🚀 New features
- The new
ggshield iac scancommand lets you detect vulnerabilities in your Infrastructure as Code files. Note that this feature is experimental for now.
🔧 Improvements
ggshield secret scan reponow continues scanning if a commit fails to scan (#267).- ggshield now provides a
--debugoption to help diagnose problems.
🐛 Bug fixes
- ggshield now uses stderr to report all progress and warnings, making it possible to pipe commands generating JSON such as
secret scan --jsonto tools likejq. - The file-system banlist of
ggshield secret scan dockerhas been improved (#193). ggshield secret scan pre-receiveandggshield secret scan repono longer fail on filenames containing spaces (#273, #296).ggshield secret scan repono longer floods the terminal with "No secrets found" messages (#265).- The commands used by the pre-commit hooks and by the GitHub action no longer use the deprecated
ggshield scansyntax.
📜 Deprecations
- The configuration file format has changed, learn more about this change and how to adapt to it from the documentation.