Learn the terminal by doing — not just reading.
The terminal is powerful — but also frustrating to learn. Commands look different on Linux, macOS, and Windows. Most tutorials just show you code to copy-paste, with no feedback when something goes wrong. And switching between operating systems? That means starting over.
Terminal Learning fixes this. It's a free, open-source web platform where you practice real terminal commands in an interactive environment — with exercises, validation, and contextual help adapted to your operating system.
No account required. No setup. Just open it and start learning.
- 🖥️ Interactive terminal — type real commands, get real feedback (not just theory)
- 🌍 Multi-environment — learn on Linux, macOS, or Windows — the interface adapts
- 🔒 Progressive curriculum — 11 modules, 66 lessons, 1000+ unit tests
- 🤖 AI as a dev tool — dedicated module on using AI professionally (prompts, validation, limits)
- 💾 Progress saved automatically — locally, or synced to the cloud with a free account
- 📖 Contextual help —
help <command>returns usage and examples for your environment - 🧑🏫 Optional AI tutor (BYOK) — contextual help on the current lesson via your own key (OpenRouter / Anthropic / OpenAI / Gemini); keys stored client-side only, never relayed through our servers
- 🏫 Multi-role classroom — teachers create classes & share invitation codes, students enroll, institution admins approve teachers — Row Level Security enforced at the database
- 🎓 Designed for everyone — schools, universities, self-taught developers
- 💸 100% free, forever — no paywall, no ads, no catch
Most terminal tutorials assume you're on Linux. Terminal Learning doesn't.
Select your environment and everything adapts — the prompt style, the commands, the exercises, and the hints:
| Linux | macOS | Windows | |
|---|---|---|---|
| Prompt | user@host:~$ |
➜ ~ |
PS C:\Users\user> |
| Shell | bash | zsh (Oh My Zsh style) | PowerShell |
| Example | ls, chmod, apt |
ls, chmod, brew |
dir, Set-ExecutionPolicy, winget |
This makes learning more realistic and less confusing — you practice the exact commands you'll actually use.
WSL (Windows Subsystem for Linux) support is planned.
| Layer | Technology | Version |
|---|---|---|
| Bundler | Vite | 6.x |
| UI Framework | React | 18.x |
| Routing | React Router | 7.x |
| Styling | Tailwind CSS | 4.x |
| Components | shadcn/ui (Radix UI) | latest |
| Animations | CSS keyframes + IntersectionObserver | — |
| Auth & Database | Supabase (PostgreSQL + RLS) | 2.x |
| Error Tracking | Sentry (free tier) | 8.x |
| Tests | Vitest + Playwright | — |
| Deployment | Vercel (free tier) | — |
Full architecture, data flow diagrams, and database schema are documented in docs/ARCHITECTURE.md.
Security is built in from day one — multi-agent audit (17 May 2026) :
security-auditor(app-layer OWASP) : 8.8/10llm-security-auditor(AI Tutor BYOK) : 9.4/10lti-auditor(LTI 1.3 crypto chain) : 9.5/10
0 active HIGH on any audit surface.
- Strict CSP — no
unsafe-eval, nounsafe-inline, SHA-256 hash for critical CSS, no third-partyvercel.livein prod - Auth — Supabase Auth with PKCE flow, JWT rotation, built-in rate limiting
- Database — Row Level Security on all tables, anon key only client-side
- API — sliding-window rate limiter (50 req/min per IP, non-spoofable
x-vercel-forwarded-for) on/api/sentry-tunneland/api/lti/launch - LTI endpoint — gated behind
LTI_ENABLEDenv flag (returns 503 by default until Phase 7c RS256 JWK validation lands) - Sentry tunnel — server-side scrubber redacts API keys / JWTs / PII from envelopes before forwarding (covers
event,transaction,profile,check_intypes) - GDPR — cookieless analytics, privacy page at
/privacy, no PII in logs - CI —
npm audit+ GitHub Dependabot on every push - Specialized auditing agents —
security-auditor(app-layer),route-attack-auditor(HTTP-level),vercel-firewall-auditor(WAF),prompt-guardrail-auditor(LLM)
Full security policy and vulnerability reporting: SECURITY.md. Internal audit log: docs/security-audit-log.md.
| Phase | Status | Description |
|---|---|---|
| Phase 0 | ✅ Done | Initial deployment on Vercel |
| Phase 1 | ✅ Done | Landing page, routing, SEO/OpenGraph, GDPR |
| Phase 2 | ✅ Done | Vercel Analytics + Sentry error monitoring + source maps |
| Phase 3 | ✅ Done | Supabase Auth + user progress sync |
| Phase 4 | ✅ Done | Curriculum v2 + multi-environment selection + terminal profiles |
| Phase 5 | 🔄 In progress | Curriculum expansion: 11 modules, 66 lessons, 1000+ unit tests + 176 E2E |
| Phase 5.5 | ✅ Done | Terminal Sentinel — automated security & content audit agents |
| Phase 7 | ✅ Done | RBAC — student / teacher / institution_admin / super_admin roles |
| Phase 7b | ✅ Done | AI Tutor V1 — optional BYOK contextual tutor (OpenRouter / Anthropic / OpenAI / Gemini), client-side keys, live in production |
| Phase 7c | ✅ Done | LTI 1.3 launch authentication (JWKS verify, replay protection) — Auth MVP, gated behind a feature flag |
| B2B classroom | ✅ Done | Teacher class management + invitation codes, student enrollment, institution-admin teacher approval, in-app support tickets |
| Reference | ✅ Done | Unified command reference (/app/reference) — single source of truth, per-OS variants + official documentation links |
| THI-29 | ✅ Done | Module 11 — AI as a dev tool (12 lessons, ai-help command) |
| THI-84 | ✅ Done | Public changelog (terminallearning.dev/changelog) + project story (terminallearning.dev/story) |
| Security | ✅ Done | Post-Phase 7 hardening — CSP, SHA-pinned CI, credential rotation, audit agents |
| Maintenance | 🔄 Ongoing | Security audits (OWASP/CSP/RLS), Sentry monitoring, dependency updates |
| Phase 6 | 🔮 Planned | Terminal multi-session (tabs) |
| Phase 8 | 🔮 Planned | Member space — profiles, stats, badges |
| Phase 9 | 🔮 Planned | Admin panel — real-time health, security center, analytics, RBAC |
| Phase 10 | 🔮 Planned | Automated content — new commands unlocked every 2 weeks |
Full details in docs/ROADMAP.md.
- Node.js 18+
- npm 9+
git clone https://github.com/thierryvm/TerminalLearning.git
cd TerminalLearning
npm install
cp .env.example .env.local # add your VITE_SUPABASE_URL + VITE_SUPABASE_ANON_KEY
npm run devOpen http://localhost:5173 in your browser.
The app works without Supabase credentials — progress is saved locally. Auth and sync require a Supabase project.
npm run build # Production build → dist/
npm run test # Unit tests (Vitest)
npm run test:e2e # E2E tests (Playwright)Contributions are welcome! Please read CONTRIBUTING.md, CODE_OF_CONDUCT.md, and docs/CONVENTIONS.md before opening a pull request.
git checkout -b feature/my-feature
# ... make your changes
git commit -m "feat(scope): description"
gh pr createAll PRs must pass CI (type-check → lint → tests → build) before merge.
Terminal Learning is a volunteer project — free now, free forever.
If it helped you or your students, the best way to support it is:
- ⭐ Star the repo — helps visibility on GitHub
- 🐛 Report bugs — open an issue
- 🤝 Contribute — code, curriculum, translations, feedback
MIT License — see LICENSE for details.
- UI components from shadcn/ui (MIT)
- Initial design created with Figma Make
- Developed with Claude Code (Anthropic)
- Icons by Lucide
Made with ♥ in Belgium · Live Demo · Report a Bug

