Scott you're so likable when you get super excited about something. I'm so excited to use Zero and React Native together. Can wait for Xmas break from work
Wow, Scott. Thank you so much ❤. I didn't expect this! PS: - early on - if you set the repeat rate of your keyboard higher it goes even faster 🙃 - at 9:40, we have an `upsert` method :). - at 10:00, PK doesn't need to be an array in the common case where its a single field
Thanks so much, Scott! We also have a Discord where people can come ask questions, get help, etc. Let me know if you want to add this to the links in the description.
This looks awesome! Very curious about advanced permissions, like hierarchical stuff, and performance at extreme cases. We built our platform using Yjs, and permissions and performance edge cases in prod have always been the trickiest part.
Been waiting for this to drop - really hyped by this. Also loving your lead on local first - so great to be talking about exciting things in the web space, rather than the topic being about which framework is better (yawn)
I didn't see any reference to the source How do we validate that even as self hosted with docker, it doesn't dial home. Ive got extremely condifential data app fhat would be great to use this with
Wow, this sounds amazing. I wanted to try to recreate something like that next week, this is perfect timing, I'll give it a try. The implementation looks amazing, I could see a lot great services wanted to "bind" to Zero (👋 Supabase, I bet they are already working on it). Thank you so much for the discovery. This December is full of nice stuff for us devs. Also, your eyes looked a bit watery, I hope it's just a lighting thing, and that you're healthy. Take care Scott, happy holidays
How does this solve the issue which makes Firebase auth difficult to use? If I'm an user then take the jwt from network tab, then try and query your zero service, what's stopping me from request things I shouldn't have access to? e.g. request someone else's personal details?
A few things: 1. Zero permissions use ZQL, a full query language. Firebase's are more a configuration language and a lot more limited. If you've used Postgres RLS, Zero permissions are closer to that than Firebase rules. 2. In some ways this kind of system is _more_ secure, because you think about access at the level of invariants not procedural code. So you don't have to re-implement security in every endpoint, you do it once in a common location. It's also a less common way for devs to think about permissions though, so there is a tradeoff. 3. Zero doesn't currently have column permissions - if a user has access to a row they get the full row. So like if you have `user.address` and user A has access to user B, user A will see user B's address. This is just an alpha thing and will be fixed. And we will default this to closed, so that you have to open each column specifically. 4. The permission system is still in development and we have some new ideas percolating for beta that I think will really improve it.
I haven't used Convex but I know people love it. This does less than Convex in terms of overall features but this has a very novel way of syncing and loading data to be so fast. Zero is something you'd pick if you want to control and work with your own db.
![Lp. Сердце Вселенной #60 РОЖДЕНИЕ ЛОЛОЛОШКИ [Финал] • Майнкрафт](http://i.ytimg.com/vi/YoR0pAV9FVQ/mqdefault.jpg)
Scott you're so likable when you get super excited about something. I'm so excited to use Zero and React Native together. Can wait for Xmas break from work
You should check out the “One” framework. It’s Zero + RN and a lot of good stuff.
is that an agents of shield reference in the wild
Thanks Scott! I'd be excited to see more of Zero in conjunction with Sveltekit and Coolify! ;) Thanks again for your great content
Same, the stack of my dreams! With drizzle and a self hostable backend like Supabase. The perfect web app!
Wow, Scott. Thank you so much ❤. I didn't expect this!
PS:
- early on - if you set the repeat rate of your keyboard higher it goes even faster 🙃
- at 9:40, we have an `upsert` method :).
- at 10:00, PK doesn't need to be an array in the common case where its a single field
Thanks so much, Scott! We also have a Discord where people can come ask questions, get help, etc. Let me know if you want to add this to the links in the description.
This looks awesome! Very curious about advanced permissions, like hierarchical stuff, and performance at extreme cases. We built our platform using Yjs, and permissions and performance edge cases in prod have always been the trickiest part.
Hopefully the drizzlezero translation comes soon, would be awesome!
This look super promising, keeping an eye out for zero
is "Drop In" the name of the product? If not what is it and where is the link?
github.com/stolinski/drop-in Not really a product but a starter I’ve been using for myself. Now that Zero is in alpha I can develop in public
Been waiting for this to drop - really hyped by this. Also loving your lead on local first - so great to be talking about exciting things in the web space, rather than the topic being about which framework is better (yawn)
This was great! Please keep the zero / local-first content coming!
Def more coming.
This is awesome, I'm looking forward to the beta release! Thank you for reviewing.
I didn't see any reference to the source
How do we validate that even as self hosted with docker, it doesn't dial home.
Ive got extremely condifential data app fhat would be great to use this with
Repo is here if you want to paw through it. github.com/rocicorp/mono
I build my offline first apps in a service worker. So, my front end never touches the db. Would this work in a service worker?
Good question.
Would love to see tutorials on this with Svelte. Thanks for your work, this looks amazing.
Wow, this sounds amazing. I wanted to try to recreate something like that next week, this is perfect timing, I'll give it a try.
The implementation looks amazing, I could see a lot great services wanted to "bind" to Zero (👋 Supabase, I bet they are already working on it).
Thank you so much for the discovery. This December is full of nice stuff for us devs.
Also, your eyes looked a bit watery, I hope it's just a lighting thing, and that you're healthy. Take care Scott, happy holidays
All good, def healthy, possibly lighting. Thanks for the concern though. 😀
How does this solve the issue which makes Firebase auth difficult to use? If I'm an user then take the jwt from network tab, then try and query your zero service, what's stopping me from request things I shouldn't have access to? e.g. request someone else's personal details?
There are “select permissions” zero.rocicorp.dev/docs/permissions#select-permissions that give you control over who can select what.
How is this an issue with Firebase? 🤔 RLS and rules solve this (same for Supabase, etc)
A few things:
1. Zero permissions use ZQL, a full query language. Firebase's are more a configuration language and a lot more limited. If you've used Postgres RLS, Zero permissions are closer to that than Firebase rules.
2. In some ways this kind of system is _more_ secure, because you think about access at the level of invariants not procedural code. So you don't have to re-implement security in every endpoint, you do it once in a common location. It's also a less common way for devs to think about permissions though, so there is a tradeoff.
3. Zero doesn't currently have column permissions - if a user has access to a row they get the full row. So like if you have `user.address` and user A has access to user B, user A will see user B's address. This is just an alpha thing and will be fixed. And we will default this to closed, so that you have to open each column specifically.
4. The permission system is still in development and we have some new ideas percolating for beta that I think will really improve it.
@@AaronBoodman thanks for the detailed explanation.
What about window functions like total questions? Or total bugs? Does it have to pull all of them to get it? Also React Native?
Hi Scott and thanks.
I would like to see a tutorial for Zero Sync
On the way 🫡
So they finally released! After having me hyped for months !
Been waiting for this day, just so I could spill the beans on how good it is
Wonderful ! I'm interested by local first video, thanks !
Thanks Scott, how this compare to convex (I know the local part and postgres integration)
I haven't used Convex but I know people love it. This does less than Convex in terms of overall features but this has a very novel way of syncing and loading data to be so fast. Zero is something you'd pick if you want to control and work with your own db.
lofi gang taking over '25 and beyond
Louder than the other day, still too quiet. Maybe a compressor/limiter would help?
it's plenty loud for me...
This is compressed and normalized. Should be the appropriate volume.
Please build something with this I will try to replicate the process by myself.
I'm 3 minutes in, and still have no idea wtf this thing even is... I've heard "platform" 100 times, and have no idea what that's meant to mean here.
I just wanted to say it. First comment lol
Swxind to comment 😢