Dependencies
Visual Studio Code
Rationale VSCode is the code editor used by Fluid Attacks' engineering team. The main reasons why we chose it over other alternatives are: It is Open source. It is a modern code editor. It supports thousands of extensions, making it very flexible. It ...
Docker
Rationale Docker is the containerization tool used by Fluid Attacks' infrastructure. The main reasons why we chose it over other alternatives are: It is Open source. It is the most popular containerization tool in the market. GitLab CI and AWS Batch ...
Hypercorn
Rationale Hypercorn is the web-server used by Fluid Attacks' Platform. The main reasons why we chose it over other alternatives are: It is Open source. It has full asynchronous programming support, which is critical for performance. It supports both ...
Ariadne
Rationale Ariadne is one of the main libraries used by Fluid Attacks' API. The main reasons why we chose it over other alternatives are: It is Open source. It is built for GraphQL, the query language the API uses. It supports Asynchronous ...
Tree-sitter
Rationale Tree-sitter is the core library used by Fluid Attacks' scanner. It is critical for reporting Static Application Security Testing (SAST) vulnerabilities to our clients. The main reasons why we chose it over other alternatives are: It is Open ...
Starlette
Rationale Starlette is the backend framework we use for our Platform. The main reasons why we chose it over other alternatives are: It is Open source. It is a high-level framework that reduces cognitive complexity for developers by providing things ...
React
Rationale React is the main frontend library we use. The main reasons why we chose it over other alternatives are: It is Open source. It is a low-level library, meaning that is is highly flexible and powerful at the cost of providing too many ...
GraphQL
Rationale GraphQL is the query language we use for our official API. The main reasons why we chose it over other alternatives are: It is Open source. It provides a very flexible syntax that allows end users to fetch exactly the data they need. It ...
Sops
Rationale Sops is the tool we use for managing most of our organizational secrets like passwords, access keys, PII, among others. It allows us to version encrypted files within our Git repositories in a stateless approach. The main reasons why we ...
Makes
Rationale We use Makes as a wrapper over Nix in order to simplify its usage. Alternatives No alternatives. Usage We use Makes for serving all of Fluid Attacks' software. Guidelines Please refer to the official Makes documentation. Installing Makes ...
Kubernetes
Rationale Kubernetes is the system we use for hosting, deploying and managing our applications. It comprises infrastructure solutions like RBAC Authorization, distributed persistent storage, managing resource quotas, managing DNS records, managing ...
Commitlint
Rationale Commitlint is the tool we use to standardize our commit messages and enforce compliance during CI/CD tests. By using Commitlint, we achieve well-structured commit messages that: Follow a convention Are readable for humans and machines The ...