I don’t care what you do but you are placing a lot of assumptions on the word vibe coded. If you’re interested, look at the code and see for yourself, that’s why it’s open source. If you aren’t that’s fine, because nothing is for sale here.

It would, but that *would only work/be possible if *you are running docker as the root user. Though people OFTEN create a docker user that runs docker as root, which is a bad practice and source of confusion. Docker is plenty safe, but I don’t even want to argue that, it’s completely irrelevant. I don’t actually care how you run it. Docker compose is by far the standard for home server applications. You can use podman with it, it’s fine. You can skip it entirely and run it directly. These are merely options provided.

Here is the install instructions for Sonarr, arguably the most famous example of something people self host. https://sonarr.tv/#downloads-docker

They have non-docker instructions too of course, as do I. Am I correct that a few of you are mad that I included dockerfiles and docker compose examples in the repo? Where did I go wrong?

https://github.com/TechSquidTV/Hermes/blob/main/packages/hermes-api/app/core/security.py

Well I think you lied. Only password hashes are stored and verified using bcrypt. I want to see the issue you claim to have found. So, where did you see this security issue you claim I have a responsibility to fix?

Here’s the test that proves user’s are registered with a hash. https://github.com/TechSquidTV/Hermes/blob/ff1abe653a8af66073a566d4b2c6d1910f25dae1/packages/hermes-api/tests/conftest.py#L87

the user model in the database doesn’t even have a password field: https://github.com/TechSquidTV/Hermes/blob/ff1abe653a8af66073a566d4b2c6d1910f25dae1/packages/hermes-api/app/db/models.py#L295

So please, what am I missing?

No to be clear, open source code owes you absolutely nothing at all and has zero responsibilities. It’s important that you know that.

Thanks for looking. Make a pr.

Are you incapable of reading the source for yourself? It is freely available.

Ok but the comment I am responding to was specifically talking about that, so… irrelevant.

If you had a point, it would have been inferred. Instead it reads like an upset user who doesn’t understand how open source works. But please feel free to explain it to me.

This works for your phone and can be triggered externally.

pinchflat I hadn’t seen that one before. No it’s pretty similar to be honest. I am planning on small feature that would make it slightly different but, ya same idea. I do like my UI more 🤷. That was my main issue with most of the existing ones that I had seen, I just didn’t liek the UI. Except for cobalt.tools, but it’s broken.

virtually all home server setups run docker compose. No one is complaining about Docker, they’re complaining about AI. The code is immaculate. Its fully tested as well. No one has looked at the code, they’ve just complained.

Also idk where you heard Docker is like giving root, thats just not correct on multiple levels. If it were a privledged container, which is unnecessary, then we could have a discussion. If you want a daemonless service, use podman. Use anything you want, the source is there. Docker is not a requirement but is certainly not an issue in any way.

what do you mean “my users”. its free. its open source. what are you talking about.

dumb.

It sucks but you wont try it and have no frame of reference. Give it a download. Try it out. Give me your honest opinion without this weird bias about how it was made.

ty! screen.studio

exhausting viewpoint. AI is powered by open source.

I saw that one and cobalt.tools. I liked cobalt better, but cobalt is currently broken. Honestly, I mostly just wanted a different style UI.

huh. could have sworn it was in there. Sorry! https://github.com/TechSquidTV/Hermes