Show HN: CSVtoAny, CSV Local File Converter

3•nighwatch•2mo ago

About two weeks ago I built a small text-comparison tool as a simple front-end project. Recently I ran into another annoyance: converting CSV/Excel/JSON with tools that upload files to servers, feel slow, or impose limits. Since I prefer privacy-first tools, I built this one as well.

100% local: All parsing and conversion run in Web Workers. No uploads.

Format support: CSV ↔ Excel (.xlsx), JSON, SQL, XML, Markdown.

Smart column restoration: Fixes copied tables that collapse into a single column (enable under “More Options”).

No size limits: Only limited by your RAM.

My goal is to grow this into a small, one-stop CSV/format toolbox. It just launched, so there may be rough edges — feedback is welcome.

Tech

Next.js, Tailwind, SheetJS, Web Workers, i18next.

Looking for feedback

Try it with your odd CSVs: unusual delimiters, quoted newlines, mixed encodings, huge files, broken pasted tables. Also curious whether the column-restoration feature feels intuitive.

Thanks for checking it out!

Comments

mattewong•2mo ago

The site says privacy-first and also says "we cannot lose your data if we never collect it" but it makes a WHOLE lot of POST calls passing what appear to be encrypted payloads, and refuses to work offline-- so the user has no way to verify that the limited info you claim to be collecting is in fact what is being collected. Worse, if you simply visit and use the site, you never once see any mention of terms of use, and yet those published terms-- which you will only find if you actively scroll way down to the bottom of the SPA and click on a tiny link-- and claim to be binding merely by the use of the site, which could have easily happened without the user having any knowledge or notice whatsoever that they "agreed" to something (in other words, without actually agreeing to anything). The terms also do not say anything about your data collection, though if one looks hard enough one can find it mentioned in the privacy policy, well below the contradictory opening line that says "we cannot lose your data if we never collect it". Sorry, but meta data is still data, so "we never collect [your data]" is simply false.

So, maybe you did not intend it to be so, but to me the site comes off as being very sketchy and untrustworthy.

nighwatch•2mo ago

Thanks for the thoughtful and critical feedback, this is exactly why I posted here.

You raised fair points about the mixed messaging, and I’ve just pushed updates to address them:

• Privacy Policy & data collection: You're right that the tagline “we never collect data” was too absolute. I do use standard analytics (GA) for anonymous usage metrics and error tracking. The Privacy Policy now clearly separates File Data — which is processed 100% locally and never leaves the browser — from Usage Metadata, which is anonymized and collected only for understanding feature performance.

• Network activity: The POST requests you saw come solely from those analytics libraries. No file contents, pasted text, or conversion results ever hit the network. I’ll also review whether I can reduce or defer analytics calls to make this more transparent.

• Visibility of terms: Agreed. I’ve added a prominent Privacy/Terms link in the header and a first-visit consent banner so users aren’t relying on a tiny footer link or assumptions.

• Offline behavior: The conversion logic runs entirely in Web Workers and doesn’t require a server, but my PWA config wasn’t robust enough to guarantee a clean offline startup. I’m working on tightening that up so users can verify the “local-only” behavior themselves.

None of this was intended to be sketchy — I simply oversimplified the marketing copy and didn’t surface the right information. I really appreciate you calling it out and giving me the chance to improve it.

Creating and Hosting a Static Website on Cloudflare for Free

"The Stanford scam proves America is becoming a nation of grifters"

Elon Musk on Space GPUs, AI, Optimus, and His Manufacturing Method

X (Twitter) is back with a new X API Pay-Per-Use model

Zlob.h 100% POSIX and glibc compatible globbing lib that is faste and better

Show HN: Deterministic signal triangulation using a fixed .72% variance constant

Scientists Discover Levitating Time Crystals You Can Hold, Defy Newton’s 3rd Law

When Michelangelo Met Titian

Solving NYT Pips with DLX

Baldur's Gate to be turned into TV series – without the game's developers

Interview with 'Just use a VPS' bro (OpenClaw version) [video]

EchoJEPA: Latent Predictive Foundation Model for Echocardiography

Disablling Go Telemetry

Effective Nihilism

The UK government didn't want you to see this report on ecosystem collapse

No 10 blocks report on impact of rainforest collapse on food prices

Seedance 2.0 Is Coming

Show HN: Fitspire – a simple 5-minute workout app for busy people (iOS)

Dexterous robotic hands: 2009 – 2014 – 2025

Interop 2025: A Year of Convergence

JobArena – Human Intuition vs. Artificial Intelligence

Concept Artists Say Generative AI References Only Make Their Jobs Harder

Show HN: PaySentry – Open-source control plane for AI agent payments

Show HN: Moli P2P – An ephemeral, serverless image gallery (Rust and WebRTC)

The Crumbling Workflow Moat: Aggregation Theory's Final Chapter

Pax Historia – User and AI powered gaming platform

Show HN: I built a RAG engine to search Singaporean laws

Scams, Fraud, and Fake Apps: How to Protect Your Money in a Mobile-First Economy

Porting Doom to My WebAssembly VM

Cognitive Style and Visual Attention in Multimodal Museum Exhibitions