How CodeCleaner Keeps Your Source Code and Data Safe
Last updated: 2026-04-13
Safety is a core design principle of CodeCleaner. The app uses whitelist-based deletion — only paths on a known-safe list of cache and build artifact locations can be removed. Source code files are never targeted. Docker resources are cleaned via official docker prune CLI commands, not by deleting files directly. Everything runs locally on your Mac with no data uploaded, no account required, and no telemetry collected.
Whitelist-based deletion
CodeCleaner maintains an internal whitelist of known-safe cache paths and build artifact folder names. Only items matching this whitelist can be marked for deletion. This means even if a scan discovers files in unexpected locations, they cannot be accidentally removed. The whitelist covers DerivedData, simulator runtimes, npm/yarn/pnpm caches, Cargo registry, pip caches, Gradle caches, and all other supported tool paths.
Docker cleanup via official CLI
Docker resources are cleaned using official docker prune commands, not by deleting files directly from the Docker disk image. This ensures Docker's internal state remains consistent and avoids corruption. CodeCleaner runs `docker image prune`, `docker container prune`, `docker volume prune`, and `docker builder prune` as appropriate.
node_modules and build artifact validation
The node_modules scanner validates that directories actually end with node_modules before allowing removal. The Project Scanner only deletes recognized build artifact folder names (node_modules, target, build, dist, .next, .cache, etc.) or verified Python virtual environments. Random directories cannot be added to the deletion queue.
User review before every cleanup
You always see a complete list of what will be deleted and can select or deselect individual items before any cleanup runs. Nothing is deleted automatically. This gives you full control and the ability to keep specific items that you want to preserve.
Privacy and local processing
Everything runs locally on your Mac. No file paths, directory names, scan results, or any other data is uploaded to any server. No account is required. No telemetry is collected. The app does not make network requests during scanning or cleaning operations.
When to prefer manual cleanup
If you are auditing a shared machine, a regulated environment, or need a paper trail for every command, run the official CLIs yourself and capture logs. CodeCleaner is built for everyday developer machines where visual review plus whitelist rules speed up the same operations.
Frequently asked questions
- Can CodeCleaner delete my Git repository or documents?
- No. Deletion targets are limited to known cache paths and recognized build artifact folder names. Your source trees, Git metadata, and user documents are outside the whitelist used for automated cleanup.
- Does CodeCleaner upload my folder list to the cloud?
- No. Scanning and cleanup run locally. Network access is not used for scan results. Optional Sparkle update checks for the direct-download build use the public appcast only.
Or use CodeCleaner
CodeCleaner automates all of this with a native macOS app. It auto-detects your installed tools, scans the relevant paths in parallel, shows per-item sizes, and lets you clean safely with one click. Free scan, no account required.