Automic VaultAutomic Vault

brew

Install spicedb with Homebrew, Nix

Open Source, Google Zanzibar-inspired database. Version 1.54.0 via Homebrew; verified 2026-06-19.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install spicedb

local Homebrew formula metadata

Linux

Nixverified · 92%
nix profile install nixpkgs#spicedb

nixpkgs package indexes · pkgs/by-name/sp/spicedb/package.nix · source: api.github.com

overview

Package summary

Open Source, Google Zanzibar-inspired database

Commands and aliases

  • spicedb

history

Project history and usage

SpiceDB is AuthZed's open source, Google Zanzibar-inspired permissions database. It stores relationship data and answers authorization questions for applications that need centralized, fine-grained access control.

Project history

AuthZed's official history says its founders left Red Hat in August 2020, built an API-complete Zanzibar implementation called Arrakis in Python the next month, rewrote the idea in Go as Caladan in March 2021, and open-sourced it in September 2021 as SpiceDB. GitHub records the authzed/spicedb repository as created in August 2021, and the first v1.0.0 GitHub release was published on September 30, 2021.

Adoption history

SpiceDB grew with the broader interest in relationship-based access control and Zanzibar-style authorization outside large platform companies. Its README presents it as a centralized service for product suites and microservice architectures, and the official docs emphasize Kubernetes operation, gRPC and HTTP APIs, client libraries, schema validation, and datastore choices such as PostgreSQL, MySQL, CockroachDB, Spanner, and in-memory storage.

How it is used

Developers define a schema, write relationships, and use client libraries or APIs to check permissions. Operators run the spicedb binary or container with flags, environment variables, Kubernetes operator configuration, or a spicedb.env dotenv file, then connect it to a datastore for production use.

Why package nerds care

SpiceDB matters to package and CLI users because it packages a once-proprietary class of infrastructure as a downloadable binary, container image, and Homebrew formula. It is one of the modern examples where local CLI experimentation, Docker examples, Kubernetes operators, and security-sensitive production service packaging all describe the same tool.

Timeline

  • 2020: AuthZed founders begin the first Zanzibar-inspired implementation after leaving Red Hat.
  • 2021: The project is rewritten in Go and open-sourced as SpiceDB.
  • 2021: SpiceDB v1.0.0 is released on GitHub.
  • 2026: SpiceDB remains actively released, with v1.54.0 published in June 2026.

Related projects

  • Google Zanzibar is the main design inspiration.
  • AuthZed Cloud is the managed product around the SpiceDB ecosystem.
  • Open Policy Agent is documented as a comparison/migration reference in the official docs.
  • The SpiceDB Kubernetes Operator manages SpiceDB clusters in Kubernetes.

security posture

No protected-tool coverage found yet

No matching local secret-handling manifest was found for spicedb. Nucleus package metadata is still published here so future coverage has a stable package URL.

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 6 platform targets.
  • Build metadata lists 1 build dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Configuration files

Config paths the tool may read or write during local use.

Unix
spicedb.env

executables

Installed executables

CommandKindExposureNote
spicedbcliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version1.54.0
manager updated2026-06-19
local dataok
upstreamcurrent
latest detectedv1.54.0

https://github.com/authzed/spicedb

  • okNo freshness warnings were generated.

install metadata

Package metadata

Package keybrew:spicedb
Version1.54.0
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/spicedb
Homepagehttps://authzed.com/docs/spicedb/getting-started/discovering-spicedb
Repositoryhttps://github.com/authzed/spicedb
Upstream docshttps://authzed.com/docs/spicedb/getting-started/discovering-spicedb
LicenseApache-2.0
Source archivehttps://github.com/authzed/spicedb/archive/refs/tags/v1.54.0.tar.gz
Last updated2026-06-19T00:41:23Z
Pulseupdated
Build dependenciesgo
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namespicedb
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Nix95%

spicedb

nix profile install nixpkgs#spicedb
  • normalized package name match
  • Matched by: Spicedb
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/sp/spicedb/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated configuration and credential file locations
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment