KafuOps

Turn backend incidents into evidence-backed merge requests.

KafuOps watches your backend, detects real incidents, grounds a model with only the relevant files, then writes a fix, retries until the tests pass, and opens a reviewable MR with confidence and blast-radius analysis. One command to set up. Self-hostable. AGPL-3.0.

Quickstart Watch it fix a bug GitHub
incident grounded context self-correcting patch reviewable MR

Real terminal — npx kafuops quickstart auto-detects your stack, sets up, and builds project memory.

Watch it fix a real bug

A planted bug in a tiny checkout service. KafuOps diagnoses it, writes the patch, self-corrects when the first attempt doesn't apply, validates the fix in a sandbox until the tests pass, and opens a reviewable MR — driven here by the local local AI CLI, no API key. This is an unedited recording.

Real run on examples/demo-discount · reproduce with scripts/demo.sh

the generated fix
the generated merge request

The product rule

KafuOps will not stream all your logs to a model. It watches locally, decides when an event is a real incident, ships a small sanitized bundle to the model, and runs the resulting patch through a sandbox before any human sees a diff.

What KafuOps does

  • Observes logs, traces, runtime errors, and alert webhooks.
  • Builds a living .kafuops/memory/ map of your backend.
  • Deduplicates noisy events into incidents.
  • Selects the right source files, tests, and log snippets per incident.
  • Generates a regression test and a small patch.
  • Runs install + tests in a sandbox before opening an MR.
  • Scores confidence and blast radius, and writes a grounding manifest.

What KafuOps does not do

  • Stream continuous logs to the model.
  • Upload your whole repo by default.
  • Send .env, secrets, or private keys to the model.
  • Modify auth, payments, or migrations without approval policy.
  • Auto-merge production fixes by default.
  • Replace your observability stack.

Key features

Each feature exists in src/ today. See STATUS.md for the honest map.

Self-correcting fixes

Generates a patch, runs your tests in a sandbox, reads the failure, and retries until green — then measures the fix rate with kafuops eval.

Use any AI

OpenAI or Anthropic by key, or your locally-installed codex/local-ai CLI with no key at all. Latest models fetched live in the wizard.

Evidence-backed MRs

Every MR ships with root cause, files changed, tests run, a confidence breakdown, blast radius, recurrence flags, and a grounding manifest.

Privacy by default

Redaction at ingest and before every model call, ReDoS-guarded patterns, deny-listed paths, HMAC/bearer webhook auth, and a patch path-traversal guard.

Policy gates

Never-modify and require-approval globs, confidence thresholds, post-apply checks against the real diff, and a fuzz-tested prompt-injection contract.

Self-hostable

Single Docker image, Helm chart + K8s manifests, local or Docker sandbox. No vendor lock-in. AGPL-3.0.

Quick start

One command sets it up — inside any Node, TS, FastAPI, Flask, Go, Java, or Rust repo:

# discover the stack, set up, build project memory — one command
npx kafuops quickstart

# wrap your app and watch for incidents (local/staging)
kafuops run -- npm start

# or production: sidecar + worker drive incidents → MRs
kafuops agent start
kafuops worker start

The wizard detects your framework, git remote, and which AI is available — it'll use a local codex/local-ai CLI with no key, or an OpenAI/Anthropic key (stored in .kafuops/.env, gitignored, loaded automatically). Without any provider the whole pipeline runs in dry-run, so you can inspect every artifact before connecting anything live.

What a generated MR looks like

Every KafuOps MR is reviewable, not magical.

kafuops incident-fix confidence-high risk-low
[KafuOps] Fix checkout error when payment method is missing
Incident
inc_2026_05_15_xyz · service=api · env=production · severity=high · 18 events
Root cause
Retry handler assumed customer.defaultPaymentMethod was always present.
Files inspected
src/payment/retry.ts · src/routes/checkout.ts · tests/payment/retry.test.ts
Files changed
src/payment/retry.ts · tests/payment/retry.test.ts
Validation
npm ci ok · npm test passed
Confidence
84 / 100 · stack trace maps to changed file · regression test added · patch is small
Blast radius
low · affects POST /checkout, payment retry flow; no schema change
Grounding manifest
.kafuops/incidents/inc_2026_05_15_xyz/grounding-manifest.md

Honest by default

KafuOps ships with a status doc that maps every spec page to its real implementation state — no hand-waving.

STATUS.md — every item is ✅

As of v0.3.0 every MVP criterion and every docs/ page is implemented and test-backed; the only deliberately-deferred items (a first-class K8s operator, embeddings-based similarity, SSO/RBAC) are listed explicitly. 194 tests, CI green.

→ Open STATUS.md