AI-Powered Repository Security & Compliance Platform
Intelligent code analysis, policy enforcement, and security automation for modern development workflows
|
Try GitGuard in your browser No installation needed |
Production-ready in 60 seconds Free tier available |
Pre-built for Linux, Windows, macOS Single executable, no dependencies |
- π‘οΈ Zero-Config Security: Intelligent policies that adapt to your team's workflow
- π§ Org-Brain Intelligence: Dynamic ownership mapping and expertise routing
- β‘ Instant Deployment: From zero to protected in under 60 seconds
- π Full Transparency: Every decision explained with complete audit trails
- π Temporal Reliability: Bulletproof workflow orchestration with automatic recovery
Real-time PR digest with relationship mapping and dynamic ownership
Live policy explorer with GitHub Pages integration
Every decision shows complete reasoning and source code
P99 latency tracking and merge rate analytics
π Launch Interactive Demo - Experience GitGuard in your browser right now!
# Linux/macOS - One command deployment
curl -fsSL https://raw.githubusercontent.com/codessa-platform/gitguard/main/scripts/quick-deploy.sh | bash
# Windows PowerShell
iwr -useb https://raw.githubusercontent.com/codessa-platform/gitguard/main/scripts/quick-deploy.ps1 | iex
# Docker Compose
git clone https://github.com/codessa-platform/gitguard.git
cd gitguard && docker-compose up -dDownload pre-built binaries from our releases page:
# Linux
wget https://github.com/codessa-platform/gitguard/releases/latest/download/gitguard-linux
chmod +x gitguard-linux && ./gitguard-linux serve --demo
# Windows
# Download gitguard-windows.exe and run: gitguard-windows.exe serve --demo
# macOS
wget https://github.com/codessa-platform/gitguard/releases/latest/download/gitguard-darwin
chmod +x gitguard-darwin && ./gitguard-darwin serve --demo- Install: Click β
- Configure: Select repositories β Done! π
# Verify installation
curl https://api.github.com/repos/YOUR-ORG/YOUR-REPO/hooks
# β
GitGuard webhook active# Start GitGuard locally
docker-compose up -d
# π Demo: Create a test PR and watch the magic
gh pr create --title "feat: add new feature" --body "Testing GitGuard policies"
# π Watch GitGuard evaluate in real-time
curl http://localhost:8080/api/v1/policies/evaluate | jq '.decision.reasoning'
# π View live dashboard
open http://localhost:3000 # Grafana: P99 latency, merge rates, policy decisions
open http://localhost:8080 # GitGuard: Policy explorer, org-brain insights- Live Interactive Demo: Experience GitGuard instantly in your browser
- One-Click Deployment: Deploy to Railway, Render, or Fly.io in seconds
- Quick Start Scripts: Single command setup for Linux, macOS, and Windows
- Pre-built Binaries: Download and run immediately, no dependencies
- Secret Detection: Multi-layered scanning with entropy analysis
- Vulnerability Assessment: Real-time CVE matching and CVSS scoring
- License Compliance: Automated license compatibility checking
- Supply Chain Security: Dependency graph analysis and risk assessment
- Intelligent Code Review: Context-aware security recommendations
- Risk Scoring: ML-based threat assessment and prioritization
- False Positive Reduction: Smart filtering with confidence scoring
- Adaptive Learning: Continuous improvement from feedback loops
- Zero Configuration: Works out-of-the-box with sensible defaults
- IDE Integration: VS Code, IntelliJ, and Vim plugins available
- CLI Tools: Comprehensive command-line interface for automation
- API-First: RESTful APIs for custom integrations
- Real-time Dashboards: Live security metrics and trends
- Custom Alerting: Slack, Teams, PagerDuty integrations
- Audit Trails: Comprehensive logging for compliance
- Performance Metrics: P99 latency tracking and merge rate analytics
| Traditional Approach | GitGuard Approach |
|---|---|
| β Manual code reviews | β AI-powered policy automation |
| β Static CODEOWNERS files | β Dynamic org-brain intelligence |
| β Opaque approval processes | β Full transparency with receipts |
| β Reactive incident response | β Proactive risk prevention |
| β Complex setup and maintenance | β Zero-config deployment |
- π’ Enterprise Teams: Scaling code review processes across multiple repositories
- π Fast-Moving Startups: Maintaining quality while shipping quickly
- π Security-First Orgs: Enforcing compliance without slowing development
- π Growing Teams: Onboarding new developers with intelligent guidance
β Auto-merge for low-risk PRs - Safe changes merge automatically π« Policy transparency with source code - See exact OPA rules and inputs that made decisions π Visual relationship graphs - Mermaid diagrams show file touches and governance connections π₯ Always-current ownership index - Dynamic owners list from live graph data π Docs portal updating in real-time - Live documentation with policy explanations π₯ Chaos engineering drills - Automated failure testing validates alert systems π SLO monitoring with P99 alerts - Performance tracking ensures system health
make demo-quick # 2-min flow: low-risk + security scenarios
make demo-investor # 5-min flow: low-risk + release-window + dashboard
make demo-customer # 10-min flow: comprehensive governance demo- π― Risk Assessment - AI analyzes code complexity, test coverage, and security impact
- πͺ Policy Gate - OPA enforces governance rules with full transparency (see exact rules & inputs)
- π Visual Mapping - Mermaid graphs show file relationships and governance connections (β€20 nodes)
- π₯ Ownership Tracking - Dynamic owners index updates from graph data
- π Documentation - Codex generates human-readable PR digest with policy explanations
- π Monitoring - SLO alerts track freshness P99 and system health
π Live Documentation Portal - Interactive guides with live examples
- π Getting Started Guide - Zero to protected in 60 seconds
- π Policy Guide - Master OPA/Rego with real examples
- π API Reference - Complete REST API and webhook docs
- π‘ Examples - Production-ready policy configurations
- ποΈ Architecture Overview - Deep dive into system design and data flows
- π©βπ» Developer Guide - Local setup and development
- π Operations Runbook - Troubleshooting and done-done validation checklist
- π€ Contributing Guidelines - Join the community
- π GitHub Integration - PR comments with instant Codex preview links
- π Prometheus Alerts - Monitoring and SLO configuration
- π Secrets Hygiene - Automated secrets redaction and scanning
- πͺοΈ Chaos Engineering - Failure testing and resilience validation
- π Local Documentation - Policies and PR digests (when running locally)
- π Graph API - Read-only graph data endpoint
- Policy Templates - Copy-paste configurations
- GitHub Actions Integration - CI/CD workflows
- Org-Brain Setup - Dynamic ownership
- Monitoring Setup - Grafana dashboards
GitGuard includes an optional MCP (Model Context Protocol) sidecar for enhanced developer experience with Claude Desktop integration.
Features:
- Policy Explanation: Get detailed explanations of Rego rules and policy decisions
- Interactive Policy Exploration: Query policy logic directly from Claude Desktop
- Seamless Integration: Works alongside existing GitGuard workflows
Quick Setup:
-
Configure Claude Desktop:
# Copy the provided configuration cp claude_desktop_config.json ~/.config/claude_desktop/config.json
-
Install MCP Server Dependencies:
pip install -r mcp/requirements.txt
-
Set Environment Variables:
export GITGUARD_REPO_PATH="/path/to/your/repo" export GITGUARD_POLICIES_DIR="/path/to/gitguard/policies" export GITGUARD_API_BASE_URL="http://localhost:8000"
-
Test Integration:
# Verify MCP server is working python -m mcp.servers.gitguard_policy
Available MCP Functions:
get_rego_rule(rule_name)- Retrieve specific OPA policy rules with explanationsrender_policy_block(pr_number)- Visualize policy evaluation results for a PR
Usage in Claude Desktop:
- Ask: "Explain the critical-files policy rule"
- Ask: "Show me why PR #123 was blocked"
- Ask: "What are the current release window policies?"
Note: The MCP sidecar is an additive feature that enhances the developer experience without affecting GitGuard's core functionality. GitGuard remains the authoritative system for all policy decisions and repository governance.
GitGuard consists of several components working together:
- guard-api: Receives GitHub webhooks, normalizes events, forwards to Codex
- codex: Writes PR digests to
docs_src/, triggers MkDocs build - OPA: Policy decisions for merge/tag (release windows, infra reviews, deps)
- Temporal/NATS: Workflow orchestration and event streaming
- Prometheus/Grafana: Observability - scrapes services, shows merge rates, block reasons, revert rate
- CI: Lint, tests, SBOM; sets
checkssignals for OPA input
Flow: PR β CI artifacts β risk compute β OPA gate β (merge|block) β Codex doc β dashboards
See ARCHITECTURE.md for detailed system design and data flows.
- Branch from
main, namefeat|fix|chore/<scope>-<slug> - Conventional Commits; squash merge only
- Run locally:
make setup && make up - Tests:
pytest -q(aim for coverage deltas β₯ -0.2%) - Policy changes require a docs page under
docs_src/policies/
See CONTRIBUTING.md for detailed guidelines and DEVELOPER_GUIDE.md for setup instructions.
- π¬ Discord Community
- π§ Enterprise Support
- π GitHub Issues
MIT License - see LICENSE for details.
GitGuard - Your repositories, under guard. π‘οΈ