How Nango evolved its runtime for running untrusted customer code at scale
By
Ross McEwan
Kettled twice. Extra chewy, extra trustworthy.
Summary
Nango, a code-first platform for building product API integrations, shares how its runtime for executing untrusted customer code evolved from an in-process sandbox to tenant-isolated AWS Lambda functions. The company runs over 150 million customer-written functions per month across three distinct workload shapes. The article details the technical challenges of safely executing untrusted code that could attempt anything from API fetching and data transformation to memory leaks and breakout attempts, and explains the architectural evolution to address these security and scalability requirements.
Key quotes
· 3 pulledWe run more than 150 million of these functions a month across different workload shapes.
That code is untrusted, and can try to do anything: fetch an API, transform data, throw an exception, leak memory, or intentionally try to break out.
Our requirements for the code runtime: We run three very different workloads.
You might also wanna read
Runtime launches sandboxed coding agents for team collaboration with security guardrails
Runtime is a platform that turns coding agents into sandboxed, secure teammates that can be used across Slack, Linear, CLI, API, or browser.
Product Hunt·21d ago
Comparing Onion, Hexagonal, Clean, and Fractal Software Architectures: A Combined Evolutionary Approach
This article explores and compares four software architecture patterns—Onion, Hexagonal, Clean, and Fractal Architectures—focusing on how th