Zero-build privacy policies with Astro

What changed

OpenPolicy has simplified its Astro workflow: the integration that used to generate Markdown files at build time is gone. Instead, the core library now compiles policies inline from a single config, so you can call it from Astro frontmatter with no plugin, no Vite hook, and no generated src/generated/ directory. Want the short install? bun add @openpolicy/sdk @openpolicy/core @openpolicy/renderers — three packages and you’re done.

How it works

Drop a defineConfig() file (src/lib/openpolicy.ts), expand it on the page with expandOpenPolicyConfig(), compile the policy, and renderHTML into set:html — all inside the page’s frontmatter. Example functions like compile, expandOpenPolicyConfig and renderHTML do the heavy lifting; compile builds each policy’s sections, renderHTML turns them into an HTML string, and Astro renders it statically. Everything still runs at build time, so zero JavaScript ships to the browser. Neat, right?

Why it matters

Less friction. No extra package to maintain, no .gitignore tango, and no watch step between config and pages. It’s a small change with a big ergonomic payoff for teams practicing the Jamstack/no-JS-at-runtime ethos: same static output as before, but a cleaner developer experience. If privacy pages felt like plumbing, this makes them feel more like a faucet — easier to turn on, easier to leave alone.

Sources: openpolicy.sh, Hacker News