Most analytics tools want to clone your repos or request full read access. We don't.
Gitmore uses webhooks. When you connect a repo, the Git platform pushes event data to us. We never pull.
*What we receive:* - Commit messages - PR titles and descriptions - Timestamps - Author info - File counts
*What we never see:* - Source code - Diffs - File contents - Secrets
*What you can do with metadata:*
Ask questions: - "What shipped last week?" - "Which PRs are stuck?" - "Who's working on the billing service?"
Schedule reports: - Weekly or monthly summaries - Delivered to Slack or email - Forward to investors or stakeholders
Other features: - Slack bot for team-wide access - Public changelog at yourcompany.gitmore.io/changelog - Contributor leaderboard
*How we structure the data:*
Every event gets normalized into a standard schema. The AI queries structured data, not raw commit messages. PR descriptions carry more context than commits – we capture both.
*Stack:*
Next.js, MongoDB, Claude
- Token encryption: Fernet (HMAC-SHA256 + AES-128-CBC)
- Webhook verification: Timing-safe HMAC-SHA256
- 2FA: TOTP + backup codes
Works with GitHub, GitLab, and Bitbucket.
Free for 1 repo: https://gitmore.io
Would you trade code-level analytics for better security?
philipwhiuk•3w ago
Some probably would. I think many likely write commits that are insufficiently detailed to really capture the scope of the change.
> Stack: - Token encryption: Fernet (HMAC-SHA256 + AES-128-CBC) - Webhook verification: Timing-safe HMAC-SHA256 - 2FA: TOTP + backup codes
This isn't really your stack but sure.
slmslm22•3w ago
And yeah, "stack" was wrong. That's security implementation. Next.js, MongoDB, Claude is the actual stack.