StableStack.ai

Privacy & Security

Your code never leaves your machine

StableStack is designed from the ground up to keep your source code private. Every analysis runs locally on your hardware -- no cloud uploads, no telemetry, no exceptions.

100% Local Analysis

StableStack performs all code analysis entirely on your local machine. Your source code, configuration files, and analysis results are never transmitted to any external server. The tool reads your files, runs its checkers in-process, and outputs results directly to your terminal or file system.

Privacy by design

Minimal Anonymous Telemetry

StableStack sends a lightweight, anonymous ping after each scan to help us improve the tool. This includes only: version, platform, command run, and aggregate finding counts. It never includes your source code, file paths, or finding details.

Opt out anytime by setting DO_NOT_TRACK=1 or STABLESTACK_NO_TELEMETRY=1 in your environment.

No Phone-Home During Analysis

Once activated, StableStack makes zero network requests while scanning your code. Every checker runs as pure local computation. You can verify this yourself by monitoring network traffic during a scan.

One-Time License Activation

The only network call StableStack ever makes is during license activation. This single request validates your license key and downloads the compiled checker modules. After that, everything runs offline.

Works Fully Offline

After the one-time activation, StableStack requires no internet connection. Run it on a plane, in a secure facility, or on a machine with no network access. Every scan produces the same results, online or off.

Enterprise & Air-Gapped Environments

Enterprise

StableStack is built for organizations with strict security requirements. After the initial one-time activation on a machine with internet access, the tool and its checkers can be used in fully air-gapped environments with no further network connectivity required.

  • Activate once on a network-connected machine, then transfer to secure environments
  • No ongoing internet dependency for day-to-day scanning
  • Compatible with classified and regulated environments (FedRAMP, ITAR, SOC 2)
  • No data exfiltration risk -- source code analysis stays on-premise

How activation works

1

Install StableStack

Install from PyPI as usual. The free tier (4 checks) works immediately with no activation required.

pip install stablestack
2

Activate your license

This is the only network call. Your license key is validated and compiled checkers are downloaded to your machine.

stablestack --activate YOUR_LICENSE_KEY
3

Scan offline, forever

All 105 checks now run entirely on your machine. No further network access is needed. Disconnect from the internet and scan with confidence.

What data goes where

Stays local

Your source code

Read from disk, analyzed in-process, never copied or transmitted anywhere.

Stays local

Analysis results

Findings are output to your terminal or written to a local file. Never uploaded.

Stays local

Configuration files

Your pyproject.toml settings and rule configurations are read locally only.

One-time

License key

Sent once during activation to validate your subscription and download checker modules.

Opt-out

Anonymous usage telemetry

Version, platform, command, and aggregate counts (e.g., "3 errors, 2 warnings in 15 files"). No code, no paths, no details. Disable with DO_NOT_TRACK=1.

Ready to try StableStack?

Get started with 4 free checks -- no signup, no telemetry, no network access required.

Get startedContact sales