Quant-UX
Most design tools stop at prototyping; Quant-UX also measures how real users actually perform with the prototype. The visual editor creates prototypes that behave like real apps - functional input widgets, animations, form validation, data binding across screens, and business logic modeled with REST requests and decision elements. Design systems are first-class, with components, design tokens, and master screens; if you design elsewhere, drop in image files or import from Figma. Testing is a shared link or QR code - no installs on the tester's side. Define user tasks up front, and Quant-UX records every session: click heatmaps show where users found (or missed) actionable elements, user journey graphs expose lost users, drop-off charts reveal where tasks stall, and success rates and task KPIs are extracted automatically into a dashboard. An A/B test operator wires two design variants into one prototype and compares task duration, success rate, and interaction counts. In-prototype surveys collect qualitative feedback alongside the numbers, and an AI assistant generates prototype fragments like styled forms on request. The RepoCloud deployment runs the full stack - frontend, backend, and WebSocket server containers over MongoDB - so all test recordings and research data stay on your infrastructure.
Kanboard
"Less is more" is Kanboard's stated philosophy, and the free, MIT-licensed PHP application lives it: drag tasks between customizable columns, enforce work-in-progress limits per column, and slice boards horizontally with swimlanes for releases, teams, or priorities. Tasks carry what matters - colors, categories, subtasks with time estimates, Markdown descriptions, comments, attachments, internal links, and due dates - and move or duplicate across projects in one click. A concise query language filters any board dynamically (assignee, category, due date, description), and saved filters become custom views. The automatic-actions engine kills repetitive triage: on events like column moves or task creation, Kanboard reassigns, recolors, recategorizes, or closes tasks by rule. Around the board sit a calendar, per-project analytics (cumulative flow, lead and cycle time), Gantt view, and time tracking. Authentication spans LDAP/Active Directory, Google, GitHub, GitLab, and reverse-proxy headers; a JSON-RPC API, webhooks for creating tasks from external systems, and a CLI cover integration. A large community plugin catalog adds what core deliberately omits. With no external dependencies, it runs happily on anything from a Raspberry Pi up - translated into 30+ languages.
Silicon Notes
"Somewhat lightweight, low-friction" is how Silicon Notes' author describes the personal knowledge base - written after DokuWiki's editor "drove me mad" and no existing wiki quite fit. The philosophy is that small frequent annoyances compound into cognitive load with no return, so everything here is optimized for frictionless daily use. Notes are written in plaintext Markdown and rendered as clean HTML with Pygments syntax highlighting for code blocks; pages get bi-directional relationships (backlinks), so the knowledge base becomes a connected web rather than a folder tree; and full-text plus title search retrieves anything fast. A table of contents lives in the left sidebar - "where it belongs" - editable while you read without scrolling away. Page history tracks revisions for auditing and rollback, JSON export/import keeps everything portable, and the mobile layout is genuinely usable. The stack is deliberately minimal: Python and Flask with Mistune for Markdown and SQLite for storage - no big frameworks, just a few small dependencies. One honest caveat: there is no built-in authentication, so deploy it behind a VPN, private network, or reverse-proxy auth layer. For a solo engineer's brain, it is exactly enough.
Ackee
Page views, referrers, browsers, and screen sizes - Ackee delivers the analytics developers actually check, from a deliberately minimal Node.js and MongoDB stack that skips both Matomo's weight and Google Analytics' cloud dependency. Its defining constraint is anonymization: no cookies, no unique user tracking, and a multi-step anonymization process that keeps visitors unidentifiable while the aggregate numbers stay useful. In its default anonymous mode Ackee collects no personally identifiable information at all, which means GDPR and CCPA compliance out of the box and no cookie consent banner on your sites. A detailed mode adds screen size, language, and per-visit referrers - still without cookies or fingerprinting. Integration mirrors the Google Analytics pattern: create a domain in settings, drop the generated ackee-tracker snippet into your pages, and data appears in a clean single-page dashboard. One instance tracks multiple domains, and custom events capture button clicks, signups, and conversions. The distinctive engineering choice is the fully documented GraphQL API: everything the dashboard shows comes from that API, so you can query active visitors, average duration, and view statistics programmatically, feed data in from apps and services beyond websites, or build an entirely custom interface on top. If you want bare-minimum analytics with a real API and zero privacy anxiety, this is the tool.
HumHub
Workplace and Yammer's pattern on your own server, with GDPR compliance by construction rather than contract: HumHub is an open-source enterprise social network from Germany. Built in PHP on Yii2, it organizes everything around four concepts. Users get rich profiles with follows and interactions. Spaces are the structural unit - rooms for departments, projects, events, or clubs, with per-Space permissions, notification settings, and email summaries, and operators can auto-map users into the right Spaces. Content covers posts, wiki pages, photos and video, events, and tasks, with multi-level comments, versioning, archiving, moderation reporting, and filterable full-text search across everything. Modules make it a platform: roughly 80 install-and-activate extensions including Calendar, Wiki, Polls, Tasks, Gallery, News, direct-message Mail, OnlyOffice document editing, Advanced LDAP, SAML and JWT SSO, a RESTful API, mass user import, Translation Manager, and a Theme Builder with custom pages - every one optional and toggleable at runtime. That module economy is why HumHub serves such varied deployments: corporate intranets, city governments, universities, political parties, and nonprofits all configure the same core differently. Requirements are a plain LAMP stack - PHP 8.1+ and MySQL/MariaDB - making it one of the easiest community platforms to operate long-term.
Keeper
Work, personal, business, and school calendars at different providers double-book because no one system sees your real availability - Keeper solves that multi-calendar collision problem. Its pull-compare-push sync engine aggregates events from Google Calendar, Outlook/Office 365, iCloud, FastMail, any CalDAV server, or read-only iCal/ICS feeds, and pushes blocking events to one or many destination calendars so time slots align everywhere. The design is deliberately content-agnostic - it syncs timeslots, not titles or descriptions, so a personal appointment shows as busy time on your work calendar without leaking details. Sync logic is clean: events Keeper creates carry a traceable UID suffix, deletions propagate, and orphaned entries are purged automatically. A token-authenticated aggregated iCal feed combines selected calendars into one subscribable URL for Apple Calendar or Thunderbird. An optional MCP server gives AI agents read-only calendar access over OAuth 2.1 - list calendars and query events by date range, with no write capability. Built with Next.js and Bun under AGPL-3.0, the standalone Docker image bundles web, API, cron, worker, Redis, and PostgreSQL in one container, and self-hosting unlocks every Pro feature - unlimited calendars and one-minute sync intervals - for free.
Collabora Office
Real LibreOffice document engineering in the browser: Collabora Online is built by the company employing much of the former SUSE LibreOffice team - not a reimplementation. This deployment runs CODE (Collabora Online Development Edition), the collabora/code server that renders and edits documents entirely server-side while browsers get high-fidelity WYSIWYG output, so layout and formatting survive round-trips that break lesser converters. Four editors ship in one container: Writer for text documents (comments, track changes with comparison and restoration, form handling), Calc for spreadsheets (advanced formulas, macros, pivot tables, per-user sheet views, server-enforced cell protection), Impress for presentations, and Draw for Visio-class diagrams. Format compatibility spans DOCX, XLSX, PPTX, the ODF family, PDF, and dozens more - including Visio and Publisher import. Real-time collaborative editing supports multiple simultaneous editors with visible cursors and commenting. The architectural point: documents are processed on your server and never leave it, which is why Collabora is the engine behind Nextcloud Office and integrates with ownCloud, Seafile, and any WOPI-speaking host - or embeds in your own application via the SDK. An admin console monitors sessions and memory. For organizations that need Google Docs-style collaboration with actual data sovereignty, this is the reference open-source answer.
ExpenseOwl
Log a date, amount, and category; get a clean monthly pie chart and a cashflow strip showing income, expenses, and net balance - ExpenseOwl is expense tracking stripped to what actually matters. The MIT-licensed Go application deliberately is not a budgeting system - no envelopes, no accounts, no double-entry, no bank sync - because its author found tools like Firefly III and Actual too heavy for the simple question "where did this month's money go?" The dashboard makes that question fast: click a pie slice to exclude fixed costs like rent and see discretionary spending clearly, then drill into a chronological table view to inspect or delete individual transactions. Recurring transactions handle salaries and subscriptions automatically, optional tags add a second classification axis, and settings cover custom categories, currency symbol, and a configurable month start date for non-calendar pay cycles. CSV import migrates data from virtually any other tool, and CSV export keeps your data portable. It ships as a self-contained binary and multi-architecture Docker image with zero internet interaction, stores data in flat JSON files by default (PostgreSQL optional), and installs as a PWA on phones. Single-user by design; pair it with an authenticating reverse proxy if exposed publicly.
Thumbor
Born at Brazilian media giant Globo.com, Thumbor answers imaging CDNs like Imgix and Cloudinary with an HTTP service where every image variant is just a URL. Ask for /300x200/smart/your-image.jpg and Thumbor fetches the original, crops and resizes on demand, and caches the result - one source file, unlimited renditions, no batch pre-generation pipeline. The "smart" in the URL is the signature feature: OpenCV-based face detection finds people in the frame and crops around them (no more thumbnails with severed heads), and when no faces exist, feature detection finds visually important corners and computes a weighted center of mass as the focal point. Beyond cropping, a chainable filter pipeline handles brightness, contrast, grayscale, blur, red-eye removal, rounded corners, rotation, watermarks, and format conversion with quality control - applied in order via URL segments. All common image formats work out of the box, and every layer is pluggable: loaders (HTTP, local, S3), storages and result storages (local, S3, Ceph, and community backends), engines, optimizers, filters, and even custom detectors, with the awesome-thumbor list cataloging the ecosystem. URL signing prevents abuse of your processing capacity. Integrations exist for Django, Rails, Node, WordPress, and most frameworks. MIT-licensed, battle- tested for over a decade.
Zipline
ShareX and file uploads, next generation: Zipline is a Node.js/React/PostgreSQL server that turns screenshot sharing and file hosting into something you run yourself instead of renting from Imgur or a paid image host. The core workflow is built around ShareX: generate an .sxcu config from your account settings, import it, and every screenshot or clipboard capture uploads to your domain with a short link copied automatically. Uploads accept any file type, organized with folders and tags, with token-protected uploading, optional password protection, view-limited auto-deletion, image compression, metadata stripping, automatic video thumbnails, and chunked/partial uploads for large files. File URLs come in configurable formats - UUIDs, dates, random alphanumerics, original names, even zero-width spaces. A built-in URL shortener adds vanity slugs, passwords, view caps, and custom domains. Discord embeds are first-class: customize OG metadata titles, descriptions, and colors so links unfurl exactly how you want, and fire fully customizable Discord or HTTP webhooks on each upload. Authentication is serious: OAuth2 (Discord, GitHub, Google, OIDC), TOTP two-factor, and passkeys, with invite-based registration and per-user quotas for shared instances. Storage targets local disk or any S3-compatible backend, a full REST API automates everything, and custom themes plus a PWA round out the experience.
GoToSocial
Mastodon serves single-user and small-community instances poorly; GoToSocial, an ActivityPub server written in Go, was built precisely for them. Where Mastodon demands Ruby, PostgreSQL, Redis, and Sidekiq, GoToSocial is one binary using roughly 250-350 MiB of RAM with SQLite as the default database (PostgreSQL optional) - it runs comfortably on a $5 VPS or a repurposed laptop. The deliberate design choice is having no built-in web client: the server exposes profile pages, a settings panel, and a faithful implementation of the Mastodon API, and you post through the client app you already like - Tusky on Android, Feditext on iOS, Pinafore or Phanpy in the browser. Federation is the point: your instance follows, boosts, and replies across Mastodon, Misskey, Pixelfed, and the rest of the Fediverse, with your identity anchored to your own domain. Safety is a stated focus, with granular per-post visibility and interaction controls, content warnings, custom emoji, hashtag following, domain allow/blocklists, and OIDC login support. Built-in Let's Encrypt provisioning simplifies the mandatory TLS. AGPL-3.0 licensed and in active beta, federating cleanly with the ecosystem's major servers.
Chief-Onboarding
New hires fail from information overload and IT bottlenecks, not lack of goodwill - the observation behind ChiefOnboarding, a free, open-source employee onboarding platform (Django, Celery, PostgreSQL, Redis). Its answer is sequences - drag-and-drop timelines that drip-feed to-do items, resources, courses, forms, and badges to each new hire, triggered by dates or by completing a previous item, so nobody faces everything at once. Onboarding starts before day one: preboarding pages welcome hires early, and colleagues can leave personal messages that appear there. The account provisioning module creates the new hire's Slack, Google, Asana, and other accounts automatically on the scheduled day via a library of integrations plus custom webhooks - the IT ticket queue never gets involved. Everything works through two equivalent interfaces: a full web dashboard and a Slack bot, either usable standalone. Slack can even auto-create new hire accounts when someone joins the workspace and assign default sequences with zero manual action. Colleague tasks with comments and collaboration, a searchable people directory, scheduled introductions, and per-hire timezone awareness (no 3 a.m. notifications) round it out. No trackers, no phoning home - third-party credentials sit in encrypted fields on your server.
Apprise-API
One REST call, 130+ notification services: Apprise API wraps the well-known Apprise library in a lightweight Django/Gunicorn microservice, so "send an alert" works the same whether it goes to Slack, Discord, Telegram, Teams, email, SMS, Pushover, or PagerDuty - each addressed by a simple URL scheme. It solves the credential-sprawl problem cleanly: instead of embedding provider tokens in every app, cron job, and CI pipeline, you centralize them here and everything else just POSTs a body and title. Two modes cover every workflow. Stateless calls to /notify carry target URLs in the payload (or fall back to a default set via APPRISE_STATELESS_URLS); stateful mode stores named configurations server-side under keys, so /notify/{KEY} fans out to everything registered - with tag-based routing (comma for OR, space for AND) selecting which endpoints fire per message. Messages take info, success, warning, or failure types in text, Markdown, or HTML, with attachments up to a configurable size. A built-in web UI manages and tests configurations, APPRISE_CONFIG_LOCK makes the store read-only, service allow/deny lists restrict which schemes work, webhook remapping adapts third-party payloads, and a Prometheus /metrics endpoint watches the gateway itself.
CodeX Docs
Writing docs should feel like editing a modern document, not wrangling Markdown files - CodeX Docs delivers that on Editor.js, the block-styled editor its CodeX team builds and thousands of products use. Content is composed from clean blocks (headings, lists, code, images, embeds) with a UI that reads well on both desktop and mobile, and pages render statically with human-readable, SEO-friendly URLs. Structure is free-form: pages nest to any depth, so a flat FAQ and a deep product manual coexist in one instance, and the UI tunes to fit - collapse sections, hide the sidebar. The operational footprint is deliberately tiny. No database is required: the default driver persists to a local folder, with MongoDB available when you want it, and the whole app configures through one YAML file (overridable with APP_CONFIG_ environment variables) covering title, start page, auth password, and JWT secret. Editing mode sits behind password authentication. Thoughtful extras are wired in: readers can report misprints straight to your Telegram or Slack, Hawk error tracking catches frontend and backend exceptions, and Yandex Metrica analytics is a one-line config. A ready-made Helm chart covers Kubernetes. Written in TypeScript.
Documize
Enterprise documentation discipline without enterprise infrastructure: Documize Community is the Confluence alternative built on exactly that trade. The entire platform - Go backend, Ember.js frontend - compiles to a single executable binary for Linux, Windows, and macOS with zero runtime dependencies: no Elasticsearch, no Redis, no JVM. Point it at PostgreSQL, MySQL, MariaDB, Percona, or Microsoft SQL Server (rare in open source, decisive in Microsoft shops), and schema migrations run on launch with native full-text search on whichever engine you chose. Content organization rejects nested-folder sprawl for Spaces, categories, and labels, and the section-based composable editor mixes rich text, Markdown, code blocks, PDFs, diagrams, and embedded Jira or Trello content in one document, with reusable blocks and templates so teams start from standards rather than blank pages. It deliberately unifies internal team docs and customer-facing documentation in one system with granular space-, document-, and action-level permissions deciding who sees what. Where wikis stop, Documize continues: content approval workflows (draft, review, approve, publish), version management, lifecycle control, feedback capture, PDF export, analytics showing what gets read and ignored, activity streams, and audit logs. Keycloak, LDAP, and SSO integrate for enterprise auth. AGPL-licensed.
mCaptcha
The CAPTCHA bargain - annoy your users and feed their behavior to Google - gets replaced with economics by mCaptcha. Instead of image puzzles, it uses SHA256 proof-of-work: every visitor's browser silently solves a small computational challenge (via a WebAssembly library) before submitting a form. Humans never notice the milliseconds; bots hammering your site must burn more compute sending requests than your server spends answering them, which makes attacks more expensive than defense - the property that also makes mCaptcha genuine DoS protection, not just bot filtering. Written in Rust, the system is fully automated: difficulty scales with traffic, so challenges stay trivial in normal conditions and harden under attack. The privacy and accessibility wins are structural rather than promised: no tracking, no profiling, no user-pattern data collection, and no visual puzzles that exclude users with visual or cognitive impairments - the design was published in Communications of the ACM. Rate limiting is IP-independent, so users behind NATs, VPNs, or Tor get the same experience instead of endless challenge loops, and proofs resist replay attacks, neutering captcha farms. Migration is deliberately easy: the API is compatible with reCAPTCHA and hCaptcha, making it a drop-in replacement. AGPL-licensed core with proprietary-friendly client libraries.
Coral
Comment sections at the Washington Post, the Wall Street Journal, and newsrooms across 30 countries run on Coral (also known as Talk) - the platform built by journalists' technologists, started under the Mozilla Foundation and now stewarded by Vox Media as an Apache-2.0 project serving 23 languages. Its founding premise is that online comments are broken and moderation is the fix. Moderators get a full queue system - reported comments, system-held pending comments, and configurable pre-moderation - backed by AI toxicity scoring that warns commenters before posting and holds high-scoring comments for review, Akismet spam detection, banned and suspect word lists, and automatic repeat-offender handling that pre-moderates users whose rejection rate crosses a threshold. Readers get features designed for healthier conversation: journalist badges in threads, muting of annoying voices, notifications, instant new-comment alerts, and timeouts rather than just bans. For publishers the economics are the point - no ads, no trackers, no hidden pixels anywhere in the code, full ownership of audience data, and GDPR compliance beyond requirements. Integration is one embedded script; SSO connects existing registration, and a GraphQL API supports customization and extension.
Astuto
Feature requests, bug reports, upvotes, and a public roadmap: Astuto (Ruby on Rails backend, React frontend) gives users a Canny-style feedback portal so product decisions rest on visible demand rather than the loudest voice in the room. Feedback organizes into as many boards as you want (features, bugs, integrations), each post carrying a custom status you define - "planned," "in progress," "shipped," or whatever matches your process - and those statuses feed a public roadmap view showing users what is actually being worked on. Participation friction is adjustable at both ends: sign-in works with plain email or any OAuth2 provider, anonymous feedback can be enabled for unregistered users, and a moderation queue lets you approve posts before they appear when spam is a concern. Integration hooks are practical rather than sprawling - webhooks fire on events to connect Jira, Trello, or Slack, and a REST API manages the whole feedback space programmatically. Brand customization, an invitation system, private-site settings, and recap emails for administrators complete a deliberately minimal tool: it collects, organizes, and prioritizes feedback well, for free, forever.