DEV Community

5 Free Browser-Based Dev Tools: GraphQL Formatter, Docker Compose Validator, Dockerfile Linter, and More

I just shipped 5 new tools to DevNestio - a hub of 172 free, browser-only developer utilities. All tools are zero-signup, zero-upload, and work offline.

GraphQL Query Formatter & Minifier

https://devnestio.pages.dev/graphql-formatter/

Paste any GraphQL operation and get:

  • Pretty-print - consistent indentation
  • Minify - strips comments and whitespace for smaller request payloads
  • Validation - brace/parenthesis balance check
  • Operation detection - lists all named query, mutation, subscription, fragment

Useful for quick query cleanup before pasting into code reviews or API docs.

Protobuf (.proto) Formatter & Validator

https://devnestio.pages.dev/protobuf-formatter/

Online formatter and validator for Protocol Buffer .proto files:

  • Duplicate field number detection
  • Message and enum structure validation
  • Syntax-highlighted output
  • One-click copy

Great for a sanity check before pushing .proto changes in a gRPC service.

Docker Compose Validator

https://devnestio.pages.dev/docker-compose-validator/

Paste your docker-compose.yml to catch:

  • Missing services section
  • Services without image or build
  • Invalid port mappings (80:80, 127.0.0.1:8080:80, 53:53/udp, ranges…)
  • depends_on referencing non-existent services
  • Circular dependency detection (Aβ†’Bβ†’A)
  • Unknown restart policies
# This will flag errors:
services:
  web:
    ports:
      - "abc:xyz" # invalid port
    depends_on:
      - missing_service # unknown service

Dockerfile Analyzer & Linter

https://devnestio.pages.dev/dockerfile-analyzer/

Analyzes your Dockerfile for best practice violations across three categories:

Security

  • sudo usage inside RUN
  • Container running as root (no USER instruction)
  • Secrets baked into ENV / ARG (password, secret, token, key)

Image size

  • :latest base image tag
  • apt-get update in a separate RUN (stale cache risk)
  • apt-get install without --no-install-recommends
  • apt cache not cleaned (rm -rf /var/lib/apt/lists/*)
  • ADD used for local files instead of COPY

Layer optimization

  • Consecutive RUN instructions (suggest chaining with &&)
  • High total layer count

Also flags the absence of WORKDIR and celebrates multi-stage builds and HEALTHCHECK when present.

Email Header Analyzer

https://devnestio.pages.dev/email-header-analyzer/

Paste raw email headers and instantly get:

Authentication Results

  • SPF βœ… pass
  • DKIM βœ… pass
  • DMARC βœ… pass

Phishing investigation often starts here - a failed SPF or DKIM check is a red flag.

Phishing Signals

  • Reply-To domain β‰  From domain - classic impersonation trick
  • Return-Path domain mismatch
  • Spam score / X-Spam-Flag detection

Routing Trace
Parses all Received: headers to show each hop the email traveled through, including originating IP addresses.

Three Tabs

  • Summary - From/To/Subject/Date/Message-ID + auth status
  • Routing - hop-by-hop trace with IP addresses
  • All Headers - raw dump of every header field

Handy when your security team needs to quickly triage a suspicious email without spinning up a full mail analysis tool.

Implementation Notes

All five tools follow the same constraints:

  • Vanilla JS, single HTML file - no bundler, no framework, works offline
  • 80+ Node.js assert tests - core logic is extracted and tested independently of the browser
  • No external YAML/parsing libraries - the Docker Compose validator uses a custom line-by-line indent parser

DevNestio now has 172 tools in total. If there's a utility you'd find useful, drop a comment - I'm always looking for the next one to build.

Comments

No comments yet. Start the discussion.