DEV.co
Open-Source Testing · usebruno

bruno

Bruno is an open-source API client IDE for testing and exploring REST, GraphQL, and OpenAPI endpoints. It stores collections as plain-text files in version control rather than cloud, positioning itself as a lightweight, privacy-focused alternative to Postman.

Source: GitHub — github.com/usebruno/bruno
45.4k
GitHub stars
2.7k
Forks
JavaScript
Primary language
MIT
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositoryusebruno/bruno
Ownerusebruno
Primary languageJavaScript
LicenseMIT — OSI-approved
Stars45.4k
Forks2.7k
Open issues1.8k
Latest releasev3.5.1 (2026-07-02)
Last updated2026-07-08
Sourcehttps://github.com/usebruno/bruno

What bruno is

Built in JavaScript with a desktop GUI and CLI component, Bruno persists API requests in a custom Bru markup language and integrates with Git for team collaboration. It includes Docker support and can run collections programmatically via CLI or web UI.

Quickstart

Get the bruno source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/usebruno/bruno.gitcd bruno# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

API development and testing in version-controlled teams

Collections stored as plain text enable Git-based workflows, diffs, and collaboration without cloud lock-in. Ideal for teams wanting request history and code review integration.

Offline-first API exploration and debugging

No cloud sync or internet requirement; full functionality on local machine. Suitable for air-gapped environments, field testing, or privacy-sensitive organizations.

Automated API testing in CI/CD pipelines

CLI and Docker support enable integration into GitHub Actions, GitLab CI, Jenkins, etc. Run entire collections or single requests as part of automated workflows.

Implementation considerations

  • Desktop app and CLI are separate installs; verify all team members can access correct distribution (Homebrew, Chocolatey, Snap, Flatpak, direct binary).
  • Collections stored as plain text in filesystem; ensure robust .gitignore practices and secrets management (environment files, credential storage) before sharing.
  • CLI runs via Node.js or Docker; CI/CD pipelines need npm or Docker runtime available; Docker images published to both Hub and GitHub Container Registry.
  • Bru markup language is project-specific; migration from Postman or Insomnia collections requires conversion tools (check docs for import support).
  • No built-in auth backend; environment-based credential passing and test isolation depend on collection structure discipline.

When to avoid it — and what to weigh

  • Cloud-centric team workflows required — No cloud sync, real-time collaboration dashboard, or hosted history. Teams requiring instant cross-device sync should evaluate Postman, Insomnia, or similar.
  • Enterprise API gateway or proxy integration needed — Not clearly stated if Bruno integrates with enterprise proxies, SAML, or centralized policy enforcement. Requires review for regulated environments.
  • Advanced mock server or contract testing capabilities — README emphasizes testing and exploration; mock server parity with Postman or Prism is not stated. Check feature list or docs before committing.
  • Closed-network environments without Docker support — Requires Node.js/npm or Docker; air-gapped setups may face dependency and update challenges without external package managers.

License & commercial use

MIT License. Permissive OSI-approved license allowing commercial use, modification, and distribution with attribution. No copyleft obligations.

MIT license permits commercial use of the open-source distribution without restriction. However, README mentions paid versions with additional features. Clarify whether commercial users are expected or required to purchase a paid tier; this is not stated in provided data. For internal deployment in a commercial setting, open-source version is licensed for use, but support and feature parity should be confirmed with the project maintainers.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationAdequate
License clarityClear
Deployment complexityLow
DEV.co fitGood
Assessment confidenceHigh
Security considerations

No explicit security audit, threat model, or vulnerability disclosure policy stated in provided data. Offline-first design reduces cloud breach surface. Plain-text collection storage means credentials must be managed carefully (environment variables, .gitignore discipline). Collections stored on filesystem subject to local access controls; no encryption at rest or in transit stated. Dependency security: JavaScript/Node.js stack subject to npm ecosystem risks. Request security considerations (SSL/TLS, certificate validation) not detailed. Requires independent security review and dependency scanning before use in regulated or high-sensitivity contexts.

Alternatives to consider

Postman

Market leader with cloud sync, team features, mock servers, and advanced automation. Offers free tier but monetizes team collaboration and cloud services. Closed ecosystem; collections not directly Git-committable.

Insomnia (Kong)

Similar offline-first option with cloud sync available (optional). Broader plugin ecosystem and advanced debugging. Commercial support model; open-source core with paid features.

REST Client (VS Code extension) / Thunder Client

Lightweight, minimal dependencies. REST Client integrates into editor workflow; Thunder Client offers standalone app. Less feature-rich but suitable for individual developers or simple workflows.

Software development agency

Build on bruno with DEV.co software developers

Download Bruno or review the CLI documentation to assess fit for your team's collaboration model, CI/CD pipeline, and data privacy requirements.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

bruno FAQ

Can Bruno sync collections across devices?
No. Bruno is explicitly offline-only and does not support cloud sync. Use Git or another version control system to share collections across machines and teams.
Does Bruno work in CI/CD pipelines?
Yes. Bruno CLI (npm install -g @usebruno/cli) and Docker images (usebruno/cli) support automated testing. Examples provided for GitHub Actions, GitLab CI, and Jenkins.
How are secrets and credentials stored?
Not clearly stated in provided data. Typically managed via environment files and Git .gitignore. Review documentation and security best practices before storing sensitive data in collections.
Is there a free tier or do I need to pay?
Open-source version is free and MIT-licensed for commercial use. Paid versions are available on usebruno.com/pricing; specific features not detailed in provided excerpt.

Work with a software development agency

DEV.co is a software development agency delivering custom software development services to companies building on open source. Our software developers and web developers design, integrate, and ship production systems — spanning web development, APIs, AI, data, and cloud. If bruno is part of your open-source testing roadmap, our team can implement, customize, migrate, and maintain it.

Evaluate Bruno for your API testing workflow.

Download Bruno or review the CLI documentation to assess fit for your team's collaboration model, CI/CD pipeline, and data privacy requirements.