Hi,
Thanks for your work on this project. We're evaluating git-ai for a 500+ dev org where everyone uses Claude Code or Cursor heavily. The tracking approach is exactly what we need. We reviewed the source before rolling out and have a few questions.
-
Checksum
When installing via curl -sSL https://usegitai.com/install.sh | bash, the script has EMBEDDED_CHECKSUMS="CHECKSUMS_PLACEHOLDER", which causes verify_checksum() to silently return 0. The binary is downloaded and installed without any integrity check.
The mechanism works correctly for GitHub release-attached scripts where the placeholder is replaced at build time. But the primary install path linked from your homepage bypasses it.
Are the scripts served from usegitai.com built from the same release pipeline that embeds checksums? Is there a supported way to install directly from GitHub releases with checksums intact?
-
Telemetry
We traced exchange-nonce in the source (thanks claude), it POST to /worker/oauth/token with the nonce and client_id: "git-ai-cli". For our install path INSTALL_NONCE is empty so it's a no-op, which is fine.
The broader question is about default telemetry: the metrics system in src/metrics/ batches events to usegitai.com with an X-Distinct-ID machine fingerprint. Can we deploy with telemetry_oss_disabled: true and have a fully air-gapped CLI? Is there documentation on exactly what is collected when telemetry is enabled?
-
Storage
prompt_storage defaults to "default", which uploads agent transcripts to usegitai.com via the CAS API. We work in a legal domain with data residency requirements, we'd need "local" or "notes" mode. Is there documentation on what each mode stores and where?
-
Interception and security documentation
In src/git_handlers.rs that non allowed repo pass through to real git with no hooks or network calls, which is good. But allow_repositories defaults to empty, meaning all repos are active. For our deployment we'd pre-configure a whitelist, is that the intended enterprise pattern?
More broadly, the README says "no filewatchers or keyloggers" but there's no documentation covering what the binary does when intercepting git commands, what data leaves the machine, or how to configure it for restricted environments. A security or data-flow doc would go a long way for orgs evaluating this.
We'd love to use this. But we can't push a binary that replaces git globally on 500+ machines without verified checksums, clarity on what phones home, and control over prompt storage.
Thanks for your help, and yes I used claude to help me write this.
Hi,
Thanks for your work on this project. We're evaluating git-ai for a 500+ dev org where everyone uses Claude Code or Cursor heavily. The tracking approach is exactly what we need. We reviewed the source before rolling out and have a few questions.
Checksum
When installing via curl -sSL https://usegitai.com/install.sh | bash, the script has EMBEDDED_CHECKSUMS="CHECKSUMS_PLACEHOLDER", which causes verify_checksum() to silently return 0. The binary is downloaded and installed without any integrity check.
The mechanism works correctly for GitHub release-attached scripts where the placeholder is replaced at build time. But the primary install path linked from your homepage bypasses it.
Are the scripts served from usegitai.com built from the same release pipeline that embeds checksums? Is there a supported way to install directly from GitHub releases with checksums intact?
Telemetry
We traced exchange-nonce in the source (thanks claude), it POST to /worker/oauth/token with the nonce and client_id: "git-ai-cli". For our install path INSTALL_NONCE is empty so it's a no-op, which is fine.
The broader question is about default telemetry: the metrics system in src/metrics/ batches events to usegitai.com with an X-Distinct-ID machine fingerprint. Can we deploy with telemetry_oss_disabled: true and have a fully air-gapped CLI? Is there documentation on exactly what is collected when telemetry is enabled?
Storage
prompt_storage defaults to "default", which uploads agent transcripts to usegitai.com via the CAS API. We work in a legal domain with data residency requirements, we'd need "local" or "notes" mode. Is there documentation on what each mode stores and where?
Interception and security documentation
In src/git_handlers.rs that non allowed repo pass through to real git with no hooks or network calls, which is good. But allow_repositories defaults to empty, meaning all repos are active. For our deployment we'd pre-configure a whitelist, is that the intended enterprise pattern?
More broadly, the README says "no filewatchers or keyloggers" but there's no documentation covering what the binary does when intercepting git commands, what data leaves the machine, or how to configure it for restricted environments. A security or data-flow doc would go a long way for orgs evaluating this.
We'd love to use this. But we can't push a binary that replaces git globally on 500+ machines without verified checksums, clarity on what phones home, and control over prompt storage.
Thanks for your help, and yes I used claude to help me write this.