DEV Community

Cover image for I Finally Built the Dev Opportunity Radar Website ❀️

I Finally Built the Dev Opportunity Radar Website ❀️

Hemapriya Kanagala on July 13, 2026

This is a submission for Weekend Challenge: Passion Edition πŸ“Œ TL;DR I found this challenge on the very last day, so I knew I probably wouldn't f...
Collapse
 
omarafifi profile image
Omar Afifi

Congratulations on the launch, @hemapriya_kanagala πŸŽ‰
What you’ve managed to build in such a tight timeframe is incredibly inspiring. Turning your weekly editions into a centralized, searchable hub is a massive value-add for the communityπŸ‘
Looking forward to Edition #8 this FridayπŸ™Œ

Collapse
 
hemapriya_kanagala profile image
Hemapriya Kanagala

Thank you so much, Omar! That really means a lot πŸ˜€

One of the biggest reasons I wanted to build the website was exactly that, to make it much easier for people to rediscover opportunities from previous editions instead of searching through multiple posts. I'm really glad that came across.

And thank you for following the series! Looking forward to sharing Edition #8 with everyone this Friday.

Collapse
 
dannwaneri profile image
Daniel Nwaneri

The way you wrote "even if this submission isn't eligible, I'm genuinely grateful" . That's a rough place to build from, finding out on the last day. But you still gave Dev Opportunity Radar a real home instead of letting it wait another few weeks and that's yours regardless of what the judges do with it. Edition #8 this Friday, see you there πŸ’™

Collapse
 
hemapriya_kanagala profile image
Hemapriya Kanagala

Thank you so much, Daniel! That really means a lot 🧑

I won't lie, I was disappointed when I realized I'd found the challenge so late, but looking back I'm actually glad it happened because it finally pushed me to build something I'd been putting off for weeks.

No matter what happens with the challenge, I'm just happy I finally built the website and that it can keep growing alongside the series.

And yes, see you this Friday for Edition #8 πŸ˜€

Collapse
 
dannwaneri profile image
Daniel Nwaneri

πŸ‘ŠπŸ‘Š

Collapse
 
webdeveloperhyper profile image
Web Developer Hyper

Congratulations on the launch of Dev Opportunity Radar! πŸŽ‰ It's amazing that you built it in such a short time. I hope it will be used by even more people!

Collapse
 
magopredator profile image
Fenix

Nice work shipping a real home for the series instead of letting it wait another few weeks. A few
pointers from one builder to another if you keep iterating:

- The site is currently a Google AI Studio prototype on a *.ai.studio domain. That subdomain is
Google's, not yours, so it can disappear if they retire the project β€” consider exporting it and hosting
it on your own repo + a stable host so the archive survives long-term.
- The deployed page sends script-src 'self' 'unsafe-inline' 'unsafe-eval'. The unsafe-eval +
unsafe-inline combo is risky: if any curated content ever gets a script injected, the browser will
happily run it. Tightening that CSP (drop unsafe-eval, use hashes/nonces) is a quick, high-value
hardening step.
- I didn't see a public repo linked. For a community project it helps a lot to publish the source so
others can audit what the AI generated and contribute fixes.

On that last point: it's worth running the code through a static analyzer before each release. Free
options like SonarCloud (quality + security gates) or Bandit (for Python) catch whole classes of issues
automatically. Tools like Repomapper can also scan a repo for weaknesses. None of it replaces review, but
it catches the boring stuff fast. Keep going β€” Edition #8 πŸ’™
Enter fullscreen mode Exit fullscreen mode

"Thanks so much for the detailed feedback and the encouraging words! I really appreciate you taking the time to review the setup. Your pointers on exporting the project from AI Studio to a stable host and tightening the CSP make total sense to avoid long-term risks. I'll definitely look into integrating a static analyzer like SonarCloud or Bandit for future releases too. Thanks for helping make Edition #8 better! πŸ’™"

  1. CΓ³mo corregir la CSP (unsafe-eval y unsafe-inline)El problema principal es que unsafe-inline permite ejecutar cualquier script escrito directamente en el HTML, y unsafe-eval permite crear cΓ³digo desde texto (lo que abre la puerta a inyecciones XSS). Para solucionarlo de forma rΓ‘pida:Elimina las directivas arriesgadas: Modifica tu configuraciΓ³n de Content Security Policy (CSP) retirando 'unsafe-inline' y 'unsafe-eval' de la secciΓ³n script-src.Usa Hashes o Nonces: Si necesitas ejecutar algΓΊn script en lΓ­nea imprescindible, aΓ±ade un hash criptogrΓ‘fico (como sha256-ValorBase64...) o un atributo nonce aleatorio generado por sesiΓ³n en la etiqueta del script, declarΓ‘ndolo explΓ­citamente en tu CSP.Formato en Meta Tag (Frontend): Si manejas la CSP desde tu HTML estΓ‘tico, el formato corregido deberΓ­a lucir similar a esto:html
    Usa el cΓ³digo con precauciΓ³n.Formato en Servidor (Recomendado): Lo ideal es inyectarlo directamente como una cabecera HTTP de respuesta desde tu proveedor de alojamiento:httpContent-Security-Policy: default-src 'self'; script-src 'self';
    Usa el cΓ³digo con precauciΓ³n.

  2. Recomendaciones de hospedaje gratuito y establePara migrar tu proyecto fuera de la infraestructura temporal de Google AI Studio y asegurar que el archivo sobreviva a largo plazo, estas opciones son las mΓ‘s fiables, gratuitas y fΓ‘ciles de integrar con un repositorio de GitHub:Vercel: Excelente si estΓ‘s utilizando frameworks modernos de frontend (como Vite o Next.js). Ofrece despliegues automΓ‘ticos al hacer push a tu rama principal, HTTPS nativo y configuraciones de seguridad muy sencillas.Netlify: Una alternativa fantΓ‘stica a Vercel para proyectos estΓ‘ticos o aplicaciones web estructuradas en JavaScript. Permite inyectar cabeceras personalizadas de CSP muy fΓ‘cilmente mediante un archivo netlify.toml.GitHub Pages: Si tu sitio es puramente HTML, CSS y JavaScript estΓ‘tico, alojarlo directamente en el mismo repositorio de GitHub del proyecto comunitario es la opciΓ³n mΓ‘s transparente para que otros puedan auditar el cΓ³digo fuente y colaborar.

Collapse
 
magopredator profile image
Fenix

Y en modo oscuro es muy recomendable, porque yo por ejemplo solo me gusta el modo oscuro...para evitar tanto brillo y tanta exposicion a la luz azul. Gracias y felicidades nuevamente. Aloha :)

Collapse
 
hemapriya_kanagala profile image
Hemapriya Kanagala

Thank you so much, Fenix!

I really appreciate you taking the time to explore the website and write such a detailed review. Feedback like this is incredibly helpful, especially since this is only the first version.

You've brought up several good points. I was already planning to move it to its own GitHub repository, and your suggestions around hosting and security have given me a few more things to look into as I continue improving the project.

And thank you for mentioning dark mode too! I was actually working on it today. If I manage to finish it soon, I'll come back and leave another comment under this thread to let you know.

Thanks again for all the thoughtful suggestions and encouragement. It really means a lot. Aloha πŸ˜€

Thread Thread
 
magopredator profile image
Fenix

:D

Collapse
 
hemapriya_kanagala profile image
Hemapriya Kanagala

I'd love your feedback on the website πŸ’™

Whether it's something you liked, something that felt confusing, or a feature you think would make it more useful, please let me know. This is only the first version, and I'd love to keep improving it with the community's suggestions.

Thanks again for taking the time to check it out!

Collapse
 
javz profile image
Julien Avezou

Amazing! Congratulations! Looking forward to the next edition.