Inspiration

On November 13, 2022, three UVA students were killed in a shooting on Grounds. Last year alone we had multiple active attackers on grounds. The university's response exposed critical gaps in how emergency information reaches students. Alerts came through mass emails and text blasts that arrived minutes late, contained no location context, and offered no way for students to share what they were seeing on the ground. Students were left texting group chats and refreshing Twitter/Yik Yak, piecing together fragmented information while trying to figure out if they were safe. We built HoosAlert because we believe campus safety communication should be real-time, location-aware, and crowd-sourced. Students are the largest sensor network on any campus. We wanted to build a platform to utilize that and crowdsource information.

What it does

HoosAlert is a real-time campus safety platform that transforms how students and administrators communicate during emergencies. Students can submit geo-tagged safety reports across six categories (emergency, crime, infrastructure, weather, protest, and other), each with configurable severity levels and affected radii. Reports appear instantly on an interactive map with color-coded markers and radius overlays showing exactly where threats are and how far they reach. A community confirmation system lets other students verify reports with a single tap, and a credibility engine dynamically weights each report based on the author's track record and the number of confirmations it receives. Administrators get a dedicated command center with a bird's-eye live map, the ability to verify or dismiss reports, broadcast emergency alerts to all users, and monitor student safety status across Grounds. Everything updates in real time through WebSocket connections, so no one is ever looking at stale information.

How we built it

We architected HoosAlert as a Turborepo monorepo with four packages sharing a common TypeScript type system. The mobile app is built with React Native and Expo SDK 54, using Expo Router for file-based navigation, Zustand for state management, and TanStack React Query for server data synchronization. The map renders with react-native-maps, plotting reports as color-coded markers with translucent radius circles. The backend runs on Express with full TypeScript coverage, Zod schema validation on every endpoint, and JWT authentication scoped to @virginia.edu email addresses. We use Prisma ORM against a PostgreSQL database hosted on Supabase, with PostGIS extensions powering geospatial radius queries so users only see threats near their actual location. Real-time communication runs through Socket.IO with a geo-based room system that partitions users by location, ensuring report events only push to relevant nearby clients. The admin dashboard is a Next.js 16 app with React 19 and Tailwind CSS 4, featuring a Leaflet live map, TanStack Table for data management, and the same Socket.IO connection for real-time updates. Push notifications are handled through the Expo Server SDK, targeting users within affected geographic zones.

Challenges we ran into

Getting geospatial queries right was harder than expected. Filtering reports by proximity required PostGIS and careful coordinate math to avoid returning irrelevant results or missing nearby threats. The Socket.IO room architecture was another challenge. Broadcasting every event to every connected client does not scale, so we built a geo-based room system that assigns users to rooms based on their coordinates and only emits events to rooms within the report's affected radius. Balancing the credibility scoring algorithm took significant iteration. We needed a system where new users could still have their reports seen while preventing bad actors from flooding the map with false reports. We landed on a weighted formula that factors in account age, historical accuracy, admin verifications, and community confirmations.

Accomplishments that we're proud of

We shipped a production-grade full-stack system in under 24 hours with type safety spanning from the database schema to the mobile UI. The credibility engine is something we have not seen in any existing campus safety tool. It solves the fundamental trust problem of crowd-sourced reporting without requiring every report to be manually reviewed. The geo-based Socket.IO room system means the platform can scale to thousands of concurrent users without drowning anyone in irrelevant notifications. We are also proud of the monorepo architecture. Having shared TypeScript types across mobile, web, and backend means a single interface change propagates everywhere with compile-time safety, which is the kind of infrastructure decision that pays off at scale.

What we learned

Building real-time systems forces you to think differently about state. Every piece of data can change at any moment, and your UI has to handle that gracefully without flickering or losing the user's context. We learned how powerful PostGIS is for location-based applications and how much complexity it absorbs that would otherwise live in application code. Working with Expo and React Native reinforced how much the developer experience has improved. File-based routing, hot reloading on physical devices, and the managed build pipeline let us move at a speed that would have been impossible with native development. On the design side, we learned that safety-critical UIs need to prioritize information density without creating cognitive overload. Color coding, severity badges, and smart sorting do more than a wall of text ever could.

What's next for HoosAlert

A priority is integrating with UVA's official alert infrastructure so HoosAlert can ingest university-issued alerts and overlay them on the map alongside crowd-sourced reports. We want to add heat map visualization that aggregates historical report data to show which areas of Grounds have recurring safety issues. On the technical side, we plan to implement end-to-end encryption for sensitive report details, add offline-first support so the app works even when cell networks are congested during emergencies, and build an ML-based duplicate detection system that automatically merges reports describing the same incident. We are also exploring partnerships with other universities to deploy HoosAlert as a white-label platform that any campus can adopt with their own branding and alert infrastructure.

While made initially with active attackers and crimes in mind, this could easily be extended to other large events, utilizing the crowdsourcing infrastructure. Students can see everything and plan their route accordingly. Additionally, the database runs very slowly, and is inefficient for images and traffic.