A web-based integration platform for wiring third-party APIs together. Register inbound sources, capture sample responses, infer schemas, define row-level transforms in a sandboxed expression language, and distribute results to outbound sinks. Pipelines run on demand or on cron schedules, with retries, a dead-letter queue, and per-run lineage tracking.
// features
- Inbound source registration with live sample capture and schema inference
- Custom CEL-like expression DSL for row-level field transforms
- Encrypted credential vault with OAuth2 client-credentials token management
- Cron-scheduled pipeline jobs with enable, disable, and manual trigger
- Configurable retry with exponential backoff and dead-letter queue
- RBAC across admin, builder, operator, and viewer roles
- Server admin UI for endpoint toggles, SSL, UFW firewall, and security audit
// interesting details
- Ships its own hand-written AST parser and evaluator for a sandboxed CEL-like transform language, with deterministic, timeout-enforced execution.
- AES-256-GCM envelope encryption for credentials at rest. Transaction logs only store payload hashes plus secret references, never raw values.
- Bundled Python infrastructure scripts (deploy.py, harden.py, server_ops.py) provision Ubuntu 24.04 boxes with Let's Encrypt and a 15-step hardening pass that can be rolled back step-by-step from the admin UI.
- Single Knex migration set targets both SQLite (local) and PostgreSQL 16 (prod), so the same codebase runs without Docker for development.
// tech stack
TypeScript
Node.js
Express
Knex
PostgreSQL / SQLite
Zod
node-cron
JWT + bcrypt
React 18 + Vite
Python (deploy / hardening scripts)
Want to collaborate on qubicrelay?
The repo is private — drop a note and tell us what brought you here.