npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@andrewcaires/api

v5.5.0

Published

Simple api for small applications using express, jsonwebtoken, sequelize and websocket

Readme

npm downloads size license

API

Simple api for small applications using express, jsonwebtoken, sequelize and websocket

Installation

The module is now available on npm! npm i @andrewcaires/api

Example usage

// .env

NODE_ENV=development

DATABASE_URI=mariadb://root:root@localhost:3306/database
DATABASE_LOG=false

HTTP_PORT=3000
HTTP_PATH=/api
HTTP_PUBLIC=/public
HTTP_CROSS=true

// HTTP_TLS_CRT=./ssl/http.crt
// HTTP_TLS_KEY=./ssl/http.key

TOKEN_SECRET=change-me-to-a-long-random-secret
TOKEN_TTL=1d
TOKEN_TTL_RENEW=1d
TOKEN_COOKIE=authorization
TOKEN_COOKIE_SET=true
TOKEN_HEADER=authorization
TOKEN_TYPE=bearer

API_WEBSOCKET_START=false
// index.ts

import {

  Application,

  AuthController,
  GroupController,
  GroupRouteController,
  LogsController,
  RouteController,
  UserController,
  UserGroupController,

} from "@andrewcaires/api";

const main = async () => {

  const app = new Application(
    [

      new AuthController,
      new GroupController,
      new GroupRouteController,
      new LogsController,
      new RouteController,
      new UserController,
      new UserGroupController,

    ]
  );

  await app.run();

};

main().catch(console.log);

Workers

Use @Worker em um metodo de controller carregado pela aplicação e inicie o processo com app.run(). Sem --worker, app.run() inicia a API normalmente; com --worker, ele prepara banco, migrations e sync() dos controllers, executa o worker e nao abre a porta HTTP.

import { BaseController, Worker } from "@andrewcaires/api";

class ReportsController extends BaseController {

  @Worker("reports.daily")
  protected async daily() {

    return { ok: true };
  }
}
node dist/index.js --worker reports.daily

MCP Streamable HTTP

McpController exposes /mcp for MCP Streamable HTTP using protocol 2025-11-25 by default. Clients must call initialize, send notifications/initialized, and then include MCP-Session-Id and MCP-Protocol-Version on subsequent requests. The server also keeps compatibility with 2025-06-18 when that version is requested during initialization.

The Streamable HTTP transport supports POST for JSON-RPC calls, DELETE to close a session, and OPTIONS for preflight. GET and HEAD return 405 Method Not Allowed; the older HTTP+SSE transport is not implemented. Invalid JSON bodies return a JSON-RPC parse error (-32700) with id: null.

Implemented MCP capabilities:

  • Tools via @McpTool, tools/list, and tools/call.
  • Tool input and output schemas generated from @andrewcaires/utils.js validations.
  • Tool input validation failures return a tools/call result with isError: true; protocol errors such as invalid sessions or missing tool names still return JSON-RPC errors.

Not implemented by this package: resources, prompts, elicitation, sampling, OAuth authorization endpoints, tasks, and SSE streaming.

Configuration:

MCP_ALLOWED_ORIGINS=https://app.example.com
MCP_RATE_LIMIT_MAX=120
MCP_RATE_LIMIT_WINDOW=1m
MCP_SESSION_TTL=30m

Tools can be declared from any loaded controller:

import { Validation } from "@andrewcaires/utils.js";
import { McpTool } from "@andrewcaires/api";

class UsersController {

  @McpTool({
    name: "users.search",
    title: "Search users",
    description: "Searches users by text.",
    input: {
      q: Validation.string().required().description("Search text."),
      active: Validation.boolean().parse().empty(false).description("Filter only active users."),
    },
    output: {
      total: Validation.number().required().description("Total matched users."),
    },
  })
  protected async searchUsers(args, context) {

    return {
      total: 0,
    };
  }
}

Links

License