undefined | Better HN

0 pointsgraypegg1mo ago0 comments

I mean, to be super candid back at you: if you don't have the bandwidth to maintain/support another open source project, I also doubt you have the bandwidth to maintain a custom-built key/token/password store entirely on your own, for free.

Your pitch for storing "API keys, tokens, and credentials" puts you personally in a rather liable position if someone uses this exactly as described, and you've made a mistake in code no one else has seen that either gives YOU those credentials, or leaks them somewhere another party can see them. (Analytics, logs)

For yourself, this is kick-ass and solves a real problem. But I might refrain from pitching it for use by others because there's basically only downside for you in that.

0 comments

dannytatom1mo ago

to clarify, i meant i don’t have the bandwidth to run this as a business and an open source project. not either, but both.

that said, i thought more on it last night, and i’ve decided to open source it. just going to be explicit in the README that i wont be offering support for anyone wanting to self host atm, just wasn’t built to be easy to self-host (external service dependencies and etc).

j / k navigate · click thread line to collapse

0 pointsgraypegg1mo ago0 comments

For yourself, this is kick-ass and solves a real problem. But I might refrain from pitching it for use by others because there's basically only downside for you in that.

0 comments

dannytatom1mo ago

to clarify, i meant i don’t have the bandwidth to run this as a business and an open source project. not either, but both.

j / k navigate · click thread line to collapse