Hello!

This weekend, I finally wrapped up the "Q2 2023 - Apr-Jun" iteration and cut a new 1.0.0-alpha.2 release of Secutils.dev. Admittedly, this release was delayed "a bit" (well, almost 3 weeks delay, that happens) since I needed slightly more time to prepare the "Page tracker" functionality for the general public. I tried to explain why it wasn't a trivial task in the "Detecting changes in JavaScript and CSS isn't an easy task" series of posts (part 1, part 2, part 3). Check them out!

If you want to learn more about the "Page tracker" functionality, I encourage you to start from this guide. For your convenience, I'm also attaching a short video clip here demonstrating how it works using a "fake" HTML page backed by the "Responders" feature. For the rest of the changes included in this release, please refer to the full changelog at secutils@v1.0.0-alpha.2.

TL;DR: It’s a hard, but rewarding experience!

Hello!

It’s been two months since I opened up Secutils.dev for an open beta and started writing about my indie hacking journey in public for the first time while still being a full-time employee at Elastic. In this short post, I just want to reflect on how things are going, what was good, and what wasn’t as good as I wanted it to be. If you’re in a similar situation or just curious, read on!

Hello!

This is the third and final post in a series (Part 1, Part 2) on the surprisingly hard problem of detecting changes in a web page's JavaScript and CSS resources, written while building the Resources Tracker (now Page tracker) feature in Secutils.dev.

The previous posts covered scraping mechanics and storage. Today we look at the security side: what extra parts of the page have to be tracked to catch tampering, what it takes to scrape authenticated pages, and what defences a tool like this needs against malicious users (since "scrape an arbitrary URL" is a powerful primitive).

Hello!

This is Part 2 of a three-part series on the surprisingly hard problem of detecting changes in a web page's JavaScript and CSS resources, written while building the Resources Tracker (now Page tracker) feature in Secutils.dev.

In Part 1 we covered inline vs external resources, dynamically loaded resources, and how to keep storage costs low with hashing. Today we tackle two more challenges: resources that don't fit cleanly into "inline" or "external", and inline resources that change on every page load even though "nothing meaningful" changed.

Hello!

In a previous post, I explained the idea behind tracking the JavaScript and CSS resources loaded by a web page in Secutils.dev and who benefits from it. I had originally hoped to ship the feature as part of the "Q2 2023 - Apr-Jun" update, but it took noticeably longer than I thought. In this post (and the next two) I want to walk through why comparing JavaScript and CSS files between two snapshots of a web page is much harder than it looks, and what design choices made the feature work for Secutils.dev.

Hello!

Just a brief post today to highlight an important milestone for Secutils.dev - I recently received the first negative user feedback! It may not sound like something to celebrate or take pride in, but I view it differently. Over the past month, I've received a bit of unsolicited positive feedback, primarily from fellow builders and indie hackers. Their input has been valuable, and I do appreciate it. However, I have to admit that people like me have a higher tolerance for work-in-progress software, imperfections, and bugs. Moreover, solo-builders tend to be incredibly supportive of one another, much like parents with young children empathizing with other parents in similar situations 🙂

But the negative feedback I received this past weekend came from a "real user," which presents a different perspective altogether.