Change-aware API readiness and regression copilot. Diff your code, score your endpoints, simulate your traffic, ship with a verdict.
You change an API. You don't know what broke, what got slower, or whether it's safe to ship.
API Release Guard answers that.
It reads your repo (FastAPI, Spring Boot, Express), looks at the git diff, classifies which endpoints are actually affected, generates test scenarios with Claude, runs an async load test, scores every endpoint 0 to 100, compares against history, and writes a release report ending in green / yellow / red. Wired into GitHub Actions, every PR gets a verdict comment.
Built for backend devs, QA, SREs, and EMs who need a confident answer to "ship it?" in seconds instead of meetings.
┌──────────────────────────┐
│ Repo / OpenAPI spec │
└────────────┬─────────────┘
│
╔═════════════════════╪═════════════════════╗
║ 1. INGEST ▼ ║
║ ┌─────────────────────────────────┐ ║
║ │ Parse endpoints │ ║
║ │ FastAPI · SpringBoot · Express │ ║
║ └─────────────────┬───────────────┘ ║
║ ▼ ║
║ ┌─────────────────────────────────┐ ║
║ │ 6-tier impact classifier │ ║
║ │ signature · schema · direct │ ║
║ │ indirect · possible · none │ ║
║ └─────────────────┬───────────────┘ ║
╚═════════════════════╪═════════════════════╝
│
╔═════════════════════╪═════════════════════╗
║ 2. GENERATE ▼ ║
║ ┌──────────────┐ ┌──────────────┐ ║
║ │ Deterministic│ │ Claude │ ║
║ │ baselines │ + │ edge cases │ ║
║ └──────┬───────┘ └──────┬───────┘ ║
╚══════════╪═══════════════════╪════════════╝
└─────────┬─────────┘
▼
╔════════════════════╪══════════════════════╗
║ 3. EXECUTE ▼ ║
║ ┌──────────────────────────────────┐ ║
║ │ Async load test │ ║
║ │ httpx · virtual users · phases │────╫──► live UI
║ └─────────────────┬────────────────┘ ║ (WebSocket)
╚═════════════════════╪═════════════════════╝
│
╔═════════════════════╪═════════════════════╗
║ 4. ANALYZE ▼ ║
║ ┌──────────────┐ ┌──────────────┐ ║
║ │ Risk score │ │ Regression │ ║
║ │ 0 to 100 │ │ vs baseline │ ║
║ └──────┬───────┘ └──────┬───────┘ ║
╚══════════╪═══════════════════╪════════════╝
└─────────┬─────────┘
▼
╔════════════════════╪══════════════════════╗
║ 5. DECIDE ▼ ║
║ ┌──────────────────────────────────┐ ║
║ │ AI report + rule-based │ ║
║ │ verdict computation │────╫──► PR comment
║ └─────────────────┬────────────────┘ ║ (GH Actions)
╚═════════════════════╪═════════════════════╝
│
┌─────────────────┼─────────────────┐
▼ ▼ ▼
┌─────────┐ ┌─────────┐ ┌─────────┐
│ GREEN │ │ YELLOW │ │ RED │
│ ship │ │ review │ │ stop │
└─────────┘ └─────────┘ └─────────┘
| Layer | Tech |
|---|---|
| Backend | Python 3.11, FastAPI, SQLAlchemy 2 (async), asyncpg, Pydantic v2, httpx, gitpython, numpy, Alembic |
| Frontend | React 18, TypeScript 5 strict, Vite 6, Tailwind 3, shadcn/ui, Recharts 2, Framer Motion |
| AI | Anthropic Claude (claude-sonnet-4-20250514) |
| Database | PostgreSQL 16 (JSONB-heavy, 15 tables) |
| Tests | pytest + pytest-asyncio (461) and Vitest 3 (99). 560 total. |
| Realtime | WebSocket with typed event shapes |
| Infra | Docker, Docker Compose, GitHub Actions |
Need: Docker, Docker Compose, an Anthropic API key.
git clone https://github.com/valetivivek/API-Release-Guard.git
cd API-Release-Guard
cp .env.example .env
# open .env, set ANTHROPIC_API_KEY
docker compose up --buildOpen http://localhost:5173. Backend at http://localhost:8000, Postgres at 5433.
| Profile | Phases | Use it for |
|---|---|---|
standard |
warmup → ramp → sustained | Day-to-day pre-release check |
spike |
warmup → ramp → sustained → 5x spike → recovery → cooldown | Burst traffic resilience |
soak |
warmup → ramp → 30 min at 30% peak | Long-run stability and leaks |
stress |
warmup → staircase to 3x peak | Find the breaking point |
| Verdict | Meaning |
|---|---|
| 🟢 green | All thresholds met, no regressions. Ship. |
| 🟡 yellow | Minor threshold misses or marginal regressions. Review. |
| 🔴 red | Critical failures, breaking changes, or hard regressions. Stop. |
Verdict is computed by rules in code, not by the AI. The AI writes the prose, the code decides go / no-go.
backend/ (FastAPI, fully async)
backend/
├── main.py FastAPI entry, lifespan, table create
├── config.py Pydantic BaseSettings, LRU cached
├── api/ Route handlers (projects, runs, scenarios,
│ reports, regression, diff, ci, websocket)
├── ingestion/ Parsers: fastapi (AST), springboot (regex),
│ express (route resolver), openapi loader,
│ git_analyzer (6-tier classifier)
├── scenarios/ Deterministic generator + Claude client
├── execution/ RunEngine (httpx async, virtual users),
│ phase manager, metrics (numpy, APDEX),
│ WebSocket event shapes
├── analysis/ Risk scorer, regression, AI report client,
│ dependency graph, flaky detector, trends
├── db/ SQLAlchemy 2 models (15 tables) + repos
├── middleware/ Rate limit, auth helpers
├── crypto.py Encryption helpers
├── api_retry.py Outbound HTTP retry
├── logging_config.py Structured JSON logs
└── tests/ 461 tests, 21 files, asyncio_mode=auto
frontend/ (React 18, TS strict)
frontend/src/
├── App.tsx Router + layout
├── api/ Per-domain client modules
├── components/ 24+ components (RiskBadge, VerdictBadge,
│ LatencyChart, PhaseTimeline, CodeDiffViewer,
│ EndpointHeatmap, dependency graph, ...)
├── pages/ 11 route-level pages
├── hooks/ useWebSocket, useTheme, useAnimateNumber
├── lib/ Chart colors, load profiles, utils
├── types/ Shared API + domain types
└── index.css Design tokens (light + dark)
/ dashboard
/new create project
/projects/:id overview
/projects/:id/endpoints inventory + dependency graph
/projects/:id/impact git diff impact
/projects/:id/runs run history
/projects/:id/report release readiness report
/runs/:id run detail
/runs/:id/compare regression compare
/live live run streaming
/compare cross-run compare
/config threshold + config builder
Copy .env.example to .env. Real ones below; defaults are fine for local.
| Var | Default | What |
|---|---|---|
DATABASE_URL |
postgresql+asyncpg://postgres:postgres@postgres:5432/api_release_guard |
Async Postgres URL |
ANTHROPIC_API_KEY |
(required) | Claude key for AI features |
CLAUDE_MODEL |
claude-sonnet-4-20250514 |
Model id |
BACKEND_CORS_ORIGINS |
http://localhost:5173 |
Allowed origins |
DEFAULT_PEAK_VUS |
20 |
Peak virtual users |
DEFAULT_P95_THRESHOLD_MS |
500 |
p95 latency cutoff |
DEFAULT_ERROR_RATE_THRESHOLD_PERCENT |
1.0 |
Error-rate cutoff |
HOST_PROJECTS_PATH |
(blank) | Host folder mounted to backend at /host-projects for local repo parsing |
VITE_API_BASE_URL |
http://localhost:8000 |
Frontend to backend |
VITE_WS_BASE_URL |
ws://localhost:8000 |
Frontend WebSocket |
# Backend (461 tests)
cd backend
python -m pytest
# Frontend (99 tests)
cd frontend
npm test
# Frontend type check + build
cd frontend && npx tsc && npx vite buildTwo GitHub Actions workflows.
ci.yml runs on every push and PR to main:
- ruff + black on backend
- pytest on backend
- TypeScript type check on frontend
- vitest on frontend
- vite build
- Docker build for both images
api-release-guard.yml runs on every PR:
- Spins up Postgres service container.
- Boots backend.
- Hits
POST /api/v1/ci/analyzewith the PR diff. - Posts impact analysis and verdict back as a PR comment, replacing the old one if any.
All under /api/v1/. Full Swagger UI at http://localhost:8000/docs.
| Group | Prefix | Purpose |
|---|---|---|
| Health | /health |
Liveness, readiness |
| Projects | /projects |
CRUD + ingestion + diff + regression |
| Runs | /runs |
Load test execution, scenarios, reports, WebSocket stream |
| CI | /ci |
POST /analyze for GitHub Actions |
- Fully async, top to bottom. FastAPI, SQLAlchemy async, httpx, asyncpg. No sync DB calls in route handlers.
- Repository pattern. Every query lives in
backend/db/repositories/. Handlers stay thin. - Immutable run artifacts. Runs never get updated, new records always. Audit-friendly.
- AI is isolated. Claude calls happen in two files only. Prompts as constants. Easy to swap or stub.
- Verdicts are deterministic. AI writes the story. Code decides ship vs. stop. AI never gets the keys.
- 6-tier impact, not binary. Reviewers get a real signal, not "something changed."
- Pre-aggregated 10s buckets. Long runs render fast, no chart-flooding.
- Docker host rewrite. Containerized engine can load-test a service running on the host transparently.
Proprietary. All Rights Reserved. See LICENSE.
This repo is public for portfolio and code-review only. Use, copying, modification, redistribution, deployment, or any derivative work needs prior written permission. Public visibility is not a license.
Permission requests: vivekvaleti7053@gmail.com
Built and designed by VALETI VISHNU VIVEK.