Gitleaks

Overview

Gitleaks is an open-source tool designed to scan git repositories, files, and standard input for sensitive information such as passwords, API keys, and tokens. It uses regular expressions and entropy analysis to detect potential secrets within the codebase. Gitleaks supports various installation methods including Homebrew, Docker, and Go. It can be integrated into the development workflow as a pre-commit hook or a GitHub Action. The tool offers configurable rules, reporting formats (JSON, CSV, JUnit, SARIF, template), and ignore paths to customize the scanning process. Gitleaks aims to enhance security by identifying and preventing the accidental exposure of sensitive data in code repositories, contributing to a more secure software development lifecycle.

Common tasks

Secret Detection Security Scanning

FAQ

View all

What is Gitleaks?

Gitleaks is a tool for detecting secrets like passwords, API keys, and tokens in git repos, files, and standard input.

How do I install Gitleaks?

Gitleaks can be installed using Homebrew, Docker, or Go. It is also available in binary form for many popular platforms and OS types on the releases page.

How do I configure Gitleaks?

Gitleaks can be configured using a .gitleaks.toml file. This file allows you to define custom rules, ignore paths, and other settings.

Can Gitleaks be integrated with CI/CD pipelines?

Yes, Gitleaks can be integrated into CI/CD pipelines to automatically scan code for secrets before deployment.

FAQ+