-
bytebase
The GitLab/GitHub for database DevOps. World's most advanced database DevOps and CI/CD for Developer, DBA and Platform Engineering teams.
-
chatwoot
Open-source live-chat, email support, omni-channel desk. An alternative to Intercom, Zendesk, Salesforce Service Cloud etc. 🔥💬
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
-
IdentityServer
The most flexible and standards-compliant OpenID Connect and OAuth 2.x framework for ASP.NET Core
Author here
>> I find it hard to believe they're actually using all these tools on a regular basis.
We do rely on all mentioned tools, though for some tools, we only use them occasionally due to their nature (e.g. we don't need to visit Pulley every day to manage equities).
>> Excalidraw (???)
Oh, Excalidraw Plus
>> Their docs appear to be using Docusaurus which comes with Algolia out of the box, so ???
The Algolia part is correct, while we are Vue based, so we built our own and also implement some special markdown syntax to facilitate tech writing https://www.bytebase.com/docs/document-write-guide
>> The R&D team of just over 10 members releases a new version every two weeks, and each version has 100 to 150 PRs submitted.
It's an open source project https://github.com/bytebase/bytebase. And most are small PRs. Here is our review guide line: https://github.com/bytebase/bytebase/blob/main/docs/code-rev...
Look at ChatWoot[1] too. It has a an OpenSource[2] self-host option. They claim to be a customer engagement suite, an alternative to Intercom, Zendesk, Salesforce Service Cloud etc. I have no relationship with them.
1. https://www.chatwoot.com/
2. https://github.com/chatwoot/chatwoot
> This is a false dichotomy: people can choose to use a framework that handles auth competently, such Django or Rails, no need to roll their own.
If you want a centralized auth provider across different services, then something like Keycloak is indeed a good choice, which is why I mentioned it: https://www.keycloak.org/ Of course, for the actual services, you should go with a standard OIDC/OAuth2 library, or something like that, even a proven JWT library if need be.
Having Django or Rails (or one of the supporting libraries, like Devise) handle auth and permission control for more self-contained applications is also fine.
I'd just like to caution against writing your own badly documented and badly tested framework for auth, along the lines of storing unsalted MD5 password hashes, or even doing certain controls client side (although I haven't seen this personally, I've definitely seen lacking implementations and have heard stories from others in the industry).
> As you said, there are plenty of local options that you only need to run.
I think managed databases are a good analogy here. While I might run my own PostgreSQL/MariaDB instance, many out there won't be overjoyed at the idea of actually needing to run and manage the damned thing, as well as set up some kind of alerting and handling the need to eventually scale it up.
> It also has the largest risk of compromise and data leaking from any service you may use...
PII is definitely a big concern, even if something like password hashes aren't too useful on their own (provided that they're salted), though in cases like that it might actually make a lot of sense to utilize a widely used and tested solution that's specialized for this particular use case.
In many cases, thousands of people across the globe will be able to develop something and squash any bugs in it better than you might be able to do individually or with your own team, though there might be a few exceptions out there. Auth is probably not one of the cases where you want to write code without a lot of eyes on it.
> ...the largest amount of potential lock-in...
This is debatable: standards like OAuth2 and OIDC technically make many of the solutions and libraries way more pluggable and make it easier to choose between various implementations, depending on your needs.
Of course, something like Keycloak also has its own API (as do many of the cloud offerings) so if you build too much automation around a particular implementation, then that advantage partially goes out the window.
> ...and the least need for integration.
I'm not sure about this, it probably depends on your architecture. If you have a monolithic web app, then you probably don't need a separate turnkey/SaaS solution, whereas if you have an ever growing number of services, whilst you want to manage authentication and accounts against all of them centrally, then something like Keycloak (or one of the cloud alternatives) become way more lucrative.
That said, I'd still opt for self-hostable options whenever possible, albeit I also don't trust cloud based password managers and such, preferring something like KeePass instead. I've probably just come to a different conclusion in regards to usability/responsibility/features/security than some other people.
Sadly, there aren't that many good options out there at the moment, apart from Keycloak. For example, IdentityServer is promising, but went in a commercial direction: https://duendesoftware.com/products/identityserver#pricing