Packages

Open-source authorization library and cloud service that uses the Polar policy language to define and enforce fine-grained RBAC and ReBAC access control in application code or via a hosted API.

Fast async Python ORM with a focus on type safety and developer experience — supports sync and async usage, generates migrations automatically, and provides a FastAPI/Starlette-native experience. Piccolo features: Table subclasses for models (class Agent(Table): name = Varchar()), query builder API (await Agent.select().where(Agent.active == True).run()), migrations via piccolo migrations new + piccolo migrations run, Piccolo Admin (React-based admin UI), and REST endpoint generation via piccolo_api. Uses asyncpg under the hood for PostgreSQL. CLI tools for project creation, schema inspection, and migration management. Designed as async-first alternative to SQLAlchemy for modern Python API services.

HTML-first JavaScript framework designed for instant page load times. Qwik introduces 'resumability' — instead of hydrating a React-like app (downloading and executing all JavaScript before interactivity), Qwik serializes component state into HTML and resumes execution lazily in the browser only when needed. This achieves near-zero JavaScript on initial load. Created by Builder.io (Miško Hevery, Angular creator). Qwik City is the full-stack meta-framework (like Next.js for Qwik).

Go plugin for protoc that generates a reverse-proxy server translating RESTful JSON API calls into gRPC calls. Add HTTP annotations to .proto files and grpc-gateway generates a REST endpoint that proxies to the gRPC service. Also generates OpenAPI 2.0/3.0 docs. Used when you need both gRPC (for microservice-to-microservice) and REST (for public APIs, browsers) from the same service definition.

AWS-native Python microframework for building serverless applications on Lambda, using Flask-like decorator routing (@app.route) with automatic IAM role generation and native integrations for DynamoDB, SQS, S3, and SNS events.

LLM evaluation platform that combines dataset versioning, prompt management, LLM-as-judge scoring functions, and real-time tracing under a projects/experiments/datasets hierarchy with CI pipeline integration via CLI.

Converts text to lifelike speech with voice cloning capabilities, supporting 29 languages with streaming audio output.

Ultra-minimalist Python WSGI/ASGI REST framework using a Resource class pattern with responder methods (on_get, on_post), optimized for low overhead and high request throughput.

High-scale, cost-efficient distributed tracing backend from Grafana Labs. Tempo stores traces directly in object storage (S3, GCS, Azure Blob) with no indexing — making it dramatically cheaper than Jaeger or Zipkin for high-volume trace storage. Integrates natively with Grafana for trace visualization and supports trace-to-log and trace-to-metric correlation. Accepts OTLP, Jaeger, Zipkin, and OpenCensus trace formats. Designed as the tracing component of the Grafana LGTM stack (Loki + Grafana + Tempo + Mimir).

Lightweight Python task queue library backed by Redis (or SQLite/in-memory) for running background jobs, periodic scheduled tasks, and distributed work queues. A simpler alternative to Celery for Python projects.

A development framework for building enterprise-grade MCP servers by automatically converting FastAPI endpoints into AI-callable MCP tools, with dependency injection, service interface separation, and built-in testing support.

Modal is a serverless Python cloud compute platform that lets agents deploy and invoke Python functions (including GPU-accelerated ML workloads) as scalable serverless endpoints, batch jobs, and scheduled tasks — without managing infrastructure.

Multi-cloud serverless deployment framework that packages and deploys Lambda, Azure Functions, and GCP Cloud Functions via serverless.yml configuration.

Cloud-agnostic framework for running LLM workloads, AI training, and batch jobs across any cloud (AWS, GCP, Azure, Lambda Labs, RunPod, and more) with automatic spot instance provisioning, failover, and cost optimization. SkyPilot abstracts cloud-specific APIs behind a simple YAML task definition and CLI — launch GPU jobs on the cheapest available cloud, automatically retry on preemption, and mount storage from any cloud. Developed at UC Berkeley SKY Computing Lab.

Node.js library for parsing form data and file uploads. Handles multipart/form-data and application/x-www-form-urlencoded request bodies, writing uploaded files to disk or keeping in memory. Supports progress events, file size limits, file type validation, and streaming. The standard solution for file upload handling in Express.js applications alongside multer.

CTF exploitation framework and binary interaction library for Python — provides tools for writing exploits, interacting with processes/sockets, and binary analysis. pwntools features: process()/remote() for process/socket interaction, tubes with send()/recv()/recvuntil()/sendlineafter(), ELF() for binary analysis (symbols, got, plt, bss), ROP() for return-oriented programming chain building, shellcraft for shellcode generation (shellcraft.sh()), asm()/disasm() for assembly, cyclic() for de Bruijn pattern generation, p32()/p64()/u32()/u64() for packing, context for architecture setting, and logging. Standard tool for CTF competitions and authorized penetration testing binary exploitation.

Python dependency vulnerability scanner — checks installed packages against a database of known CVEs and security advisories. safety features: safety check for scanning requirements.txt or installed packages, safety scan for project-level scanning, JSON/text output formats, --continue-on-error for CI pipelines, --ignore for known safe CVEs, PyPI Safety DB (free) and Safety DB Pro (authenticated), integration with pip-audit and CI systems, CVSS scores, fix recommendations, and GitHub Actions support. Identifies packages with known security vulnerabilities before deployment.

Serverless interactive SQL query service that executes queries directly against data in S3 using Presto/Trino, charging per TB of data scanned.

AWS Step Functions REST API — serverless workflow orchestration service enabling agents to define, execute, and monitor state machines that coordinate AWS services (Lambda, ECS, DynamoDB, SQS, etc.) with built-in error handling, retries, and parallel execution.

Collect, store, query, and alarm on metrics and logs from AWS services and custom applications, providing unified observability across the AWS environment.