Autter is an open source git extension that records which lines of your code were written by AI. Once installed, every AI-authored line is tied to the agent, model, and prompt that produced it — keeping the reasoning, requirements, and design decisions attached to your code instead of lost in a chat window.
There is nothing new to learn. Write prompts and commit the way you already do.
git commit
[hooks-doctor 0afe44b2] wsl compat check
2 files changed, 81 insertions(+), 3 deletions(-)
you ██░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░ ai
6% 94%
autter blame /src/log_fmt/authorship_log.rs
cb832b7 (Sagnik Ghosh 2025-12-13 133) pub fn execute_diff(
cb832b7 (Sagnik Ghosh 2025-12-13 134) repo: &Repository,
cb832b7 (Sagnik Ghosh 2025-12-13 135) spec: DiffSpec,
fe2c4c8 (Sagnik Ghosh 2025-12-02 136) format: DiffFormat,
fe2c4c8 (Sagnik Ghosh 2025-12-02 137) ) -> Result<…> {
fe2c4c8 (claude 2025-12-02 138) // Resolve commits
fe2c4c8 (claude 2025-12-02 139) let (from, to) = match spec {
fe2c4c8 (claude 2025-12-02 140) DiffSpec::TwoCommit(s, e) => {
fe2c4c8 (claude 2025-12-02 141) let from = resolve(repo, &s)?;Mac, Linux, Windows (WSL)
curl -sSL https://autter.dev/install.sh | bashWindows
powershell -NoProfile -ExecutionPolicy Bypass -Command "irm https://autter.dev/install.ps1 | iex"The installer is the only setup step. There are no per-repo hooks to wire up and no git config to edit — commit with the Agent, the git CLI, or any git client and attribution lands on the commit automatically.
Installation lets you choose local-only mode or connect to the Autter platform, and the choice is reversible at any time with autter onboard. Local-only attribution, blame, and stats run entirely on your machine — no code, prompts, or usage data ever leave it.
For verification steps, privacy controls, everyday commands, and troubleshooting, read the full installation and setup guide.
You never need an account to use Autter. Connecting simply links a machine to your Autter organization so attribution and prompt history can drive cross-repository dashboards, prompt search, team and contributor analytics, and audit history.
Start with the guided browser flow:
autter onboardPick "connect" and authorize the device in your browser. If that flow is unavailable, mint a Personal Access Token (PAT) under Org Settings → Access Tokens and register it directly:
autter login --token autter_pat_xxxxxxxx
autter whoamiOnce a machine is connected:
- Authorship notes (the AI-vs-human breakdown per commit) and prompt transcripts are written on commit straight into your organization's own database. They are never shared between organizations, and the CLI writes to that database directly using the connection URL embedded in your signed token — no Autter server sits in the data path.
- A token is bound to your account. If you belong to more than one organization, each push is routed to whichever org owns the repository (resolved from its git remote), with your default org as the fallback.
- Tokens can be managed or revoked, and CLI activity (token created, sign-in, data pushed) reviewed, under Settings → Access Tokens in the dashboard.
Return to local-only mode whenever you like:
autter logout # clear stored credentials
autter onboard --local --forceautter reads ~/.autter/config.json. The defaults target the hosted platform; override them per machine for self-hosting or CI:
| Field | Default | Purpose |
|---|---|---|
api_base_url |
https://api.autter.dev |
Auth + token exchange |
notes_backend.kind |
git_notes (local) / http (connected) |
Where authorship notes go |
notes_backend.backend_url |
https://cli.autter.dev |
Gate that enables cloud sync; the actual notes/prompt writes go straight to your org database (URL from your token), not to this host |
prompt_storage |
local / default (connected) |
default uploads prompts, local keeps them on-device |
telemetry_oss |
on |
off disables all anonymous usage analytics and error reporting |
Environment overrides: AUTTER_API_BASE_URL, AUTTER_WEB_URL, AUTTER_NOTES_BACKEND_KIND, AUTTER_NOTES_BACKEND_URL, AUTTER_API_KEY (for CI).
Autter reports anonymous usage analytics and error data so the tool can improve. Telemetry is on by default, is confirmed during autter onboard, and is built to be safe and fully auditable:
- Never any personal data — no code, prompts, file paths, repo names, usernames, or IP addresses.
- Only coarse, anonymous signals — a random install ID, device info (OS, CPU architecture, core count), the Autter version, and error/exception messages.
- A local mirror of everything sent lives at
~/.autter/internal/telemetry.log(one JSON object per event) so you can see exactly what left the machine.
Inspect or change it anytime:
autter telemetry status # is it on/off + where the audit log lives
autter telemetry log # show everything that has been sent (last 50)
autter telemetry log --all # show the full audit log
autter telemetry off # disable telemetry
autter telemetry on # re-enable telemetryYou can also disable it by setting "telemetry_oss": "off" in ~/.autter/config.json, or re-run the prompt with autter onboard --force (non-interactive installs accept --telemetry / --no-telemetry).
The Autter standard is supported by:
- 🪄 Zero workflow change — prompt and commit exactly as you do today; attribution metadata is attached to every commit for you.
- ⚡ No overhead — Autter avoids Git hooks (slow and painful to set up per repo) and never wraps the git binary, so your git commands run at full speed.
- 💻 Local-first — works offline and needs no login.
- 🔒 Safe prompt storage — each AI line traces back to the prompt that produced it. Sessions are scanned, redacted, and stored outside git, keeping repos lean, enabling access control, and stopping PII or secrets from leaking.
- 🌐 Git-native and open — Autter authored the open standard for tracking AI-generated code in Git Notes.
Want a closer look?
- CI Actions — preserve attribution through Rebase and Merge and Squash and Merge.
- How Autter Works
- Stats command — aggregate % AI stats across commits.
- AI Blame
- Config
- Add support for an agent in Autter
- Install Autter in background agents: Claude Web, Codex Cloud, Cursor Agent, and Devin.
Line-level attribution lets you follow AI code across the whole SDLC. Measure how much AI code is accepted, committed, survives review, and reaches production — so you can tell which tools and practices actually work.
autter stats --json
autter stats <start_sha>..<end_sha> --jsonIt computes % AI code, AI lines generated vs committed, acceptance rates, and human overrides, broken down by tool and model. More in the stats command reference.
Example JSON output
{
"human_additions": 28,
"ai_additions": 76,
"ai_accepted": 47,
"git_diff_deleted_lines": 34,
"git_diff_added_lines": 104,
"tool_model_breakdown": {
"claude_code/claude-sonnet-4-5-20250929": {
"ai_additions": 76,
"ai_accepted": 47
}
}
}autter blame is a drop-in replacement for git blame that adds AI attribution to every line. It accepts all standard git blame flags.
autter blame /src/log_fmt/authorship_log.rscb832b7 (Sagnik Ghosh 2025-12-13 08:16:29 -0500 136) format: DiffFormat,
cb832b7 (Sagnik Ghosh 2025-12-13 08:16:29 -0500 137) ) -> Result<String, AutterError> {
fe2c4c8 (claude 2025-12-02 19:25:13 -0500 138) // Resolve commits to get from/to SHAs
fe2c4c8 (claude 2025-12-02 19:25:13 -0500 139) let (from_commit, to_commit) = match spec {
fe2c4c8 (claude 2025-12-02 19:25:13 -0500 140) DiffSpec::TwoCommit(start, end) => {
Community plugins surface this attribution directly in popular IDEs, color-coded by agent session. Hover a line to read the underlying prompt or its summary.
Supported Editors
- VS Code
- Cursor
- Windsurf
- Antigravity
- Emacs magit
- Added support for another editor? Open a PR
Autter for Teams rolls Autter out across your whole organization. Connect GitHub, GitLab, Bitbucket, or Azure DevOps to get aggregate insight across every repository, plus the full trace of each agent session — from the first prompt to production.
- Provenance — line-level AI vs. human authorship across every repo, with the share of AI-written lines rolled up by pull request, repo, team, and contributor.
- Analytics — measure % AI and token cost, and track agent autonomy, token efficiency, and how much rework AI code needs before and after deploy.
- Lifecycle — follow AI code through your release pipelines and environments, see how much actually reaches production, and trace incidents back to the AI session that caused them.
- Codebase scans — agent-driven security, dependency, secret-detection, and code-quality scans across your codebase.
- PR review & automation — automatic AI pull-request reviews, generated PR descriptions, and after-review fix agents you can tune or build yourself.
- Repo wikis — auto-generated, always-current documentation for every repository.
- Prompt store — keep the prompt and full session behind every generated hunk for harness engineering and review.
Autter for Enterprise runs entirely in your own cloud. Deploy into a customer-owned AWS account from versioned container images and Terraform modules — your VPC, data stores, object storage, KMS keys, and IAM roles — with audit logs and scoped access tokens. Nothing leaves your boundary.
- Coding agents call
autter checkpointwhenever they write code or change files via bash scripts. - On commit, Autter records line-level attribution in Git Notes, tying every AI line to the agent, model, and session behind it. Run
git log --show-notes="ai"to view it. - When you
squash,merge,reset,rebase,stash, orcherry-pick, Autter moves and merges those attributions so tracking stays accurate.
Autter never uses AI or heuristics to "guess" which code is AI — the agents report exactly which lines they wrote, giving the most accurate, explicit attribution possible.
No. Autter works no matter how a commit is created — your git client, the git CLI, and your own git aliases are all supported.
Autter inspects the final state of the code once the operation finishes and copies or merges attributions into a Git Note for every resulting commit. It is eventually consistent: the note is written 5–100 ms after the operation completes.
Yes. Autter is free and open source, runs locally, and needs no login or team setup.
No. Autter uses no Git hooks and does not wrap git, so your git commands carry no added overhead.
No — Autter manages the agent hooks and checks them daily. To trigger that yourself (for example after installing a new agent), run autter install-hooks.
Hundreds of engineering teams, including many in the Fortune 100, use Autter to understand their AI usage and make agents more effective in their codebases.
What's the difference between the open source CLI and the teams version?
The CLI accurately attributes AI code on every commit. The teams version adds a secure prompt store and joins data from across the SDLC — tying token spend to individual pull requests, computing % AI by PR, team, and repo, surfacing signals like rework during review, and tracing incidents back to the AI session that caused them. It also layers on agent-driven workflows: codebase security scans, automatic PR reviews and descriptions, after-review fix agents, and auto-generated repo wikis. Connect your SCM for aggregate stats across thousands of repos plus full observability into everything your agents do. Run it in our cloud, or deploy Autter for Enterprise entirely inside your own AWS account so nothing leaves your boundary.
Autter provides line-level attribution for AI-generated code whether it was written through an edit tool or a bash command. During a history rewrite (rebase, stash, squash --merge, and so on) Autter moves and merges attributions so nothing is lost.
Here is the full breakdown of what is supported today:
| Capability | Status | Notes |
|---|---|---|
| Edit / Write / Patch tools | ✅ | Line-level attribution recorded automatically. |
| Files created via Bash | ✅ | May not work if the agent is not operating from the repository root. |
| Git worktrees | ✅ | Attribution maintained across linked worktrees. |
| Background Agents | ✅ | See docs for Claude Web, Codex Cloud, Cursor Agent, and Devin. |
| Attribute lines from multiple Agent Sessions in the same commit | ✅ | |
| Record which lines a human overrode | ✅ | |
| Attribute sessions that produced no code | ✅ | Records token usage and session activity even when no code is accepted. |
| Accepted rate per session | ✅ | |
| Added and deleted lines per session | ✅ | |
| Tool-call level attribution | ✅ | Resolves attributed lines to the tool call that generated them. |
| Tokens and cost per commit and PR | ✅ | Aggregates token usage and cost across the sessions behind each commit/PR. |
| Formatters | ✅ | Formatting will not change attribution to human. |
| Multi-repo root | If you run an agent that edits multiple repos, Bash attributions only work when the agent runs each command with its cwd inside that repo. |
Git rewrite operations:
| Operation | Status | Notes |
|---|---|---|
git rebase |
✅ | Attribution preserved. View Code |
git cherry-pick |
✅ | Attribution preserved. View Code |
git stash / git stash pop |
✅ | Attribution preserved. View Code |
git merge --squash |
✅ | Attribution preserved. View Code |
git reset --soft |
✅ | Attribution preserved. View Code |
git reset --mixed |
✅ | Attribution preserved. View Code |
git reset --hard |
✅ | Attribution preserved for commits that remain in history. View Code |
git merge (merge commit) |
✅ | Attribution preserved. View Code |
git commit --amend |
✅ | Attribution preserved, including unstaged and partially staged changes. View Code |
git checkout / git switch (branches) |
✅ | Attribution follows the working tree across branch changes. View Code |
git pull (fast-forward / --rebase) |
✅ | Attribution preserved, including autostashed changes. View Code |
git push / git fetch |
✅ | Attribution notes synced to/from the remote. View Code |
git mv |
❌ | Renames are not yet tracked; attribution does not follow the moved file. |
git filter-branch / git filter-repo |
❌ | Bulk history rewrites are not tracked. |
git replace |
❌ | Object replacements are not tracked. |
GitHub, GitLab, Bitbucket, Azure DevOps:
| Capability | Status | Notes |
|---|---|---|
| Squash and Merge | ✅ | Requires Autter for Teams or Open Source CI Actions to preserve attribution. |
| Rebase and Merge | ✅ | Requires Autter for Teams or Open Source CI Actions to preserve attribution. |
Autter builds on the foundation laid by the original authors of git-ai, who first showed that AI-code attribution could live natively inside a repository rather than in an external service. Their work is the starting point everything here grew from, and we're grateful for it.
The key idea we carried forward and built on is Git Notes. Git Notes let you attach metadata to a commit after it already exists, without rewriting the commit or touching its tree — so attribution can be recorded, moved, and merged independently of the code itself. Autter stores its line-level authorship data in a dedicated refs/notes/ai namespace, which is what makes attribution survive rebase, squash, stash, cherry-pick, and the other history rewrites, and what lets the same data sync across machines and the platform. We took that primitive and extended it into the full Autter standard for tracking AI-generated code.
Apache 2.0
