Overview
International transfers in .git handle cross-region repository synchronization, edge asset distribution, and compliant data routing for globally distributed development teams. This module ensures low-latency access, regulatory compliance, and seamless cross-border CI/CD execution.
When a repository is flagged for international distribution, .git automatically provisions regional edge nodes, establishes secure transfer tunnels, and applies geo-fencing rules based on your organization's compliance profile.
International transfers require at least a Pro plan. Enterprise customers can enforce strict data residency policies via the admin dashboard or .git/config.
Architecture
Transfers operate through a three-layer routing system:
- Origin Sync β Primary repository state is captured and chunked into immutable diff packages.
- Edge Replication β Packages are routed to regional edge clusters via optimized TCP/QUIC tunnels with automatic failover.
- Local Resolution β Developer pull/clone requests resolve to the nearest edge node, reducing latency by up to 78%.
Configuration
Enable international transfers by adding the transfer directive to your .git/config or via the CLI:
[transfer]
enabled = true
mode = edge-sync
regions = eu-west-1, ap-southeast-2, us-east-1
encryption = aes-256-gcm
compliance = gdpr, ccpaAlternatively, configure via CLI:
$ git intl enable --regions eu-west-1,ap-southeast-2 \
--compliance gdpr,ccpa \
--encryption aes-256-gcmCompliance & Data Sovereignty
.git supports regional data residency and cross-border transfer frameworks out of the box. The following regions are supported with full compliance mapping:
| Region | Framework | Data Residency | Transfer Mode |
|---|---|---|---|
| EU (Frankfurt) | GDPR, ePrivacy | Strict | Encrypted Tunnel + Anonymization |
| US (Virginia) | CCPA, SOC 2 Type II | Flexible | Standard Replication |
| APAC (Singapore) | PDPA, MyGovCloud | Strict | Edge-Isolated Sync |
| UK (London) | UK-GDPR, Data Protection Act | Strict | Sovereign Edge Routing |
Cross-border transfers to non-compliant regions are blocked by default. Override requires Enterprise admin approval and audit logging.
Monitoring & Debugging
Track international transfer health using the built-in observability dashboard or CLI:
$ git intl status --verbose
π EU-West-1 β Active 12ms 99.98% uptime
π AP-Southeast β Active 28ms 99.95% uptime
πΊπΈ US-East-1 β Degraded 45ms 98.20% uptime (scheduled maintenance)Real-time metrics are available at /api/v2/transfer/metrics and can be piped to Datadog, Grafana, or PagerDuty via webhook.
Troubleshooting
Transfer stuck in PENDING state
This usually indicates a DNS resolution failure at the edge node or a firewall blocking QUIC traffic (port 443). Run:
$ git intl diagnose --region eu-west-1
[β] Connectivity check passed
[β] QUIC handshake failed β TLS 1.3 not supported by proxy
[β] Recommendation: Allow UDP 443 or fallback to TCP transportHigh latency on clone operations
If local clone latency exceeds 800ms, verify your fetch.parallel setting and ensure edge caching is enabled:
git config --global transfer.edge-cache true
git config --global fetch.parallel 5FAQ
Q: Can I restrict transfers to specific IP ranges?
A: Yes. Use transfer.allowed-ips in your config or define CIDR blocks in the admin panel under Network Policies.
Q: How are secrets handled during cross-region replication?
A: Secrets are never transmitted in plain text. They are encrypted at rest and in transit using per-region KMS keys. Cross-region secret sync uses envelope encryption with automatic rotation.
Q: Is there a bandwidth cap?
A: Pro plans include 2TB/month cross-region transfer. Enterprise plans offer unlimited bandwidth with prioritized QoS routing.