buf
permify
buf | permify | |
---|---|---|
39 | 39 | |
8,258 | 2,504 | |
1.4% | 3.9% | |
9.5 | 9.8 | |
3 days ago | 2 days ago | |
Go | Go | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
buf
-
5 Open Source tools written in Golang that you should know about
The Buf CLI is a versatile tool designed for handling Protocol Buffers (Protobuf), a method of serializing structured data. It offers several key features, including managing Protobuf assets through the Buf Schema Registry (BSR), providing a linter to enforce optimal API design and structure, and a breaking change detector to maintain compatibility either in source code or at the wire level. Additionally, the Buf CLI includes a generator that activates plugins based on user-defined templates and a formatter to standardize the formatting of Protobuf files according to industry norms. It also integrates seamlessly with the Buf Schema Registry, supporting comprehensive dependency management.
-
Create Production-Ready SDKs With gRPC Gateway
We'll use the Buf CLI as an alternative to protoc so that we can save our generation configuration as YAML. Buf is compatible with protoc plugins.
-
gut: convert golang structs to typescript interfaces
Not so much anymore! Take a look at buf.build, it makes the whole thing notoriously easy :)
-
Flutter + gRPC for Desktop and Mobile App Development - Good choice?
In my opinion it's a good idea, it's the architecture we use at work, and it works well for us. The main limitation to be aware of is that many PaaS don't support gRPC traffic (because of the proxies used). For example, DigitalOcean App Platform or Heroku if I remember correctly. If the way you want to host your backend is OK with HTTP/2 and gRPC traffic, then it's not a limitation. One way around this limitation is to use the gRPC-Web protocol, or the Connect protocol (https://connect.build/). Unfortunately, Dart's gRPC client does not support the gRPC-Web protocol outside the web platform. So for a mobile application, it's not usable at the moment. (If this PR were accepted, it would solve the issue: https://github.com/grpc/grpc-dart/pull/557.) As for Connect, no client is currently offered by Buf for Dart. Don't hesitate if you want to know more. That said, I'd advise you to use the Connect implementation for Go to implement your backend. Connect will enable your server to speak all three protocols (gRPC, gRPC-Web and Connect), which is very useful in the long term. What's more, the code is cleaner, and you benefit from official support for observability with OpenTelemetry. If you don't know Buf (the creators of Connect),I suggest you visit their website: https://buf.build/. :-) Good luck!
-
Building a modern gRPC-powered microservice using Node.js, Typescript, and Connect
As mentioned in the intro, we are going to use Buf and Connect as our tools. We’ll start by installing the dependencies.
-
Building High-Performance Web Services with Golang gRPC
gRPC itself is quite nice, especially with buf which makes generating Go code much easier. The rest of the code was in a bad state. Unmaintained router packages, repository pattern without any actual benefit or a repository pattern.
-
gRPC vs REST: Comparing API Styles in Practice
The second big difference is that we now have auto-generated client and server stubs. For this task, I chose to use buf and the protobuf-ts plugin in order to generate idiomatic Typescript classes and objects. Not only do these classes describe the types we'll use in the server and client, but also includes the actual gRPC implementations used to serialize and send messages back and forth across the wire.
-
Show HN: ProtoCURL, a Curl for Protobuf
Our team has been using Buf (https://buf.build) recently, and they have a nice solution for schema dependency management.
-
Resources for getting into cloud computing?
I've found that https://buf.build/ is easier to use than protoc directly.
-
Issues with proxying gRPC services to web, and a potential prototype
Consider checking out https://connect.build from https://buf.build. Supports a simpler protocol than grpc-web. Includes a js/ts client for frontend. Then you don’t necessarily need a rest layer, but could leverage the proxy your building.
permify
-
Policy-Based Access Control (PBAC): A Comprehensive Overview
However, in this piece we're focusing on the PBAC model also known as Policy-Based Access Control and how it differentiates itself these from traditional access control models in terms of scalability, flexibility and security.
-
Show HN: AI assistant powered by Groq to generate authorization models
Hi I'm Karan, one of the maintainers of Permify (https://github.com/Permify/permify), an open source authorization service to build scalable authorization systems.
I want to share with you that we've built an AI assistant to help modeling your desired authorization logic! You can basically describe your authorization logic in Permify AI and it will generate the respective model and semantics accordingly. Think of it like ChatGPT for authorization modeling/policy generation.
Here's the project if you would like to play with it: https://ai.permify.co/.
Brief backstory:
Since authorization is generally a domain specific issue use cases vary widely - roles, relationships, attributes, hierarchies between business units, contextual permissions, etc.
To address this, we're offering a domain specific language that we built purely using golang to help model authorization logic programmatically. You can see what it looks like with sample examples in our playground: https://play.permify.co/
Although our domain specific language helps our users significantly, the general idea of policy generation is hard challenging if you have complex authorization logic and versatile permission requirements. Additionally, the flexibility of our modeling language allows for achieving the same policy/permissions through various approaches. But creating the best possible policy is crucial for several reasons including the performance of access checks, the readability of the authorization logic, visibility, and achieving least privilege, etc.
When we tallied up all those reasons, it hit us: using AI could really smooth out the policy generation process. It could not only reduce the engineering effort but also yield the best possible results. That's why we integrated Groq to make to create Permify AI!
Would love to get your feedback on this!
- OAuth 2.0 implementation in Node.js
-
Implementing JWT Authentication in a Golang Application
At that point consider exploring our solution, Permify. It's a Google Zanzibar-based open-source authorization service that helps to build scalable authorization systems.
-
Relationship Based Access Control (ReBAC): When To Use It
Additional to shifts from large tech companies, ReBAC based solutions increased over the time. We're also one of them, building an open source authorization service that builds its core on top of ReBAC and Google Zanzibar.
-
5 Open Source tools written in Golang that you should know about
Permify is an open-source service for creating and managing complex permissions in applications, inspired by Google Zanzibar. It offers a flexible authorization language compatible with various models like RBAC, ReBAC, and ABAC, and allows for efficient authorization data management in preferred databases. Permify's API facilitates access checks, resource filtering, and bulk permission analyses. It also includes comprehensive testing tools for authorization logic, including scenario-based testing and policy coverage analysis. Additionally, Permify supports multi-tenancy, enabling distinct authorization models for different applications within a single instance.
-
Authentication vs Authorization: Exploring The Difference
As Permify we're building open source authorization infrastructure to build fine grained authorization systems at scale. Would love to learn your use case and help you to build robust authorization systems. Don't hesitate to reach us from our Discord Channel!
- Permify: Open-Source Authorization Service For Building Fine Grained Authorization Systems At Scale!
-
Open-Source Authorization Service for Building Scalable Authorization Systems
I’m one of the maintainers of the OSS project Permify (https://github.com/Permify/permify), an open-source authorization service inspired by Google Zanzibar, which is the global authorization system used at Google to handle authorization for hundreds of its services and products, including YouTube, Drive, Calendar, Cloud, and Maps.
-
Show HN: Blending Go and WebAssembly to Build Authorization Playground
Hi folks,
I’m one of the maintainers and co-founder of the Go OSS project Permify (https://github.com/Permify/permify), an open-source authorization infrastructure inspired by Google Zanzibar.
I would like to share a post where we aimed to provide a brief overview of how we integrated WASM with Golang to provide a richer user experience in our open-source playground. You can use the playground to create and test any authorization logic in a browser.
The playground has three main sections:
Schema: to model your authorization logic through our domanin specific language we built.
Data: to create sample authorization data according to the model for use in tests.
Enforcement: to test your authorization structure bt access check scenarios.
Here's the post if you're interested: https://www.permify.co/post/wasm-go/
And here's the playground: https://play.permify.co/
Appreciate your time!
What are some alternatives?
protoc-gen-validate - Protocol Buffer Validation - Being replaced by github.com/bufbuild/protovalidate
Ory Keto - Open Source (Go) implementation of "Zanzibar: Google's Consistent, Global Authorization System". Ships gRPC, REST APIs, newSQL, and an easy and granular permission language. Supports ACL, RBAC, and other access models.
prototool - Your Swiss Army Knife for Protocol Buffers
openfga - A high performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar
grpc-web - gRPC for Web Clients
spicedb - Open Source, Google Zanzibar-inspired permissions database to enable fine-grained access control for customer applications
goprotobuf - Go support for Google's protocol buffers
topaz - Cloud-native authorization for modern applications and APIs
gRPC - The C based gRPC (C++, Python, Ruby, Objective-C, PHP, C#)
kala-go - An authorization framework written in Go based on Google's Zanzibar.
oapi-codegen - Generate Go client and server boilerplate from OpenAPI 3 specifications
OPA (Open Policy Agent) - Open Policy Agent (OPA) is an open source, general-purpose policy engine.