Diffsurge
FeaturesHow it WorksDocsContact
Log inGet Started
API Drift Detection

Catch breaking API changes before your users do

Diffsurge captures production traffic, replays it against your staging builds, and surfaces every breaking change — so you ship with confidence instead of crossing your fingers.

Start for freeRead the docs

Free forever for schema diffing · No credit card required

terminal

Signal Analysis

ENDPOINTS SCANNED

2,847

BREAKING CHANGES

12

CONFIDENCE

99.5%

< 5ms

Proxy latency overhead

1,000+

Requests per second replay

99.9%

Uptime SLA for proxy

5 min

Setup to first diff

Features

Everything you need to ship without fear

From static schema checks in CI to live traffic replay in production — a complete safety net for every API change.

Schema Guardian

Detect breaking changes at the schema level

Parses OpenAPI 3.x, GraphQL SDL, and gRPC proto files. Compares endpoints, request params, and response shapes — flagging every breaking change with severity.

$ surge schema diff --fail-on-breaking

Comparing 47 endpoints…

✗ BREAKING POST /api/users

└─ Required field removed: "email_verified"

⚠ WARNING GET /api/users/:id

└─ Type: "age" string → number

✓ SAFE 45 endpoints unchanged

Traffic Proxy

Capture production traffic without code changes

A lightweight reverse proxy that samples real request/response pairs. Async buffering keeps latency under 5 ms.

PII Redaction

Automatic sensitive data masking

Emails, phones, credit cards, and SSNs are redacted before storage.

"email"
john@acme.co***@***.co
"phone"
+1-555-0199+1-***-****
"card"
4242…4242****…****
Replay Engine

Replay 1,000+ requests per second against staging

Fires captured traffic at your new build with configurable concurrency. Semantic comparison ignores field order — only real differences surface.

POST /checkout
42msmatched
GET /cart
18msdrift
PUT /profile
31msmatched
Live Dashboard

Real-time visibility into every request

Filter traffic by path, method, and status. Run replays from the UI. Browse drift reports sorted by severity.

Requests / min1,247 total
12:0015:0018:00
How it works

Four steps to safer deployments

Go from zero to production-grade API regression testing in minutes.

01

Install the CLI

One command, zero dependencies. Install the Surge CLI globally via npm or run it directly with Docker. Works on macOS, Linux, and Windows.

$ npm install -g diffsurge

  added 1 package in 2.1s

$ surge --help

  surge — Catch breaking API changes
  before your users do

  Commands:
    diff       Compare two schema files
    schema     Schema management
    replay     Replay traffic
    version    Print version
02

Diff your API schemas

Surge compares OpenAPI, GraphQL, and gRPC schemas — flagging every breaking change with severity and a JSON path.

$ surge schema diff \
    --old api-v1.yaml \
    --new api-v2.yaml

  Comparing 47 endpoints…

  ✗ BREAKING  POST /api/users
    └─ Required field removed: "email_verified"
  ⚠ WARNING   GET /api/users/:id
    └─ Type changed: "age" string → number
  ✓ SAFE      45 endpoints unchanged

  1 breaking · 1 warning — exit code 1
03

Capture production traffic

Deploy the proxy as a sidecar or standalone container. It samples real traffic, strips PII, and buffers asynchronously.

$ docker run -d \
    -e TVC_STORAGE_POSTGRES_URL=... \
    -e TVC_STORAGE_REDIS_URL=... \
    -p 8081:8080 \
    equixankit/diffsurge-proxy

  ▸ Proxy listening on :8080
  ▸ Sampling 10% of traffic
  ▸ PII redaction: enabled
  ▸ Buffer: 10,000 slots / 20 workers
04

Replay and compare

Point the replay engine at your staging build. It fires captured requests, compares every response, and produces a drift report.

$ surge replay \
    --source traffic.json \
    --target http://staging:8080

  Replaying 1,247 requests...

  ✓ 1,241 responses matched (99.5%)
  ⚠ 4 warnings  (type coercion)
  ✗ 2 breaking   (missing fields)
  ▸ Report saved to drift-report.json
What Diffsurge catches

The breaking changes that slip through unit tests

Unit tests verify logic. Integration tests verify contracts. Diffsurge replays actual production traffic — catching real-world mismatches before your users do.

breaking

Removed fields

A required field is removed from a response body

breaking

Type changes

A field type changes — string becomes number

breaking

Deleted endpoints

An endpoint is renamed or removed entirely

breaking

New required params

A new required query parameter is added

warning

Shape changes

A nested object structure changes its shape

warning

Latency regressions

Response time regresses beyond a threshold

warning

Status code drift

A status code changes for identical requests

info

PII leaks

PII appears in a field that was previously clean

Runs everywhere

Works with your stack,
not against it

A single binary with zero dependencies. Drop it into your CI/CD pipeline — standard exit codes mean your workflow blocks automatically on breaking changes.

macOS
Linux
Windows
Docker
CI/CD
Kubernetes

FAQ

Frequently asked questions

Everything you need to know about Diffsurge. Can't find what you're looking for? Reach out.

Diffsurge is a developer infrastructure tool that acts as a safety net between your staging and production environments. It works in three stages: First, the CLI detects breaking changes in your API schemas (OpenAPI, GraphQL, gRPC) during CI. Second, a lightweight reverse proxy captures a sample of your production traffic. Third, the replay engine fires that traffic at your staging build and compares every response, surfacing any drift before you deploy.

Diffsurge catches static schema issues — removed required fields, type changes (string → number), deleted endpoints, new required parameters — as well as runtime differences like changed response shapes, missing fields in JSON bodies, status code mismatches, and latency regressions. The diff engine uses semantic comparison, so it ignores cosmetic differences like whitespace or field ordering.

The proxy adds less than 5 ms of latency at p95. It uses an async capture pipeline — request/response pairs are written to a buffered channel and processed by a background worker pool, so the forwarding path is never blocked by storage I/O. You can also configure the sampling rate (e.g., capture 10% of traffic) to reduce overhead further.

Yes. The proxy includes automatic PII redaction that runs before any data is stored. It detects and masks email addresses, phone numbers, credit card numbers, and SSNs using configurable regex patterns. On the Enterprise plan, you can define custom detection rules for domain-specific sensitive fields.

Absolutely. The CLI is a single binary that runs on macOS, Linux, and Windows. Add `surge schema diff --fail-on-breaking` to your GitHub Actions, GitLab CI, Jenkins, or CircleCI workflow. It returns exit code 0 for no changes, 1 for breaking changes, and 2 for errors — so your pipeline blocks automatically when a breaking change is detected.

Diffsurge supports OpenAPI 3.0 and 3.1 (Swagger), GraphQL SDL, gRPC Protocol Buffers, and raw JSON schemas. The diff engine normalises paths and types across formats, so you get consistent breaking-change detection regardless of your API technology.

Load testing checks if your system handles volume. Replay testing checks if your system returns correct responses. Diffsurge replays real production traffic — with real data shapes, edge cases, and parameter combinations — against your staging build and semantically compares every response. It finds the bugs that unit tests and synthetic test suites miss.

The CLI and schema diffing engine are open source under the MIT licence. The traffic proxy, replay engine, and dashboard are available on the Pro and Enterprise plans. You can self-host the entire stack or use our managed service.

Ready to stop shipping breaking changes?

Start catching API drift today. Free forever for schema diffing.

Start for freeRead the docs