didof.dev
Blog

Engineering notes, tutorials, and deep dives.

Browse by Category
How I Turned 4 Sites and a Shared Lib Into One pnpm Workspace

How I Turned 4 Sites and a Shared Lib Into One pnpm Workspace

A first-person walkthrough of converting four separate Astro repositories and a shared components library into a single pnpm workspace. Real layout, real gotchas, and the five traps that cost me the most time.

April 13, 2026
Read Full Article

April 2026

Run a 1-Bit LLM on Your Mac with bitnet.cpp
AI
April 13, 2026

Run a 1-Bit LLM on Your Mac with bitnet.cpp

A first-person walkthrough of running BitNet b1.58 on an M1 Pro: real benchmarks (22.5 tok/s), five real gotchas, a 3B model in under 1 GB of RAM, and the GPU never touched.

Read
How SynthID Was Broken: Three Attacks That Defeated Google's AI Watermark
AI
April 12, 2026

How SynthID Was Broken: Three Attacks That Defeated Google's AI Watermark

Researchers broke Google's SynthID watermark 3 ways. Spectral analysis drops detection by 91.4%, diffusion re-nosing overwrites it, and synonym swaps defeat text marking.

Read
Remote Terminal: iPhone to Mac via Tailscale
April 10, 2026

Remote Terminal: iPhone to Mac via Tailscale

Set up a secure remote terminal from your iPhone to your Mac using Tailscale and Remobi. No port forwarding, no SSH keys, zero internet exposure. Takes five minutes.

Read
BitNet b1.58: The 1-Bit LLM That Matches Full-Precision Models
AI
April 9, 2026

BitNet b1.58: The 1-Bit LLM That Matches Full-Precision Models

BitNet b1.58 replaces every Transformer weight with -1, 0, or 1, cutting energy use by 71.4x while matching FP16 quality at 3B+ parameters. Here is how.

Read
JSON-LD Structured Data for Blogs: A Real Implementation
Web
April 7, 2026

JSON-LD Structured Data for Blogs: A Real Implementation

Pages with structured data are 2.3x more likely to appear in AI Overviews. Here is how I added BlogPosting JSON-LD to my Astro blog with real code.

Read
V
Velocaption
Velocaption
April 5, 2026

How to Add Watermarks to Video Before Sending to Clients

Burned-in watermarks can't be removed by screen recording or format conversion. Here's how to watermark video in your browser for free without uploading.

Explore
V
Velocaption
Velocaption
April 5, 2026

How to Compress Video Without Losing Quality (2026 Guide)

A 5-minute iPhone 4K recording is 1.8 GB. Here's how to shrink it 90% without visible quality loss using bitrate targeting, resolution scaling, and browser-based WebCodecs.

Explore
V
Velocaption
Velocaption
April 5, 2026

How to Crop Video for Instagram Reels, TikTok, and YouTube Shorts

Instagram Reels need 9:16. YouTube Shorts need 9:16. TikTok needs 9:16. Here's how to crop any landscape video to vertical format in your browser for free.

Explore
V
Velocaption
Velocaption
April 5, 2026

JPEG vs WebP vs PNG: When to Use Each Image Format in 2026

WebP is 25-35% smaller than JPEG at similar quality. PNG is lossless but huge. Here's a practical decision guide with free browser-based conversion tools.

Explore
How K-Means Clustering Works (Explained by Extracting Colors from Images)
Velocaption
Velocaption
April 5, 2026

How K-Means Clustering Works (Explained by Extracting Colors from Images)

K-Means clustering explained step-by-step through a GPU-accelerated color palette extractor. WebGL2 turns your GPU into a parallel processor. Try it free.

Explore
V
Velocaption
Velocaption
April 5, 2026

Browser-Based Video Editing: How WebCodecs Changes Everything

WebCodecs gives browsers direct GPU encoder access. 95.5% global support. Here's why client-side video processing is replacing upload-based tools in 2026.

Explore
V
Velocaption
Velocaption
April 5, 2026

WebM vs MP4: Which Video Format Should You Use in 2026?

WebM uses VP9/Opus for 30-50% smaller files. MP4 uses H.264/AAC for universal playback. Here's when to use each, with a free browser-based converter.

Explore
How We Got 60fps Video Playback in a Browser-Based Editor
Velocaption
Velocaption
April 2, 2026

How We Got 60fps Video Playback in a Browser-Based Editor

We fixed stuttering at clip boundaries with 540 lines of imperative TypeScript that manages media elements outside of React.

Explore

March 2026

The V3 Bypass: How I Secured Velocaption's Offline-First License System
Velocaption
Velocaption
March 18, 2026

The V3 Bypass: How I Secured Velocaption's Offline-First License System

A lesson in desktop app security: how a glaring frontend vulnerability forced me to re-architect my license system before launching V3.

Explore
Running SQLite in the Browser with OPFS and Web Workers
Web
March 12, 2026

Running SQLite in the Browser with OPFS and Web Workers

Discover how to set up SQLite in the browser using the Origin Private File System (OPFS) and Web Workers. Build high-performance, local-first applications with relational power and zero server costs.

Read

January 2026

LinkPreview AI: The Privacy-First, Client-Side QR Code Generator
Web
January 20, 2026

LinkPreview AI: The Privacy-First, Client-Side QR Code Generator

Most QR code generators track you. LinkPreview AI enables zero-knowledge, client-side QR generation with no database. Here is how it works.

Read
isemailok.com: The Silent API
Web
January 17, 2026

isemailok.com: The Silent API

A story of a perfectly working Redis-backed micro-SaaS that died in silence. Why building isn't enough.

Read
EasyPageGo: The Rube Goldberg Website Builder
Web
January 16, 2026

EasyPageGo: The Rube Goldberg Website Builder

How I engineered a Docker-based website builder that solved a problem no one had. A post-mortem of over-engineering, market misreading, and the pre-ChatGPT struggle.

Read
Podcast Creator
Velocaption
Speech Studio
January 14, 2026

Podcast Creator

Create professional podcasts with realistic AI voices for free. SpeechStudio is the best AI podcast creator and text to speech tool for content creators.

Explore
Velocaption is Born
Velocaption
Velocaption
January 9, 2026

Velocaption is Born

Stop wasting hours on silence removal. Edit video 10x faster with local AI.

Explore

November 2025

V
Velocaption
LinkPreview
November 10, 2025

Why Are You Paying a Subscription for Your Business Card?

Digital business cards often come with monthly fees and privacy trade-offs. Discover the free, zero-knowledge alternative that lives forever.

Explore
V
Velocaption
LinkPreview
November 9, 2025

The Golden Hour: Why Your Locked Phone Isn't Enough in an Emergency

First responders need your medical info instantly. Discover why a physical, offline QR code can save vital minutes when your phone cannot.

Explore
V
Velocaption
LinkPreview
November 8, 2025

Stop Putting Your Home Address on Your Luggage

Traditional luggage tags broadcast that you're on vacation—and exactly where you live. Here is the smarter, private way to tag your property.

Explore
V
Velocaption
LinkPreview
November 8, 2025

QR Safe: Your Trusted Zero-Knowledge QR Code Solution

Discover QR Safe's cookie policy and how we prioritize your privacy. Learn about our commitment to zero-knowledge technology, ensuring your data remains secure and never stored.

Explore

July 2025

The Evolution of Password Security: From Basic Storage to Argon2
Cyber Security
July 18, 2025

The Evolution of Password Security: From Basic Storage to Argon2

A level-by-level journey into password security. Discover why a simple hash isn't enough and how to defend your users from hackers and data leaks, from salt and pepper to Argon2.

Read
Automatic Subtitles with Whisper and Remotion: A Complete Guide
Automation
July 16, 2025

Automatic Subtitles with Whisper and Remotion: A Complete Guide

Discover how to generate automatic subtitles (and translations) for your videos. A step-by-step guide to the workflow with AI Whisper, Remotion, and ffmpeg to save time.

Read
Animated Transitions in MPAs with the View Transitions API
Web
July 13, 2025

Animated Transitions in MPAs with the View Transitions API

Enjoy your Multi-Page Application (MPA) without giving up smooth, SPA-like page transitions using the View Transitions API. A practical guide with code examples to implement professional animations with just a few lines of CSS, enhancing the user experience through progressive enhancement.

Read
SHA256 and the Length Extension Attack
Cyber Security
July 11, 2025

SHA256 and the Length Extension Attack

SHA-256 is a cornerstone of security, but it's not invincible. Discover how its internal structure opens the door to the feared length extension attack and why HMAC is the fundamental solution.

Read
Intersection Observer: Smooth Animations Without Blocking the Page
Web
July 9, 2025

Intersection Observer: Smooth Animations Without Blocking the Page

Stop using the scroll event for your animations. Discover how Intersection Observer improves performance easily and quickly.

Read

April 2025

Run n8n and SearXNG Locally with Docker: Build Your Own No-Code AI Playground
Web
April 20, 2025

Run n8n and SearXNG Locally with Docker: Build Your Own No-Code AI Playground

Discover how to set up n8n and SearxNG to build a private AI agent for web searches. You'll have an AI agent that fetches information online without tracking your data. Ideal for those interested in automation and privacy!

Read
Free Online Text to Speech Generator - SpeechStudio.ai
Web
April 18, 2025

Free Online Text to Speech Generator - SpeechStudio.ai

Check out SpeechStudio.ai, a free and powerful text-to-speech tool that provides natural-sounding voices and supports multiple speakers. It's perfect for podcasts, presentations, and creative projects, all without any costs or signups.

Read

December 2024

Throttling Explained: A Guide to Managing API Request Limits
Cyber Security
December 4, 2024

Throttling Explained: A Guide to Managing API Request Limits

Learn how to implement a simple and effective throttling system in TypeScript to protect your APIs from overload. This guide covers rate-limiting strategies, IP tracking, and periodic cleanup to manage stale records and optimize performance.

Read

February 2024

Optimize Three.js: 4 Key Techniques
Web
February 12, 2024

Optimize Three.js: 4 Key Techniques

Practical tips for improving performance when working with Three.js scenes in real-world projects.

Read

November 2023

Cache-Control max-age, stale-while-revalidate
Web
November 23, 2023

Cache-Control max-age, stale-while-revalidate

Until now, thanks to Last-Modified/If-Modified-Since or ETag/If-None-Match we mainly saved on bandwidth. However, the server always had to process each request.

Read
ETag/If-None-Match
Web
November 21, 2023

ETag/If-None-Match

we explored the usefulness of the Last-Modified Response Header and If-Modified-Since Request Header. They work really well when dealing with an endpoint returning a file. What about data retrieved from a database or assembled from different sources?

Read
Last-Modified / If-Modified-Since
Web
November 16, 2023

Last-Modified / If-Modified-Since

Less load on the server and less bandwidth usage for the same result? Where should I sign up? Nowhere, you just need to know the right headers.

Read

December 2022

How to Use a Reverse Trie for Fast Disposable Email Domain Detection
Web
December 5, 2022

How to Use a Reverse Trie for Fast Disposable Email Domain Detection

Learn how to use a reverse Trie to efficiently detect disposable email domains. Optimize your domain lookups with a scalable, memory-efficient solution tailored for fast and precise results.

Read

May 2022

How to Safely Delete All Local Git Branches
Git
May 18, 2022

How to Safely Delete All Local Git Branches

Learn how to quickly and safely remove all local Git branches except the ones you choose (like dev and main) using a simple one-liner command. This guide breaks down each part of the command, provides examples, and tips for a tidier Git workflow.

Read

April 2022

GitHub App and OAuth ~ Disjointed flow
Web
April 28, 2022

GitHub App and OAuth ~ Disjointed flow

Discover how to integrate GitHub App functionality into an existing OAuth-based authentication system. This guide explains how to authenticate as a GitHub App using JWT, retrieve installation IDs, and access repositories associated with the app.

Read
OAuth popup ~ Practical Guide
Web
April 27, 2022

OAuth popup ~ Practical Guide

Enhance your GitHub OAuth implementation by using a popup approach for authentication in single-page applications (SPAs). This guide walks you through the process of spawning a popup for user authentication and securely handling the access token.

Read
GitHub App and OAuth ~ Practical Kick-Starter
Web
April 26, 2022

GitHub App and OAuth ~ Practical Kick-Starter

Learn how to build an interface that allows GitHub-authenticated users to view which repositories have a specific GitHub App installed. This guide covers creating a GitHub App, implementing OAuth authentication, and querying the GitHub REST API for installations and repositories.

Read
Headers for large files
Web
April 26, 2022

Headers for large files

HTTP headers Content-Length, Content-Encoding, and Transfer-Encoding impact the transmission of large files in web applications. With a practical Node.js server example, learn about header combinations and the importance of the Content-Length header and gzip compression for optimizing web performance.

Read
CORS, Preflight request and OPTIONS Method
Web
April 10, 2022

CORS, Preflight request and OPTIONS Method

This post is intended to be a light reading with the purpose to give a minimum of context and instill some curiosity towards a topic often considered opaque - CORS are a simple HTTP-header mechanism that every web developer can easily understand.

Read

October 2021

Penetration and Security in JavaScript
Web
October 7, 2021

Penetration and Security in JavaScript

Are you sure you are ensuring your code to be used as intended? Are you preventing it from beeing used in a malicious way? If what comes your way is putting guards in your functions, this post will open up a world for you. Using checks is not enough.

Read
Built-in-like Range in JavaScript
Web
October 6, 2021

Built-in-like Range in JavaScript

Make it possible to generate any range of integers with built-in-like syntax.

Read