Least privilege by default, analyze-and-discard, and everything as plain files you own and merge. Here's exactly how baselane handles your code — so your security team has real answers, not hand-waving.
baselane installs as a GitHub App scoped to the minimum it needs — and nothing more.
| What baselane can do | What it can never do |
|---|---|
| Read repository contents to analyze stack & conventions | Write to your default branch |
| Open pull requests with the generated standard | Push commits directly to any branch you didn't approve |
| Read metadata for the repos you select | Touch Actions secrets, settings, or unselected repos |
We analyze a repo in an ephemeral workspace, extract a derived profile (languages, frameworks, commands, conventions), and discard the source. Your code is never persisted on our side — only the profile and the files we generate.
Every change is a reviewable pull request. Merging is the human gate — always your call.
Everything baselane produces is version-controlled files in your own repos. Nothing proprietary to lock you in.
The optional laptop agent is IT-deployed and signed; it reconciles approved config and reports coarse status — documented for your review.
Identical inputs produce identical files — every change is diffable and auditable in git.
In one line: we keep the standards and the state, not your source.
Persisted: your organization's standards, analysis profiles (derived facts, not code), generated artifacts, pack registry, and PR/rollout state.
Never persisted: your repository source code. It's analyzed in an ephemeral workspace and discarded.
We're designing for mid-size buyers first and building toward formal certification (e.g. SOC 2) as we move upmarket. If your security team has a questionnaire, we'll fill it out — the architecture above is the honest answer to most of it.
We'll walk through scopes, data handling, and the agent footprint — no hand-waving.
Join the waitlist