Self-host
Codna اپنی مشین پر، اپنے VPC میں، یا Enterprise کے لیے air-gapped تعیناتی میں چلائیں۔
آپ کی کلید۔ آپ کا انفراسٹرکچر۔ آپ کا کوڈ آپ کا ہے۔ Codna ان ٹیموں کے لیے بنا ہے جو سورس کوڈ کو بے قابو context windows میں نہیں جانے دے سکتیں۔
Codna اپنی مشین پر، اپنے VPC میں، یا Enterprise کے لیے air-gapped تعیناتی میں چلائیں۔
اپنی ماڈل فراہم کنندہ کلید استعمال کریں اور اپنی ماڈل گیٹ وے پالیسیاں نافذ کریں۔
پرائیویٹ موڈ network egress کو بلاک کرتا ہے جب تک واضح طور پر اجازت نہ ہو۔ کوئی خاموش fallback نہیں۔
Codna کو صارف کے کوڈ، پرامپٹس، پیچز، یا ریپوزٹری نقشوں پر ٹریننگ نہ کرنے کے لیے ڈیزائن کیا گیا ہے۔
Data flow
Most AI coding tools stream your repository into an uncontrolled context window. Codna does the opposite. Almost all of the work happens locally, and only a small, inspectable bundle ever reaches a model. Here is the exact path your code takes.
Codna's deterministic engine reads and maps your repositories on your own hardware. It mapped 130 repos in 9.2 seconds for 0 LLM tokens. No code is sent anywhere to understand your codebase.
For each fix, the engine assembles a focused evidence bundle of roughly 600 tokens rather than shipping the whole tree. That is 162x less context than the repository it came from, so almost nothing about your code needs to leave at all.
Codna sends that bundle to your model using your own key. With bring-your-own-key the request goes to your provider directly, so the data agreement is between you and them, not us. BYOK runs on an Anthropic (Claude) key today, with more providers coming.
Any outbound connection that is not on your allowlist is refused, not quietly rerouted. A tiny bundle plus audited egress means a small blast radius. If something did leak, it would be ~600 tokens, not your source tree.
Boundaries
Good security is as much about what a tool refuses to do as what it offers. These are hard guarantees, not default settings you have to remember to turn on. So when someone asks whether the AI trains on your code, the answer is no.
Deployment
Data residency is a property of where the software runs, not a promise on a marketing page. Codna is a self-hosted AI coding assistant, so you decide where the engine, the agent, and the audit logs live. Pick the boundary that fits your compliance program.
Run the full engine and agent locally. Your code is mapped and fixed on the same hardware it already lives on, so nothing crosses a network you do not control.
Deploy inside your own cloud account with per-tenant key isolation, SSO, roles, and full audit logging of every map, agent run, model call, and PR — the controls a SOC 2 or ISO 27001 program asks for, inside your perimeter.
Run on-premise with no internet path at all. Paired with your own model gateway, code never leaves your network by construction rather than by policy. This is on-premise, air-gapped AI coding.
رن ٹائم کنٹرولز
فی کرایہ دار کلید تنہائی، راز سنسر کرنا، آڈیٹڈ egress، اور تعیناتی-سطح کے کنٹرولز رازداری کو ڈیفالٹ آپریٹنگ موڈ بناتے ہیں۔
No. Codna never uses your code for training. You bring your own API key, and your data stays entirely within your infrastructure.
Yes. Codna is designed for self-hosting. You control the environment, the keys, and the egress — nothing leaves without your explicit configuration.
If an outbound connection cannot be established within your defined policy, Codna blocks the request entirely rather than falling back to an open path. No silent data leaks.
You supply your own LLM API key. Codna routes requests through it directly, so the provider relationship — and any billing or data agreements — is solely between you and your chosen provider.
No. Codna uses per-tenant key isolation. Your key is scoped to your instance and never shared with or visible to other tenants.
Very little. The deterministic engine builds a focused ~600-token evidence bundle for each fix — measured at 162x less context than reading the whole repository. Less context means a smaller blast radius for any data leaving your environment.