ggshield | fix 360+ types of hardcoded secrets | Security library
kandi X-RAY | ggshield Summary
kandi X-RAY | ggshield Summary
ggshield is a Python library typically used in Security applications. ggshield has no bugs, it has no vulnerabilities, it has build file available, it has a Permissive License and it has medium support. You can install using 'pip install ggshield' or download it from GitHub, PyPI.
GitGuardian shield (ggshield) is a CLI application that runs in your local environment or in a CI environment to help you detect more than 300 types of secrets, as well as other potential security vulnerabilities or policy breaks. GitGuardian shield uses our public API through py-gitguardian to scan and detect potential secrets on files and other text content. Only metadata such as call time, request size and scan mode is stored from scans using GitGuardian shield, therefore secrets and policy breaks incidents will not be displayed on your dashboard and your files and secrets won't be stored. You'll need an API Key from GitGuardian to use ggshield.
GitGuardian shield (ggshield) is a CLI application that runs in your local environment or in a CI environment to help you detect more than 300 types of secrets, as well as other potential security vulnerabilities or policy breaks. GitGuardian shield uses our public API through py-gitguardian to scan and detect potential secrets on files and other text content. Only metadata such as call time, request size and scan mode is stored from scans using GitGuardian shield, therefore secrets and policy breaks incidents will not be displayed on your dashboard and your files and secrets won't be stored. You'll need an API Key from GitGuardian to use ggshield.
Support
Quality
Security
License
Reuse
Support
ggshield has a medium active ecosystem.
It has 1315 star(s) with 114 fork(s). There are 30 watchers for this library.
There were 1 major release(s) in the last 6 months.
There are 39 open issues and 128 have been closed. On average issues are closed in 86 days. There are 4 open pull requests and 0 closed requests.
It has a neutral sentiment in the developer community.
The latest version of ggshield is 1.28.0
Quality
ggshield has 0 bugs and 0 code smells.
Security
ggshield has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
ggshield code analysis shows 0 unresolved vulnerabilities.
There are 0 security hotspots that need review.
License
ggshield is licensed under the MIT License. This license is Permissive.
Permissive licenses have the least restrictions, and you can use them in most projects.
Reuse
ggshield releases are available to install and integrate.
Deployable package is available in PyPI.
Build file is available. You can build the component from source.
Installation instructions, examples and code snippets are available.
Top functions reviewed by kandi - BETA
kandi has reviewed ggshield and discovered the below as its top functions. This is intended to give you an instant insight into ggshield implemented functionality, and help decide if they suit your requirements.
- Creates a leaky message based on the given arguments .
- Pre - receive hook .
- Login .
- Commit changes .
- Check if a CI environment is used .
- Formats a line with the given secret index .
- Extract lines from a patch .
- Run ban list .
- Scan a list of commits .
- List GitHub actions .
Get all kandi verified functions for this library.
ggshield Key Features
No Key Features are available at this moment for ggshield.
ggshield Examples and Code Snippets
No Code Snippets are available at this moment for ggshield.
Community Discussions
Trending Discussions on ggshield
QUESTION
Creating git-hooks for pre-commit using ggshield
Asked 2022-Mar-14 at 10:53
I have a android project and want to install a pre-commit.
I was following this example: https://docs.gitguardian.com/internal-repositories-monitoring/integrations/git_hooks/pre_commit
...ANSWER
Answered 2022-Jan-11 at 15:03you must set up a gitguardian api key to use their service (it isn't a freely available public service). the git hook and cli are a thin wrapper around the GitGuardian api
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install ggshield
The install command allows you to use ggshield as a pre-commit or pre-push hook on your machine, either locally or globally for all repositories. You will find further details in the pre-commit/pre-push part of this documentation.
To install the pre-push hook globally (for all current and future repos), you just need to execute the following command:.
check if a global hook folder is defined in the global git configuration
create the ~/.git/hooks folder (if needed)
create a pre-push file which will be executed before every commit
give executable access to this file
This pre-receive hook requires the host machine to have python>=3.8 and pip installed
Install ggshield from pip: pip install ggshield
Move pre-receive.sample to .git/hooks/pre-receive or to your provider's git hook directory https://docs.gitlab.com/ee/administration/server_hooks.html
Do not forget to chmod +x .git/hooks/pre-receive
either set an environment variable machine wide GITGUARDIAN_API_KEY or set it in the .git/hooks/pre-receive as instructed in the sample file.
Create a gitguardian.yaml somewhere in the system. An example config file is available here
Replace in the pre-receive hook ggshield scan pre-receive with: ggshield -c <INSERT path to gitguardian.yaml> scan pre-receive
For the pre-receive hook to work, the directory where the repositories are stored must also be mounted on the container.
This pre-receive hook requires the host machine to have docker installed.
Move pre-receive-docker.sample to .git/hooks/pre-receive
Do not forget to chmod +x .git/hooks/pre-receive
either set an environment variable machine wide GITGUARDIAN_API_KEY or set it in the .git/hooks/pre-receive as instructed in the sample file.
To install the pre-push hook globally (for all current and future repos), you just need to execute the following command:.
check if a global hook folder is defined in the global git configuration
create the ~/.git/hooks folder (if needed)
create a pre-push file which will be executed before every commit
give executable access to this file
This pre-receive hook requires the host machine to have python>=3.8 and pip installed
Install ggshield from pip: pip install ggshield
Move pre-receive.sample to .git/hooks/pre-receive or to your provider's git hook directory https://docs.gitlab.com/ee/administration/server_hooks.html
Do not forget to chmod +x .git/hooks/pre-receive
either set an environment variable machine wide GITGUARDIAN_API_KEY or set it in the .git/hooks/pre-receive as instructed in the sample file.
Create a gitguardian.yaml somewhere in the system. An example config file is available here
Replace in the pre-receive hook ggshield scan pre-receive with: ggshield -c <INSERT path to gitguardian.yaml> scan pre-receive
For the pre-receive hook to work, the directory where the repositories are stored must also be mounted on the container.
This pre-receive hook requires the host machine to have docker installed.
Move pre-receive-docker.sample to .git/hooks/pre-receive
Do not forget to chmod +x .git/hooks/pre-receive
either set an environment variable machine wide GITGUARDIAN_API_KEY or set it in the .git/hooks/pre-receive as instructed in the sample file.
Support
Azure PipelinesBitbucket PipelinesCircle CI OrbsDockerDroneGitHub ActionsGitLabJenkinsPre-commit hooksPre-push hooksPre-receive hooksTravis CI
Find more information at:
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page
