Configure preferences
In order to configure preferences to fine tune your GitGuardian instance, navigate to Settings > General > Preferences.
warning
Please be careful some preferences allow you to activate features in beta mode. If in doubt, please seek advice from GitGuardian team.
Table of Preferences
General
Preference | Default Value | Description |
---|---|---|
token_expire_in_days | 7 | Lifespan, in days, of invitations and password reset links |
presence_check_enabled | true | Enable secret presence check. For more info, please refer to Investigate incidents page |
presence_check_display_enabled | true | Enable display of secret presence checks |
background_presence_check_enabled | true | Enable automatic secret presence check in background tasks |
validity_check_enabled | true | Enable secret validity check |
background_validity_check_enabled | true | Enable automatic secret validity check in background tasks |
SAML SSO
For more info, please refer to the SAML SSO page.
Preference | Default Value | Description |
---|---|---|
use_model_signature_settings | true | Enable the manual configurations of the SAML signatures requirements |
is_custom_nameid_format_enabled | false | Enable the choice of NameID format |
Bitbucket
For more info, please refer to the Bitbucket integration documentation.
Preference | Default Value | Description |
---|---|---|
min_delay_between_syncs | 60 | Minimum delay, in minutes, between two consecutive synchronizations of a Bitbucket installation |
auth_error_grace_period | 0 | Minimum period, in minutes, of repeated authentication errors after which a token should be revoked |
On Premise
Preference | Default Value | Description |
---|---|---|
bitbucket_disable_admin_check | false | Disable Bitbucket integration Admin Check when creating integration |
prometheus_metrics_active | false | Activate Prometheus Metrics Exporter on /metrics . For more info, please refer to Applicative metrics page |
custom_telemetry_active | true | Enable sending telemetry metrics to GitGuardian |
openai_api_key | - | OpenAI API key |
tls_client_force_second_factor_auth | false | Multi-factor authentication option for Certificate-Based Authentication |
Notifier
For more info, please refer to the Custom webhook page.
Preference | Default Value | Description |
---|---|---|
max_webhooks_per_integration_type | 1000 | Maximum number of configured webhooks per integration type |
Source Scanner (VCS)
For more info, please refer to the Historical scanning page.
Preference | Default Value | Description |
---|---|---|
minutes_between_scans_per_source | 0 | Minimum minutes between two scans on the same source. (0 = disabled) |
Source Scanner
Preference | Default Value | Description |
---|---|---|
servicenow_data_source_recurrent_scan_interval | 21600 | Minimum seconds between two recurrent scans on ServiceNow sources. |
aws_ecr_recurrent_scan_interval | 21600 | Minimum seconds between two recurrent scans on Amazon ECR sources. |
azure_cr_recurrent_scan_interval | 21600 | Minimum seconds between two recurrent scans on Azure Container Registry sources. |
google_artifact_recurrent_scan_interval | 21600 | Minimum seconds between two recurrent scans on Google Artifact Registry sources. |
docker_hub_recurrent_scan_interval | 21600 | Minimum seconds between two recurrent scans on Docker Hub sources. |
jfrog_artifact_recurrent_scan_interval | 21600 | Minimum seconds between two recurrent scans on JFrog Artifactory sources. |
Policy
Preference | Default Value | Description |
---|---|---|
is_repo_size_controlled | false | Limit size of repositories for historical scan. (removed in 2024.9.0) |
repo_scan_size_limit | 1073741824 | Maximum repository size for historical scan, in Byte. For more info, please refer to the following page. |
repo_scan_pending_limit_in_hours | 168 | Timeout, in hours, of the queue time of a repository's historical scan. For more info, please refer to the following page. |
repo_scan_time_limit_in_sec | 7200 | Timeout, in seconds, for historical scan of repository. For more info, please refer to the following page. |
maximum_scan_size | 1048576 | Maximum document size for secrets detection scan via API, in bytes. |
repo_scan_max_commit_length | 1073741824 | Maximum total length of a commit to scan, in Byte, larger commits are truncated (-1 = unlimited). |
displayed_content_max_size | 1048576 | Maximum displayed content size, in Byte. Introduced in 2023.11. |
displayed_content_max_lines | 1000 | Maximum displayed content lines. Introduced in 2023.11. |
skip_unchanged_scans | True | This setting allows skipping the historical scan of a repository if it has not changed since the last scan. |