Hey HN! I built FlowEasy because I was tired of copy-pasting YAML files from old projects every time I started a new SaaS.
The idea is simple: connect your GitHub repo, FlowEasy reads your package.json (frameworks, scripts, etc.), and generates a full GitHub Actions pipeline with:
- SAST (Semgrep), SCA, secret detection (TruffleHog), DAST (OWASP ZAP)
- Jest unit tests + Playwright E2E
- SBOM generation (Syft)
- Auto-heal AI: if the pipeline fails, it analyzes logs and commits a fix automatically
- Vercel deploy + Slack/Discord notifications
The AI behind it is Claude, which analyzes your stack and generates optimized YAML. Zero YAML knowledge needed.
michaelmoreira•2h ago
The idea is simple: connect your GitHub repo, FlowEasy reads your package.json (frameworks, scripts, etc.), and generates a full GitHub Actions pipeline with:
- SAST (Semgrep), SCA, secret detection (TruffleHog), DAST (OWASP ZAP) - Jest unit tests + Playwright E2E - SBOM generation (Syft) - Auto-heal AI: if the pipeline fails, it analyzes logs and commits a fix automatically - Vercel deploy + Slack/Discord notifications
The AI behind it is Claude, which analyzes your stack and generates optimized YAML. Zero YAML knowledge needed.
Free tier: 1 repo, 5 runs/month. Pro: $19/mo unlimited.
Current limitations: only Vercel deploys for now (more targets coming soon), and it works best with Node.js/Next.js stacks.
Would love feedback from the HN community — especially on the DevSecOps defaults and the auto-heal approach. Happy to answer any questions!