DevSafe / Docs
Docs Get started Quickstart

From zero to protected
in under five minutes.

DevSafe is a single binary. Install it, point it at your projects directory, and walk away. Everything below is optional refinement.

Install

DevSafe ships as a single statically-linked binary. Pick the install method that matches your setup.

macos · homebrew
$ brew install hxalabs/tap/devsafe
linux · curl
$ curl -fsSL https://get.devsafe.com | sh
windows · scoop
> scoop install devsafe

Verify the install with devsafe --version. You should see 0.4.2 or higher.

Walk your filesystem

1

Sign in

Authenticate the CLI with your DevSafe account. This opens a browser window once; from then on, DevSafe runs locally with no further auth.

terminal
$ devsafe login
→ opening browser to authenticate…
 signed in as you@devsafe.com
2

Generate your key

DevSafe uses zero-knowledge encryption — your key is generated on your machine and never sent to us. Store the recovery phrase somewhere safe.

terminal
$ devsafe key new --name "prod-2026"
 generated AES-256 key (id: prod-2026)
 recovery phrase saved to ~/.devsafe/recovery

# back this up now — we cannot recover it for you
This is the only time we'll show you this phrase.

DevSafe cannot recover lost keys — that's the point. Print the recovery phrase, store it in a password manager, or write it on paper. Learn more about key custody →

3

Watch your projects

Point DevSafe at the directory that contains your repositories. It walks the filesystem, finds every git repo, and starts watching for changes.

terminal
$ devsafe watch ~/projects
 discovered 14 repositories
 encrypting with prod-2026 (AES-256)
 streaming first snapshot — 8.4 GB → 3.2 GB after dedup
 watcher running in background (pid 41209)

# you can close this terminal — devsafe keeps running
4

Verify it's working

Make a change in any of those repos, save the file, then check status. You should see the snapshot timestamp update.

terminal
$ devsafe status
repository           health   last snapshot
───────────────────────────────────────────
api-server            99     2 minutes ago
design-tokens         97     3 minutes ago
marketing-site        98     just now
… 11 more

 14 repos · health 96 · watcher healthy
That's it. You're protected.

DevSafe will keep snapshotting in the background — every file save, every branch switch, every stash. You don't need to think about it again. See what to try next →

Try a restore

The whole point of backup is restore. Try rolling a single repo back one hour to confirm the round-trip works on your machine.

terminal
$ devsafe restore api-server --to "1h ago"
→ resolving snapshot at 13:23:08…
→ saving current state as "pre-restore" checkpoint…
 restored — 12 files changed, 0 conflicts
 drift: 0 files (perfect roundtrip)

Want to restore a single file? Use --file path/to/file. Want to restore to a specific moment? Use a timestamp: --to "2026-04-29 14:00".