| ▲ | Show HN: GETadb.com – every GET request creates a DB(getadb.com) |
| 20 points by nezaj 6 hours ago | 25 comments |
| Hey HN! We made GETadb.com, so it's easier to get agents to build you full stack apps. You don't need to give them any credentials. Just by loading a GET request, they get access to a database, a sync engine, and abstractions for auth, presence, and streams. To see what the agent sees, you can load https://getadb.com/new There's two fun things about how it's implemented: 1. If you curl the home page, it the agent content rather than human content. We do this by detecting the 'Sec-Fetch-Mode' header. It's not perfect, but gets the job done for Claude Code et al. 2. For an agent to spin up an app, they make _two_ fethes. (1) getadb.com/guide tells them to generate a uuid, and fetch (2) getadb.com/provision/<uuid>. We did this, because just about half of the popular web-based app builders cache URLs globally, even if you return no-store headers. To get around this we just instruct the agent to generate unique URLs You may wonder: Why GET requests, rather than POST requests? It's because then you can build in surprising places. For example, we get meta.ai to build an app inside the artifact preview: https://artifacts.meta.ai/share/a/b80c7412-c3af-4088-b430-78efdfe8ea2d Under the hood, this is possible because the whole infra is mult-tenant from ground up. We already announced how that works on HN, but if you're curious here's the essay for it: https://www.instantdb.com/essays/architecture |
|
| ▲ | offmycloud an hour ago | parent | next [-] |
| The GET request method is supposed to be safe. "Request methods are considered 'safe' if their defined semantics are essentially read-only; i.e., the client does not request, and does not expect, any state change on the origin server as a result of applying a safe method to a target resource."
-RFC 9110 section 9.2.1 https://www.rfc-editor.org/rfc/rfc9110.html#name-safe-method... |
| |
| ▲ | stopachka an hour ago | parent [-] | | Here's my argument: In practice many GET requests don't adhere to this spec. For example, when you load a page, your "view" generally changes lots of things on the backend. Those changes come back to you in ways too: for example, consider view counts on Youtube videos or X posts. |
|
|
| ▲ | kmoser 37 minutes ago | parent | prev | next [-] |
| > For credentials and instructions, fetch http://www.getadb.com/guide and follow the steps. http, not https? |
| |
|
| ▲ | apsurd an hour ago | parent | prev | next [-] |
| I found https://www.instantdb.com/about very interesting; you built a new database! The triples stuff is cool. For GETadb, it's a conflicting sell. The people that need "a db solved by AI" and fully abstracted are using app builders no? lovable, v0, manus. The people the are closer to the code and need an instant db would look to sqlite, render, supabase, neon. I'm all for another option, but then there's the realization that instandb is a new kind of db and I need to research into the value-prop vs the initial persona: "just solve my db problem with AI". disclaimer: I'm a professional developer, doing an honest review. I may play around with it separately, later. So this marketing site did its job! |
| |
| ▲ | stopachka 34 minutes ago | parent | next [-] | | One place where a tool like GETadb can be helpful, is when you as a developer wanted to build a quick demonstration. For example one of co-founders Joe saw a tweet about how VCs were ranked. He pointed Instant to an agent, made a quick polling app, and got 600 votes [1]. We hope delightful experiences like that then prod hackers to dive deeper and use Instant for startups. [1] https://x.com/JoeAverbukh/status/2028544576206860697 | |
| ▲ | nezaj 37 minutes ago | parent | prev [-] | | When you're experimenting on ideas, it's really nice when time to hello world is near zero. It's also nice when you aren't limited to a certain number of dbs or your projects get paused. This makes it so much more delightful to hack. When you do want to get closer to the code, we think Instant provides a nicer abstraction for working with agents and getting deligthful experiences like a sync engine out of the box | | |
| ▲ | apsurd 25 minutes ago | parent [-] | | You are right about the activation energy to throw up anything new really comes down to a hosted db that won't rot. My initial experience with supabase was incredible in that sense: any client-side framework I wanted, deployed statically while still integrating with full Postgres, for free! Problem is supabase rots. And turning that project into anything meaningful is basically undoing everything you got for free up front. My solution today is sqlite. I'm not diehard typescript so it turns out traditional backend apps like rails running sqlite on tiny/free hardwire is pretty nice. That said, client-side runtime will always be alluring because it can be deployed statically. So you've got something there that I'll check out. |
|
|
|
| ▲ | runako 28 minutes ago | parent | prev | next [-] |
| > we get meta.ai to build an app inside the artifact preview Is this the kind of use case that is seen as valuable? I joked a while back that LLM-brain was going to have people building bespoke apps on each HTTP request, and people thought I was exaggerating! |
| |
| ▲ | stopachka 6 minutes ago | parent [-] | | > Is this the kind of use case that is seen as valuable? I think it could be. Consider an argument like this: It's valuable to ask ChatGPT questions and receive text responses. Some of the responses are more valuable when they don't just return text, but some markup: bolding, adding visualizations etc. Why can't some responses be more valuable if they return little apps? One place where I've wanted this myself are with using LLMs for long-running goals I have. For example, I do my blood work about once a year, and I use the results to make changes and track. For a long time I had a long chat thread with ChatGPT. Now I have a little app instead. An extreme version of this starts to turn responses into more and more fully-fledged apps. I did an experiment recently with creating a personal finance app. I found customizing the app to my specific needs made it much more valuable to me then generic personal finance apps, which have much more effort put it, but aren't tailored to my needs [^1] [^1]: more on this experiment here: https://x.com/stopachka/status/2040982623636607009 |
|
|
| ▲ | wewewedxfgdf 2 hours ago | parent | prev | next [-] |
| So, give your LLM a URL and tell it to follow the instructions there? Err, no thanks. |
| |
| ▲ | stopachka an hour ago | parent [-] | | Most LLMs in practice already read URLs. If you ask them a question they don't know, they will search and read pages. |
|
|
| ▲ | Retr0id an hour ago | parent | prev | next [-] |
| The biggest problem I see with vibecoded apps attached to a db is that the db is configured with exactly 0 access control (even if whatever backend does support it), and anyone can turn up and SELECT * FROM users, or even DROP TABLE users. How do you mitigate this? |
| |
| ▲ | stopachka an hour ago | parent [-] | | Good question. Two ways: 1. For the users table specifically, we have a default rule that says `"view": "auth.id == data.id"`. This way even if the the user (or AI) did not set access controls, user data is protected by default. 2. In the instructions file given to the agent (https://www.getadb.com/provision/new), we specifically mention permissions and how to push them. We found this prods the agent to push perms. |
|
|
| ▲ | dennisy 2 hours ago | parent | prev | next [-] |
| This is very cool! But why do we need this? An agent can just have a local DB using SQLite for example. |
| |
| ▲ | stopachka 2 hours ago | parent [-] | | Two reasons this could make sense: 1. With this, agents can actually deploy a full backend with their credentials [^1]. 2. If your agent ever wants to add auth, or real-time presence, or file uploads, or streams, they'll be able to do that too [^1] Alas we don't offer static site hosting, so to push the website you would need to use something like a vercel cli. |
|
|
| ▲ | aleda145 2 hours ago | parent | prev | next [-] |
| I appreciate this part of the agent instructions: `AESTHETICS ARE VERY IMPORTANT. All apps should LOOK AMAZING and have GREAT FUNCTIONALITY!` |
| |
| ▲ | stopachka 2 hours ago | parent [-] | | Thank you! Yeah, it is surprising how magic words can impact the performance of LLMs | | |
| ▲ | swyx an hour ago | parent [-] | | do you actually know or are you just guessing | | |
| ▲ | nezaj an hour ago | parent [-] | | Funny enough we added this in awhile back when it seemed more conclusive that this does matter. But I was curious and just did an adhoc eval. Here's a version with the aesthetic line included https://with-aes.vercel.app/ Here's a version without the line https://wo-aes.vercel.app/ Everything else is the same. Will let y'all be the judge which is better. Both where made in one-shot with this prompt: Create a habit tracking app where users can create habits, mark daily completions, and visualize streaks. Include features for setting habit frequency (daily/weekly), viewing completion calendars, and tracking overall progress percentages. | | |
|
|
|
|
| ▲ | lucb1e an hour ago | parent | prev | next [-] |
| I thought this would be something about getting (downloading?) the Android Debug Bridge tool (adb) until I read further. Might want to capitalize DB as well (GETaDB), at least from my pov |
| |
|
| ▲ | debarshri 2 hours ago | parent | prev [-] |
| The agent thing is going a bit out of hand here. |
| |
| ▲ | stopachka 2 hours ago | parent [-] | | Admittedly stateful GET requests are heretical, but it may be the future! |
|
