Install & first run
You end up with a local data map — every dataset and column, searchable, with the personal data flagged — in about five minutes. No Docker, no account, no demo wall. (In the EU? The same scan also drafts a compliance record you can hand off — an optional extra.) Tell the coding agent already open in your project what you want, or type the command yourself. It is the same command either way.
NODE_VERSION_UNSUPPORTED message
instead of failing strangely; upgrading Node is yours to do (nodejs.org,
or a version manager — nvm, fnm, volta). Regixo checks this itself, before it does anything —
whoever ran the command.Map your data
From the folder that holds your app — the one with your .env, where
DATABASE_URL lives:
“Set Regixo up in this project — scan my sources and build the data map.”
Show the commandHide the commandShow the sentenceHide the sentence
$ npx regixo startYour agent runs the scan. It reads your .env for a database it can already
reach, and reads names and types only — never a row value. It can take the connect-and-scan
default (--yes).
The other question is yours to answer, not its: is your organisation a regulated
financial entity? Regixo cannot infer that, and it decides whether a DORA register is
drafted — so tell your agent the answer, or let it pass --dora.
It should report a data map, a count of datasets and of columns that look like personal data, and a DRAFT GDPR record whose legal fields are deliberately blank.
Check it worked: ask for the summary below, or run
regixo status, and read its coverage line. A source it could not reach is
missing from the map — the counts still print, they are just quietly too low — so the
coverage line names it: ⚠ 1/2 sources reached — the map EXCLUDES stripe.
regixo doctor then says exactly what to fix.
Show what it prints in the terminalHide the terminal outputShow what your agent reportsHide what your agent reports
① A source is reachable — Regixo asks two quick questions, then scans:
Regixo — free to install and use. It maps your data and drafts your compliance record, right here. Nothing leaves this machine. ▸ Looking for your databases… ✓ Found your Postgres database — ready to map (from the DATABASE_URL setting) ? Connect & scan this source? [Y/n] y ? Is your organisation a regulated financial entity (a bank, payment/e-money institution, investment firm, or insurer)? [y/N] n ▸ scanning your sources — names and types only, never the values inside… ✓ Your data map and draft record are ready. To see them, type: regixo open (opens them in your web browser)
② Nothing is connected yet — a normal first run. Regixo doesn’t dead-end; it offers to connect one right here:
Regixo — free to install and use. It maps your data and drafts your compliance record, right here. Nothing leaves this machine.
No database is connected yet.
? Connect one now? [Y/n]- Press Enter / y (the default) → Regixo launches the connector wizard: pick your database, paste the connection, and it scans it in — one motion, no second command.
- Answer n → it points you at
regixo add postgres. Every path is in No database connected yet?
Prefer the terminal? The full recipe, step by stepHide the terminal recipe
1 · Check Node
Regixo needs Node.js 22.18 or newer. Check yours:
$ node -vv22.18.0
Below 22.18, Regixo stops with NODE_VERSION_UNSUPPORTED and installs
nothing. Upgrade via nodejs.org or a version manager (nvm, fnm, volta).
2 · Run it
From the folder that holds your app:
$ npx regixo startNeed to install… Ok to proceed? (y) — press y. That
prompt comes from npx, not Regixo, and it appears only once. Skip it with
npx -y regixo start.3 · Answer the two questions
Regixo asks whether to connect and scan what it found, and whether you are a regulated financial firm. Both are above. Then it scans — names and types, never rows.
4 · Check what you got
regixo status prints the counts and ends on a coverage line — and when a
source drops out, that line names it. regixo sources gives the source-by-source view
(reachability, last-scan age). regixo doctor probes one that won’t connect and names
the fix.
The two questions Regixo asks
There are only two. Your agent can take the default on the first. The second is yours to declare — Regixo cannot infer whether you are a regulated financial firm, so it never guesses, and neither should your agent.
- Connect & scan these N sources? [Y/n]
- Regixo never touches anything until you say yes. Default is yes.
- Is your organisation a regulated financial entity? [y/N]
- Asked so Regixo knows whether to draft the DORA register too — for banks, payment/e-money
institutions, investment firms and insurers. Default is no; set it non-interactively with
--dora.
Check it worked
When an agent runs Regixo, your job shifts: you stop being the one who types, and become the one who says what they want and checks the result. Here is the thing to look at.
“Summarise what Regixo has connected and scanned, and what’s still missing.”
Show the commandHide the commandShow the sentenceHide the sentence
$ regixo statusThree things tell you the truth, and none of them requires trusting the agent’s summary:
1 · The coverage line. It is the last thing regixo status prints, and it
does not make you infer anything — the bad case names the source that dropped out.
2 · The counts. Datasets, and columns that look like personal data. If a source went
missing, these are quietly too low — which is why the coverage line exists. 3 · The stamp.
The record says DRAFT. It is not official until a person signs it, and no agent can change
that.
If something looks wrong: regixo doctor probes each source
and names the exact fix. A source on a network your agent isn’t on will never connect from here —
that is not a failure of the agent, and the honest
routes are here.
Show what it prints in the terminalHide the terminal outputShow what to checkHide what to check
Regixo status — /Users/you/app/.regixo
sources: 2 configured · 2 reachable
datasets: 63 mapped · 55 hold personal data
columns: 398 in total · 170 hold personal data
coverage: ✓ all 2 source(s) reached
record: draft RoPA tracks your map — open it anytime: regixo open…and when a source dropped out — the case worth recognising:
sources: 2 configured · 1 reachable · 1 unreachable (stripe)
datasets: 242 mapped · 12 hold personal data
coverage: ⚠ 1/2 sources reached — the map EXCLUDES stripe (fix: regixo doctor)regixo status --json is the same facts as data: a top-level
scanned, then each source with its reachability (ok ·
unreachable · unscanned) and lastScannedAt, plus the counts.
That is what your agent reads.
What you end up with
- A local catalog written to
.regixo/in your project (or the path in$REGIXO_DATA). Your row values were never read. - If no
regixo.ymlexisted, Regixo wrote one from what it detected — storing only the name of the env var holding each secret, never the secret. - A RoPA drafted and stamped DRAFT, with its legal fields blank on purpose.
The dashboard leads with the map by default. To make the record lead instead, add
--intent compliance (or follow the quiet hint Regixo prints after the scan). Every
command takes --json for scripts and agents.
Don't need the GDPR/DORA drafts? Use it as a plain data catalog
Regixo drafts GDPR and DORA paperwork because that is what its EU users need. If you don't, turn it
off. catalog-only hides:
- the Record (RoPA) tab
- the DORA tab
- the compliance card
- invite and unlock
- the Article 9/10 legal wording
What's left is the data catalog: the map, search, lineage and descriptions.
“Show me Regixo’s current settings.”
Show the commandHide the commandShow the sentenceHide the sentence
$ regixo configYour saved settings, read from regixo.yml. Flip the mode with
regixo config catalog-only on — or off to bring the compliance surfaces
back. The portal's Settings page writes the same setting, and
regixo start --catalog-only does it at first run.
It hides, it never deletes. The switch is visual and reversible — turn it off and everything is exactly where it was. And personal-data discovery keeps running: the map still flags the columns that look like personal data — it labels them sensitive rather than citing GDPR articles.
Show what it prints in the terminalHide the terminal outputShow what your agent reportsHide what your agent reports
Regixo settings — ./regixo.yml catalog-only off — EU compliance (RoPA + DORA) shown intent compliance dora on Change a setting: regixo config catalog-only on|off
No database connected yet? Connect one
A normal first run. Connecting a source is usually an engineer’s job, so pick what fits:
- Have a Postgres database
- Point Regixo at it with an environment variable — the value stays in your shell and is
never written to config — then run again:
say
“Set Regixo up in this project — scan my sources and build the data map.”
Your agent fills in everything except the token — you put that in
.envyourself.Show the commandHide the commandShow the sentenceHide the sentence
run$ export DATABASE_URL=postgres://user:pass@host:5432/yourdb $ npx regixo start
- Prefer a guided wizard
npx regixo add postgresruns a short wizard. Paste your connection string and it offers to save it to a local.env(git-ignored) so it just works — no manualexport.regixo.ymlkeeps only the variable name, never the secret.- Not the technical person
- Forward the on-screen message to whoever manages your databases. It already names the exact command they need, so there’s nothing for you to translate.
Other sources — MySQL, Redshift, SQL Server, Snowflake, BigQuery, Stripe, dbt, a CSV file — connect the same way. The full list and the exact env-var names are in Connect your sources.
regixo sources, then
remove one: regixo sources remove <id> --yes. That drops it from regixo.yml
and clears its mapped tables; your .env is left alone. To wipe everything and start fresh:
rm -rf .regixo. Full detail: Remove a source. Stuck
on a connection? regixo doctor names the exact problem and a runnable fix.Running headless / in CI
Off a TTY (or with --non-interactive / CI set) Regixo never prompts
and never blocks. It takes answers from flags, env vars and regixo.yml;
--yes accepts the recommended defaults. A genuinely missing required value is a
coded error naming exactly which flag or env var to supply — it never hangs. Re-running
start is safe (idempotent); an agent reads state with regixo status --json.
regixo open opens the searchable map, regixo status shows what’s connected and
scanned — neither changes anything. Just connected a source? It needs a scan before there is a map to
open — ask your agent to re-scan, or run regixo start.