[googoloid]

Ok so it does work as I understood originally.

If the CLI allows your domain to connect to it and do arbitrary DB queries, it's definitely not something I could trust. Even if I knew you to be perfectly respectable, your hosting could get hacked and then there would be a pipeline for an attacker to my DB.

It's a reasonable way to do some things, but I definitely feel this cannot be called local-first, since it explicitly allows and expects external domains to connect to it.

The bundle size is no issue whatsoever for a cli tool for devs, it's only really a problem when serving via the internet.

[oleksandr_dem]

Makes sense. Following all the feedback in this post I will have to make a lot of changes, I will also think on this one. But you are probably right, incorporating the app as part of the CLI might make sense.

I have a question: assume I moved the webapp into the CLI (so now everything is localhost), would you prefer using a CLI + webapp or an actual app you have to install (no more CLI, you open the app and do your stuff)?

[googoloid]

I think for me, either would work but in different contexts: - as an npm package for convenience for a node project, so i can just add an npm script to launch it on a local db - for more general personal use, a flatpak-distributed app would be preferred (installing npm packages globally is a hassle)

I would want the source to be open for either case though (like others have mentioned too).

[oleksandr_dem]

Before I posted this, opensourcing this tool was something I would do in the far future. However, based on all the different threads, it is clear that in order to gain some trust I have to go opensource sooner rather than later.