from Hacker News

We have been polishing ZenStack for the past few months with the community. As it has been successfully used in production by some of our users, we think it’s time to share our beta with you.

ZenStack is built on top of Primsa ORM, extending it with a powerful access control layer that simplifies the development of a web app's backend. By defining authorization policies and validation rules right inside the data schema, your database client can automatically enforce these constraints at runtime.

Why we built this:

Based on our experience developing several commercial SaaS products, we have observed that a significant portion of code is wrapping around the database and providing an access-controlled CRUD API. These boring boilerplate codes are both tedious to write and error-prone to maintain because it is scattered within the codebase.

Utilizing our previous experience with DSL, we created ZenStack to bring the below clear benefits:

    - Centralized access control for better security and maintainability

    - Less code to be written

The core of ZenStack is a transparent proxy around Prisma client which enforces access policies while keeping the APIs unchanged. It allows you to build the backend of new projects faster with minimal TS/JS code, and can also be easily adopted into existing projects.

Some other benefits you can also enjoy:

    - Automatic CRUD APIs - RESTful, tRPC

    - Generating client-side data access libraries (aka hooks) - SWR, TanStack Query

    - A plugin system for 3rd party extension

Finally, ZenStack is not opinionated toward any stack or framework, allowing seamless integration with the entire JavaScript and TypeScript ecosystem.

We are still in the early stages and greatly value your feedback and insights as we strive to build the best DX toolkit for developers.

Website: https://zenstack.dev/

Github: https://github.com/zenstackhq/zenstack

Discord: https://go.zenstack.dev/chat