Appsmith vs Speakeasy
Side-by-side trajectory, velocity, and editorial themes.
Appsmith spent six months in a sustained security-patch cycle, capped by a release with 15+ named advisories.
Appsmith's recent release stream is dominated by security work. v1.99 alone landed roughly fifteen security-tagged fixes — multiple named GHSAs (super-user race condition, SSRF via send-test-email, OAuth2 callback ACL bypass, application snapshot delete permission, expanded metadata denylist), critical CVE patches (CVE-2025-70952, CVE-2026-33937 in handlebars, CVE-2026-22732 around Spring Security headers), AQL injection prevention in the ArangoDB plugin, and several reflected XSS and email-normalization fixes. The same pattern repeats in v1.98 (SQL injection in UQI filters, simple-git critical CVE), v1.96 (arbitrary file write outside repo scope, OS command injection in in-memory Git, XSS in Table HTML cells), and earlier. Feature work continues alongside but at a much smaller volume — Redis TLS, BetterBugs SDK, Favorite Applications V2, Helm extraVolumes.
The arc is clear: Appsmith is absorbing the output of what looks like a sustained external audit (or several converging ones) and using minor releases as the patch vehicle. The diversity of vuln classes across the ArangoDB plugin, Spring Security headers, OAuth2 callback, in-memory Git, snapshot deletion permissions, and metadata denylist points to a broad-surface review rather than a single component. Feature work isn't stalled, but it's clearly running second to the security queue.
Expect at least one or two more 1.9x releases to keep landing security patches before a 2.0 line emerges. Watch for a release that bundles fewer security items than features — that's the signal the audit cycle has caught up. Likely product-side bets are continued data-source TLS coverage and more granular permission scoping (the GHSAs around snapshots and OAuth2 lookup suggest the permission model is being tightened systematically).
Speakeasy's Gram is shipping daily — multi-MCP chat, Codex hooks, and long-running assistants in one week.
Speakeasy's Gram platform is moving at multiple-releases-per-day cadence across two trains. The Platform train has shipped issuer-gated OAuth from the playground, release-stage badges, OpenRouter credit monitoring with auto-reconciliation, a v2 assistant runtime foundation, hook telemetry attribution in Datadog, Codex (OpenAI) hooks support, OTEL forwarding to customer destinations, Slack Block Kit with interactive replies, and a full migration to WorkOS-native auth. The Elements train added multi-MCP server chat configuration with namespaced tool merging, and a resilience fix so a failing MCP server doesn't wipe out tools from healthy ones in the same chat. Long-running assistants gained token-aware context compaction, self-wake triggers, and long-term memory via vector embeddings.
Gram is being built as an MCP-native assistant platform — every release reads like infrastructure for assistants that compose many MCP servers, run for a long time, recover from failures, and integrate with enterprise auth and telemetry. The architectural choices (multi-MCP merging with namespacing, per-assistant Fly apps, OTEL forwarding, WorkOS) say the target buyer is a platform team building real production agents, not a tinkerer. Self-healing chat history, credit-exhaustion 402 responses, and per-server failure isolation are the kinds of features that only matter at scale — Speakeasy is building for that scale already.
Expect Gram to formalize its v2 assistant runtime in the next sprint, add usage-based pricing tied to OpenRouter credits and Fly machine-hours, and ship deeper MCP server lifecycle tooling (version pinning, canary deploys for new tool versions). A managed MCP server catalog is a plausible adjacency given how much of the platform already presumes multi-MCP composition.
See more alternatives to Appsmith →
See more alternatives to Speakeasy →