CodeSync Platform
Funktionen von CodeSync
Fast, GDPR-compliant package infrastructure for Germany
CodeSync mirrors, caches, and distributes software packages from upstream registries — npm, PyPI, Docker Hub, and Maven Central — through Frankfurt-based edge nodes. Every artifact is stored encrypted at rest, served over TLS 1.3, and kept within the EU data boundary. Teams in Berlin, Munich, and Hamburg typically see 60–80% faster install times compared to hitting upstream directly.
Core Features
Everything your CI/CD pipeline needs
Smart Package Mirroring
On-demand pull-through caching for npm, PyPI, Maven Central, and Docker Hub. CodeSync fetches artifacts only when first requested, then serves subsequent downloads from Frankfurt. Stale cache entries expire after 24 hours by default. Mirrors stay synchronized via webhook-triggered delta updates, keeping your local registry within seconds of upstream.
Real-Time Analytics
Track cache hit ratios, bandwidth consumption, and per-team download volumes through the built-in dashboard. Export CSV reports or push metrics to Grafana via Prometheus-compatible endpoints. See exactly which packages your engineering teams pull most — npm's `lodash` averaged 14,200 requests per day across 38 projects in Q3 2024.
Private Registry Overlay
Publish internal packages alongside mirrored upstream content. CodeSync supports scoped npm packages, private PyPI distributions, and authenticated Docker images. Role-based access control lets you restrict visibility to specific teams — for example, the `@acme-internal` scope is visible only to devs in the "platform-eng" group.
Automated Dependency Auditing
Every mirrored package is scanned against known vulnerability databases (OSV, GitHub Advisory) on ingestion. Get email or Slack alerts when a newly discovered CVE affects a package your teams are consuming. CodeSync can block downloads of critically vulnerable versions automatically — 237 packages were quarantined in October 2024 alone.
CI/CD Integration
Pre-configured runners for GitHub Actions, GitLab CI, and Jenkins. Drop a single line into your pipeline configuration to route all `npm install`, `pip install`, and `docker pull` commands through CodeSync. Zero credential management — authentication is handled via machine-to-machine tokens with automatic rotation every 90 days.
High-Availability Architecture
Active-active deployment across two Frankfurt availability zones with automatic failover. Synchronous replication ensures zero data loss. CodeSync guarantees 99.95% uptime, backed by a public status page at status.codesync.dev. Last year's longest outage was 12 minutes during a planned firmware upgrade on the storage array.
Compliance & Security
Built for German regulatory requirements
CodeSync is engineered from the ground up to meet DSGVO, BSI IT-Grundschutz, and ISO 27001 requirements. All package data — including metadata, download logs, and user tokens — resides exclusively on servers operated by Hetzner in Falkenstein, Saxony.
DSGVO Data Processing
A signed Data Processing Agreement (AVV) is included with every plan. CodeSync processes only the minimum telemetry required for cache management — no user profiling, no third-party analytics, no data transfer outside the EU. You retain full rights to export or delete all logs on demand.
Encryption & Key Management
All artifacts are encrypted at rest using AES-256-GCM with keys managed in HashiCorp Vault. TLS 1.3 is enforced for every connection. Customer-managed encryption keys (CMEK) are available on Enterprise plans, giving you full control over the key lifecycle.
Audit Logging
Every API call, package upload, and permission change is recorded in an immutable audit trail. Logs are retained for 36 months and can be forwarded to your SIEM via Syslog or Kafka. Tamper-evident integrity checks ensure no entry can be silently modified after the fact.