npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@compilers/s2decipher

v0.1.1

Published

Server-side deciphering library for compiled s2client reads

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

compilerscompilers

Keywords

compilersqldecipherencryptionsource-to-sourcesemantic-rewriters2

Readme

@compilers/s2decipher

Server-side counterpart to s2client.

This package is responsible for deciphering compiled client intent into SQL and parameters. It intentionally stops short of execution.

What this package does

  • Decodes and decrypts encrypted payloads produced at build time
  • Restores the original SQL query and static metadata
  • Re-attaches runtime parameters
  • Applies minimal semantic guards (e.g. SELECT-only)
  • Returns { sql, params, meta } for application-owned execution

This package does not execute SQL.

Installation

npm install @compilers/s2decipher

Usage

import { decipherRead } from "@compilers/s2decipher"

app.post("/api/read", (req, res) => {
  const { sql, params } = decipherRead(req.body)
  const rows = db.query(sql, params)
  res.json(rows)
})

API

decipherRead(body, options?)

decipherRead(
  body: {
    payload: string
    params?: Record<string, any>
  },
  options?: {
    dev?: boolean
  }
): {
  sql: string
  params: Record<string, any>
  meta?: Record<string, any>
}

Parameters

  • payload Base64-encoded, AES-encrypted artifact generated by the compiler. Contains SQL and static metadata.

  • params Runtime parameters supplied by the client.

  • options.dev Enables plaintext SQL and verbose inspection for development.

Security model

  • Encryption protects SQL confidentiality in client bundles and transit
  • Deciphering restores intent on the server
  • Execution is owned by the application
  • Authentication and authorization are explicitly out of scope

This package assumes outer layers (JWT, mTLS, API keys, etc.) handle authority.

Non-goals

  • ❌ SQL execution
  • ❌ Database drivers or pooling
  • ❌ Authentication / authorization
  • ❌ ORM or query builders
  • ❌ Framework-specific adapters

Mental model

Intent is declared in JavaScript, sealed by the compiler, and deciphered on the server.

License

MIT