Comparison
What ships here vs. the alternatives.
Every row is a technical fact verifiable in the source code. No marketing fluff, no fabricated benchmarks.
| Feature | This boilerplate | ShipFast | Makerkit | Supastarter |
|---|---|---|---|---|
| Compliance moat (WORM audit chain) Append-only hash chain + RLS + BEFORE DELETE trigger (migration 0016-audit-chain) | ✅ | ❌ | ❌ | ❌ |
| Postgres RLS multi-tenancy Row-Level Security enabled per-org (migration 0030-RLS + RLS.ts) | ✅ | ❌ | ⚠️ | ✅ |
| LLM admin (cost / prompts / budgets) Per-org daily/monthly spend caps, versioned prompt registry, usage ledger (migration 0017-llm) | ✅ | ❌ | ❌ | ❌ |
| Multi-payment provider (Stripe + Polar + Paddle toggle) PAYMENT_PROVIDER env — Stripe + Polar shipped; Paddle adapter planned | ✅ | ⚠️ | ⚠️ | ⚠️ |
| Multi-jobs provider toggle (Inngest + CF Queues + Trigger.dev) JOBS_PROVIDER env — Inngest active; CF Queues + Trigger.dev documented | ✅ | ❌ | ❌ | ❌ |
| Privacy data export + 30-day deletion grace requestDataExport() + requestAccountDeletion() + cron hard-delete (migration 0014) | ✅ | ❌ | ⚠️ | ⚠️ |
| Audit-grade webhook idempotency Idempotency-Key header contract + 24h TTL cache (migration 0019-idempotency) | ✅ | ❌ | ❌ | ❌ |
| i18n (en/fr) ready next-intl with full en + fr locale files; routing via [locale] segment | ✅ | ❌ | ✅ | ✅ |
| PostHog Surveys + dashboard tour disable_surveys: false wired + Driver.js DashboardTour shipped | ✅ | ❌ | ❌ | ❌ |
| Better Auth (passkeys, 2FA, magic link, orgs/teams) Better Auth v1 — credentials/session path, TOTP enrollment, magic-link surface, and org/team-ready schema | ✅ | ❌ | ❌ | ❌ |
| Cookie consent + WAF rules + security.txt C15t cookie consent + CF WAF documented + /.well-known/security.txt (RFC 9116) | ✅ | ⚠️ | ⚠️ | ⚠️ |
Information collected from each project’s public docs as of 2026-04, subject to change. ✅ = shipped & documented in the repo. ⚠️ = partial or manual setup required. ❌ = not shipped.
See pricing