Automic VaultAutomic Vault

brew

Install ggshield with Homebrew, Nix

Scanner for secrets and sensitive data in code. Version 1.52.2 via Homebrew; verified 2026-06-21.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install ggshield

local Homebrew formula metadata

Linux

Nixverified · 92%
nix profile install nixpkgs#ggshield

nixpkgs package indexes · pkgs/by-name/gg/ggshield/package.nix · source: api.github.com

overview

Package summary

Scanner for secrets and sensitive data in code

Commands and aliases

  • ggshield

history

Project history and usage

ggshield is GitGuardian's open-source command-line scanner for detecting hardcoded secrets and sensitive data before they reach source-control history or CI artifacts.

Project history

GitGuardian opened the ggshield repository in April 2020 and published the early 1.0.x release line soon afterward. The project is built as the local and CI-facing companion to GitGuardian's secret-detection service, using the GitGuardian public API through the py-gitguardian client.

Adoption history

The tool gained adoption through several security workflows rather than one single editor or platform: local scans, pre-commit and pre-push hooks, CI/CD jobs, GitHub Actions, GitLab, Jenkins, Docker-image scans, package scans, and packaged distribution through PyPI, Homebrew, Chocolatey, Cloudsmith packages, and standalone installers.

How it is used

Practitioners authenticate with `ggshield auth login` or an API key, then scan paths, repositories, staged changes, Docker images, package artifacts, or CI workspaces. Teams commonly install it as a pre-commit, pre-push, or pre-receive hook so leaked credentials are blocked before they enter shared repositories.

Why package nerds care

For package ecosystems, ggshield is notable because it packages a SaaS-backed security control as a normal developer CLI: it can be installed by a package manager, run in a hook, and produce exit codes that fit standard CI pipelines.

Timeline

  • 2020: The GitGuardian ggshield repository was created.
  • 2020: The 1.0.x release line appeared in the GitHub release feed.
  • 2026: The release feed showed the 1.52 series.

Related projects

  • ggshield is closely tied to GitGuardian's public API and py-gitguardian client, and it overlaps operationally with pre-commit, CI/CD systems, and repository-hosting security workflows.

security posture

No protected-tool coverage found yet

No matching local secret-handling manifest was found for ggshield. Nucleus package metadata is still published here so future coverage has a stable package URL.

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 6 platform targets.
  • Installs with 6 runtime dependencies.
  • Build metadata lists 2 build dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Configuration files

Config paths the tool may read or write during local use.

Unix
~/.gitguardian.yaml./.gitguardian.yaml
Windows
%USERPROFILE%\.gitguardian.yaml.\.gitguardian.yaml

executables

Installed executables

CommandKindExposureNote
ggshieldcliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version1.52.2
manager updated2026-06-21
local dataok
upstreamnot checked
latest detectednot detected

https://www.gitguardian.com

install metadata

Package metadata

Package keybrew:ggshield
Version1.52.2
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/ggshield
Homepagehttps://www.gitguardian.com
Upstream docshttps://docs.gitguardian.com/ggshield-docs/getting-started
LicenseMIT
Source archivehttps://files.pythonhosted.org/packages/9d/f9/3f2b594156cda7ed2afba978daec90fc0fad5023a1896aacf120f259f9a1/ggshield-1.52.2.tar.gz
Last updated2026-06-21T14:25:28Z
Pulseupdated
Dependenciescertifi, cryptography, libyaml, openssl@3, pydantic, python@3.14
Build dependenciespkgconf, rust
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Nameggshield
Version Scheme0
Revision1
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Nix95%

ggshield

nix profile install nixpkgs#ggshield
  • normalized package name match
  • Matched by: Ggshield
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/gg/ggshield/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated configuration and credential file locations
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment