DEV.co
Open-Source Testing · kiwitcms

Kiwi

Kiwi TCMS is an open-source test management system built in Python that supports both manual and automated testing with features like bug tracker integration, access control, and API layers. It has been actively maintained since its 2017 fork from the Nitrate project and serves as an alternative to commercial test management tools.

Source: GitHub — github.com/kiwitcms/Kiwi
1.2k
GitHub stars
363
Forks
Python
Primary language
GPL-2.0
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositorykiwitcms/Kiwi
Ownerkiwitcms
Primary languagePython
LicenseGPL-2.0 — OSI-approved
Stars1.2k
Forks363
Open issues136
Latest releasev16.1 (2026-06-24)
Last updated2026-07-08
Sourcehttps://github.com/kiwitcms/Kiwi

What Kiwi is

Django-based Python application offering test case management, test execution tracking, bug integration, role-based access control, and REST API. Deployable via Docker; supports multiple database backends and integrations with external systems (GitLab confirmed).

Quickstart

Get the Kiwi source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/kiwitcms/Kiwi.gitcd Kiwi# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Mid-to-large QA teams needing centralized test organization

Kiwi TCMS provides powerful access control, search, and visual reporting suitable for teams coordinating manual and automated testing across multiple projects.

Organizations seeking open-source alternatives to TestLink/TestRail

Designed as a successor to Nitrate; offers comparable TCMS features without vendor lock-in or licensing costs, with active community maintenance.

DevOps/CI-CD pipelines requiring test result aggregation

Rich REST API and test automation framework plugins enable integration into continuous delivery workflows for centralized test reporting and traceability.

Implementation considerations

  • GPL-2.0 copyleft license requires all modifications to be made available; verify internal IP strategy before customizing.
  • Docker-based deployment simplifies initial setup; assess database backend requirements and persistence strategy for production.
  • No explicit security audit data provided; review Coverity and codecov metrics (referenced in README) and conduct threat modeling for sensitive test data.
  • Python/Django stack; ensure organization has expertise in those technologies for customization and troubleshooting.
  • 136 open issues at snapshot; assess backlog health and prioritization before committing to critical workflow dependencies.

When to avoid it — and what to weigh

  • Proprietary/closed-source requirement — GPL-2.0 license mandates source code disclosure and derivative work compliance. Requires legal review if commercial software distribution is planned.
  • Need for guaranteed SLA or commercial support without external contract — Community-driven project. Commercial support mentioned but only via external arrangement; no embedded SLA guarantees in the open-source offering.
  • Minimal self-hosted infrastructure preference — Requires Docker, database backend (unknown specifics), and ongoing maintenance. Not a lightweight single-binary deployment.
  • Real-time performance testing or load testing focus — Designed for test management and execution tracking, not performance/load testing tools. Scope mismatch for that use case.

License & commercial use

Licensed under GPL-2.0 (GNU General Public License v2.0). This is a strong copyleft license requiring any modified source code to be made available under the same license. Commercial use of unmodified software is permitted; modifications for internal use are allowed but if distributed, trigger copyleft obligations.

Unmodified Kiwi TCMS may be used commercially for test management without license violation. However, any customizations or derivative works must comply with GPL-2.0 copyleft: source code modifications must be disclosed and licensed identically. Commercial support is offered separately (external arrangement). Proprietary software that depends on or bundles Kiwi TCMS requires legal review.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationAdequate
License clarityClear
Deployment complexityModerate
DEV.co fitGood
Assessment confidenceHigh
Security considerations

Project uses Coverity scan and CodeCov (visible in badges); code quality tooling is in place. No explicit security audit, penetration test results, or vulnerability disclosure policy mentioned in provided data. Test management systems often handle sensitive test scripts and defect data—assess authentication (RBAC mentioned), TLS/encryption in transit, and data isolation before deployment. Access control is noted as a feature; depth and multi-tenancy support require review.

Alternatives to consider

TestRail (Gurock)

Commercial, cloud-native test management with strong integrations and professional support; choose if vendor support and SaaS model are priorities over open source.

TestLink

Open-source TCMS (GPL); Kiwi was forked from Nitrate, a TestLink alternative. Choose TestLink if simpler deployment or specific legacy integration is required.

Zephyr (Atlassian)

Jira-integrated test management; choose if your team is already Jira-centric and need native Atlassian ecosystem integration over standalone open-source deployment.

Software development agency

Build on Kiwi with DEV.co software developers

Review the full documentation and deployment guide at kiwitcms.readthedocs.io, test the public tenant at public.tenant.kiwitcms.org, and consult legal on GPL-2.0 compliance before integration.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

Kiwi FAQ

Can we modify Kiwi TCMS and keep changes proprietary?
No. GPL-2.0 requires any modifications to be licensed under the same copyleft terms. Internal use is permitted; redistribution triggers disclosure obligations. Consult legal if this is a concern.
What database backends are supported?
Not clearly stated in provided data. Documentation at kiwitcms.readthedocs.io or GitHub repo should specify; likely includes PostgreSQL and MySQL given Django standard support.
Is commercial support available?
Yes, mentioned in README ('Commercial support for Kiwi TCMS is also available. For more information see http://kiwitcms.org'). Requires separate contract; not included in open-source offering.
What is the typical deployment footprint and infrastructure requirement?
Deployed via Docker container; requires external database, persistent storage, and network access. Exact resource requirements (CPU, RAM, storage) not provided; assess based on team size and test volume.

Software development & web development with DEV.co

Adopting Kiwi is usually one piece of a larger software development effort. As a software development agency, DEV.co provides software development services and web development expertise — pairing senior software developers and web developers with your team to design, build, and operate open-source testing software in production.

Evaluate Kiwi TCMS for Your QA Team

Review the full documentation and deployment guide at kiwitcms.readthedocs.io, test the public tenant at public.tenant.kiwitcms.org, and consult legal on GPL-2.0 compliance before integration.