DEV.co
Open-Source Observability · subtrace

subtrace

Subtrace is a network inspection tool for backend servers that captures HTTP requests with a single command, supporting Node.js, FastAPI, and other frameworks. It integrates directly into development workflows via CLI and provides request introspection without code changes.

Source: GitHub — github.com/subtrace/subtrace
2.8k
GitHub stars
64
Forks
Go
Primary language
BSD-3-Clause
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositorysubtrace/subtrace
Ownersubtrace
Primary languageGo
LicenseBSD-3-Clause — OSI-approved
Stars2.8k
Forks64
Open issues15
Latest releaseb390 (2025-12-18)
Last updated2026-01-28
Sourcehttps://github.com/subtrace/subtrace

What subtrace is

Written in Go, Subtrace intercepts HTTP traffic at the network level to provide real-time request inspection across multiple backend frameworks and containerized environments. It operates as a CLI wrapper that executes developer commands while capturing network telemetry.

Quickstart

Get the subtrace source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/subtrace/subtrace.gitcd subtrace# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Local development debugging

Developers can inspect HTTP requests and responses during active development without modifying application code or adding instrumentation libraries.

Docker and containerized development

Native support for Docker and Docker Compose environments enables network inspection within containerized workflows, with documented Kubernetes integration paths.

Multi-framework backend inspection

Works across Node.js, FastAPI, and arbitrary command execution, making it suitable for polyglot backend development environments with minimal setup.

Implementation considerations

  • Installation relies on curl script execution from subtrace.dev; verify organizational security and artifact management policies.
  • Requires CLI wrapper invocation pattern; assess compatibility with existing development scripts, CI/CD pipelines, and IDE integration workflows.
  • Network inspection scope and filtering capabilities not documented; clarify request volume handling and performance overhead in production-like test loads.
  • Private beta status on macOS suggests feature parity and stability may vary across platforms; evaluate team OS distribution.
  • No visible support for gRPC, WebSocket, or non-HTTP protocols; confirm coverage aligns with backend architecture patterns.

When to avoid it — and what to weigh

  • Production monitoring requirement — Tool is positioned as a development inspector; no evidence of production-grade SLA, high-throughput support, or enterprise monitoring guarantees.
  • macOS-primary development — macOS support is explicitly in private beta with a waitlist requirement, limiting usability for teams primarily on Apple hardware.
  • Zero instrumentation requirement — Requires executing commands via the `subtrace run` wrapper; applications that cannot be invoked via CLI or require pre-existing instrumentation may face friction.
  • Offline or air-gapped environments — Installation uses online script execution (`curl | sh`); no evidence of offline installation methods or standalone binary distribution for restricted networks.

License & commercial use

Licensed under BSD-3-Clause, a permissive OSI-approved license permitting commercial use, modification, and distribution with attribution and liability disclaimer.

BSD-3-Clause permits commercial use without royalty or source disclosure. However, this is a development tool with active but young codebase (created May 2024); evaluate stability and vendor lock-in before committing to production workflows. No service-level agreements, liability limits, or commercial support terms are evident from public GitHub repository.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationAdequate
License clarityClear
Deployment complexityLow
DEV.co fitGood
Assessment confidenceMedium
Security considerations

Tool intercepts network traffic to provide inspection; validate that captured request/response data is handled securely (no logging to shared storage, no unencrypted transmission). Installation via curl script introduces supply-chain risk; verify artifact integrity. No security audit or vulnerability disclosure policy evident. Consider whether request inspection in CI/CD or shared development environments exposes sensitive headers or payloads.

Alternatives to consider

mitmproxy

Mature HTTP/HTTPS proxy with stronger extensibility and Python scripting; better for production traffic analysis and custom filtering logic.

Charles Proxy

Commercial desktop proxy with rich UI and native macOS support; suitable for teams prioritizing GUI-driven inspection and detailed filtering.

OpenTelemetry instrumentation libraries

Standard observability approach for production workloads; provides richer context (distributed tracing, metrics) and integrates with existing monitoring stacks.

Software development agency

Build on subtrace with DEV.co software developers

Subtrace offers low-friction request inspection for backend developers. Assess macOS support status, integration with your observability stack, and data handling policies before adoption.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

subtrace FAQ

Does Subtrace work with my existing observability stack?
Not clearly stated. No documented integration with OpenTelemetry, Jaeger, Prometheus, or APM platforms. If your team uses observability backends, clarify whether Subtrace is complementary or standalone.
Can I use this in CI/CD pipelines?
CLI wrapper design suggests yes, but no documented CI/CD integration examples (GitHub Actions, GitLab CI, etc.). Requires manual testing; evaluate impact on pipeline execution time and secret handling.
What happens to captured request data?
Not documented. Clarify retention, encryption, and export mechanisms, especially in team or CI/CD contexts where sensitive headers or payloads may be visible.
Is there a Windows version?
Not mentioned. Linux and macOS (beta) are the only documented platforms. Windows users require WSL or alternative tools.

Software developers & web developers for hire

Adopting subtrace is usually one piece of a larger software development effort. As a software development agency, DEV.co provides software development services and web development expertise — pairing senior software developers and web developers with your team to design, build, and operate open-source observability software in production.

Evaluate Subtrace for Your Dev Team

Subtrace offers low-friction request inspection for backend developers. Assess macOS support status, integration with your observability stack, and data handling policies before adoption.