Comply

Getting Started

Quickstart Coming Soon

Comply is a Python package. Install it, point it at your codebase, and get a compliance posture report in minutes. Package not yet published — check back soon.

1

Install

pip install bespokeagile-comply
2

Configure

comply init

Creates a comply.yaml with your preferred frameworks, jurisdiction, and LLM provider.

3

Scan

comply scan ./your-project

Analyzes your codebase and produces a compliance posture report.

4

Review

comply dashboard

Opens the web dashboard to explore results, drill into controls, and track trends.

Reference

CLI Commands

All commands support --help for detailed usage.

comply scan <path> Run a compliance scan against configured frameworks
comply dashboard Launch the web dashboard on localhost:8080
comply report <path> Generate Markdown, SARIF, or JUnit output
comply gate CI/CD pass/fail check against configurable rules
comply monitor start Start the continuous compliance monitor daemon
comply forecast Project compliance trends from scan history
comply audit Run the predicate gap audit with evidence classification
comply frameworks List available frameworks and control counts
comply cicd ingest Import CI/CD test results for Layer 2 evidence

Configuration

comply.yaml

Generated by comply init. All settings can also be passed as CLI flags.

frameworks List of framework IDs to scan against (e.g., eu_ai_act, soc2_ai, iso27001)
jurisdiction Jurisdiction profile — activates applicable frameworks (eu, us, healthcare, fintech, global)
llm_provider LLM provider for evidence analysis (anthropic, openai, gemini, grok, ollama)
export_formats Output formats: markdown, sarif, junit
evidence_layers Which evidence layers to evaluate: L1 (code), L2 (process), L3 (traffic)
gate_rules CI/CD gate thresholds — minimum score, regression tolerance, required frameworks

Self-Hosted

Docker Deployment Coming Soon

Run Comply as a persistent service with the web dashboard, continuous monitoring, and CI/CD gate API.

docker run -d \
  -p 8080:8080 \
  -v ./scans:/data \
  -e LLM_PROVIDER=anthropic \
  -e ANTHROPIC_API_KEY=$ANTHROPIC_API_KEY \
  bespokeagile/comply:latest

The dashboard is available at localhost:8080. Scan history, gate decisions, and monitor events persist in /data.