GitGuardian
diff --git a/‎ggshield/verticals/secret/secret_scan_collection.py
Lines changed: 7 additions & 1 deletion b/‎ggshield/verticals/secret/secret_scan_collection.py
Lines changed: 7 additions & 1 deletion
diff --git a/‎pdm.lock
Lines changed: 4 additions & 5 deletions b/‎pdm.lock
Lines changed: 4 additions & 5 deletions
diff --git a/‎pyproject.toml
Lines changed: 1 addition & 1 deletion b/‎pyproject.toml
Lines changed: 1 addition & 1 deletion
diff --git a/‎tests/factories.py
Lines changed: 6 additions & 0 deletions b/‎tests/factories.py
Lines changed: 6 additions & 0 deletions
diff --git a/‎tests/unit/cassettes/multiline_secret.yaml
Lines changed: 38 additions & 108 deletions b/‎tests/unit/cassettes/multiline_secret.yaml
Lines changed: 38 additions & 108 deletions
@@ -83,7 +83,10 @@ class Secret:
     Named Secret since we are dropping other kind of policy breaks.
     """
 
-    detector: str
+    detector: str  # Detector display name
+    detector_name: str
+    detector_group_name: str
+    documentation_url: Optional[str]
     validity: str
     known_secret: bool
     incident_url: Optional[str]
@@ -187,6 +190,9 @@ def from_scan_result(
                 known_secret=policy_break.known_secret,
                 incident_url=policy_break.incident_url,
                 detector=policy_break.break_type,
+                detector_name=policy_break.detector_name,
+                detector_group_name=policy_break.detector_group_name,
+                documentation_url=policy_break.documentation_url,
                 matches=[
                     ExtendedMatch.from_match(match, lines, result.is_on_patch)
                     for match in policy_break.matches
 
@@ -41,7 +41,7 @@ dependencies = [
     "marshmallow~=3.18.0",
     "marshmallow-dataclass~=8.5.8",
     "oauthlib~=3.2.1",
-    "pygitguardian~=1.20.0",
+    "pygitguardian @ git+https://github.com/GitGuardian/py-gitguardian.git@933318c6a3fc7a5cce1fdbb663b4e90a2b7992a2",
     "pyjwt~=2.6.0",
     "python-dotenv~=0.21.0",
     "pyyaml~=6.0.1",
 
@@ -60,6 +60,9 @@ class Meta:
 
     break_type = factory.lazy_attribute(lambda obj: random.choice(DETECTOR_NAMES))
     policy = "Secrets detection"
+    detector_name = factory.lazy_attribute(lambda obj: obj.break_type)
+    detector_group_name = factory.lazy_attribute(lambda obj: obj.break_type)
+    documentation_url = None
     validity = "valid"
     known_secret = False
     incident_url = None
@@ -95,6 +98,9 @@ class Meta:
         model = Secret
 
     detector = factory.lazy_attribute(lambda obj: random.choice(DETECTOR_NAMES))
+    detector_name = factory.lazy_attribute(lambda obj: obj.detector)
+    detector_group_name = factory.lazy_attribute(lambda obj: obj.detector)
+    documentation_url = None
     validity = "valid"
     known_secret = True
     incident_url = None
 
@@ -9,151 +9,75 @@ interactions:
         Connection:
           - keep-alive
         User-Agent:
-          - pygitguardian/1.15.2 (Linux;py3.10.12)
+          - pygitguardian/1.20.0 (Linux;py3.11.10)
       method: GET
       uri: https://api.gitguardian.com/v1/metadata
     response:
       body:
         string:
-          '{"version":"v2.87.2","preferences":{"marketplaces__aws_product_url":"http://aws.amazon.com/marketplace/pp/prodview-mrmulzykamba6","on_premise__restrict_signup":true,"on_premise__is_email_server_configured":true,"on_premise__default_sso_config_api_id":null,"onboarding__segmentation_v1_enabled":true,"general__maximum_payload_size":26214400,"general__mutual_tls_mode":"disabled","general__signup_enabled":true},"secret_scan_preferences":{"maximum_documents_per_scan":20,"maximum_document_size":1048576},"remediation_messages":{"pre_commit":">
+          '{"version":"v2.193.0","preferences":{"marketplaces__aws_product_url":"http://aws.amazon.com/marketplace/pp/prodview-mrmulzykamba6","on_premise__restrict_signup":true,"on_premise__is_email_server_configured":true,"on_premise__default_sso_config_api_id":null,"on_premise__default_sso_config_force_sso":null,"onboarding__segmentation_v1_enabled":true,"general__maximum_payload_size":26214400,"general__mutual_tls_mode":"disabled","general__signup_enabled":true},"secret_scan_preferences":{"maximum_documents_per_scan":20,"maximum_document_size":1048576},"remediation_messages":{"pre_commit":">
           How to remediate\n\n  Since the secret was detected before the commit was
           made:\n  1. replace the secret with its reference (e.g. environment variable).\n  2.
-          commit again.\n\n> [To apply with caution] If you want to bypass ggshield
-          (false positive or other reason), run:\n  - if you use the pre-commit framework:\n\n    SKIP=ggshield
-          git commit -m \"<your message>","pre_push":"> How to remediate\n\n  Since
+          commit again.\n\n> [Apply with caution] If you want to bypass ggshield (false
+          positive or other reason), run:\n  - if you use the pre-commit framework:\n\n    SKIP=ggshield
+          git commit -m \"<your message>\"\n    ","pre_push":"> How to remediate\n\n  Since
           the secret was detected before the push BUT after the commit, you need to:\n  1.
           rewrite the git history making sure to replace the secret with its reference
           (e.g. environment variable).\n  2. push again.\n\n  To prevent having to rewrite
           git history in the future, setup ggshield as a pre-commit hook:\n    https://docs.gitguardian.com/ggshield-docs/integrations/git-hooks/pre-commit\n\n>
-          [To apply with caution] If you want to bypass ggshield (false positive or
-          other reason), run:\n  - if you use the pre-commit framework:\n\n    SKIP=ggshield-push
+          [Apply with caution] If you want to bypass ggshield (false positive or other
+          reason), run:\n  - if you use the pre-commit framework:\n\n    SKIP=ggshield-push
           git push","pre_receive":"> How to remediate\n\n  A pre-receive hook set server
           side prevented you from pushing secrets.\n\n  Since the secret was detected
           during the push BUT after the commit, you need to:\n  1. rewrite the git history
           making sure to replace the secret with its reference (e.g. environment variable).\n  2.
           push again.\n\n  To prevent having to rewrite git history in the future, setup
           ggshield as a pre-commit hook:\n    https://docs.gitguardian.com/ggshield-docs/integrations/git-hooks/pre-commit\n\n>
-          [To apply with caution] If you want to bypass ggshield (false positive or
-          other reason), run:\n\n    git push -o breakglass"}}'
+          [Apply with caution] If you want to bypass ggshield (false positive or other
+          reason), run:\n\n    git push -o breakglass"}}'
       headers:
         access-control-expose-headers:
           - X-App-Version
         allow:
           - GET, HEAD, OPTIONS
         content-length:
-          - '2150'
+          - '2198'
         content-type:
           - application/json
         cross-origin-opener-policy:
           - same-origin
         date:
-          - Mon, 12 Aug 2024 09:19:09 GMT
+          - Tue, 22 Apr 2025 13:27:58 GMT
         referrer-policy:
           - strict-origin-when-cross-origin
         server:
           - istio-envoy
         strict-transport-security:
           - max-age=31536000; includeSubDomains
+        transfer-encoding:
+          - chunked
         vary:
           - Accept-Encoding,Cookie
         x-app-version:
-          - v2.87.2
+          - v2.193.0
         x-content-type-options:
           - nosniff
           - nosniff
         x-envoy-upstream-service-time:
-          - '25'
+          - '64'
         x-frame-options:
           - DENY
           - SAMEORIGIN
         x-secrets-engine-version:
-          - 2.117.0
+          - 2.136.1
         x-xss-protection:
           - 1; mode=block
       status:
         code: 200
         message: OK
   - request:
       body:
-        '[{"filename": "file", "document": "-----BEGIN RSA PRIVATE KEY-----\nMIIBOgIBAAJBAIIRkYjxjE3KIZiEc8k4sWWGNsPYRNE0u0bl5oFVApPLm+uXQ/4l\nbKO9LFtMiVPy700oMWLScwAN5OAiqVLMvHUCAwEAAQJANLr8nmEWuV6t2hAwhK5I\nNNmBkEo4M/xFxEtl9J7LKbE2gtNrlCQiJlPP1EMhwAjDOzQcJ3lgFB28dkqH5rMW\nTQIhANrCE7O+wlCKe0WJqQ3lYlHG91XWyGVgfExJwBDsAD9LAiEAmDY5OSsH0n2A\n22tthkAvcN1s66lG+0DztOVJ4QLI2z8CIBPeDGwGpx8pdIicN/5LFuLWbyAcoZaT\nbLaA/DCNPniBAiA0l//bzg+M3srIhm04xzLdR9Vb9IjPRlkvN074zdKDVwIhAKJb\nRF3C+CMFb0wXme/ovcDeM1+3W/UmSHYUW4b3WYq4\n-----END
-        RSA PRIVATE KEY-----"}]'
-      headers:
-        Accept:
-          - '*/*'
-        Accept-Encoding:
-          - gzip, deflate
-        Connection:
-          - keep-alive
-        Content-Length:
-          - '538'
-        Content-Type:
-          - application/json
-        GGShield-Command-Id:
-          - 7a6ae986-4f2d-45ff-9a71-91fdd049ef51
-        GGShield-Command-Path:
-          - external
-        GGShield-OS-Name:
-          - ubuntu
-        GGShield-OS-Version:
-          - '22.04'
-        GGShield-Python-Version:
-          - 3.10.12
-        GGShield-Version:
-          - 1.29.0
-        User-Agent:
-          - pygitguardian/1.15.2 (Linux;py3.10.12)
-        mode:
-          - path
-      method: POST
-      uri: https://api.gitguardian.com/v1/multiscan?ignore_known_secrets=True
-    response:
-      body:
-        string:
-          '[{"policy_break_count":1,"policies":["File extensions","Filenames","Secrets
-          detection"],"policy_breaks":[{"type":"RSA Private Key","policy":"Secrets detection","matches":[{"type":"apikey","match":"-----BEGIN
-          RSA PRIVATE KEY-----\nMIIBOgIBAAJBAIIRkYjxjE3KIZiEc8k4sWWGNsPYRNE0u0bl5oFVApPLm+uXQ/4l\nbKO9LFtMiVPy700oMWLScwAN5OAiqVLMvHUCAwEAAQJANLr8nmEWuV6t2hAwhK5I\nNNmBkEo4M/xFxEtl9J7LKbE2gtNrlCQiJlPP1EMhwAjDOzQcJ3lgFB28dkqH5rMW\nTQIhANrCE7O+wlCKe0WJqQ3lYlHG91XWyGVgfExJwBDsAD9LAiEAmDY5OSsH0n2A\n22tthkAvcN1s66lG+0DztOVJ4QLI2z8CIBPeDGwGpx8pdIicN/5LFuLWbyAcoZaT\nbLaA/DCNPniBAiA0l//bzg+M3srIhm04xzLdR9Vb9IjPRlkvN074zdKDVwIhAKJb\nRF3C+CMFb0wXme/ovcDeM1+3W/UmSHYUW4b3WYq4\n-----END
-          RSA PRIVATE KEY-----","index_start":0,"index_end":491,"line_start":1,"line_end":9}],"incident_url":"https://dashboard.gitguardian.com/workspace/8/incidents/8137383","known_secret":true,"validity":"no_checker"}]}]'
-      headers:
-        access-control-expose-headers:
-          - X-App-Version
-        allow:
-          - POST, OPTIONS
-        content-length:
-          - '889'
-        content-type:
-          - application/json
-        cross-origin-opener-policy:
-          - same-origin
-        date:
-          - Mon, 12 Aug 2024 09:19:10 GMT
-        referrer-policy:
-          - strict-origin-when-cross-origin
-        server:
-          - istio-envoy
-        strict-transport-security:
-          - max-age=31536000; includeSubDomains
-        vary:
-          - Cookie
-        x-app-version:
-          - v2.87.2
-        x-content-type-options:
-          - nosniff
-          - nosniff
-        x-envoy-upstream-service-time:
-          - '65'
-        x-frame-options:
-          - DENY
-          - SAMEORIGIN
-        x-secrets-engine-version:
-          - 2.117.0
-        x-xss-protection:
-          - 1; mode=block
-      status:
-        code: 200
-        message: OK
-  - request:
-      body:
-        '[{"filename": "/tmp/pytest-of-mmillet/pytest-1/test_json_output_for_patch__MU1/file",
+        '[{"filename": "/tmp/pytest-of-salomevoltz/pytest-8/test_json_output_for_patch__MU0/file",
         "document": "-----BEGIN RSA PRIVATE KEY-----\nMIIBOgIBAAJBAIIRkYjxjE3KIZiEc8k4sWWGNsPYRNE0u0bl5oFVApPLm+uXQ/4l\nbKO9LFtMiVPy700oMWLScwAN5OAiqVLMvHUCAwEAAQJANLr8nmEWuV6t2hAwhK5I\nNNmBkEo4M/xFxEtl9J7LKbE2gtNrlCQiJlPP1EMhwAjDOzQcJ3lgFB28dkqH5rMW\nTQIhANrCE7O+wlCKe0WJqQ3lYlHG91XWyGVgfExJwBDsAD9LAiEAmDY5OSsH0n2A\n22tthkAvcN1s66lG+0DztOVJ4QLI2z8CIBPeDGwGpx8pdIicN/5LFuLWbyAcoZaT\nbLaA/DCNPniBAiA0l//bzg+M3srIhm04xzLdR9Vb9IjPRlkvN074zdKDVwIhAKJb\nRF3C+CMFb0wXme/ovcDeM1+3W/UmSHYUW4b3WYq4\n-----END
         RSA PRIVATE KEY-----"}]'
       headers:
@@ -164,67 +88,73 @@ interactions:
         Connection:
           - keep-alive
         Content-Length:
-          - '602'
+          - '606'
         Content-Type:
           - application/json
         GGShield-Command-Id:
-          - 0705b453-f434-4c4c-8c80-3ecd4d7ad679
+          - 2160e3a2-c12b-40f3-83de-f610ed3a643b
         GGShield-Command-Path:
           - external
         GGShield-OS-Name:
           - ubuntu
         GGShield-OS-Version:
-          - '22.04'
+          - '24.04'
         GGShield-Python-Version:
-          - 3.11.8
+          - 3.11.10
         GGShield-Version:
-          - 1.33.0
+          - 1.38.1
         User-Agent:
-          - pygitguardian/1.18.0 (Linux;py3.11.8)
+          - pygitguardian/1.20.0 (Linux;py3.11.10)
         mode:
           - path
+        scan_options:
+          - '{"show_secrets": false, "ignored_detectors_count": 0, "ignored_matches_count":
+            0, "ignored_paths_count": 0, "ignore_known_secrets": false, "with_incident_details":
+            false, "has_prereceive_remediation_message": false, "all_secrets": false}'
       method: POST
       uri: https://api.gitguardian.com/v1/multiscan?all_secrets=True
     response:
       body:
         string:
           '[{"policy_break_count":1,"policies":["Secrets detection"],"policy_breaks":[{"type":"RSA
-          Private Key","policy":"Secrets detection","matches":[{"type":"apikey","match":"-----BEGIN
-          RSA PRIVATE KEY-----\nMIIBOgIBAAJBAIIRkYjxjE3KIZiEc8k4sWWGNsPYRNE0u0bl5oFVApPLm+uXQ/4l\nbKO9LFtMiVPy700oMWLScwAN5OAiqVLMvHUCAwEAAQJANLr8nmEWuV6t2hAwhK5I\nNNmBkEo4M/xFxEtl9J7LKbE2gtNrlCQiJlPP1EMhwAjDOzQcJ3lgFB28dkqH5rMW\nTQIhANrCE7O+wlCKe0WJqQ3lYlHG91XWyGVgfExJwBDsAD9LAiEAmDY5OSsH0n2A\n22tthkAvcN1s66lG+0DztOVJ4QLI2z8CIBPeDGwGpx8pdIicN/5LFuLWbyAcoZaT\nbLaA/DCNPniBAiA0l//bzg+M3srIhm04xzLdR9Vb9IjPRlkvN074zdKDVwIhAKJb\nRF3C+CMFb0wXme/ovcDeM1+3W/UmSHYUW4b3WYq4\n-----END
-          RSA PRIVATE KEY-----","index_start":0,"index_end":491,"line_start":1,"line_end":9}],"is_excluded":false,"exclude_reason":null,"incident_url":"","known_secret":false,"validity":"no_checker","diff_kind":null}],"is_diff":false}]'
+          Private Key","detector_name":"private_key_rsa","detector_group_name":"private_key_rsa","documentation_url":"https://docs.gitguardian.com/secrets-detection/secrets-detection-engine/detectors/specifics/private_key_rsa","policy":"Secrets
+          detection","matches":[{"type":"apikey","match":"-----BEGIN RSA PRIVATE KEY-----\nMIIBOgIBAAJBAIIRkYjxjE3KIZiEc8k4sWWGNsPYRNE0u0bl5oFVApPLm+uXQ/4l\nbKO9LFtMiVPy700oMWLScwAN5OAiqVLMvHUCAwEAAQJANLr8nmEWuV6t2hAwhK5I\nNNmBkEo4M/xFxEtl9J7LKbE2gtNrlCQiJlPP1EMhwAjDOzQcJ3lgFB28dkqH5rMW\nTQIhANrCE7O+wlCKe0WJqQ3lYlHG91XWyGVgfExJwBDsAD9LAiEAmDY5OSsH0n2A\n22tthkAvcN1s66lG+0DztOVJ4QLI2z8CIBPeDGwGpx8pdIicN/5LFuLWbyAcoZaT\nbLaA/DCNPniBAiA0l//bzg+M3srIhm04xzLdR9Vb9IjPRlkvN074zdKDVwIhAKJb\nRF3C+CMFb0wXme/ovcDeM1+3W/UmSHYUW4b3WYq4\n-----END
+          RSA PRIVATE KEY-----","index_start":0,"index_end":491,"line_start":1,"line_end":9}],"is_excluded":false,"exclude_reason":null,"incident_url":"https://dashboard.gitguardian.com/workspace/518431/incidents/9787731","known_secret":true,"validity":"no_checker","diff_kind":null}],"is_diff":false}]'
       headers:
         access-control-expose-headers:
           - X-App-Version
         allow:
           - POST, OPTIONS
         content-length:
-          - '872'
+          - '1143'
         content-type:
           - application/json
         cross-origin-opener-policy:
           - same-origin
         date:
-          - Wed, 27 Nov 2024 12:13:35 GMT
+          - Tue, 22 Apr 2025 13:27:58 GMT
         referrer-policy:
           - strict-origin-when-cross-origin
         server:
           - istio-envoy
         strict-transport-security:
           - max-age=31536000; includeSubDomains
+        transfer-encoding:
+          - chunked
         vary:
-          - Cookie
+          - Accept-Encoding,Cookie
         x-app-version:
-          - v2.121.0
+          - v2.193.0
         x-content-type-options:
           - nosniff
           - nosniff
         x-envoy-upstream-service-time:
-          - '65'
+          - '84'
         x-frame-options:
           - DENY
           - SAMEORIGIN
         x-secrets-engine-version:
-          - 2.127.0
+          - 2.136.1
         x-xss-protection:
           - 1; mode=block
       status: