"Sending a message to your mother should not require infrastructure comparable to a small bank."<p>To that end, requiring the use of GitHub for your application to work is a dead end.<p>"Macaroni Messenger is a distributed messaging system"<p>No.<p>"The backend does not exist."<p>Unless by "backend" you mean the underlying infrastructure and server logic you've made the clients depend on for the exchange of messages to happen.
That’s fair criticism of the current implementation.<p>The idea isn’t that transport magically disappears. The idea is that users don’t have to deploy, operate, pay for, or even think about transport.<p>GitHub happens to provide one out of the box, which makes the proof of concept extremely easy to try.<p>If I need to run databases, message brokers, servers and monitoring just to send my mom “please cook macaroni”, I’ve already lost interest.
<i>> The idea isn’t that transport magically disappears. The idea is that users don’t have to deploy, operate, pay for, or even think about transport.</i><p>It's sharing this advantage with every other free, third party managed communication service I can choose to depend on. It's also sharing the weakness that it puts me at the mercy of whatever third party I am relying on. It introduces a new weakness in that the third party being relied on here never intended for their infrastructure to be used in this way.<p><i>> If I need to run databases, message brokers, servers and monitoring just to send my mom “please cook macaroni”, I’ve already lost interest.</i><p>So don't. To that end, what specific problem does this address that other free third party communication service providers don't? My mother will have seen my email or SMS before you have instructed your mother on how to join GitHub and get an API token. We don't even need to agree on or stick to a provider.
[dead]
torrents need trackers but we still consider them peer to peer<p>crypto needs nodes but we still consider them decentralized<p>direct tcp/ip communication still requires routing but etc
Saying that this doesn't use a backend is like saying serverless app doesn't run on a server
This is not a bad idea ... for public team communication. This pretty much solves the "Discord is not documentation" and the dataloss in forum problems. If the communication was stored in the same place as the repostory, you are guaranteed to have saved and searchable messages. As a side-effect, AI can read all the past discussions for better "1000% vibecoding"
I wonder why this type of deployment is not more popular - pushing all resources inside a single HTML file, with a script tag, and inline resources as blobs.
It's very impractical.<p>- you get a slower first load (cannot progressively fetch resources as they're needed)
- can't reuse a stylesheet, script or image on a different page (each has to have their own copy)
- can't cache commonly used files
- can't make granular changes to specific parts of the code. user has to reload everything each time.
- can't set a proper content security policy<p>And many more! It's cool for a tiny demo but for anything serious you wouldn't want a single (extremely ugly) HTML file.
I'm not advocating this development approach, but I also think some of your reasons aren't particularly robust when scrutinized.<p>> can't reuse a stylesheet, script or image on a different page (each has to have their own copy)<p>Isn't the point of a single HTML file that you don't have different pages that would need to reuse those assets?<p>> can't cache commonly used files<p>You can still cache the HTML.<p>> can't make granular changes to specific parts of the code<p>Pretty sure text editors can edit text regardless of whether it's a single file or multiple files.<p>> can't set a proper content security policy<p>I'd have thought a single page HTML file could negate the need for a CSP since you no longer have any resources accessible via a URI that you need to limit access to.<p>> you wouldn't want a single (extremely ugly) HTML file<p>Ugliness a subjective.<p>---<p>I think your first load point is the strongest one. But I'd also throw in "it's harder to develop a good single page HTML"<p>You could probably mitigate some of that difficulty by having a build script (like static site compilers) but then you have to ask yourself if you're introducing more complexity than you're attempting to solve.
If you need a build script, your app is probably too big to be a single .html already.<p>> You can still cache the HTML.<p>But then any time you update <i>any</i> part of the app, the user has to re-download the whole thing. It is also a problem with many traditional frontend builds, but if you carefully split it into chunks, you can update parts of the app while most of it stays cached.<p>See e.g. Linear’s approach to vendor dependencies: <a href="https://performance.dev/how-is-linear-so-fast-a-technical-breakdown#linears-bundler-arc-parcel-rollup-vite-rolldown" rel="nofollow">https://performance.dev/how-is-linear-so-fast-a-technical-br...</a><p>---<p>The strong point of single .html apps is, of course, that you can run them locally without setting up a web server or anything, and deploy anywhere you want by just uploading it. But it is a fairly niche thing IMO.
> "can't reuse a stylesheet, script or image on a different page (each has to have their own copy)"<p>Not a problem if you're deploying a single file
This is an example of a single html-file that I serve: <a href="https://basketball.4e4.in" rel="nofollow">https://basketball.4e4.in</a>
It weighs in at around 30 KB including a favicon, and it's quite functional.
In this case, it's 45kbyte over the network. Instead of very impractical, we might agree that it can be not ideal for many apps, but it's an interesting and valid way of "packaging" a tool / service.<p>If someone chooses this deployment method, it's likely that they have the ability to design with minimal resources.
I've been trying to advocate for Single File Web Apps. I even tried to create a wikipedia page (<a href="https://en.wikipedia.org/wiki/Draft:Single_File_Web_Apps" rel="nofollow">https://en.wikipedia.org/wiki/Draft:Single_File_Web_Apps</a>), but it keeps getting rejected.<p>I created a couple Single File Web Apps: <a href="https://fuzzygraph.com" rel="nofollow">https://fuzzygraph.com</a> and <a href="https://hypervault.github.io/" rel="nofollow">https://hypervault.github.io/</a>.
I do this whenever possible. As a separate issue, I also aim for <50KB whenever possible, e.g. I made a multiplayer browser game in 32KB and a LLM UI in 20KB.<p>That might just be an aesthetic choice on my part, but I often find that I am able to implement all the features I need in surprisingly few lines of code. e.g. the first version of my LLM UI was 200 lines and quite usable for my purposes.<p>And my OpenClaw clone was 50 lines. Just a Telegram wrapper around Claude, but turns out that's all I needed.[0]<p>Also no dependencies, frameworks, libaries etc. Not a hard rule, but I find that they add negative value about 90% of the time, at least at my scale.<p>There are dozens of us! :)<p>[0] Of course, "Claude Code" isn't 50 lines. Except, it turns out you can replace it in about 50 lines. From the SWE-bench folks: <a href="https://minimal-agent.com/" rel="nofollow">https://minimal-agent.com/</a><p>To this I added the missing outer loop (so it's actually an agent a human can use) and vendored in a microscopic llm lib (yay no deps). <a href="https://gist.github.com/a-n-d-a-i/bd50aaa4bdb15f9a4cc8176ee387b212#file-agent-py-L110" rel="nofollow">https://gist.github.com/a-n-d-a-i/bd50aaa4bdb15f9a4cc8176ee3...</a>
You just described the Macaroni plugin system — plugins are literally appended as <script> tags before the closing </html> tag.
Or as an SVG file. I have an interesting experiment that puts a sprites sheet, CSS and even some scripting in the favicon file. Since every browser wants some type of favicon anyway, why not overload it with fun stuff?<p>Sure the JavaScript won't load in CSS or favicon mode, but it can be loaded into the Dom as well as exist in the CSS.<p>In my SVG file I have lots of CSS variables generated by the JavaScript, then saved as a big list in the SVG, enabling light/dark mode things. SMIL animation too.<p>This experiment is based on what you described, an all in one HTML file.<p>In that experiment the CSS was getting clumsy due to the amount of SVG I had in there, so I put the CSS in the SVG for fun.<p>As for why, I am creating a modern version of an Embroidery sampler. These existed from centuries ago and served as a portfolio of sorts plus a reference on different stitches, such as how to do the alphabet.<p>So my SVG sampler has examples of how to do tricky things in SVG, with all of it human drawable and readable, so no massive paths, just simple primitives, clipped, masked, transformed and cloned to create all my icons, logos and clipart.<p>I hope to make SVG samplers a thing, so one SVG file and one HTML file to illustrate how it all works.<p>To be honest it has been an excellent learning experience and I can now do so many things with just the MDN reference for SVG as my guide.
I made an interesting chat system as well: A way to sneak messages in through images for places where they otherwise wouldn't exist... pretty different.<p><a href="https://github.com/kristopolous/image-chat" rel="nofollow">https://github.com/kristopolous/image-chat</a>
I'm a fan of the license. <a href="https://www.wtfpl.net/about/" rel="nofollow">https://www.wtfpl.net/about/</a>
I find it funny, but prefer just MIT or CC0. I like the idea of the GPL for core OS components you don't want to be locked down by anyone, but for everything else, unless you the developer intend to monetize so you can maintain it, MIT is fine (even if you intend to monetize it can be fine too).
Besides other fun things about this license, using it effectively forbids Google employees to send patches to your projects. [1]<p>[1]: <a href="https://opensource.google/documentation/reference/patching#forbidden" rel="nofollow">https://opensource.google/documentation/reference/patching#f...</a>
TIL<p>> The Hippocratic License is an ethical software license created to ensure that open source software is not used for harmful purposes, aligning with human rights principles
The paragraph doesn’t really explain the rationale for forbidding WTFPL and even Public Domain and CC0? They’re all fine for commercial use, aren’t they?
Only a guess, but it could be because WTFPL is effectively very similar to having no license at all from what I gather
I thought they were basically BSD/MIT but even less annoying.
> changing it [the license] is allowed as long
as the name is changed.<p>But what if that's exactly what I want to do?
I laughed at the 1000% vibecoded badge
Nice idea. I recently published an article with a different twist. Static Vite+React site but all the backends are via OAuth PKCE and your customers bring their own. <a href="https://type2fun.net/infinitely-scalable-personal-apps" rel="nofollow">https://type2fun.net/infinitely-scalable-personal-apps</a> I like the idea of building apps but skipping the infra burden/costs.
It just looks like a funny slop project if you read the English readme, but reading the Russian PHILOSOPHY.md [1] (auto-translated [2] if you don't read Russian) makes you realize that there's probably something more than "let's implement a messenger using git remote as a storage", knowing how popular messenger apps are getting blocked in Russia.<p>[1]: <a href="https://github.com/vanyapr/makaroshki/blob/main/PHILOSOPHY.md" rel="nofollow">https://github.com/vanyapr/makaroshki/blob/main/PHILOSOPHY.m...</a><p>[2]: <a href="https://github-com.translate.goog/vanyapr/makaroshki/blob/main/PHILOSOPHY.md?_x_tr_sl=ru&_x_tr_tl=en&_x_tr_hl=en&_x_tr_pto=wapp" rel="nofollow">https://github-com.translate.goog/vanyapr/makaroshki/blob/ma...</a> (Google Translate)
>Macaroni Messenger is not a political statement.
>We are not trying to circumvent restrictions.
>We are not trying to circumvent restrictions.
>We are not trying to fight the laws.<p>This is talking politics without talking politics. The project literally attempts to circumvent russian censorship restrictions and their spirit. This is either a joke the file talks about or naive CYA.<p>Cool project nevertheless, I like idea of an utility SPA distributed as bare HTML file that doesn't even require a web server.
There is a popular view in Russia, including within the software developers communities, that "politics" is something bad and dirty; people often ban "politics" in group chats and forums.<p>As a result, a highly technical person might work on a very complex solution to circumvent the restrictions but will declare (and probably even truly believe) that they are not making a political statement – as opposed to, for example, attending a protest, which is definitely considered a political action, or supporting a politician.
Thanks for clarifying, that's a pretty good summary. Russian developers experienced the same "HN is not for politics" kinds of reaction on Habr (russian HN, more or less) a decade ago, until politics came for them and Habr died. Before that, "being outside of politics" was a stance some people identified with because back then Putins regime didn't repress as much and the situation was "stable". Seeing a take like that still having its followers after our autocracy matured even more is disheartening and sad.
Here's the translated version I got (GH translate didn't work for me for some reason).<p><a href="https://pastebin.com/raw/EPtJM5Dp" rel="nofollow">https://pastebin.com/raw/EPtJM5Dp</a>
The paradox is that Macaroni Messenger is absolutely a joke project.<p>But once you reduce everything to Git + JSON, adding things like PGP, age, signatures, encrypted attachments, or end-to-end encryption becomes surprisingly easy.<p>Which makes it even funnier.<p>At first glance it looks like a toy.<p>After a few minutes you start asking:<p>“Wait… why does this actually make sense?”<p>I think the protocol is a bit underestimated. People see the joke before they see the architecture.<p>There are some surprisingly interesting properties hiding behind the absurdity.<p>Maybe it’s a hidden gem.<p>Or maybe I’m just rationalizing a messenger implemented as a single HTML file.
It does kinda make sense... until it doesn’t. It is a cool project from a tech standpoint, but it’s not practical when we have, well, email? (This is discussed elsewhere in the comments already, of course.)
Nice idea. I would have expected it would use WebRTC for p2p client-to-client connection. A noted related project is Trystero [0] that uses all sort of external services to allow client-to-client discovery (such as Nostr, BitTorrent, Supabase etc.) - maybe a future project to combine the two.<p>[0]: <a href="https://github.com/dmotz/trystero?tab=readme-ov-file#how-it-works" rel="nofollow">https://github.com/dmotz/trystero?tab=readme-ov-file#how-it-...</a>
Seems kind of similar (at least in purpose) to giscus, a commenting system powered by GitHub Discussions.<p><a href="https://github.com/giscus/giscus" rel="nofollow">https://github.com/giscus/giscus</a>
When docs say "no backend", but git (GitHub) is actually your backend :/
That README got a few solid chuckles out of me. :)
Really cool project imo
Reminds me of a time when it was possible to "deploy" single HTML files via shorturl services by using base64 URI scheme
"Single file" is a bit misleading when it requires Github to do anything.
It's kinda implicitly obvious that a <i>messenger</i> needs some kind of backend. Though admittedly using <i>Github</i> as a backend is such an unusual choice that I would consider it equally important to mention.
And its why we cannot have nice things. This is likely a TOS violation of github.
That’s fair, although GitHub is just the default transport because it requires zero setup.<p>The protocol itself isn’t tied to GitHub and works with any Git remote.<p>If GitHub ever decided this wasn’t an acceptable use case, swapping the remote would be trivial.
Looking at the source I don't think that's true -- it's using GitHub specific APIs to read/write files. It's not standard git so any remote wouldn't work, and the mechanics are more akin to a key-value store than git really.<p>Not to say you couldn't add a generic git protocol to this, just that that's not being done here.
> The protocol itself isn’t tied to GitHub and works with any Git remote.<p>> If GitHub ever decided this wasn’t an acceptable use case, swapping the remote would be trivial.<p>Nope.<p>From the README:<p>"GitHub is the only working write provider right now. GitLab, GitVerse, Gitea, Forgejo, and other git hosts are protocol targets for future adapters. Today they are not finished write adapters."
I think it's pretty clear from the readme that this is a humorous proof of concept more so than anything someone should seriously use.
True, but imagine this use case:<p>A messenger file with hardcoded settings and a hardcoded PGP key, stored on a USB stick.<p>You send a message.<p>Then you physically destroy the USB stick.<p>The client, the key, and the configuration are gone.<p>At some point the joke starts looking suspiciously like a dead-drop communication protocol.<p>How do you like that, FBI?
From the translated readme:<p><i>Macaroni Messenger is not a joke. It simply refuses to complicate solutions unnecessarily.</i><p><i>That's why some technical decisions might look like a joke.</i><p><i>Sometimes it really is a joke. But most of the time, it's just the simplest working option.</i><p><a href="https://news.ycombinator.com/item?id=48487542">https://news.ycombinator.com/item?id=48487542</a>
[flagged]
<critique>
OP keep saying the backend implementation doesn't matter, it can be trivially switched to something other than Github. It's not. The whole app you write revolves around Github's HTTP endpoints. There's no actual provider-agnostic Git operation in the code (for that you need to use isomorphic-git [1]). So a much more apt title for this should be: "Macaroni - a chat UI in a single HTML file that stores messages data in a Github repo"
</critique><p>I'm sorry to say this, but this whole thing reeks of vibeslop, and not just the code. The docs, the readme, even the replies of OP are at least Claude-assisted, if not fully Claude-generated.<p>And I'm trying not to be derisive about LLM generated output anyway. LLM generated output can be sane and meaningful and to the point. This is just a questionably-cool tech demo dressed up under a sensationalistic title.
So, browser = Java Runtime; uber HTML = applet?
please do not propagate errors ... it is "Maccheroni"
Yes!<p>Now we need to build a messenger that uses pastebin exclusively as the backend.
> so the first screen does not burn unauthenticated GitHub API rate limit.<p>Claude loves this dumb word "burn". Recently it even said "burn a TOTP" as if they are finite.