Understand the ggshield help menu ( options and global flags)

gitguardian logo
GitGuardian
Dec 24, 2025
GitGuardian

Let’s start by learning how to navigate ggshield like any other CLI tool: through its built-in help menu.

https://docs.gitguardian.com/ggshield-docs/home

To see the top-level help, just run ggshield with no options and press enter:

ggshield

Any time you want help for a specific command, add -h or --help to the end of that command before hitting enter.

ggshield follows a standard command-line pattern you’ll see in many tools:

ggshield [OPTIONS] COMMAND [ARGS]...

If you’re new to CLIs, here’s what that means:
ggshield is the program you’re running.
[OPTIONS] are global switches that change how the tool behaves overall.
COMMAND is what you want ggshield to do, like scanning a file, repo, or commit.
[ARGS] are the extra details the command needs, like a path or filename.

Next, the help output lists the global options. These don’t change what you’re scanning, they change the environment ggshield runs in. You don’t need to memorize them, but it’s useful to know what they generally enable:

  • c, --config-path FILE lets you point ggshield to a specific config file (most people won’t need this).
  • check-for-updates / --no-check-for-updates controls whether ggshield checks for new versions, which is especially useful in CI.
  • insecure bypasses certificate validation, and should be avoided unless you’re explicitly testing on-prem or following your team’s instructions.
  • log-file FILE writes tool output to a file so you can save logs.
  • debug prints detailed debugging information to your screen.
  • v, --verbose turns on a more detailed display so you can see extra context as commands run.

Copyright © 2026 OpsMatters™. All rights reserved.