return to table of content

Show HN: I just made my profitable online form builder open-sourced

izwasm
23 replies
23h26m

I really like that you are using nestjs, idk why some devs hate it, IMHO its the best node framework that can be used to build production ready apps, i started using it a month ago at work and it was my first time using it, and it already made so productive

wouldbecouldbe
5 replies
23h6m

NestJS is nodeJS for Java people. It's like Angular in that sense.

So some people will feel like it's over engineered.

I mean it's overengineered. Why do I have to register all these things, and why does it keep crashing if I register it like this without any understandable error message. It has a little bit of an OCD relationship with dependency injection. Where the normal import system can handle most of those cases.

But few nice things, resolvers, auto-generate swaggers. And TypeORM is lovely.

But yeah it's a bit too demanding. I'm okay with an opiniated framework if it gives a lot of features out of the box (like laravel or NextJs), but NestJS tells me how to do things without giving me enough in return. (auth, sockets etc are still quite a lot of work)

mewpmewp2
4 replies
17h41m

Yeah, I don't know, most of the time only time you actually need dep injection is for tests, and at that point why not just mock with Jest? Feels too much just having to do all this work just to complicate dependencies and make moving around more difficult for tests when a much simpler solution is available.

wouldbecouldbe
2 replies
8h38m

Dependency injection was not really meant to help with testing, but to keep code decoupled. It can be a nice pattern, but even if nestjs forces us to do it, we developers still find creative ways to nullify any attempts to decouple the code we write :).

mewpmewp2
1 replies
6h43m

It wasn't meant to, but it realistically and potentially feels only useful in those cases.

To me in most cases it is used it seems to just overengineer and obfuscate things unnecessarily when much simpler code would be easier to understand, etc.

It shouldn't be a thing that is done by default, only when it really makes sense.

Eventually with all those injections you are going to cause a situation where making any changes becomes really complex, if there are any use cases you didn't foresee at all.

In 90%+ cases you don't need interfaces and or DI, you should just be able to follow the logic with your IDE, it makes no sense to obfuscate that.

If the impl truly must vary for whatever case, then sure, you can use it.

But I would also say that don't do interfaces and impl before you actually need to switch them out dynamically depending on the context (and not just for testing).

If you have something that does Storage, and Storage drivers could be different like FileSystem, GoogleDrive, whatever, then sure use an interface, but not otherwise.

It's like DRY. Unless you actually use it 2-3 times, don't make everything unnecessarily into a reusable fn.

If you don't foresee having multiple storage methods in the near future then just use a class for storing which you can move to, to see how it does file storage or similar.

wouldbecouldbe
0 replies
5h13m

yeah agree, there was a time where everyone only wanted to code in patterns. I do think they are nice, but often most of us hardly understood the original reason why they were created.

tisdadd
0 replies
14h27m

Just wanted to chime in and say that if you use the CLI to generate things, the experience is much nicer. However, you do still need to be in their playground. If you have a large team out org and don't want to have to document extra about the guts, I love having something proven. If you need to mix protocols, I believe Feathers JS was a little simpler to get into last I looked.

calmoo
4 replies
22h26m

Best makes JavaScript look like Java, it’s needlessly complex and just encourages vast amounts of boilerplate. Awful stuff.

eddd-ddde
2 replies
22h20m

This is precisely my experience. Classes are painful to deal with. Decorators are not only unergonomic, they also throw away any type safety. Also Nest shoves class transformer and class validator down your throat, which are also a pian in the ass.

My go-to right now is itty router with zod.

kwhitley
1 replies
18h38m

Love to hear it!

Btw, itty-router v5 just dropped a couple days ago, with a fun batteries-included (still ultra-small) router, that should make your code even leaner.

How is the integration w/ zod anyway, and how can we make it better?

eddd-ddde
0 replies
16h49m

Yes I noticed v5! I love it so much. The great thing about itty is you can integrate anything really easily.

I'm in the progress of making a simple middleware based on zod to parse not only request body, but also params, headers, etc. Zod is really powerful and you could even use it to do stuff like parse jwt tokens and have complete type inference.

Perhaps my only issue with this approach is that you rely on a wrapper function to correctly pass the generics fron the middleware to the main handler.

Another possible approach is using types-per-route but then it's hard to enforce that the validator agrees with the handler itself.

dns_snek
0 replies
21h55m

Same experience here. Admittedly it's been a few years since I last used it, but there was so much boilerplate coupled with a layer of "magic" that was too thick for my liking.

Provider initialization (dependency injection) failed on me on a few occasions and it always wasted hours of productivity. It would break in some obscure way that wouldn't log any errors to the console, so there was nothing to go on besides attaching a debugger and stepping through layers of framework code. It was quite infuriating because it always happened when I was in the middle of something else.

If your specific use case wasn't covered by their docs (which were very barebones and "hello-world" oriented at the time), it was painful to figure out and use.

aswerty
3 replies
21h45m

I'm literally in the middle of spending my evening, outside of work, gutting NestJS from a project I've inherited at work. I would literally consider changing jobs if I couldn't remove it.

There is so much to unpack to get as why I have such an issue with it. But time and again I have been frustrated with it in terms of: it's design philosophy, implementation, scope of what it covers, bloat, recommended implementation approaches, etc.

I don't understand how a single framework can think that it should cover: message/request handling, logging, config management, dependency inversion, persistence, and IO. These things have almost no cross over (i.e. if they are well designed they should be easily composable with any other component) but time and again framework developers attempt to bundle them into a "one size fits all solution".

To best sum it up. I think any package I use should be secondary to my application. But this package makes it so that my application is secondary to the framework.

jzig
2 replies
19h8m

Don’t .NET and Rails do all those things?

NicoJuicy
1 replies
16h55m

They provide a default.

I suppose in nextjs it's the only option?

ganduG
0 replies
15h16m

Nah, you can swap out most things.

winrid
2 replies
17h44m

The worst Java frameworks are better than NestJS IMO

pas
1 replies
17h10m

Why? In what sense? What would you recommend instead for TS? And what would you recommend instead of Nest and TS?

winrid
0 replies
58m

I wouldn't really recommend TS anymore. I would just go to a compiled language that actually has runtime type safety and a good ecosystem and devx. Although, it looks like Deno/Bun will improve things. After working with it for 5yrs, I just don't want to deal with the typescript compiler and ecosystem anymore, it's more of a headache than it's worth when Java (or ktl), Go, (and because HN: rust) are great.

pjerem
0 replies
23h6m

nestjs is nice if you’re coming from Angular. It’s basically Angular for the backend.

But like Angular, there is a very wide range of use cases where it is totally overkill and like Angular, companies are throwing it at each and every project.

I don’t find it bad but it’s in a strange spot being more bloated than other JS frameworks while still being way less "batteries included" than more classical corporate frameworks.

Like Angular, I don’t hate it though it’s just that I still haven’t figured out a project where it’s better suited than something else.

mufeng
0 replies
10h29m

Why not use NestJS, a framework that solves the engineering problems you encounter in other Node.js frameworks?

datascienced
0 replies
14h36m

Why Nest over Next? Is it worth switching?

bieberChen
0 replies
15h43m

I use nestjs in my open source no-code database https://github.com/teableio/teable, and I really like it, especially the dependency injection capability.

_fat_santa
0 replies
22h54m

I recently migrated my API from lambda functions do a dockerized Node API and I evaluated NestJS, though ended up using Fastify. Like others have mentioned, it's great for devs that come from Angular or Java but for me I didn't like that it used decorators all over the place and preferred to have something more "Express like"

la64710
12 replies
22h41m

What is the reason for “open sourcing” this , when any meaningful implementation is locked away behind services and is closed source. I just think these kind of use cases confuses users. There is no problem in being closed source and proprietary (unless you are using preexisting open source code and open sourcing those parts of your code makes it legally compliant) . In any case it is confusing at best and misleading at the worst.

cynicalsecurity
5 replies
22h17m

Free advertising on Haker News. 10 bucks net profit without any grows is also profitable. Getting to the main page of HN was worth open sourcing what had no potential anyway.

This is my reasoning, I'm not the creator of this.

winrid
2 replies
11h36m

As someone that built a 20m ARR survey product... The only difference between this and something making millions is a sales team.

testbf
1 replies
6h3m

And millions in bots and fake reviews.

winrid
0 replies
1h2m

it wasn't needed in our case. Selling B2B didn't require online reviews of our product.

ricardonunez
0 replies
17h59m

Username checks out.

lelanthran
0 replies
10h3m

I think maybe you're being overly cynical (yes yes, I did see your username!)

Sometimes, large companies open-source a SaaS product because they expect to make more money from the free marketing (See yesterdays post about headline-driven development) even though their implementation remains closed.

We still give them news-space, don't we? Why should we act any differently for solo developers?

j45
2 replies
13h18m

There are organizations (often not small) that will pay for a hosted and closed source solution if it is available under dual license in case it goes away.

Other organizations still, have open source only policies, or no open source at all.

Many of these applications can be in government.

It can increase the footprint.

ensignavenger
1 replies
4h16m

What organizations have a no open source policy? They would be hard pressed to find any significant commercial software that doesn't have an open source dependency somewhere it its dependency chain!

j45
0 replies
20m

Oh, they exist. Imagine Microsoft based companies that must have commercial licensing with software that guarantees to work or is secure.

I know of some CMS’ which were dual licensable for this reason.

Other reasons why:

https://www.channelfutures.com/connectivity/reasons-organiza...

jraph
1 replies
14h9m

when any meaningful implementation is locked away behind services and is closed source.

As someone seeking a purely open source forms solution, what do you mean by this?

ensignavenger
0 replies
4h17m

Not the commenter you replied to, but I noticed that it depends on Redis and Mongo, which are proprietary database products. However, there are Redis and Mongo mostly-compatible DBs that are Open Source, so you can probably swap them in (though the project may not officially support them and test with them, so you may have to be willing to contribute testing and bug fixes yourself).

ensignavenger
0 replies
4h21m

I see that the project appears to depend on Mongo and Redis, both non-open source. However, both have substantially compatible alternatives that a user should use in their place. Even if they did not, having the source code available under an open source license means that users can fork it and swap these databases out for something better. Users can learn from and modify the source code for their own uses. Users can review the source code for quality and security. All of these things are possible when the code is open source. So yeah, it would be nice if it used open source dependencies or at least officially supported alternative open source dependencies, making the application open source as is is still a win over keeping it proprietary.

jraph
11 replies
23h23m

I'm secretly and slowly building a form building application. The idea is that in my association we don't want to rely on Google Forms. And we only want to use open source software. We are using FramaForms which is a bit clunky and doesn't have this feature that updates a spreadsheet automatically. I thought that I could just create something that would answer both concerns.

But a good open source forms app would probably change everything, I would gladly stop my small project (in favor of contributing to an existing one for instance). I see there is integration with a lot of products, including Google Drive and Google Sheet.

Would an integration with Nextcloud be considered?

Congratulations on open sourcing this, we need open source and self hosted form solutions. Critically private data is put in forms and that get sent to big private companies like Google, which is not ideal.

As other commenters say, you might want to use AGPL indeed, but I guess you carefully thought this decision.

flavaz
3 replies
21h3m

Limesurvey is “good enough” for most applications and is open source- any reason why that wouldn’t work for your use case?

jraph
2 replies
11h29m

As far as I know, LimeSurvey can't auto update a spreadsheet with the answers.

But LimeSurvey has its advantages:

- it's in PHP, and our whole infra is already using it (WordPress and Nextcloud). So it's easier to setup and if we want bridges between these tools, it'll be easier.

- AFAIR, it doesn't require JS when filling a form and in particular, it's not a React app.

We have used LimeSurvey in the past, we got rid of it but I don't remember why, I should look into it another time.

Two other big requirements we have is solid conditional field support and easy to use form builder.

flavaz
1 replies
9h7m

Reason why I ask is that there are many form/survey builders out there, as people often underestimate the complexity it takes to set one up that supports things like max diff, routing etc.

Looking at the forums I can see that some have managed to achieve what you need via plugins (albeit the one I see that is confirmed working seems to be paid…)

Just thinking contributing an open source plugin to a great open source scripting tool would save you headaches down the road :)

jraph
0 replies
6h17m

You are right, this is a time consuming and a genuinely hard problem to tackle.

I have not been satisfied with existing software, but I would be happy to find out otherwise.

blowski
2 replies
21h34m

But a good open source forms app would probably change everything

Can you go into that a bit more, I'm interested what you would see changing. Why do you think it hasn't been done already?

krisoft
1 replies
16h36m

My understanding of the comment is that “changing everything” should be understood in the context described by the begining of the comment. That is their organisation would stop using FramaForms, and the commenter would stop working on their replacement skunk project. That is all of those mentioned plans/activities would change drastically.

It wouldn’t change literally everything. The Sun and the Earth will continue to orbit around a shared barycenter. Humans will continue to breath oxygen. Carbon will continue to form four covalent bonds per atom. Some boys will continue to think a lot about some girls, etc etc.

jraph
0 replies
11h29m

Yep, I meant this indeed.

dearroy
1 replies
18h40m

Thank you for sharing your experience and insights. It would be fantastic if we could collaborate to make HeyForm better suited to your needs, as well as the needs of many others.

Would an integration with Nextcloud be considered?

We are definitely interested in exploring this possibility. However, since I am not personally familiar with Nextcloud, it would be helpful if you could provide more details. Could you please open an issue so that we can discuss it further?

jraph
0 replies
11h29m

Sure, I'll take the time.

abdullahkhalids
1 replies
21h24m

Grist has the ability to create forms that are automatically connected to their spreadsheets [1]. Though it doesn't seem like you can create sophisticated forms (with some logic in them for example) just yet.

I am thinking of moving my volunteer org away from Google forms towards Grist.

[1] https://support.getgrist.com/widget-form/

quantumwoke
10 replies
1d

Can anyone confirm if the legal advice here https://docs.heyform.net/license is correct? Seems slightly different to my own interpretation of the spirit of GPL.

bachmeier
5 replies
23h47m

There's nothing problematic about this, except that it's GPL plus conditions. AFAICT, only the second condition would be in addition to the GPL, but I didn't spend much time thinking about it.

jahewson
3 replies
22h6m

GPL does not permit additional conditions, it actually states that additional conditions may be removed by the licensee.

In this case, I don’t see the actual license containing additional conditions, simply that the FAQ guidance on the page is misleading.

jahewson
1 replies
20h27m

Yes and no. While the author can specify an attribution notice, the GPL limits it to being relayed amongst “appropriate legal notices” - these typically appear in an EULA or About screen. Otherwise an “inappropriate” attribution requirement could be misused to prevent modification of certain parts of the work.

As for the issue with CC, GPLv3 gives a 30 day grace period for rectifying violations which obviates many potential troll issues.

renewiltord
0 replies
14h27m

Thank you.

thih9
0 replies
23h39m

it's GPL plus conditions

Not in a uniform way - the license distributed with the code on github doesn’t have the extra conditions.

At this point I’d nuke the repo and force push with AGPL license instead, that seems a better fit.

nerpderp82
2 replies
1d

They would need to use the AGPL if they want folks that self-host to release their changes.

fsckboy
1 replies
17h43m

I don't know if the page changed, but it says that it is using AGPL

sfink
0 replies
22h14m

Yeah, it looks wrong to me too. It claims to be GPLv3 and the "use cases" explainer looks like it's trying to clarify what GPLv3 means, but the requirements described under the use cases are not part of GPLv3.

The 1st one is fine. The 2nd one says you would need to open source your modifications, but that would only be true if you also distributed your version rather than just using it on the server side. The 3rd adds three conditions. The first and third are again only true if you are redistributing the software. The second is an attribution clause that is not part of GPLv3, and the page to me definitely reads like it's explaining the license but not actually a license itself. GPLv3 does allow adding in similar conditions, but probably not those: I'm not sure requiring a link to the original project is ok.

AGPLv3 would be a much closer match to what the author appears to intend. It allows adding the attribution requirements that the author wants; see https://www.gnu.org/licenses/agpl-3.0.en.html section 7: "You may...supplement the terms...: (b) Requiring preservation of...author attribution..."

(IANAL, and every time I claim anything about licenses I get at least one detail wrong.)

snvzz
6 replies
12h4m

Huge Affero (AGPL) warning.

Do not touch unless you understand how the license works and want to do so anyway.

thih9
2 replies
12h0m

Can you be more specific?

In what ways exactly it is more dangerous than other open source licenses in this case?

chii
1 replies
11h42m

more dangerous

only if you intend to produce a derivative work for which you intend to sell, and thus do not want to reveal said derivative to others.

AGPL is the best license available for open source imho.

thih9
0 replies
8h59m

That was my understanding too, I don’t understand how this would be seen as dangerous in this context, I’d also view it as a benefit.

frabcus
1 replies
11h59m

I see this as huge Affero (AGPL) praise!

It would be great if the license was used more. I'd much rather contribute to something where sharealike extends in some way across networks - software doesn't link in binaries, as the GPL does cover, as much these days.

p_l
0 replies
11h39m

GPL never talked about linking, it's probably the single most misunderstood aspect of GPL.

You can in fact have GPL bw applied over network IPC even

not_your_vase
5 replies
1d1h

What's your rationale behind this step?

dearroy
2 replies
1d1h

It's to tap into global collaboration for faster innovation, and ensure transparency and trust.

Thanks for bringing up the good question!

gus_massa
1 replies
23h51m

Do you have another source of income? If someone just use it without giving you money or code contributions, would you feel ok?

dearroy
0 replies
8h46m

Both of us work part-time on HeyForm and are satisfied with the revenue it generates.

However, who wouldn't want to earn more? :D

MichaelMug
1 replies
23h35m

Would this be a clever way of shrinking the market? Any competitors will now automatically need to have a value proposition greater than this free software.

atonse
0 replies
23h24m

I'm not OP but the software is GPL3, so it would disqualify a lot of risk-averse customers from hosting it.

tamimio
4 replies
23h6m

Your website doesn’t open, it seems it’s flagged in one of the DNS popular blacklists

mderazon
1 replies
21h44m

For me too, using NextDNS

scosman
0 replies
17h46m

+1

zzzzzzzzzz10
0 replies
23h4m

Works fine for me. Did you add these blacklists yourself or is it from your ISP?

dearroy
0 replies
4h17m

It's strange that our website is being blocked by an ISP.

Could you please provide us with the name of the ISP so that we can contact them and request to have the ban lifted?

rkuodys
4 replies
12h18m

I cannot quickly find the answer so maybe the project owner can share - I have a need for which apparently there is no ready-to-use product - I need to have form which is anonymous, but at the same time it should be one-time-only submit. (Like voting system).

My ideal solution would be to send unique link to each recipient and limit one submission per link. However, I as a purchaser should not be able to see who got which link, or at least, how each link voted.

Question if heyform has some implementation of the need already, because none of the well known products - Google forms, MS Forms, Typeform - support anything like that

thih9
1 replies
12h2m

I doubt any generic platform would support such a specific use case out of the box, especially if major providers don’t offer it.

hughesjj
0 replies
1h58m

Eh, I mean it's a pretty common ask in my experience, but my experience isn't the world's

eastbound
1 replies
11h40m

Even if it were anonymous, your recipients wouldn’t trust it. Everyone knows anonymous polls get you fired (which is still proof that some people still trust anonymity, but those people are usually not working here anymore).

thih9
0 replies
6h0m

I was curious and did a google search, looks like you’re right and this can happen; some anecdotes are terrifying:

My manager let me know that due to my answers in the culture survey, they didn't think I was a good fit for the company anymore and were letting me go.

said that my responses to the survey showed that I had a negative attitude about the company and that they wanted to part ways.

source: https://old.reddit.com/r/legaladvice/comments/67j04o/i_was_f...

Syntaf
4 replies
18h13m

Very cool! Form builders are really fun applications to build and teach you a lot about more advanced relational models (like polymorphic relations)

I scrapped together a form-builder-with-payments using RoR and RailsAdmin last year for my club and ended up spinning it off into a pay-per-use SaaS[1].

As it turns out, forms are a fundamental aspect of a LOT of things, and offering free use tools can change the game for clubs or organizations looking to keep their data in one place.

[1] https://embolt.app

mewpmewp2
3 replies
17h43m

What do you mean by club exactly?

Syntaf
2 replies
15h16m

I generally mean a member based organizations, could be a book club or professional association or anything of the sorts.

Not every club charges dues, but those that do generally start off with a google form and a pinky promise that you'll send your dues after submitting the form.

Works for awhile but it's hard to maintain, speaking as someone who's had to do this before. embolt is my go at offering a member platform with a very low (the lowest) barrier of entry to getting up and running with paid registrations forms & an admin dashboard.

replwoacause
1 replies
14h41m

Looks very well done! Did you have to write much JS or could you do everything you needed with RoR?

Syntaf
0 replies
3h17m

Thanks! I initially started out with just jQuery but eventually realized I needed to support more complex interactions and adopted Turbo & Stimulus [1].

Still sticking with server-side rendering though, always loved that approach to building webapps and tools like HTMX & Turbo make it much easier to integrate with complex UX interactions.

[1] https://medium.com/@csofiamsousa/hotwire-turbo-and-stimulus-...

thih9
2 replies
23h55m

Congrats on open sourcing your project!

I see that it relies on mongodb, at a first glance this seems a good fit for a forms oriented product - looks like using a document db for actually dealing with documents. How did it work out for you? Would you choose it again?

mufeng
1 replies
10h27m

Maybe not. MySQL and PostgreSQL are both capable of performing this task effectively.

thih9
0 replies
2h14m

Are you associated with the project or are you commenting based on your own experience?

orliesaurus
2 replies
1d

do you consider this a marketing move?

hk__2
0 replies
22h8m

Of course; how else could they have been on the HN frontpage? (I’m not saying this negatively)

dearroy
0 replies
8h42m

We do, but this is not the main reason.

jdaviescoates
2 replies
9h36m

I currently use NocoDB for forms, which works great, but this looks great too, many thanks for sharing!

jdaviescoates
1 replies
9h31m

@dearroy in fact, it'd be great if you integrated with NocoDB! I was a little disappointed to see that at present you mostly only integrate with proprietary tools and not with other self-hostable tools.

dearroy
0 replies
8h49m

You request it, we make it!

Please open an issue and let's discuss it further. With any luck, we can make it available in just a few weeks.

sfink
1 replies
21h57m

I've often wanted a simple online form solution for random purposes, yet I have never quite gotten around to learning Google Forms. My kids use it for school stuff. They're reasonably capable with it and have gotten good mileage from it. I guess at some level it's hard for me to get into something that often requires flexibility, yet can't be modified beyond rigidly prescribed boundaries.

I would totally rather learn something like this that I can hack on. And when other people ask me how to do something for a Real reason, I would not hesitate to recommend the hosted version if it can do what they want. (No, I don't want to be on the hook for maintaining a self-hosted version of something that will be depended on for wide public consumption. I'm done with pager duty.)

The creators' hearts seem to be in the right place, so I'm less subliminally worried that they'll enshittify it in some way that bothers me. And if they do, the license gives me a way to proceed without starting with something new from scratch.

jmholla
0 replies
21h1m

Google Forms is very simple to learn. There's not much to it. You just dive in and you're good to go.

bberenberg
1 replies
1d

Considering that this is SaaS, are you sure GPL is sufficient here? Did you consider AGPL?

datascienced
0 replies
14h33m

Risk is low. A copycat can copy but code is only part of the equation.

V__
1 replies
21h53m

This looks really nice. I assume you have looked at the alternatives and created heyform with a special feature or use case in mind? If so, could you summarize the differences between heyform and for example: getinput.co, quillforms.com or snoopforms.com?

youngbum
0 replies
4h55m

Cool

tomfreemax
0 replies
9h51m

Looks really cool and could be a good alternative to Typeform.

In our organization, due to privacy reasons we need to self host.

You might want to look at something like the plus plan photoprism has. For photoprism, if you want a UI for user admin, you pay something. One can do the same thing from cli, but in corporate environments it's easier for me to say, look, we need to pay, because we need this admin interface. If I would self host but want to support you otherwise, it's hard to argue why the organization should "donate" money.

Hope it makes sense. Best wishes!

snapcaster
0 replies
1d

How did you think about the tradeoffs between closed-source profitable vs. open sourcing it? What do you see as your criteria for success on this move?

circusfly
0 replies
20h47m

AI thanks you for your efforts.