Skip to content
Rarebit One RAREBIT ONE Automation Farm

// the commons

OPEN SOURCE FROM THE AUTOMATION FARM

A suite of production-grade, secure-by-default Rails 8 engines and gems — extracted from real applications and published for reuse.

Authentication & Identity

05

StandardId

Ruby gem v0.20.1

A comprehensive authentication engine for Rails 8.

A complete, secure-by-default auth solution built on Rails' own security primitives. Dual-engine architecture cleanly separates cookie-based web auth (/) from JWT-based API auth (/api), with OAuth 2.0 / OpenID Connect, passwordless email & SMS OTP, and STI-backed session management.

  • Full OAuth 2.0 + OIDC with PKCE enforcement and client-secret rotation
  • Hardened passwordless OTP with enumeration defense and atomic attempt tracking
  • Polymorphic multi-tenant OAuth clients with audit trail
  • Decoupled event system via ActiveSupport::Notifications
  • Optional Inertia.js integration for React/Vue/Svelte SPAs
View source

StandardId · Google

Ruby gem v0.3.0

Google Sign In as an opt-in plugin for StandardId.

A standalone provider gem that adds Google OAuth without bloating the core engine. Auto-registers with StandardId's configuration block on require.

View source

StandardId · Apple

Ruby gem v0.4.0

Apple Sign In as an opt-in plugin for StandardId.

Adds Apple login independently of the core engine, configured with team/key/client credentials and coordinated through a standardized provider interface.

View source

StandardId · Provider

Ruby gem v0.2.0

Scaffolding for building StandardId provider plugins.

The base framework and conventions behind the Google and Apple providers — a blueprint that keeps third-party integrations consistent and enables an extensible provider ecosystem.

View source

StandardSingpass

Ruby gem v0.1.0

Singpass MyInfo (FAPI 2.0) client for Rails.

A library-only gem packaging the hard parts of integrating with Singapore's national digital identity service — including native ECDH-ES JWE decryption that the upstream jwt gem does not support. Deliberately owns no routes, models, or UI; the host app keeps full control of persistence and presentation.

  • FAPI 2.0 OAuth with PKCE, DPoP, and private_key_jwt
  • JWS verification with JWKS caching and one-shot rotation retry
  • Person-data parser covering 40+ fields across identity, income, employment, housing, and assets
  • Optional circuit-breaker integration for network resilience
View source

Reliability & Observability

03

StandardCircuit

Ruby gem v0.2.0

Circuit breaker primitives for Rails, built on stoplight.

Wraps stoplight with an opinionated error taxonomy that distinguishes tracked network failures from caller/config errors, plus SDK-specific adapter bundles for Stripe, AWS, Faraday, and SMTP.

  • Built-in Logger, Sentry, and Metrics subscribers
  • ActiveStorage per-S3-bucket keying and ActionMailer wrappers
  • Controller concern returning standardized 503s for orchestrator probes
  • RSpec helpers force_open and force_closed with auto-cleanup
View source

StandardHealth

Ruby gem v0.4.0

Drop-in health checks and environment auditing for Rails 8.

A mountable engine exposing /health/alive, /health/ready, and /health/diagnostics/env. Ships checks for ActiveRecord, SolidQueue, and SolidCache, with a DSL for declaring required/recommended env vars.

  • Pluggable custom checks via inheritance
  • Per-check criticality flips overall readiness status
  • EnvSpec DSL with predicates, mode aliases, and consumed-by pointers
  • HTTP 503/200 semantics matching standard probe conventions
View source

StandardAudit

Ruby gem v0.5.0

Database-backed audit logging via Rails events.

Captures audit events into a dedicated table using GlobalID polymorphic references — no foreign keys, no schema coupling. Subscribes to Rails.event on Rails 8.1+ with an ActiveSupport::Notifications fallback, and wires to StandardId with zero direct references between the gems.

  • Composable scope queries for_actor, for_target, by_event_type
  • Async processing with retry caps
  • GDPR anonymization and data export
  • Automatic stripping of sensitive keys including passwords and tokens
View source

Data Patterns

01

StandardLedger

Ruby gem v0.4.0

Immutable journal entries with declarative aggregate projections.

Captures the recurring append-only entry → N projection updates pattern as a DSL on host ActiveRecord models, with idempotency enforced by unique index and deterministic log replay.

  • Five projection modes: inline, async, sql, matview, trigger
  • rebuild! replays the entry log; refresh! handles ad-hoc matview refresh
  • Pure SQL projections using UPDATE ... FROM with no Ruby-side handler
  • doctor rake task validates host-owned Postgres triggers
View source

open source philosophy

The commons is part of the machine.

Rarebit One earns a living by building systems for clients. Whenever possible, the general-purpose parts are extracted, hardened, documented, and released back to the commons.

// the flow of value

  1. Client Problems
  2. Automation Farm
  3. Reusable Components
  4. Open Source Archive