Hardcoded keys by default - https://github.com/CloudBoost/cloudboost/blob/8ca349b53a7a9c..., committed to git
Images being hotlinked off free icon sites - https://github.com/CloudBoost/cloudboost/blob/8ca349b53a7a9c...
Outdated versions of frameworks, like https://github.com/CloudBoost/cloudboost/blob/0242a7433fe327...
Hardcoded CSS styles all over - https://github.com/CloudBoost/cloudboost/blob/0242a7433fe327...
It's also requesting Redis 3.0 on readme, when stable is 4.0 - a full major version behind, and the vast majority of commit messages are things like "fix [something]" or "cleanup" or "staging",
I am normally not picky, and especially not if it's a personal project, but this appears to be a company with a commercialised product not meeting basic minimum standards - I don't see tests, I see public slack API tokens committed to the repo...
They definitely do not have "50000" companies using this and are probably just using stolen logos on the (broken) homepage.
Code quality is quite possibly some of the absolute worst I've seen...