A few months ago I pasted a .env file into a random online converter. Got my output, moved on. It wasn't until later that it actually hit me: that file had a real database password in it. I'd just sent production credentials to a server I knew nothing about, run by someone I'd never heard of.
I checked a few other tools I used regularly. Most of them worked the same way. Thin frontend, backend doing the actual processing, no clear answer on what happens to your input after you get your result back.
So I just built my own versions. Started with the env converter since that's what triggered it. Then added a crontab to systemd converter because I kept needing that too. Then a CIDR calculator, a PII log scrubber, a CSV to JSON Schema builder. Everything runs entirely in the browser, nothing leaves your machine, you can verify it yourself by opening the network tab or just going offline mid-session.
Shared it with a couple of friends who do similar work. Both said they'd actually use it. So I cleaned it up and put it online properly.
Still early, no users to speak of yet. But it's live at configdev.com if anyone wants to check it out or tell me where the client-side claim breaks down.
Happy to share more about how any of the tools work if there's interest.
For further actions, you may consider blocking this person and/or reporting abuse
Top comments (0)