Gitleaks

Gitleaks scans codebases for secrets like API keys and tokens.

Installation

# Download from https://github.com/gitleaks/gitleaks/releases

Basic Usage

# Scan current repo
gitleaks detect -s .

# Scan with verbose output
gitleaks detect -s . -v

Scenarios

# Scan only git history
gitleaks detect --source . --log-level info --report-format json --report-path gitleaks.json

# Use a custom config file
gitleaks detect -s . --config .gitleaks.toml

# Ignore paths with a baseline file
gitleaks detect -s . --baseline-path gitleaks-baseline.json

# Scan a specific commit range
gitleaks detect -s . --log-opts="--since=30.days"

Output

# JSON report
gitleaks detect -s . --report-format json --report-path gitleaks.json