An intent-first, truth maintenance language for declaring and enforcing system guarantees
Stop writing procedural scripts. Declare what should be true, and EnsuraScript maintains it automatically.
Continuous monitoring detects drift and automatically repairs violations. Your guarantees stay enforced, always.
Build reusable policy libraries. Apply complex configurations with a single ensure statement.
Every action is explainable and predictable. No AI hallucinations—just deterministic rule-based inference.
Automatic dependency resolution and topological execution. No more ordering headaches.
Encrypted secrets, permission enforcement, and audit trails built into the language itself.
Infrastructure drifts. Configuration files change. Permissions get modified. Security policies break. Traditional automation runs once and forgets. You're left manually checking, fixing, and re-running scripts.
There's a better way.
# Traditional approach: imperative, fragile, runs once
# touch secrets.db
# chmod 0600 secrets.db
# encrypt secrets.db --key=$SECRET_KEY
# EnsuraScript: declarative, self-healing, continuous
on file "secrets.db" {
ensure exists
ensure encrypted with AES:256 key "env:SECRET_KEY"
ensure permissions with posix mode "0600"
}
on violation {
retry 2
notify "ops"
}What happens?
# Run once, enforce forever
ensura run config.ens
# See exactly what will happen before it does
ensura plan config.ens
# Validate your configuration
ensura compile config.ens
# Check without enforcing (dry run)
ensura check config.ensTruth Maintenance, Not Task Automation
Traditional scripts tell the computer how to do something. EnsuraScript tells it what must be true. The runtime maintains those truths automatically, forever.