FEATURES / LOCALGIT

Full engineering intelligence. Your code never leaves your network.

LocalGit is a lightweight agent that runs on your infrastructure, analyzes your git repositories locally, and sends only aggregated metadata to Gitrevio. Your source code, diffs, commit messages, and file contents never touch our servers.

How LocalGit works

# Install via Docker

$ docker run -d \

--name gitrevio-localgit \

-v /path/to/repos:/repos:ro \

-e GITREVIO_API_KEY=gr_live_... \

-e GITREVIO_ORG_ID=your-org \

gitrevio/localgit:latest

# Or install as a binary

$ curl -fsSL https://get.gitrevio.com/localgit | sh

$ gitrevio-localgit init \

--repos /path/to/repos \

--api-key gr_live_...

$ gitrevio-localgit start

The LocalGit agent runs as a Docker container or standalone binary on your infrastructure — a build server, a dedicated VM, or any machine with access to your git repositories.

It reads your repos with read-only access, performs analysis locally, and sends only structured metadata to Gitrevio's cloud. The entire process is transparent and auditable.

Initial analysis runs once, then incremental updates process new commits as they arrive. Resource usage is minimal — under 512MB RAM for most organizations.

Works alongside your existing GitHub/GitLab integration. LocalGit handles code-level analysis; the platform integration handles issues, PRs, and reviews.

What LocalGit analyzes

Deep code intelligence derived locally, transmitted as statistics. Gitrevio sees the patterns — never the code.

Commit patterns

Frequency, timing, size distribution, and consistency for each contributor. Detects changes in work patterns that signal engagement shifts.

File change frequency

Hotspot analysis showing which files and directories change most often. Identifies high-churn areas that may need refactoring.

Complexity trends

Cyclomatic and cognitive complexity tracked over time by file, module, and repo. Spots areas where complexity is growing unchecked.

Coupling analysis

Files that consistently change together, revealing implicit dependencies. Finds architectural coupling that your module boundaries don't reflect.

Knowledge ownership

Who knows what, how concentrated that knowledge is, and where bus factors are dangerously low. Built from commit history and review patterns.

Test coverage correlation

Maps code changes against test changes to identify areas where tests lag behind production code. Flags untested complexity growth.

Code blast radius

Formal reachability analysis on the dependency graph. Computes which files, services, and teams are transitively affected by any code change. Only the graph structure and blast radius scores are sent to cloud — never source code.

Code blast radius: know what a change actually touches

LocalGit builds a full dependency graph of your codebase and runs formal reachability analysis on it — entirely on your infrastructure. For any file change, it computes which files, services, and teams are transitively affected. The cloud receives only the graph structure and blast radius scores, never source code or file contents.

# Blast radius for a file change

$ gitrevio-localgit blast-radius src/auth/session.ts

Direct dependents (4 files):

src/auth/middleware.ts

src/api/login.ts

src/api/oauth.ts

src/auth/refresh.ts

Transitive reach (14 files, 3 services):

auth-service (8 files) — team: Platform

api-gateway (4 files) — team: Platform

billing-svc (2 files) — team: Payments

Blast radius score: 0.31 (moderate)

# Cross-team impact: Payments team should review

Blast radius is computed via static analysis of imports, call graphs, and service boundaries — not heuristics. It catches transitive dependencies that developers routinely miss during code review.

Cross-team impact is surfaced automatically. When a change in the auth service transitively affects the billing service, the Payments team lead gets notified before the PR merges — not after the incident.

All analysis runs locally. The cloud sees a graph of hashed node IDs and numeric scores. Your dependency structure stays on your infrastructure.

The security model

We designed LocalGit for organizations where code access is a non-negotiable security boundary. Here's exactly what crosses that boundary — and what doesn't.

NEVER SENT to Gitrevio

× Source code — not a single line

× Diff contents or patch data

× Commit messages (optionally sent, off by default)

× File contents or file names (hashed only)

× Branch names (optionally sent, off by default)

× Environment variables or secrets

SENT as metadata

✓ Commit timestamps and contributor IDs

✓ Lines added/removed per commit (counts only)

✓ File-level complexity scores (numeric)

✓ Change frequency per file hash

✓ Co-change patterns (file hash pairs)

✓ Test-to-source ratio per module

✓ Blast radius scores and dependency graph structure (hashed node IDs)

# Audit what's being sent — anytime

$ gitrevio-localgit audit --last 24h

Outbound payloads in the last 24 hours: 12

Total data transmitted: 2.3 MB

Payload types: commit_stats (8), complexity_update (3), ownership_map (1)

$ gitrevio-localgit audit --last 24h --verbose

# Shows full JSON payloads for inspection

Built for regulated industries

Defense contractors, financial institutions, healthcare companies, and government agencies need engineering intelligence too — but they can't send source code to a third-party cloud. LocalGit is the answer.

Aligned with ISO 27001 controls and designed for enterprise security policies that restrict code egress. Your infosec team can audit every byte that leaves your network.

Self-hosted deployment options are on the roadmap for the most sensitive environments. Contact us for details.

How we compare to competitors

Most engineering intelligence platforms require direct cloud access to your repositories — OAuth tokens with read access to every repo, every branch, every file. For many organizations, that's a dealbreaker.

Some offer "on-premise" deployments, but that means hosting their entire platform on your infrastructure — complex, expensive, and hard to maintain.

LocalGit is different: a lightweight agent that handles only code analysis on your side, while the rest of the platform stays in our cloud. You get the full Gitrevio experience without the security tradeoff or the operational burden of self-hosting.

Architecture

YOUR INFRASTRUCTURE GITREVIO CLOUD

+------------------+

| Git Repos (RO) |

+--------+---------+

+--------+---------+ metadata only +------------------+

| LocalGit Agent | --------------------> | Gitrevio API |

| | (TLS encrypted) | |

| - Analyzes code | | - Aggregates |

| - Computes stats| | - Correlates |

| - Hashes files | | - AI reasoning |

+------------------+ +------------------+

Source code never crosses the boundary.

All transmitted data is auditable via CLI.

Engineering intelligence without the security tradeoff.

Get started free