bruno
Bruno is an open-source API client IDE for testing and exploring REST, GraphQL, and OpenAPI endpoints. It stores collections as plain-text files in version control rather than cloud, positioning itself as a lightweight, privacy-focused alternative to Postman.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | usebruno/bruno |
| Owner | usebruno |
| Primary language | JavaScript |
| License | MIT — OSI-approved |
| Stars | 45.4k |
| Forks | 2.7k |
| Open issues | 1.8k |
| Latest release | v3.5.1 (2026-07-02) |
| Last updated | 2026-07-08 |
| Source | https://github.com/usebruno/bruno |
What bruno is
Built in JavaScript with a desktop GUI and CLI component, Bruno persists API requests in a custom Bru markup language and integrates with Git for team collaboration. It includes Docker support and can run collections programmatically via CLI or web UI.
Get the bruno source
Clone the repository and explore it locally.
git clone https://github.com/usebruno/bruno.gitcd bruno# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- Desktop app and CLI are separate installs; verify all team members can access correct distribution (Homebrew, Chocolatey, Snap, Flatpak, direct binary).
- Collections stored as plain text in filesystem; ensure robust .gitignore practices and secrets management (environment files, credential storage) before sharing.
- CLI runs via Node.js or Docker; CI/CD pipelines need npm or Docker runtime available; Docker images published to both Hub and GitHub Container Registry.
- Bru markup language is project-specific; migration from Postman or Insomnia collections requires conversion tools (check docs for import support).
- No built-in auth backend; environment-based credential passing and test isolation depend on collection structure discipline.
When to avoid it — and what to weigh
- Cloud-centric team workflows required — No cloud sync, real-time collaboration dashboard, or hosted history. Teams requiring instant cross-device sync should evaluate Postman, Insomnia, or similar.
- Enterprise API gateway or proxy integration needed — Not clearly stated if Bruno integrates with enterprise proxies, SAML, or centralized policy enforcement. Requires review for regulated environments.
- Advanced mock server or contract testing capabilities — README emphasizes testing and exploration; mock server parity with Postman or Prism is not stated. Check feature list or docs before committing.
- Closed-network environments without Docker support — Requires Node.js/npm or Docker; air-gapped setups may face dependency and update challenges without external package managers.
License & commercial use
MIT License. Permissive OSI-approved license allowing commercial use, modification, and distribution with attribution. No copyleft obligations.
MIT license permits commercial use of the open-source distribution without restriction. However, README mentions paid versions with additional features. Clarify whether commercial users are expected or required to purchase a paid tier; this is not stated in provided data. For internal deployment in a commercial setting, open-source version is licensed for use, but support and feature parity should be confirmed with the project maintainers.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Adequate |
| License clarity | Clear |
| Deployment complexity | Low |
| DEV.co fit | Good |
| Assessment confidence | High |
No explicit security audit, threat model, or vulnerability disclosure policy stated in provided data. Offline-first design reduces cloud breach surface. Plain-text collection storage means credentials must be managed carefully (environment variables, .gitignore discipline). Collections stored on filesystem subject to local access controls; no encryption at rest or in transit stated. Dependency security: JavaScript/Node.js stack subject to npm ecosystem risks. Request security considerations (SSL/TLS, certificate validation) not detailed. Requires independent security review and dependency scanning before use in regulated or high-sensitivity contexts.
Alternatives to consider
Postman
Market leader with cloud sync, team features, mock servers, and advanced automation. Offers free tier but monetizes team collaboration and cloud services. Closed ecosystem; collections not directly Git-committable.
Insomnia (Kong)
Similar offline-first option with cloud sync available (optional). Broader plugin ecosystem and advanced debugging. Commercial support model; open-source core with paid features.
REST Client (VS Code extension) / Thunder Client
Lightweight, minimal dependencies. REST Client integrates into editor workflow; Thunder Client offers standalone app. Less feature-rich but suitable for individual developers or simple workflows.
Build on bruno with DEV.co software developers
Download Bruno or review the CLI documentation to assess fit for your team's collaboration model, CI/CD pipeline, and data privacy requirements.
Talk to DEV.coRelated open-source tools
Surfaced by semantic similarity across the DEV.co open-source index.
Related on DEV.co
Explore the category and the services that help you build with it.
bruno FAQ
Can Bruno sync collections across devices?
Does Bruno work in CI/CD pipelines?
How are secrets and credentials stored?
Is there a free tier or do I need to pay?
Work with a software development agency
DEV.co is a software development agency delivering custom software development services to companies building on open source. Our software developers and web developers design, integrate, and ship production systems — spanning web development, APIs, AI, data, and cloud. If bruno is part of your open-source testing roadmap, our team can implement, customize, migrate, and maintain it.
Evaluate Bruno for your API testing workflow.
Download Bruno or review the CLI documentation to assess fit for your team's collaboration model, CI/CD pipeline, and data privacy requirements.