896530b3c0
Add comprehensive documentation about Replicated's publishable key pattern: Section 3.1 - Authentication model: - Explain publishable key is safe to embed in applications - Document limited privileges (write-only for metrics, no read access) - Clarify shared across all customer deployments - Explain customer identification via email, not API keys - Compare to Stripe's publishable key pattern Code examples - Add detailed comments: - Service initialization: Explain why key is safe to embed - Client instantiation: Document security model and customer ID flow - Emphasize intentional embedding and shared usage Environment configuration: - Add inline comments explaining publishable key safety - Show example key format (replicated_pk_...) - Note that it can be committed to source if needed - Clarify vendor-wide vs customer-specific keys This addresses the requirement to make it clear that the publishable API key is intentionally hardcoded/embedded and safe to do so due to its limited privileges. References: - Replicated Python SDK: https://github.com/replicatedhq/replicated-python - Similar to Stripe's publishable key model - Based on modern SaaS API security patterns Co-authored-by: openhands <openhands@all-hands.dev>
OpenHands: AI-Driven Development
🙌 Welcome to OpenHands, a community focused on AI-driven development. We’d love for you to join us on Slack.
There are a few ways to work with OpenHands:
OpenHands Software Agent SDK
The SDK is a composable Python library that contains all of our agentic tech. It's the engine that powers everything else below.
Define agents in code, then run them locally, or scale to 1000s of agents in the cloud.
Check out the docs or view the source
OpenHands CLI
The CLI is the easiest way to start using OpenHands. The experience will be familiar to anyone who has worked with e.g. Claude Code or Codex. You can power it with Claude, GPT, or any other LLM.
Check out the docs or view the source
OpenHands Local GUI
Use the Local GUI for running agents on your laptop. It comes with a REST API and a single-page React application. The experience will be familiar to anyone who has used Devin or Jules.
Check out the docs or view the source in this repo.
OpenHands Cloud
This is a deployment of OpenHands GUI, running on hosted infrastructure.
You can try it with a free $10 credit by signing in with your GitHub account.
OpenHands Cloud comes with source-available features and integrations:
- Integrations with Slack, Jira, and Linear
- Multi-user support
- RBAC and permissions
- Collaboration features (e.g., conversation sharing)
OpenHands Enterprise
Large enterprises can work with us to self-host OpenHands Cloud in their own VPC, via Kubernetes. OpenHands Enterprise can also work with the CLI and SDK above.
OpenHands Enterprise is source-available--you can see all the source code here in the enterprise/ directory, but you'll need to purchase a license if you want to run it for more than one month.
Enterprise contracts also come with extended support and access to our research team.
Learn more at openhands.dev/enterprise
Everything Else
Check out our Product Roadmap, and feel free to open up an issue if there's something you'd like to see!
You might also be interested in our evaluation infrastructure, our chrome extension, or our Theory-of-Mind module.
All our work is available under the MIT license, except for the enterprise/ directory in this repository (see the enterprise license for details).
The core openhands and agent-server Docker images are fully MIT-licensed as well.
If you need help with anything, or just want to chat, come find us on Slack.