Tools & Libraries

18 Jul, 2025

⚠️ Entries marked with "⚠️" are of questionable quality and provided for reference only (or because no better alternative exists).

😤 Entries marked with "😤" are OK but have severe issues. There are no better alternatives

Generic

• direnv: per-directory environment variables (e.g. $PATH)
• just: command runner/Makefile alternative
• latch-acme: in-house Let's Encrypt bot. This maintains certificates stored in AWS SecretsManager. A daemon needs to run on the actual server to periodically re-download the certs.
• OpenResty: NGINX + Lua
  • pgmoon: Lua Postgres client
• precommit: git commit hooks
• 😤 SysBox: container runtime exposing extra syscalls by checking & translating them in eBPF. Docker bought their company and this is basically on basic maintenance only. Support only answers extremely basic questions
  • sysbox-eks-ami: in-house EKS-compatible AMI hosting SysBox
• PostGraphile: GraphQL API for Postgres databases
• 😤 DataDog: least shit OpenTelemetry provider. They have good support
• ⚠️ Pulumi: infrastracture-as-code. Inherits all of Terraform's problems, but at least you don't have to deal with their idiotic DSL/package infrastructure
• AptaKube: Kubernetes dashboard/admin UI
• ObjectiveFS: S3-based distributed file system. This thing is magic though it has severe performance failure modes. Really good support
• 😤 Envoy: proxy server. The configuration is horrifying YAML-encoded protobufs or something like that but the core is good
• DuckDB: tabular data, data analysis, embedded database. Extremely fast and usable

Python

Tools

• uv: package manager
• ruff: linter, formatter
• basedpyright: pure LSP version of Pyright + Pylance for use outside of VSCode (also better in minor ways). Wish they'd rename it

Libraries

• uvloop: asyncio runtime
• hypercorn: HTTP server (ASGI)
  • latch-asgi: in-house ASGI framework
• aiohttp: asyncio HTTP client
• 😤 aiobotocore: AWS API client. We stay away from boto (as opposed to botocore)
  • types-aiobotocore: type definitions for the above
  • ⚠️ latch-aws: in-house wrappers
• psycopg3: Postgres API client
  • latch-postgres: in-house wrappers
• lightkube: Kubernetes API client. Stay far away from the official client
  • kr8s: less transparent alternative
• latch-data-validation: in-house JSON validator/deserializer
• latch-config: in-house config environment variable reader
• hypothesis: property-based testing
• ⚠️ latch-o11y: in-house OpenTelemetry framework
• tinyrequests: in-house HTTP client pretending to be "requests". Created because urllib3 takes 3 seconds to import in Python development mode
• orjson: faster, more correct JSON parser

JavaScript

Libraries

• zod: JSON deserialization framework
• loro: CRDT framework
• scsv: in-house JSON-in-CVS deserializer
• pretty-ms: time intervals to human-readable strings
• pretty-bytes: byte counts to human-readable strings
• 😤 Apollo GraphQL: query library and cache
• CodeMirror: embeddable code editor
• ⚠️ Immutable.js: immutable/functional data structures

Tools

• fnm: node version manager
• pnpm: package manager
• eslint: linter
• prettier: formatter
  • prettier-plugin-sort-imports: import sorter
• vite: bundler
• GraphQL Codegen: query typing and helper generator

R

Tools

• rig: R interpreter manager
• pak: very fast package manager

Stuff to Avoid

• Kustomize and Helm. Coding in YAML will drive you insane. Use Pulumi
• Terraform. Coding in the DSL will drive you insane. Use Pulumi
• Official Python Kubernetes clients. These have broken/missing types and occasionally weird behavior (might just be buggy)
• GNU Make. Has insane syntax and behaviors. Use Just or just pure bash for command running, use ad hoc build systems (e.g. in Python) for everything else
• Conda. Not very internally consistent and completely inconsistent with "the way things are done" on either the OS or in the programming language. Use package managers either native to your system or to the programming language. If you need some deep cross-language integration use Nix
• Yarn and NPM. Use pnpm, it's much faster
• Webpack. Extremely slow, switching to vite made our dev preview builds more than 10x faster
• R's default package installation methods. EXTREMELY slow. Use pak
• Kubernetes Lens. Does not work at all with the amount of namespaces our clusters have, generally really slow, the built-in terminal breaks a lot. Use AptaKube
• Custom React hook packages. They are basically all universally bad, write your own
• CSS-in-JS solutions. These are all terrible, use CSS modules
• Facebook's React. It's really bloated for what it does, and the synthetic events make life very difficult sometimes. I'd use SolidJS or Preact in new projects
• React Router. Just roll your own, it's really bloated and opinionated for no reason
• Auth0/other OAuth providers. Roll your own or you will end up paying thousands of dollars for some very minor and questionable convenience. Auth0 in particular builds a session system on top of OAuth and expects you to build a second one on top of theirs. Also they have terrible docs
• Okta. EXTREMELY expensive. Quoted us at 125x what we pay for AWS Cognito right now. You also probably don't need it. Also they caused a production outage for us by pulling access to some feature that they were putting behind a paywall, without warning
• AWS RDS. You should really self-host. We had a long outage because an invalid config caused a restart loop which could not be resolved from the outside (tech support had to do it through internal tools). Also limits your access to extensions
• AWS EKS. You should really self-host. Being able to scale the control plane is very important as it turns out. Also if it dies under load (we had a lot of this due to misbehaving custom resource finalizers) you cannot even do anything because you do not have direct access. Ideally you would avoid Kubernetes entirely, but there are really no alternatives (we are building a replacement in-house right now)
• AWS EFS. Really expensive. Run a ZFS-based NFS server. Switch to LustreFS if you really need extremely high durability (beyond regular RAID) or performance (beyond 40 GiB/s of a single instance full of 10 GiB/s NICs)
• Raw pip, pip-tools, PDM, etc. All package managers other than uv are really outdated and slow
• Flake8, pylint, etc. All linters other than ruff are really outdated and slow
• Black, isort, autopep, etc. All formatters other than ruff are really outdated and slow
• Pydantic. Does a lot of random type conversions and generally tries to fit the data to the model at any cost. This is the YAML of Python deserializers. Ideally write your own (see latch-data-validation for an example)
• DataDog's ddtrace. This thing is awful code and does a lot of weird stuff by trying to be smart. You will end up with pretty bad traces. Trace manually with OpenTelemetry SDKs