Has anyone used Keycloak for actual production? I have often thought about it but I stick to Auth0 just because I don't know if Keycloak has a good track record?

I've seen it used in production by larger orgs. The scale where you plan for around 6 months of migration, customization and integration of your legacy zoo with 7 different user account DBs. On one hand, all of these projects were successful and now run it in production. On the other, they all really needed the 6 months to whip it into shape.

Edit: Meaning I would use it if you need to get up and running quickly, but it's a solid foundation to build on long-term.

You might be interested in some of the presentations at KeyConf[0]. You can also get some real world stories from the Reddit[1].

I was at KubeCon EU this year (representing my employer, FusionAuth) and there were lots of folks who were running Keycloak who came and chatted with us.

It's a different set of tradeoffs than Auth0 or other SaaS services. More control, but more responsibility too.

0: https://events.linuxfoundation.org/kubecon-cloudnativecon-eu...

1: https://www.reddit.com/r/KeyCloak/

For what it's worth Authentik has been listing Cloudflare as a customer for a while. Worth a look. There might be something in their blog.

Yes! I used keycloak for multitenant auth and it worked fine - a little dated but functional. Nowadays I'd probably stick to something like Clerk/BetterAuth/Supertokens.

I am not following this obsession with SOTA and benchmark rankings

I have been using DeepSeek and GLMnmodels with OpenCode and Codex and Claudr side by side.

I have not found the Chinese models lacking. I enjoy for coding and like to maintain full control of my codebade and deeply care about the GOF patterns. So I am very stringent in terms of what I want the LLM to code and how to code.

So from my perspective, they are all about the same.

That I agree with, but for more complex autonomous changes the differences are considerable. However, it seems that most models will reach the saturation time in which they will be useful for almost everything and the difference will be in more and more niche and specialized tasks.

This is not your feed.

I appreciate the fact that HN does not have personalized echo chamber aka feeds.

Government overreach is a concern for a lot of HNers; hence this was voted up.

>> Apple has offered products with little value over competitors

My Pixel dropped connections unexpectedly. The battery would barely last till end of day.

Apple hardware is simply better value for the money

maybe writing code is cheap . But writing unit tests that actually test stuff that matters is suddenly so much more important and expensive.

Yeah it's more important, but I think that has become a whole lot cheaper too.

Humans are accountable to each other. Humans can be shamed in a code review and reprimanded and threatened with consequences for sloppy work. Most, humans once reprimanded , will not make the same kind of mistake twice.

> Humans can be shamed in a code review and reprimanded and threatened with consequences for sloppy work.

I had to not merely threaten to involve the Ombudsman, but actually involve the Ombudsman.

That was after I had already escalated several times and gotten as far as raising it with the Data Protection Officer of their parent company.

> Most, humans once reprimanded , will not make the same kind of mistake twice.

To quote myself:

  other people in their own team had already admitted this, apologised to me, promised they'd fixed it, while actually still continuing to send letters to the same non-existent address.

I used to be a big advocate for Salesforce in my organization. And it was really great .. allowing us to deliver new functionality without the usual IT procurement bureaucracy.

Now with cloud maturity and Vibe coders who will get better and cheaper, I think it's possible to replace all the features we use on Salesforce at a fraction of the cost of our Salesforce licensing cost.

counterpoint: why would sales people want to use a different crm each time they job hop every 2-3 years?

FoundationDB Record layer doesn't get much attention here but I have found that all my use cases are satisfied by it.

And I get the benefit of resiliency and DR for free.

If you are a developing for My SQL and you are using Java/kotlin/closure/scala consider this as well.

If I may ask, does the code produced by LLM follow best practices or patterns? What mental model do you use to understand or comprehend your codebase?

Please know that I am asking as I am curious and do not intend to be disrespectful.

And what’s the name of the company? I’m fixing to harvest some bug bounties.

Think of the LLM as a slightly lossy compression algorithm fed by various pattern classifiers that weight and bin inputs and outputs.

The user of the LLM provides a new input, which might or might not closely match the existing smudged together inputs to produce an output that's in the same general pattern as the outputs which would be expected among the training dataset.

We aren't anywhere near general intelligence yet.

Ignoring your last line, which is poorly defined, this view contradicts observable reality. It can’t explain an LLM’s ability to diagnose bugs in code it hasn’t seen before, exhibit a functional understanding of code it hasn’t seen before, explain what it’s seeing and doing to a human user, etc.

Functionally, on many suitably scoped tasks in areas like coding and mathematics, LLMs are already superintelligent relative to most humans - which may be part of why you’re having difficulty recognizing that.

I get your sentiment but a lot of people on this forum forget that a lot of us are just working for the paycheck - I don't owe my company anything.

Do I know the code base like the back of my hand? Nope. Can I confidently talk to how certain functions work? Not a chance.

Can I deploy what the business wants? Yep. Can I throw error logs into LLMs and work out the cause of issues? Mostly.

I get some of you may want to go above and beyond for your company and truly create something beautiful but then guess what - That codebase is theirs. They aren't your family. Get paid and move on

Do you work as a consultant then? I've been with the same employer for a long time, so if my team creates a mess, I get to look at it daily.

Spring AI is fantastic for Java shops. I am assuming Typescript devs will enjoy Mastra just as much .