Reposaur is the open source compliance tool for development platforms.

Audit, verify and report on your data and configurations easily with pre-defined and/or custom policies.
Supports GitHub. GitLab, BitBucket and Gitea support soon.

Features

• Custom policies using the Rego policy language (learn more)
• A simple, composable and easy-to-use CLI (learn more)
• Extendable using a straightforward SDK (written in Go)
• Reports follow the standard SARIF format, enabling easy integrations with different systems
• Policies can be unit tested, guaranteeing they work as expected
• Integration with the major development platforms (see Integrations)
• Easily integrate new platforms using the SDK

Installation

Homebrew Tap

$ brew install reposaur/tap/reposaur

DEB, RPM and APK Packages

Download the .deb, .rpm or .apk packages from the releases page and install them with the appropriate tools.

Go

$ go install github.com/reposaur/reposaur/cmd/rsr@latest

Integrations