macOS
brew install ggshieldlocal Homebrew formula metadata
brew
Scanner for secrets and sensitive data in code. Version 1.52.2 via Homebrew; verified 2026-06-21.
install
brew install ggshieldlocal Homebrew formula metadata
nix profile install nixpkgs#ggshieldnixpkgs package indexes · pkgs/by-name/gg/ggshield/package.nix · source: api.github.com
overview
Scanner for secrets and sensitive data in code
history
ggshield is GitGuardian's open-source command-line scanner for detecting hardcoded secrets and sensitive data before they reach source-control history or CI artifacts.
GitGuardian opened the ggshield repository in April 2020 and published the early 1.0.x release line soon afterward. The project is built as the local and CI-facing companion to GitGuardian's secret-detection service, using the GitGuardian public API through the py-gitguardian client.
The tool gained adoption through several security workflows rather than one single editor or platform: local scans, pre-commit and pre-push hooks, CI/CD jobs, GitHub Actions, GitLab, Jenkins, Docker-image scans, package scans, and packaged distribution through PyPI, Homebrew, Chocolatey, Cloudsmith packages, and standalone installers.
Practitioners authenticate with `ggshield auth login` or an API key, then scan paths, repositories, staged changes, Docker images, package artifacts, or CI workspaces. Teams commonly install it as a pre-commit, pre-push, or pre-receive hook so leaked credentials are blocked before they enter shared repositories.
For package ecosystems, ggshield is notable because it packages a SaaS-backed security control as a normal developer CLI: it can be installed by a package manager, run in a hook, and produce exit codes that fit standard CI pipelines.
security posture
No matching local secret-handling manifest was found for ggshield. Nucleus package metadata is still published here so future coverage has a stable package URL.
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
local files
These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.
Config paths the tool may read or write during local use.
~/.gitguardian.yaml./.gitguardian.yaml%USERPROFILE%\.gitguardian.yaml.\.gitguardian.yamlexecutables
| Command | Kind | Exposure | Note |
|---|---|---|---|
ggshield | cli | global executable |
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
install metadata
| Package key | brew:ggshield |
|---|---|
| Version | 1.52.2 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/ggshield |
| Homepage | https://www.gitguardian.com |
| Upstream docs | https://docs.gitguardian.com/ggshield-docs/getting-started |
| License | MIT |
| Source archive | https://files.pythonhosted.org/packages/9d/f9/3f2b594156cda7ed2afba978daec90fc0fad5023a1896aacf120f259f9a1/ggshield-1.52.2.tar.gz |
| Last updated | 2026-06-21T14:25:28Z |
| Pulse | updated |
| Dependencies | certifi, cryptography, libyaml, openssl@3, pydantic, python@3.14 |
| Build dependencies | pkgconf, rust |
| Bottle | available (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | ggshield |
| Version Scheme | 0 |
| Revision | 1 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source database matches
Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.
ggshield
nix profile install nixpkgs#ggshieldsource trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.