Functionalities & Organization

Gitrust unites the bricks of a modern GTA_001 Each function is designed to remain simple, auditable and without external dependence.

The six pillars of Gitrust around a Rust memory-safe core Gitrust Rust memory-safe Security Zeroize · SSH 4096 Compliance ANSSI PA-074 Self-hosting Zero cloud Integration HTTP + SSH Collaboration Multi-team Observability SBOM · Audit

Glossary of Functionalities

Security memory

Rust
Base 100% Rust with #![forbid(unsafe_code)] on critical crates. No indefinite behavior, no leaks exploitable.
Hardlints
deny(unwrap_used, expect_used, panic, indexing_slicing) applies to the entire code. Errors are geered, never escamotees.
Zero
Secrets (tokens, hashs) implement the line Zeroize : the memory is automatically erased from destruction.
SSH hardened
Cles RSA >= 4096 imposed bits, low rejection algorithms, SHA256 fingerprints verified at each connection.

ANSSI PA-074

Audit vendors
Each dependency is traceable, versionnee and auditable via the Cargo Manifesto and the integrated
Path traversal blocks
Systematic validation of disk paths ( .., / and \.
Journalization
Audit tracks on sensitive operations: creation, sharing, removal of deposit, turn of key, change of permission.

Sovereign deployment
A Rust archive, a No third party service, no external network calls.
Zero CDN
All assets (CSS, JS, fonts) are served locally. CSP strict blocking external domains.
Zero telemetry
There's no data anywhere else than in your own newspapers. The metrics stay at your place.

Collaboration

Roles hierarchical
Four clear roles: , , , . Actual permission = max(individual, team).
Share Depots
Individual or team sharing, with or without inheritance. Rights combine, never circumvent.
Organizations
Structure with isolation of namespaces and SSH keys.

Integration

Native HTTP Git
Complete HTTP Smart (clone, fetish, push) without proxy layer. Compatible with all standard Git customers.
Native Git SSH
SSH server integrated (port 2222 by default), public key authentication, fine hook management.
Stretch hooks
Extension points pre-receive, post-receive, update to connect your CI pipelines, scanners, notifications.
Optional
Native pipelines triggering on each push via the hook post-receive. Reproducible, portable and versioned buildings rated depot.
Cohesive API
REST Endpoints for automation (depot creation, key management, user invitation).

Observability and quality

Automatic generation of the software nomenclature in the format of
Vulnerability analysis
Continuous integration with
Structure logs
JSON Logs exploitable by any aggregator (ELK, Loki, Graylog) without parser adaptation.

Developmental workflow

From the developer workstation to the self-hosted infrastructure Developer git / SSH / HTTPS Gitrust axum · HTMX · Rust PostgreSQL metadata, permissions Bare repos on local disk Dagger CI pipelines · post-receive hook Dependency-Track SBOM · CVE core data hooks / CI on your infra

Ready to take over control of your code?

Gitrust is in progressive deployment. To access a demo, ask your questions or be accompanied on an ANSSI-conform integration, contact the team.

Contact