The open-source compliance platform.
Learn more »
Discussions
·
Website
·
Issues
·
Roadmap (coming soon)
We're building the first open source compliance automation platform that helps companies of any size work towards, manage and achieve compliance with common standards like SOC 2, ISO 27001 and GDPR.
We transform compliance from a vendor checkbox into an engineering problem solved through code. Our platform automates evidence collection, policy management, and control implementation while keeping you in control of your data and infrastructure.
Contact our founders at hello@trycomp.ai to learn more about how we can help you achieve compliance.
Join our waitlist to get early access to the cloud hosted version of Comp AI.
To get a local copy up and running, please follow these simple steps.
Here is what you need to be able to run Comp AI.
- Node.js (Version: >=20.x)
- Bun (Version: >=1.1.36)
- Postgres (Version: >=15.x)
-
Clone the repo into a public GitHub repository (or fork https://github.com/trycompai/comp/fork). If you plan to distribute the code, keep the source code public to comply with AGPLv3. To clone in a private repository, acquire a commercial license
git clone https://github.com/trycompai/comp.git
-
Go to the project folder
cd comp -
Install packages with bun
bun i
-
Set up your
.envfile- Duplicate
.env.exampleto.env - Use
openssl rand -base64 32to generate a key and add it underNEXTAUTH_SECRETin the.envfile.
- Duplicate
-
Setup Node If your Node version does not meet the project's requirements as instructed by the docs, "nvm" (Node Version Manager) allows using Node at the version required by the project:
nvm use
You first might need to install the specific version and then use it:
nvm install && nvm useYou can install nvm from here.
-
Run the turbo dev command to start the development server
turbo dev
Steps to deploy Comp AI on Docker are coming soon.
Steps to deploy Comp AI on Vercel are coming soon.
Comp AI, Inc. is a commercial open source company, which means some parts of this open source repository require a commercial license. The concept is called "Open Core" where the core technology (99%) is fully open source, licensed under AGPLv3 and the last 1% is covered under a commercial license (["/ee" Enterprise Edition"]).
Tip
We work closely with the community and always invite feedback about what should be open and what is fine to be commercial. This list is not set and stone and we have moved things from commercial to open in the past. Please open a discussion if you feel like something is wrong.