Show HN: CSVtoAny, CSV Local File Converter

3•nighwatch•2mo ago

About two weeks ago I built a small text-comparison tool as a simple front-end project. Recently I ran into another annoyance: converting CSV/Excel/JSON with tools that upload files to servers, feel slow, or impose limits. Since I prefer privacy-first tools, I built this one as well.

100% local: All parsing and conversion run in Web Workers. No uploads.

Format support: CSV ↔ Excel (.xlsx), JSON, SQL, XML, Markdown.

Smart column restoration: Fixes copied tables that collapse into a single column (enable under “More Options”).

No size limits: Only limited by your RAM.

My goal is to grow this into a small, one-stop CSV/format toolbox. It just launched, so there may be rough edges — feedback is welcome.

Tech

Next.js, Tailwind, SheetJS, Web Workers, i18next.

Looking for feedback

Try it with your odd CSVs: unusual delimiters, quoted newlines, mixed encodings, huge files, broken pasted tables. Also curious whether the column-restoration feature feels intuitive.

Thanks for checking it out!

Comments

mattewong•2mo ago

The site says privacy-first and also says "we cannot lose your data if we never collect it" but it makes a WHOLE lot of POST calls passing what appear to be encrypted payloads, and refuses to work offline-- so the user has no way to verify that the limited info you claim to be collecting is in fact what is being collected. Worse, if you simply visit and use the site, you never once see any mention of terms of use, and yet those published terms-- which you will only find if you actively scroll way down to the bottom of the SPA and click on a tiny link-- and claim to be binding merely by the use of the site, which could have easily happened without the user having any knowledge or notice whatsoever that they "agreed" to something (in other words, without actually agreeing to anything). The terms also do not say anything about your data collection, though if one looks hard enough one can find it mentioned in the privacy policy, well below the contradictory opening line that says "we cannot lose your data if we never collect it". Sorry, but meta data is still data, so "we never collect [your data]" is simply false.

So, maybe you did not intend it to be so, but to me the site comes off as being very sketchy and untrustworthy.

nighwatch•2mo ago

Thanks for the thoughtful and critical feedback, this is exactly why I posted here.

You raised fair points about the mixed messaging, and I’ve just pushed updates to address them:

• Privacy Policy & data collection: You're right that the tagline “we never collect data” was too absolute. I do use standard analytics (GA) for anonymous usage metrics and error tracking. The Privacy Policy now clearly separates File Data — which is processed 100% locally and never leaves the browser — from Usage Metadata, which is anonymized and collected only for understanding feature performance.

• Network activity: The POST requests you saw come solely from those analytics libraries. No file contents, pasted text, or conversion results ever hit the network. I’ll also review whether I can reduce or defer analytics calls to make this more transparent.

• Visibility of terms: Agreed. I’ve added a prominent Privacy/Terms link in the header and a first-visit consent banner so users aren’t relying on a tiny footer link or assumptions.

• Offline behavior: The conversion logic runs entirely in Web Workers and doesn’t require a server, but my PWA config wasn’t robust enough to guarantee a clean offline startup. I’m working on tightening that up so users can verify the “local-only” behavior themselves.

None of this was intended to be sketchy — I simply oversimplified the marketing copy and didn’t surface the right information. I really appreciate you calling it out and giving me the chance to improve it.

RISC-V Vector Primer

Show HN: Invoxo – Invoicing with automatic EU VAT for cross-border services

A Tale of Two Standards, POSIX and Win32 (2005)

Ask HN: Is the Downfall of SaaS Started?

Flirt: The Native Backend

OpenAI's Latest Platform Targets Enterprise Customers

Goldman Sachs taps Anthropic's Claude to automate accounting, compliance roles

Ai.com bought by Crypto.com founder for $70M in biggest-ever website name deal

Big Tech's AI Push Is Costing More Than the Moon Landing

The AI boom is causing shortages everywhere else

Suno, AI Music, and the Bad Future [video]

Ask HN: How are researchers using AlphaFold in 2026?

Running the "Reflections on Trusting Trust" Compiler

Watermark API – $0.01/image, 10x cheaper than Cloudinary

Now send your marketing campaigns directly from ChatGPT

Queueing Theory v2: DORA metrics, queue-of-queues, chi-alpha-beta-sigma notation

Show HN: Hibana – choreography-first protocol safety for Rust

Haniri: A live autonomous world where AI agents survive or collapse

GPT-5.3-Codex System Card [pdf]

Atlas: Manage your database schema as code

Geist Pixel

Show HN: MCP to get latest dependency package and tool versions

The better you get at something, the harder it becomes to do

Show HN: WP Float – Archive WordPress blogs to free static hosting

Show HN: I Hacked My Family's Meal Planning with an App

Sony BMG copy protection rootkit scandal

The Future of Systems

NASA now allowing astronauts to bring their smartphones on space missions

Claude Code Is the Inflection Point

Show HN: MicroClaw – Agentic AI Assistant for Telegram, Built in Rust