Sapnesh Naik

We've identified a security incident that involved unauthorized access to certain internal Composio systems, impacting a limited number of customers. We will share more as we learn more. Please see our security bulletin: composio.dev/blog/composio-…

If your team has been affected by the recent @composio security incident, and your integrations are currently down, I wanted to let you know: we're here to help. At @nangohq, we opened up more call slots this week to help affected teams migrate to Nango and get back online. Reach out any time: nango.dev/demo I also want to acknowledge the Composio team. Working through something like this under public scrutiny is incredibly tough. I hope they get to a full resolution soon.

If your team has been affected by the recent @composio security incident, and your integrations are currently down, I wanted to let you know: we're here to help. At @nangohq, we opened up more call slots this week to help affected teams migrate to Nango and get back online. Reach out any time: nango.dev/demo I also want to acknowledge the Composio team. Working through something like this under public scrutiny is incredibly tough. I hope they get to a full resolution soon.

If your team has been affected by the recent @composio security incident, and your integrations are currently down, I wanted to let you know: we're here to help. At @nangohq, we opened up more call slots this week to help affected teams migrate to Nango and get back online. Reach out any time: nango.dev/demo I also want to acknowledge the Composio team. Working through something like this under public scrutiny is incredibly tough. I hope they get to a full resolution soon.

If your team has been affected by the recent @composio security incident, and your integrations are currently down, I wanted to let you know: we're here to help. At @nangohq, we opened up more call slots this week to help affected teams migrate to Nango and get back online. Reach out any time: nango.dev/demo I also want to acknowledge the Composio team. Working through something like this under public scrutiny is incredibly tough. I hope they get to a full resolution soon.

If your team has been affected by the recent @composio security incident, and your integrations are currently down, I wanted to let you know: we're here to help. At @nangohq, we opened up more call slots this week to help affected teams migrate to Nango and get back online. Reach out any time: nango.dev/demo I also want to acknowledge the Composio team. Working through something like this under public scrutiny is incredibly tough. I hope they get to a full resolution soon.

If your team has been affected by the recent @composio security incident, and your integrations are currently down, I wanted to let you know: we're here to help. At @nangohq, we opened up more call slots this week to help affected teams migrate to Nango and get back online. Reach out any time: nango.dev/demo I also want to acknowledge the Composio team. Working through something like this under public scrutiny is incredibly tough. I hope they get to a full resolution soon.

If your team has been affected by the recent @composio security incident, and your integrations are currently down, I wanted to let you know: we're here to help. At @nangohq, we opened up more call slots this week to help affected teams migrate to Nango and get back online. Reach out any time: nango.dev/demo I also want to acknowledge the Composio team. Working through something like this under public scrutiny is incredibly tough. I hope they get to a full resolution soon.

SOMEONE OPEN SOURCED THE INTEGRATIONS LAYER EVERY SAAS COMPANY HAS BEEN PAYING $50,000 A YEAR TO RENT. It's called Nango. And it just made the entire "unified API" industry look like a tax on developers. 700+ APIs. Salesforce, HubSpot, Slack, Notion, Gmail, GitHub, Stripe, Jira, Linear. Every OAuth flow, every token refresh, every rate limit, every retry. Handled. The thing companies like Merge.dev charge $40K-$100K/year to manage? Sitting on GitHub. 7.4K stars. 726 forks. 6,418 commits. Already used in production by Replit, Ramp, and Mercor. Here's what it actually does: → Managed OAuth for 700+ APIs out of the box → One proxy call to authenticate to any API → Write TypeScript integration functions, deploy to their runtime → AI builder generates the integration code from a natural language prompt → Built-in retries, rate limit handling, per-tenant isolation → Works with Claude Code, Cursor, Codex, MCP, LangChain → Self-hostable for free → SOC 2 Type II, HIPAA, GDPR compliant The pitch that should make every founder uncomfortable: You give it a description like "sync GitHub issues to my database every 5 minutes." It writes the TypeScript. You read it. You edit it. You ship it. It is not a black box. It is not a wrapper. It is readable code you own and version control. Here's the wildest part: The "unified API" startups raised hundreds of millions of dollars selling exactly this. Closed source. Per-API pricing. Per-customer pricing. Limits on calls. Limits on integrations. Nango ships the same primitive under the Elastic License. Self-host the core for $0. Pay them only if you want their cloud and enterprise features. 189 releases. Latest one on May 15, 2026. Still shipping aggressively. One honest note: the license is Elastic, not MIT. You can self-host and use it commercially, but you cannot resell it as a competing service. For 99% of teams building integrations into their product, that restriction does not matter. Every B2B SaaS company in the world has a Jira-style "we connect to your tools" page. Most of them paid an "integration platform" half a million dollars to build it. This repo is the thing those platforms are quietly running underneath. Link in the first comment.