https://github.com/livrasand/gitgost
Anonymous git contributions, zero accounts, zero metadata. Just add remote, push, and disappear. Hosted-in Switzerland. Be a gost!
https://github.com/livrasand/gitgost
anonymous anonymous-contributions anonymous-git devops git git-anonymous gitgost github go golang no-account-github privacy privacy-protection privacy-tools
Last synced: 9 days ago
JSON representation
Anonymous git contributions, zero accounts, zero metadata. Just add remote, push, and disappear. Hosted-in Switzerland. Be a gost!
- Host: GitHub
- URL: https://github.com/livrasand/gitgost
- Owner: livrasand
- License: gpl-3.0
- Created: 2025-11-29T21:22:00.000Z (6 months ago)
- Default Branch: main
- Last Pushed: 2026-05-14T23:50:26.000Z (29 days ago)
- Last Synced: 2026-05-15T01:32:30.964Z (29 days ago)
- Topics: anonymous, anonymous-contributions, anonymous-git, devops, git, git-anonymous, gitgost, github, go, golang, no-account-github, privacy, privacy-protection, privacy-tools
- Language: Go
- Homepage: https://gitgost.leapcell.app
- Size: 7.55 MB
- Stars: 41
- Watchers: 0
- Forks: 2
- Open Issues: 8
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
- Threat model: THREAT_MODEL.md
- Security: SECURITY.md
Awesome Lists containing this project
README
**Contribute to any GitHub repo without leaving a trace.**
Zero accounts • Zero tokens • Zero metadata • Designed for strong anonymity
## One-liner demo
```bash
# Add as remote → fix → push → done. Designed to minimize identifiable traces.
git remote add gost https://gitgost.fly.dev/v1/gh/torvalds/linux
git checkout -b fix-typo
git commit -am "fix: obvious typo in README"
git push gost fix-typo:main
# → PR opened as @gitgost-anonymous with no direct trace to you; note that gitGost provides strong anonymity features, but not perfect anonymity — see the Threat Model
```
That’s it. No login, token, name, or email required — gitGost provides strong anonymity features, but not perfect anonymity — see the [Threat Model](#threat-model).
[](https://deepwiki.com/livrasand/gitGost)
[](https://gitgost.fly.dev/health)
[](https://saythanks.io/to/livrasand)
[](https://www.gnu.org/licenses/agpl-3.0)
[](SECURITY.md)
[](LEGAL.md)
[](https://go.dev)
[](https://github.com/livrasand/gitGost)
[](https://github.com/EduardaSRBastos/my-essential-toolbox)
> "Fixed GPIO mapping bug in 10s without doxxing risk – @gitgost-anonymous"
> [View PR ↗](https://github.com/mehdi7129/inky-photo-frame/pull/3) *(Example from mehdi7129/inky-photo-frame)*
## Features
| Feature | Description |
|-----------------------------|-----------------------------------------------------------------------------|
| **Total Anonymity** | Strips author name, email, timestamps, and all identifying metadata. PRs created by neutral `@gitgost-anonymous` bot. |
| **One-Command Setup** | Just `git remote add gost ` – no accounts, tokens, or browser extensions. |
| **Battle-tested Security** | Rate limiting, repository size caps, commit validation. Written in pure Go with minimal dependencies – fully auditable. |
| **Works Everywhere** | Terminal, CI/CD, Docker, scripts – any public GitHub repo, anywhere Git runs. |
| **Open Source & AGPL** | 100% transparent. Fork it, audit it, host it yourself. |
## Anonymous Contributor Friendly Badge
To signal that your repository welcomes anonymous contributions via gitGost, add this badge to your README:
For verified repositories, add a `.gitgost.yml` file to your repository root and use the dynamic version:
This badge helps contributors know that anonymous contributions are accepted and encouraged.
## Repository Opt-Out
Maintainers can block anonymous contributions via gitGost by adding `DENY_ALL: true` to the `.gitgost.yml` file in their repository root:
```yaml
# .gitgost.yml
DENY_ALL: true
```
When this is set, gitGost will reject any push attempt before creating a fork or PR. Contributors will see:
```text
remote: CONTRIBUTION BLOCKED
remote:
remote: This repository does not accept anonymous contributions
remote: via gitGost. Please contact the maintainer directly.
error: push rejected: repository has opted out of gitGost
```
If the file does not exist or `DENY_ALL` is not set, contributions are allowed by default.
## Why developers love gitGost
> “Your commit history shouldn’t be an HR liability forever.”
- No permanent public record of your activity
- Safely contribute to controversial projects (employer or country doesn’t like it? no problem)
- Stop email harvesting & doxxing from public commits
- Fix that one annoying typo without attaching your name for eternity
- Be a ghost when you want to be
Built for developers who actually care about privacy.
## Legitimate Use Cases
gitGost is intended for responsible, good-faith contributions where identity exposure is unnecessary or undesirable.
Examples include:
Fixing typos or documentation errors without creating a permanent contribution record
Contributing to projects that may conflict with employer policies
Participating in politically sensitive or controversial repositories
Reducing exposure to email harvesting and scraping
Experimenting or testing changes without attaching personal metadata
Contributing from jurisdictions where visibility may create risk
gitGost is designed to enable privacy — not remove accountability from the review process.
All pull requests are public and subject to maintainer approval.
## When NOT to use gitGost
Do not use gitGost for:
Harassment or abuse
Spam or automated PR flooding
Evading bans or moderation
Submitting malicious code
Avoiding legal responsibility
Circumventing repository contribution policies
gitGost enforces rate limits, validation checks, and repository constraints. Abuse attempts will be mitigated.
If your goal is to harm, disrupt, or deceive — this project is not for you.
## Threat Model
gitGost is designed to protect against common identification threats in contributions to public repos, but does not offer perfect anonymity. Below details what it protects against, what it does not, who it protects against, and key assumptions.
For a terse, user-facing view of guarantees and data retention, see [Privacy Guarantees](Privacy%20Guarantees.md).
### gitGost protects against:
- Public exposure of name and email in commits
- Direct association between personal GitHub account and PR
- Passive metadata collection in public repos
- Permanent history of minor contributions
### gitGost does NOT protect against:
- IP identification (using VPN/Tor is recommended)
- Code style analysis (stylometry)
- Advanced temporal correlation
- Targeted deanonymization by adversaries with resources
### Considered adversaries
- Recruiters / HR
- Hostile maintainers
- Email scrapers
- Governments or companies with basic monitoring
### Not considered adversaries
- Nation states with infrastructure access
- Actors with active user surveillance
- Deep forensic code style analysis
### Explicit assumptions
gitGost assumes the user:
- Uses a trustworthy network (VPN / Tor)
- Does not reuse unique phrases or identifiable style
- Does not mix anonymous and personal contributions to the same repo
- Understands that perfect anonymity does not exist
For the full model, see [THREAT_MODEL.md](THREAT_MODEL.md). For more operational details, see [SECURITY.md](SECURITY.md).
## Quick Start
```bash
# 1. Add the remote (replace with any public repo)
git remote add gost https://gitgost.fly.dev/v1/gh/username/repo
# 2. Create your branch and commit with a detailed message
git checkout -b my-cool-fix
git commit -am "fix: typo in documentation
This commit fixes a grammatical error in the README.
The word 'recieve' should be 'receive'."
# 3. Push – PR opens anonymously
git push gost my-cool-fix:main
```
Done. The PR appears instantly from `@gitgost-anonymous` with your commit message as the PR description.
**Pro tip:** Write detailed commit messages! Your commit message becomes the PR description, allowing you to provide context while staying anonymous.
## Security & Limits (we’re not reckless)
- Max 5 PRs/IP/hour
- Repository size ≤ 500 MB
- Commit size ≤ 10 MB
- Full validation of refs and objects
- No persistence of your data
> **GitHub only:** Due to GitHub's platform limits, fork repositories created by gitGost are manually deleted to stay under the 40,000-repository cap. This is a GitHub-specific constraint and does not affect functionality.
Everything is designed to prevent abuse while keeping you anonymous.
## License
**AGPL-3.0** – Free forever, open source, and copyleft.
If you run a public instance, you must provide source code.
→ [LICENSE](LICENSE)
## Contributing
### Contributing Anonymously
```bash
git remote add gost https://gitgost.fly.dev/v1/gh/livrasand/gitGost
git push gost my-feature:main
```
(Yes, even gitGost eats its own dogfood 👻)
### Going further: hide your IP with torsocks
gitGost strips your name, email, and metadata — but your IP is still visible to the server. If you need a stronger anonymity guarantee, wrap your push with **torsocks**, which routes the connection through the Tor network so the server only sees a Tor exit node IP.
#### Install
```bash
# Debian/Ubuntu
sudo apt install tor torsocks
# Arch
sudo pacman -S tor torsocks
# macOS
brew install tor torsocks
```
#### Start Tor
```bash
sudo systemctl start tor # Linux
brew services start tor # macOS
```
#### Push through Tor
```bash
torsocks git \
-c http.extraHeader="X-Gost-Authorship-Confirmed: 1" \
push gost my-feature:main
```
#### Optional: persistent alias so you never forget
```bash
# Inside your repo
git config http.extraHeader "X-Gost-Authorship-Confirmed: 1"
# In ~/.gitconfig
[alias]
ghost = "!torsocks git"
```
Then simply:
```bash
git ghost push gost my-feature:main
```
#### Verify your IP is masked before pushing
```bash
torsocks curl https://check.torproject.org/api/ip
# → {"IsTor": true, "IP": "185.220.101.x"}
```
> **Heads-up:** Tor is slow. A push that normally takes seconds may take a few minutes. This is expected — Tor routes traffic through three encrypted nodes worldwide. gitGost's 10 MB commit limit is partly sized with this in mind.
### Strip metadata from binary files before committing
gitGost anonymizes commit metadata, but **binary files (images, PDFs, Office documents) can contain embedded metadata** — EXIF data, GPS coordinates, author names, device info — that reveal your identity regardless of commit anonymization. Strip it before committing with **exiftool**.
#### Install
```bash
# Debian / Ubuntu
sudo apt install libimage-exiftool-perl
# Arch
sudo pacman -S perl-image-exiftool
# macOS
brew install exiftool
# Windows: download the executable from https://exiftool.org
# Extract exiftool(-k).exe, rename to exiftool.exe, place in PATH
```
#### Verify and strip
```bash
# Check what metadata a file exposes
exiftool photo.jpg
# → GPS Latitude : 48.8566 ← your location
# → Author : John Doe ← your name
# Strip all metadata from a single file
exiftool -all= photo.jpg
# Strip recursively from a directory
exiftool -all= -r ./assets/
```
#### Then commit and push safely
```bash
git add assets/
git commit -am "add: project screenshots"
git push gost my-branch:main
# → PR opened as @gitgost-anonymous — no metadata, no trace
```
> **Note:** exiftool creates backup files (`*_original`) by default. Add `-overwrite_original` to skip them: `exiftool -all= -overwrite_original photo.jpg`.
### Windows alternatives
`torsocks` is not available on Windows natively. Use one of the following options instead.
#### Option 1: Tor Browser + SOCKS5 proxy (easiest)
```bash
# 1. Download and install Tor Browser
# https://www.torproject.org/download/
# 2. Open it and leave it running (exposes SOCKS5 on 127.0.0.1:9150)
# 3. Configure Git to use it
git config --global http.proxy socks5h://127.0.0.1:9150
# 4. Push normally
git -c http.extraHeader="X-Gost-Authorship-Confirmed: 1" push gost my-branch:main
```
When done, remove the global proxy:
```bash
git config --global --unset http.proxy
```
Or configure it per-repo only (recommended):
```bash
# Inside the repo, not global
git config http.proxy socks5h://127.0.0.1:9150
git config http.extraHeader "X-Gost-Authorship-Confirmed: 1"
```
#### Option 2: WSL2 (Windows Subsystem for Linux)
If you already have WSL2, it works exactly like Linux inside it:
```bash
# Inside WSL2 (Ubuntu/Debian)
sudo apt install tor torsocks
sudo service tor start
torsocks git push gost my-branch:main
```
WSL2 has its own network stack separate from Windows, so anonymity is preserved correctly.
## Made with ❤️ for privacy
## Service Administration
### Panic button — suspend and restore the service
If abusive activity is detected (bot submissions, coordinated spam), you can suspend the service immediately. While suspended, all pushes are rejected with an explanatory message and the site shows a banner.
**Suspend the service:**
```bash
curl -X POST https://gitgost.fly.dev/admin/panic \
-H "Content-Type: application/json" \
-d '{"password":"","active":true}'
```
**Restore the service:**
```bash
curl -X POST https://gitgost.fly.dev/admin/panic \
-H "Content-Type: application/json" \
-d '{"password":"","active":false}'
```
> **Note:** If you receive a ntfy alert with action buttons (Activate Panic / Deactivate Panic), those buttons use single-use tokens valid for **10 minutes**. If the tokens expire before you tap them, use the `curl` commands above with your `PANIC_PASSWORD` — those always work.
**Handy shell aliases** (add to your `~/.zshrc` or `~/.bashrc`):
```bash
export PANIC_PASSWORD="your-password-here"
alias gitgost-suspend='curl -s -X POST https://gitgost.fly.dev/admin/panic \
-H "Content-Type: application/json" \
-d "{\"password\":\"$PANIC_PASSWORD\",\"active\":true}"'
alias gitgost-restore='curl -s -X POST https://gitgost.fly.dev/admin/panic \
-H "Content-Type: application/json" \
-d "{\"password\":\"$PANIC_PASSWORD\",\"active\":false}"'
```
Then simply run `gitgost-restore` to bring the service back online.
### Close abusive PRs (rollback burst)
After a burst attack, close all PRs created during the attack window:
```bash
curl -X POST https://gitgost.fly.dev/admin/rollback \
-H "Content-Type: application/json" \
-d '{"password":""}'
# → {"closed": 12, "failed": 0, "closed_urls": [...]}
```
This closes up to 2 hours of recorded PRs in parallel via the GitHub API. PRs older than 2 hours are not affected.
---
Star this repo if you believe developers deserve the right to contribute anonymously.
[](https://x.com/intent/tweet?text=Check%20out%20this%20project%20on%20GitHub:%20https://github.com/livrasand/gitGost%20%23gitGost%20%23anonymous%20%23privacy)
[](https://www.facebook.com/sharer/sharer.php?u=https://github.com/livrasand/gitGost)
[](https://www.linkedin.com/sharing/share-offsite/?url=https://github.com/livrasand/gitGost)
[](https://www.reddit.com/submit?title=Check%20out%20this%20project%20on%20GitHub:%20https://github.com/livrasand/gitGost)
[](https://t.me/share/url?url=https://github.com/livrasand/gitGost&text=Check%20out%20this%20project%20on%20GitHub)
Be a ghost. Fix the internet.
*✨ Thanks for visiting **gitGost**!*
