apache2-licensed
DX-focused control plane for Postgres dedicated to non-critical workloads. Your postgres:latest replacement 🐘
NeonD is an open-source Neon-based control plane daemon for PostgreSQL. It offers S3-based layer durability, instant branching, precise Point-in-time recovery in seconds. Runs as a single Docker container, handles multi-tenant PostgreSQL instances seamlessly.
Doco-CD stands for Docker Compose Continuous Deployment and is a lightweight GitOps tool that automatically deploys and updates Docker Compose projects and Swarm stacks via webhooks or polling when a change is pushed to a Git repository.
Open-source database client for PostgreSQL, MySQL/MariaDB and SQLite with SQL notebooks, visual EXPLAIN, AI and MCP built in. Hackable with plugins.
Tabularis is an open-source desktop SQL workspace for PostgreSQL, MySQL/MariaDB, and SQLite, with a built-in MCP server so Claude, Cursor, and Windsurf can read your schema and run queries through the same app you already use.
Docker Volume Backups With Safer Restores
VolumeVault is a self-hosted Laravel application for managing Docker volume backups and safe restores to storage backends supported by offen/docker-volume-backup.
Conftest is a utility to help you write tests against structured configuration data. For instance, you could write tests for your Kubernetes configurations, Tekton pipeline definitions, Terraform code, Serverless configs or any other structured data.
Conftest relies on the Rego language from Open Policy Agent for writing policies. If you're unsure what exactly a policy is, or unfamiliar with the Rego policy language, the Policy Language documentation provided by the Open Policy Agent documentation site is a great resource to read.
Related contents:
Agent substrate is a system built on top of Kubernetes which manages agent-like workloads to achieve higher scale and efficiency than Kubernetes alone can offer, with lower latency. It builds on top of Kubernetes features like Pods and Pod autoscaling, but takes the Kubernetes control-plane out of the critical path to achieve lower latency.
Related contents:
Security scanner for AI agent skills. Detect vulnerabilities, malicious patterns, and security risks.
Law to Code. Programming language for literate programming law specification.
A domain-specific language designed by researchers in Computer Science and Law, for precisely deriving algorithms producing automated legal decisions.
Related contents:
- Atelier BlueHats de présentation du langage Catala @ Dinum's PeerTube :fr:.
- [La Cnaf et Inria s’engagent ensemble pour développer Catala, une solution souveraine de calcul des prestations sociales @ caf.fr :fr:](La Cnaf et Inria s’engagent ensemble pour développer Catala, une solution souveraine de calcul des prestations sociales).
Build applications that make decisions (chatbots, agents, simulations, etc...). Monitor, trace, persist, and execute on your own infrastructure.
Apache Burr (incubating) makes it easy to develop applications that make decisions (chatbots, agents, simulations, etc...) from simple python building blocks.
Apache Burr works well for any application that uses LLMs, and can integrate with any of your favorite frameworks. Burr includes a UI that can track/monitor/trace your system in real time, along with pluggable persisters (e.g. for memory) to save & load application state.
An modular asset discovery framework written in python to automate the repeating manual work.
Cygor is a modular asset discovery framework that brings scanning, parsing, and service enumeration together in one workflow. It replaces the patchwork of separate tools with an automated process that handles discovery, enrichment, and targeted enumeration seamlessly — reducing manual overhead and letting you focus on results instead of tool management.
Related contents:
AI Web Infrastructure Platform.
Open source web infrastructure for AI. Scrape, crawl, and automate the web, clean markdown, browser sessions, ready for your agents.
Related contents:
GitHub App for triggering Cilium CI workflows.
GitHub App for triggering workflows based on trigger phrases found in PR comments, and marking desired workflows successful in merge groups, to be used for Cilium CI.
Related contents:
Conductor is an event driven agentic workflow engine providing durable and highly resilient execution engine for applications and AI Agents .
Orchestrating distributed systems means wrestling with failures, retries, and state recovery. Conductor handles all of that so you don't have to.
Build Highly Reliable, Infinitely Scalable Applications Started at Netflix Engineering, built for high performance and planet scale. Cloud Agnostic, Language Agnostic and Deployment Agnostic.
Related contents:
A reference implementation for autonomous vulnerability discovery and remediation with Claude.
Skills for threat modeling, scanning, triage, patching, plus an autonomous scanning harness you can /customize.
Semantic understanding on top of Git. Diff, blame, impact, log. Functions, not lines.
Semantic version control => entity-level diffs, blame, and impact analysis on top of git. 26 languages via tree-sitter. Built for coding agents.
🧪 Local Stack for testing Agent. MCP gateway with a built-in skill library.
One YAML. One endpoint. Every MCP server plus the skills you author alongside them.
Gridctl aggregates tools from MCP servers into a single gateway and serves Agent Skills as MCP prompts to upstream clients. Define your stack in YAML, apply with one command, and connect Claude Desktop (or any MCP client) through one endpoint.
Related contents:
The Ultimate Document Solution.
Turn any PDF or image document into structured data for your AI. A powerful, lightweight OCR toolkit that bridges the gap between images/PDFs and LLMs. Supports 100+ languages.
A federated social application for sports activities and open source Strava alternative with ActivityPub support.
FitPub is a self-hosted fitness tracking platform for the Fediverse. It lets people upload workout files, review their activities with maps and metrics, and share them through ActivityPub instead of locking them into a closed social network.
Concerto is an open source digital signage system. Users submit graphic, textual, and other content, and moderators approve that content for use in a variety of content feeds which are displayed on screens connected to computers displaying the Concerto frontend.
tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF.
Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF.
It manages the packaging, deployment and execution of Gadgets (eBPF programs encapsulated in OCI images) and provides mechanisms to customize and extend Gadget functionality.
Related contents:
Agent Native Code Review.
Battle-tested at Alibaba's scale. Hybrid architecture code review tool: deterministic pipelines + LLM Agent, precise line-level comments, built-in fine-tuned ruleset (NPE, thread-safety, XSS, SQL injection), OpenAI & Anthropic compatible.
Inject web platform expertise, best practices, and modern API patterns directly into your AI coding agents.
Modern Web Guidance is an agent skill (aka SKILL.md) with a CLI that helps coding agents build better web applications using modern, high-performance, accessible, and secure APIs instead of legacy workarounds.
Terminal Emulator for the Web.
wterm ("dub-term") renders to the DOM — native text selection, copy/paste, find, and accessibility come for free. The core is written in Zig and compiled to WASM for near-native performance.
Falco-powered policy and visibility layer for AI coding agents.
Prempti brings Falco to the world of AI coding agents. It gives you guardrails that can deny or ask for confirmation on unwanted behaviors, plus real-time visibility into every tool call your coding agent makes — shell commands, file writes, reads, API calls. Both are driven by Falco rules you can customize to fit your workflow.
Source-available, FIDO2-native, post-quantum-ready encrypted containers.
Store sensitive files in the cloud, or on shared media without trusting the host. LUKSbox is a Rust-based encrypted-container tool with passphrase, FIDO2 (YubiKey, Titan, Nitrokey, Windows Hello), TPM 2.0, and hybrid post-quantum (ML-KEM-768 / 1024) keyslots. Mounts as a real drive on Linux, macOS, and Windows.
Think EDR, but for CI/CD Pipelines. Open-source eBPF-powered runtime security sensor for GitHub Actions and GitLab CI/CD.
Lightning Fast Kubernetes navigator.
⚡ LFK is a lightning-fast, keyboard-focused, yazi-inspired terminal user interface for navigating and managing Kubernetes clusters. Built for speed and efficiency, it brings a three-column Miller columns layout with an owner-based resource hierarchy to your terminal.
AI powered Kubernetes Assistant.
kubectl-ai acts as an intelligent interface, translating user intent into precise Kubernetes operations, making Kubernetes management more accessible and efficient.
LLM inference, optimized for your Mac. Local AI, no more waiting on your Mac.
LLM inference server with continuous batching & SSD caching for Apple Silicon — managed from the macOS menu bar.
macOS-native MLX server with smart caching. Claude Code, OpenClaw, and Cursor respond in 5 seconds, not 90.
Related contents:
Compress tool outputs, logs, files, and RAG chunks before they reach the LLM. 60-95% fewer tokens, same answers. Library, proxy, MCP server.
Headroom is the context optimization layer for LLM applications. Compress tool outputs, DB results, file reads, and RAG results before they reach the model. Same answers, fraction of the tokens.
Related contents:
External Secrets Operator is a Kubernetes operator that integrates external secret management systems like AWS Secrets Manager, HashiCorp Vault, Google Secrets Manager, Azure Key Vault, IBM Cloud Secrets Manager, CyberArk Secrets Manager, Pulumi ESC and many more. The operator reads information from external APIs and automatically injects the values into a Kubernetes Secret.
Related contents:
Automated graph analysis & intelligence.
A modern platform for visual, flexible, and extensible graph-based investigations. For cybersecurity analysts and investigators.
Flowsint is an open-source OSINT graph exploration tool designed for ethical investigation, transparency, and verification.
Kubernetes for Local LLMs.
A Kubernetes operator for self-hosted LLM inference. vLLM, llama.cpp, TGI, NVIDIA, Apple Silicon.
Related contents:
Open-source graph database superpowers for your existing Postgres data.
pgGraph is a PostgreSQL extension for running graph search, traversal, shortest path, and relationship queries directly against ordinary PostgreSQL tables.
Your tables stay the source of truth. pgGraph builds a derived graph index and lets you query it from SQL using functions in the graph schema.
Sub-millisecond cache for ML/AI workloads. Parquets in, Arrow-Flight out.
Murr is a caching layer for ML/AI data serving that sits between your batch data pipelines and inference apps.
A RocksDB-based NVMe/S3 cache for AI inference workloads. A faster Redis replacement, optimized for batch low-latency zero-copy reads and writes.
Local-first persistent memory for AI coding agents (Claude Code, Cursor, Codex) via MCP. 94.5% LoCoMo recall@10, 70ms p50, multilingual, zero API keys.
Related contents:
- [How I built local-first memory for Claude Code, Cursor, and Codex - 94.5% LoCoMo recall@10, 70ms p50 @ HackerNoon.
Your Logitech mouse, finally local.
A native, local-first alternative to Logitech Options+, written in Rust 🦀. Remap buttons, drive DPI and SmartShift over HID++ — with no account and no telemetry.
Automated Backups, Sleep Peacefully
A wrong query can corrupt your data in seconds. Portabase is a 100% open-source, self-hosted solution to automate backups and restore your databases on demand.
Terminal-first AI-native dev workspace.
Terax is a lightweight open-source terminal (ADE) built on Tauri 2 + Rust and React 19. A native PTY backend with a WebGL renderer, an agentic AI side-panel that runs against your own keys or fully local models, plus a code editor, file explorer, source control with a git graph, and a web preview pane built in. About 7-8 MB on disk. No telemetry. No account.
Make analytics context usable by agents
ktx is an open-source context layer for data agents. It turns warehouse metadata, BI tool definitions, query history, docs, and approved metric definitions into reviewable files agents can search and execute.
ktx is an executable context layer for data and analytics agents 🐙 Allow Claude Code, Codex, and any AI agent to query data accurately through MCP with skills, memory and a semantic layer
pen-source LLM Friendly Web Crawler & Scraper.
Crawl4AI turns the web into clean, LLM ready Markdown for RAG, agents, and data pipelines. Fast, controllable, battle tested by a 50k+ star community.
A virtio-fs vhost-user device daemon written in Rust.
Related contents:
Every agent deserves its own machine.
Run agents in secure, local-first sandboxes. On your laptop, in your VPC, on-prem, or in our cloud. Programmable, fast, and yours.
microsandbox takes a different approach: every sandbox is a real VM with its own Linux kernel. It provides security primitives for preventing exploits like secret exfiltration. And it runs locally on your machine.
Related contents:
Sysbox is an open-source, next-generation runc that empowers rootless containers to run workloads such as Systemd, Docker, Kubernetes, just like VMs.
Related contents:
Customization of kubernetes YAML configurations.
kustomize lets you customize raw, template-free YAML files for multiple purposes, leaving the original YAML untouched and usable as is.
kustomize targets kubernetes; it understands and can patch kubernetes style API objects. It's like make, in that what it does is declared in a file, and it's like sed, in that it emits edited text.
Read-only developer endpoint scanner for on-disk package, extension, and developer-tool metadata, built to check exposure to known software supply-chain compromises.
Related contents:
Open source repository of plugins primarily intended for knowledge workers to use in Claude Cowork
Google's open source distributed agent runtime.
AX, short for Agent eXecutor, is a distributed agent runtime. It provides a runtime that coordinates agentic loops, manages executions with event logging, and communicates with both local and remote actors. AX is designed for reliability, with native support for recovery and execution resumption, even in complex distributed setups.
Privacy proxy for your OpenAI requests.
An intelligent privacy layer for AI APIs. Kiji automatically detects and masks personally identifiable information (PII) in requests to AI services, ensuring your sensitive data never leaves your control.
Related contents:
Your agent's query language. One SQL interface over APIs, files, and live sources — built for agents.
Coral gives agents a local-first SQL runtime over APIs, files, and other data sources. Query it from the CLI, inspect schemas and tables, or expose the same runtime over MCP so agents can use it without bespoke tool glue.
AI-powered desktop SQL client. Cross-platform. Built with Flutter.
openhare is an AI-powered, cross-platform desktop SQL client with multi-database support, built for everyday development, data analysis, and DBA management workflows.
Related contents:
A multi-tenancy and policy-based framework for Kubernetes.
Capsule implements a multi-tenant and policy-based environment in your Kubernetes cluster. It is designed as a micro-services-based ecosystem with the minimalist approach, leveraging only on upstream Kubernetes.
A PostgreSQL protocol adapter for SQLite databases. This project allows PostgreSQL clients to connect to and query SQLite databases using the PostgreSQL wire protocol.
Run Coding Agents in Sandboxes. Control Them Over HTTP. Supports Claude Code, Codex, OpenCode, and Amp.
Related contents:
Infrastructure as TypeScript
Deploy to Cloudflare, AWS, and more with pure TypeScript. Generate support for any API in minutes with AI.
Alchemy is an embeddable, TypeScript-native Infrastructure-as-Code (IaC) library for modeling Resources that are Created, Updated and Deleted automatically.
Windows EVTX log analysis for DFIR — fast parsing, ATT&CK mapping, IOC extraction, and Sentinel anomaly detection. Normal + Juggernaut Mode (Arrow/DuckDB) for 10M+ events.
Refreshingly simple local chat. Local AI for Text, Images, and Speech
The omni-modal alternative to cloud AI. Automatically optimized for your GPU and NPU. Open source, community driven, and private.
Related contents:
Local AI anywhere, for everyone — LLM inference, chat UI, voice, agents, workflows, RAG, and image generation. No cloud, no subscriptions.
Dream Server is the exit. A local-first AI stack — LLM inference, chat, voice, agents, workflows, RAG, image generation, and privacy tools — deployed on your hardware with a single command. No cloud required. No subscriptions required. No one watching. Cloud and hybrid API modes are optional when you choose them.
The programming language for agents
Zero is a systems language designed so humans and AI agents can read, repair, inspect, and ship small native programs together. It keeps effects explicit, memory predictable, and compiler output structured.