5 Free Browser-Based Dev Tools: GraphQL Formatter, Docker Compose Validator, Dockerfile Linter, and More
I just shipped 5 new tools to DevNestio - a hub of 172 free, browser-only developer utilities. All tools are zero-signup, zero-upload, and work offline.
GraphQL Query Formatter & Minifier
https://devnestio.pages.dev/graphql-formatter/
Paste any GraphQL operation and get:
- Pretty-print - consistent indentation
- Minify - strips comments and whitespace for smaller request payloads
- Validation - brace/parenthesis balance check
- Operation detection - lists all named
query,mutation,subscription,fragment
Useful for quick query cleanup before pasting into code reviews or API docs.
Protobuf (.proto) Formatter & Validator
https://devnestio.pages.dev/protobuf-formatter/
Online formatter and validator for Protocol Buffer .proto files:
- Duplicate field number detection
- Message and enum structure validation
- Syntax-highlighted output
- One-click copy
Great for a sanity check before pushing .proto changes in a gRPC service.
Docker Compose Validator
https://devnestio.pages.dev/docker-compose-validator/
Paste your docker-compose.yml to catch:
- Missing
servicessection - Services without
imageorbuild - Invalid port mappings (
80:80,127.0.0.1:8080:80,53:53/udp, rangesβ¦) depends_onreferencing non-existent services- Circular dependency detection (AβBβA)
- Unknown restart policies
# This will flag errors:
services:
web:
ports:
- "abc:xyz" # invalid port
depends_on:
- missing_service # unknown service
Dockerfile Analyzer & Linter
https://devnestio.pages.dev/dockerfile-analyzer/
Analyzes your Dockerfile for best practice violations across three categories:
Security
sudousage insideRUN- Container running as root (no
USERinstruction) - Secrets baked into
ENV/ARG(password, secret, token, key)
Image size
:latestbase image tagapt-get updatein a separateRUN(stale cache risk)apt-get installwithout--no-install-recommends- apt cache not cleaned (
rm -rf /var/lib/apt/lists/*) ADDused for local files instead ofCOPY
Layer optimization
- Consecutive
RUNinstructions (suggest chaining with&&) - High total layer count
Also flags the absence of WORKDIR and celebrates multi-stage builds and HEALTHCHECK when present.
Email Header Analyzer
https://devnestio.pages.dev/email-header-analyzer/
Paste raw email headers and instantly get:
Authentication Results
- SPF β pass
- DKIM β pass
- DMARC β pass
Phishing investigation often starts here - a failed SPF or DKIM check is a red flag.
Phishing Signals
- Reply-To domain β From domain - classic impersonation trick
- Return-Path domain mismatch
- Spam score / X-Spam-Flag detection
Routing Trace
Parses all Received: headers to show each hop the email traveled through, including originating IP addresses.
Three Tabs
- Summary - From/To/Subject/Date/Message-ID + auth status
- Routing - hop-by-hop trace with IP addresses
- All Headers - raw dump of every header field
Handy when your security team needs to quickly triage a suspicious email without spinning up a full mail analysis tool.
Implementation Notes
All five tools follow the same constraints:
- Vanilla JS, single HTML file - no bundler, no framework, works offline
- 80+ Node.js assert tests - core logic is extracted and tested independently of the browser
- No external YAML/parsing libraries - the Docker Compose validator uses a custom line-by-line indent parser
DevNestio now has 172 tools in total. If there's a utility you'd find useful, drop a comment - I'm always looking for the next one to build.
Comments
No comments yet. Start the discussion.