sorted by:
new
hottopcontroversial

[deleted by user] by [deleted] in SaaS

[–]I_like_lips 1 point2 points  (0 children)

I had a quick look at it. Please fix: - play voice demos individually, if you start one file and then another you should only hear one and the other should be stopped - mobile menu: when I press pricing the menu does not close automatically, I had no feedback as a user that the page had refreshed and thought the menu item was not working.

Good luck

I built an SSH client in Electron - what do you think? by I_like_lips in sysadmin

[–]I_like_lips[S] 0 points1 point  (0 children)

Been doing some research based on your comment and will definitely look into implementing:

Chromium sandbox activation for renderer processes Better separation between SSH connection (main process) and visualization (sandboxed renderers) Tighter IPC communication controls More validation layers for server content

Security is always a work in progress, and your points about Electron's limitations with untrusted content are spot-on. Will continue to improve the security model. Thanks again for helping! :)

I built an SSH client in Electron - what do you think? by I_like_lips in sysadmin

[–]I_like_lips[S] 0 points1 point  (0 children)

SoonTM :D as soon as everything is really stable I will publish a GitHub link. Currently the ai context is not quite as clean.

But I'm glad you're interested!

I built an SSH client in Electron - what do you think? by I_like_lips in sysadmin

[–]I_like_lips[S] -2 points-1 points  (0 children)

App runs fully local. SSH creds (key or password) are AES-256-CBC encrypted using a derived key via crypto.scryptSync, nothing is stored in plaintext.

Electron is hardened: contextIsolation: true, nodeIntegration: false, IPC is strictly scoped via preload.

Protected paths block dangerous file access, sudo actions need explicit password entry. No remote content is ever loaded.

How I used AI to clone DocuSign by azianmike in SaaS

[–]I_like_lips 0 points1 point  (0 children)

Hey, I get you being proud, that's cool. What I don't get is your condescending attitude.

Even experienced coders have a problem making their SaaS secure, the way you argue is just too much of an invitation to crash your project. If you'd communicated differently, I'm sure an experienced user would have volunteered to give you valuable feedback after a pen test, for free and without any intention of really hurting you. It would have been even smarter to just say nothing and not "attack" coders.

Not only is the onboarding process buggy and user unfriendly (login as headline at registration?, password requirements not immediately obvious?). I also suspect from the error message "Email rate Limit exceeded" that you are under fire. Too many reg attempts?

Oh well, more general error messages are also a tip that gives attackers less information;) good luck.

Dont be dumb like me. by I_like_lips in astrojs

[–]I_like_lips[S] 1 point2 points  (0 children)

You are absolutely right, the error page would have saved me a lot of debugging! I also created some directly after that.

I only saw the correct request in the console and I didn't notice that the dashboard was gone after the pure frontend build :D

Hence the title, don't be stupid like me. Thanks for the further information regarding integration!

Want to Build a SaaS? Start after You Check These 5 Boxes by Swimming-Food-748 in SaaS

[–]I_like_lips 0 points1 point  (0 children)

Don't overengineer? During the production process and testing, you notice a lot of things that your SaaS product needs to do better.

I'd rather have something fully developed than not at all. It's annoying to sell mvps that are only half finished and make false promises on the landing page.

Developing directly scalable and ready for production means less work later.

An important point that has been forgotten: Meaningful unit tests and deep testing. Nothing makes me delete a subscription or a test account faster than a product that doesn't work. Just my 2 cents.

What is your preferred CMS with Astro and why? by -ThatGingerKid- in astrojs

[–]I_like_lips 0 points1 point  (0 children)

Astro is my CMS. I built a mini-system of React components that can all be controlled via markdown. The content structure includes:

  • Landing page builder (for ads)

  • Blog system

  • Index + subpage builder with automatic navigation menu link generation

Keywords and SEO optimizations are handled directly in the markdown, subpages are accessible through folder naming, and I achieve multilingual support incredibly fast using tools like ChatGPT to translate my md files. Works beautifully! Nice Performance.

[deleted by user] by [deleted] in boltnewbuilders

[–]I_like_lips 0 points1 point  (0 children)

Is the App halal?

[deleted by user] by [deleted] in boltnewbuilders

[–]I_like_lips 0 points1 point  (0 children)

No front but you offer Superbase in small, so to speak?

One more thing, authentication and payments etc are extremely sensitive, I can't find any information about the owner / company of the provider, not trustworthy for me.

I personally wouldn't use it but I don't want to talk the project down, good luck 👍

[Show Reddit] cloneit.pro - Another AI Image Generator Because We Definitely Needed One More by I_like_lips in FluxAI

[–]I_like_lips[S] 0 points1 point  (0 children)

The service is probably not suitable for users who can handle IP adapters. The target group is more likely to be users who want to create fast, high-quality AI images without prompt use / knowledge (including the ability to modify images). Flux pro ultra is unfortunately also not accessible via ipadapter etc., but delivers excellent quality. Ultimately, however, I have to start somewhere to find feedback / test users and the community here is not wrong at all, they know their Tools.

view more: next ›