Bruno

usebruno.com
Awesome PrivacyDevelopmentDeveloper ToolsBruno
Bruno

Open-source, local-first API client that stores collections as plain text files and works seamlessly with Git. A privacy-focused alternative to cloud-based API tools.

Also Consider

Open Source

Bruno Source Code

Author

usebruno

Description

Opensource IDE For Exploring and Testing API's (lightweight alternative to Postman/Insomnia)

#api-client#api-testing#automation#developer-tools#git#graphql-client#http-client#javascript#openapi#openapi3#opensource#rest-api#testing#testing-tools

Homepage

https://www.usebruno.com/

License

MIT

Created

27 Sept 22

Last Updated

19 Jun 26

Latest version

v3.4.2

Primary Language

JavaScript

Size

53,721 KB

Stars

45,027

Forks

2,593

Watchers

45,027

Language Usage

Language Usage

Star History

Star History

Top Contributors

Recent Commits

  • Bijin A B (19 Jun 26)

    tests: run playwright e2e fully parallel (#8313)

  • lohit (19 Jun 26)

    feat: variable `data types` support (#8046)

  • naman-bruno (19 Jun 26)

    add: change log tab (#8289)

  • prateek-bruno (18 Jun 26)

    feat: redesign notification modal (#8140) * fix: test expect Co-authored-by: Prateek Sunal <[email protected]> * fix: maintain state for read and cleared notification ids Co-authored-by: Prateek Sunal <[email protected]> * feat: revamp Notifications Co-authored-by: Prateek Sunal <[email protected]> * fix: break things into components and use events Co-authored-by: Prateek Sunal <[email protected]> * fix: icon + more padding Co-authored-by: Prateek Sunal <[email protected]> * chore: use classnames Co-authored-by: Prateek Sunal <[email protected]> * chore: remove redundancy Co-authored-by: Prateek Sunal <[email protected]> * chore: make it pixel accurate Co-authored-by: Prateek Sunal <[email protected]> * fix: remove redundant useMemo Co-authored-by: Prateek Sunal <[email protected]> * fix: colors of notification modal Co-authored-by: Prateek Sunal <[email protected]> * fix: use color paletter + fix badge color Co-authored-by: Prateek Sunal <[email protected]> * fix: ensure semantics for notification icon Co-authored-by: Prateek Sunal <[email protected]> * fix: handle keyboard navigation for drawer items Co-authored-by: Prateek Sunal <[email protected]> * fix: colors, no notification view, etc Co-authored-by: Prateek Sunal <[email protected]> * fix: don't crash on color of badge that is invalid Co-authored-by: Prateek Sunal <[email protected]> * fix: use hex color for type of notification Co-authored-by: Prateek Sunal <[email protected]> * fix * Apply suggestions from code review Co-authored-by: Sid <[email protected]> * fix: use parseToRgb instead of custom isHexColor check + add unit tests Co-authored-by: Prateek Sunal <[email protected]> * fix: pointer events getting swallowed by iframe, causing resize issue Co-authored-by: Prateek Sunal <[email protected]> --------- Co-authored-by: Prateek Sunal <[email protected]> Co-authored-by: naman-bruno <[email protected]> Co-authored-by: Sid <[email protected]>

  • Pooja (18 Jun 26)

    feat(websocket): show full message name in a tooltip on hover (#8299)

  • Chirag Chandrashekhar (18 Jun 26)

    fix(transient): scope bruno- lookup to transient base, not full path (#8273)

  • prateek-bruno (18 Jun 26)

    fix: correctly parse insomnia exported yaml (#7966)

  • sachin-bruno (17 Jun 26)

    Feature (Size/M) : BRU-3560 Remove Beta badge from openAPI sync (#8250) * BRU-3560 Remove Beta badge from openAPI sync * BRU-3560 Comments fixed * BRU-3560 Comments resolved * BRU-3560 Comments resolved * BRU-3560 Comments resolved --------- Co-authored-by: bruno-sachin <[email protected]>

  • ravindra-bruno (17 Jun 26)

    feat(import): hide File Format option and default collections to Open… (#8247)

  • naman-bruno (17 Jun 26)

    feat: implement file mode (#8258) * feat: implement file mode

  • Utkarsh (17 Jun 26)

    fix(postman-migration): install packages report npm install failed (#8284)

  • Abhishek Patil (17 Jun 26)

    fix(perf):quickjs-memory-leak (#8219)

  • rajashreehj-bruno (17 Jun 26)

    Fix (import): Postman import: OAuth2 tokenPlacement not set correctly, Header Prefix field hidden and value lost (#8197) * Fix (oauth2): Postman import: OAuth2 tokenPlacement not set correctly, Header Prefix field hidden and value lost * Add assert to persistes values * id name change * replace hardcoded timeout * grant type fix * missing keys in process auth * process auth

  • vijayh-bruno (16 Jun 26)

    add vijay to CODEOWNERS (#8278) Co-authored-by: Vijay H <[email protected]>

  • Sundram (16 Jun 26)

    feat(openapi-sync): preserve user-configured request values on sync (#8204) Reconcile request structure against the spec on sync while preserving the user's values (JSON body, params, headers, auth) and {{var}} references for fields that still exist. A "Preserve values" toggle (default on) on the Spec Updates review controls it; turning it off lets spec values overwrite. The diff preview's EXPECTED column shows the post-merge result so unchanged values do not render as changes. - field-level merge for JSON body (by key path), form fields and params/headers (by name, duplicate names paired positionally), preserving value + enabled - {{var}} masking so interpolated bodies parse, merge and restore safely, using a private-use sentinel that never collides with body text - auth merged by mode: same mode keeps the user's values and adds spec-introduced fields; a mode change takes the spec. compareRequestFields compares auth by mode only, so preserved auth values no longer mark the collection out of sync - preserveValues threaded through apply and diff-preview IPC handlers - reset path left unchanged; scripts/tests/assertions preserved in sync and reset - 67 unit tests covering the merge helpers and masking edge cases

  • Utkarsh (16 Jun 26)

    BRU-3246 fix - added a param check method replacing the param null check (#8157)

  • Pooja (15 Jun 26)

    feat(app): scroll to and highlight error line on script error (#8183)

  • gopu-bruno (15 Jun 26)

    fix(ui): open response pane at a minimum height on expand (#8236)

  • Sundram (12 Jun 26)

    fix(apispec): prevent crash on non-array specs and fix Windows spec listing (BRU-3556) (#8255)

  • Utkarsh (12 Jun 26)

    Merge pull request #8253 from utkarsh-bruno/fix/BRU-3531

  • lohit (12 Jun 26)

    feat: support annotations for secret environment variables in `bru` and preserve variable value type in `yml` (#8251)

  • Sid (12 Jun 26)

    fix(snapshot): folder nested script tab interactivity and tests (#8225) * fix(snapshot): folder script interactivity * fix: add tests for collection scripts

  • Sid (12 Jun 26)

    chore: sec updates (#8193) * chore: reset + atomic updates * chore: surgically update protobufjs * chore: dedupe axios

  • sachin-thakur-bruno (12 Jun 26)

    feat(dev-tools-rquest-resize): dev tools details panel can be resized horizontally via a drag handle (#8234)

  • sachin-thakur-bruno (12 Jun 26)

    feat(dev-tools)/adds sorting on columns with verticle borders (#8238)

  • gopu-bruno (12 Jun 26)

    fix(workspace): keep workspace nav tabs visible when editing docs (#8249)

  • Bhavik Mehta (12 Jun 26)

    fix: show unsaved changes prompt when closing tab with Cmd+W (#8245)

  • gopu-bruno (12 Jun 26)

    feat(workspace): move external collections into the workspace (#8196)

  • Pooja (11 Jun 26)

    fix(timeline): scope scripted requests to their own request (#8210) * fix(timeline): scope scripted requests to their own request * fix: oauth playwright test

  • sachin-bruno (10 Jun 26)

    fix(size/L): Preserve folder order from seq attribute (#8213)

Bruno Security

Security Advisories (4)

  • critical Patched CVSS 9.8

    CVE-2026-34841 Axios npm Supply Chain Incident Impacting @usebruno/cli

  • critical Patched

    GHSA-246j-fv2m-6jhx SHA1-Hulud supply-chain compromise (transitive @postman/tunnel-agent) — Upgrade @usebruno/cli to 2.14.4

  • high Patched

    CVE-2025-30354 Safe-Mode ignored in Asserts expressions

  • high Patched

    CVE-2025-30210 XSS On Environment Name

Bruno Website

Website

Bruno - The Git-Native API Client

Bruno is the Git-native API client for REST, GraphQL, gRPC and Websocket. A local and open-source solution to Postman. Fast, developer-first, and no cloud syncing.

Redirects

Does not redirect

Security Checks

All 65 security checks passed

Server Details

  • IP Address 100.27.249.156
  • Hostname ec2-100-27-249-156.compute-1.amazonaws.com
  • Location Ashburn, Virginia, United States of America, NA
  • ISP Amazon Technologies Inc.
  • ASN AS14618

Associated Countries

  • US US
  • CA CA
  • JP JP

Safety Score

Website marked as safe

100%

Blacklist Check

www.usebruno.com was found on 0 blacklists

  • AntiSocial Blacklist
  • Artists Against 419
  • Badbitcoin
  • Bambenek Consulting
  • CERT Polska
  • CoinBlockerLists
  • CRDF
  • CryptoScamDB
  • EtherAddressLookup
  • EtherScamDB
  • Fake Website Buster
  • MetaMask EthPhishing
  • NABP Not Recommended Sites
  • OpenPhish
  • PetScams
  • PhishFeed
  • PhishFort
  • Phishing.Database
  • PhishStats
  • PhishTank
  • Phishunt
  • RPiList Not Serious
  • Scam.Directory
  • SecureReload Phishing List
  • Spam404
  • StopGunScams
  • Suspicious Hosting IP
  • ThreatFox
  • ThreatLog
  • TweetFeed
  • URLhaus
  • ViriBack C2 Tracker

Website Preview

Website preview
View full report at web-check.xyz

Bruno Reviews

More Developer Tools

View More...

About the Data: Bruno

Change History

  • Moved from Developer Utilities › Developer Tools by @lissy93 #639

API

You can access Bruno's data programmatically via our API. Simply make a GET request to: 

https://api.awesome-privacy.xyz/v1/services/bruno

The REST API is free, no-auth and CORS-enabled. To learn more, view the API Docs or read the API Usage Guide.

Share Bruno

Help your friends compare Developer Tools, and pick privacy-respecting software and services.
Share Bruno and Awesome Privacy with your network!

← Previous

DevToys
View Developer Tools (3)
Next →

gitGost