npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@altkit/discord

v4.1.0

Published

An unofficial Discord.js v14.27-compatible fork for Discord API and Gateway v10 user-account workflows

Downloads

535

Readme

Altkit Discord

An unofficial, user-account-only Discord.js v14.27-compatible library for Discord API v10 and Gateway v10.

npm CI Node.js Discord.js compatibility License

[!CAUTION] Automating a normal Discord user account violates Discord's Terms of Service and may result in account termination. Altkit Discord is unofficial, is not supported by Discord, and is used entirely at your own risk.

Overview

Altkit Discord adapts the familiar Discord.js programming model to user-account workflows while retaining account-specific features from the original discord.js-selfbot-v13 project. Version 4 targets the Discord.js 14.27 public surface where it applies to this fork and defaults REST and Gateway traffic to Discord API v10.

| | Support | | ----------------------- | -------------------------------------- | | Package | @altkit/discord | | Discord.js surface | 14.27.0 | | Discord API and Gateway | v10 | | Node.js | 20.19.0 or newer | | Runtime module format | CommonJS, with TypeScript declarations | | Account type | Discord user accounts only | | License | GPL-3.0-only |

Bot tokens, bot Gateway intents, application-command registration, interaction callbacks, and multi-process sharding are intentionally unsupported. APIs that depend on those workflows fail locally instead of silently attempting a bot request. Builders and Discord API types may still be exported for payload compatibility; an export does not make its bot-only endpoint available to user accounts.

Read the v4 migration guide before upgrading an existing v3 application.

Install

npm install @altkit/discord

The package includes its own TypeScript declarations. A separate @types package is not required.

Quick start

Create index.js:

'use strict';

const { Client, Events } = require('@altkit/discord');

const client = new Client();

client.once(Events.ClientReady, readyClient => {
  console.log(`${readyClient.user.tag} is ready`);
});

client.on(Events.MessageCreate, async message => {
  if (message.author.id === client.user.id && message.content === '!ping') {
    await message.reply('Pong!');
  }
});

client.login(process.env.DISCORD_TOKEN).catch(error => {
  console.error('Login failed:', error.message);
  process.exitCode = 1;
});

Create a local .env file that is excluded from version control:

DISCORD_TOKEN=

Then use Node's built-in environment-file loader:

node --env-file=.env index.js

Never hard-code, commit, log, or paste an account token into an issue. This project intentionally does not document token extraction. Rotate the token immediately if it may have been exposed.

What v4 includes

  • Discord API v10 REST routes, payloads, rate-limit buckets, scopes, and retry behavior
  • Gateway v10 events, partials, polls, voice-channel status, and voice-session start times
  • Messages, embeds, attachments, explicit spoiler metadata, polls, and prepared Ogg/Opus voice messages
  • Modern aliases such as AttachmentBuilder, BaseChannel, Events, Partials, and PermissionsBitField
  • Current application flag precision through Application#flagsNew
  • Current modal component response shapes used by user-side command invocation
  • Invite acceptance, community invite roles and target-user lists, guild discovery, and user-app installation
  • Relationships, account settings, sessions, custom status, rich presence, and activity instances
  • Voice connections, audio/video dispatch, receive streams, recording helpers, and @discordjs/voice adapters
  • Webhook clients and compatible Discord.js builders, formatters, utilities, and Discord API v10 enums
  • Optional captcha callbacks and TOTP handling for eligible authentication challenges

Discord permissions, experiments, verification requirements, and account eligibility still determine whether a particular operation succeeds. Undocumented account endpoints can change independently of this project.

API v10 transport behavior

The REST layer discovers Discord bucket hashes and separates limits by HTTP method and major resource. It accepts rate-limit timing from current headers or response payloads and does not automatically replay ambiguous POST or PATCH failures, because Discord may already have applied those requests.

REST, Gateway, voice, and remote-auth connections use TLS 1.2 or newer by default. Most applications should keep the secure defaults. Custom destination trust can be configured separately for REST and WebSocket traffic:

const client = new Client({
  http: {
    tls: { ca: process.env.REST_CA_CERT },
  },
  ws: {
    tls: { ca: process.env.GATEWAY_CA_CERT },
  },
});

Proxy destination TLS and HTTPS-proxy TLS use separate requestTls and proxyTls options. See the client configuration guide for precedence rules. Do not disable certificate verification in production.

Compatibility

Selected legacy names remain available so v3 applications can migrate incrementally:

| Legacy name | Preferred compatible name | | ------------------- | ------------------------- | | MessageAttachment | AttachmentBuilder | | Channel | BaseChannel | | Intents | IntentsBitField | | MessageFlags | MessageFlagsBitField | | Permissions | PermissionsBitField | | UserFlags | UserFlagsBitField |

Runtime metadata makes the package boundary inspectable:

const { accountType, discordJsVersion, supportsBotAccounts, version } = require('@altkit/discord');

console.log({ version, discordJsVersion, accountType, supportsBotAccounts });

Altkit aims for source-level familiarity, not perfect behavioral identity with upstream Discord.js. In particular, upstream examples for deploying application commands or handling bot-owned buttons, select menus, and modals do not apply. sendSlash() invokes commands exposed by installed applications; it does not register them.

Documentation

The examples use DISCORD_TOKEN and feature-specific IDs from the environment. Copy .env.example to .env, populate only the values required by the selected example, and read its prerequisites before running it.

Security

  • Keep tokens, TOTP secrets, proxy credentials, cookies, and custom certificates outside source control.
  • Treat third-party captcha solvers, proxies, media tools, and modified package distributions as separate trust boundaries.
  • Keep TLS certificate verification enabled and install only @altkit/discord from a source you trust.
  • Remove credentials and sensitive request data from bug reports, logs, screenshots, and reproductions.
  • Do not use client-identification values or headers to evade Discord, Cloudflare, rate limits, or account restrictions.

See the security guide for deployment and incident-response guidance.

Development

Install dependencies and run the complete validation pipeline:

npm install
npm test
npm run docs:build

npm test runs linting, formatting checks, documentation parsing, TypeScript and tsd, example syntax checks, unit tests, and a package smoke test. Keep runtime changes, declarations, documentation, generated API data, and examples synchronized.

For local documentation work:

npm run docs
npm run docs:dev

Bug reports should include the Altkit Discord version, Node.js version, a minimal reproduction with all secrets removed, and the relevant error or redacted debug output.

License and credits

Altkit Discord is licensed under the GNU General Public License v3.0. It is based on discord.js and continues the original discord.js-selfbot-v13 project. Current development lives in altkit/discord.