Dino

Philosophy

Determinism is a feature.

Dino is the quality layer your CI pipeline depends on. A layer your pipeline depends on must be deterministic: same input, same output, every time. No probabilistic scoring, no "it passed last run" flakiness, no model of the month.

Why we don't trust AI for quality decisions

A model that gives different outputs for the same input is useful for creativity. It is catastrophic for the layer your CI pipeline depends on.

Dino's pipeline is deterministic. The same API, the same config, the same scan, produces the same score and the same list of findings. Every time. AI reasoning is optional and additive: it explains findings in plain English, but it never overrides a deterministic score, never blocks a scan, and never decides what's a finding.

If a reasoning provider is down, Dino completes the scan without it. The scan is the contract. The reasoning is the commentary.

The Hypothesis principle

Dino's developer experience is modeled on Hypothesis, David MacIver's property-testing library. Hypothesis does not dump every failure at you at once. It shrinks to a minimal reproduction, tells you exactly what to look at, and earns the right to complexity one scan at a time.

Four ideas we stole and made load-bearing in Dino:

  • Shrink to minimal reproduction. A scan with 42 findings is not useful. A scan that tells you which single finding is blocking the release is.
  • Zero-config first scan. Your first scan should require one command. Everything else is an incremental opt-in.
  • Progressive disclosure. Dino earns the right to act. First it watches. Then it suggests. Then it suggests fixes. Then, only if you say so, it enforces. See the Shadow Mode section below.
  • Explicit feedback.Every finding tells you what Dino found, when, where, and since when. "Would flag" when Dino is observing. "Is protecting" when Dino is acting. Never ambiguous.

Shadow Mode as philosophy

Every other approach to API quality starts at maximum noise. You configure it, run it, get 47 alerts, and turn it off. We built Shadow Mode because we think trust is earned, not assumed.

Dino watches silently first. It builds a baseline. It learns what normal looks like on your API. Then it starts suggesting, never assuming. You control when it acts. You control when it enforces.

L1Observe

"Dino is watching"

Watches live traffic. No action taken.

L2Suggest

"Dino would flag this"

Flags issues in real time. No blocking.

L3WriteComing

"Dino would suggest a fix"

Generates fix suggestions and draft PRs.

L4EnforceComing

"Dino is protecting"

Blocks requests that violate contract.

The timeline above is not marketing. It is the actual progression every Dino deployment goes through. L1 Observe is where we start. L2 Suggest is where we are today. L3 Write and L4 Enforce are on the roadmap, not vaporware: they will ship, and the same page you are reading will say so when they do.

Next:Read the docs →·See how we handle your data →·Install Dino →