ShipGate runs a merge gate on every PR — proving what changed, what was checked, and why it shipped. HMAC-signed proof bundles in CI. Audit-ready exports when compliance asks.
$ npx @shipgate.dev/cli next . --strict --ci ✓ Bundlev1.0 signature verified ✓ Auth Coverage PROVEN 100% ✓ Import Integrity PROVEN 100% ◐ Type Safety PARTIAL 94% ◐ Error Handling PARTIAL 87% ✗ Business Logic UNVERIFIED --- RESULT: NO_SHIP Blocking issues must be resolved before merge.
Every run surfaces a concrete pass/fail in the PR comment. What failed, where, and what has to change before it ships. Reviewers stop arguing; the gate decides.
Generate a structured run record you can drop into a ticket, an evidence pack, or a compliance review. Not a screenshot thread — a signed artifact tied to the commit.
Proof Bundlev1.0: each run produces a cryptographically signed artifact. When AppSec or audit asks "how do you know this merged safely?" — you have evidence that survives forwarding.
Run ShipGate in the same CI workflow that protects your default branch. No parallel security portal required.
# .github/workflows/ci.yml - uses: actions/checkout@v4 - run: npm ci - run: npx @shipgate.dev/cli next . --strict --ci # Optional: mark job required so NO_SHIP fails CI
Each run surfaces a clear merge-time result tied to this diff. Status posted directly to the pull request.
# Posted to the pull request status: ci_check result: NO_SHIP summary: Blocking issues must be resolved
Generate a structured record for security review, exceptions, or post-incident questions.
$ npx @shipgate.dev/cli gate --ci > gate-output.txt
# Attach the run record to the ticket / evidence pack
CLI + merge-path gate on your repos. Everything you need to get the gate running.
Teams standardizing merge enforcement with visibility and priority support.
Procurement, SSO, deployment constraints, and dedicated support.
Green CI tells you the code works. ShipGate tells you the change is safe. When compliance asks, you have proof.