The situation is not as dire as it first appeared. While the messaging wasn't handled very well, where everything is settling out is good, with pluggable auth and an open source reference implementation: https://lakefs.io/blog/why-moving-acls-out-of-core-lakefs/
>You might have noticed in our documentation that Access Control Lists (ACLs) will be deprecated in an upcoming release of lakeFS OSS, scheduled for this quarter. Future versions will support only single-user access.
> While I believe this change won't impact your current use case, I wanted to reach out proactively. If you foresee any challenges with transitioning to the single-user model, please let me know. I'm more than happy to arrange a meeting to discuss and find a solution that ensures you can continue using lakeFS without disruption.
> Simultaneously, we will be adding new features to lakeFS OSS as part of this release (stay tuned!). These features will enhance the platform, though they will not focus on user management.
> Feel free to contact me if you have any concerns or would like to discuss this further.
Super annoying that such a basic feature is being removed. But they are happy to sell you a version with the same capabilities!
I'm also wondering the same thing. It has a bunch of very nice capabilities, but taking away such a basic piece of functionality to push people towards the paid options is very concerning.
I raised concerns about deficiencies of their RBAC on their Slack before and they immediately started pushing me to their enterprise offering. I thought it was a red flag but have not imagined they would stoop to this.
When we started using them they seemed like a genuine open source. Is there a term for open source traps like that? If not we need to come up with something. Trapware?
