How does SymfonyInsight manage private code?

SymfonyInsight needs to access your source code in order to analyze the quality of your projects. Depending on your project configuration, the code can be obtained via pull mode or push mode.

The pull mode is used when SymfonyInsight gets your code automatically from a Git repository hosted elsewhere (e.g. in GitHub), no matter if the repository is public or private. The push mode is used when you set up a private Git repository on SymfonyInsight and you explicitly push the code before each analysis.

By default, your code is kept from one analysis to the next one, in order to reduce the analysis setup time. Although we store the code securely in our servers, you can optionally disable this feature.

If you use pull mode, edit your project configuration and check the following option:

[ ] Do not keep my code between analysis

If you use push mode, you can remove all the stored code between analyses by pushing an empty repository after each analysis, or by removing the project from SymfonyInsight.

Additionally, each project is analyzed on its own virtual machine. This ensures that your project's filesystem is completely isolated from any other SymfonyInsight project. Your code is protected against any malicious user.

In case you mess with your own filesystem, you can also destroy your current virtual machine to launch your next analysis on a brand new virtual machine. To do so, click on the arrow of the Analyze button and check this option:

[ ] Analyze with a new VM