PipelineVCS (PLV) is a Git-inspired version control system built on a server-authoritative model. With path-aware visibility, native AI principals, and built-in large-file storage. No merge commits. No LFS plugins. No advisory permissions.
What's different
PLV is intentionally narrower than Git in some places — and substantially deeper in others. The trade-offs are deliberate and allow for more control.
While Git now has LFS, PLV has a more native way of handling large files. PLV repositories can choose to store large files natively on the filesystem or in an S3 or R2 bucket. Large files are detected by size and type. You have full control on what and how LFS works for a given repository.
Decentralization has its advantages, but there are downsides as well. PLV keeps Git's semantics but gains the benefits of a certralized system. Read-only paths, target-scoped grants, per-path signing rules, and file locks are just a few of the things PLV supports. And visibility flows through every API.
Agents are first-party and have supporting APIs that allow them to get context, initiate searches, review code, and more. PLV commits contain metadata and huristics that make agents more effective. All in formats that make token usage more efficient.
Familiar, but better
PLV is server-authoritative on purpose. The trade-off is that fully offline workflows are narrower — in exchange, you get clearer rules, faster reviews, and a single source of truth.
Who it's for
Path rules let one repository hold sensitive directories alongside shared code — and partial-access users stay in sync without ever seeing the restricted contents.
Hash-chained audit logs, append-only configuration history, and signed commit attestations give compliance and security teams a trustworthy record without bolting another system on top.
Agents authenticate as themselves, with explicit ref scopes and capabilities. AI-aware endpoints assemble bounded context bundles and filter results by the caller's visibility.
Direct/indirect file storage is built in. Configure S3 or Cloudflare R2 once on the server; clients upload through presigned URLs with hash-verified completion. No LFS plugin, no separate workflow.
What's in the box
PLV ships as a single coherent platform — not a CLI plus a stack of third-party services. Pull requests, issues, releases, locks, attestations, and AI integration are all first-party.
Fast-forward, rebase, or squash. No merge commits, no octopus merges, no surprises in plv history.
Large binaries live in object storage; the tree carries a small pointer. S3 and Cloudflare R2 are first-class.
Read-only synthesized views built from one base target plus branch and nested-repo overlays. Conflicts are explicit.
Append-only history, editable bodies that don't rewrite the chain, structured workflow links.
Tie releases to a commit. Full or delta releases with materialized manifests — only changed bytes get re-stored.
Locks and commit-signing rules can be repo-wide or scoped to a branch. TTL expiry is server-authoritative.
Pick exactly which parent refs you want. Sync more later. Fork imports report health, not silent drift.
External IdP authentication is supported, allowing your existing users access with minimal setup.
TOTP enforced or optional. Recovery codes for account recovery. Per-IP and per-user lockouts on auth surfaces.
Audit and operational logs are NDJSON streams with previousHash + hash. plvserver log verify proves integrity.
Commit attestations bind the commit, publication record, and other metadata. Trust-cached client side.
Every command supports --json and --toon. AI commands emit JSON by default so agents don't have to negotiate format.
Spin up a server, connect a client, and create your first repo all in just a minute. No cloud account, no waitlist, no signup.
