Wow! This is great stuff! Really appreciate you taking the time to lay this out.
I get your point: in high-stakes, security-conscious environments like yours, needing a persistent internet connection is a non-starter. Your two conditions (sync only on verified safe networks + trusted server endpoints) are a clear, actionable framework I hadn’t articulated so well before-thank you.
Cheers for calling out the muddiness around purpose. I started this as a tool to scratch a personal itch, but I’ve been deliberately open-ended in trying to understand where others see value. Still, the lack of clarity does become friction-especially when account creation is required up front. I’ll be rethinking that flow and messaging.
Also noted (and agreed) on the accessibility issue. I’ll fix the <button> vs <a> problem-thank you for catching that.
what would a deployable/self-managed version for an environments like yours look like?
i’m glad you’re taking it as intended, i was worried about my tone…
a version that could be used in a restricted setting would
be offline-first (or online-optional, even)
install and work with minimal privileges (no curl|sudo bash)
have few to zero external dependencies that need vetting (to get past IT)
send and store very minimal amounts of data off-device (especially important for PII like user accounts)
use only audited and proven crypto and auth (because nobody should be rolling their own there)
allow bring-your-own-database setups for the server (because some places run the same DB software for everything)
play well with other tools on a posix system, e.g. make sure data files are structured text rather than binary (for future-proofing)
if running in a browser-based environment, preferably work without scripts enabled (to eliminate XSS risks)
if running in a native environment, be open and reproducible (so builds can be verified)
keep to itself; e.g. make sure to keep stuff in its own namespace and not spread files around (for the server this is usually accomplished by containerization but not everyone allows running stuff like docker)
Wow! This is great stuff! Really appreciate you taking the time to lay this out.
I get your point: in high-stakes, security-conscious environments like yours, needing a persistent internet connection is a non-starter. Your two conditions (sync only on verified safe networks + trusted server endpoints) are a clear, actionable framework I hadn’t articulated so well before-thank you.
Cheers for calling out the muddiness around purpose. I started this as a tool to scratch a personal itch, but I’ve been deliberately open-ended in trying to understand where others see value. Still, the lack of clarity does become friction-especially when account creation is required up front. I’ll be rethinking that flow and messaging.
Also noted (and agreed) on the accessibility issue. I’ll fix the <button> vs <a> problem-thank you for catching that.
what would a deployable/self-managed version for an environments like yours look like?
i’m glad you’re taking it as intended, i was worried about my tone…
a version that could be used in a restricted setting would