Thank you! We're still working on the hosted offering, hence the "coming soon" pricing page.
Regarding Valkey, I included it as an example of a Redis compatible alternative, but you're right, it's probably better to use it in our Docker Compose file as well. Thanks also for pointing out the licensing considerations around Minio, will definitely look into that.
I tried booting it up and two things:
- this is just evil. Pure. evil. https://github.com/colanode/colanode/blob/v0.1.3/apps/deskto...
If that's the kind of error handling that you believe in, one should have religious backups of any data placed into this
- It seems to actually puke if one doesn't provide it a live, TLS enabled, SMTP server[2] which (a) WTF (b) isn't present in the docker-compose
Thankfully replacing .verify with return new Promise(() => true) at least let the server start
2: https://github.com/colanode/colanode/blob/v0.1.3/apps/server...
Here an example of it taking arbitrary input and blindly casting it to a type; anything after this point can blow up. There seems to be no input validation anywhere.
const input = req.body as SyncMutationsInput;
And the database use looks racy, sometimes not using transactions at all but having a read-modify-write cycle, no GET FOR UPDATE seen anywhere in transactions. Somebody is going to figure out how to do nasty things to the data.
Thank you for taking the time to test it and call these issues out. Both points slipped through our refactor/cleanup checklist.
- We’ll replace the current error handling for server sync with something safer and more graceful.
- We’ll make SMTP optional, expose TLS verification as a configurable setting and update the docker-compose.
We’ll make these improvements soon, thanks again for the heads-up.