HN Showcase
Back to browse
GitHub Repository

Open source CLI to check compliance of your GitLab CI/CD pipelines and repos

711 starsGo

A simple CLI to check CI/CD compliance and project governance in GitLab

by coconux·Mar 9, 2026·4 points·0 comments
Visit ProjectView on HN

AI Analysis

●●SolidNiche GemSolve My ProblemShip It

Open-source policy enforcement for GitLab CI where Enterprise features usually cost extra.

Strengths
  • Detects mutable tags and unsafe injection directly in pipeline config files.
  • SLSA Level 3 build compliance shows attention to supply chain security.
  • Local validation allows fixing compliance errors before pushing code remotely.
Weaknesses
  • GitLab-only focus limits adoption compared to multi-platform policy tools like Conftest.
  • Rule customization requires editing YAML config rather than a visual dashboard.
Category
Security
Target Audience

DevSecOps engineers and GitLab administrators managing pipeline governance

Similar To

Checkov · Conftest · GitLab Ultimate

Similar Projects

Security●●Solid

Open-source scanner finds 97% of AI agent code non-compliant EU AI Act

Linter for EU AI Act: scans agent code against Articles 9–15, finds 97% non-compliance.

Big BrainBold Bet
airblackbox
113mo ago