# gitime.dev > Privacy-first developer utilities that run entirely in the browser. Every tool processes data client-side in JavaScript — no uploads, no login, no server round-trip. Built for real, sensitive, or large data that should not be pasted into a third-party AI model. gitime.dev focuses on "processor" tools — parsing, converting, decoding and validating data deterministically — rather than "generator" tools that AI assistants already handle inline. The value proposition is privacy (data never leaves the device), determinism (identical correct output every time, no hallucination), instant use (no signup), and large-payload handling. ## Tools - [JSON Formatter, Validator & Minifier](https://www.gitime.dev/tools/json-formatter): Pretty-print JSON with 2/4/tab indent, minify to the smallest valid output, and validate with the exact error line and column. Optional recursive alphabetical key sorting for diff-friendly output. Drag-and-drop large files. 100% client-side. - [JSON ⇄ CSV Converter](https://www.gitime.dev/tools/json-csv-converter): Two-way conversion between JSON and CSV. Flattens nested objects to dot-notation columns, serializes arrays as JSON strings, infers types on CSV→JSON, supports drag-and-drop of large files. 100% client-side. - [Base64 Encode / Decode](https://www.gitime.dev/tools/base64): Encode and decode Base64 for text, files and images. Unicode-safe via UTF-8, URL-safe variant (RFC 4648 §5), optional 76-column MIME wrapping, file/image to data URI, inline image preview on decode. 100% client-side. - [Hash & Checksum Generator](https://www.gitime.dev/tools/hash-checksum): Compute MD5, SHA-1, SHA-256, SHA-384 and SHA-512 of text or files simultaneously, with a verify box that highlights which digest matches a pasted checksum. 100% client-side. - [Image Compressor, Converter & Resizer](https://www.gitime.dev/tools/image-compressor): Compress, convert (JPEG/PNG/WebP) and resize images via the HTML canvas API. Quality slider for lossy formats, max-dimension resizing with aspect preserved, live size-saving comparison. 100% client-side; images never uploaded. - [JWT Decoder & Verifier](https://www.gitime.dev/tools/jwt-decoder): Decode a JSON Web Token's header, payload and registered claims, render iat/nbf/exp as readable UTC with expiry status, and verify signatures for HS256/384/512, RS256/384/512, PS256/384/512 and ES256/384/512 using a shared secret, PEM (SPKI) public key or JWK. Detects JWE (5-part) tokens. 100% client-side via the Web Crypto API; tokens and keys never leave the device. - [X.509 Certificate & CSR Decoder](https://www.gitime.dev/tools/certificate-decoder): Decode PEM-encoded X.509 certificates and PKCS#10 CSRs — subject, issuer, serial, validity with expiry status, public-key algorithm and size/curve, signature algorithm, Subject Alternative Names, key usage, extended key usage, basic constraints, and SHA-1/SHA-256 fingerprints. Refuses to parse private keys. 100% client-side with a self-contained ASN.1 DER parser. - [Diff Checker (Text & JSON)](https://www.gitime.dev/tools/diff-checker): Compare two blocks of text line-by-line with added/removed highlighting (optional whitespace-insensitive), or compare two JSON documents structurally — ignoring key order and formatting — to report the exact added, removed and changed paths with old/new values. 100% client-side; nothing uploaded. - [YAML ⇄ JSON Converter](https://www.gitime.dev/tools/yaml-json-converter): Convert YAML to JSON and JSON to YAML with multi-document support (a YAML stream becomes a JSON array), configurable 2/4/tab indentation, scalar type fidelity (booleans, numbers, null, strings), and validation with line/column errors. Safe loading rejects executable YAML tags. 100% client-side. ## Methodology & sources - CSV parsing and serialization use the PapaParse library (vendored locally, version 5.4.1, MIT, RFC 4180 compliant quoting/escaping); no external CDN is contacted. - YAML parsing and serialization use the js-yaml library (vendored locally, version 3.14.1, MIT) via safeLoad/safeLoadAll/safeDump, which restricts documents to standard data types and rejects custom/executable tags; JSON parsing uses the browser's native engine. - JSON parsing, formatting and minification use the browser's native JSON engine; a small hand-written scanner locates syntax errors by line and column when parsing fails. - Base64 uses native btoa/atob with TextEncoder/TextDecoder for UTF-8 correctness; files are read with FileReader as ArrayBuffer and converted in chunks; the URL-safe variant follows RFC 4648 §5. - Hashing uses the Web Crypto API (crypto.subtle.digest) for SHA-1/256/384/512 and a self-contained RFC 1321 implementation for MD5; no third-party hashing library is loaded. Verified against standard NIST/RFC test vectors. - Image processing uses the native HTML canvas 2D context and canvas.toBlob with the requested MIME type and quality; resizing scales the longest side while preserving aspect ratio; no image-processing library is loaded. - JWT decoding is pure Base64url-to-JSON parsing of the header and payload segments; signature verification uses the Web Crypto API (crypto.subtle.importKey + verify) with HMAC for HS*, RSASSA-PKCS1-v1_5 for RS*, RSA-PSS for PS* and ECDSA for ES*; public keys are accepted as PEM/SPKI or JWK; no JWT or crypto library is loaded. - X.509 and CSR decoding uses a self-contained ASN.1 DER parser written for the project (no jsrsasign or other library); the PEM body is Base64-decoded to DER, the tag-length-value tree is walked, and OIDs, distinguished names, UTCTime/GeneralizedTime validity, RSA modulus bit length, EC curve, and the SAN/keyUsage/extKeyUsage/basicConstraints/SKI/AKI extensions are decoded; SHA-1 and SHA-256 fingerprints are computed over the certificate DER with the Web Crypto API; private keys are intentionally not parsed. - Text diffing uses a deterministic longest-common-subsequence (LCS) algorithm over the lines of both inputs (the same basis as Unix diff/git), with the O(n·m) table capped for very large inputs; JSON diffing parses both documents and deep-compares them structurally (key order ignored, arrays compared positionally) to emit added/removed/changed JSON paths; no diff library is loaded. - Nested-object flattening uses deterministic dot-notation key paths; arrays are preserved as compact JSON strings to avoid data loss. - All computation happens in the user's browser; no analytics on input content and no network transmission of user data. ## About - [Homepage](https://www.gitime.dev/) - [Why local processing](https://www.gitime.dev/#why)