GitZero is a fast, dark code-review platform for AWS CodeCommit & CodePipeline — browse code, review change proposals, gate deploys, and ship. With diff-aware security scanning built in, not bolted on.
The moat
Every change proposal is scanned for the issues it introduces — secrets, risky code, and cloud misconfigurations — and a high-severity finding blocks the merge. No pipeline to wire up. No config to forget.
Hard-coded secret · src/config.ts:12Wildcard IAM permission · infra/role.yaml:28It only flags what your proposal changed — pre-existing lines stay quiet. Placeholder-aware, so changeme doesn't cry wolf.
Everything you'd reach for
Familiar vocabulary, distinct identity — Codebase, Proposals, Workflows, Environments.
Inline diffs, line comments, threads you can resolve, and endorsements — the full merge-request flow over CodeCommit pull requests.
Fast-forward, squash, or merge-commit — with live conflict detection that tells you exactly which files clash before you try.
Real roles (viewer→admin), per-repo overrides, and required-approval gates enforced server-side at merge time.
Watch CodePipeline runs, read build logs, re-run stages, and approve or reject a waiting deploy — right from the proposal.
Every CloudFormation stack your pipelines deploy, with live status, the public URL, and a full deployment-history timeline.
One Lambda behind CloudFront with Origin Access Control. Your repos stay in your account; nothing is mirrored out.
How it works
GitZero is a single Lambda that serves the app and a JSON API over your CodeCommit, CodePipeline, CloudFormation, and DynamoDB — fronted by CloudFront. The whole thing deploys from a repo through its own pipeline.
Open GitZero and walk a real proposal — diff, scan, gate, integrate.
Open GitZero →