[Question] How to enable generic password detection in ggshield pre-commit
rjshrjndrn opened this issue · comments
Sorry for being a noob. I tried my best in google and gitguardian docs, but couldn't find any solution.
Environment
- ggshield version:
ggshield, version 1.15.0 - Operating system (Linux, macOS, Windows): Linux/arch
- Python version: 3.11.3
Describe the bug
echo 'password=asdferver!wdfa' > passfile
git add passfile
ggshield secret scan pre-commitOutput
I am attaching my .gitguardian.yaml file below
# Required, otherwise ggshield considers the file to use the deprecated v1 format
version: 2
# Set to true if the desired exit code for the CLI is always 0, otherwise the
# exit code will be 1 if incidents are found.
exit-zero: false # default: false
verbose: false # default: false
instance: https://dashboard.gitguardian.com # default: https://dashboard.gitguardian.com
# Maximum commits to scan in a hook.
max-commits-for-hook: 50 # default: 50
# Accept self-signed certificates for the API.
allow-self-signed: false # default: false
secret:
# Exclude files and paths by globbing
# ignored-paths:
# - '**/README.md'
# - 'doc/*'
# - 'LICENSE'
# Ignore security incidents with the SHA256 of the occurrence obtained at output or the secret itself
# ignored-matches:
# - name:
# match: 530e5a4a7ea00814db8845dd0cae5efaa4b974a3ce1c76d0384ba715248a5dc1
# - name: credentials
# match: MY_TEST_CREDENTIAL
show-secrets: false # default: false
ignore-known-secrets: false # default: false
# Detectors to ignore.
# ignored-detectors: # default: []
# - Generic Password
Hi Rajesh. This secret should be caught by our "Generic Password" detector, but it is possible that this detector is not enabled on your dashboard. Can you go to your dashboard settings and check it is enabled? It should look like this:
Got it. Thank you very much.