Not to poke at React or any of the other popular frameworks, I'm sure they're suitable for Cybersecurity projects. They surely go through things like reviews and audits.

I'm asking from the perspective that web components are native to the browser and thus reducing what I think is called supply chain attacks (like if "npm install" introduces something it shouldn't).

Maybe the frameworks don't matter and depends on the browser/os/device it's run on?

Context: I have a p2p messaging app created with ReactJS and a separate project for a UI framework based on Lit. Both these projects can be a whole separate discussion. I was wondering if there could be any advantages to refactoring (or starting from scratch) the messaging-app to be based on the webcomponent ui framework.

Same question on Reddit with comments here. I have an answer there, but posting here in-case anything is being overlooked.

Not to poke at React or any of the other popular frameworks, I'm sure they're suitable for Cybersecurity projects. They surely go through things like reviews and audits.

I'm asking from the perspective that web components are native to the browser and thus reducing what I think is called supply chain attacks (like if "npm install" introduces something it shouldn't).

Maybe the frameworks don't matter and depends on the browser/os/device it's run on?

Context: I have a p2p messaging app created with ReactJS and a separate project for a UI framework based on Lit. Both these projects can be a whole separate discussion. I was wondering if there could be any advantages to refactoring (or starting from scratch) the messaging-app to be based on the webcomponent ui framework.

Same question on r/ExperiencedDevs with comments here. I have an answer there, but posting here in-case anything is being overlooked.

Introducing Dim – a new framework that brings React-like functional JSX-syntax with JS. Check it out here:

🔗 Project: https://github.com/positive-intentions/dim

🔗 Website: https://dim.positive-intentions.com/

My journey with web components started with Lit, and while I appreciated its native browser support (less tooling!), coming from ReactJS, the class components felt like a step backward. The functional approach in React significantly improved my developer experience and debugging flow.

So, I set out to build a thin, functional wrapper around Lit, and Dim is the result! It's a proof-of-concept right now, with "main" hooks similar to React, plus some custom ones like useStore for encryption-at-rest. (Note: state management for encryption-at-rest is still unstable and currently uses a hardcoded password while I explore passwordless options like WebAuthn/Passkeys).

You can dive deeper into the documentation and see how it works here:

📚 Dim Docs: https://positive-intentions.com/docs/category/dim

This project is still in its early stages and very unstable, so expect breaking changes. I've already received valuable feedback on some functions regarding security, and I'm actively investigating those. I'm genuinely open to all feedback as I continue to develop it!

Introducing Dim – a new framework that brings React-like functional JSX-syntax with JS. Check it out here:

🔗 Project: https://github.com/positive-intentions/dim

🔗 Website: https://dim.positive-intentions.com/

My journey with web components started with Lit, and while I appreciated its native browser support (less tooling!), coming from ReactJS, the class components felt like a step backward. The functional approach in React significantly improved my developer experience and debugging flow.

So, I set out to build a thin, functional wrapper around Lit, and Dim is the result! It's a proof-of-concept right now, with "main" hooks similar to React, plus some custom ones like useStore for encryption-at-rest. (Note: state management for encryption-at-rest is still unstable and currently uses a hardcoded password while I explore passwordless options like WebAuthn/Passkeys).

You can dive deeper into the documentation and see how it works here:

📚 Dim Docs: https://positive-intentions.com/docs/category/dim

This project is still in its early stages and very unstable, so expect breaking changes. I've already received valuable feedback on some functions regarding security, and I'm actively investigating those. I'm genuinely open to all feedback as I continue to develop it!

Introducing Dim – a new framework that brings React-like functional JSX-syntax with JS. Check it out here:

🔗 Project: https://github.com/positive-intentions/dim

🔗 Website: https://dim.positive-intentions.com/

My journey with web components started with Lit, and while I appreciated its native browser support (less tooling!), coming from ReactJS, the class components felt like a step backward. The functional approach in React significantly improved my developer experience and debugging flow.

So, I set out to build a thin, functional wrapper around Lit, and Dim is the result! It's a proof-of-concept right now, with "main" hooks similar to React, plus some custom ones like useStore for encryption-at-rest. (Note: state management for encryption-at-rest is still unstable and currently uses a hardcoded password while I explore passwordless options like WebAuthn/Passkeys).

You can dive deeper into the documentation and see how it works here:

📚 Dim Docs: https://positive-intentions.com/docs/category/dim

This project is still in its early stages and very unstable, so expect breaking changes. I've already received valuable feedback on some functions regarding security, and I'm actively investigating those. I'm genuinely open to all feedback as I continue to develop it!

https://positive-intentions.com/blog/decentralised-architecture

Creating webapps is easy enough, but in my app, im kinda going against the "best-practices".

For example, im using browser-based cryptography exclusively. while it can be easy advice to suggest to consider using a server to generate keys, i want to contrast it against a webapp that would be sandboxed within the browser.

I'd appriciate if you would be interested to share your thoughts on the approach. I'm aiming for this project to be the foundation towards the most frickin' secure messaging app in the universe. It might be too ambitious, but I'd like to set the bar high.

https://positive-intentions.com/blog/decentralised-architecture

Creating webapps is easy enough, but in my app, im kinda going against the "best-practices".

For example, im using browser-based cryptography exclusively. while it can be easy advice to suggest to consider using a server to generate keys, i want to contrast it against a webapp that would be sandboxed within the browser.

I'd appriciate if you would be interested to share your thoughts on the approach. I'm aiming for this project to be the foundation towards the most frickin' secure messaging app in the universe. It might be too ambitious, but I'd like to set the bar high.

im using peerJS and its configurable as described here: https://peerjs.com/docs/#peer-options-config

in my app, the peerjs-server used as the connection-broker is configurable (on the landing page). id also like to introduce configurable ice-servers.

i often notice difficulties connecting when not on the same wifi. i think introducing things like turn/stun servers would help.

which of the options makes sense:

1. a text input to specify your own turn server url

2. same as option 1 along with some default set of turn servers as a default redundency (because most users wont care about this)

3. same as option 2 with all the servers togglable.

4. ???

i understand there are a few free public ones available out there, but i dont know the privacy and security implications of using those. id like to think there is a set of trustable turn/stun servers i can use for option 2. this way, the app connection could be more stable and resiliant. but i'd need to investigate more about any set of servers i introduce into my project.

https://www.taler.net/

"privacy friendly online transactions"

I came across this and it's looks interesting it seems to have been out for a while and seems to work well in the demo.

it sounds a bit like Blockchain, but it doesn't seem to be. which i would think makes it more appealing because the setup was easy... but i can't find any examples of it being used in the wild.

i was expecting to see more cases that used it when i saw there is funding for it from https://nlnet.nl/

i think this could be good to add into my app. but i wonder if it might not be a good idea if it hasnt established itself as reliable in the wild.

glitr.io

im working on a p2p file transfer app. at the moment its a close-source webapp, but i hope to work towards some selfhosted options as seen on my other projects.

the storage is local-only from your browser/device. so like "the cloud", but the cloud storage capacity is made up of your devices.

ive recently updated the landing page and i hope ive got it as simple as possible to transfer a file from one device to another.

im looking for feedback on the experience.

(Note 1: its still a work in progress. if there is an issue, you can usually refresh the browser and try again)

(Note 2: it seems important to mention: this app is not libre software. This needs more consideration to see if I can align to this. For information and open-source examples of the code in action, take a look at the docs and github for decentralized chat)

I made something to try out for "funtional webcomponents" with vanillaJs. I'm working towards a UI framework for my personal projects. It's far from finished but i thought it might be an interesting concept to share.

I made something to try out for "funtional webcomponents" with vanillaJs. I'm working towards a UI framework for my personal projects. It's far from finished but i thought it might be an interesting concept to share.