DEV.co
Open-Source DevOps · middlewarehq

middleware

Middleware is an open-source DORA metrics platform that helps engineering teams measure deployment frequency, lead time, mean time to restore, and change failure rate. It integrates with CI/CD tools and provides dashboards to visualize software delivery performance.

Source: GitHub — github.com/middlewarehq/middleware
1.6k
GitHub stars
167
Forks
TypeScript
Primary language
Apache-2.0
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositorymiddlewarehq/middleware
Ownermiddlewarehq
Primary languageTypeScript
LicenseApache-2.0 — OSI-approved
Stars1.6k
Forks167
Open issues39
Latest release0.3.1 (2025-05-30)
Last updated2026-06-08
Sourcehttps://github.com/middlewarehq/middleware

What middleware is

TypeScript-based full-stack application (frontend, API server, sync server) with PostgreSQL and Redis backends, deployable via Docker. Calculates DORA metrics by integrating with CI/CD systems and project management platforms.

Quickstart

Get the middleware source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/middlewarehq/middleware.gitcd middleware# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Engineering Leadership Metrics & Visibility

Track four key DORA metrics across teams to identify bottlenecks, measure deployment velocity, and make data-driven decisions on process improvements.

DevOps & CI/CD Pipeline Optimization

Monitor lead time and deployment frequency to optimize build pipelines, identify staging delays, and improve time-to-production for incremental deployments.

Incident Response & Reliability Tracking

Measure mean time to restore and change failure rate to improve incident response processes and reduce production incidents over time.

Implementation considerations

  • Docker and 16 GB minimum RAM recommended for local development; ensure containerization infrastructure is in place before pilot.
  • Requires integration with existing CI/CD pipelines and version control systems; scope data connectors and authentication setup upfront.
  • Database schema and configuration managed via Docker volumes; plan for persistent storage, backup, and migration strategies.
  • Early-stage project (v0.3.1) with active development; monitor releases for breaking changes and plan upgrade cycles accordingly.
  • DORA metric calculations depend on consistent commit/deployment data; ensure source systems provide reliable, complete git and deployment logs.

When to avoid it — and what to weigh

  • Highly Proprietary CI/CD or Niche Platforms — Integration support appears focused on common CI/CD tools; if your stack uses proprietary or very specialized systems, integration may require custom development.
  • Zero Operational Overhead Requirement — Requires Docker, PostgreSQL, and Redis infrastructure management. Self-hosted deployment demands DevOps capacity; not a pure SaaS offering.
  • Enterprise-Grade Security or Compliance Mandates — Project does not document security certifications, penetration testing, or compliance frameworks (SOC 2, ISO 27001, etc.). Requires security review before high-compliance use.
  • Minimal Code Maturity Requirement — Project created April 2024 and at version 0.3.1; still in active development with 39 open issues. Production adoption should factor in rapid iteration and potential breaking changes.

License & commercial use

Licensed under Apache License 2.0 (Apache-2.0), a permissive OSI-approved open-source license allowing commercial use, modification, and distribution with minimal restrictions (requires attribution and inclusion of license notice).

Apache-2.0 explicitly permits commercial use. However, if you distribute or modify the software, you must retain license notices and document changes. For SaaS deployment or bundling with proprietary software, consult internal legal review to ensure compliance with notice and attribution obligations.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationAdequate
License clarityClear
Deployment complexityModerate
DEV.co fitGood
Assessment confidenceHigh
Security considerations

Project includes security guidelines section (referenced in TOC but not shown in excerpt). No public security audits, certifications, or disclosed vulnerability tracking mentioned. Docker deployment exposes multiple ports (3333, 9696, 9697); network isolation required. PostgreSQL and Redis credentials visible in documentation examples; production environment must use secrets management. Recommend security review and penetration testing before handling sensitive deployment or incident data.

Alternatives to consider

Velocity (by LinearB)

Commercial SaaS with enterprise security, compliance certifications, and advanced analytics. Preferred if you need managed service, dedicated support, and audit-ready infrastructure.

Haystack (by Getdbt)

Focuses on data pipeline metrics and observability; better for data engineering teams. Not a general DORA platform.

Jellyfish

SaaS engineering intelligence platform with DORA metrics, team insights, and skills mapping. Choose if you want integrated workforce analytics and cloud-native simplicity.

Software development agency

Build on middleware with DEV.co software developers

Evaluate Middleware for engineering leadership insights, or explore commercial alternatives if you require managed infrastructure, compliance certifications, or dedicated support.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

middleware FAQ

Does Middleware support our CI/CD platform?
README lists 'integration with various CI/CD tools' but does not enumerate them. Review the documentation or GitHub issues for a definitive compatibility matrix before committing.
Can we deploy Middleware on Kubernetes?
Not clearly stated. Docker Compose and Docker run examples are provided, but Kubernetes manifests or Helm charts are not mentioned. Custom containerization likely required.
What happens to our DORA data if we stop the container?
Data persists in Docker volumes (middleware_postgres_data, middleware_keys). Stopping the container preserves data; deleting volumes erases all stored metrics and configuration.
Is there a commercial support or SaaS offering?
The project is open-source with a community Slack. Commercial support, hosted SaaS, or enterprise service is not mentioned in the GitHub repo; contact middlewarehq.com for details.

Work with a software development agency

Need help beyond evaluating middleware? DEV.co is a software development agency offering software development services and web development for teams of every size. Our software developers and web developers build custom software, web applications, APIs, and open-source devops integrations — and maintain them long-term.

Ready to measure your team's delivery performance?

Evaluate Middleware for engineering leadership insights, or explore commercial alternatives if you require managed infrastructure, compliance certifications, or dedicated support.