continuous-integration
Launch .gitlab-ci.yml jobs locally, wrapped inside the specific images, with inplace project volume mounts and adaptive user selections.
The main purpose of this project is to unify and enhance reliability of builds, tests or releases running on GitLab CI in a similar local context, by providing the simplicity of an interactive and automated terminal tool and avoiding code duplication (Makefile, Shell scripts, docker run, ...).
Related contents:
OpenAPI Breaking Change Detection & PR Review. Know exactly what changed in your API — and who approved it. Command-line and Go package to compare and detect breaking changes in OpenAPI specs.
oasdiff posts a breaking change report on every pull request, with one-click approve/reject for each change. The CI gate updates automatically.
Related contents:
A multi-platform CI/CD vulnerability detection and attack automation tool for identifying security weaknesses in pipeline configurations.
Trajan scans CI/CD pipelines for security vulnerabilities that attackers use to compromise software supply chains. It supports GitHub Actions, GitLab CI, Azure DevOps, Jenkins, and JFrog.
A debugger for your CI pipeline.
Interactive CI pipeline debugger. Step through GitHub Actions workflows locally with Docker. Step through GitHub Actions workflows locally with Docker. Pause before each step, inspect the environment, drop into a shell, modify variables, re-run failed steps — without pushing and waiting.
Catch cloud waste before it ships. Shift-left cloud hygiene engine for AWS and Azure. Catch waste in CI - read-only, deterministic, zero telemetry.
Like tfsec for Terraform or trivy for containers — CleanCloud finds orphaned resources in AWS and Azure and enforces hygiene gates in your CI/CD pipeline before waste reaches production.
Related contents:
Continuously update everything. A Declarative Update Policy Engine.
"Automatically open a PR on your GitOps repository when a third party service publishes an update"
Updatecli is a tool used to apply file update strategies. Designed to be used from everywhere, each application "run" detects if a value needs to be updated using a custom strategy then apply changes according to the strategy.
You describe your update strategy in a file then you run updatecli to it.
Related contents:
Open Source DevOps Control Plane.
Run operational workflows across the tools you already use. Stay in control of releases, incident response, infrastructure provisioning, notifications, disaster recovery, and everything in between. SuperPlane is an open source DevOps control plane for defining and running event-based workflows. It works across the tools you already use such as Git, CI/CD, observability, incident response, infra, and notifications.
Related contents:
the continuous thing-doer.
Concourse is an automation system written in Go. It is most commonly used for CI/CD, and is built to scale to any kind of automation pipeline, from simple to complex.
Concourse is very opinionated about a few things: idempotency, immutability, declarative config, stateless workers, and reproducible builds.
the nix CI.
Click. Push. Done. Just install the garnix GitHub App, and push a flake.nix file to your repo. We’ll handle the rest, from building your software and running your tests, to provisioning and deploying your servers.
Related contents:
OpenSource compliance CLI for GitLab CI/CD.
Analyze your GitLab CI/CD pipelines for security and compliance: pipeline composition (templates, components, version constraints), container images (mutable tags, trusted registries), and branch protection settings.
Plumber is a compliance scanner for GitLab. It reads your .gitlab-ci.yml and repository settings, then checks for security and compliance issues.
Related contents:
Parallel testing for PHPUnit.
The objective of ParaTest is to support parallel testing in PHPUnit. Provided you have well-written PHPUnit tests, you can drop paratest in your project and start using it with no additional bootstrap or configurations!
Related contents:
Cache dependencies and build outputs in GitHub Actions.
Related contents:
The Oxidized PHP Toolchain. A blazing fast linter, formatter, and static analyzer for PHP, written in Rust.
Mago is a toolchain for PHP that aims to provide a set of tools to help developers write better code.
Related contents:
OpenAPI Linter: The worlds fastest OpenAPI quality tool.
vacuum is the worlds fastest OpenAPI 3, OpenAPI 2 / Swagger linter and quality analysis tool. Built in go, it tears through API specs faster than you can think. vacuum is compatible with Spectral rulesets and generates compatible reports.
Python-based continuous integration testing framework; your pull requests are more than welcome!
Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. It automates the process of checking Java code to spare humans of this boring (but important) task. This makes it ideal for projects that want to enforce a coding standard.
Build professional pipelines in minutes.
The goal of this project is to make building a professional CI/CD pipeline as easy as including a couple of GitLab CI templates in your .gitlab-ci.yml file.
Related contents:
FTA (Fast TypeScript Analyzer) is a super-fast TypeScript static analysis tool written in Rust. It captures static information about TypeScript code and generates easy-to-understand analytics that tell you about complexity and maintainability issues that you may want to address.
Golangci-lint is a fast linters runner for Go
It runs linters in parallel, uses caching, supports YAML configuration, integrates with all major IDEs, and includes over a hundred linters.
Related contents:
DevOps Platform Powerful. Simple. Git server with CI/CD, kanban, and packages. Seamless integration. Unparalleled experience.
Cut Your GitHub Actions Bill by 90%.
Self-hosted GitHub Actions runners made simple. For AWS. 10x cheaper, 30% faster, and unlimited caching. Best alternative to Actions Runner Controller.
RunsOn is the modern way to run self-hosted GitHub Actions runners of any size, at the cheapest price available. Think of it as your best alternative to the Actions Runner Controller (ARC) for Kubernetes, the Philips terraform module, or any of the third party providers that require deep access to your code and secrets.
A general-purpose Claude Code action for GitHub PRs and issues that can answer questions and implement code changes. This action intelligently detects when to activate based on your workflow context—whether responding to @claude mentions, issue assignments, or executing automation tasks with explicit prompts. It supports multiple authentication methods including Anthropic direct API, Amazon Bedrock, and Google Vertex AI.
Zuul is an open source CI tool.
Zuul is a project gating system. Keep your builds evergreen by automatically merging changes only if they pass tests.
Related contents:
A bot that integrates with GitHub and your favorite continuous integration service.
Homu listens to the pull request comments, waiting for an approval comment from one of the configured reviewers. When the pull request is approved, Homu tests it using your favorite continuous integration service, and only when it passes all the tests, it is merged into master.
Related contents:
🧙♀️ Move Fast and Break Nothing. End-to-end typesafe APIs made easy.
Experience the full power of TypeScript inference to boost productivity for your full-stack application.
tRPC allows you to easily build & consume fully typesafe APIs without schemas or code generation.
Related contents:
Ephemeral GitHub Runners with Secure Multi-Tenant Isolation.
ForgeMT is a secure, scalable GitHub Actions runner platform for ephemeral workloads. Designed for multi-tenant environments, it automates isolated runner provisioning on Kubernetes or EC2, with built-in OIDC, IAM, cost optimization, and deep observability.
Actionable test coverage checks for Ruby and Github.
Find missing tests instantly.
undercover warns about methods, classes and blocks that were changed without tests, to help you easily find untested code and reduce the number of bugs. It does so by analysing data from git diffs, code structure and SimpleCov coverage reports.
Exploring LLM-powered automation in platform-based software collaboration.
Related contents:
Local CI. Sign off on your own work.
A GitHub CLI extension for local CI. Run your tests on your own machine and sign off when they pass.
Remote CI runners are fantastic for repeatable builds, comprehensive test suites, and parallelized execution. But many apps don't need all that. Maybe yours doesn't either.
The fast lane for your PRs.
Trunk is a developer experience (DevEx) platform that enables you to ship code quickly while maintaining the necessary guardrails for excellent eng teams. Use Trunk to check, test, merge, and monitor your code.
A framework for securing software update systems.
The Update Framework (TUF) maintains the security of software update systems, providing protection even against attackers that compromise the repository or signing keys. TUF provides a flexible framework and specification that developers can adopt into any software update system.
Related contents:
A framework to secure the integrity of software supply chains.
in-toto is designed to ensure the integrity of a software product from initiation to end-user installation. It does so by making it transparent to the user what steps were performed, by whom and in what order.
Related contents:
🐍 🔍 GuardDog is a CLI tool to Identify malicious PyPI and npm packages.
GuardDog is a CLI tool that allows to identify malicious PyPI and npm packages or Go modules. It runs a set of heuristics on the package source code (through Semgrep rules) and on the package metadata. GuardDog can be used to scan local or remote PyPI and npm packages or Go modules using any of the available heuristics.
Related contents:
trigger async analysis from your Gitlab CI and expose badges.
Gitlab CI triggers asynchone REST analysis and display badges and files.
Related contents:
OpenChoreo is an open-source internal developer platform (IDP)
OpenChoreo is a complete, open-source Internal Developer Platform (IDP) designed for platform engineering (PE) teams who want to streamline developer workflows and deliver Internal Developer Portals without having to build everything from scratch. OpenChoreo orchestrates many CNCF and other projects to give a comprehensive framework for PE teams to build the platform they want.
Related contents:
Keep builds green with a highly customizable merge queue
Deploy more PRs while cutting CI runtimes. Easily merge changes into a massive monorepo, and run custom CI validations without breaking builds.
Related contents:
GitLab Runner is the open source project that is used to run your CI/CD jobs and send the results back to GitLab.
Related contents:
Build Analyzer. Analyzer for Rspack & webpack.
Visualize the building process.
Rsdoctor is a build analyzer tailored for the Rspack ecosystem and fully compatible with the webpack ecosystem.
Rsdoctor is committed to being a one-stop, intelligent build analyzer that makes the build process transparent, predictable, and optimizable through visualization and smart analysis, helping development teams precisely identify bottlenecks, optimize performance, and improve engineering quality.
GitHub Actions. Twice as fast. Half the cost.
Speed up your GitHub Actions with a one-line code change, by running them on high-performance gaming CPUs instead of GitHub's older server hardware.
Related contents:
Wait for anything! A lightweight tool to wait for services to be ready.
Wait4X allows you to wait for a port or a service to enter the requested state, with a customizable timeout and interval time.
The Open-Source Static Analysis Toolkit.
Write SAST checkers with Globstar and run them in your CI with a single binary. It's fast, easy to write, and MIT-licensed. Globstar is a fast, feature-rich, and open-source static analysis toolkit for writing and running code checkers. Based on tree-sitter.
Continuous Integration & Delivery.
Semaphore CI/CD helps product teams ship software faster, with quality and security. Semaphore is an open source CI/CD platform. Self-host Semaphore on your own servers or on a cloud provider.
Related contents:
A performant type-checker for Python 3.
Pyre is a performant type checker for Python compliant with PEP 484. Pyre can analyze codebases with millions of lines of code incrementally – providing instantaneous feedback to developers as they write code. You can try it out on examples in the Pyre Playground.
Related contents:
Taskcluster is the task execution framework that supports Mozilla's continuous integration and release processes. It is a flexible, scalable open-source framework that can be used to build complex, highly customized CI systems.
Related contents:
Count your code, quickly.
Tokei is a program that displays statistics about your code. Tokei will show the number of files, total lines within those files and code, comments, and blanks grouped by language.
Jenkins automation server.
Jenkins is the leading open-source automation server. Built with Java, it provides over 1,800 plugins to support automating virtually anything, so that humans can spend their time doing things machines cannot.
Related contents:
- Mastering Docker and Jenkins: Build Robust CI/CD Pipelines Efficiently @ Docker blog.
- GitHub Actions vs. Jenkins: Which one's right for your team? @ Buildkite.
- Jenkins’ Flexibility is its Greatest Strength and its Achilles Heel @ CloudBees.
- CI/CD in Production with Jenkins – Complete DevOps Course @ freeCodeCamp.org's YouTube.
Optional Static Typing for Python.
Mypy is an optional static type checker for Python that aims to combine the benefits of dynamic (or "duck") typing and static typing. Mypy combines the expressive power and convenience of Python with a powerful type system and compile-time type checking. Mypy type checks standard Python programs; run them using any Python VM with basically no runtime overhead.
Robot Framework is an open source automation framework for test automation and robotic process automation (RPA). It is supported by the Robot Framework Foundation and widely used in the industry.
Its human-friendly and versatile syntax uses keywords and supports extending through libraries in Python, Java, and other languages.
It integrates with other tools for comprehensive automation without licensing fees, bolstered by a rich community with hundreds of 3rd party libraries.
Build High-Quality Software with AI‑Powered Testing.
Empowering your testing journey with precision and efficiency. Our AI-augmented tools ensure not just excellence but also the ability to deliver high-quality software at scale.
Mago is a toolchain for PHP that aims to provide a set of tools to help developers write better code.
Mago (derived from Mago (Punic: 𐤌𐤂𐤍, MGN), a renowned Carthaginian figure) is a toolchain for PHP that aims to provide a set of tools to help developers write better code. Mago draws inspiration from the Rust programming language and its ecosystem, striving to bring similar convenience, reliability, and a great developer experience to the PHP world.
The Continuous Merge Platform.
Save time and CI costs while making code merging more secure and less frustrating for developers.
Automate your GitHub Pull Requests.
🔮 A bot to automatically update and merge GitHub PRs.
All You Badges.
My Badges is a GitHub Action that generates badges for your profile README.md. Badges will be updated automatically every day. And you will get new badges as you progress, or as community adds new badges. Yes, you can add your own badges!
TwigStan is a static analyzer for Twig templates powered by PHPStan.
TwigStan uses Twig to compile templates to PHP code. It then optimizes the compiled PHP code slightly, allowing PHPStan to analyze it better. It then reports any errors back to the original template and line number.
ar-go-tools (Argot) is a collection of analysis tools for Go
An enterprise friendly way of detecting and preventing secrets in code.
detect-secrets is an aptly named module for (surprise, surprise) detecting secrets within a code base.
📦🚀 Fully automated version management and package publishing.
semantic-release automates the whole package release workflow including: determining the next version number, generating the release notes, and publishing the package.
Open source AI. Code Reviews and Docs. Customizable LLM-enabled workflows to automate reviews, docs and patches.
Patchwork automates development gruntwork like PR reviews, bug fixing, security patching, and more using a self-hosted CLI agent and your preferred LLMs. Try the hosted version here.
Sample Go app repo with test and release pipelines optimized for software supply chain security (S3C).
Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko generative SBOM, cosign attestation, and SLSA build provenance