Why I built tmpdrop: a self-hosted, expiring file drop

I had a screenshot to send. Nothing secret — a stack trace from a side project — but it had an internal hostname, a file path with my username, and a chunk of a config file in the terminal behind it. The fast move is to drag it onto a free image host and paste the link. I sat there with my cursor over the upload button and couldn't do it.

Because I know what happens next. That image lives on someone else's infrastructure, indefinitely, behind a URL I don't control, and I have no idea who else can reach it. For a throwaway screenshot, that's a permanent record I never agreed to. So I closed the tab and built a thing instead. It's called tmpdrop, and it's ~500 lines of Node.

The threat model

The problem with public file hosts isn't that they're evil. It's the gap between what you intend ("share this once, with one person") and what the platform delivers ("store this forever, serve it to anyone who finds the link").

A few specific things go wrong:

The threat model

A few specific things go wrong:

Why I built tmpdrop: a self-hosted, expiring file drop

Why I built tmpdrop: a self-hosted, expiring file drop

Related reading

Built tmpdrop — a tiny self-hosted ephemeral file drop

I Got Tired of Forgetting. So I Built PwnLog.

I built a disposable email service that costs $0 to run — here's the stack and…

ATerminal: Build with AI on the Go - A Self-Hosted Browser Terminal for Your…

I built a free, client-side code screenshot tool — here's what I learned

I Built a Chat App That Deletes Itself (Because I Was Bored at 2am)

Related reading

Built tmpdrop — a tiny self-hosted ephemeral file drop

I Got Tired of Forgetting. So I Built PwnLog.

I built a disposable email service that costs $0 to run — here's the stack and…

ATerminal: Build with AI on the Go - A Self-Hosted Browser Terminal for Your…

I built a free, client-side code screenshot tool — here's what I learned

I Built a Chat App That Deletes Itself (Because I Was Bored at 2am)