Docs › Deployment & Data Sovereignty
For security, procurement, and data-protection reviewers — especially EU, government, defence, and regulated-financial buyers who must know exactly what leaves their environment. This page is a plain, verifiable account of where PullGuard runs and what data it handles.
PullGuard runs inside your CI and never receives your source code. The scanner analyses your code in place, on your runners, and emits results-only outputs — reports, SARIF, JSON — that you control. In its air-gapped configuration it makes zero external calls: no telemetry, no source upload, no phone-home. When run online, the only thing that leaves is license validation (an org name + token) — never your code.
One precise disclosure: free-tier scans running in
GitHub Actions may attach an anonymous adoption signal (the public numeric GitHub
repository/owner ids — no code, no findings, no PII) to the rules fetch, with opt-out via
telemetry: false, PULLGUARD_TELEMETRY=off, or
DO_NOT_TRACK=1. Paid, offline, and air-gapped scans
never send any telemetry, ever.
Unlike SaaS scanners that upload your code to their cloud for analysis, PullGuard analyses in place and only ever produces a report that stays with you.
| Mode | Source code | Findings / results | License check | Rule updates |
|---|---|---|---|---|
| Air-gapped self-hosted runner + mirrored image + offline key |
✗ never leaves | ✗ stays in your CI | ✗ validated locally (signed offline key, no call) | ✗ uses the image's embedded rules |
| Online GitHub-hosted runner + GHCR + online token |
✗ never leaves | ✗ stays in your CI / your git host | ✓ org + token → our licensing service (no source) | ✓ signed rule bundle fetched (read-only) |
Your code is never uploaded to PullGuard in either mode. The licensing service only validates subscriptions; it never receives scan data.
For sovereign / classified / no-egress environments, PullGuard runs with no external dependency at scan time:
ghcr.io/pullguard-dev/pullguard:<tag>).Result: the scan reads your code, writes a report, and makes zero network calls. CVE scanning stays available offline via the local vulnerability database (update on a connected machine, transfer the archive across your air-gap). Most SAST tools cannot operate this way.
Since v1.3.4, the published scanner image ships SLSA build provenance and an SBOM. Your security team can verify how the image was built (source commit, builder, materials) and what it contains — before it ever runs in your environment:
docker buildx imagetools inspect ghcr.io/pullguard-dev/pullguard:<tag>
Release tags (e.g. v1.3.4) are immutable and preserved forever; pin an exact tag
or a sha256: digest (the image-pin
workflow input) for change-controlled
environments.
Want a live, multi-repo dashboard without giving anyone your data? The self-hosted PullGuard server (Enterprise) runs inside your boundary, on your domain. Your CI POSTs scan results only — findings, scores, grades — never source code; the ingest endpoint actively rejects source-looking payloads. The server validates its licence offline and makes no call home, so it too runs fully air-gapped.
Don't take our word for it — every claim above is testable in your own environment:
docker buildx imagetools inspect ghcr.io/pullguard-dev/pullguard:<tag> — confirm the SLSA build provenance + SBOM.Questions from a procurement or data-protection review are welcome — hello@pullguard.dev.