ekzhang

ekzhang/bore

Rust MIT DevOps Single maintainer risk

🕳 bore is a simple CLI tool for making tunnels to localhost

11.3k stars
514 forks
slow
GitHub +13 / week

11.3k

Stars

514

Forks

15

Open issues

21

Contributors

v0.6.0 09 Jun 2025

AI Analysis

Bore is a lightweight CLI tool for exposing local TCP ports to the public internet through a remote server, bypassing NAT firewalls. It is designed as a minimal alternative to localtunnel and ngrok, built in ~400 lines of safe async Rust. Best suited for developers needing quick, friction-free local tunneling without complex configuration or heavy dependencies.

DevOps CLI Tool Discovery value: 5/10
Documentation 8/10
Activity 6/10
Community 8/10
Code quality 7/10

Inferred from signals mentioned in the README (tests, CI, type safety) — not a review of the actual code.

Overall score 8/10

AI's overall editorial judgment — not an average of the bars above, can weigh other factors too.

tcp-tunneling localhost-exposure rust-cli nat-traversal self-hosted
Actively maintained Well documented MIT licensed Niche/specialized use case Beginner friendly Production ready
Deep Analysis · Based on README and public signals
2w ago

bore: a minimal Rust TCP tunnel for exposing localhost ports through NAT

bore is a focused CLI tool that creates TCP tunnels from a local machine to a remote server, bypassing NAT firewalls. It targets developers who need quick, self-hostable localhost exposure without ngrok's account requirements or localtunnel's JavaScript overhead. Its value proposition is radical simplicity: ~400 lines of async Rust, a single binary for client and server, and a public endpoint at bore.pub. With 11K+ stars and packages in Homebrew, AUR, and Gentoo, it has clear developer adoption among the self-hosting and homelabber communities.

Origin

Created in April 2022 by Eric Zhang, bore emerged during a period of developer fatigue with ngrok's pricing and registration walls. It gained rapid early traction by being extremely easy to self-host and architecturally transparent.

Growth

bore spiked in stars quickly after launch, likely driven by Hacker News and Reddit exposure in 2022. Growth has since plateaued — 15 stars/week as of mid-2026 indicates a mature, stable niche tool rather than an accelerating project. Its packaging across Homebrew, AUR, and crates.io suggests organic long-tail adoption rather than viral growth.

In production

Packaged in Homebrew core, AUR, and Gentoo overlays, indicating meaningful community demand. crates.io listing (bore-cli) provides a verifiable install vector. A public hosted instance (bore.pub) is maintained. Adoption not verified at scale in enterprise or production infrastructure, but casual and hobbyist developer usage appears substantial based on packaging breadth and star count.

Code analysis
Architecture

Appears to use a client-server TCP proxy model with a dedicated control port (7835). Likely built on Tokio for async I/O. The protocol uses UUID-based connection multiplexing: the server assigns a UUID per inbound connection and the client opens a new TCP stream per UUID. This avoids complex multiplexing libraries. Optional shared-secret authentication is supported. The ~400 LOC claim in the README suggests a deliberately minimal codebase with no HTTP inspection, TLS termination, or dashboard.

Tests

not documented in README

Maintenance

Last push was February 2026, approximately 5 months before the evaluation date. Given the project's intentionally minimal scope, infrequent pushes are consistent with completeness rather than abandonment. CI badges are present and appear active. The project appears to be in a maintenance-only phase rather than active feature development, which is appropriate for a tool of this scope.

Honest verdict

ADOPT IF: you need a minimal, self-hostable TCP tunnel for development or hobbyist use, want a single binary with no account requirements, and have a server to run the bore server binary on. AVOID IF: you need HTTPS termination, HTTP inspection, team access controls, persistent named URLs, or enterprise-grade reliability — use ngrok or a managed alternative. MONITOR IF: you depend on the bore.pub public instance for anything beyond experimentation, as its long-term operational continuity is not formally guaranteed.

Independent dimensions

Mainstream potential

3/10

Technical importance

6/10

Adoption evidence

5/10

Risks
  • The bore.pub public server has no documented SLA or organizational backing; it may go offline without notice, affecting users who haven't self-hosted.
  • No TLS on the tunnel data channel by default — traffic between client and server is unencrypted, which is a security concern over untrusted networks.
  • Project appears to be in maintenance mode with no active feature development; complex use cases (UDP, HTTP-aware routing) will not be addressed.
  • Minimal authentication model (single shared secret) may be insufficient for multi-user or team self-hosted deployments.
  • Rust ecosystem dependency: users unfamiliar with Cargo may find the source-build installation path less accessible, though binary releases mitigate this.
Prediction

bore will persist as a stable, minimal utility in the developer toolbox, unlikely to grow significantly but unlikely to be abandoned. It has found a permanent niche as the 'simplest possible self-hosted tunnel.'

0 found this helpful

Newsletter

Get analyses like this every Monday

Free weekly digest of the most interesting open-source discoveries.

Languages

Rust
94.7%
Shell
4.6%
Dockerfile
0.7%

Information

Website
http://bore.pub
Language
Rust
License
MIT
Last updated
5mo ago
Created
52mo ago
Analyzed with
anthropic/claude-haiku-4-5

Stars over time

Loading…

Contributors over time

Top 100 contributors only — repos with more will plateau at 100.

Loading…

Similar repos

alebeck

alebeck/boring

The `boring` SSH tunnel manager is a lightweight CLI tool for managing SSH port...

1.7k Go DevOps
exposedev

exposedev/expose

Expose is an open-source PHP-based tunneling service that provides an...

4.6k PHP DevOps
localtunnel

localtunnel/localtunnel

localtunnel exposes local development servers to the public internet via secure...

22.4k JavaScript Dev Tools
amalshaji

amalshaji/portr

Portr is a self-hosted tunneling solution that exposes local HTTP, TCP, and...

3.1k Go Dev Tools
erebe

erebe/wstunnel

wstunnel is a Rust-based tunneling utility that routes arbitrary traffic over...

6.9k Rust Security
vs. alternatives
ngrok

ngrok is the dominant commercial solution with HTTPS support, dashboards, authentication, and managed infrastructure. bore is deliberately the opposite: no account, no frills, self-hostable. bore cannot replace ngrok in team or production contexts but wins for solo developers and CI environments where simplicity matters.

localtunnel/localtunnel

localtunnel (22K stars) is older and JavaScript-based. bore is lighter, faster to install as a binary, and self-hostable without Node.js. localtunnel has more ecosystem integrations; bore wins on operational simplicity and performance.

amalshaji/portr

portr targets teams with HTTP inspection and a web UI, making it closer to a self-hosted ngrok. bore is more minimal and lower-level. They serve overlapping but distinct audiences: portr for teams needing observability, bore for individuals needing raw TCP tunneling.

erebe/wstunnel

wstunnel wraps tunnels in WebSocket/HTTP, useful for bypassing strict corporate firewalls. bore uses plain TCP, which is simpler but may fail in environments that block non-HTTP egress. Different threat models.

cloudflare/boringtun

boringtun is a WireGuard VPN implementation, solving a fundamentally different (and broader) problem. Not a direct competitor; VPN-based approaches offer persistent network-level tunneling while bore is lightweight and ephemeral.