自托管
在你的本地机器、VPC 或企业版气隔部署中运行 Codna。
在你的本地机器、VPC 或企业版气隔部署中运行 Codna。
使用你自己的模型提供商密钥,并强制执行你的模型网关策略。
私有模式阻止网络出口,除非明确允许。无静默回退。
Codna 的设计不对客户代码、prompt、补丁或代码库地图进行训练。
Data flow
Most AI coding tools stream your repository into an uncontrolled context window. Codna does the opposite. Almost all of the work happens locally, and only a small, inspectable bundle ever reaches a model. Here is the exact path your code takes.
Codna's deterministic engine reads and maps your repositories on your own hardware. It mapped 130 repos in 9.2 seconds for 0 LLM tokens. No code is sent anywhere to understand your codebase.
For each fix, the engine assembles a focused evidence bundle of roughly 600 tokens rather than shipping the whole tree. That is 162x less context than the repository it came from, so almost nothing about your code needs to leave at all.
Codna sends that bundle to your model using your own key. With bring-your-own-key the request goes to your provider directly, so the data agreement is between you and them, not us. BYOK runs on an Anthropic (Claude) key today, with more providers coming.
Any outbound connection that is not on your allowlist is refused, not quietly rerouted. A tiny bundle plus audited egress means a small blast radius. If something did leak, it would be ~600 tokens, not your source tree.
Boundaries
Good security is as much about what a tool refuses to do as what it offers. These are hard guarantees, not default settings you have to remember to turn on. So when someone asks whether the AI trains on your code, the answer is no.
Deployment
Data residency is a property of where the software runs, not a promise on a marketing page. Codna is a self-hosted AI coding assistant, so you decide where the engine, the agent, and the audit logs live. Pick the boundary that fits your compliance program.
Run the full engine and agent locally. Your code is mapped and fixed on the same hardware it already lives on, so nothing crosses a network you do not control.
Deploy inside your own cloud account with per-tenant key isolation, SSO, roles, and full audit logging of every map, agent run, model call, and PR — the controls a SOC 2 or ISO 27001 program asks for, inside your perimeter.
Run on-premise with no internet path at all. Paired with your own model gateway, code never leaves your network by construction rather than by policy. This is on-premise, air-gapped AI coding.
运行时控制
租户级密钥隔离、敏感信息脱敏、可审计的出口控制和部署级控制,让隐私成为默认运行模式。
No. Codna never uses your code for training. You bring your own API key, and your data stays entirely within your infrastructure.
Yes. Codna is designed for self-hosting. You control the environment, the keys, and the egress — nothing leaves without your explicit configuration.
If an outbound connection cannot be established within your defined policy, Codna blocks the request entirely rather than falling back to an open path. No silent data leaks.
You supply your own LLM API key. Codna routes requests through it directly, so the provider relationship — and any billing or data agreements — is solely between you and your chosen provider.
No. Codna uses per-tenant key isolation. Your key is scoped to your instance and never shared with or visible to other tenants.
Very little. The deterministic engine builds a focused ~600-token evidence bundle for each fix — measured at 162x less context than reading the whole repository. Less context means a smaller blast radius for any data leaving your environment.