|
1 | | -# GitGuardian for VSCode |
| 1 | +# GitGuardian for VS Code |
2 | 2 |
|
3 | | -Simply install the extension and let GitGuardian protect you from accidentally exposing secrets in your code. With GitGuardian, you can code with confidence, knowing that your sensitive information is safe from leaks. |
| 3 | +Detect secrets in real time and retroactively across extensive sources, with no limit to your team’s scale. GitGuardian grows with you, securing both new and legacy codebases with unmatched precision. |
4 | 4 |
|
5 | | -We detect more than 400+ types of secrets directly from VSCode using [GitGuardian CLI (ggshield)](https://www.gitguardian.com/ggshield). |
6 | | - |
7 | | -### Features |
8 | | - |
9 | | -- When a file is saved, it is scanned using the GitGuardian CLI (ggshield) application bundled with the extension |
10 | | -- Found secrets are highlighted in code and available in the `Problems` panel as warnings |
11 | | -- Secrets can be ignored running the command `gitguardian: Ignore last found incidents` or via the UI |
12 | | -- Your API quota can be checked running the command `gitguardian: Show quota` |
| 5 | +Whether you’re a solo developer or part of a team, GitGuardian scales with you, catching secrets in every language, every repo, and every branch. |
13 | 6 |
|
14 | 7 |  |
15 | 8 |
|
16 | | -## Getting started |
17 | | - |
18 | | -### Authentication |
19 | | - |
20 | | -Once the extension is installed, simply click on "Link your IDE to your account" for automatic authentication. If you are a user with an on-premise instance of GitGuardian, go to the extension settings to enter your URL and API key. |
21 | | - |
22 | | -### Scan for secrets |
23 | | - |
24 | | -The scanning is triggered automatically when saving a file. Incidents are highlighted in file and available in the `Problems` panel as warnings. |
25 | | - |
26 | | -### How to remediate incidents? |
27 | | - |
28 | | -Remediation guidelines are conveniently displayed directly in the extension's side panel. Your security team can customize these messages to provide you with the most accurate information, enabling you to address issues promptly and effectively. |
29 | | - |
30 | | -For more info on how to remediate incidents, you can take a look at GitGuardian's [documentation](https://docs.gitguardian.com/internal-repositories-monitoring/remediate/remediate-incidents). |
31 | | - |
32 | | -### Ignore secrets (only when working in a workspace) |
33 | | - |
34 | | -Immediately after saving a file, if any incidents are detected, you can hover over the identified secret and click on "GitGuardian: Ignore Secret." |
35 | | - |
36 | | -This action will create or update the .gitguardian.yaml file in the root of your workspace, allowing you to ignore the detected secrets. |
37 | | - |
38 | | -For more information, please refer to the GitGuardian CLI (ggshield) documentation. |
39 | | - |
40 | | -### Check my quota |
41 | | - |
42 | | -Run the command `gitguardian: Show quota` from VSCode command palette to check the current status of your API quota. |
43 | | - |
44 | | -With a free personal account, you have access to 10,000 API calls each month. |
| 9 | +### Key Features |
45 | 10 |
|
46 | | -## Support, Feedback, Contributing |
| 11 | +- **Automatic Scanning**: Each time you save a file, GitGuardian scans for over 400+ types of secrets using the bundled GitGuardian CLI (`ggshield`). |
| 12 | +- **Secret Detection & Alerts**: Detected secrets are highlighted in your code and displayed as warnings in the `Problems` panel. |
| 13 | +- **Easy Ignore Option**: Ignore secrets quickly with the command `GitGuardian: Ignore Last Found Incidents` or directly via the UI. |
47 | 14 |
|
48 | | -This project is open to feature requests/suggestions, bug reports etc. |
| 15 | +### Get Started in 3 Steps |
49 | 16 |
|
50 | | -If you need support or found a bug : https://github.com/GitGuardian/gitguardian-vscode/issues/new/choose |
| 17 | +1. **Authenticate**: Link your IDE to your GitGuardian account with one click. For on-premise users, enter your custom URL and API key in settings. |
| 18 | +2. **Scan on Save**: Save a file to trigger an automatic scan. Incidents show up instantly in your file and Problems panel. |
| 19 | +3. **Remediate with Guidance**: View remediation tips right in the extension’s side panel. Security teams can customize messages for precise guidance. |
51 | 20 |
|
52 | | -For ideas and general discussions : https://github.com/GitGuardian/gitguardian-vscode/discussions |
| 21 | +### Additional Features |
53 | 22 |
|
54 | | -Security reports : Please report it using our [Vulnerability Disclosure Portal](https://vdp.gitguardian.com). |
| 23 | +- **Ignore Secrets**: After a scan, hover over the identified secret and select "GitGuardian: Ignore Secret" to add it to `.gitguardian.yaml`. |
| 24 | +- **Quota Tracking**: Run "GitGuardian: Show Quota" to monitor API call usage. Personal accounts include up to 10,000 monthly API calls. |
| 25 | + - **Check API Quota**: Stay aware of usage by running "GitGuardian: Show Quota." |
55 | 26 |
|
56 | | -## Release Notes |
| 27 | +### Support & Contributions |
57 | 28 |
|
58 | | -See [Change log](https://github.com/GitGuardian/gitguardian-vscode/blob/main/CHANGELOG.md) |
| 29 | +- **Report Issues**: [Submit bug reports](https://github.com/GitGuardian/gitguardian-vscode/issues/new/choose). |
| 30 | +- **Feature Requests & Ideas**: [Join discussions](https://github.com/GitGuardian/gitguardian-vscode/discussions). |
| 31 | +- **Security Reports**: Use our [Vulnerability Disclosure Portal](https://vdp.gitguardian.com). |
59 | 32 |
|
60 | | -## License |
| 33 | +### Release Notes & License |
61 | 34 |
|
62 | | -GitGuardian CLI (ggshield) and this extension are MIT licensed. |
| 35 | +- **Updates**: See the [Changelog](https://github.com/GitGuardian/gitguardian-vscode/blob/main/CHANGELOG.md). |
| 36 | +- **License**: GitGuardian CLI (`ggshield`) and this extension are MIT licensed. |
0 commit comments