Labsco
cycodehq logo

GESF

from cycodehq

Compliance-as-Code framework that automatically enforces GDPR, OWASP, NIST, and CIS engineering standards.

πŸ”₯πŸ”₯πŸ”₯βœ“ VerifiedFreeQuick setup

GESF β€” Green Engineering Standard FrameworkΒΆ

GESF (pronounced "Gessf" ) β€” the framework that helps you "get safe."

Compliance-as-Code framework that automatically enforces GDPR, OWASP, NIST, and CIS engineering standards in any software project β€” regardless of programming language.

What GESF DoesΒΆ

  • Scans your source code for security vulnerabilities and compliance violations using 6 built-in scanners (language-agnostic pattern matching)

  • Detects your project's ecosystem automatically β€” Node.js, Python, Rust, Go, Ruby, Java, PHP, .NET β€” and runs the correct dependency auditor

  • Generates compliance documentation β€” GDPR, data inventory, retention policies, risk assessments

  • Scores your project against multiple compliance frameworks with severity-weighted grading

  • Creates CI/CD pipelines (5 GitHub Actions workflows including SBOM scanning) that fail the build on critical issues

  • Provides an AI compliance assistant via MCP for Claude, VS Code Copilot, Cursor, and more

What GESF Does NOT DoΒΆ

  • It does not replace legal counsel for GDPR compliance.

  • It does not automatically fix your code β€” it identifies issues and suggests fixes.

  • It does not require a running server or database.

Key FeaturesΒΆ

Feature Description 6 Source Code Scanners Secrets, crypto, injection, auth, config, database β€” scans 20+ file types Language-Agnostic Scanning Auto-detects your ecosystem and runs the right dependency auditor 8 Supported Ecosystems Node.js (npm/pnpm/yarn/bun), Python (pip/poetry/uv), Rust, Go, Ruby, Java, PHP, .NET 7 Policy Packs GDPR (22 controls), OWASP, CIS, NIST, AI, Blockchain, Government 13 Project Types SaaS, AI, MCP Server, Blockchain, Wallet, Government, Healthcare, and more MCP AI Assistant Works with Claude, VS Code Copilot, Cursor, OpenCode, Crush, Windsurf 5 CI/CD Workflows Compliance, security, dependency scan, secret scan, SBOM scan (auto-generated) 14 Document Templates Compliance docs, security policies, threat models Compliance Reports Markdown and HTML reports with executive summary Compliance Badge SVG badge with letter grade for your README

ArchitectureΒΆ

packages/ β”œβ”€β”€ cli/ # CLI (@greenarmor/ges) β”œβ”€β”€ core/ # Types, schemas, constants β”œβ”€β”€ audit-engine/ # Real source code scanning (6 scanners) β”œβ”€β”€ compliance-engine/ # GDPR Article 5/25/30/32/33/34 controls β”œβ”€β”€ policy-engine/ # 7 policy packs (56+ total controls) β”œβ”€β”€ rules-engine/ # Auth, encryption, secrets, logging standards β”œβ”€β”€ doc-generator/ # 14 compliance/security document templates β”œβ”€β”€ cicd-generator/ # 5 GitHub Actions workflow generation β”œβ”€β”€ scoring-engine/ # Multi-framework severity-weighted scoring β”œβ”€β”€ scanner-integration/ # External tool integration (Trivy, Gitleaks, Semgrep, SBOM) β”œβ”€β”€ report-generator/ # Markdown/HTML report generation └── mcp-server/ # MCP AI compliance assistant (6 tools)

Supported EcosystemsΒΆ

GESF automatically detects your project's language and package manager from lockfiles:

Ecosystem Package Managers Dependency Auditor Node.js pnpm, npm, yarn, bun pnpm audit, npm audit, yarn audit, bun audit Python pip, poetry, pipenv, pdm, uv pip-audit, safety Rust cargo cargo audit Go go modules govulncheck Ruby bundler bundle-audit Java maven, gradle OWASP Dependency-Check PHP composer composer audit .NET nuget dotnet list package --vulnerable

Language-agnostic scanners (Trivy, Gitleaks, Semgrep, Syft, Grype) run regardless of ecosystem.