this post was submitted on 01 May 2025
19 points (95.2% liked)

Programming

22218 readers
280 users here now

Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!

Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.

Hope you enjoy the instance!

Rules

Rules

  • Follow the programming.dev instance rules
  • Keep content related to programming in some way
  • If you're posting long videos try to add in some form of tldr for those who don't want to watch videos

Wormhole

Follow the wormhole through a path of communities !webdev@programming.dev

founded 2 years ago
MODERATORS
snowe@programming.dev
Ategon@programming.dev
MaungaHikoi@lemmy.nz
UlrikHD@programming.dev
19
Honest feedback- Would you use this? (lemmy.world)
submitted 3 months ago by Kevisthename@lemmy.world to c/programming@programming.dev
23 comments fedilink hide all child comments
 

Looking for honest feedback on a tool for fast note-sharing: devs, educators, curious minds welcome 🙏

https://quickpoint.me/quickpoint/landing/PAGE/1

you are viewing a single comment's thread
view the rest of the comments
[–] Kevisthename@lemmy.world 1 points 3 months ago (1 children)

Wow! This is great stuff! Really appreciate you taking the time to lay this out.

I get your point: in high-stakes, security-conscious environments like yours, needing a persistent internet connection is a non-starter. Your two conditions (sync only on verified safe networks + trusted server endpoints) are a clear, actionable framework I hadn’t articulated so well before-thank you.

Cheers for calling out the muddiness around purpose. I started this as a tool to scratch a personal itch, but I’ve been deliberately open-ended in trying to understand where others see value. Still, the lack of clarity does become friction-especially when account creation is required up front. I’ll be rethinking that flow and messaging.

Also noted (and agreed) on the accessibility issue. I’ll fix the vs problem-thank you for catching that.

what would a deployable/self-managed version for an environments like yours look like?

[–] lime@feddit.nu 1 points 3 months ago

i'm glad you're taking it as intended, i was worried about my tone...

a version that could be used in a restricted setting would

  • be offline-first (or online-optional, even)
  • install and work with minimal privileges (no curl|sudo bash)
  • have few to zero external dependencies that need vetting (to get past IT)
  • send and store very minimal amounts of data off-device (especially important for PII like user accounts)
  • use only audited and proven crypto and auth (because nobody should be rolling their own there)
  • allow bring-your-own-database setups for the server (because some places run the same DB software for everything)
  • play well with other tools on a posix system, e.g. make sure data files are structured text rather than binary (for future-proofing)
  • if running in a browser-based environment, preferably work without scripts enabled (to eliminate XSS risks)
  • if running in a native environment, be open and reproducible (so builds can be verified)
  • keep to itself; e.g. make sure to keep stuff in its own namespace and not spread files around (for the server this is usually accomplished by containerization but not everyone allows running stuff like docker)