcoded secrets is much lower at this stage than once they have reached the central/shared repository, hence the importance of shifting security left and providing developers with early and frequent feedback.
ggshield can be integrated into git hooks to automatically scan code before committing staged changes (pre-commit hook) or before pushing code to the shared repository (pre-push hook).
What are git hooks?
Getting started with ggshield
- Set up ggshield on your workstation
- Configure the git hooks with ggshield: