chore(deps): update gitguardian/ggshield action to v1.51.0

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
GitGuardian/ggshield	action	minor	v1.25.0 → v1.51.0

---

Release Notes

GitGuardian/ggshield (GitGuardian/ggshield)

v1.51.0: 1.51.0

Compare Source

Added

• ggshield auth login --method oob for browser-less environments (SSH sessions, headless servers). Prints the authorization URL, lets you open it on another device, and exchanges the code you paste back into the terminal. Uses the OAuth out-of-band sentinel (urn:ietf:wg:oauth:2.0:oob) — requires a server that supports it.

• Detection of MCP servers installed with Claude plugins or Claude.ai

• Add Codex support to ggshield secret scan ai-hook and ggshield install -t codex. (thanks to trickyfalcon)

• Detect MCP servers installed with Cursor plugins or Cursor extensions.

• Release binaries published to GitHub Releases now ship with GitHub Artifact Attestations, providing signed SLSA build provenance. Users can verify a downloaded asset with gh attestation verify <file> --repo GitGuardian/ggshield, and tool managers such as mise (via the aqua backend) will verify automatically at install time.

• ggshield plugin install / update / status now discover and pull plugins from the GitGuardian instance the user is authenticated against, replacing the hard-coded GitHub release URL. Streaming download + sigstore bundle proxying happen via /v1/endpoints/plugins/<reference>/{download,signature}. Requires the matching backend feature.

• New vscode alias to "copilot" for hook installation.

• ggshield api-status now displays the workspace ID associated with the current token, in both text and JSON output.

Changed

• Successful API key checks are now cached on disk for 5 minutes.

• ggshield plugin list now renders the install source from the manifest verbatim (platform, local file, url, github release, github artifact) instead of local/pip. Plugins installed without a manifest still fall back to pip (entry-point only) or on-disk.

• AI hooks naively try to detect file read by shell commands.

Fixed

• Fixed plugin signature verification in PyInstaller-based packages by bundling sigstore's embedded TUF trust roots.

• Fixed uv tool install ggshield resolution by requiring sigstore 4, avoiding sigstore 3's transitive pre-release dependency on betterproto.

• The documentation of the ai discover command.

• Skip OS keyring access at startup when GITGUARDIAN_API_KEY is set in the environment (or in a .env file). This avoids redundant keychain unlock prompts on systems using multiple ggshield intances.

• Scans no longer fail on a single transient network glitch. ggshield retries connection errors (e.g. ConnectionResetError) and 502/503/504 responses with bounded exponential backoff (~15 s budget with jitter). ggshield secret scan pre-receive uses a minimal retry policy instead so it stays inside GitHub Enterprise Server's fixed 5 s pre-receive hook timeout.

• Fixed AI hooks support for Copilot CLI.

• (AI hooks): the command that leaked a secret is now shown in the notification message.

• MCP configuration parsing improved for VSCode, Copilot CLI and Codex.

• Plugin installs and updates now enable the canonical ggshield.plugins entry point instead of the wheel package name, migrating any pre-existing alias row (and preserving its auto_update setting), and local plugin wheels extract into the active runtime cache so mixed root/admin and user executions do not silently lose registered commands.

• ggshield now prunes stale extracted plugin wheel caches during plugin load and removes a plugin's extracted cache on uninstall, preventing old wheel versions from accumulating in the cache directory.

v1.50.4: 1.50.4

Compare Source

Fixed

• ggshield plugin install --allow-unsigned and ggshield plugin update --allow-unsigned now verify plugin signatures using the embedded / cached sigstore trust root instead of refreshing it over the network, so plugins can still be installed when the sigstore TUF endpoints are unreachable.

v1.50.3: 1.50.3

Compare Source

Fixed

• Skip OS keyring access at startup when GITGUARDIAN_API_KEY is set in the environment (or in a .env file). This avoids redundant keychain unlock prompts on systems using multiple ggshield instances.

v1.50.2: 1.50.2

Compare Source

Fixed

• Fixed uv tool install ggshield resolution by requiring sigstore 4, avoiding sigstore 3's transitive pre-release dependency on betterproto.

v1.50.1: 1.50.1

Compare Source

Fixed

• Fixed plugin signature verification in PyInstaller-based packages by bundling sigstore's embedded TUF trust roots.

v1.50.0: 1.50.0

Compare Source

Added

• ggshield is now available as a MSI package.

• Add sigstore signature verification for plugin wheels, enforcing identity-based trust via OIDC. Install and update operations are strict by default, while --allow-unsigned persists an explicit trust exception for the exact wheel hash so explicitly accepted unsigned plugins can still load at runtime.

• API tokens are now stored in the OS credential store (macOS Keychain, Windows Credential Locker, Linux Secret Service) via the keyring library instead of cleartext in auth_config.yaml. Existing cleartext tokens are migrated automatically the next time the configuration is saved. If no OS credential store is available or GGSHIELD_NO_KEYRING=1, file-based storage is used as a fall-back.

• Added a new secret.fail_on_server_error configuration option (default True), available as the --fail-on-server-error/--no-fail-on-server-error flag or GITGUARDIAN_FAIL_ON_SERVER_ERROR environment variable. When set to False, secret scan pre-commit, secret scan pre-push, secret scan pre-receive, and secret scan ci exit with code 0 and display a warning instead of blocking the git operation when the GitGuardian server is unreachable or returns a 5xx response. The default preserves the previous blocking behavior.

• New ggshield ai discover command.

• The AI hooks now also log/block MCP activity

Changed

• Breaking: secret scan pre-receive no longer fail-opens by default when the GitGuardian server returns a 5xx response. Previously the push was allowed through with a warning; now it is blocked, matching the other git hooks. Set secret.fail_on_server_error to False (or pass --no-fail-on-server-error) to restore the previous fail-open behavior.

Fixed

• Forward signature_mode through GitHub release and GitHub artifact download paths, ensuring signature verification is applied consistently across all install sources.

• Scans of large repositories no longer fail on a single transient network glitch. ggshield now retries connection errors (e.g. ConnectionResetError) and 502/503/504 responses with bounded exponential backoff.

• Global Copilot hooks are configured correctly in ~/.copilot.

Security

• Pin the default package index in pyproject.toml to public PyPI and add a rolling exclude-newer = "3 days" constraint, so the resolved uv.lock is reproducible for external contributors/CI and newly-published (potentially malicious) releases get a short quarantine window before they can land in the lock.

v1.49.0: 1.49.0

Compare Source

Removed

• Pre-receive hook on GitHub Enterprise Server v3.9 to v3.13 is no longer supported. v3.13 is EOL since 2025-06-19 and previous versions were discontinued earlier.

Added

• Add @file support to secret scan path to load scan paths from a file.

• Add ggshield secret scan ai-hook command to scan AI coding tool hook payloads for secrets in real time.

• Add new types claude-code|cursor|copilot to the ggshield install command to install hooks into AI coding tool configurations.

• Pre-receive hook can now be set up on GitHub Enterprise Server from v3.14 to higher.

• api-status: display the scopes of the current authentication token.

Fixed

• secret scan ci: fetch the target branch before computing the MR/PR commit range. In CI environments with cached repos or shallow clones, a stale target branch ref could cause ggshield to scan unrelated commits, leading to excessive API calls and secrets reported in files not modified by the MR.

• hmsl vault-scan: fixed a hang when the HashiCorp Vault server is unresponsive; requests now time out after 30 seconds and network errors are reported with a clear message.

• Fixed a path traversal security issue in tar archives used for git-based scans; member names with absolute paths or .. components are now sanitized.

• Fixed an issue where an invalid option for a secret scan subcommand could be silently treated as a request to run the default command, producing a confusing error instead of the expected usage error.

v1.48.0: 1.48.0

Compare Source

Added

• Add enterprise plugin system for ggshield, allowing organizations to install and manage plugins from GitGuardian.

• hmsl: Secrets shorter than 6 characters are now filtered out before being sent to the HMSL API, reducing false positives from obvious non-secrets.

Changed

• hmsl: Expand the list of excluded placeholder values (e.g., changeme, placeholder, redacted) that are not sent to the HMSL API.

• Relax urllib3 dependency pin from ~=2.2.2 to >=2.2.2,<3, allowing compatibility with newer urllib3 versions (#​1160).

Fixed

• Prevent docker scan stdout from leaking into JSON output.

v1.47.0: 1.47.0

Compare Source

Added

• Display a warning if .cache_ggshield is not ignored in a git repository.

v1.46.0: 1.46.0

Compare Source

Added

• A HTTPAdapter with wider parameters has been setup to better address scanning multiple files at the same time.

• Add GITGUARDIAN_GIT_REMOTE_FALLBACK_URL environment variable that allows setting a fallback value for the repository remote.

• Tokens are obfuscated in ggshield config list output.

Changed

• Clearer error message when token is missing: specify the command to run to generate a token (ggshield auth login).

Fixed

• Install ggshield hooks inside .husky/ when the repository uses Husky-managed hooks so local installs work out of the box. (#​1143).

v1.45.0: 1.45.0

Compare Source

Fixed

• ggshield no longer crashes when scanning invalid symlinks, it emits a warning instead.

• Handle unmerged files in pre-commit scanning during an ongoing merge.

• Fixed crash when ggshield received missing tags.

v1.44.1: 1.44.1

Compare Source

Added

• Added --insecure CLI option and insecure configuration setting as clearer alternatives to --allow-self-signed and allow_self_signed. The new option explicitly communicates that SSL verification is completely disabled, making the connection vulnerable to man-in-the-middle attacks.
• Added prominent warning messages when SSL verification is disabled (via either --insecure or --allow-self-signed), explaining the security risks and recommending the secure alternative of using the system certificate trust store (available with Python >= 3.10).

Changed

• Removed Clear Linux from the OS package testing workflow as the project has been discontinued.
• Fixed Python version for PDM install in the build release workflow.

Deprecated

• The --allow-self-signed CLI option and allow_self_signed configuration setting are now deprecated in favor of --insecure and insecure. Deprecation warnings are displayed when these options are used, guiding users to the clearer alternative. Both options remain functional for backward compatibility and will be maintained for an extended deprecation period before removal.

Fixed

• Fixed crash when API returns scopes not yet recognized by py-gitguardian.
• Skip non-seekable files instead of crashing.

Security

• Improved clarity around SSL verification settings. The --allow-self-signed option name was misleading as it suggests certificate validation is still performed, when in reality all SSL verification is disabled. The new --insecure option makes this behavior explicit. Both options remain functional for backward compatibility.

v1.44.0

Compare Source

v1.43.0: 1.43.0

Compare Source

Fixed

• Fixed PyInstaller deprecation warning when running PyInstaller-based ggshield.

• Scanning git repositories can no longer fail with git "dubious ownership" errors.

• Extended the range of API error status codes supported by ggshield so the UI correctly displays them.

v1.42.0: 1.42.0

Compare Source

Added

• Added an additional section in ggshield outputs to return vault related fields if the account setting is enabled.

• ggshield Docker image now supports both linux/amd64 and linux/arm64 architectures (#​952).

• ggshield secret scan docker now scans more files.

Changed

• ggshield secret scan now provides an --source-uuid option. When this option is set, it will create the incidents on the GIM dashboard on the corresponding source. Note that the token should have the scope scan:create-incidents.

v1.41.0: 1.41.0

Compare Source

Changed

• When scanning a docker image, if no image is found matching the client platform, try to pull the linux/amd64 image.

v1.40.0: 1.40.0

Compare Source

Added

• The release assets now contain a NuGet package.

• Added a new section in ggshield outputs (text and JSON) to notify if a secret is in one of the accounts' secrets managers.

Changed

• ggshield secret scan docker now scans files in /usr/src/app.

Fixed

• Fixed a bug in the way ggshield obfuscated secrets that caused a crash for short secrets (#​1086).

• ggshield no longer crashes when it can't find git.

v1.39.0: 1.39.0

Compare Source

Added

• ggshield is now available on Chocolatey (#​934). (note: we are still awaiting manual validation from Chocolatey before the package becomes publicly available)

• ggshield secret scan output now contains a link to the detector documentation for each secret found.

Fixed

• Fixed error when scanning .tar.gz compressed files inside docker layers.

v1.38.1: 1.38.1

Compare Source

Added

• ggshield can now scan .jar files using ggshield secret scan archive.

v1.38.0: 1.38.0

Compare Source

Removed

• Removed support for python 3.8.

Added

• ggshield now uses the system certificates instead of the bundled ones. Note that this only works with Python >= 3.10 (#​1067).

Changed

• Pre-receive hook isn't blocking anymore when GitGuardian server is temporarily unavailable (return 5xx status code).

Fixed

• Files with emojis in their name are now handled properly.

• Fix ggshield crashing on Windows when doing big merges (#​1032).

v1.37.0: 1.37.0

Compare Source

Fixed

• ggshield secret scan docker now correctly handles ignored paths (#​548).

v1.36.0: 1.36.0

Compare Source

Removed

• SCA code and commands.

• IaC code and commands.

Fixed

• --instance param now handles input https://api.eu1.gitguardian.com/v1 or https://api.gitguardian.com/v1.

• Fix secret scan pre-commit crashing on big merges (#​1032).

v1.35.0: 1.35.0

Compare Source

Added

• The --all-secrets option to secret scans, allowing to display all found secrets, and their possible ignore reason.

Changed

• Files contained in the .git/ directory are now scanned. Files in subdirectories such as .git/hooks are still excluded.

• When scanning commits, ggshield now ignores by default secrets that are removed or contextual to the patch.

Fixed

• Handle trailing content in multi-parent hunk header.

• Installing ggshield from the release RPM on EL9 failed because of a missing library. This is now fixed (#​1036).

• Fix Visual Studio not being able to show error messages from ggshield pre-commit (#​170).

v1.34.0: 1.34.0

Compare Source

Added

• ggshield config list command now supports the --json option, allowing output in JSON format.

• All secret scan commands as well as the api-status and quota commands now supports the --instance option to allow using a different instance.

• The api-status command now prints where the API key and instance used come from.

Changed

• ggshield api-status --json output now includes the instance URL.

• ggshield secret scan repo now uses git clone --mirror to retrieve more git objects.

• ggshield secret scan ci now scans all commits of a Pull Request in the following CI environments: Jenkins, Azure, Bitbucket and Drone.

Deprecated

• ggshield now prints a warning message when it is being run executed by Python 3.8.

Fixed

• When running ggshield secret scan ci in a GitLab CI, new commits from the target branch that are not on the feature branch will no longer be scanned.

• Take into account the --allow-self-signed option at all levels in ggshield secret scan commands.

• When ggshield secret scan is called with --with-incident-details and the token does not have the required scopes, the command now fails and an error message is printed.

• ggshield no longer fails to report secrets for patches with content in hunk header lines.

v1.33.0: 1.33.0

Compare Source

Changed

• The --debug option now automatically turns on verbose mode.

• The --use-gitignore option now also applies to single files passed as argument.

• RPM packages now depend on git-core instead of git, reducing the number of dependencies to install (#​983).

Fixed

• When using the --debug option, the log output no longer overlaps with the progress bars.

• The ggshield pre-commit hook no longer crashes when merging files with spaces in their names (#​991).

• RPM packages now work correctly on RHEL 8.8 (#​984).

v1.32.2: 1.32.2

Compare Source

Fixed

• Fixed a regression introduced in ggshield 1.32.1, which made ggshield install -m global crash (#​972).

v1.32.1: 1.32.1

Compare Source

Fixed

• Fixed a case where ggshield commit parser could fail because of the local git configuration.

v1.32.0: 1.32.0

Compare Source

Added

• When scanning a merge commit, ggshield secret scan pre-commit now skips files that merged without conflicts. This makes merging the default branch into a topic branch much faster. You can use the --scan-all-merge-files option to go back to the previous behavior.

• ggshield secret scan commands now provide the --with-incident-details option to output more information about known incidents (JSON and SARIF outputs only).

• It is now possible to ignore a secret manually using ggshield secret ignore SECRET_SHA --name NAME.

Fixed

• The git commit parser has been reworked, fixing cases where commands scanning commits would fail.

v1.31.0: 1.31.0

Compare Source

Added

• We now provide tar.gz archives for macOS, in addition to pkg files.

Fixed

• JSON output: fixed incorrect values for line and index when scanning a file and not a patch.

v1.30.2: 1.30.2

Compare Source

Security

• Fixed a bug where ggshield secret scan archive could be passed a maliciously crafted tar archive to overwrite user files.

v1.30.1: 1.30.1

Compare Source

Added

• ggshield secret scan commands can now output results in SARIF format, using the new --format sarif option (#​869).

• ggshield sca scan ci and ggshield sca scan all now support the MALICIOUS value for --minimum-severity

Changed

• ggshield now has the ability to display custom remediation messages on pre-commit, pre-push and pre-receive. These messages are defined in the platform and fetched from the /metadata endpoint of the API. If no messages are set up on the platform, default remediation messages will be displayed as before.

v1.30.0

Compare Source

v1.29.0: 1.29.0

Compare Source

Removed

• The --all option of the ggshield sca scan ci and ggshield iac scan ci commands has been removed.

Added

• ggshield secret scan path now provides a --use-gitignore option to honor .gitignore and related files (#​801).

• A new secret scan command, ggshield secret scan changes, has been added to scan changes between the current state of a repository checkout and its default branch.

• GGShield is now available as a standalone executable on Windows.

Changed

• The behavior of the ggshield sca scan ci and ggshield iac scan ci commands have changed. These commands are now expected to run in merge-request CI pipelines only, and will compute the diff exactly associated with the merge request.

Deprecated

• Running ggshield sca scan ci or ggshield iac scan ci outside of a merge request CI pipeline is now deprecated.

Fixed

• GGShield now consumes less memory when scanning large repositories.

• Errors thrown during ggshield auth login flow with an invalid instance URL are handled and the stack trace is no longer displayed on the console.

• Patch symbols at the start of lines are now always displayed, even for single line secrets.

• The ggshield auth login command now respects the --allow-self-signed flag.

• GGShield now exits with a proper error message instead of crashing when it receives an HTTP response without Content-Type header.

v1.28.0: 1.28.0

Compare Source

Added

• The SCA config ignored_vulnerabilities option now supports taking a CVE id as identifier.

v1.27.0: 1.27.0

Compare Source

Removed

• The This feature is still in beta, its behavior may change in future versions warning is no longer displayed for sca commands.

Added

• It is now possible to customize the remediation message printed by GGShield pre-receive hook. This can be done by setting the message in the secret.prereceive_remediation_message configuration key. Thanks a lot to @​Renizmy for this feature.

• We now provide signed .pkg files for macOS.

• Add This feature is still in beta, its behavior may change in future versions warning to iac scan all

Changed

• Linux .deb and .rpm packages now use the binaries produced by pyinstaller. They no longer depend on Python.

Deprecated

• Dash-separated configuration keys are now deprecated, they should be replaced with underscore-separated keys. For example show-secrets should become show_secrets. GGShield still supports reading from dash-separate configuration keys, but it prints a warning when it finds one.

Fixed

• GGShield commands working with commits no longer fail when parsing a commit without any author.

• Configuration keys defined in the global configuration file are no longer ignored if a local configuration file exists.

• The option --exclude PATTERN is no longer ignored by the command ggshield secret scan repo.

v1.26.0: 1.26.0

Compare Source

Added

• ggshield auth login learned to create tokens with extra scopes using the --scopes option. Using ggshield auth login --scopes honeytokens:write would create a token suitable for the ggshield honeytokens commands.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.