🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis →
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

pygitguardian

Package Overview
Dependencies
Maintainers
1
Versions
40
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

pygitguardian

Python Wrapper for GitGuardian's API -- Scan security policy breaks everywhere

pipPyPI
Version
1.27.0
Maintainers
1

py-gitguardian - GitGuardian API Client

PyPI License GitHub stars GitHub Workflow Status Codecov

API client library for the GitGuardian API.

The GitGuardian API puts at your fingertips the power to detect more than 200 types of secrets in any text content, as well as other potential security vulnerabilities.

py-gitguardian can be used to create integrations to scan various data sources, from your workstation's filesystem to your favorite chat application.

You can check API details here with all the response codes and expected structures on each method.

Requirements

Python 3.8+

Projects using py-gitguardian

  • GitGuardian Shield - Scan for secrets in your CI and pre-commit.

Getting started

You can obtain API keys for API usage on your dashboard.

pip

pip3 install --upgrade pygitguardian

pipenv

pipenv install pygitguardian

pdm

pdm add pygitguardian

poetry

poetry add pygitguardian

Examples

Check examples/ for full examples on how to use py-gitguardian.

Scanning text content

# please don't hardcode your gg_api_key in source code :)
API_KEY = os.getenv("GITGUARDIAN_API_KEY")
DOCUMENT = """
    import urllib.request
    url = 'http://jen_barber:correcthorsebatterystaple@cake.gitguardian.com/isreal.json'
    response = urllib.request.urlopen(url)
    consume(response.read())"
"""

client = GGClient(api_key=API_KEY)

# Check the health of the API and the API key used.
if client.health_check().success:
    try:
        scan_result = client.content_scan(DOCUMENT)
    except Exception as exc:
        # Handle exceptions such as schema validation
        traceback.print_exc(2, file=sys.stderr)
        print(str(exc))
        print(scan_result)
else:
    print("Invalid API Key")

Scanning multiple files

API_KEY = os.getenv("GITGUARDIAN_API_KEY")
client = GGClient(api_key=API_KEY)

# Create a list of dictionaries for scanning
file_paths = (pathlib.Path(name) for name in glob.iglob("**/*", recursive=True))
to_scan = [
    {"filename": path.name, "document": path.read_text(errors="replace")}
    for path in file_paths
]

scan = client.multi_content_scan(to_scan)

Transform results to dict or JSON

Any model in py-gitguardian can be turned to a JSON string or a dictionary using the to_dict and to_json methods.

from pygitguardian.models import Detail

detail = Detail("Invalid API Key.")
print(detail.to_dict())
print(detail.to_json())

Dependencies

Py-gitguardian depends on these excellent libraries:

  • requests - HTTP client
  • marshmallow - Request (de)serialization and input validation

Keywords

api-client devsecops secrets-detection security-tools library gitguardian

FAQs

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Software Engineering Daily Podcast: Feross on AI, Open Source, and Supply Chain Risk

Security News

Software Engineering Daily Podcast: Feross on AI, Open Source, and Supply Chain Risk

Socket CEO Feross Aboukhadijeh joins Software Engineering Daily to discuss modern software supply chain attacks and rising AI-driven security risks.

By Sarah Gooding  -  Dec 11, 2025