There's no place like 127.0.0.1.

Devsecops

Posts tagged with Devsecops.

SovereignRAG 1.0.0: Offline, Git-Aware Security Code Auditing

05 Jul 2026

I’ve been building SovereignRAG, my fully offline RAG pipeline for security code auditing. It just reached 1.0.0.

This release is not just a version bump. It adds Git-aware analysis, Markdown ingestion, cited findings, better Ollama workflows, and a proper documentation site. It also includes a troubleshooting guide born from real pain, because nothing documents a feature better than watching it fail in your face.

What SovereignRAG is

SovereignRAG ingests security reference documents, such as OWASP guides, cheat sheets, and internal standards, into a local vector database. Then it analyzes source files against that knowledge using a local LLM served by Ollama.