Pico

Awesome Privacy ➔ Social ➔ Blogging Platforms ➔ Pico

Web services over SSH, including blogging with Prose, microsites with Pages, and a pastebin with Pastes. The services use public-key cryptography by default with no browser-based tracking and minimal logging.

Homepage: pico.sh
GitHub: github.com/picosh/pico
Web info: web-check.xyz/check/pico.sh

Open Source

Pico Source Code

Author

picosh

Description

The ultimate ssh powered services for developers

Homepage

https://pico.sh

License

MIT

Created

24 Aug 22

Last Updated

11 May 26

Latest version

v3.28.1

Primary Language

Size

6,330 KB

Stars

1,290

Forks

Watchers

1,290

Language Usage

Star History

Top Contributors

Recent Commits

Eric Bower (11 May 26)
chore: pico.sh ci script
Eric Bower (11 May 26)
fix(pgs): _headers should override default cache-control Closes: https://github.com/picosh/pico/issues/215
Eric Bower (11 May 26)
feat(tui): analytics now displays device breakdown You can see mobile vs desktop
Eric Bower (11 May 26)
docs: runbooks
Eric Bower (11 May 26)
fix: script
Eric Bower (11 May 26)
chore: script to find orphaned buckets
Eric Bower (06 May 26)
fix(auth): mime type can include charset e.g. text/html; charset=utf-8
Eric Bower (05 May 26)
chore(visits): new indexes and parallel queries
Eric Bower (05 May 26)
chore: remove dev artifacts
Eric Bower (03 May 26)
refactor(visits): aggregate visit tables Previously we had an analytics_visits table that held all the raw visit data. This mean our analytics UI was constantly executing queries across 18 mil records which was extremely slow. This change aggregates those analytics every month and then deletes all the raw data. We keep 2 months worth of raw data and then everything else gets pushed into the aggregate tables.
Eric Bower (04 May 26)
chore: script reap edits
Eric Bower (03 May 26)
fix: reap should look skip anyone that has pico+
Eric Bower (03 May 26)
chore: delete old analytics
Eric Bower (03 May 26)
chore: sql query to reap unused accounts References: https://pico.prose.sh/ann-036-reap-inactive-accounts
Eric Bower (28 Apr 26)
fix(httpcache): cdn accept encoding Two bugs combined to produce the broken behavior: Bug 1: CDN forwarded Accept-Encoding to upstream (cmd/pgs/cdn/main.go) proxyServe.ServeHTTP cloned the incoming request (including its Accept-Encoding: zstd header sent by Caddy) and forwarded it to ash.pgs.sh. The upstream responded with a zstd-compressed body + content-encoding: zstd. The CDN then cached that compressed blob. Caddy (sitting in front of the CDN) can't transcode zstd→nothing, so clients received raw zstd bytes named .xml. Fix: proxyReq.Header.Del("Accept-Encoding") before the upstream round-trip. The CDN should store one uncompressed representation per URL; Caddy handles per-client content encoding on egress. Bug 2: matchVary was looking in the wrong place (pkg/httpcache/serve.go, rw.go) When the response included Vary: Accept-Encoding, matchVary looked for Accept-Encoding in the response headers map — but Accept-Encoding is a request header and was never there. The cachedValue == "" branch silently continued, causing every request to match regardless of what encoding it accepted. Fix: ToCacheValue now accepts the *http.Request and snapshots the Vary-relevant request header values into a new CacheValue.VaryRequestHeaders map[string]string field. matchVary now compares the incoming request's headers against that snapshot instead of looking in response headers. Legacy entries with no VaryRequestHeaders are treated as misses so they repopulate correctly.
Eric Bower (22 Apr 26)
fix(pgs): dupe headers
Eric Bower (22 Apr 26)
chore(pgs): configurable max items for lru
Eric Bower (22 Apr 26)
chore: lint
Eric Bower (22 Apr 26)
chore: disable flaky test
Eric Bower (22 Apr 26)
chore(httpcache): cache-status cleanup and random bug fixes
Eric Bower (21 Apr 26)
chore: normalize header keys
Eric Bower (21 Apr 26)
chore: disable imgproxy tests We don't have them setup properly atm
Eric Bower (21 Apr 26)
refactor(storage): no need for metadata just need content type
Eric Bower (21 Apr 26)
chore: rm dead code
Eric Bower (21 Apr 26)
refactor(storage): put accepts ObjectInfo instead of FileEntry This is a symmetric change so everything uses the same objects
Eric Bower (21 Apr 26)
feat(pgs): record metrics for compressed file types
Eric Bower (21 Apr 26)
fix(pgs): check handler fast bail when domain is empty
Eric Bower (20 Apr 26)
refactor(httpcache): ignore routes should use no-store
Eric Bower (20 Apr 26)
fix(httpcache): verified heuristically cachable status codes
Eric Bower (20 Apr 26)
refactor(pgs): use http.ServeContent refactor: new image proxy object that uses httputil reverse proxy

Pico Website

Website

BERJAYA hacker labs Â· pico.sh

Open source and managed web services leveraging SSH

Redirects

Does not redirect

Security Checks

All 65 security checks passed

Server Details

IP Address 141.148.85.132
Location Ashburn, Virginia, United States of America, NA
ISP Oracle Corporation
ASN AS31898

Associated Countries

Safety Score

Website marked as safe

100%

Blacklist Check

pico.sh was found on 0 blacklists

AntiSocial Blacklist
Artists Against 419
Badbitcoin
Bambenek Consulting
CERT Polska
CoinBlockerLists
CRDF
CryptoScamDB
EtherAddressLookup
EtherScamDB
Fake Website Buster
MetaMask EthPhishing
NABP Not Recommended Sites
OpenPhish
PetScams
PhishFeed
PhishFort
Phishing.Database
PhishStats
PhishTank
Phishunt
RPiList Not Serious
Scam.Directory
SecureReload Phishing List
Spam404
StopGunScams
Suspicious Hosting IP
ThreatFox
ThreatLog
TweetFeed
URLhaus
ViriBack C2 Tracker

Website Preview

View full report at web-check.xyz

Pico Reviews

More Blogging Platforms

Bear Blog
bearblog.dev

A no-nonsense, super-fast blogging platform prioritizing privacy. It strips back unnecessary features to focus on straightforward blogging. The platform is open source.

Open Source HermanMartinus/bearblog

View Bear Blog Report
Mataroa
mataroa.blog

A minimalist blogging platform focused on privacy and simplicity. It's open source and eschews complex features for a straightforward writing and publishing experience.

Open Source mataroa-blog/mataroa

View Mataroa Report
Movim
movim.eu

A web frontend for XMPP, offering decentralized blogging and chatrooms. Movim is open source, integrating social and communication tools in a unified platform.

Open Source movim/movim

View Movim Report
Telegraph
telegra.ph

A quick, anonymous blogging platform by Telegram. It's designed for simplicity and speed, allowing for straightforward content publishing without registration.

View Telegraph Report
Write Freely
writefreely.org

A minimalist, federated blogging platform offering a clean UI. It's free, open source, and caters to writers seeking simplicity and federation capabilities. For hosted options, visit Write.as.

Open Source writeas/writefreely

View Write Freely Report

About the Data: Pico

Change History

Added Sep 28, 2024 by @catbash #283

API

You can access Pico's data programmatically via our API. Simply make a GET request to:

https://api.awesome-privacy.xyz/social/blogging-platforms/pico

The REST API is free, no-auth and CORS-enabled. To learn more, view the Swagger Docs or read the API Usage Guide.

Share Pico

Help your friends compare Blogging Platforms, and pick privacy-respecting software and services.
Share Pico and Awesome Privacy with your network!

← Previous

Movim

View Blogging Platforms (6)