Focused developer tools, organized by real workflows.

Text Utilities Workbench

A planned hub for small text tasks that are useful together but too thin as separate indexed pages: counting, case conversion, deduplication, slug creation, and placeholder text.

5 legacy tools mapped

Code Formatters Workbench

A planned hub for CSS, HTML, JavaScript/TypeScript, SQL, SVG, and entity cleanup tasks that are stronger as a formatter workflow than as separate thin pages.

6 legacy tools mapped

Image Utilities Workbench

A planned hub for browser-side image compression, cropping, Base64 conversion, QR/barcode generation, color utilities, and EXIF inspection.

9 legacy tools mapped

AI Prompt Workbench

A cautious experimental hub for prompt cleanup, prompt templates, AI output cleanup, token estimates, conversation analysis, and model planning snapshots.

8 legacy tools mapped

Base64 is not encryption

Base64 changes how data is represented; it does not make the data secret. Use it for transport and formatting, not protection.

JWT decode vs verify

Decoding a JWT makes its header and payload readable. Verifying a JWT proves whether the token was signed by a trusted issuer and has not been changed.

URL encoding for query parameters

Encode parameter values, not usually the entire URL. Pay attention to reserved characters, Unicode, spaces, and accidental double encoding.

Hashing vs encryption

Hashes are one-way digests. Encryption is reversible with a key. Password storage needs dedicated slow password-hashing algorithms, not plain SHA-256.

Base64URL vs Base64

Base64URL is a URL-safe variant of Base64. It changes a few characters and often drops padding so encoded values survive links, cookies, and token segments more reliably.

UTF-8 and percent encoding

URL encoding usually represents UTF-8 bytes, not abstract characters directly. That is why one visible character can become several percent-encoded byte values.

encodeURI vs encodeURIComponent

Use encodeURIComponent for individual parameter values. Use encodeURI only when you already have a mostly complete URL and want to preserve its structural characters.

Why MD5 and SHA-1 are legacy

MD5 and SHA-1 are useful for recognizing legacy data, but they should not be chosen for new security-sensitive integrity or trust workflows.

How to choose password length

Length usually matters more than visual complexity. Use long unique passwords with a manager, and use memorable passphrases only when a human truly needs to type them.

How to read JSON parse errors

A JSON parse error usually points near the first place the parser became confused, not always the original mistake. Work from the location, then inspect the surrounding structure.

Seconds vs milliseconds

A 10-digit Unix timestamp is usually seconds; a 13-digit value is usually milliseconds. Mixing them can shift dates by decades or create instantly expired tokens.

Regex greedy vs lazy

Greedy quantifiers take as much as they can while still allowing the pattern to match. Lazy quantifiers take as little as they can, but they still depend on the rest of the pattern.

Text diff review workflows

Text diff review works best when the snippets are small, sanitized, and tied to a clear decision: what changed, what matters, and what should be copied forward.

Safe Markdown preview workflow

Markdown preview is a publishing rehearsal: it helps catch structure and formatting problems, but the final platform may still render details differently.

CSS formatting review workflow

CSS formatting improves readability, but cascade, specificity, browser support, and team lint rules still need deliberate review.

UUID v4 test identifiers

UUID v4 values are useful random identifiers for development data, but authorization, uniqueness constraints, and secret-token design remain separate responsibilities.