April 2026 Update: Biggest month for Open Source, onboarding more customers & getting existing ones to the finish line

April 2026 marked our biggest month yet for open source contributions, building on the momentum we’ve been carrying throughout the year.

What started as an internal initiative to contribute more actively to Open Source and share our learnings is now becoming a consistent part of how we operate as an engineering team.

This month, we opened 31 pull requests across multiple repositories and got 15 of them merged — our highest output so far, and a strong signal that the team is growing more confident contributing to production-grade systems at scale.

Open Source Contributions

Continuing our focus on meaningful contributions, our work this month spanned across developer tooling, CLI improvements, and production systems.

Gemini CLI

We continued improving the reliability of Gemini CLI, this time focusing on a workflow friction point that affected developers using interactive tools:

• Fixed session-based permissions not persisting for interactive edit tools, eliminating repetitive approval prompts that interrupted developer flow

Small fix, significant quality-of-life improvement for anyone running extended sessions with Gemini CLI.

Open Mercato

A significant portion of our contributions this month went into Open Mercato, spanning system correctness, UX, and security:

• Fixed a 500 error when creating Business Rules without conditions, paired with proper error handling to surface failures cleanly

• Added date and datetime as new custom field types, complete with a datepicker UX, filtering, and sorting support

• Built an email-based user invitation flow that allows admins to onboard users without requiring a password at the point of creation

• Fixed a misplaced "Blocked" checkbox in the TODO form and prevented field duplication inside CrudForm

• Replaced plaintext token storage with SHA-256 hashes across all four bearer token types — a meaningful improvement to how sensitive credentials are handled at rest

While many of these changes might seem small individually, they directly improve system reliability and security posture in production environments.

Plane

In Plane, we contributed an improvement to how work items are filtered and tracked:

• Added a "Completed at" filter for work items and fixed a date filter bug that was returning empty results

AFFiNE

Our contributions to AFFiNE this month covered both correctness and editor experience:

• Fixed keyboard shortcut conflicts caused by locale-specific Alt+Meta key combinations

• Made row and column sorting deterministic when items share the same order value — previously, items with identical values would sort inconsistently

• Added a hover "add block" button in page mode for quicker paragraph insertion

• Removed the height limit on Mermaid diagram previews in code blocks, so complex diagrams no longer get clipped

• Fixed bullet arrow methods causing unintended increases in graph persistence

• Fixed database table header filters disappearing when positioned at the top of the viewport

• Fixed Polish language support in the notepad

Apache Superset

In Superset, we addressed several UI and rendering issues that were affecting usability:

• Fixed a hidden CSS editor tool that wasn't surfacing in the UI

• Fixed broken arrows in graph preset input fields

• Fixed a logo prefix duplicating after Docker deployments

• Fixed single-data bar graph rendering

• Fixed a language configuration crash on app install for different locales

ComfyUI

We resolved three separate node-level bugs in ComfyUI:

• Fixed the Load Image from Outputs node returning a "Not Found" error

• Fixed the Join Image with Alpha node returning only a single image for batch inputs instead of the full set

• Fixed a ValueError thrown when converting float NaN values to integer

Zulip

In Zulip, we fixed a layout inconsistency that was affecting the search experience:

• Fixed search bar spacing issues when chips wrapped onto a second row

LibreChat

We contributed a fix that directly improves cross-platform content workflows:

• Fixed AI-generated table copy-paste into Google Sheets and bold text formatting into Google Docs — both had been broken due to how LibreChat was serializing clipboard content

Rocket.Chat

In Rocket.Chat, we shipped a new feature:

• Built an image upload feature with selectable quality levels — low, medium, and high — giving users control over bandwidth and file size depending on their context

TriliumNext

Two contributions shipped in TriliumNext this month:

• A bug fix merged from a prior open PR

• Fixed a transparent background rendering issue on the code block insert dropdown

MUI X

We also contributed and merged a bug fix in MUI X, continuing our engagement with widely used component libraries that sit beneath thousands of production applications.

**What we've been publishing**

A YouTube series posted by Noor on CASA, webhooks, emails automations and schedulers

Alongside engineering work, we've continued expanding our YouTube series — this time going deeper into the infrastructure and security patterns that show up repeatedly in real production systems.

This month, Noor published four videos covering distinct but connected areas of backend and platform engineering.

The first covers CASA — Google's Cloud Application Security Assessment. Before any application can access sensitive Google APIs like Gmail, Drive, or YouTube, it has to pass a structured security review. Most teams encounter this process for the first time under deadline pressure. The video breaks down what CASA actually evaluates, which API scopes trigger a review, and what teams typically need to fix before they go through the process.

The second covers webhooks — how they actually work at their core, the distinction between inbound and outbound patterns, and why webhook-driven architectures scale significantly better than polling or scheduled sync jobs. This is one of those topics that most developers say they understand, but the production edge cases tell a different story.

The third goes into email as an automation entry point, walking through how to treat every incoming email as an API trigger for backend workflows. The architecture uses AWS SES for domain verification and email receiving, AWS SNS for scalable event broadcasting, and webhooks to connect into job scheduling and workflow execution. A single email, triggering a full backend pipeline — without any UI intervention.

The fourth covers background job processing at scale — specifically, where cron jobs start failing as systems grow, and what a dedicated job scheduler actually gives you: isolated jobs with their own retry logic, lower CPU spikes, less pressure on the database, and full visibility into job status and execution history.

You can watch the full series here:  https://www.youtube.com/@RipeSeedio

How are we growing & some successes

We are proud to announce that we onboarded some new customers this month.

One of the products we've started working on is an executive intelligence platform that makes the lives and day-to-day of C-level executives a lot easier and streamlined.

The other one is a product in retail space that helps restaurants in streamlining thier Ops.

The success story we're most proud of this month comes from the Netherlands.

Our client operates in the garden and plant retail space. Over the past several months, his business has expanded significantly — he's now partnered with some of the largest plant retailers in the Netherlands. A big part of what made that possible was the partnership infrastructure we helped him build.

At RipeSeed, we’ve always believed that engineering isn’t just about building faster.

It’s about building with clarity, conviction, and intent.

Open Source contributions, internal experimentation, and sharing honest perspectives — all of these are part of that journey.

And we’re continuing to lean deeper into it.