Privacy & Security
How we protect your data and code
Our Privacy Guarantee
Your code is processed transiently during analysis and is immediately discarded. We fetch code from GitHub, analyze it for the review, and then delete it. Your source code is never stored in our databases or retained after the review is complete.
Transient Processing
This transient processing model is standard practice across modern AI-powered developer tools. Your code exists in our systems only long enough to generate the review, then it's permanently deleted.
What Ravi Accesses
Code and Pull Requests
Ravi analyzes your code to provide comprehensive architectural reviews:
- Repository code: To analyze code changes in the context of your full codebase
- Pull request metadata: Title, description, author, and related information
- Code changes: Diffs and modified files in pull requests
- File structure: To understand architectural patterns and system organization
Code Is Never Persisted
Your code is processed transiently during analysis and is immediately discarded. We fetch code from GitHub, analyze it for the review, and then delete it. Your source code is never stored in our databases or retained after the review is complete.
This transient processing model is standard practice across modern AI-powered developer tools.
What Ravi Never Accesses
Environment Secrets
- Environment variables:
.envfiles, configuration secrets - API keys and tokens: Third-party service credentials in your code
- Private keys: SSH keys, SSL certificates, signing keys
Your Control
You have full control over what Ravi accesses:
- Uninstall the GitHub App to stop receiving PR analysis
- Delete your account to remove all stored metadata
- Restrict repository access by configuring which repositories the GitHub App can access
Our Security Approach
Security is built into every layer of Ravi:
Code Protection
- Transient processing: Code deleted immediately after review
- Isolated environments: Each review runs in isolation
- No persistence: Your source code is never stored in our systems
- GitHub App permissions: Only accesses repositories you explicitly grant access to
Data Handling
- Minimal data collection: We only access what's necessary for code review
- No data retention: Code and analysis results are discarded after review completion
- Secure transmission: All data transfers use encrypted connections
Our philosophy: We need your trust to exist as a business. We're not interested in your data; we're interested in helping you ship better software.
Questions?
If you have any questions about how Ravi handles your code or data, contact us at team@ravi.app
Last Updated: January 6, 2025