Call for contributors, testers & feedback on Watchflow – Agentic GitHub Guardrails

Meet Watchflow - Agentic Github Guardrails!

It’s early-stage and not yet production-hardened, but it’s already functional and covers key features especially around workflow governance.

We’d love help from the community - whether you want to:

* Contribute code (Python, LangChain/LangGraph)
* Test workflows and share feedback
* Explore GitHub protection rules and governance in plain language

You can define GitHub protection rules in natural language and enforce them in real time via YAML. We’re eager to hear from solo devs, teams, or anyone curious about workflow guardrails.

https://github.com/warestack/watchflow
https://watchflow.dev/

https://redd.it/1n1c3k8
@r_opensource

16 Open-Source alternatives to LambdaTest Kane AI for affordable browser testing
https://bug0.com/blog/16-open-source-alternatives-to-lambdatest-kane-ai-for-affordable-browser-testing

https://redd.it/1n1eq45
@r_opensource

Why Open Source API Testing Tools Are Gaining So Much Momentum?

In recent years, developer processes to test and ship software have been evolving rapidly. In the past, large enterprises utilized commercial, expensive proprietary suites for testing software; we are now seeing an emergence of open source API testing tools, which is not just about saving money.



There are a few reasons why they are on the rise:

Community driven: Open source tools are improved consistently by thousands of contributors across the world. Bugs are fixed quickly, integrations are added rapidly, and capabilities are developed faster than a vendor could ever deliver.

Transparency & Trust: Since source code is publicly accessible, teams can trust and validate what is under the hood, this is significant especially concerning security and compliance.

API First: In a world where product development and architecture prioritizes micro services or API first, testing APIs at the level of performance testing, contract testing, or uptime monitoring becomes more mission-critical. Open source tools shine in these aspects because they evolve the fastest in this environment.

Value and Flexibility: Instead of being beholden to a vendor's ecosystem, dev teams can evolve open source tools with their stack as they scale.


What's also cool is that open source projects are not just closing the gap -- in many cases have become even better, more reliable and easier to use than the proprietary options. Many modern day QA teams are blending open source frameworks (like Playwright, Cypress or Postman's open tooling) with lightweight AI powered helpers for test generation and self-healing, taking repetitive tasks off their plates.

Again, it leads to the larger question: as automating software testing becomes more prevalent, and open source tooling is advancing at such a rapid pace, could we be at a point where community-built products establish standards for enterprise-grade software testing?

I'd love to hear from folks here:

1. Are you using open source tooling for testing APIs?
2. What has been the impact, if any, on the reliability and speed of the testing for your teams?
3. Where do you still find proprietary tooling to have an advantage?

https://redd.it/1n1g8rb
@r_opensource

http-shadower: open source app to replicate production traffic to lower environments

Just wanted to share a small project that I built in case it is useful for anyone.

https://github.com/MugenTwo/http-shadower

HTTP Shadower is a Spring Boot application that intercepts production HTTP requests and intelligently forwards them to multiple environments (DEV/ITG/STAGE) while ensuring your users always receive responses from your production system.

Common Use Cases
1. Staging Environment Validation.
Forward 100% of production API traffic to your staging environment to ensure it handles real-world scenarios before deployment.

2. New Feature Testing.
Deploy new features to a separate environment and shadow production traffic to validate behavior without risking user experience.

3. Database Migration Testing.
Test database schema changes against real query patterns by forwarding production traffic to environments with new database structures.

4. Load Testing with Real Patterns.
Use actual production traffic patterns and volumes to load test your infrastructure instead of artificial load testing tools.

5. API Version Compatibility.
Ensure new API versions are compatible with existing clients by forwarding real client requests to both old and new API versions.

https://redd.it/1n1hp26
@r_opensource

Decentralized Operating System

Hey guys, I've been working on a new protocol called the Marketplace which is a decentralized operating system that co-ordinates and economizes the execution of computational work across a peer-to-peer network of nodes. Where there is no barrier to the node participation.

Unlike proof-of-work systems, where nodes burn large amounts of energy to solve "non-useful" puzzles, the Marketplace organizes a peer-to-peer market of computational trade where nodes offload useful computational work called "jobs" directly to each other and pays in the system's native cryptocurrency, goldcoin(GDC). Effectively redirecting energy into real economic growth.

Security without "Staking" is achieved using Proof-of-Capability (PoC), a new "sybil-resistant" mechanism that selects and incentivizes a small committee (“whiterooms”) to validate and reach consensus on the result of jobs without boggling down the entire network with redundant execution. This allows the amount of jobs handled in parallel to scale directly with the amount of nodes on the network analogous to an OS on a multi-core device.

Real utility then comes from the "services layer" where nodes can compose stalls(modular services) into larger digital structures(e.g websites), and execute them regardless of size in near constant time by taking advantage of the parallel execution environment of the marketplace. The system’s monetary policy dynamically adjusts issuance such that price of execution is constant regardless of network load.

Whitepaper (PDF):

https://github.com/bajoescience/Marketplace/blob/master/Whitepaper.pdf

I’d appreciate feedback on the design, especially on consensus security and

the economic model, Thanks.

https://redd.it/1n1jc7i
@r_opensource

How do I implement a custom log storage system? something similar to grafana loki

I am building a software system and one of the features it requires is log storage and having the ability to query those logs, just like Grafana loki does. Do to organisation policy, using Loki or any external log storage system is not an option.

Anyone have an idea on how i can do this?

https://redd.it/1n1g29f
@r_opensource

Testing waters: what do you think of my open source karting project?

Hello,

I have recently started an open source project, more specifically a karting game similar to Mario Kart (arcade physics, items, etc.). I know that Super Tux Kart exists, but wanted to create my own, experimenting with game design.

The most prominent characteristic is that all races are based off Open Street Map. Which means you race into existing places reconstructed and remodeled using topologic and OSM data.

I'll continue working on it because it is fun and extracts me a bit off life chaos, though probably less as I also have another project to maintain (that I need for myself to be updated).

I was just curious about what people think of the idea. Notably to know if developing multiplayer is worth the hassle if I'll ever be playing alone.

There is only a Windows build for now but I want to support Linux and Android as well. Still, it is a Godot project, so it should be easily run from source.

I am also open to feedback regarding the overall project structure.

Repo: https://github.com/Picorims/open-street-kart
Video: https://youtu.be/keJRGv7oMgU

Thanks for reading.

https://redd.it/1n1mz45
@r_opensource

I built an open-source CSV importer that I wish existed

Hey y'all,

I have been working on an open source CSV importer that also incorporates LLMs to make the csv onboarding process more seamless.

At my previous startup, CSV import was make-or-break for customer onboarding. We built the first version in three days.

Then reality hit: Windows-1252 encoding, European date formats, embedded newlines, phone numbers in five different formats.

We rebuilt that importer multiples over the next six months. Our onboarding completion rate dropped 40% at the import step because users couldn't fix errors without starting over.

The real problem isn't parsing (PapaParse is excellent). It's everything after: mapping "Customer Email" to your "email" field, validating business rules, and letting users fix errors inline.

Flatfile and OneSchema solve this but won't show pricing publicly. Most open source tools only handle pieces of the workflow.

ImportCSV handles the complete flow: Upload → Parse → Map → Validate → Transform → Preview → Submit.

Everything runs client-side by default. Your data never leaves the browser. This is critical for sensitive customer data - you can audit the code, self-host, and guarantee that PII stays on your infrastructure.

The frontend is MIT licensed.

Technical approach

We use fuzzy matching + sample data analysis for column mapping. If a column contains @ symbols, it's probably email.

For validation errors, users can fix them inline in a spreadsheet interface - no need to edit the CSV and start over. Virtual scrolling (@tanstack/react-virtual) handles 100,000+ rows smoothly.

The interesting part: when AI is enabled, GPT-4.1 maps columns accurately and enables natural language transforms like "fix all phone numbers" or "split full names into first and last". LLMs are good at understanding messy, semi-structured data.

GitHub: https://github.com/importcsv/importcsv 
Playground: https://docs.importcsv.com/playground 
Demo (90 sec): https://youtube.com/shorts/Of4D85txm30

What's the worst CSV you've had to import?

https://redd.it/1n1nbub
@r_opensource

WebLibre: The Privacy-Focused Browser
https://docs.weblibre.eu/

https://redd.it/1n1eow7
@r_opensource

We Built It, Then We Freed It: Telemetry Harbor Goes Open Source
https://telemetryharbor.com/blog/we-built-it-then-we-freed-it-telemetry-harbor-goes-open-source/

https://redd.it/1n1r6ru
@r_opensource

PasteVault - encrypted paste sharing with pretty editor
https://github.com/arc53/pastevault

https://redd.it/1n1tyho
@r_opensource

G'MIC 3.6 : The Art of Polishing Your Images !
https://gmic.eu/gmic36/

https://redd.it/1n1tw6t
@r_opensource

Made a Terminal Based Typing Speed Test
https://github.com/arjunsharmahehe/FastFingers

https://redd.it/1n1wmdv
@r_opensource

Modular, open source Pi 5 desk companion and voice assistant — Companion, TheCube

# Hello All!

I wanted to share a project I’ve been working on for a while now: *Companion, TheCube* — a **desktop assistant powered by Raspberry Pi 5**. It’s designed as a desk companion that’s part productivity tool, part entertainment, and part “weird little friend.” I'm developing the software in the open, and the entire project is (or will be) opensource under the MIT license. See the links at the bottom of the post.

# Under the hood:

* **Pi 5 with up to 16GB RAM**
* **4" 720x720 LCD touchscreen**
* **mmWave presence sensor** (detects when you’re at your desk)
* **Wi-Fi + Bluetooth 5.0**
* **Stereo mics + speaker**
* **NFC support** for quick setup & expansion
* **Expansion ports** (HDMI, USB, I²C, SPI, UART, CAN bus, CSI/DSI, etc.)
* Stackable design with magnets + alignment nubs

It’s completely open source and modular. The idea is that you can tinker with both the hardware (print your own toppers, build expansion modules) and the software (write your own apps, modify the “personality sliders” that change how it interacts with you).

Right now I’ve got a working prototype — it boots, handles voice input, runs apps, and manages sensors. Next steps are polishing the app ecosystem and prepping for a Kickstarter launch.

# Software Stack

I’m building a **Linux-based core** on the Pi 5:

* **Raspberry Pi OS** Lite based
* **C++ Core** with JSON-RPC for app communication
* **App system**: each app runs sandboxed, communicates with the Core over a Unix socket
* **Voice pipeline**:
* Wake word → \[OpenWakeWord\]
* Speech-to-text → Whisper.cpp (local, efficient)
* Intent parsing → Function Registry (in development)
* TTS → local engine (cloud fallback optional via “TheCube+”)
* **Display rendering**: SDL2 (migrating from SFML) for smooth animations, character rendering, and UI
* **Notification system**: subscribes to calendar, email, and system alerts via Core APIs

The first “Hello World” I’m aiming for: say *“Hey Cube”*, it prints the trannoscript to the console, then displays a text bubble back on screen. From there, I’ll start layering in apps (Pomodoro timer, hydration reminders, simple games).

# Personality Layer

This is what makes TheCube more than “yet another Pi gadget.” You can adjust **personality sliders**:

* Playfulness
* Cheekiness
* Empathy
* Seriousness
* Responsiveness

Examples:

* High cheekiness → playful banter in responses.
* High empathy → Cube softens reminders if you sound stressed.
* Low responsiveness → Cube stays quiet unless it really needs your attention.

I’m also working on **character themes**:

* Default Cube face (two eyes + a mouth line)
* “Geo” (morphing geometric shapes)
* “Rawr” (low-poly dinosaur that cheers when you finish tasks)
* “Lil Flame” (a flickering flame that motivates and celebrates wins)

So depending on your mood, your Cube could be a calm mentor, a cheeky desk pet, or a productivity drill sergeant.

# Why Share Here?

This is still in **prototype stage**, but it’s already booting, running wake word + Whisper.cpp, and handling display animations. I’m now pulling together the app layer.

Since this is a Pi-based build, I figured this sub would have great feedback on:

* **Software architecture** — are there Pi libraries I should be leaning on more for display/audio?
* **Expansion ideas** — what ports or add-ons would you want in a modular Pi-based desk companion?
* **Community hacks** — what would you build if you had one of these on your desk?

The code is open source and available on Github. Design files will be posted there as well (I'm still working on finalizing the design). My hope is that this becomes not just a product but a **hackable platform** people can tinker with, mod, and extend.

# Links:

Github: [https://github.com/Companion-TheCube](https://github.com/Companion-TheCube)

Draft product page: [https://www.companionthecube.com/shop/companion-thecube-158](https://www.companionthecube.com/shop/companion-thecube-158)

Happy to answer questions or share technical

details if anyone’s curious.

https://redd.it/1n1wdbm
@r_opensource

Blindfold Chess Trainer
https://www.sansvoirchess.com

https://redd.it/1n1xpc5
@r_opensource

MysticJourneyAlpha: Text-based Java Game with Multiple Choices and Endings (Open Source)

Hi everyone! 👋



I'm a computer science enthusiast, and in my free time, I enjoy creating small projects.



I recently developed **MysticJourneyAlpha**, a text-based Java game where players face a series of choices, collect items, earn points, and follow an engaging adventure.



This is the Alpha version, designed to be expanded by the open-source community.



**Main Features:**

\- Main menu with options: language selection (Italian / English), resume saved game, new game, exit

\- Point system with detailed explanation for each choice

\- Save game anytime by pressing `<` during gameplay

\- Inventory and key choices saved to influence the ending

\- Multiple endings based on points and collected items

\- Fully bilingual: Italian and English



**GitHub Repository:** https://github.com/alessandromargini/MysticJourneyAlpha



**How to Compile and Run:**

```bash

rm MysticJourneyAlpha.java

nano MysticJourneyAlpha.java

javac MysticJourneyAlpha.java

java MysticJourneyAlpha





I would love to receive feedback, ideas, and contributions! Feel free to fork, open issues, or submit pull requests! 💡



Thanks! 🙏

https://redd.it/1n21006
@r_opensource

Open Source Is Europe’s Digital Fabric
https://ec.europa.eu/newsroom/informatics/items/896277/en

https://redd.it/1n239rh
@r_opensource

Android's Open-Source Dream Turning Nightmare?

Hey r/opensource,

I've been a FOSS advocate for years—started contributing to Linux projects back in the day, and Android's open-source roots (hello, AOSP!) were a big reason I stuck with it over iOS. But man, watching Android morph from an open playground to this locked-down fortress has been disheartening. It's like the spirit of open source is getting squeezed out by corporate security excuses. I did a ton of research on the changes from 2022 to now (August 28, 2025, for reference) and threw together this mega post on how Google and OEMs like Samsung are restricting user freedom. It's long, but if you're into open-source mobile tech, OS transparency, or just ranting about walled gardens, dive in. Sections, timeline, pros/cons, and FOSS alternatives at the end.

**TL;DR:** Android, built on open-source AOSP, is closing up shop—bootloader locks, sideloading hurdles, and internal dev shifts are hurting devs, customization, and the FOSS ethos. Security gains vs. openness losses: necessary trade-off or betrayal of open-source principles? Thoughts?

# Intro: Android's Open-Source Dream Turning Nightmare?

Android launched in 2008 as the ultimate open-source mobile OS—Linux kernel, AOSP for anyone to fork and hack. It sparked a golden era of custom ROMs, community contributions, and real user ownership. Fast-forward to 2025, and it's powering \~72% of global phones. But Google's tightening the reins with "security" updates that feel anti-FOSS. Bootloader lockdowns, mandatory dev verification, and AOSP going semi-private? It's like they're building a moat around what was once our shared codebase.

These shifts hit open-source hard: less transparency, barriers for indie devs, and a push toward proprietary ecosystems. Google claims it's anti-malware (sideloaded apps 50x riskier, they say) and reg compliance (EU's RED directive, etc.). But FOSS purists see it as control grab, stifling innovation and forking freedom. Sourced from Google devs' blogs, XDA, Reddit (r/android, r/fossdroid), Ars Technica, and more. Let's unpack—by timeline and impact. Miss anything? Comment!

# 1. Bootloader Lockdown: Forking Freedom Under Threat (2022–2023+)

In open-source land, bootloaders are key to forking and modding. Unlocking used to mean easy access to custom kernels, ROMs, and contributions. Samsung's leading the charge to shut that down.

# 1.1 The Lockdown Chronology

* **2022 Beginnings:** US carrier Galaxy S22 models first—no unlocks for carrier "security" and warranty BS. Spread quick.
* **2023 Global Push:** Z Fold 5, Flip 5, S23 locked worldwide. "Unlocked" buys? Still nope. Odin flashes for international firmware became the hacky workaround, but bricking risks high.
* **2024-2025 Peak:** One UI 8 (Android 16) axes the OEM unlock toggle on Z Fold 7, Flip 7, etc. EU RED directive (Aug 1, 2025) bans unlocks there for cybersecurity; Samsung globalizes it.
* **Broader Trend:** Pixels still unlockable (warranty void, feature glitches). Asus kills unlock tool '23. Realme follows. Fairphone resists, staying FOSS-friendly.

Tried unlocking my old S23—got wiped-data warnings and bailed. Feels un-open-source.

# 1.2 Open-Source Implications

Verified Boot enforces signed code only, good vs. malware but kills forking. No unlocks mean:

* **Custom ROM Blocks:** Can't contribute to or run LineageOS forks for extended support. Official updates max 7 years; FOSS ROMs extend life.
* **Rooting Gone:** No Magisk for deep hacks, hurting open-source tool dev.
* **Community Damage:** XDA devs lament: "Locks killing open-source ROM ports."

It's anti-FOSS: reduces code accessibility, discourages contributions.

# 1.3 Impact on Open-Source Folks

* **Contributors/Devs:** Harder to test forks, port kernels.
* **FOSS ROM Projects:** LineageOS, GrapheneOS support drops for locked hardware.
* **Everyday Advocates:** Devices e-waste faster without open updates.
* **Regional BS:** US carriers enforce; EU regs amplify.

r/fossdroid threads rage: "EU destroying open mobile." X petitions fly.

# 1.4 FOSS

Perspectives

Ars' Ron Amadeo: "Walled garden rising, open-source dying." Security args valid, but why not opt-in for advanced users?

**Case:** S24 One UI 8 locks—FOSS forums explode with brick tales. Samsung: "Safety first."

# 2. Dev Verification & Sideloading Barriers: Anonymity and Indie Devs Suffer (2024–2026)

Sideloading fueled FOSS apps—F-Droid, betas, unsigned code. Google's verification mandate is a gut punch to open distribution.

# 2.1 Rollout Details

* **2024 Setup:** Android 15's "Restricted Settings" adds perm hurdles for non-Play sources.
* **2025 Hammer:** "Elevating Android Security" (Aug 25)—verified devs only for GMS apps, 2026 pilots, 2027 global.
* **Mechanics:** ID registration in Dev Console; no anon APKs. Sideloads = high malware, per Google.

F-Droid could crumble if anon devs quit.

# 2.2 FOSS Ramifications

* **Play Integrity:** Scans sources, blocks unsigned—anti-open distro.
* **Indie Hurdles:** Red tape for small FOSS projects; Play fees push proprietary.
* **Censorship Risk:** Google vetoes "edgy" open-source apps?

Stifles FOSS innovation: privacy tools, experiments harder to share.

# 2.3 Affected Open-Source Community

* **Beta/Experimental Devs:** Sideloading betas tougher.
* **Privacy FOSS Users:** F-Droid's anon model threatened.
* **Global Contributors:** Oppressive regions lose safe anon contribs.

r/opensource: "Anon sideloading dead?" X: Hack shares abound.

# 2.4 Views + Context

TechCrunch: Security kills anon FOSS. Antitrust? Google's closing the open door.

**Case:** 2026 Brazil/Indonesia tests—FOSS apps glitch, devs flee to alts.

# 3. AOSP Internal Shift: Transparency Takes a Hit (2025)

AOSP's the heart of Android's open-source claim—public code for all.

# 3.1 The Change

* **March 26, 2025:** Dev to internal branches; AOSP post-release only. Main branch read-only.
* **Rationale:** Efficiency, no leaks. Affects kernels, device trees.

AOSP "death" rumors false, but access delayed.

# 3.2 Open-Source Fallout

* **Audit/Contrib Delays:** No real-time code—harder forks, security checks.
* **Project Impacts:** GrapheneOS, other FOSS ROMs lag.

Betrays open-source: less collab, more Google control.

# 3.3 Community Hits

* **Forkers/OEMs:** Amazon Fire OS waits.
* **Vibes:** r/opensource: "Blow to mobile FOSS."

# 3.4 Opinions

Android Authority: Streamlines at openness cost.

**Case:** Android 16 (June 2025)—FOSS ports super slow.

# 4. Security Upsides: FOSS Trade-Off?

Security boosts justify some, but feel proprietary.

# 4.1 Highlights

* **Play Integrity (2024-25):** Mod detection.
* **OTP/Screens (2025):** AI threats.
* **Cellular Warnings:** Dodgy nets.
* **Patches:** Aug 2025 fixes 57 vulns.

Vulns down 17%, per Google.

# 4.2 Open-Source Angle

Good defaults, but blocks FOSS mods.

# 4.3 Thoughts

Helps casual FOSS users; hurts purists.

**Case:** April 2025 zero-days—quick open patches.

# Timeline (2022-2025)

|Year|Key Shifts|
|:-|:-|
|2022-23|Samsung locks S22/S23, Z; EU regs start.|
|2024|Android 15 barriers; Integrity expands.|
|2025|AOSP internal (Mar); Verification (Aug); One UI 8.|

# Openness Gains/Losses

**Losses:**

* Forking/Custom: Locked out.
* Collab: Communities shrink.
* Access: Anon/indie harder.

**Gains:**

* Security: Malware drops.
* Stability: Less hack risks.
* Defaults: Better for newbies.

Table:

|Area|Pros|Cons|
|:-|:-|:-|
|Transparency|Quick patches|Code delays|
|Dev Freedom|Safer contribs|Verification BS|
|Privacy|Built-in guards|Anon loss|

# Community Reactions

r/opensource: Debates on "Android still FOSS?" r/fossdroid: Lock rants.
X: Petitions for open AOSP.

# FOSS Expert Takes

Basanta Sapkota: Control over collab.
Privacy Guides: Alts for true open.

# Cases

* **ROM Decline:** LineageOS skips locked.
* **Pixel FOSS Holdout:** Unlockable, but limited.

# Future: 2026+

Verification global—FOSS antitrust push? EU unlock reversal?

# FOSS Alts: Reclaim Open Mobile

Go pure open:

* **postmarketOS:** Alpine Linux, 250+ devices, eternal support.
* **Ubuntu Touch:** Community FOSS, gestures.
* **Plasma Mobile:** KDE open

custom.
* **More:** Sailfish (open core), Mobian, GrapheneOS (Pixel FOSS).

Trade-offs: Apps sparse, hardware spotty. But 100% open!

# Wrap: Is Android Betraying Open-Source?

This lockdown prioritizes security over FOSS ideals, helping masses but gutting contribs. Open-source wins big picture? Or sellout? Contributed to AOSP lately? Trying alts? Discuss—upvote if resonated! 🚀

Edit: Added sources from comments. Feedback welcome!

https://redd.it/1n25dgo
@r_opensource