1.50.4

Fixed

• ggshield plugin install --allow-unsigned and ggshield plugin update --allow-unsigned now verify plugin signatures using the embedded / cached sigstore trust root instead of refreshing it over the network, so plugins can still be installed when the sigstore TUF endpoints are unreachable.

1.50.3

Fixed

• Skip OS keyring access at startup when GITGUARDIAN_API_KEY is set in the environment (or in a .env file). This avoids redundant keychain unlock prompts on systems using multiple ggshield instances.

1.50.2

Fixed

• Fixed uv tool install ggshield resolution by requiring sigstore 4, avoiding sigstore 3's transitive pre-release dependency on betterproto.

1.50.1

Fixed

• Fixed plugin signature verification in PyInstaller-based packages by bundling sigstore's embedded TUF trust roots.

1.50.0

Added

• ggshield is now available as a MSI package.

• Add sigstore signature verification for plugin wheels, enforcing identity-based trust via OIDC. Install and update operations are strict by default, while --allow-unsigned persists an explicit trust exception for the exact wheel hash so explicitly accepted unsigned plugins can still load at runtime.

• API tokens are now stored in the OS credential store (macOS Keychain, Windows Credential Locker, Linux Secret Service) via the keyring library instead of cleartext in auth_config.yaml. Existing cleartext tokens are migrated automatically the next time the configuration is saved. If no OS credential store is available or GGSHIELD_NO_KEYRING=1, file-based storage is used as a fall-back.

• Added a new secret.fail_on_server_error configuration option (default True), available as the --fail-on-server-error/--no-fail-on-server-error flag or GITGUARDIAN_FAIL_ON_SERVER_ERROR environment variable. When set to False, secret scan pre-commit, secret scan pre-push, secret scan pre-receive, and secret scan ci exit with code 0 and display a warning instead of blocking the git operation when the GitGuardian server is unreachable or returns a 5xx response. The default preserves the previous blocking behavior.

• New ggshield ai discover command.

• The AI hooks now also log/block MCP activity

Changed

• Breaking: secret scan pre-receive no longer fail-opens by default when the GitGuardian server returns a 5xx response. Previously the push was allowed through with a warning; now it is blocked, matching the other git hooks. Set secret.fail_on_server_error to False (or pass --no-fail-on-server-error) to restore the previous fail-open behavior.

Fixed

• Forward signature_mode through GitHub release and GitHub artifact download paths, ensuring signature verification is applied consistently across all install sources.

• Scans of large repositories no longer fail on a single transient network glitch. ggshield now retries connection errors (e.g. ConnectionResetError) and 502/503/504 responses with bounded exponential backoff.

• Global Copilot hooks are configured correctly in ~/.copilot.

Security

• Pin the default package index in pyproject.toml to public PyPI and add a rolling exclude-newer = "3 days" constraint, so the resolved uv.lock is reproducible for external contributors/CI and newly-published (potentially malicious) releases get a short quarantine window before they can land in the lock.

1.49.0

Removed

• Pre-receive hook on GitHub Enterprise Server v3.9 to v3.13 is no longer supported. v3.13 is EOL since 2025-06-19 and previous versions were discontinued earlier.

Added

• Add @file support to secret scan path to load scan paths from a file.

• Add ggshield secret scan ai-hook command to scan AI coding tool hook payloads for secrets in real time.

• Add new types claude-code|cursor|copilot to the ggshield install command to install hooks into AI coding tool configurations.

• Pre-receive hook can now be set up on GitHub Enterprise Server from v3.14 to higher.

• api-status: display the scopes of the current authentication token.

Fixed

• secret scan ci: fetch the target branch before computing the MR/PR commit range. In CI environments with cached repos or shallow clones, a stale target branch ref could cause ggshield to scan unrelated commits, leading to excessive API calls and secrets reported in files not modified by the MR.

• hmsl vault-scan: fixed a hang when the HashiCorp Vault server is unresponsive; requests now time out after 30 seconds and network errors are reported with a clear message.

• Fixed a path traversal security issue in tar archives used for git-based scans; member names with absolute paths or .. components are now sanitized.

• Fixed an issue where an invalid option for a secret scan subcommand could be silently treated as a request to run the default command, producing a confusing error instead of the expected usage error.

1.48.0

Added

• Add enterprise plugin system for ggshield, allowing organizations to install and manage plugins from GitGuardian.

• hmsl: Secrets shorter than 6 characters are now filtered out before being sent to the HMSL API, reducing false positives from obvious non-secrets.

Changed

• hmsl: Expand the list of excluded placeholder values (e.g., changeme, placeholder, redacted) that are not sent to the HMSL API.

• Relax urllib3 dependency pin from ~=2.2.2 to >=2.2.2,<3, allowing compatibility with newer urllib3 versions (#1160).

Fixed

• Prevent docker scan stdout from leaking into JSON output.

1.47.0

Added

• Display a warning if .cache_ggshield is not ignored in a git repository.

1.46.0

Added

• A HTTPAdapter with wider parameters has been setup to better address scanning multiple files at the same time.

• Add GITGUARDIAN_GIT_REMOTE_FALLBACK_URL environment variable that allows setting a fallback value for the repository remote.

• Tokens are obfuscated in ggshield config list output.

Changed

• Clearer error message when token is missing: specify the command to run to generate a token (ggshield auth login).

Fixed

• Install ggshield hooks inside .husky/ when the repository uses Husky-managed hooks so local installs work out of the box. (#1143).

1.45.0

Fixed

• ggshield no longer crashes when scanning invalid symlinks, it emits a warning instead.

• Handle unmerged files in pre-commit scanning during an ongoing merge.

• Fixed crash when ggshield received missing tags.